[clug] St George banking only a javascript away

Simon Haddon simon at sibern.com.au
Mon Feb 7 19:54:24 GMT 2005 


Michael James wrote:

>A while ago internet banking at St George seemed to sputter into life.
>(Using Suse 9.2 Pro Linux, Firefox, Sun Java 1.4.2)
>
>Clicking the "Logon" link on the home page took you to:
>	https://ibank.stgeorge.com.au/html/redirect.asp
>
>This usually did nothing but turn the location bar yellow
> denoting HTTPS.
>But repeatedly hitting reload would eventually
> give a login popup window which worked fine.
>
>As of this year, that stopped happening,
> just blank page and no popup.
>  
>
You probably need to put ibank.stgeorge.com.au in the list of allowed 
popup windows in your options/Web features otherwise it fails to popup 
the login window.  I use St George with Firefox and Java 1.5

>So I did a view source on the blank page.
>It's javascript, it tests the environment
> and redirects to: 
>
>	/html/redirect.asp?bhjs=0
>	/html/redirect.asp?bhcp=1
>	/html/redirect.asp?"+rs+"&bhqs=1"
>	/html/redirect.asp?"+rs+"&bhqs=1"
>
>Hand typing either
>	https://ibank.stgeorge.com.au/html/redirect.asp?bhjs=0
> or	https://ibank.stgeorge.com.au/html/redirect.asp?bhjs=1
> will get you a login window that works fine.
>
>What are they testing for?
>
>Why does it fail to progress?
>Does it progress for you?
> (I tried turning on all javascript permissions
> 	and it still goes nowhere for me.)
>
>Does this amount to deliberately denying Linux?
>
>
>The testing javascript follows:
>
>
><HTML><HEAD>
><!-- These scripts are provided under the terms of the BrowserHawk 
>license agreement
>and may not be copied or used otherwise. [7, 0, 1, 0 Enterprise] See 
>cyscape.com for details.
>Copyright (C) 1999-2003 cyScape, Inc. All rights reserved.	
>-->
><noscript><meta http-equiv="refresh" content="0; 
>url=/html/redirect.asp?bhjs=0"></noscript>
><script language="JavaScript">
><!--
>function bhawkTest() {
>  var bhjv = escape('Java N/A');
>  if (document.bhjvmd) bhjv = escape(document.bhjvmd.getJavaVendor());
>  var rs = "bhjv="+bhjv;
>  if (document.cookie.indexOf("bhCookieSess=1") != -1) {
>    document.cookie = "bhResults="+rs+"; path=/";
>    document.cookie = "bhPrevResults="+rs+"; path=/";
>    if (document.cookie.indexOf("bhResults") != -1)
>      self.location.replace("/html/redirect.asp?bhcp=1"); 
>    else self.location.replace("/html/redirect.asp?"+rs+"&bhqs=1");
>  }
>  else self.location.replace("/html/redirect.asp?"+rs+"&bhqs=1");
>
>}
>// -->
></script>
>
></head><title></title>
><noscript><body onLoad="bhawkTest();"></noscript>
><script>document.write('<body onLoad="bhawkTest();">');</script>
><script language="JavaScript">
><!--
>if (navigator.javaEnabled()) document.write('<applet 
>code="JVMDetector.class" name="bhjvmd"  width=1 height=1><param 
>name="legal" value="This is copyrighted software and provided under 
>license cyScape, Inc. (www.cyscape.com). All rights 
>reserved."></applet>');
>// -->
></script>
>
></body></html>
>  
>

More information about the linux mailing list