A PHP Error was encountered

Severity: Notice

Message: Trying to get property 'plaintext' of non-object

Filename: models/Crawler_model.php

Line Number: 228

Backtrace:

File: /var/www/html/KOL/voice/application/models/Crawler_model.php
Line: 228
Function: _error_handler

File: /var/www/html/KOL/voice/application/controllers/Pages.php
Line: 336
Function: get_dev_google_article

File: /var/www/html/KOL/voice/public/index.php
Line: 319
Function: require_once

A PHP Error was encountered

Severity: Notice

Message: Trying to get property 'plaintext' of non-object

Filename: models/Crawler_model.php

Line Number: 229

Backtrace:

File: /var/www/html/KOL/voice/application/models/Crawler_model.php
Line: 229
Function: _error_handler

File: /var/www/html/KOL/voice/application/controllers/Pages.php
Line: 336
Function: get_dev_google_article

File: /var/www/html/KOL/voice/public/index.php
Line: 319
Function: require_once

疑難雜症萬事通 - 關於 javascript window opener location close ,我們在網路上蒐集到這些相關的討論、資訊與評價
疑難雜症萬事通
在網路上遇到任何問題都可以在這邊找找看唷

Search

關於 javascript window opener location close ,我們在網路上蒐集到這些相關的討論、資訊與評價

相關標籤 相關照片 相關影片
社群媒體上有些相關的討論:

javascript window opener location close 在 JavaScript popup window - YouTube 的推薦與評價

影片讀取中

To open a popup window, use window.open() method. ... the browser navigation bar location (yes/no ... ... <看更多>

javascript window opener location close 在 About rel=noopener - GitHub Pages 的推薦與評價

However, the malicious.html document in this new tab has a window.opener ... are on different origins — window.opener.location is accessible across origins! ... <看更多>

javascript window opener location close 在 Using OAuth 2.0 for JavaScript Web Applications - Google ... 的推薦與評價






This document explains how to implement OAuth 2.0 authorization to access
the YouTube Data API from a JavaScript web application. OAuth 2.0 allows users to
share specific data with an application while keeping their usernames, passwords, and other
information private.
For example, an application can use OAuth 2.0 to obtain permission
to upload videos to a user's YouTube channel.

This OAuth 2.0 flow is called the implicit grant flow. It is designed for
applications that access APIs only while the user is present at the application. These
applications are not able to store confidential information.

In this flow, your app opens a Google URL that uses query parameters to identify your app
and the type of API access that the app requires. You can open the URL in the current browser
window or a popup. The user can authenticate with Google and grant the requested permissions.
Google then redirects the user back to your app. The redirect includes an access token, which
your app verifies and then uses to make API requests.

Google APIs Client Library and Google Identity Services

If you use Google APIs client library for JavaScript
to make authorized calls to Google, you should use
Google Identity Services JavaScript library to handle the OAuth 2.0 flow. Please see Google
identity Services' token model, which is
based upon the OAuth 2.0 implicit grant flow.

Note: Given the security implications of getting the implementation
correct, we strongly encourage you to use OAuth 2.0 libraries such as Google identity Services'
token model when interacting with Google's
OAuth 2.0 endpoints. It is a best practice to use well-debugged code provided by others, and
it will help you protect yourself and your users.

Rest of this page details how to interact with Google's OAuth 2.0 endpoints directly without
using any OAuth 2.0 library.


Prerequisites

Enable APIs for your project

Any application that calls Google APIs needs to enable those APIs in the
API Console.

To enable an API for your project:


Open the API Library in the
Google API Console.
If prompted, select a project, or create a new one. Use the Library page to find and enable the YouTube Data API. Find any other
APIs that your application will use and enable those, too.


Create authorization credentials

Any application that uses OAuth 2.0 to access Google APIs must have authorization credentials
that identify the application to Google's OAuth 2.0 server. The following steps explain how to
create credentials for your project. Your applications can then use the credentials to access APIs
that you have enabled for that project.



Go to the Clients page.
Click Create Client.
Select the Web application application type.
Complete the form. Applications that use JavaScript to make authorized Google API requests
must specify authorized JavaScript origins. The origins identify the domains from
which your application can send requests to the OAuth 2.0 server. These origins must adhere
to Google’s validation rules.


Identify access scopes

Scopes enable your application to only request access to the resources that it needs while also
enabling users to control the amount of access that they grant to your application. Thus, there
may be an inverse relationship between the number of scopes requested and the likelihood of
obtaining user consent.

Before you start implementing OAuth 2.0 authorization, we recommend that you identify the scopes
that your app will need permission to access.



The YouTube Data API v3 uses the following scopes:





Scopes

https://www.googleapis.com/auth/youtubeManage your YouTube account
https://www.googleapis.com/auth/youtube.channel-memberships.creatorSee a list of your current active channel members, their current level, and when they became a member
https://www.googleapis.com/auth/youtube.force-sslSee, edit, and permanently delete your YouTube videos, ratings, comments and captions
https://www.googleapis.com/auth/youtube.readonlyView your YouTube account
https://www.googleapis.com/auth/youtube.uploadManage your YouTube videos
https://www.googleapis.com/auth/youtubepartnerView and manage your assets and associated content on YouTube
https://www.googleapis.com/auth/youtubepartner-channel-auditView private information of your YouTube channel relevant during the audit process with a YouTube partner


The OAuth 2.0 API Scopes document contains a full
list of scopes that you might use to access Google APIs.


If your public application uses scopes that permit access to
certain user data, it must complete a verification process. If you see unverified
app on the screen when testing your application, you must submit a
verification request to remove it. Find out more about
unverified apps
and get answers to
frequently asked questions about app verification in the Help Center.


Obtaining OAuth 2.0 access tokens

The following steps show how your application interacts with Google's OAuth 2.0 server to obtain
a user's consent to perform an API request on the user's behalf. Your application must have that
consent before it can execute a Google API request that requires user authorization.



Step 1: Redirect to Google's OAuth 2.0 server

To request permission to access a user's data, redirect the user to Google's OAuth 2.0
server.

OAuth 2.0 Endpoints

Generate a URL to request access from Google's OAuth 2.0 endpoint at
https://accounts.google.com/o/oauth2/v2/auth. This endpoint is accessible over HTTPS;
plain HTTP connections are refused.

The Google authorization server supports the following query string parameters for web
server applications:




Parameters




client_id
Required

The client ID for your application. You can find this value in the
Cloud Console
Clients page.






redirect_uri
Required

Determines where the API server redirects the user after the user completes the
authorization flow. The value must exactly match one of the authorized redirect URIs for
the OAuth 2.0 client, which you configured in your client's
Cloud Console
Clients page. If this value doesn't match an
authorized redirect URI for the provided client_id you will get a
redirect_uri_mismatch error.


