[removed] sending custom parameters with window.open() but its not working

前端 未结 5 1614
一整个雨季
一整个雨季 2021-02-14 05:58




         


        
相关标签:
5条回答
  • 2021-02-14 06:14

    To concatenate strings, use the + operator.

    To insert data into a URI, encode it for URIs.

    Bad:

    var url = "http://localhost:8080/login?cid='username'&pwd='password'"
    

    Good:

    var url_safe_username = encodeURIComponent(username);
    var url_safe_password = encodeURIComponent(password);
    var url = "http://localhost:8080/login?cid=" + url_safe_username + "&pwd=" + url_safe_password;
    

    The server will have to process the query string to make use of the data. You can't assign to arbitrary form fields.

    … but don't trigger new windows or pass credentials in the URI (where they are exposed to over the shoulder attacks and may be logged).

    0 讨论(0)
  • 2021-02-14 06:17

    if you want to pass POST variables, you have to use a HTML Form:

    <form action="http://localhost:8080/login" method="POST" target="_blank">
        <input type="text" name="cid" />
        <input type="password" name="pwd" />
        <input type="submit" value="open" />
    </form>
    

    or:

    if you want to pass GET variables in an URL, write them without single-quotes:

    http://yourdomain.com/login?cid=username&pwd=password
    

    here's how to create the string above with javascrpt variables:

    myu = document.getElementById('cid').value;
    myp = document.getElementById('pwd').value;
    window.open("http://localhost:8080/login?cid="+ myu +"&pwd="+ myp ,"MyTargetWindowName");
    

    in the document with that url, you have to read the GET parameters. if it's in php, use:

    $_GET['username']
    

    be aware: to transmit passwords that way is a big security leak!

    0 讨论(0)
  • 2021-02-14 06:25
    You can try this instead
    
    
    var myu = document.getElementById('myu').value;
    var myp = document.getElementById('myp').value;
    window.opener.location.href='myurl.php?myu='+ myu +'&myp='+ myp;
    

    Note: Do not use this method to pass sensitive information like username, password.

    0 讨论(0)
  • 2021-02-14 06:28

    You can use this but there remains a security issue

    <script type="text/javascript">
    function fnc1()
    {
        var a=window.location.href;
    
        username="p";
        password=1234;
        window.open(a+'?username='+username+'&password='+password,"");
    
    }   
    </script>
    <input type="button" onclick="fnc1()" />
    <input type="text" id="atext"  />
    
    0 讨论(0)
  • 2021-02-14 06:39

    Please find this example code, You could use hidden form with POST to send data to that your URL like below:

    function open_win()
    {
        var ChatWindow_Height = 650;
        var ChatWindow_Width = 570;
    
        window.open("Live Chat", "chat", "height=" + ChatWindow_Height + ", width = " + ChatWindow_Width);
    
        //Hidden Form
        var form = document.createElement("form");
        form.setAttribute("method", "post");
        form.setAttribute("action", "http://localhost:8080/login");
        form.setAttribute("target", "chat");
    
        //Hidden Field
        var hiddenField1 = document.createElement("input");
        var hiddenField2 = document.createElement("input");
    
        //Login ID
        hiddenField1.setAttribute("type", "hidden");
        hiddenField1.setAttribute("id", "login");
        hiddenField1.setAttribute("name", "login");
        hiddenField1.setAttribute("value", "PreethiJain005");
    
        //Password
        hiddenField2.setAttribute("type", "hidden");
        hiddenField2.setAttribute("id", "pass");
        hiddenField2.setAttribute("name", "pass");
        hiddenField2.setAttribute("value", "Pass@word$");
    
        form.appendChild(hiddenField1);
        form.appendChild(hiddenField2);
    
        document.body.appendChild(form);
        form.submit();
    
    }
    
    0 讨论(0)
提交回复
热议问题