Status Bar Scripting (1111 / 1211 / 1311 / 1411)
AdminStudio 2021 | 21.0 | Application Manager
For this browser compatibility test, the web application contents are scanned for the usage of scripts that attempt to change the content of the status bar. The JavaScript properties that are scanned are window.status and window.defaultStatus.
Test Group/Test Category
| • | 1311—Browser Compatibility/Internet Explorer 11 |
| • | 1411—Browser Compatibility/Microsoft Edge |
Severity
Warning
Message
This web application contains a script that changes status bar messages (File: [FILE_NAME]).
Background
To prevent attackers from spoofing the status bar, Internet Explorer 10 and later browsers by default do not allow web applications in the Internet or Restricted zones to use scripts that set the status bar. As a result, any calls to the JavaScript properties window.status or window.defaultStatus may fail silently.
Resolution
To allow scripts to set the status bar by using the window.status and window.defaultStatus methods, a user should clear the Allow status bar updates via script check box in the custom security level in the Internet Options settings of Internet Explorer 11 or later.
See Also