homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / JavaScript and AJAX
Forum Library, Charter, Moderator: open

JavaScript and AJAX Forum

Javascript and Hotmail......Please help!
I need javascript to work with emails that are delivered to Hotmail....

 5:18 pm on Jan 26, 2002 (gmt 0)

Is anybody able to help me?

I run a free newsletter and need to have a javascript pop up box open when my subscribers read my emails (helps pay the bills!!!!)

It has worked fine with emails delivered to Outlook Express but does not work with Hotmail.

I have read that Hotmail strip out the javascript from the emails sent to the email accounts. Is there anyway I can get round this? Does anyone know of any other code or way of having a small pop up box appear when the email is opened?

I would really appreciate your help.




Robert Charlton

 6:17 pm on Jan 26, 2002 (gmt 0)

If anyone sent me an email with a javascript pop-up, I'd unsubscribe. For that matter, if anyone sent me a newsletter in html, I'd unsubscribe or set my filters to delete it.


 7:16 pm on Jan 26, 2002 (gmt 0)

Thanks for your constructive comment!

All of my subscribers do not have a problem with the pop ups, under the terms and conditions they have consented to receive such advertisements. It is what keeps my service free to them.

They also have the choice of html or text, so obviously html based receivers have requested their newsletter in this way.

It is just a simple question I am asking and would appreciate some helpful information.

Thank you


 8:14 pm on Jan 26, 2002 (gmt 0)

Hotmail does not allow JavaScript, no way round it.

>Thanks for your constructive comment!

Robert was very restrained, if anyone sent me such an email then I'd **** the ***** :)

Seriously, think of another way to generate the income, javascript is going the way of the Dodo. imho

BTW, Welcome to WebmasterWorld jon_bell


 8:52 pm on Jan 26, 2002 (gmt 0)

Nope, hotmail doesn't allow javascript and any intelligent web-based email clients wont either. There is a good reason for this and it isn't popups. If javascript is inside the email, it is being run from the host site. That means it has access to all the cookies and session information the user's browser shares with hotmail. It could easily send this along to a third party without permission and cause a major security risk.


 9:53 pm on Jan 26, 2002 (gmt 0)

javascript is going the way of the dodo????????

since when????

I finally became competent in it and it's going away?????????

where did you read or hear this??????

Oh: on the subject of javascripts in e-mails, I find HTML e-mail particularly annoying and I would unsubscribe immediately as well if someone sent me an e-mail that caused a pop-up.


 12:56 am on Jan 27, 2002 (gmt 0)

jonbell, welcome to Webmaster World.

You ran into a pretty hot topic on your first post, here (would you be willing to consider those reactions as your initiation, rather than a sign of things to come?)

I've found it to be a lot more fruitful to send email users a text email with links to web pages for the fancy layouts and such. AOL hasn't even shown clickable links or graphics for many years, and most lists I see have lots of AOLers.

I personally filter out HTML email. On the whole, I feel it wastes my time, pure and simple. But I have a client who has shown solid success sending HTML compared to text. I guess it depends on knowing your audience.

>> javascript is going the way of the dodo?

I'm not too sure about that. I've seen some numbers that make me think more people have javascript enabled in recent months. That's for general consumers, though, not the very tech oriented.

I personally hope js stays around. I find I can get some great usability advantages using basic functions. I just wish there was a way to stop automatic pop-ups and still allow pop-ups that open by clicking a link. It's the opt-in principle.


 3:59 am on Jan 27, 2002 (gmt 0)

>I just wish there was a way to stop automatic pop-ups and still allow pop-ups that open by clicking a link. It's the opt-in principle.

I was recently embarassed at a client by this very problem. I recently installed a pop-up killer for IE because I got sick of seeing those ads for the X-10 camera and Orbitz. It was great.

Then I was doing a demo of a nifty ASP/JS site which required pop-ups and I got the error message instead of my pop-up. At first I didn't know what was wrong and I stumbled a bit at my demo. Then I figured it out and when I explained it to the audience we all had a good laugh.


 12:44 pm on Jan 27, 2002 (gmt 0)

>>> javascript is going the way of the dodo?

hehehe, sometimes it's nice to provoke a reaction.

I believe that it is a bad thing to allow javascript to run on an IE/Win machine, in short the system is not secure. If something is "bad" sooner or later many people will come to the same conclusion, the market could shift very quickly.

The question is how many users are running with js disabled [or not even installed]? My best guess is 10% + and rising.


 5:39 am on Jan 28, 2002 (gmt 0)

I agree that using pop ups in emails is going to far. In this particular case it makes perfect sense, though... the users agree to it beforehand.

