What does the browser do when the source of iframe

2019-02-13 04:35发布

问题:

When the source of an iframe is:

javascript:'';

as in:

<iframe id="SpControlFrame1" name="SpControlFrame1" src="javascript:'';" path_src="index.php?cmd=YYY" ></iframe>

What is going on? What does the src="javascript:'';" tell the browser to do?

what does the "path_src" do?

Thanks Chris

回答1:

It tells the browser to display the result of executing the empty string literal. Therefore, it would just display an empty string.

You can test the effect of this by typing in javascript:'http://stackoverflow.com'; in the address bar of a normal window/tab. You'll get a white page that says "http://stackoverflow.com" and you won't actually be taken to that URL.

This is the reason that bookmarklets often wrap the code inside void() or an anonymous function that doesn't return anything to stop the browser from trying to display the result of executing the bookmarklet. For example:

javascript:void(window.open("dom_spy.html"))

Or:

javascript:(function () { window.open("dom_spy.html"); })()

If you directly use code that returns something (a new window instance in this case), the browser will end up displaying that:

javascript:window.open("dom_spy.html");

In Firefox the above will display:

[object Window]


回答2:

To the best of my knowledge the src attribute maps to the iframe elements location.href. So setting src to javascript:''; is a bit nonsensical and the browser will do one of two things:

  • Ignore it because it is not a URI and does not resolve to any displayable resource
  • Execute the javascript which produced nothing

Either way you accomplish very little. Is this code you inherited or are you trying to do something tricky with the iframe?