Condividi tramite


Event 1062 - Windows Reuse Navigation Restriction

  • Logged Message
  • What Is It?
  • When Is This Event Logged?
  • Example
  • Remediation
  • Related topics

Logged Message

To help prevent spoofing attacks, Windows Internet Explorer 8 will prevent a top-level frame owned by one website from being navigated by another website from a different security context. In cases where this restriction takes effect, a new window or tab is opened rather than navigating the existing frame. This change conforms to the HTML5 draft specification for window navigation.

What Is It?

An HTML link can specify the name of a window in which the linked page should be displayed. This allows a link appearing in one page to change the contents of another window.

A feature introduced in Internet Explorer 8 enforces some limits on the target window in which a page can be opened.

The idea for the change is based on a security concern. You don't want contoso.com to have a link that allows it to change the contents of a frame owned by woodgrovebank.com (potentially spoofing a woodgrovebank.com page).

Windows Internet Explorer only allows a page to be opened in an existing named window if certain conditions are met. As an example, assume you have three windows: A, B, and C. A is a top-level window. B is the opener of A. C is attempting to open a new page in window A by calling window.open (and specifying window A as the target). Such an attempt is only allowed in-place if one of the following conditions are met:

  • The security context of Window A equals the security context of window C (that is, the host name and zone of the two windows match)
  • Window C is a descendant of window A
  • Window B is window C
  • Window C is a descendant of window B

If none of these conditions are met then the page being opened is forced into a new window.

When Is This Event Logged?

When Windows Internet Explorer forces a page to open in a new window (under the conditions listed in the previous section), then this event is logged.

Example

This example consists of four webpages.

  1. Create a webpage with the following contents. For this example call it PageA.html.

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml" >
    <head>
        <title>Page A</title>
    </head>
    <body>
        <div>
            <h1>Page A</h1>
        </div>
    </body>
    </html>
    
  2. Create another webpage with the following contents. Call it PageB.html.

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml" >
    <head>
        <title>Page B</title>
    </head>
    <body>
        <div>
            <h1>Page B</h1>
    
                  <script language="javascript">
              function OpenWindow(url, name)
              {
                window.open(url, name);
              }
              </script>
    
    
             <form id="Default" action="">
            URL 1 :
            <input type="text" size="40" name="URL1" 
             value="https://localhost/1062/PageA.html" />
            Window Name 1 :
            <input type="text" size="40" name="WindowName1" 
             value="WindowA" />
            <input type="button" value="Open URL 1" 
             onclick="OpenWindow(document.all['URL1'].value, 
             document.all['WindowName1'].value);" />
    
            <br>
    
               URL 2 :
               <input type="text" size="40" name="URL2" 
             value="https://localhost/1062/PageC.html" />
            Window Name 2 :
            <input type="text" size="40" name="WindowName2" 
             value="WindowC" />
            <input type="button" value="Open URL 2" 
             onclick="OpenWindow(document.all['URL2'].value, 
             document.all['WindowName2'].value);" />
             </form>
        </div>
    </body>
    </html>
    
  3. Create another webpage with the following contents. Call it PageC.html.

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    
    <html xmlns="http://www.w3.org/1999/xhtml" >
    <head>
        <title>Page C</title>
    </head>
    <body>
        <div>
            <h1>Page C</h1>
            <a href="PageD.html" target="WindowA">
            Target Window A to Load Page D</a>
        </div>
    </body>
    </html>
    
  4. Create another webpage with the following contents. Call it PageD.html.

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml" >
    <head>
        <title>Page D</title>
    </head>
    <body>
        <div>
            <h1>Page D</h1>
        </div>
    </body>
    </html>
    
  5. Install the files in the root directory of the web server in a folder called "1062". You should end up with a directory structure that looks like this:

    .\wwwroot    .\1062        .\PageA.html        .\PageB.html        .\PageC.html        .\PageD.html

  6. Open a browser to: https://localhost/1062/PageB.html

  7. Click Open URL 1.

  8. Click Open URL 2.

  9. In Page C, click the Target Window A to Load Page D hyperlink. Page D loads in-place in Window A. This is expected. So far we haven't forced Internet Explorer to open a new window.

  10. Close all browser windows except the one containing Page B.

  11. In Page B, change URL 2 to: http://127.0.0.1/1062/PageC.html

    This causes Page C to run in the Internet zone—different from the Intranet zone in which Page A runs.

  12. Click Open URL 1.

  13. Click Open URL 2.

  14. In Page C, click the Target Window A to Load Page D hyperlink. Page D is forced to load in a new window rather than being allowed to open within Window A.

Due to Page C and Page A running in different zones, Page D is forced to open in a new window. This results in a Windows Reuse Navigation Restriction event, which is logged to the Internet Explorer Compatibility Test Tool.

Remediation

You should be aware of how this feature works and design your site to take the behavior into account. However, you can modify the registry to disable this feature.

Security Warning: It is not recommended that you leave this feature disabled on an on-going basis since doing so circumvents a security feature that exposes your Web application (and potentially the end user) to attack. Disabling the feature should only be used as a temporary measure during troubleshooting.

You disable the Windows Reuse Navigation Restriction with a feature control registry key (FEATURE_Isolate_Named_Windows). This can be achieved by adding the following registry key:

HKEY_CURRENT_USER
   SOFTWARE
      Microsoft
         Internet Explorer
            MAIN
               FeatureControl
                  FEATURE_Isolate_Named_Windows
                     iexplore.exe = 0x00000000

For more information on how to use feature control keys, see Introduction to Feature Controls.

Internet Explorer Application Compatibility

Events 1056 through 1073