Ordinary javascript cannot close windows willy-nilly.(普通的javascript无法随意关闭Windows。)
This is a security feature, introduced a while ago, to stop various malicious exploits and annoyances.(这是一项安全功能,该功能已在不久前推出,用于阻止各种恶意攻击和烦扰。)
From the latest working spec for window.close()
:(根据window.close()
的最新工作规范 :)
The close()
method on Window objects should, if all the following conditions are met, close the browsing context A :(如果满足以下所有条件,则Window对象上的close()
方法应关闭浏览上下文A :)
- The corresponding browsing context A is script-closable .(相应的浏览上下文A是可关闭脚本的 。)
- The browsing context of the incumbent script is familiar with the browsing context A .(当前脚本的浏览上下文熟悉浏览上下文A。)
- The browsing context of the incumbent script is allowed to navigate the browsing context A .(允许在用脚本的浏览上下文导航浏览上下文A。)
A browsing context is script-closable if it is an auxiliary browsing context that was created by a script (as opposed to by an action of the user), or if it is a browsing context whose session history contains only one Document.(如果浏览上下文是由脚本创建的辅助浏览上下文(而不是用户的操作),或者是会话历史记录仅包含一个Document的浏览上下文,则可以关闭 脚本 。)
This means, with one small exception, javascript must not be allowed to close a window that was not opened by that same javascript.(这意味着,除了一个小小的例外, 不得允许javascript关闭该相同javascript未打开的窗口。)
Chrome allows that exception -- which it doesn't apply to userscripts -- however Firefox does not.(Chrome允许该例外-不适用于用户脚本-但是Firefox不允许。)
The Firefox implementation flat out states :(Firefox的实施方式明确指出 :)
This method is only allowed to be called for windows that were opened by a script using the window.open
method.(仅允许使用window.open
方法由脚本打开的窗口调用此方法。)
If you try to use window.close
from a Greasemonkey / Tampermonkey / userscript you will get:(如果您尝试从Greasemonkey / Tampermonkey /用户脚本使用window.close
,则将获得:)
Firefox: The error message, " Scripts may not close windows that were not opened by script.
"(Firefox:错误消息,“ Scripts may not close windows that were not opened by script.
”) Chrome: just silently fails.(Chrome:只是默默地失败了。)
The long-term solution:(长期解决方案:)
The best way to deal with this is to make a Chrome extension and/or Firefox add-on instead.(解决此问题的最佳方法是改用Chrome扩展程序和/或Firefox插件。)
These can reliably close the current window.(这些可以可靠地关闭当前窗口。)
However, since the security risks, posed by window.close
, are much less for a Greasemonkey/Tampermonkey script;(但是,由于window.close
所带来的安全风险对于Greasemonkey / Tampermonkey脚本而言要小得多。)
Greasemonkey and Tampermonkey could reasonably provide this functionality in their API (essentially packaging the extension work for you).(Greasemonkey和Tampermonkey可以在其API中合理地提供此功能(实质上是为您打包扩展工作)。) Consider making a feature request.(考虑提出功能请求。)
The hacky workarounds:(hacky解决方法:)
Chrome is currently was vulnerable to the "self redirection" exploit.(Chrome 目前容易受到“自我重定向”漏洞的攻击。)
So code like this used to work in general:(因此,这样的代码通常可以正常工作:)
open(location, '_self').close();
This is buggy behavior, IMO, and is now (as of roughly April 2015) mostly blocked.(IMO,这是越野车行为,目前(截至2015年4月)已大部分被阻止。)
It will still work from injected code only if the tab is freshly opened and has no pages in the browsing history.(仅当选项卡是刚打开的并且在浏览历史记录中没有页面时,它仍然可以从注入的代码运行。) So it's only useful in a very small set of circumstances.(因此,它仅在极少数情况下有用。)
However, a variation still works on Chrome (v43 & v44) plus Tampermonkey (v3.11 or later) .(但是, 变体仍可在Chrome(v43和v44)以及Tampermonkey(v3.11或更高版本)上运行 。)
Use an explicit @grant
and plain window.close()
.(使用一个显式的@grant
和普通的window.close()
。) EG:(例如:)
// ==UserScript==
// @name window.close demo
// @include http://YOUR_SERVER.COM/YOUR_PATH/*
// @grant GM_addStyle
// ==/UserScript==
setTimeout (window.close, 5000);
Thanks to zanetu for the update.(感谢zanetu的更新。)
Note that this will not work if there is only one tab open.(请注意,如果仅打开一个选项卡,则此功能将无效。) It only closes additional tabs.(它仅关闭其他选项卡。)
Firefox is secure against that exploit.(Firefox对这种攻击是安全的。)
So, the only javascript way is to cripple the security settings, one browser at a time.(因此,唯一的javascript方式是一次只能破坏一个浏览器的安全设置。)
You can open up about:config
and set(您可以打开about:config
并设置)
allow_scripts_to_close_windows
to true
.(allow_scripts_to_close_windows
为true
。)
If your script is for personal use, go ahead and do that.(如果您的脚本是供个人使用的,请继续执行此操作。)
If you ask anyone else to turn that setting on, they would be smart, and justified, to decline with prejudice.(如果您要求其他任何人打开该设置,则他们会明智且有理由拒绝偏见。)
There currently is no equivalent setting for Chrome.(Chrome目前没有等效的设置。)