Internet Explorer does not execute code when an event handler is set to directly reference a DOM function after you install the MS04-038 security update

View products that this article applies to.

SUMMARY

Security Update 834707 includes a change to the way Internet Explorer handles function pointers. This change in functionality occurs when an event handler points directly to a Document Object Model (DOM) function. This article describes the issue and provides several workarounds.

Back to the top

SYMPTOMS

Microsoft Internet Explorer does not execute client-side code that is associated with an event handler that is directly set to a DOM function.

Back to the top

CAUSE

The MS04-038 security update includes a change to the way that Internet Explorer handles function pointers. This change in functionality occurs when an event handler points directly to a DOM function:

on<event> = DOM function pointer

Back to the top

WORKAROUND

To work around this change in Internet Explorer's functionality, use one of the following methods:

Directly invoke the function by using JavaScript:

Original code:

<A href=# onclick=window.close>Close this window</A>

Fixed code:

<A href=# onclick="window.close()">Close this window</A>

Store the function pointer in a variable and define another function to invoke the variable. The following examples use the onclick event to close a window:

Original code:

<A href=# onclick=window.close>Close this window</A>

Fixed code:

<script>
var my_funcptr = window.close;

function FunctionPointerInvoker()
{
    my_funcptr();
}
</script>
<A href=# onclick="FunctionPointerInvoker()">Close this window</A>

Back to the top

STATUS

This behavior is by design.

Back to the top

REFERENCES

For additional information about the MS04-038 security update, click the following article number to view the article in the Microsoft Knowledge Base:

834707 (http://support.microsoft.com/kb/834707/ ) MS04-038: Cumulative security update for Internet Explorer

Back to the top