Note that the http or https scheme, case, and trailing slash
('/') must all match.








response_type
Required

JavaScript applications need to set the parameter's value to token. This
value instructs the Google Authorization Server to return the access token as a
name=value pair in the fragment identifier of the URI (#) to which
the user is redirected after completing the authorization process.







scope
Required

A
space-delimited
list of scopes that identify the resources that your application could access on the
user's behalf. These values inform the consent screen that Google displays to the
user.

Scopes enable your application to only request access to the resources that it needs
while also enabling users to control the amount of access that they grant to your
application. Thus, there is an inverse relationship between the number of scopes requested
and the likelihood of obtaining user consent.





The YouTube Data API v3 uses the following scopes:





Scopes

https://www.googleapis.com/auth/youtubeManage your YouTube account
https://www.googleapis.com/auth/youtube.channel-memberships.creatorSee a list of your current active channel members, their current level, and when they became a member
https://www.googleapis.com/auth/youtube.force-sslSee, edit, and permanently delete your YouTube videos, ratings, comments and captions
https://www.googleapis.com/auth/youtube.readonlyView your YouTube account
https://www.googleapis.com/auth/youtube.uploadManage your YouTube videos
https://www.googleapis.com/auth/youtubepartnerView and manage your assets and associated content on YouTube
https://www.googleapis.com/auth/youtubepartner-channel-auditView private information of your YouTube channel relevant during the audit process with a YouTube partner

The OAuth 2.0 API Scopes document provides
a full list of scopes that you might use to access Google APIs.




We recommend that your application request access to authorization scopes in context
whenever possible. By requesting access to user data in context, via
incremental authorization, you help users to more easily
understand why your application needs the access it is requesting.






state
Recommended

Specifies any string value that your application uses to maintain state between your
authorization request and the authorization server's response.
The server returns the exact value that you send as a name=value pair in the
URL fragment identifier (#)
of the
redirect_uri after the user consents to or denies your application's
access request.


You can use this parameter for several purposes, such as directing the user to the
correct resource in your application, sending nonces, and mitigating cross-site request
forgery. Since your redirect_uri can be guessed, using a state
value can increase your assurance that an incoming connection is the result of an
authentication request. If you generate a random string or encode the hash of a cookie or
another value that captures the client's state, you can validate the response to
additionally ensure that the request and response originated in the same browser,
providing protection against attacks such as
cross-site request
forgery. See the
OpenID Connect
documentation for an example of how to create and confirm a state token.





Important: The OAuth client must prevent CSRF as called out in the
OAuth2 Specification
. One way to achieve this is by using the state parameter to maintain
state between your authorization request and the authorization server's response.





include_granted_scopes
Optional

Enables applications to use incremental authorization to request access to additional
scopes in context. If you set this parameter's value to true and the
authorization request is granted, then the new access token will also cover any scopes to
which the user previously granted the application access. See the
incremental authorization section for examples.







enable_granular_consent
Optional

Defaults to true. If set to false,
more
granular Google Account permissions
will be disabled for OAuth client IDs created before 2019. No effect for newer
OAuth client IDs, since more granular permissions is always enabled for them.


When Google enables granular permissions for an application, this parameter will no
longer have any effect.






login_hint
Optional

If your application knows which user is trying to authenticate, it can use this parameter
to provide a hint to the Google Authentication Server. The server uses the hint to
simplify the login flow either by prefilling the email field in the sign-in form or by
selecting the appropriate multi-login session.


Set the parameter value to an email address or sub identifier, which is
equivalent to the user's Google ID.







prompt
Optional

A space-delimited, case-sensitive list of prompts to present the user. If you don't
specify this parameter, the user will be prompted only the first time your project
requests access. See
Prompting re-consent for more information.

Possible values are:




none
Do not display any authentication or consent screens. Must not be specified with
other values.


consent
Prompt the user for consent.


select_account
Prompt the user to select an account.






Sample redirect to Google's authorization server

The sample URL below requests offline access
(access_type=offline) to a scope that permits access to view
the user's YouTube account. It uses incremental authorization to ensure that
the new access token covers any scopes to which the user previously granted
the application access. The URL also sets values for the required
redirect_uri, response_type, and
client_id parameters as well as for the state
parameter. The URL contains line breaks and spaces for readability.



 https://accounts.google.com/o/oauth2/v2/auth?
  scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fyoutube.readonly&
  include_granted_scopes=true&
  state=state_parameter_passthrough_value&
  redirect_uri=http%3A%2F%2Flocalhost%2Foauth2callback&
  response_type=token&
  client_id=client_id

After you create the request URL, redirect the user to it.

JavaScript sample code

The following JavaScript snippet shows how to initiate the authorization flow in
JavaScript without using the Google APIs Client Library for JavaScript. Since this OAuth
2.0 endpoint does not support Cross-Origin Resource Sharing (CORS), the snippet creates a
form that opens the request to that endpoint.

/*
  * Create form to request access token from Google's OAuth 2.0 server.
  */
 function oauthSignIn() {
   // Google's OAuth 2.0 endpoint for requesting an access token
   var oauth2Endpoint = 'https://accounts.google.com/o/oauth2/v2/auth';  // Create <form> element to submit parameters to OAuth 2.0 endpoint.
   var form = document.createElement('form');
   form.setAttribute('method', 'GET'); // Send as a GET request.
   form.setAttribute('action', oauth2Endpoint);  // Parameters to pass to OAuth 2.0 endpoint.
   var params = {'client_id': 'YOUR_CLIENT_ID',
                 'redirect_uri': 'YOUR_REDIRECT_URI',
                 'response_type': 'token',
                 'scope': 'https://www.googleapis.com/auth/youtube.force-ssl',
                 'include_granted_scopes': 'true',
                 'state': 'pass-through value'};  // Add form parameters as hidden input values.
   for (var p in params) {
     var input = document.createElement('input');
     input.setAttribute('type', 'hidden');
     input.setAttribute('name', p);
     input.setAttribute('value', params[p]);
     form.appendChild(input);
   }  // Add form to page and submit it to open the OAuth 2.0 endpoint.
   document.body.appendChild(form);
   form.submit();
 }
Step 2: Google prompts user for consent

In this step, the user decides whether to grant your application the requested access. At this
stage, Google displays a consent window that shows the name of your application and the Google API
services that it is requesting permission to access with the user's authorization credentials and
a summary of the scopes of access to be granted. The
user can then consent to grant access to one or more scopes requested by your application or
refuse the request.

Your application doesn't need to do anything at this stage as it waits for the response from
Google's OAuth 2.0 server indicating whether any access was granted. That response is explained in
the following step.


