comp.lang.javascript FAQ

This is the comp.lang.javascript meta-FAQ, . The latest version is available at http://jibbering.com/faq/ in HTML form.

Each day, one section of the FAQ is posted for review and questions, and as a reminder that the FAQ is available.

For additional explanation and detail relating to some aspects of the FAQ, please see the notes/. It has been provided separately to avoid increasing the size of the FAQ to a point where it would be unreasonable to post it to the group.

Code examples in this FAQ use http://jsdoctoolkit.org/ comments.

The official Big 8 Usenet newsgroup dealing with javascript is comp.lang.javascript. Some "language" hierarchies also have *.comp.lang.javascript groups.

c.l.js is an unmoderated newsgroup.

The comp.lang.javascript newsgroup deals with ECMAScript languages, so any questions about JavaScript or JScript are welcome. However, the majority of questions sent to this group relates to javascript in a web browser. If you are experiencing issues with a particular browser, or the host is not a browser at all, please make this information clear.

Javascript and Java are two completely different languages. Java questions should be asked in one of the comp.lang.java.* newsgroups; they are not appropriate for c.l.js (as Java and javascript are distinct programming languages with only superficial similarities due to sharing a C-like syntax and some of the characters in their names).

Questions dealing with other scripting languages, such as VBScript, PerlScript or CGI scripting are also off-topic, as are HTML-only or CSS-only questions.

Questions that are specific to Microsoft's JScript may also be appropriately asked at: microsoft.public.scripting.jscript

The comp.lang.javascript newsgroup charter is included in faq_notes/cljs_charter.html.

Before posting to c.l.js, you should read this document. You should also check the #onlineResources.

  • State your question clearly and concisely.
  • Use the Subject: line to show the type of problem you have but include the question in the body as well.
  • For a more detailed explanation of formatting, see notes/posting/.
  • Quote only relevant parts of earlier messages, and add your comments below each quoted section (http://www.ietf.org/rfc/rfc1855.txt).
  • Link to specific sections of the FAQ that are relevant.
  • Avoid being unnecessarily rude, but do not complain about other rude posts.
  • Don't quote signatures.
  • Remove everything that does not contribute to the problem (images, markup, other scripts, etc).
  • Validate the HTML and CSS http://validator.w3.org/, http://jigsaw.w3.org/css-validator/.
  • Make sure the code is executable as transmitted.
  • Format lines to 72 characters; indent with 2-4 spaces (not tabs).
  • State what you expect the code to do.
  • Mention the platforms, browsers, and versions.
  • See also the #debugging.
  • Post in plain-text only. Do not encode it. Do not attach files.
  • If the code is more than about 100 lines, provide a URL in addition.
  • Do not multi-post; cross-post if necessary (http://en.wikipedia.org/wiki/Cross-post).
  • Do not post job postings. Job postings should go to an appropriate regional jobs group.
  • Do not post copyright material without permission from the copyright holder.
  • Relevant announcements are welcome, but no more often than once per major release, as a short link to the product's webpage.

    This could be for several reasons:

    • It was a variation of a frequently asked question and was therefore ignored by everyone.
    • Nobody knows the answer.
    • The person with the answer has not seen the post.
    • It might not be possible to do what you want to do but perhaps readers of c.l.js are reluctant to answer your post in the negative when they are not convinced that it cannot be done.
    • The question was not asked clearly enough, or did not included enough information to be answered.
    • The questioner did not realise the need to read the group, for a few days, to see the answers posted there.
    • You ignored the #posting
    If it is not one of these, then after a few days consider reposting after checking http://groups.google.com/group/comp.lang.javascript/topics for replies. Make sure the post is phrased well, and everything needed to answer is correct, and the subject is appropriate.

    http://www.ecma-international.org/publications/standards/Ecma-262.htm is the international standard that current language implementations (JavaScript™, JScript etc.) are based on.

    http://www.ecma-international.org/publications/standards/Ecma-262.htm defines the language Syntax, Types, Keywords, Operators, and built-in objects. The ECMAScript specification is the reference to determine the expected behavior of a program. ECMAScript does not define any host objects, such as document, window, or ActiveXObject.

    ECMA-327 defines the Compact Profile of ECMAScript by describing the features from ECMA 262 that may be omitted in some resource-constrained environments. http://www.ecma-international.org/publications/standards/Ecma-327.htm

    The most widely supported edition of ECMA-262 is the 3rd edition (1999). There is fair support for this edition in JScript 5.5+ (buggy) and good support JavaScript 1.5.

    The term "javascript" is used as a common name for all dialects of ECMAScript.

    JScript is Microsoft's implementation of ECMAScript.

    Questions that are specific to Microsoft's JScript may also be appropriately asked at: microsoft.public.scripting.jscript.

    The Document Object Model (DOM) is a interface-based model for Document objects. The DOM allows scripts to dynamically access and update a document's content, style, and event handlers.

    The DOM is not part of the ECMAScript programming language.

    Official DOM standards are defined by the World Wide Web Consortium. Scriptable browsers also have proprietary DOM features (http://msdn.microsoft.com/en-us/library/ms533050(VS.85).aspx, https://developer.mozilla.org/en/DOM_Client_Object_Cross-Reference), such as document.writeln().

    Also see the section on #domRef. #onlineResources http://www.w3.org/DOM/faq.html http://www.w3.org/DOM/ https://developer.mozilla.org/en/Gecko_DOM_Reference/Introduction#What_is_the_DOM.3F

    Internationalisation means using one form which is everywhere both acceptable and understood. Any international standard not supported by default can be coded for.

    For example, there is an International Standard for numeric Gregorian date format; but none for decimal and thousands separators.

    Localisation is the process of adapting software for a specific region or language by adding locale-specific components and translating text. It cannot work well in general, because it requires a knowledge of all preferences and the ability to choose the right one, in an environment where many systems are inappropriately set anyway.

    ECMAScript has a few localisation features. The various toString() methods are all implementation dependent, but tend to use either UK or US settings (not necessarily correctly). ECMAScript Ed. 3 introduced some capabilities, including the toLocaleString()method which should create a string based on the host's locale.

    ECMAScript 5th Edition introduces limited ISO 8601 capabilities with Date.prototype.toISOString() and new behavior for Date.parse().

    The 5th edition of ECMAScript was approved on 2009-12-04. There is some support in implementations released before approval date (JScript 5.8, JavaScript 1.8, JavaScriptCore). http://www.ecma-international.org/publications/standards/Ecma-262.htm http://www.ecma-international.org/publications/standards/Ecma-262.htm

    Most javascript books have been found to contain so many technical errors that consensus recommendations have not emerged from the group.

