Showing posts with label Safari. Show all posts
Showing posts with label Safari. Show all posts

Tuesday, 4 February 2014

Safari: Setting third party iframe cookies

Safari is known to be strict about permissions in iframes, especially when the domain of the iframe page is different from the domain of the parent page. Some would even say paranoically strict.

Safari will block you from setting cookies for the third-party domain (the different domain in the iframe), unless you already have cookies set for that domain.

Here's a snippet of javascript I pulled together last week that as a way to get around the iframe cookie security. It works great if your page is nice and light and loads fast, otherwise it can feel pretty clunky with the triple loading...

window.onload=function(){
 if(navigator.userAgent.indexOf('Safari')!=-1&&navigator.userAgent.indexOf('Chrome')==-1){
  var cookies=document.cookie;
  if(top.location!=document.location){
   if(!cookies){
    href=document.location.href;
    href=(href.indexOf('?')==-1)?href+'?':href+'&';
    top.location.href =href+'reref='+encodeURIComponent(document.referrer);
   }
  } else {
   ts=new Date().getTime();document.cookie='ts='+ts;
   rerefidx=document.location.href.indexOf('reref=');
   if(rerefidx!=-1){
    href=decodeURIComponent(document.location.href.substr(rerefidx+6));
    window.location.replace(href);
   }
  }
 }
}

Here's what it basically does:
  • The javascript is placed in the page loaded inside the iframe. 
  • If the JS is run inside the iframe and the browser is Safari and there are no cookies set, then we frame-burst the page to take over the window and append the original parent page URL as a parameter. 
  • If the JS is run not inside a frame and the browser is Safari, then we set a timestamp cookie (now that we are out of the iframe) and if a reref param exists we redirect back to the original page.
  • If the JS is run inside the iframe and the browser is Safari and there ARE cookies set, then we do nothing.

And one more time in pseudo-code

if(browser is Safari){
 if(we are in an iframe){
  if(no cookies){
   set window_url = iframe_url + reref=iframe_parent_url;
  }
 } else {
  set a timestamp cookie;
  if(reref exists in url){
   redirect to original url so we have iframe again
  }
 }
}

Monday, 22 July 2013

Checking A File's Upload Size In The Browser

This really just a quick note so I don't lose the code snippet I just used...

I'm working on a form which allows users to upload a file, but we want to stop them uploading giant things. Ultimately the server's maximum upload filesize will stop anything too huge getting through, but it's nice to remind people of the limit before they bother uploading.

This is a great little snippet to do that in current versions of Chrome, Firefox and Safari.

$('#contact_file').bind('change', function() { 
  filebytes = this.files[0].size;
  if(filebytes>1024*1024*5) {
    alert("The file you selected is TOO LARGE and will be rejected by the server. Please select a smaller file."); 
  }
});

If you can't work out what is happening there, then "contact_file" is the id from your file input and 1024*1024*5 is the limit you want to impose, in this case 5MB. Don't forget to check that the server side limit is in line with this.

It won't work in IE* or some older browser versions, but it's a nice extra courtesy for users where it can be executed. You could also hook it up to the submit button if you want to do a check at that stage.

*Apparently there's an ActiveX thing you can do for IE users, but I am not so inclined.