Errors

Requests to Google's OAuth 2.0 authorization endpoint may display user-facing error messages
instead of the expected authentication and authorization flows. Common error codes and suggested
resolutions are listed below.


admin_policy_enforced

The Google Account is unable to authorize one or more scopes requested due to the policies of
their Google Workspace administrator. See the Google Workspace Admin help article

Control which third-party & internal apps access Google Workspace data
for more information about how an administrator may restrict access to all scopes or sensitive and
restricted scopes until access is explicitly granted to your OAuth client ID.



disallowed_useragent

The authorization endpoint is displayed inside an embedded user-agent disallowed by Google's
OAuth 2.0 Policies.



Android

Android developers may encounter this error message when opening authorization requests in
android.webkit.WebView.
Developers should instead use Android libraries such as
Google Sign-In for Android or OpenID Foundation's
AppAuth for Android.


Web developers may encounter this error when an Android app opens a general web link in an
embedded user-agent and a user navigates to Google's OAuth 2.0 authorization endpoint from
your site. Developers should allow general links to open in the default link handler of the
operating system, which includes both
Android App Links
handlers or the default browser app. The
Android Custom Tabs
library is also a supported option.



iOS

iOS and macOS developers may encounter this error when opening authorization requests in
WKWebView.
Developers should instead use iOS libraries such as
Google Sign-In for iOS or OpenID Foundation's
AppAuth for iOS.


Web developers may encounter this error when an iOS or macOS app opens a general web link in
an embedded user-agent and a user navigates to Google's OAuth 2.0 authorization endpoint from
your site. Developers should allow general links to open in the default link handler of the
operating system, which includes both
Universal Links
handlers or the default browser app. The
SFSafariViewController
library is also a supported option.





org_internal

The OAuth client ID in the request is part of a project limiting access to Google Accounts in a
specific

Google Cloud Organization.
For more information about this configuration option see the
User type
section in the Setting up your OAuth consent screen help article.




invalid_client

The origin from which the request was made is not authorized for this client. See
origin_mismatch.




invalid_grant



When using incremental authorization, the token may have expired
or has been invalidated.
Authenticate the user again and ask for user consent to obtain new tokens. If you are continuing
to see this error, ensure that your application has been configured correctly and that you are
using the correct tokens and parameters in your request. Otherwise, the user account may have
been deleted or disabled.




origin_mismatch

The scheme, domain, and/or port of the JavaScript originating the authorization request may not
match an authorized JavaScript origin URI registered for the OAuth client ID. Review authorized
JavaScript origins in the Google Cloud Console
Clients page.




redirect_uri_mismatch

The redirect_uri passed in the authorization request does not match an authorized
redirect URI for the OAuth client ID. Review authorized redirect URIs in the
Google Cloud Console
Clients page.


The scheme, domain, and/or port of the JavaScript originating the authorization request may not
match an authorized JavaScript origin URI registered for the OAuth client ID. Review
authorized JavaScript origins in the
Google Cloud Console
Clients page.


The redirect_uri parameter may refer to the OAuth out-of-band (OOB) flow that has
been deprecated and is no longer supported. Refer to the
migration guide to update your
integration.



invalid_request

There was something wrong with the request you made. This could be due to a number of reasons:


The request was not properly formatted
The request was missing required parameters
The request uses an authorization method that Google doesn't support. Verify your OAuth
integration uses a recommended integration method



Step 3: Handle the OAuth 2.0 server response
OAuth 2.0 Endpoints Important:
Before handling the OAuth 2.0 response, you should confirm that the
state received from Google matches the state sent in the
authorization request. This verification helps to ensure that the user, not a malicious
script, is making the request and reduces the risk of
CSRF attacks.

The OAuth 2.0 server sends a response to the redirect_uri specified in your
access token request.

If the user approves the request, then the response contains an access token. If the user
does not approve the request, the response contains an error message. The access token or
error message is returned on the hash fragment of the redirect URI, as shown below:


An access token response:



 https://oauth2.example.com/callback#access_token=4/P7q7W91&token_type=Bearer&expires_in=3600

In addition to the access_token parameter, the fragment string also
contains the token_type parameter, which is always set to
Bearer, and the expires_in parameter, which specifies the
lifetime of the token, in seconds. If the state parameter was specified
in the access token request, its value is also included in the response.


An error response:

 https://oauth2.example.com/callback#error=access_denied


Note: Your application should ignore any additional, unrecognized
fields included in the query string. Sample OAuth 2.0 server response


You can test this flow by clicking on the following sample URL, which requests
read-only access to view metadata for files in your Google Drive and read-only
access to view your Google Calendar events:


 https://accounts.google.com/o/oauth2/v2/auth?
  scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fyoutube.readonly&
  include_granted_scopes=true&
  state=state_parameter_passthrough_value&
  redirect_uri=http%3A%2F%2Flocalhost%2Foauth2callback&
  response_type=token&
  client_id=client_id

After completing the OAuth 2.0 flow, you will be redirected to
http://localhost/oauth2callback. That URL will yield a
404 NOT FOUND error unless your local machine happens to serve a file at
that address. The next step provides more detail about the information returned in the
URI when the user is redirected back to your application.

Step 4: Check which scopes users granted

When requesting multiple permissions (scopes), users may not grant your app access to
all of them. Your app must verify which scopes were actually granted and gracefully handle
situations where some permissions are denied, typically by disabling the features that rely
on those denied scopes.

However, there are exceptions. Google Workspace Enterprise apps with
domain-wide delegation of authority,
or apps marked as
Trusted,
bypass the granular permissions consent screen. For these apps, users won't see the
granular permission consent screen. Instead, your app will either receive all requested
scopes or none.

For more detailed information, see
How to handle granular permissions.


OAuth 2.0 Endpoints


To check whether the user has granted your application access to a particular scope,
exam the scope field in the access token response. The scopes of access granted by
the access_token expressed as a list of space-delimited, case-sensitive strings.


For example, the following sample access token response indicates that the user has granted your
application permission to see, edit, and permanently delete user's YouTube videos, ratings,
comments and captions:

  {
     "access_token": "1/fFAGRNJru1FTz70BzhT3Zg",
     "expires_in": 3920,
     "token_type": "Bearer",
     "scope": "https://www.googleapis.com/auth/youtube.force-ssl",
     "refresh_token": "1//xEoDL4iW3cxlI7yDbSRFYNG01kVKM2C-259HOF2aQbI"
   }


Calling Google APIs
OAuth 2.0 Endpoints

After your application obtains an access token, you can use the token to make calls to a Google
API on behalf of a given
user account if the scope(s) of access required by the API have been granted. To do this, include
the access token in a request to the API by including either an access_token query
parameter or an Authorization HTTP header Bearer value. When possible,
the HTTP header is preferable, because query strings tend to be visible in server logs. In most
cases you can use a client library to set up your calls to Google APIs (for example, when
calling the YouTube Data API).