    The following books have been considered to have value by some individuals on c.l.js. The reviews of these books are provided:

  • "JavaScript: The Definitive Guide," 5th Edition, by David Flanagan
    • Published: 2006-08
    • Pages: 1018
    • Errata: http://oreilly.com/catalog/9780596101992/errata/
    • Discussed in:
      • http://groups.google.com/group/comp.lang.javascript/browse_thread/thread/7283898f77fd2a66/9252aa024e058dea#c5f145ae807c918e
  • "JavaScript, The Good Parts," 1st Edition, by Douglas Crockford
    • Published: 2008-05
    • Pages: 170
    • Errata: http://oreilly.com/catalog/9780596517748/errata/
    • Discussed in:
      • http://groups.google.com/group/comp.lang.javascript/browse_thread/thread/d084d2109f7b4ec7#
      • http://groups.google.com/group/comp.lang.javascript/browse_thread/thread/db1e49ab113aa05c/3987eac87ad27966#3987eac87ad27966
      • http://groups.google.com/group/comp.lang.javascript/browse_thread/thread/6a41f7835ee728de/da5ccfc65e2df64a#da5ccfc65e2df64a
      • http://groups.google.com/group/comp.lang.javascript/browse_thread/thread/3a08fb741525ab6d/
      • http://groups.google.com/group/comp.lang.javascript/browse_thread/thread/bf26be6e63494ee2/acb733a1c35f6ce5#ee9e4ee29e658d5d
      • http://groups.google.com/group/comp.lang.javascript/browse_thread/thread/df602506ee48b400/e65e00f5cad07676#e65e00f5cad07676
      • http://groups.google.com/group/comp.lang.javascript/browse_thread/thread/acadf1b22b219433/4f69a95607d0b3ae#4f69a95607d0b3ae
  • The Official ECMAScript Specification
    [ECMA-262] http://www.ecma-international.org/publications/standards/Ecma-262-arch.htm
    [ISO16262] ISO/IEC 16262, Second Edition 2002-06-01 : ISO Standard matching ECMA-262 3rd Edition, with corrections.
    http://standards.iso.org/ittf/PubliclyAvailableStandards/c033835_ISO_IEC_16262_2002(E).zip
    [MS-ES3]: Internet Explorer ECMA-262 ECMAScript Language Specification Standards Support
    http://msdn.microsoft.com/en-us/library/ff520996%28VS.85%29.aspx
    res/%5BMS-ES3%5D.pdf (local alias)
    [MS-ES3EX]: Microsoft JScript Extensions to the ECMAScript Language Specification Third Edition
    http://msdn.microsoft.com/en-us/library/ff521046%28VS.85%29.aspx
    res/%5BMS-ES3EX%5D.pdf (local alias)
    ECMAScript on Wikipedia
    http://en.wikipedia.org/wiki/ECMAScript
    DOM Level 1 ECMAScript Binding
    http://www.w3.org/TR/REC-DOM-Level-1/ecma-script-language-binding.html
    DOM Level 2 ECMAScript Binding
    http://www.w3.org/TR/DOM-Level-2-HTML/ecma-script-binding.html
    DOM Level 2 Events
    http://www.w3.org/TR/DOM-Level-2-Events/events.html
    DOM Level 2 Style
    http://www.w3.org/TR/DOM-Level-2-Style/
    DOM Level 3 ECMAScript Binding
    http://www.w3.org/TR/DOM-Level-3-Core/ecma-script-binding.html
    Mozilla
    JavaScript: http://developer.mozilla.org/en/docs/JavaScript
    Gecko DOM Reference: http://developer.mozilla.org/en/docs/Gecko_DOM_Reference
    Microsoft
    HTML and DHTML Reference: http://msdn.microsoft.com/en-us/library/ms533050.aspx
    JScript Language Reference: http://msdn.microsoft.com/en-us/library/hbxc2t98%28VS.85%29.aspx
    Scripting: http://msdn.microsoft.com/en-us/library/ms950396.aspx
    Opera
    Web Specifications Support: http://www.opera.com/docs/specs/#ecmascript
    JavaScript Support: http://www.opera.com/docs/specs/js/
    ECMAScript Support: http://www.opera.com/docs/specs/js/ecma
    BlackBerry JavaScript Reference
    http://docs.blackberry.com/en/developers/deliverables/11849/
    ICab InScript
    http://www.muchsoft.com/inscript/
    Apple Safari
    Web Content Guide: http://developer.apple.com/safari/library/documentation/AppleApplications/Reference/SafariWebContent/Introduction/Introduction.html
    Webkit
    Project Site: http://webkit.org/
    Wiki: http://trac.webkit.org/wiki
    DOM Reference: http://developer.apple.com/Mac/library/documentation/AppleApplications/Reference/WebKitDOMRef/index.html#//apple_ref/doc/uid/TP40006089
    Netscape 4 Client-Side JavaScript Reference
    http://docs.sun.com/source/816-6408-10/
    Archived documentation for MSIE 3.x
    http://members.tripod.com/%7Ehousten/download/
    Rhino: An open-source implementation of JavaScript written in Java
    http://www.mozilla.org/rhino/
    Besen IDE: ECMAScript Edition 5 with IDE
    http://besen.sourceforge.net/
    V8: Google's open source JavaScript engine
    http://code.google.com/p/v8/
    SpiderMonkey: Mozilla's C implementation of JavaScript
    http://www.mozilla.org/js/spidermonkey/
    Digital Mars DMD Script, console and MS Active Script implementation of ECMAScript
    http://www.digitalmars.com/dscript/
    Developing Dashboard Widgets: Apple Developer Connection
    http://developer.apple.com/macosx/dashboard.html
    Whitebeam Apache Module: Server Side JavaScript in Apache
    http://www.whitebeam.org/

    No javascript libraries are endorsed by this group. If you want help with using a library, visit that library's discussion group instead.

    This is an anonymous FunctionExpression that is called immediately after creation.

    Variables declared inside a function are not accessible from outside the function. This can be useful, for example, to hide implementation details or to avoid polluting the global scope. http://yura.thinkweb2.com/named-function-expressions/ notes/closures/ http://dmitrysoshnikov.com/ecmascript/chapter-5-functions/#question-about-surrounding-parentheses

    The term function statement has been widely and wrongly used to describe a FunctionDeclaration. This is misleading because in ECMAScript, a FunctionDeclaration is not a Statement; there are places in a program where a Statement is permitted but a FunctionDeclaration is not. To add to this confusion, some implementations, notably Mozillas', provide a syntax extension called function statement. This is allowed under section 16 of ECMA-262, Editions 3 and 5.

    Example of nonstandard function statement: // Nonstandard syntax, found in GMail source code. DO NOT USE. try { // FunctionDeclaration not allowed in Block. function Fze(b,a){return b.unselectable=a} /*...*/ } catch(e) { _DumpException(e) }

    Code that uses function statement has three known interpretations. Some implementations process Fze as a Statement, in order. Others, including JScript, evaluate Fze upon entering the execution context that it appears in. Yet others, notably DMDScript and default configuration of BESEN, throw a SyntaxError.

