Window Manipulation & Redirections

Master the art of browser navigation with JavaScript, from opening new tabs and redirecting pages to managing browser history.

Lesson ProgressStep 1 of 7

📜🖥️ ➡️ 📑🔄🔃⏪🏆

⭐ 0 EXP

Welcome! Let's see how JavaScript can take control of the browser window itself.

/* The Browser Object Model (BOM) */

The `window` Object

The `window` object is the root of the **Browser Object Model (BOM)**. It represents the browser window or tab. All global JavaScript variables, functions, and objects automatically become properties and methods of the `window` object.

var name = 'Global';
console.log(window.name); // Outputs "Global"

window.alert('This is a window method');

Because it's the global object, you can usually omit it. `alert()` is the same as `window.alert()`. We'll be focusing on its properties that control navigation: `location`, `history`, and `open`.

System Check

What is the top-level, global object in a web browser?

documentwindowlocationnavigator

Advanced Holo-Simulations

⭐ 0 EXP

Achievements

🏆

Window Opener

Construct a valid `window.open` call.

🏗️

Redirect Whiz

Correctly redirect a page using `window.location.href`.

✍️

History Buff

Prove your mastery of the `window.history` object.

Mission: Build a Redirect Button

You have an HTML file with a button <button id="myButton">Click me</button> . Complete the JavaScript function below to make this button redirect the user to `https://google.com` when clicked.

A.D.A. Feedback:

> System integrity looks stable. Code is valid.

Challenge: Match the Action

Drag the JavaScript code snippets on the right to match the correct action on the left.

Open a new tab

Redirect to another page

Refresh the current page

window.location.href = '...'

window.location.reload()

window.open('...', '_blank')

Challenge: Complete the Syntax

Fill in the missing parts of the code to navigate the browser's history.

window..(); // Goes back one page

window.history.(-2); // Goes back two pages

Consult A.D.A.

Community Holo-Net

Recent Forum Posts

Why is my `window.open()` being blocked?

Posted by: Popup_Phile

`location.assign()` vs `location.replace()` - What's the diff?

Posted by: History_Nerd

Peer Project Review

Submit your "Redirect Button" project for feedback from other Net-Runners.

Support Us

The Pilot's Seat: A Deep Dive into Browser Navigation

Beyond the content of your webpage (the DOM), JavaScript provides a powerful set of tools to interact with the browser itself. This is called the **Browser Object Model (BOM)**. At the very top of the BOM is the global `window` object, which represents the browser window (or tab) containing your page.

Mastering the `window` object's properties—specifically `location`, `history`, and `open`—gives you control over the user's navigation flow, allowing you to create dynamic, secure, and intuitive web applications.

1. The `window.location` Object: The Page's GPS

The `window.location` object is your primary tool for reading and controlling the page's URL. It's not just a string; it's a complex object with properties you can read and, in some cases, set.

// Assuming the URL is: https://www.example.com:80/path?q=test#hash

console.log(window.location.href);     // "https://www.example.com:80/path?q=test#hash"
console.log(window.location.protocol); // "https:"
console.log(window.location.host);     // "www.example.com:80"
console.log(window.location.hostname); // "www.example.com"
console.log(window.location.port);     // "80"
console.log(window.location.pathname); // "/path"
console.log(window.location.search);   // "?q=test"
console.log(window.location.hash);     // "#hash"

Navigating with `location`

You have three primary methods to make the browser navigate:

`window.location.href = "..."`: The most common way. Assigning a new URL to `href` redirects the user. This creates an entry in the browser's history, so the user can press the "Back" button.
`window.location.assign("...")`: Functionally identical to setting `href`. It also creates a "Back" button entry.
`window.location.replace("...")`: This is the important one. It redirects the user but **replaces** the current item in the history. The user **cannot** press the "Back" button to return. This is perfect for post-login redirects, where you don't want the user to be able to go "back" to the login page.
`window.location.reload()`: Re-loads the current page, just like the refresh button.

2. `window.open()`: The Good, The Bad, and The Blocked

The `window.open()` method is used to open a new browser window or tab. Its full syntax is `window.open(url, target, windowFeatures)`.