I'd bet javascript is going to be around for a long time... It has no viable competition --don't say VBScript, it doesn't have even vaguely enough market share ;-)

If you get rid of javascript you get rid of DHTML, simple as that.

I'm not sure I understand what everyone is saying about security risks? The only info javascript can gather about you is the same info that is easily available to any website and that can be accessed using any scripting language.

Javascript doesn't have have the ability to get the kind of access you need to pose a security risk... They language is intentionally designed without it.

I also don't think that javascript in html newsletters is necessarily a bad thing... I can think of good uses for it... viewer/browser dectection, dynamic layout depending on screen size, any kind of DHTML, etc.


 7:08 am on Jan 28, 2002 (gmt 0)

>> I'm not sure I understand what everyone is saying about security risks?

Here's some good reading about javascript and email security [pdos.lcs.mit.edu]. And it's not only MS troubles either -- Eudora and Netscape have both had a good number of exploits. But the deadly duo (Outlook plus IE) has had some holes you could drive a truck through.

So far we're talking client based email. Then, as ggrot mentioned, letting javascript run on a WEB-based e-mail client opens up another big black box of trouble. The script is running on the server, not the user's machine.

I think that's one of the reasons search engines don't spider and check js files. They can't risk running the code on their machines!


 9:09 am on Jan 28, 2002 (gmt 0)

Again... where's the problem with Javascript?

I couldn't find anything in that article about security exploits using javascript.

The language, as you probably know, can't write to disk. It can't even write to memory in any useful way.

That article was about common email worms which require the user to click a confirmation box or open an attachment (unless you count that old Outlook hole) in order to work.

If anyone knows of an actual security risk with Javascript, please let me know. I'm very curious how it would be done.


 9:19 am on Jan 28, 2002 (gmt 0)

One thing to add... The reason I'm curious about this is because I've heard people talking about Javascript security/privacy issues before but, to this day, no one has actually come up with an example that makes any sense.

I'm hoping maybe I can stop a few more people from turning it off for no reason. We designers can do good things with it :-)


 11:49 am on Jan 28, 2002 (gmt 0)

Netscape Information

Specific from Netscape:

Netscape has concluded that there is a potential vulnerability that could be exposed through malicious JavaScriptTM code executed within the Messenger email client. The result of receiving an email message containing such code could result in what is known as a "denial-of-service" attack.

Hotmail / Javascript

What users agree to get is not what they might actually end up getting, which could turn out to be quite a surprise for them.


 2:49 pm on Jan 28, 2002 (gmt 0)

Are there any alternatives to Javascript? I think not. Besides security problems & GUI mischief is not javascript specific.

The nummerous annoying ways people try to get your attention is a more structural problem, and not easy to solve. Be sure that all your websites have a friendly & helpfull interface, and it just might inspire other people ;-)


 11:25 am on Jan 31, 2002 (gmt 0)

Thanks for the info Marcia...

Looking through it I noticed that all of the vunerabilities had to do with the way that certain software dealt with Javacript and not Javascript itself. Also, most of them have been fixed in newer software versions and all of them no more than minor annoyances.

If that's as bad as it gets it sounds like Javascript is the safest language out there. :-)


 2:19 am on Mar 6, 2002 (gmt 0)

WHY, do REPLIES have to have such bite and basically make the sender feel like sh*%. I am refering to the earlier messages in the thread.

My god, we have been given the ability to help each other here, NOT put each other down with attitude. For each person that puts up a message that's WRONG in context, that person will know something everyone else has failed to realise. Maybe we should work together not against each other. Members seem to find newgroups as a way to put people down.

Also I think most people have heard of the NIMDA virus! One thing that triggers it off is Javascript running when the EMAIL is previewed in OUTLOOK so really you don't even need to open the INFECTED EMAIL which makes Javascript a security threat. Nimda also uses the back door created by CODE RED virus even after the CODE RED virus has been removed so be on the lookout people...

Wake up and smell the keyboard...

Respect to you ALL
Pip. :)


 8:50 am on Mar 6, 2002 (gmt 0)

Er... I agree with you that there's no need to attack people.

As far as the Nimbda virus goes... We already covered that. That was a huge gaping security hole in Outlook that has since been fixed. You could exploit it a number of different ways. Javascript did not comprise the virus, it was just one of multiple ways of getting Outlook to pull a microsoft. ;-)


 1:38 am on Mar 7, 2002 (gmt 0)

Yes, your quite correct Ian and I also agree with you that Javascript in the eyes of some can also get a bad reputation, when really it's down to the software and the way it deals with Javascript...


Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / JavaScript and AJAX
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved