HP ILO steals window.opener

some_hp.js

<!-- 
This is a bit of code from HP that proves they are crooks.
 They stole the window.opener by changing its location
  and then closed the window that it intended to launch.

                          Why?
-->
<script language="JavaScript" type="text/javascript">
   //--- create the new location string with
   //--- cpqlogin.php and the original query string
   newlocation = "/cpqlogin.htm" + myLocation; /* JAGaf86592 Renamed cpqlogin.php for cpqlogin.htm*/
   // close when is out window (eg. help window)
   if (window.opener) {
       if (isNetscape) {
           try{
               newlocation = "/cpqlogin.htm"; /* JAGaf86592 Renamed cpqlogin.php for cpqlogin.htm*/
               window.opener.location.replace( newlocation );
               window.opener.focus();
               window.close();
           }
           catch(e) {
               newlocation = "";
           }
       } else {
           try {
               var strLocation = new String(window.opener.location);
               if (strLocation.indexOf("mxportal") == -1){
                   newlocation = "/cpqlogin.htm";/* JAGaf86592 Renamed cpqlogin.php for cpqlogin.htm*/
                   window.opener.location.replace( newlocation );
                   window.opener.focus();
                   window.close();
               }
           }
           catch(e) {
               newlocation = "";
           }
      }
   }
   if(FramesAreThere) {
      // we need to load the login page in the parent frame
      window.parent.location.href = newlocation;
   }
</script>

if an intermediate page is launched with this javascript
window.opener = null;
then there is no way for the HP code to steal the window.