    For consistent behavior across implementations, do not use function statement; use either FunctionExpression or FunctionDeclaration instead.

    Example of FunctionExpression (valid): var Fze; try { Fze = function(b,a){return b.unselectable=a}; /*...*/ } catch(e) { _DumpException(e) } Example of FunctionDeclaration (valid): // Program code function aa(b,a){return b.unselectable=a}

    example/functionStatement.html https://mail.mozilla.org/pipermail/es-discuss/2008-February/005314.html http://groups.google.com/group/comp.lang.javascript/msg/aa9a32d0c6ae0342 http://groups.google.com/group/comp.lang.javascript/msg/3987eac87ad27966 http://nanto.asablo.jp/blog/2005/12/10/172622 (Article in Japanese)

    ISO 8601 defines date and time formats. Some benefits include:

  • language-independent and unambiguous world-wide
  • sortable with a trivial string comparison
  • easily readable and writable by software
  • compatible with standards ISO 9075 and http://www.ietf.org/rfc/rfc3339.txt
  • The ISO Extended format for common date is YYYY-MM-DD, and for time is hh:mm:ss.

    For an event with an offset from UTC, use YYYY-MM-DDThh:mm:ss±hh:mm.

    Never use a local date/time format for a non-local event. Instead, use UTC, as in YYYY-MM-DDThh:mm:ssZ (Z is the only letter suffix).

    The T can be omitted where that would not cause ambiguity. For rfc 3339 compliance, it may be replaced by a space and for SQL, it must be replaced by a single space.

    Year 0000 is unrecognized by some formats (XML Schema, xs:date). #onlineResources http://www.cl.cam.ac.uk/~mgk25/iso-time.html http://en.wikipedia.org/wiki/ISO_8601 res/ISO_8601-2004_E.pdf http://www.w3.org/QA/Tips/iso-date http://www.ietf.org/rfc/rfc3339.txt http://www.w3.org/TR/xmlschema-2/#dateTime

    A local Date object where 0 <= year <= 9999 can be formatted to a common ISO 8601 format YYYY-MM-DD with:- /** Formats a Date to YYYY-MM-DD (local time), compatible with both * ISO 8601 and ISO/IEC 9075-2:2003 (E) (SQL 'date' type). * @param {Date} dateInRange year 0000 to 9999. * @throws {RangeError} if the year is not in range */ function formatDate(dateInRange) { var year = dateInRange.getFullYear(), isInRange = year >= 0 && year <= 9999, yyyy, mm, dd; if(!isInRange) { throw RangeError("formatDate: year must be 0000-9999"); } yyyy = ("000" + year).slice(-4); mm = ("0" + (dateInRange.getMonth() + 1)).slice(-2); dd = ("0" + (dateInRange.getDate())).slice(-2); return yyyy + "-" + mm + "-" + dd; } http://www.merlyn.demon.co.uk/js-date9.htm

    An Extended ISO 8601 local Date format YYYY-MM-DD can be parsed to a Date with the following:- /**Parses string formatted as YYYY-MM-DD to a Date object. * If the supplied string does not match the format, an * invalid Date (value NaN) is returned. * @param {string} dateStringInRange format YYYY-MM-DD, with year in * range of 0000-9999, inclusive. * @return {Date} Date object representing the string. */ function parseISO8601(dateStringInRange) { var isoExp = /^\s*(\d{4})-(\d\d)-(\d\d)\s*$/, date = new Date(NaN), month, parts = isoExp.exec(dateStringInRange); if(parts) { month = +parts[2]; date.setFullYear(parts[1], month - 1, parts[3]); if(month != date.getMonth() + 1) { date.setTime(NaN); } } return date; }

    When formatting money for example, to format 6.57634 to 6.58, 6.7 to 6.50, and 6 to 6.00?

    Rounding of x.xx5 is unreliable, as most numbers are not represented exactly. See also: #binaryNumbers

    The statement n = Math.round(n * 100)/100 converts n to a Number value close to a multiple of 0.01. However, there are some problems. Converting the number to a string (n + ""), does not give trailing zeroes. Rounding numbers that are very close to x.5, for example, Math.round(0.49999999999999992) results 1.

    ECMA-262 3rd Edition introduced Number.prototype.toFixed. There are bugs in JScript 5.8 and below with certain numbers, for example 0.007.toFixed(2) incorrectly results 0.00.

    var numberToFixed = (function() { return toFixedString; function toFixedString(n, digits) { var unsigned = toUnsignedString(Math.abs(n), digits); return (n < 0 ? "-" : "") + unsigned; } function toUnsignedString(m, digits) { var t, s = Math.round(m * Math.pow(10, digits)) + "", start, end; if (/\D/.test(s)) { return "" + m; } s = padLeft(s, 1 + digits, "0"); start = s.substring(0, t = (s.length - digits)); end = s.substring(t); if(end) { end = "." + end; } return start + end; // avoid "0." } /** * @param {string} input: input value converted to string. * @param {number} size: desired length of output. * @param {string} ch: single character to prefix to s. */ function padLeft(input, size, ch) { var s = input + ""; while(s.length < size) { s = ch + s; } return s; } })(); // Test results document.writeln([ "numberToFixed(9e-3, 12) => " + numberToFixed(9e-3, 12), "numberToFixed(1.255, 2) => " + numberToFixed(1.255, 2), "numberToFixed(1.355, 2) => " + numberToFixed(1.355, 2), "numberToFixed(0.1255, 3) => " + numberToFixed(0.1255, 3), "numberToFixed(0.07, 2) => " + numberToFixed(0.07, 2), "numberToFixed(0.0000000006, 1) => " + numberToFixed(0.0000000006, 1), "numberToFixed(0.0000000006, 0) => " + numberToFixed(0.0000000006, 0) ].join("\n")); http://www.merlyn.demon.co.uk/js-round.htm http://msdn.microsoft.com/en-us/library/sstyff0z%28VS.85%29.aspx

    For example, 5 * 1.015 does not give exactly 5.075 and 0.06+0.01 does not give exactly 0.07 in javascript.

    ECMAScript numbers are represented in binary as IEEE-754 (IEC 559) Doubles, with a resolution of 53 bits, giving an accuracy of 15-16 decimal digits; integers up to just over 9e15 are precise, but few decimal fractions are. Given this, arithmetic is as exact as possible, but no more. Operations on integers are exact if the true result and all intermediates are integers within that range.

    In particular, non-integer results should not normally be compared for equality; and non-integer computed results commonly need rounding; see #formatNumber http://msdn.microsoft.com/en-us/library/7wkd9z69%28VS.85%29.aspx http://www.merlyn.demon.co.uk/js-misc0.htm#DW4

    Otherwise, use Math.round on the results of expressions which should be of integer value.

