What does the browser do when the source of iframe is javascript

When the source of an iframe is:

javascript:'';

as in:

<iframe id="SpControlFrame1" name="SpControlFrame1" src="javascript:'';" path_src="index.php?cmd=YYY" ></iframe>

What is going on? What does the src="javascript:'';" tell the browser to do?

what does the "path_src" do?

Thanks Chris

Answers:

Answer

It tells the browser to display the result of executing the empty string literal. Therefore, it would just display an empty string.

You can test the effect of this by typing in javascript:'http://stackoverflow.com'; in the address bar of a normal window/tab. You'll get a white page that says "http://stackoverflow.com" and you won't actually be taken to that URL.

This is the reason that bookmarklets often wrap the code inside void() or an anonymous function that doesn't return anything to stop the browser from trying to display the result of executing the bookmarklet. For example:

javascript:void(window.open("dom_spy.html"))

Or:

javascript:(function () { window.open("dom_spy.html"); })()

If you directly use code that returns something (a new window instance in this case), the browser will end up displaying that:

javascript:window.open("dom_spy.html");

In Firefox the above will display:

[object Window]
Answer

To the best of my knowledge the src attribute maps to the iframe elements location.href. So setting src to javascript:''; is a bit nonsensical and the browser will do one of two things:

  • Ignore it because it is not a URI and does not resolve to any displayable resource
  • Execute the javascript which produced nothing

Either way you accomplish very little. Is this code you inherited or are you trying to do something tricky with the iframe?

Tags

Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us

©2020 All rights reserved.