The IT dept of a potential client has identified some of the Javascript in my Webhelp output as a potential security threat for cross-site scripting.
Could someone please answer the following questions about the following code block?
- What is its purpose?
- Can all, or part of it be deleted? (And if so, please provide excruciatingly detailed instructions for removing javascript or minimising it in my output files.)
- Do you think that the javascript in webhelp constitutes a security threat?
I am using RoboHelp 8 & don't know nothin' bout no javascript. This objection has never arisen before.
The code block (and especially the if statements about two different windows)
if (window.gbWhTopic)
{
var strUrl = document.location.href;
var bc = 0;
var n = strUrl.toLowerCase().indexOf("bc-");
if(n != -1)
{
document.location.href = strUrl.substring(0, n);
bc = strUrl.substring(n+3);
}
if (window.addTocInfo)
{
}
if (window.writeBtnStyle)
writeBtnStyle();
if (window.writeIntopicBar)
writeIntopicBar(0);
if (window.setRelStartPage)
{
setRelStartPage("Acco_3.htm");
autoSync(1);
sendSyncInfo();
sendAveInfoOut();
}
}
else
if (window.gbIE4)
document.location.reload();
Thanks for any enlightenment,
John