    Method parseInt generally needs a second parameter, radix, for the base (from 2 to 36).

    If radix is omitted, the base is determined by the contents of the string. Any string beginning with '0x' or '0X' represents a hexadecimal number. A string beginning with a leading 0 may be parsed as octal (as if raxix were 8), in ECMA-262 Ed 3 (octal digits are 0-7). If string '09' is converted to 0.

    To force use of a particular base, use the radix parameter: parseInt("09", base).

    http://developer.mozilla.org/en/Core_JavaScript_1.5_Reference/Global_Functions/parseInt http://msdn.microsoft.com/en-us/library/x53yedee%28VS.85%29.aspx http://docs.sun.com/source/816-6408-10/toplev.htm#1064173 notes/type-conversion/#tcPrIntRx

    Variables are not typed; their values are. The conversion between a string and a number happens automatically.

    The addition operator (+) performs concatenation if either operand is a string, thus "1" + 1 results "11". To perform addition, you might need to first convert the string to a number. For example +varname or Number(varname) or parseInt(varname, 10) or parseFloat(varname). Form control values are strings, as is the result from a prompt dialog. Convert these to numbers before performing addition: +'1' + 1 results 2. Additional Notes: notes/type-conversion/ http://msdn.microsoft.com/en-us/library/67defydd%28VS.85%29.aspx

    Math.random() returns a value R such that 0 <= R < 1.0; therefore: // positive integer expected function getRandomNumber(n) { return Math.floor(n * Math.random()); } - gives an evenly distributed random integer in the range from 0 to n - 1 inclusive; use getRandomNumber(n)+1 for 1 to n. http://msdn.microsoft.com/en-us/library/41336409%28VS.85%29.aspx http://docs.sun.com/source/816-6408-10/math.htm How to Deal and Shuffle, see in: http://www.merlyn.demon.co.uk/js-randm.htm

    A native object is any object whose semantics are fully defined by ECMA-262.

    Some native objects are built-in; others, such as user-defined objects, may be constructed during the execution of an ECMAScript program.

    Example: // Native built-in objects: var m = Math, // Built-in Math object. slice = Array.prototype.slice, // Built-in native method. o = {}, // Native user-defined object. f = function(){}, // Native user-defined function. d = new Date(), a = [], e = new Error("My Message."); See also: http://dmitrysoshnikov.com/ecmascript/chapter-7-2-oop-ecmascript-implementation/

    A built-in object is any object supplied by an ECMAScript implementation, independent of the host environment, that is present at the start of the execution of an ECMAScript program.

    ECMA-262 3rd Edition defines the following built-in objects:

    Objects
    global, Math
    Constructors
    Object, Function, Array, String, Boolean, Number, Date, RegExp
    Errors
    Error, Date, EvalError, RangeError, ReferenceError, SyntaxError, TypeError, URIError
    Functions
    eval, parseInt, parseFloat, isNaN, isFinite, decodeURI, decodeURIComponent, encodeURI, encodeURIComponent

    ECMA-262 Edition 5 defines also the built-in object JSON.

    Nonstandard built-in objects may include RuntimeObject, String.prototype.link, CollectGarbage, and more.

    A host object is any object supplied by the host environment to complete the execution environment of ECMAScript.

    A host object is not part of the ECMAScript implementation, but is exposed to the ECMAScript implementation.

    A host object may be implemented as a native ECMAScript object, however this is not required. For example, Internet Explorer implements many scriptable DOM objects as ActiveX Objects, often resulting in unexpected errors.

    Availability and behavior of a host object depends on the host environment.

    For example, in a browser, XMLHttpRequest might be available, with or without standard or proprietary features or events. Windows Script Host object model has the WScript object available.

    For information on a particular host object, consult the pertinent documentation available for the implementation(s). For web browsers, this usually includes the w3c specifications as well as documentation for that browser. See also: notes/code-guidelines/#hostObjects http://peter.michaux.ca/articles/feature-detection-state-of-the-art-browser-scripting

    The eval function should only be used when it is necessary to evaluate a string supplied or composed at run-time; the string can be anything from a simple (but unpredictable) expression such as "12 * 2.54" to a substantial piece of javascript code.

    When eval( '{"key" : 42}' ) is called, { is interpreted as a block of code instead of an object literal. Hence, the Grouping Operator (parentheses) is used to force eval to interpret the JSON as an object literal: eval( '({"key" : 42})' );. http://json.org/ #propertyAccessAgain notes/square-brackets/

    There are two ways to access properties: dot notation and square bracket notation. What you are looking for is the square bracket notation in which the dot, and the identifier to its right, are replaced with a set of square brackets containing a string. The value of the string matches the identifier. For example:- //dot notation var bodyElement = document.body; //square bracket notation, using an expression var bodyElement = document["bo"+"dy"]; notes/square-brackets/

    ECMAScript 5 defines String.prototype.trim. Where not supported, it can be added as a function that uses a regular expression: if(!String.prototype.trim) { String.prototype.trim = function() { return String(this).replace(/^\s+|\s+$/g, ""); }; } Implementations are inconsistent with \s. For example, some implementations, notably JScript 5.8 and Safari 2, do not match \xA0 (no-break space), among others.

    A more consistent approach would be to create a character class that defines the characters to trim.

    https://developer.mozilla.org/en/Core_JavaScript_1.5_Reference/Global_Objects/RegExp http://thinkweb2.com/projects/prototype/whitespace-deviations/ https://developer.mozilla.org/en/Firefox_3.1_for_developers http://docs.sun.com/source/816-6408-10/regexp.htm http://msdn.microsoft.com/en-us/library/6wzad2b2%28VS.85%29.aspx http://groups.google.com/group/comp.lang.javascript/browse_frm/thread/c7010139217600c3/31092c5eb99625d0?#31092c5eb99625d0 http://unicode.org/Public/UNIDATA/PropList.txt

    In HTML documents, a form may be referred to as a property of the document.forms collection, either by its ordinal index or by name (if the form has a name). A form's controls may be similarly referenced from its elements collection: var frm = document.forms[0]; var control = frm.elements["elementname"]; Once a reference to a control is obtained, its (string) value property can be read:- var value = control.value; value = +control.value; //string to number. Some exceptions would be:

    First Exception: Where the control is a SELECT element, and support for older browsers, such as NN4, is required: var value = control.options[control.selectedIndex].value; Second Exception: Where several controls share the same name, such as radio buttons. These are made available as collections and require additional handling. For more information, see:- notes/form-access/ names/

    Third Exception: File inputs. Most current browsers do not allow reading of type="file" input elements in a way that is useful.