`url`: The URL to open (e.g., `https://google.com` or `/about-us`).
`target`: Where to open it. `_self` loads in the current window, `_blank` loads in a new tab, and a custom name (e.g., `"myWindow"`) will open in a new tab and re-use that tab if called again with the same name.
`windowFeatures`: A string of options like `width=500,height=500`. **Note:** Most modern browsers ignore these for security reasons, treating all calls as opening a full, new tab.

The Critical Security Context

Browsers are extremely strict about `window.open()` to prevent malicious pop-up ads.

❌ Will Be Blocked

// Called without user interaction
setTimeout(() => {
  window.open("https://evil.com");
}, 1000);

Browsers block pop-ups not tied to a user action.

✔️ Will Be Allowed

button.addEventListener("click", () => {
  window.open("https://google.com");
});

Tied directly to a user `click` event, this is allowed.

Furthermore, when you open a new tab with `target="_blank"`, you must add `rel="noopener noreferrer"` to your link.

`noopener`: Prevents the new tab from accessing your original tab via `window.opener`, a serious security risk.
`noreferrer`: Prevents the new tab from knowing which URL it came from.

3. `window.history`: Time Travel in the Browser

The `window.history` object lets you move backward and forward through the user's session history.

`history.back()`: Equivalent to clicking the "Back" button.
`history.forward()`: Equivalent to clicking the "Forward" button.
`history.go(n)`: Moves by `n` steps. `history.go(-1)` is the same as `back()`. `history.go(2)` goes forward two pages.
`history.length`: Shows how many items are in the session history stack.

The Modern Way: History API

For Single-Page Applications (SPAs) like React or Vue, we don't want a full page reload. We want to change the URL *without* refreshing. This is done with the History API.

`history.pushState(state, title, url)`: This magically updates the URL in the address bar to `url` without a network request. It also adds a new entry to the history, so "Back" works. The `state` object can be any data you want to associate with
`history.replaceState(state, title, url)`: Same as `pushState`, but it *replaces* the current history entry (no "Back" button).
`popstate` event: When the user *does* click "Back" or "Forward", the `popstate` event fires. SPAs listen for this event to know when to show the previous "page" (component).

Key Takeaway: Use `location` for navigation, `open` (carefully!) for new tabs, and `history` (especially `pushState`) to create fast, modern, and secure user experiences.

JavaScript BOM & Navigation Glossary

BOM (Browser Object Model): The collection of objects that JavaScript can use to interact with the browser, outside the content of the page itself. The `window` object is the top-level entity in the BOM.
window: The global object in client-side JavaScript. It represents the browser window that contains a DOM document. All global variables and functions are properties of the `window` object.
window.location: An object containing information about the current page's URL. It can be used to get URL components (like `hostname` or `search`) or to navigate to a new page.
location.href: A property that gets or sets the entire URL of the current page. Setting it causes the browser to navigate to the new URL and creates a history entry.
location.assign(): A method that loads a new document at the specified URL. Functionally the same as setting `location.href`.
location.replace(): A method that replaces the current resource with a new one. Crucially, it **does not** create a history entry, so the "Back" button won't return to the original page.
location.reload(): A method that reloads the resource from the current URL. It's like pressing the refresh button.
window.open(): A method to open a specified URL in a new browser window or tab. It is often blocked by browsers unless called directly from a user-initiated event (like a click).
rel="noopener": An HTML attribute for links ( <a> ) that open in a new tab. It prevents the new tab from gaining access to the original tab's `window` object, a critical security measure.
window.history: An object that provides an interface for interacting with the browser's session history (pages visited in the current tab).
history.back() / .forward() / .go(): Methods on the `history` object to programmatically navigate back, forward, or to a specific point in the session history.
history.pushState(): A method to update the URL in the address bar without a page reload. It adds a new entry to the session history. This is the foundation of client-side routing in SPAs.
popstate: An event that is fired on the `window` object when the active history entry changes (e.g., when the user clicks the "Back" button) after a `pushState` or `replaceState` call.

About the Author

TodoTutorial Team

Passionate developers and educators making programming accessible to everyone.

This article was written and reviewed by our team of web development experts, who have years of experience teaching JavaScript and building robust, scalable web applications.

Verification and Updates

Last reviewed: November 2025.

We strive to keep our content accurate and up-to-date. This tutorial is based on the latest ECMAScript specifications and is periodically reviewed to reflect industry best practices.

External Resources

Found an error or have a suggestion? Contact us!