Note that the YouTube Data API supports service accounts only for YouTube
content owners that own and manage multiple YouTube channels, such as record
labels and movie studios.

You can try out all the Google APIs and view their scopes at the
OAuth 2.0 Playground.

HTTP GET examples

A call to the

youtube.channels
endpoint (the YouTube Data API) using the Authorization: Bearer HTTP
header might look like the following. Note that you need to specify your own access token:


 GET /youtube/v3/channels?part=snippet&mine=true HTTP/1.1
 Host: www.googleapis.com
 Authorization: Bearer access_token

Here is a call to the same API for the authenticated user using the access_token
query string parameter:


 GET https://www.googleapis.com/youtube/v3/channels?access_token=access_token&part=snippet&mine=true
curl examples

You can test these commands with the curl command-line application. Here's an
example that uses the HTTP header option (preferred):


 curl -H "Authorization: Bearer access_token" https://www.googleapis.com/youtube/v3/channels?part=snippet&mine=true

Or, alternatively, the query string parameter option:


 curl https://www.googleapis.com/youtube/v3/channels?access_token=access_token&part=snippet&mine=true
JavaScript sample code

The code snippet below demonstrates how to use CORS (Cross-origin resource sharing) to send a
request to a Google API. This example does not use the Google APIs Client Library for JavaScript.
However, even if you are not using the client library, the
CORS support guide in that library's documentation will likely help you
to better understand these requests.

In this code snippet, the access_token variable represents the token you have
obtained to make API requests on the authorized user's behalf. The complete
example demonstrates how to store that token in the browser's local storage and retrieve it
when making an API request.

var xhr = new XMLHttpRequest();
 xhr.open('GET',
     'https://www.googleapis.com/youtube/v3/channels?part=snippet&mine=true&' +
     'access_token=' + params['access_token']);
 xhr.onreadystatechange = function (e) {
   console.log(xhr.response);
 };
 xhr.send(null);


Complete example
OAuth 2.0 Endpoints

This code sample demonstrates how to complete the OAuth 2.0 flow in JavaScript without using the
Google APIs Client Library for JavaScript. The code is for an HTML page that displays a button to
try an API request. If you click the button, the code checks to see whether the page has stored an
API access token in your browser's local storage. If so, it executes the API request. Otherwise,
it initiates the OAuth 2.0 flow.

For the OAuth 2.0 flow, the page follows these steps:


It directs the user to Google's OAuth 2.0 server, which requests access to the
https://www.googleapis.com/auth/youtube.force-ssl scope.
After granting (or denying) access to one or more requested scopes, the user is redirected to
the original page, which parses the access token from the fragment identifier string.
The page checks which scopes user has granted access to the application.

If the user has granted access to the requested scope()s, the page uses the access
token to make the sample API request.



This API request calls the YouTube Data API's channels.list method
to retrieve data about the authorized user's YouTube channel.


If the request executes successfully, the API response is logged in the browser's debugging
console.

You can revoke access to the app through the
Permissions page for your
Google Account. The app will be listed as OAuth 2.0 Demo for Google API Docs.

To run this code locally, you need to set values for the YOUR_CLIENT_ID and
YOUR_REDIRECT_URI variables that correspond to your
authorization credentials. The YOUR_REDIRECT_URI variable
should be set to the same URL where the page is being served. The value must exactly match one of
the authorized redirect URIs for the OAuth 2.0 client, which you configured in the
Cloud Console
Clients page. If
this value doesn't match an authorized URI, you will get a redirect_uri_mismatch
error. Your project must also have
enabled the appropriate API for this request.

<html><head></head><body>
 <script>
   var YOUR_CLIENT_ID = 'REPLACE_THIS_VALUE';
   var YOUR_REDIRECT_URI = 'REPLACE_THIS_VALUE';  // Parse query string to see if page request is coming from OAuth 2.0 server.
   var fragmentString = location.hash.substring(1);
   var params = {};
   var regex = /([^&=]+)=([^&]*)/g, m;
   while (m = regex.exec(fragmentString)) {
     params[decodeURIComponent(m[1])] = decodeURIComponent(m[2]);
   }
   if (Object.keys(params).length > 0 && params['state']) {
     if (params['state'] == localStorage.getItem('state')) {
       localStorage.setItem('oauth2-test-params', JSON.stringify(params) );      trySampleRequest();
     } else {
       console.log('State mismatch. Possible CSRF attack');
     }
   }  // Function to generate a random state value
   function generateCryptoRandomState() {
     const randomValues = new Uint32Array(2);
     window.crypto.getRandomValues(randomValues);    // Encode as UTF-8
     const utf8Encoder = new TextEncoder();
     const utf8Array = utf8Encoder.encode(
       String.fromCharCode.apply(null, randomValues)
     );    // Base64 encode the UTF-8 data
     return btoa(String.fromCharCode.apply(null, utf8Array))
       .replace(/\+/g, '-')
       .replace(/\//g, '_')
       .replace(/=+$/, '');
   }  // If there's an access token, try an API request.
   // Otherwise, start OAuth 2.0 flow.
   function trySampleRequest() {
     var params = JSON.parse(localStorage.getItem('oauth2-test-params'));
     if (params && params['access_token']) { 
       var xhr = new XMLHttpRequest();
       xhr.open('GET',
           'https://www.googleapis.com/youtube/v3/channels?part=snippet&mine=true&' +
           'access_token=' + params['access_token']);
       xhr.onreadystatechange = function (e) {
         if (xhr.readyState === 4 && xhr.status === 200) {
           console.log(xhr.response);
         } else if (xhr.readyState === 4 && xhr.status === 401) {
           // Token invalid, so prompt for user permission.
           oauth2SignIn();
         }
       };
       xhr.send(null); 
     } else {
       oauth2SignIn();
     }
   }  /*
    * Create form to request access token from Google's OAuth 2.0 server.
    */
   function oauth2SignIn() {
     // create random state value and store in local storage
     var state = generateCryptoRandomState();
     localStorage.setItem('state', state);    // Google's OAuth 2.0 endpoint for requesting an access token
     var oauth2Endpoint = 'https://accounts.google.com/o/oauth2/v2/auth';    // Create element to open OAuth 2.0 endpoint in new window.
     var form = document.createElement('form');
     form.setAttribute('method', 'GET'); // Send as a GET request.
     form.setAttribute('action', oauth2Endpoint);    // Parameters to pass to OAuth 2.0 endpoint.
     var params = {'client_id': YOUR_CLIENT_ID,
                   'redirect_uri': YOUR_REDIRECT_URI,
                   'scope': 'https://www.googleapis.com/auth/youtube.force-ssl',
                   'state': state,
                   'include_granted_scopes': 'true',
                   'response_type': 'token'};    // Add form parameters as hidden input values.
     for (var p in params) {
       var input = document.createElement('input');
       input.setAttribute('type', 'hidden');
       input.setAttribute('name', p);
       input.setAttribute('value', params[p]);
       form.appendChild(input);
     }    // Add form to page and submit it to open the OAuth 2.0 endpoint.
     document.body.appendChild(form);
     form.submit();
   }
 </script><button onclick="trySampleRequest();">Try sample request</button>
 </body></html>

JavaScript origin validation rules

Google applies the following validation rules to JavaScript origins in order to help
developers keep their applications secure. Your JavaScript origins must adhere to these rules.
See RFC 3986 section 3 for the
definition of domain, host and scheme, mentioned below.






Validation rules




Scheme


JavaScript origins must use the HTTPS scheme, not plain HTTP. Localhost URIs
(including localhost IP address URIs) are exempt from this rule.





Host

Hosts cannot be raw IP addresses. Localhost IP addresses are exempted from this rule.




Domain

Host TLDs
(Top Level Domains)
must belong to the public suffix list.
Host domains cannot be “googleusercontent.com”.

JavaScript origins cannot contain URL shortener domains (e.g. goo.gl)
unless the app owns the domain.



Userinfo


JavaScript origins cannot contain the userinfo subcomponent.





Path


JavaScript origins cannot contain the path component.





Query


JavaScript origins cannot contain the query component.





Fragment


JavaScript origins cannot contain the fragment component.





Characters


JavaScript origins cannot contain certain characters including:

Wildcard characters ('*')
Non-printable ASCII characters
Invalid percent encodings (any percent encoding that does not follow URL-encoding
form of a percent sign followed by two hexadecimal digits)
Null characters (an encoded NULL character, e.g., %00,
%C0%80)





Incremental authorization

In the OAuth 2.0 protocol, your app requests authorization to access resources, which are
identified by scopes. It is considered a best user-experience practice to request authorization
for resources at the time you need them. To enable that practice, Google's authorization server
supports incremental authorization. This feature lets you request scopes as they are needed and,
if the user grants permission for the new scope, returns an authorization code that may be
exchanged for a token containing all scopes the user has granted the project.


For example, suppose an app helps users identify interesting local events.
The app lets users view videos about the events, rate the videos, and add the
videos to playlists. Users can also use the app to add events to their Google
Calendars.

In this case, at sign-in time, the app might not need or request access to
any scopes. However, if the user tried to rate a video, add a video to a
playlist, or perform another YouTube action, the app could request access to
the https://www.googleapis.com/auth/youtube.force-ssl scope.
Similarly, the app could request access to the
https://www.googleapis.com/auth/calendar scope if the user tried
to add a calendar event.


The following rules apply to an access token obtained from an incremental authorization:


The token can be used to access resources corresponding to any of the scopes rolled into the
new, combined authorization.
When you use the refresh token for the combined authorization to obtain an access token, the
access token represents the combined authorization and can be used for any of the
scope values included in the response.
The combined authorization includes all scopes that the user granted to the API project even
if the grants were requested from different clients. For example, if a user granted access to
one scope using an application's desktop client and then granted another scope to the same
application via a mobile client, the combined authorization would include both scopes.
If you revoke a token that represents a combined authorization, access to all of that
authorization's scopes on behalf of the associated user are revoked simultaneously.
Caution: choosing to include granted scopes will automatically add
scopes previously granted by the user to your authorization request. A warning or error page may
be displayed if your app is not currently approved to request all scopes that may be returned in
the response. See
Unverified apps for
more information.

The code samples below show how to add scopes to an existing access token. This approach allows
your app to avoid having to manage multiple access tokens.


OAuth 2.0 Endpoints

In this example, the calling application requests access to retrieve the
user's YouTube Analytics data in addition to any other access that the user
has already granted to the application.

To add scopes to an existing access token, include the include_granted_scopes
parameter in your request to Google's OAuth 2.0 server.

The following code snippet demonstrates how to do that. The snippet assumes that you have stored
the scopes for which your access token is valid in the browser's local storage. (The
complete example code stores a list of scopes for which the access token
is valid by setting the oauth2-test-params.scope property in the browser's local
storage.)

The snippet compares the scopes for which the access token is valid to the scope you want to use
for a particular query. If the access token does not cover that scope, the OAuth 2.0 flow starts.
Here, the oauth2SignIn function is the same as the one that was provided in
step 2 (and that is provided later in the complete
example).

var SCOPE = 'https://www.googleapis.com/auth/youtube.force-ssl';
 var params = JSON.parse(localStorage.getItem('oauth2-test-params'));var current_scope_granted = false;
 if (params.hasOwnProperty('scope')) {
   var scopes = params['scope'].split(' ');
   for (var s = 0; s < scopes.length; s++) {
     if (SCOPE == scopes[s]) {
       current_scope_granted = true;
     }
   }
 }if (!current_scope_granted) {
   oauth2SignIn(); // This function is defined elsewhere in this document.
 } else {
   // Since you already have access, you can proceed with the API request.
 }


Revoking a token

In some cases a user may wish to revoke access given to an application. A user can revoke access
by visiting
Account Settings. See the
Remove
site or app access section of the Third-party sites & apps with access to your account
support document for more information.

It is also possible for an application to programmatically revoke the access given to it.
Programmatic revocation is important in instances where a user unsubscribes, removes an
application, or the API resources required by an app have significantly changed. In other words,
part of the removal process can include an API request to ensure the permissions previously
granted to the application are removed.

OAuth 2.0 Endpoints

To programmatically revoke a token, your application makes a request to
https://oauth2.googleapis.com/revoke and includes the token as a parameter:


 curl -d -X -POST --header "Content-type:application/x-www-form-urlencoded" \
         https://oauth2.googleapis.com/revoke?token={token}

The token can be an access token or a refresh token. If the token is an access token and it has a
corresponding refresh token, the refresh token will also be revoked.


Note: Google's OAuth 2.0 endpoint for revoking tokens supports JSONP and
form submissions. It does not support Cross-origin Resource Sharing (CORS).

If the revocation is successfully processed, then the HTTP status code of the response is
200. For error conditions, an HTTP status code 400 is returned along
with an error code.