    Form controls with any "illegal" characters can be accessed with formref.elements["myselect[]"] - The bracket characters, amongst others, are illegal in ID attributes and javascript identifiers, so you should try to avoid them as browsers may handle them incorrectly. http://msdn.microsoft.com/en-us/library/ms537449%28VS.85%29.aspx https://developer.mozilla.org/en/DOM/form notes/form-access/

    Microsoft introduced a shortcut that can be used to reference elements which include an id attribute where the id becomes a globally-accessible property. Some browsers reproduce this behavior. Some, most notably Gecko-based browsers (Netscape and Mozilla), do so only in "quirks" mode. The best approach is the document.getElementById method, which is part of the W3C DOM standard and implemented in modern browsers (including IE from version 5.0). So an element with id="foo" can be referenced with:- var el = document.getElementById("foo"); Note: make sure not to use the same id twice in the same document and do not give an element a name that matches an id of another in the same document or it will trigger bugs in MSIE <= 7 with document.getElementsByName and document.getElementById. https://developer.mozilla.org/en/Using_Web_Standards_in_your_Web_Pages/Using_the_W3C_DOM#Accessing_Elements_with_the_W3C_DOM faq_notes/faq_notes.html#FAQN4_41

    Using the non-standard but widely implemented innerHTML property: <div id="anID">Some Content</div> with script: document.getElementById("anID").innerHTML = "Some <em>new</em> Content"; Where "anID" is the (unique on the HTML page) id attribute value of the element to modify.

    All versions of Internet Explorer exhibit problems with innerHTML, including:

  • Fails with FRAMESET, HEAD, HTML, STYLE, SELECT, OBJECT, and all TABLE-related elements.
  • Replaces consecutive whitespace characters with a single space.
  • Changes attribute values and order of appearance.
  • Removes quotations around attribute values.
  • If the new content is only text and does not need to replace existing HTML, it is more efficient to modify the data property of a text node. document.getElementById("anID").firstChild.data = "Some new Text";

    Compatibility Note: Implementations have been known to split long text content among several adjacent text nodes, so replacing the data of the first text node may not replace all the element's text. The normalize method, where supported, will combine adjacent text nodes.

    Note: Make sure the element exists in the document (has been parsed) before trying to reference it. http://www.w3.org/TR/DOM-Level-2-Core/core.html#ID-FF21A306 http://msdn.microsoft.com/en-us/library/cc304097%28VS.85%29.aspx http://msdn.microsoft.com/en-us/library/ms533897%28VS.85%29.aspx http://developer.mozilla.org/en/Whitespace_in_the_DOM http://developer.mozilla.org/en/docs/DOM:element.innerHTML http://www.whatwg.org/specs/web-apps/current-work/multipage/the-end.html#html-fragment-serialization-algorithm (draft)

    An element can only be accessed after it exists in the document.

    Either: A) include your script after the HTML element it refers to, or B) use the "load" event to trigger your script.

    Example A: <div id="snurgle">here</div> <script type="text/javascript"> // Don't forget var. var snurgleEl = document.getElementById("snurgle"); window.alert(snurgleEl.parentNode); </script>

    Example B: // In the HEAD. <script type="text/javascript"> window.onload = function(){ var snurgleEl = document.getElementById("snurgle"); }; </script>

  • invalid HTML
  • two elements with the same name or id
  • use of an unsafe name: http://jibbering.com/names/
  • .

    Write a cookie and read it back and check if it's the same. Additional Notes: http://www.ietf.org/rfc/rfc2965.txt http://www.galasoft-lb.ch/myjavascript/consulting/2001012701/ http://www.cookiecentral.com/

    The window object (also referred to by self) is "DOM Level 0". No formal standard for it exists.

    You can't. The browser's history cannot be modified. However, you can use self.location.replace(url); in some browsers to replace the current page in the history. http://msdn.microsoft.com/en-us/library/ms536712%28VS.85%29.aspx http://docs.sun.com/source/816-6408-10/location.htm#1194240

    To reference another frame on the same domain:

    The content window of a FRAME or IFRAME can be accessed by the frames collection.

    Example: var fwin; fwin = self.frames[0]; // or: fwin = self.frames["iframeName"];

    or, from the IFRAME or FRAME element: var iframeEl = document.getElementById("myFrame"); var fwin = iframeEl.contentWindow; // Nonstandard, but widely supported. var fdoc = iframeEl.contentDocument; // DOM2 HTML Standard.

    A global identifier moomin in the the iframe's content window is accessed as fwin.moomin.

    To communicate between frames on different domains:

    Where supported, (IE8, Firefox 3, Opera 9, Safari 4), use window.postMessage( message[, port], otherDomain);.

    Example: http://jibbering.com/faq/example/postMessage.html

    Where window.postMessage is not supported, the window.name property can be set on the other window, which can poll for updates to that property using setInterval(checkWinName, 100); where checkWinName is a function that polls to check the value of self.name. http://en.wikipedia.org/wiki/Same_origin_policy http://www-archive.mozilla.org/docs/dom/domref/dom_frame_ref5.html https://developer.mozilla.org/en/DOM/window.postMessage http://msdn.microsoft.com/en-us/library/cc197015(VS.85).aspx

    Here is a detailed explanation of a cross-browser strategy to find the dimensions of the viewport, excepting all chrome (excludes scrollbars, etc).

    We can consider various properties: window.innerWidth document.clientWidth document.documentElement.clientWidth document.body.clientWidth Of the browsers that have an innerWidth property, most include scrollbar dimensions. Some versions of KHTML browsers (including Safari 2) do not include scrollbar width.

    The window.inner* properties are unreliable and not useful here. We don't want scrollbar dimensions included. document.clientWidth

    Certain versions of KHTML, including Safari 2, have document.clientHeight and document.clientWidth properties. Where supported, these rare properties accurately return the height and width of the viewport, without including scrollbar dimensions. document.documentElement.clientWidth document.body.clientWidth MSHTML (Trident), Firefox (Gecko), Opera (Presto), and Safari (Webkit) all support clientHeight on document.body and document.documentElement. The difficulty is figuring out which one is reliable. In other words which object to get the clientHeight property from:documentElement or body?

    What the number returned from either of these properties represents depends on the environment. The environment includes the browser, its version, and the rendering mode of the document. In quirks mode, we'll mostly want to use body.clientHeight (except for in Safari 2). document.body.clientHeight Some environments will return the viewport height. Others will return 0. Yet others will return the clientHeight of the BODY element. document.documentElement.clientHeight This is the more "standard" property for getting the height of the viewport. It usually "works" in modern browsers in standards mode. Notable exceptions include Safari 2 and Opera <= 9.25, both of which return the clientHeight of the html element. (Oddly, Opera <= 9.25 in standards mode returns the width of the viewport for documentElement.clientWidth).

