Hello, I open a pop-up window with some content,

window.open();

I press the confirmation of some data, a redirect occurs and the GET data is returned in the URL string

The question is whether it is possible in some way to pull out the GET data of the modified URL of this very child window, for example, when closing this window itself, that is

 window.close();

or in some other way, is it even possible to do something like that?

    2 answers 2

    A similar situation with the authorization of VKontakte: their address is opened, permissions are given and the address is redirected to, with the authorization code assigned in the hash.

    You can get it only if the redirect was on your domain, your page - your window'location reads your JavaScript.

    In the variant when the final page is not in your domain, there is no way to get data from the scripts from your site - this is part of the CORS technology (cross-domain access to shared resources).

    • Yes, it is with the VK API that I am worried. The problem is that if you point a redirect to your site, you don’t have access to add, edit and delete posts, etc. If you specify a redirect to VK, then all access is opened, but the problem is that token in this case can be obtained only manually and automate this process in the browser does not work. Apparently you are right - not to get token in any way - Deathdrumer
    • To authorize an application as Standalone, you will have to either actually write such an application, such as the Chrome App. Or hopelessly lamer to write to the user: “copy the address bar and paste it into this form” - I saw it, some do. The minus is also that it does not work from a distant server, VC will suddenly ask for a captcha, if the ip region from which the token was requested, and where they are trying to use it from, are far from each other. - Sergiks
    • I, of course, exclude the way for the user to write to the user ... So, it turns out that you can’t do authorization with full access rights on your own site? The question immediately arises: "WHY FOR WHY?" Then this authorization is generally needed ?, - if the methods that are available, they are available without a token. - Deathdrumer
    • “Why?” - let's say, you can find out something about a closed group only with the user's token, which has access there. Authorization with full rights is possible. There is one hack: you need to authorize as Standalone, and specify the old version of the API, 3.x - and on subsequent requests too - then, in any case, it does not recapitulate the captcha and other reconfirmations. - Sergiks
    • Thanks for the tip, @sergiks, I will try! ____ Apparently, such a hack does not work anymore, I tried it - it does not work ... - Deathdrumer Sept

    Disassemble window.location in a pop-up window and send it to the server, for example. Here is the first solution, which was found http://akonan.ru/index.php?id=6

     function get(n){ a=window.location.toString(); a="&"+a.substring(a.indexOf("?")+1); p=a.indexOf("&"+n+"="); a=p==-1?'':a.substring(p+n.length+2); return a.indexOf("&")>=0?a.substring(0,a.indexOf("&")):a; }
    • Yes, and more. I forgot to say that I don’t have access to the data of the pop-up window, that is, a third-party site opens in the window. - Deathdrumer
    • Make your popup window. In it iframe with the right site and JS to track events and transfer data. When changing the address of the Iframe, transfer the changed address to the parent (opener) page and close the pop-up. - Get
    • Thus, I could do without a pop-up window, just insert a frame into the body of the document and load a third-party site into it, but the problem is that I did not find a way to pull the URL string out of this frame itself (((( Deathdrumer
    • Look here buznik.net/j/212/…. Well, in general iframe.contentWindow.location - Get
    • No, this is not that ... - Deathdrumer