The following JavaScript snippet shows how to revoke a token in JavaScript without using the
Google APIs Client Library for JavaScript. Since the Google's OAuth 2.0 endpoint for revoking
tokens does not support Cross-origin Resource Sharing (CORS), the code creates a form and submits
the form to the endpoint rather than using the XMLHttpRequest() method to post the
request.

function revokeAccess(accessToken) {
   // Google's OAuth 2.0 endpoint for revoking access tokens.
   var revokeTokenEndpoint = 'https://oauth2.googleapis.com/revoke';  // Create <form> element to use to POST data to the OAuth 2.0 endpoint.
   var form = document.createElement('form');
   form.setAttribute('method', 'post');
   form.setAttribute('action', revokeTokenEndpoint);  // Add access token to the form so it is set as value of 'token' parameter.
   // This corresponds to the sample curl request, where the URL is:
   //      https://oauth2.googleapis.com/revoke?token={token}
   var tokenField = document.createElement('input');
   tokenField.setAttribute('type', 'hidden');
   tokenField.setAttribute('name', 'token');
   tokenField.setAttribute('value', accessToken);
   form.appendChild(tokenField);  // Add form to page and submit it to actually revoke the token.
   document.body.appendChild(form);
   form.submit();
 }

Note: Following a successful revocation response, it might take some
time before the revocation has full effect.

Implementing Cross-Account Protection


An additional step you should take to protect your users' accounts is implementing Cross-Account
Protection by utilizing Google's Cross-Account Protection Service. This service lets you
subscribe to security event notifications which provide information to your application about
major changes to the user account. You can then use the information to take action depending on
how you decide to respond to events.



Some examples of the event types sent to your app by Google's Cross-Account Protection Service are:




https://schemas.openid.net/secevent/risc/event-type/sessions-revoked


https://schemas.openid.net/secevent/oauth/event-type/token-revoked


https://schemas.openid.net/secevent/risc/event-type/account-disabled



See the

Protect user accounts with Cross-Account Protection page

for more information on how to implement Cross Account Protection and for the full list of available events.





... <看更多>

你可能也想看看
window.opener null
Javascript child window close event
Parent window opener
Window parent close
Javascript window close ios
window.opener chrome
PHP close window
Window Location reload false
搜尋相關連結

#1. Open popup and refresh parent page on close popup - Stack ...

open in JavaScript, I want to refresh parent page when I close this popup window.(onclose event?) how can I do that? window.open("foo.html"," ...

#2. window.opener用法(在子窗體中獲得父窗體的方法) - IT閱讀

window.opener.location="javascript:reloadPage();"; window.close(); } function window.onbeforeunload(){ if(!hasClosed){

#3. window.opener.location.reload() - CodeProject

close ()"; strScript += "</script>"; ClientScript.RegisterClientScriptBlock(this.GetType(), "AddDetail", strScript); I m using the above code to ...

#4. Window.closed - Web APIs | MDN

Check that an opener exists and is not closed if (window.opener && !window.opener.closed) { window.opener.location.href ...

#5. Close popup window and navigate to another page - Caspio ...

Hi, I use the script below to close a popup window containing a submission form. ... //window.opener.location.href = "url popup window";.

#6. How do you close popup window and reload the Parent page?

<script> function CloseAndRefresh(){ window.opener.location.href="/{!$CurrentPage.parameters.yourAccountIdParamName}"; window.top.close(); }

#7. JavaScript window.close() 關閉視窗語法 - Wibibi

window.close 是一個關閉瀏覽器視窗的語法,常見的應用如,當網友在本來的網頁透過window.open 開啟一個新的視窗顯示部分的網頁內容或標示,網友看完後需給他們.

#8. Close popup and reload parent - JavaScript - SitePoint Forums

echo('<script language="Javascript">opener.window.location.reload(false); window.close();</script>');. hal10001 October 7, 2005, 5:20pm #3.

#9. Window opener Property - W3Schools

myWindow.opener.document.write("<p>This is the source window!</p>"); ... Coding Tip: window.opener.close() will close the source (parent) window.

#10. How to close window using JavaScript which is opened by the ...

open () method. The current URL can be accessed using the location property of the window object. The target attribute or name value of the ...

#11. Popups and window methods - The Modern JavaScript Tutorial

The initial idea was to show another content without closing the main ... The syntax to open a popup is: window.open(url, name, params) :.

#12. [樂意黎原創] window.close()提示"Scripts may close ... - 程式前沿

Scripts may close only the windows that were opened by it. 搜了半天居然沒有答案;所以我自己發上來以便別人需要. 關閉當前頁面js. open(location, ' ...

#13. window.location.close Code Example

myWindow.close();. 18. } 19. </script>. 20. ​. 21. </body>. 22. </html>. 23. ​. window.open javascript auto close. javascript by Upset Unicorn on Dec 04 ...

#14. window.opener.location not working for cross site movement ...

child will close its self and parent will be redirected to the new url. Parent code ( http://web1.abc.com/parent.aspx ): function Popup( ...

#15. 关闭新界面,刷新父界面-window.opener.location.reload()

子窗口关闭,并刷新父窗口-window.opener.location.reload() ... C界面关闭B界面,刷新A界面,在C界面添加这段JS, ... window.parent.close();

#16. js jquery 关闭弹出页面并刷新父页面(window.opener)

function Closepage() { if (window.opener && !window.opener.closed) { window.parent.opener.location.reload(); } window.close(); ...

#17. Determining whether a browser window is open or not

The closed property tells you whether a window opened using window.open() is still open or not. You see, once a window is opened (using JavaScript), ...

#18. 关闭子窗体时刷新父页面 - 51CTO博客

1 $(function () { 2 window.onbeforeunload = function (event) { 3 window.opener.location.href = window.opener.location.href; ...

#19. window.opener方法的使用刷新父页面_小贝de-程序员资料

document.domain = 'focus.cn'; window.opener.location.href = 'http://jia.focus.cn'; window.close(); </script> 通常在使用window.opener的时候要去判断父窗口的 ...

#20. javascript怎麼實現頁面關閉 - tw511教學網

不帶任何提示關閉視窗的js程式碼. 程式碼如下: <a href="javascript:window.opener=null;window.open('','_self');window.close();">關閉</a>.

#21. Javascript:window.close()不起作用?_步行者的专栏 - 程序员宅 ...

一般的窗口关闭的JS如下写法: window.close()但是呢,chrome,firefox等中有时候会不起作用。改为下面的写法: window.open("about:blank","_self").close() 或者 ...

#22. window.opener.location.href is null or not an object resolved

ClientScript.RegisterStartupScript(this.GetType(), "close",. "<script language=javascript>window.opener.location.reload(true);self ...

#23. Refresh GridView in Parent Page - HighOnCoding

The href tag will open a new popup window which will be used to insert the data into ... You can do this by simply attaching the JavaScript "window.close()" ...

#24. check if window opener exists - WebDeveloper.com Forums

indicated the parent was open after I closed it. ... also checked for a property on the opener (e.g., [font=courier]opener.document[/font]).

#25. window.showModalDialog)父窗口與子窗口之間的操作 - 台部落

總結JavaScript(Iframe、window.open、window. ... (1)、window.parent.location.href=window.parent.location.href; ... window.parent.close();.

#26. js关闭当前页面(窗口)的几种方式总结 - 张生荣

<a href="javascript:window.opener=null;window.close();">关闭</a>如果是按钮则: ... 如果你点了确定就返回真,就执行window.location.href='default.aspx'代码, ...

#27. Passing of value from Child to parent window - Plus2net

So the value we enter in a child window we can pass to main by using opener.document object model. Opening closing & Passing data from Child window to ...

#28. close and refresh opener window iframe - Highcharts

onClick="return parent.hs.close(document.getElementById('polledit'))";window.opener.location.reload(); This doesn't work. Any suggestions ?

#29. Javascript Open New Window Not Tab - Feininger Music Group

In this tutorial you will learn javascript window open and close methods tutorial in Hindi, Urdu. The window object represents a window in browser. same ...

#30. Every known way to get references to windows, in javascript

var existingWin = window.open('', 'windowName');. This will even work if the popup window was opened from a different frame on the same domain ...

#31. How to open a new browser window from my JSF page?

How to initiate a Javascript call from server side? · Closing the popup window · Submit form and close the popup window.

#32. Colorbox - a jQuery lightbox - Jack Moore

Removes all traces of Colorbox from the document. Not the same as $.colorbox.close(), which tucks colorbox away for future use. Event Hooks. These event hooks ...

#33. Managing JavaScript "popup" windows - Article - Codestore.net

When you use the JavaScript window.open method to open a new browser window ... Is there a way to automaticly close a pop up window or any window for that ...

#34. JavaScript popup window - YouTube

To open a popup window, use window.open() method. ... the browser navigation bar location (yes/no ...

#35. Page | Playwright

Emitted when JavaScript within the page calls one of console API methods, ... For example, when opening a popup with window.open('http://example.com') ...

#36. How to auto close the parent / opener window without ...

How to auto close the parent / opener window without confirmation!. Javascript Forums on Bytes.

#37. JavaScript - Onclick Confirm Then Window.location

Window.location.hostname Or Document.location.hostname ... if (r==true) { window.open("http://www.yahoo.com"); } else { window.close(); } ...

#38. How to stop reload page in javascript

Jan 25, 2013 · 3. hi, iam using the following javascript a page opener. ... event for the button using ajax and then close the dialog. location as object.

#39. About rel=noopener - GitHub Pages

However, the malicious.html document in this new tab has a window.opener ... are on different origins — window.opener.location is accessible across origins!

#40. Fix "Aw, Snap!" page crashes and other page loading errors

Open the page in an Incognito window ... Step 3: Close other tabs or apps ... Close every tab except for the one that's showing the error message.

#41. MDPI - Publisher of Open Access Journals

MDPI is a publisher of peer-reviewed, open access journals since its establishment in 1996.

#42. Browser Setting - IRCTC

Enable java script in Microsoft Internet Explorer. ... and close the Security Settings; Dialog box, then OK again to close the Internet Options dialog box.

#43. Custom Pop-Up Window Using jQuery - C# Corner

I have used this method to close the window. JavaScript code and explanation. $(document).ready(function () { ...

#44. Serverless web app workflow | Documentation

Or open the authorization page in a popup window: ... getElementById('sign-in'); // do this on a button click to avoid popup blockers document.

#45. JS子父窗口互相取值赋值详解介绍 - 一聚教程网

javascript :;" onclick="openWin('searchPic');">图片 ... window.close(); // 关闭窗口 } ... window.opener.location.href //获取父窗口href

#46. Security and privacy - Opera Help

To do this, open the ad blocker pop-up window in the combined address and search ... From the point of view of websites, your browser is now located in the ...

#47. Browser Window - Dynamic Drive

Drag or resize the window widget on the page, minimize or close it, ... the page whenever the modal window is open, requiring the user to explicitly close ...

#48. BrowserStack: Most Reliable App & Cross Browser Testing ...

Instant access to 3000+ browsers and real iOS and Android devices for cross browser testing. Ship apps and websites that work for everyone, every time.

#49. Python selenium keep browser open

Open chrome://version in the browser to see what profile Chrome is using. close() method is used to close the current browser window on which the focus is ...

#50. Javascript中window.opener的一點小總結 - 开发者知识库

2,利用的javascript對location的操作比如1.html頁面是通過location.href=”2.html”跳轉到2.html的,在2.html的window.opener也是null,無法獲取

#51. How to open new tab/window from server action | OutSystems

want to Open new tab after the popup has closed. my case like- ... Use a simple javascript (through RunJavaScript) in the form.

#52. Home | BJ's Restaurants and Brewhouse

Award-winning craft beer, Southern California Twist on Chicago-style pizza, world-renowned dessert – the Pizookie, and much more.

#53. Javascript call parent function from iframe

Let's take some examples of using recursive functions. opener object to access the parent browser window from a child window: (compatible with IE & Firefox) ...

#54. Towson University | Maryland's University of Opportunities

One of America's leading public universities, Towson University creates opportunities for academic excellence, scholarly research and career success.

#55. JavaScript to open link in new window without being popup ...

JAVASCRIPT,IFRAME,NEW WINDOW,OPEN LINK.To ensure security and reduce spamming, modern browsers have implemented very strict rules on when a ...

#56. HTML spec - HTML Standard - whatwg

Full table of contents · 4.1 The document element · 4.1.1 The html element · 4.2 Document metadata · 4.2.1 The head element · 4.3 Sections · 4.3.1 The body element ...

#57. chrome.tabs - Chrome Developers

background.js ... This property is only present if the opener tab still exists. ... If specified, the opener tab must be in the same window as the newly ...

#58. Can iframe access parent javascript

iframe window object of the frame thus if the iframe document does parent. postMessage() This method safely enables cross-origin communication. open(. pdf' or ...

#59. Common Intents | Android Developers

To open a camera app and receive the resulting photo or video, ... To also allow the user to instead create a new document that your app can write to, ...

#60. OpenDocument - Wikipedia

The Open Document Format for Office Applications (ODF), also known as OpenDocument, is an open standard file format for spreadsheets, charts, ...

#61. Change content in iframe javascript - Edizioni Langhe Roero ...

An HTML iframe embeds another document within the current HTML document in the ... May 20, 2014 · Returns or sets the location object of JavaScript, ...

#62. Viewer Js Example - Caro Jordanow

js can convert word. odt) Have a look at the Open Document Format v1. Online HTML viewer is real-time HTML Tester. JavaScript image viewer. Images with ...

#63. [자바스크립트 완벽 가이드 정리] Window 객체 - 초보 개발자의 ...

opener. open()으로 열린 창에서 볼 때 자기를 연 창. document ... closed. 창이 닫혀 있는 상태. locationbar. location 바. menubar. 창 메뉴 바.

#64. Opening PDFs, Adobe Acrobat

If more than one document is open, you can switch between documents ... To close Read mode and display the work area, click the Acrobat icon ...

#65. Welcome to the Cincinnati Zoo - Cincinnati Zoo & Botanical ...

Early Entry for members ends October 31. The Train will be closed November 1 – November 5 for maintenance. ZooNews.

#66. Auto close browser tab

If you close Chrome, all tabs that were open at the time will be Click on the ... A tab/window close or a page reload event mean that the current document ...

#67. Actualisation de la fenetre mère lors d'une connexion pop up

C'est possible avec certaines fonctions Javascript en fonction du nom ... "window.opener.location.href='index.php';window.close(); return ...

#68. Flushing Bank: Banking and Lending Solutions | NY

×. The ATM lobbies at some of our branch locations will be temporarily closed from 11:00 ...

#69. window.opener.focus() не работает - CodeRoad

window.opener.name = 'somename'; window.open(window.opener.location.href, ... в "window.external", которая вызовет Javascript "alert()" или "confirm()".

#70. Xcode - IDE - Apple Developer

The Assistant button splits the Xcode editor in two, with your primary work document on the left and an intelligent Assistant editor pane to the right.

#71. ServiceOntario Wellington and Mary (Aurora) | Ontario.ca

Get directions Opens in new window. Services at this location ... Sunday, Closed ... You cannot get health card services at this location if you:.

#72. Tinder | Dating, Make Friends & Meet New People

With 55 billion matches to date, Tinder® is the world's most popular dating app, making it the place to meet new people.

#73. MPLAB X IDE User's Guide - Microchip Technology

document number and “A” is the alphabetic revision level of the document. ... If you do not see it, you may need to close and re-open MPLAB X. IDE.

#74. Removing title bar - is this possible? - P2P Wrox

I realize I would need to provide a "close" button as the window would no ... The following is the code I use to open the child window:

#75. autoclose-html - Atom

Auto Close HTML package for Atom Text Editor ... by attaching an element of the given type to the window and checking it's calculated display value.

#76. Tips for Viewing and Using Fillable PDFs - CT.gov

Troubleshooting · Open Firefox and navigate to Tools > Options · Click on the Applications tab · Under Content Type, scroll down to Portable Document Format (PDF) ...

#77. Qt Close Window Example

The closeEvent () in the Application example shows a close event handler that asks whether to save a document before closing. Posted in: Mouse Events Filed ...

#78. Creo View for CAD, ECAD, and PLM Visualization | PTC

Creo View is a simple but powerful enterprise visualization solution for MCAD and ECAD data enabling collaboration across engineering and manufacturing ...

#79. 5 Loading Web pages — HTML5 - W3C

A browsing context is an environment in which Document objects are ... Otherwise, if the browsing context has an opener browsing context, ...

#80. One Way to Break Users Out of the Habit of Reloading Too Much

A page session lasts as long as the browser is open, and survives over page reloads and restores. Opening a page in a new tab or window creates ...

#81. Netherlands Office

We are located on the 13th floor of the FarGlory building in the Xin Yi district, ... Today, the Netherlands still has close economic relations with Taiwan.

#82. Javascript – サブウィンドウからwindow.openerを使って親 ...

サブウィンドウから親ウィンドウを操作するにはwindow.openerプロパティを ... window.close(); } else { var fm = window.opener.document.form1; ...

#83. rica's leading home renovation and DIY store --- South Af

Gelmar Home Page.

#84. oncut="return false;"网页常用ja.._hongyanjava的专栏 - 程序员 ...

<script language="javascript"><!-- if (window == top)top.location.href = "frames.htm"; //frames.htm为框架网页 // --></script>. 9. 防止被人frame

#85. True Value Hardware - Your Local Home Improvement ...

True Value brings your local hardware store online. Shop now & choose Ship-to-Store for free shipping to your nearest participating True Value store.

#86. Using OAuth 2.0 for JavaScript Web Applications - Google ...

You can open the URL in the current browser window or a popup. The user can authenticate with Google and grant the requested permissions. Google ...

#87. 智頡分享報第0102期

Document 即可,因為NotesUIDocument代表目前開啟的前端文件,而Document則是指目前文件的後端文件。 4.記憶體中的文件. 這部份麻,我想就跟Lotus Script或Java程式設計 ...

#88. How to Edit a Configuration File in Windows - Technical Support

The default locations for Orchid's configuration files in Windows are: ... in the drop down menu located directly above the “Open” and “Close” buttons.

#89. OECD: Home page

Working with over 100 countries, the OECD is a global policy forum that promotes policies to improve the economic and social well-being of people around the ...

#90. National Palace Museum - 國立故宮博物院

【填問卷,抽好禮】故宮數位資源網路調查en · A Trio of National Treasures. Open today 09:00 - 17:00. Hours|Tue~Sun 9:00-17:00. Admission Directions.

#91. Buy Hettich Fitings online | Hettich India Pvt. Ltd.

Buy Hettich Fittings Online and make your furniture work beautifully.

#92. Multi-Tier Application Programming with PHP: Practical Guide ...

AndClose() { // Reload the contents of the window that opened this one . . . opener. location. reload.(); // . . . then close this window. window. close(); } ...

#93. Pro ASP.NET Web Forms Techniques - 第 379 頁 - Google 圖書結果

... and a Boolean value to indicate if the Model Details window should be closed (true) or left open (false): javascript:mainWindowPage('secure/mycars.aspx' ...

#94. ASP企业管理系统开发实例 - 第 328 頁 - Google 圖書結果

Open " SELECT * FROM calendar Where ID is ... < SCRIPT LANGUAGE = " JavaScript " > opener.location = opener.location ; window.close ( ) ; < / SCRIPT > < !

#95. JavaScript: The Definitive Guide - Google 圖書結果

See Window.opener, // Window.location and Location.hash, and Link.onclick. ... newwin.document.close(); // Never forget to close the document! } ...

#96. The Book of JavaScript, 2nd Edition: A Practical Guide to ...

hide me from older browsers // open the control panel window var control_window ... onClick = "window.opener.location.href='http://www.webmonkey.com/'; ...

#97. Canucks can't quite complete comeback over Wild in home ...

The Vancouver Canucks fell 3-2 to the Minnesota Wild in their home opener, with goals from Alex Chiasson and Bo Horvat.

#98. Open files from the command line | PhpStorm - JetBrains

Open an arbitrary file or folder in PhpStorm from the command line, ... phpstorm64.exe --line 42 C:\MyProject\scripts\numbers.js. Copied!