    With the exception of Safari 2, body.clientHeight is reliable where documentElement.clientHeight is found to be unreliable. For example, in Safari 3+, Opera, and Mozilla, all in quirks mode, document.documentElement.clientHeight returns the clientHeight of the html element (this may seem unsurprising but it is not what we want).

    Conversely, document.body.clientHeight will return the height of the viewport in most cases where document.documentElement.clientHeight does not. An exception to that is Safari 2, where documentElement.clientHeight and body.clientHeight both return the height of their corresponding element (not what we want).

    By using a combination of Feature Testing and Capability Testing, the dimensions of the viewport can be strategically retrieved from the property that works in the environment the script is running in. The trick is determining which property will give us the value we want.

    Since document.clientHeight is reliable where (rarely) supported, and since browsers that support this property don't return the viewport dimensions from document.body.clientHeight or document.documentElement.clientHeight, this should be the very first condition: // Safari 2 uses document.clientWidth (default). if(typeof document.clientWidth == "number") { // use document.clientWidth. } The next strategy is to determine if document.documentElement.clientHeight property is unreliable. It is deemed "unreliable" when it is either 0 or taller than the viewport.

    Determining if documentElement.clientHeight is 0 is easy. The result is stored in a variable IS_BODY_ACTING_ROOT. var docEl = document.documentElement, IS_BODY_ACTING_ROOT = docEl && docEl.clientHeight === 0; docEl = null; To determine if documentElement.clientHeight returns a value taller than the viewport, we need a Capability Test.

    If we can force documentElement to be very tall (taller than a normal viewport) we can then check to see if documentElement.clientHeight returns that "very tall" number. If it does, then it is unreliable.

    We can force documentElement to be taller than the viewport (or any "normal" viewport) by adding a div to the body, give that div a height larger than any normal monitor, and then check to see if documentElement.clientHeight is that high (or "almost" that high, to account for documentElement having a border). // Used to feature test Opera returning wrong values // for documentElement.clientHeight. // The results of this function should be cached, // so it does not need to be called more than once. function isDocumentElementHeightOff(){ var d = document, div = d.createElement('div'); div.style.height = "2500px"; d.body.insertBefore(div, d.body.firstChild); var r = d.documentElement.clientHeight > 2400; d.body.removeChild(div); return r; } We can use this function to see if we should use body.clientHeight, instead. (but only after checking if document.clientHeight is supported). // Safari 2 uses document.clientWidth (default). if(typeof document.clientWidth == "number") { // use document.clientHeight/Width. } else if(IS_BODY_ACTING_ROOT || isDocumentElementHeightOff()) { // use document.body.clientHeight/Width. } else { // use document.documentElement.clientHeight/Width. } The preceding strategy was developed by Garrett Smith with input from John David Dalton. A complete and tested example can be found in APE Library under APE.dom.getViewportDimensions. Source code: http://dhtmlkitchen.com/ape/build/dom/viewport-f.js. APE is publicly released under Academic Free License. APE home: http://dhtmlkitchen.com/ape/.

    Note: The dimensions cannot be determined accurately until after the document has finished loading. http://msdn.microsoft.com/en-us/library/ms533566%28VS.85%29.aspx http://developer.mozilla.org/en/DOM/window.innerWidth http://dev.opera.com/articles/view/using-capability-detection/

    var myWin; function openWin(aURL) { if (!myWin || myWin.closed ) { myWin = window.open(aURL,'myWin'); } else { myWin.location.href = aURL; myWin.focus(); } } Popup windows cause usability problems and are generally best avoided. https://developer.mozilla.org/en/DOM:window.open http://msdn.microsoft.com/en-us/library/ms533574%28VS.85%29.aspx http://docs.sun.com/source/816-6408-10/window.htm#1201877 http://www.useit.com/alertbox/990530.html

    IE prints the frame that has focus when you call the print method frameref.focus();frameref.print(); http://msdn.microsoft.com/en-us/library/ms976105.aspx

    If a window was opened by javascript, then it can be closed without confirmation by using windowRef.close().

    Before calling windowRef.close() (or other window methods), make sure the window reference is not null and its closed property is false.

    Popup windows cause usability problems and are generally best avoided.

    http://www.useit.com/alertbox/990530.html #isWindowOpen http://msdn.microsoft.com/en-us/library/ms536367%28VS.85%29.aspx https://developer.mozilla.org/en/DOM/window.close#Description http://docs.sun.com/source/816-6408-10/window.htm#1201822

    In the normal browser security model, a script may only access the properties of documents served from the same domain or IP address, protocol, and port.

    Any attempt to access a property in such cases will result in a "Permission Denied" error. Signed scripts or trusted ActiveX objects can overcome this in limited situations. http://msdn.microsoft.com/en-us/library/ms533028%28VS.85%29.aspx https://developer.mozilla.org/En/Same_origin_policy_for_JavaScript

    There is no built-in way to pause execution in javascript such as a sleep function, but hosts usually provide a method of some form. Web browsers are designed for event driven programming and only provide the setTimeout and setInterval functions to facilitate timed delays. The delay before calling getSnork may exceed the second parameter to setTimeout and setInterval due to implementation differences among browsers.

    To call the function getSnork, approximately 10 seconds after the function getMoomin() completes, you would do this: getMoomin(); setTimeout(getSnork, 10000); Script execution is not stopped, and adding getSnufkin() after the setTimeout line would immediately execute the function getSnufkin before getSnork.

    Achieving delays through running a loop of some sort for a pre-defined period is a bad strategy, as that will inhibit whatever was supposed to be happening during the delay, including blocking user interation.

    Other (less event driven) hosts have different wait functions, such as WScript.Sleep() in the Windows Script Host. http://msdn.microsoft.com/en-us/library/ms536753%28VS.85%29.aspx http://docs.sun.com/source/816-6408-10/window.htm#1203758 http://en.wikipedia.org/wiki/Event-driven_programming faq_notes/misc.html#mtSetTI

    In a normal security environment, you can't change anything.

    Print Stylesheet rules provide options.

    For IE, ActiveX or Plugin ScriptX and Neptune from Meadroid to give you more control for Windows versions of Internet Explorer, Netscape, and Opera. http://www.meadroid.com/scriptx/ http://msdn.microsoft.com/en-us/library/ms976105.aspx

    The buttons on a confirm box cannot be changed, nor can a default button be specified.

    Change the question to a statement so that "OK" is suitable as the default response.

    Example: "Would you like us to charge your credit card?" (wrong) "We will now charge your credit card." (right).

    It is not possible with client-side javascript.

    Some browsers accept the Content-Disposition header, but this must be added by the server. Taking the form:- Content-Disposition: attachment; filename=filename.ext http://classicasp.aspfaq.com/general/how-do-i-prompt-a-save-as-dialog-for-an-accepted-mime-type.html http://support.microsoft.com/kb/q260519/

    In a default security environment you are very limited in how much you can modify the current browser window. You can use window.resizeTo or window.moveTo to resize or move a window respectively, but that is it. Normally you can only suggest chrome changes in a window.open. http://msdn.microsoft.com/en-us/library/ms536651%28VS.85%29.aspx https://developer.mozilla.org/en/DOM:window.open

    Use the target attribute on the form, opening a window with that name and your feature string in the onsubmit handler of the FORM. <form action="" method="post" target="wndname" onsubmit="window.open('',this.target);return true;"> http://www.htmlhelp.com/reference/html40/forms/form.html

    New windows can be opened on browsers that support the window.open function and are not subject to the action of any pop-up blocking mechanism with code such as:- var wRef; if(window.open){ wRef = window.open("http://example.com/page.html","windowName"); } https://developer.mozilla.org/en/DOM:window.open http://www.infimum.dk/HTML/JSwindows.html

    Ajax is shorthand for Asynchronous JavaScript and XML. The technology is based on the XMLHttpRequest Object. At its simplest, it is the sending/retrieving of new data from the server without changing or reloading the window location. Mozilla Documentation: http://developer.mozilla.org/en/docs/XMLHttpRequest MSDN Documention: http://msdn.microsoft.com/en-us/library/ms535874%28VS.85%29.aspx http://msdn.microsoft.com/en-us/library/ms759148%28VS.85%29.aspx Ajax Libraries and Tutorial Sites: http://jibbering.com/2002/4/httprequest.html http://www.ajaxtoolbox.com/

    Although XMLHttpRequest can be used to download entire pages, it is often used for downloading small pieces of data that can be used to update the current page. http://jibbering.com/2002/4/httprequest.html http://www.ajaxtoolbox.com/

    Use a server-side language to generate the javascript.

    Certain characters of ECMAScript strings must be escaped by backslash. These include quote marks, backslash, and line terminators.

    JSP Example, using Apache Commons: org.apache.commons.lang.StringEscapeUtils: var jsVar = "<%= StringEscapeUtils.escapeJavaScript(str) %>";

    PHP example using addcslashes: var jsVar = "<?php echo addcslashes($str,"\\\'\"\n\r"); ?>"; example/addcslashes.php http://php.net/manual/en/function.addcslashes.php http://commons.apache.org/lang/

    This cannot be done reliably. Here's why:

    • The user may disable javascript so the log-out script will never execute.
    • The user may not be on-line when they close your web page.
    • Javascript errors elsewhere in the page may prevent the script executing.
    • The browser may not support the onunload event, or may not fire it under certain circumstances, so the log-out function will not execute.
    The URL below has more information. http://groups.google.com/groups?selm=BlmZ7.55691%244x4.7344316%40news2-win.server.ntlworld.com

    You trigger a server-side script by sending an HTTP request. This can be achieved by setting the src of an img, Image, frame, or iframe, or by using XHR, where supported.

    An image will also "swallow" the data sent back by the server, so that they will not be visible anywhere.

    var dummyImage = new Image(); dummyImage.src = "scriptURL.asp?param=" + varName;

    Mozilla, Opera 7.6+, Safari 1.2+, and Windows IE 7 provide the XMLHttpRequest object (Windows IE versions 5+, provides ActiveX to acheive an analagous effect). XMLHttpRequest can send HTTP requests to the server, and provides access the responseText or responseXML (when the response is XML), and HTTP header information. http://jibbering.com/2002/4/httprequest.html http://www.w3.org/TR/XMLHttpRequest/ http://developer.mozilla.org/en/XMLHttpRequest http://msdn.microsoft.com/en-us/library/ms537505(VS.85).aspx

    Images are cached by the browser depending on the headers sent by the server. If the server does not send sufficient information for the browser to decide the image is cacheable, the browser will check if the image has been updated every time you change the src of an image (in some user settings). To overcome this you must send suitable headers. http://www.mnot.net/cache_docs/

    To reload a page, use location.reload(). However, this depends upon the cache headers that your server sends. To change this, you need to alter the server configuration. A quick fix on the client is to change the page URI so that it contains a unique element, such as the current time. For example: location.replace(location.href+'?d='+new Date().valueOf()) If the location.href already contains a query String, use: location.replace(location.href+'&d='+new Date().valueOf()) http://www.mnot.net/cache_docs/ http://docs.sun.com/source/816-6408-10/date.htm

    Browsers cache the results of HTTP requests to reduce network traffic. To force the browser to request the document from the server, either set the EXPIRES and/or CACHE-CONTROL response header(s) with a past date or use a unique query string. req.open("GET", "/example.jsp?date=" + (+new Date), true); Always use the appropriate HTTP method. Do not use POST to prevent caching. See http://www.faqs.org/rfcs/rfc2616.html. http://www.mnot.net/cache_docs/#EXPIRES http://www.mnot.net/javascript/xmlhttprequest/cache.html

    There are debugging tools for many browsers. Learn to use them all.

    Windows
    http://www.fiddlertool.com/fiddler/. Fiddler is an HTTP Debugging proxy (it won't find script errors). Fiddler logs HTTP activity, like Firebug's Net tab, but can be attached to any browser running on Windows.
    Windows IE
    Microsoft Script Editor. Included with Visual Studio or Microsoft Word 2003 (discontinued in Office 2007). To enable, Tools, Internet Options, Advanced, and uncheck Disable Script Debugging. After enabling Script Debugging, a Script Debugger option will appear in the View menu.
    http://www.my-debugbar.com/wiki/IETester/HomePage for testing IE 5.5- IE8.
    http://www.my-debugbar.com/wiki/CompanionJS/HomePage console for IE.
    Note: For debugging scripts in IE, the Microsoft Script Editor is recommended. However, if not available, the http://www.microsoft.com/downloads/details.aspx?FamilyId=2F465BE0-94FD-4569-B3C4-DFFDF19CCD99&displaylang=en may be somewhat helpful.
    http://www.microsoft.com/downloads/details.aspx?FamilyID=e59c3964-672d-4511-bb3e-2d5e1db91038&displaylang=en
    To report errors: Wait until a little yellow triangle appears at the left end of the status bar, double click on it and, when the error dialog box appears, check the "Always show errors" checkbox it contains. Or, Internet Options, Advanced, deselect "Disable Script Debugging", select "Display a notification ...".
    Firefox
    Tools > Error console (Ctrl + Shift + j).
    http://getfirebug.com/
    https://addons.mozilla.org/en-US/firefox/addon/5369. YSlow analyzes web pages and tells you why they're slow based on Yahoo's rules for high performance web sites.
    https://addons.mozilla.org/en-US/firefox/addon/1743 Lori or Life-of-request info, is useful for troubleshooting server response and page load time.
    https://addons.mozilla.org/en-US/firefox/addon/60.
    https://addons.mozilla.org/en-US/firefox/addon/1201.
    https://addons.mozilla.org/en-US/firefox/addon/1192. XPath generator, editor and inspector.
    Opera
    Tools > Advanced > Error console
    http://dev.opera.com/articles/view/introduction-to-opera-dragonfly/
    Safari
    To display the Develop menu in Safari 3.1 or higher, select the checkbox labeled "Show Develop menu in menu bar" in Safari's Advanced Preferences panel.
    http://trac.webkit.org/wiki/Web%20Inspector
    Chrome
    JavaScript Console: click the Page menu icon and select Developer > JavaScript Console. From here, you'll be able to view errors in the JavaScript execution, and enter additional javascript commands to execute.
    JavaScript Debugger: available as Page menu icon > Developer > Debug JavaScript, the debugger provides a command prompt from which you can set breakpoints, backtrace, and more. Type help at the debugger command line to get started.
    • http://www.google.com/chrome/intl/en/webmasters-faq.html#jsexec
    • http://blog.chromium.org/2009/06/developer-tools-for-google-chrome.html
    • http://blog.chromium.org/2009/08/google-chrome-developer-tools-for.html
    Mac IE
    Use the Preferences dialog.

