More important for many businesses is what they can do to their web site to protect their customers. I've been reading the JavaScript code and, for starters, I recommend either targetting _blank or some randomly generated name. If the window must be targetted again later, maybe a combination of the user's session ID (which should already be randomly generated and protected from interception etc.) and a plain-english name. For example:
var windowname = sessionid + 'foo');
This would go well in a function to "sessionize" a window name and return the result.
Slashdot Mirror
More important for many businesses is what they can do to their web site to protect their customers. I've been reading the JavaScript code and, for starters, I recommend either targetting _blank or some randomly generated name. If the window must be targetted again later, maybe a combination of the user's session ID (which should already be randomly generated and protected from interception etc.) and a plain-english name. For example:
var windowname = sessionid + 'foo');
This would go well in a function to "sessionize" a window name and return the result.