Why Doesn't `window.close()` Work in Chrome, and How Can I Fix It?

Window.close() Fails in Chrome: A Security Measure

In the realm of web development, it has been observed that invoking window.close() or self.close() in JavaScript has ceased to close the targeted window in the Chrome browser. This behavior stems from a crucial security measure implemented by Chrome to prevent malicious code and unsolicited pop-ups from compromising users' browsing experience.

The closure of windows is restricted primarily to scripts that have generated these windows. Chrome adheres closely to this principle, disallowing arbitrary closures by external scripts. However, a notable exception to this rule is available only to author-generated JavaScript, enabling the closure of windows created by the same script.

Firefox's Stricter Implementation

Firefox, on the other hand, enforces a stricter policy, prohibiting window closures unless the invoking script explicitly created the window utilizing the window.open() method. Any attempts to bypass this restriction result in error messages in Firefox, while Chrome opts for a silent failure.

Mitigations for Chrome Users

To address this challenge in Chrome, the "self redirection" exploit was previously exploited. However, this technique has been rendered largely ineffective in current versions of the browser. Nevertheless, a modified version of the strategy remains viable for use within a constrained set of circumstances. By employing Tampermonkey with explicit @grant authorization, window.close() can still be leveraged to close additional tabs (if present) in Chrome.

For Firefox users, the only viable solution involves disabling the built-in security settings within the browser. However, this practice is strongly discouraged due to the heightened security risks associated with weakened browser configurations.

Long-Term Solution and Enhancements

The most effective approach to circumvent this limitation permanently is to develop a Chrome extension or Firefox add-on. These mechanisms provide reliable window closure capabilities. Additionally, suggesting such functionality as a feature request to the maintainers of Greasemonkey and Tampermonkey could result in further improvements and simplified implementation for userscript authors.

The above is the detailed content of Why Doesn't `window.close()` Work in Chrome, and How Can I Fix It?. For more information, please follow other related articles on the PHP Chinese website!