I do a lot of JavaScript development. I’ve seen my share of browser bugs. This one takes the cake from the perspective of annoying and unexpected. From what I can tell right now, this only affects Mozilla. Allow me to set the stage:

We use the window.name property to persist data across pages. We rarely have a problem with this except when other components that we’re using also use window.name for storage. Fortunately we have tricks to help with this. What we haven’t seen before was a bug inside the TeaLeaf JavaScript code, which accidentally created a local variable in the global scope. A common mistake.  A bit surprising, coming from the likes of TeaLeaf but common nonetheless.

This (approximated) one line of code inside Tealeaf has been causing us problems in Mozilla:

Tealeaf.somerandomfunction = function() {
name = “bla”;
}


So they’ve created a variable here, but accidentally in the global scope.

Now open Firefox and try this:

1. Load a random web page (google.com or something)
2. Open firebug
3. Type “window.name = ‘apple’;”
4. Refresh the page
5. Type “window.name” (see “apple”)

Works as expected, right? Now, try this:

1. Load random web page and open firebug
2. Type “window.name = ‘apple’;”
3. Type “name = ‘orange’;”
4. Type “window.name” (see “orange”)
5. Type “window.name = ‘Pear’;”
6. Refresh the page
7. Type “window.name” (see ‘apple’)

Note that the issue is not merely that they have leaked their local variable into the global scope, but that it seems to obliterate the reference to the DOM extension window.name (which still exists, but with no references to it). Even if we access window.name directly now, we are reading and writing to the new expando property. Thus, when we go to the next page, we are left with the original value we first wrote to window.name

To solve this, every time you want to use window.name you should do this first:

delete(name);