Can anybody explain how the following javascript variables: document.referrer document.location.href or the http REFERRER

Question

0

Asked: June 16, 20262026-06-16T09:28:45+00:00 2026-06-16T09:28:45+00:00

Can anybody explain how the following javascript variables: document.referrer document.location.href or the http REFERRER

0

Can anybody explain how the following javascript variables:

document.referrer
document.location.href

or the http REFERRER header, could come to be ‘javascript:window[“contents”]’ ?

Not only do I not understand how they could be set to a javascript uri – but window.contents isn’t a standard DOM attribute in any browser that I know of… (It is window[“contents”], not window[“content”])

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-16T09:28:47+00:00

I believe I found the solution to this..

There are some javascripts in the wild which seem to create iframes using code (something) like this:

var contents = '<html>......</html>';
var ifr = document.createElement('iframe');
ifr.contentWindow.open();
ifr.contentWindow.write(contents);

some particular combination of this sometimes ends up specifying either the href of the iframe , or the referrer, as “javascript:window[‘contents’]” – i.e. the javascript variable which temporarily holds the page data.

(still not completely finalized on the details, but that’s the basic idea)

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Can anybody explain how the following javascript variables: document.referrer document.location.href or the http REFERRER

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply