[clug] St George banking only a javascript away
Simon Haddon
simon at sibern.com.au
Mon Feb 7 19:54:24 GMT 2005
Michael James wrote:
>A while ago internet banking at St George seemed to sputter into life.
>(Using Suse 9.2 Pro Linux, Firefox, Sun Java 1.4.2)
>
>Clicking the "Logon" link on the home page took you to:
> https://ibank.stgeorge.com.au/html/redirect.asp
>
>This usually did nothing but turn the location bar yellow
> denoting HTTPS.
>But repeatedly hitting reload would eventually
> give a login popup window which worked fine.
>
>As of this year, that stopped happening,
> just blank page and no popup.
>
>
You probably need to put ibank.stgeorge.com.au in the list of allowed
popup windows in your options/Web features otherwise it fails to popup
the login window. I use St George with Firefox and Java 1.5
>So I did a view source on the blank page.
>It's javascript, it tests the environment
> and redirects to:
>
> /html/redirect.asp?bhjs=0
> /html/redirect.asp?bhcp=1
> /html/redirect.asp?"+rs+"&bhqs=1"
> /html/redirect.asp?"+rs+"&bhqs=1"
>
>Hand typing either
> https://ibank.stgeorge.com.au/html/redirect.asp?bhjs=0
> or https://ibank.stgeorge.com.au/html/redirect.asp?bhjs=1
> will get you a login window that works fine.
>
>What are they testing for?
>
>Why does it fail to progress?
>Does it progress for you?
> (I tried turning on all javascript permissions
> and it still goes nowhere for me.)
>
>Does this amount to deliberately denying Linux?
>
>
>The testing javascript follows:
>
>
><HTML><HEAD>
><!-- These scripts are provided under the terms of the BrowserHawk
>license agreement
>and may not be copied or used otherwise. [7, 0, 1, 0 Enterprise] See
>cyscape.com for details.
>Copyright (C) 1999-2003 cyScape, Inc. All rights reserved.
>-->
><noscript><meta http-equiv="refresh" content="0;
>url=/html/redirect.asp?bhjs=0"></noscript>
><script language="JavaScript">
><!--
>function bhawkTest() {
> var bhjv = escape('Java N/A');
> if (document.bhjvmd) bhjv = escape(document.bhjvmd.getJavaVendor());
> var rs = "bhjv="+bhjv;
> if (document.cookie.indexOf("bhCookieSess=1") != -1) {
> document.cookie = "bhResults="+rs+"; path=/";
> document.cookie = "bhPrevResults="+rs+"; path=/";
> if (document.cookie.indexOf("bhResults") != -1)
> self.location.replace("/html/redirect.asp?bhcp=1");
> else self.location.replace("/html/redirect.asp?"+rs+"&bhqs=1");
> }
> else self.location.replace("/html/redirect.asp?"+rs+"&bhqs=1");
>
>}
>// -->
></script>
>
></head><title></title>
><noscript><body onLoad="bhawkTest();"></noscript>
><script>document.write('<body onLoad="bhawkTest();">');</script>
><script language="JavaScript">
><!--
>if (navigator.javaEnabled()) document.write('<applet
>code="JVMDetector.class" name="bhjvmd" width=1 height=1><param
>name="legal" value="This is copyrighted software and provided under
>license cyScape, Inc. (www.cyscape.com). All rights
>reserved."></applet>');
>// -->
></script>
>
></body></html>
>
>
More information about the linux
mailing list