    The short answer: Don't do that.

    The navigator host object contains properties which may identify the browser and version. These properties are historically inaccurate. Some browsers allow the user to set navigator.userAgent to any value. For example, Firefox, (type about:config and search useragent or Safari, Develop > User Agent > Other..., IE, via Registry.

    Other browsers, such as Opera, provide a list of user agents for the user to select from. There are also at least 25 other javascript capable browsers, with multiple versions, each with their own string.

    Browser detection is unreliable, at best. It usually causes forward-compatibility and maintenance problems. It is unrelated to the problem or incompatiblity it is trying to solve and obscures the problems it is used for, where it is used.

    Object detection is checking that the object in question exists. http://dev.opera.com/articles/view/using-capability-detection/ goes one step further to actually test the object, method, or property, to see if behaves in the desired manner.

    Feature Test Example: /** * Returns the element/object the user targeted. * If neither DOM nor IE event model is supported, returns undefined. * @throws TypeError if the event is not an object. */ function getEventTarget(e) { e = e || window.event; // First check for the existence of standard "target" property. return e.target || e.srcElement; } notes/detect-browser/ http://dev.opera.com/articles/view/using-capability-detection/ http://developer.apple.com/internet/webcontent/objectdetection.html http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.43

    In practice you can't. While you could create a suitable encryption system with a password in the page, the level of support you need to do this means it's always simpler to do it server-side. Anything that "protects" a page other than the current one is definitely flawed.

    With clientside javascript you can't as your code is distributed in source form and is easily readable. With JScript, there is the Script Encoder (see MSDN), but this is nothing more than obfuscation. Attempting to disable the context menu does nothing to protect your script in a Web browser. Your code is likely protected under copyright laws. See: http://www.wipo.int/about-ip/en/copyright.html http://webdesign.about.com/od/copyright/Copyright_Issues_on_the_Web_Intellectual_Property.htm

    A context menu, often triggered by right-click, can be requested by the user in a few ways. For example, on windows, shift + F10 and on macs, click-and-hold. Other input devices exist and mouse buttons can be configured, making the term "right click" a misnomer, in context.

    In browsers that allow it, a script can suppress the context menu by returning false from an object's oncontextmenu event handler. document.oncontextmenu = function() { return false; }; Some browsers lack context menus (e.g. iphone). Browsers that have context menus do not always have a scriptable event for them. Some browsers can be configured to disallow scripts from detecting context menu events (IE, Opera); others may fire the event but be configured to disallow scripts from suppressing the context menu (Firefox,Seamonkey).

    Even when the context menu has been suppressed, it will still be possible to view/save the source code and to save images. http://en.wikipedia.org/wiki/Context_menu http://kb.mozillazine.org/Ui.click_hold_context_menus http://support.microsoft.com/kb/823057 http://stackoverflow.com/questions/1870880/opera-custom-context-menu-picking-up-the-right-click/1902730#1902730 http://support.mozilla.com/en-US/kb/Javascript#Advanced_JavaScript_settings http://msdn.microsoft.com/en-us/library/ms536914%28VS.85%29.aspx

    Security means that by default you can't. In a more restricted environment, there are options. For example, using LiveConnect to connect to Java with Netscape, and using the FileSystemObject in IE. Check http://groups.google.com/group/comp.lang.javascript/topics for previous posts on the subject. http://msdn.microsoft.com/en-us/library/z9ty6h50%28VS.85%29.aspx http://www.javaworld.com/javaworld/jw-10-1998/jw-10-apptowin32.html

    Whatever the rest of your question, this is generally a very bad idea. The javascript: pseudo protocol was designed to replace the current document with the value that is returned from the expression. For example: <a href="javascript:'<h1>' + document.lastModified + '</h1>'">lastModified</a> will result in replacing the current document with the value returned from document.lastModified, wrapped in an <h1> tag.

    When the expression used evaluates to an undefined value (as some function calls do), the contents of the current page are not replaced. Regardless, some browsers (notably IE6) interpret this as navigation and will enter into a 'navigation' state where GIF animations and plugins (such as movies) will stop and navigational features such as META refresh, assignment to location.href, and image swaps fail.

    It is also possible for IE to be configured such that it supports javascript but not the javascript: protocol. This results in the user seeing a protocol error for javascript: URIs.

    The javascript: pseudo protocol creates accessibility and usability problems. It provides no fallback for when the script is not supported.

    Instead, use <a href="something.html" onclick="somefunction();return false"> where something.html is a meaningful alternative. Alternatively, attach the click callback using an event registry. example/jsuri/ http://groups.google.com/group/comp.lang.javascript/msg/f665cfca3b619692 http://www.useit.com/alertbox/20021223.html

    The FAQ uses the stylesheet faq.css and is generated from the xml source index.xml by the windows script host script process.wsf which also checks the links.

    If a poster feels that the question they are answering should be covered in the FAQ, placing <FAQENTRY> in the post lets the FAQ robot collect the messages for easy review and inclusion. A Draft Proposal for the FAQ is requested and appreciated.

    The <FAQENTRY> should not be used in posts except in conjunction with a suggestion/proposal for the FAQ. It should also not be literally quoted in replies, instead it should be partly obscured as, e.g. <FAQ**TRY> or similar.

    To make a suggestion to the FAQ, use either the FAQENTRY method above, or email Garrett Smith dhtmlkitchen@gmail.com (current FAQ editor) or Jim Ley (jim.ley@gmail.com). All comments, suggestions, and especially corrections are welcome.