Online Documentation Server
 ÏÎÈÑÊ
ods.com.ua Web
 ÊÀÒÅÃÎÐÈÈ
Home
Programming
Net technology
Unixes
Security
RFC, HOWTO
Web technology
Data bases
Other docs

 


 ÏÎÄÏÈÑÊÀ

 Î ÊÎÏÈÐÀÉÒÀÕ
Âñÿ ïðåäîñòàâëåííàÿ íà ýòîì ñåðâåðå èíôîðìàöèÿ ñîáðàíà íàìè èç ðàçíûõ èñòî÷íèêîâ. Åñëè Âàì êàæåòñÿ, ÷òî ïóáëèêàöèÿ êàêèõ-òî äîêóìåíòîâ íàðóøàåò ÷üè-ëèáî àâòîðñêèå ïðàâà, ñîîáùèòå íàì îá ýòîì.
Previous Table of Contents Next

history Methods

You can implement the history object’s methods in your script to enable the user to navigate among the list’s URLs. You cannot access the string value of any URL, but you can load any of them into the browser’s window.

back

This method performs the same action as the Back button in the browser’s toolbar. It loads the most recent entry in the history list—the entry with index –1. The following HTML tags can be used to create a Back button in a Web page:

<FORM>
<INPUT TYPE="button" VALUE="Back" onClick="history.back()">
</FORM>

forward

The history.forward method is equivalent to the Forward button in the browser’s toolbar. It loads the entry with index 1. It is less useful than the preceding method because the current document is usually the most recent in the list, so there is no URL that can be loaded when this method is invoked. You must take special precautions when using this method, because it normally does not have any effect. It should be used only when you are sure that you have full control over the user’s navigational path. The following sequence creates a Forward button for a Web page: 

<FORM>
<INPUT TYPE="button" VALUE="Back" onClick="history.back()">
</FORM>

go

The go method is also one of those less useful methods featured in JavaScript. It enables you to load a history list entry in the browser’s window. You must have full control over the user’s navigating path in order to implement this method for useful purposes.

This method accepts one argument. The most basic argument is the index of the history list that you want to retrieve. This can be any integer number which has a corresponding history list entry. If the argument is 0, the current page is loaded, or better said, reloaded. For example, the following call is equivalent to invoking the history.back() method: 

history.go(–1)

When you want to jump back to the entry with index –1, use history.go(–1) rather than history.back(), because, among other reasons, you can just change the argument in order to jump back a few steps instead of only one. The same applies to history.forward(), which is equivalent to the following call: 

history.go(1)

Also bear in mind that this method does not return any value but causes immediate navigation.

Alternatively, you can specify one of the URLs as the argument of this method. A portion of the desired URL is also sufficient, provided that it is a unique substring of only one entry. In both cases, the specified string (literal or value) is compared against all entries, and the one whose URL includes the specified substring will be loaded.

Unfortunately, you cannot extract the URL, just load it. The following script segment retrieves Netscape’s homepage (www.netscape.com or home.netscape.com) if it is resident in the history list:

<FORM>
<INPUT TYPE="button" VALUE="Go" onClick="history.go('netscape.com')">
</FORM>

The following call reloads the current document:

history.go(0)

Netscape Navigator 3.0x and above provide an explicit and more advanced method for reloading documents: location.reload().

Security Aspects of the history Object

It would be very useful to be able to extract and process URLs which reside in the history list. For security reasons, this functionality has been excluded thus far. First of all, nobody should use the back door to know where the user has been and, secondly, data can be easily submitted from the client to the server via e-mail. Netscape has solved the e-mail breach of security by displaying a warning whenever an e-mail is sent (other than that sent explicitly by the user from the mail window). Netscape’s solution is not foolproof since the user might have disabled this warning, might not pay attention, or might ignore it altogether. Figure 20-3 shows the warning:


Figure 20-3.  A warning generated when the user submits a form via JavaScript or a Submit button.

The problem with the history list’s entries is that they contain complete URLs. A URL may contain extremely confidential information, especially in the form of a search query. For example, the user might have recently submitted a form with a field containing a credit card number. The form may have loaded another page with a search query containing the credit card number.

Credit card numbers or other secure information may be revealed and gleaned by malicious individuals.

Summary

This chapter focused on JavaScript’s window.history object. Since this object is not important and does not have many uses, we kept the discussion short. The most important property of the object is the go method. Besides having a unique functionality of its own, the go method can replace all other history methods. Because it is closely related to URLs, the history-related function replace is discussed in the previous chapter. The following chapters describe various concepts of JavaScript’s object model.

Previous Table of Contents Next

With any suggestions or questions please feel free to contact us