|
1. Your first set of single quotes and double quotes are the wrong way around
2. You are trying to use escape character for double quotes in a single quote string
3. You are not closing you IMG tag
4. You are using unneeded escape characters to close you A and DIV tags (assuming you have actually opened these tags somewhere)
try...
document.write('<img src="' + snowscr + '" border="0"/></a></div>');
tip...
use formatting options to insert < and >
Life goes very fast. Tomorrow, today is already yesterday.
|
|
|
|
|
Hy,
I have two ASP.net applications which are running simultaneously (p1,p2). If i am working on application p1, i have to restart the clock of application p2 also.For this i have written a java script code which works perfectly on my machine but gives error in server.
Here is my code
string strOut = @"
<SCRIPT language='JavaScript'>
var tparent;
alert('In PC.SearchResult.ascx Script');
debugger;
try{
if(parent.EnableClock == null)
{
alert(' In PC.SearchResult.ascx Script:parent.enableclock=null');
alert(parent.parent.EnableClock);
if(parent.parent.EnableClock == null)
{
alert('In PC.SearchResult.ascx Script: parent.parent.enableclock=null');
tparent = parent.parent.parent;
}
else
{
alert('In PC.SearchResult.ascx Script: parent.parent.enableclock!=null');
tparent = parent.parent;
}
}
else
{
alert('In PC.SearchResult.ascx Script: parent.enableclock!=null');
tparent = parent;
}
alert('The value of tparent is');
alert(tparent.value);
tparent.resetClock();
tparent.EnableClock = true;
alert(" + Session.Timeout.ToString() + ");" +
"tparent.startClock(" + Session.Timeout.ToString() + " );} catch (err){alert(err.message)}</SCRIPT>";
// string strOut = @"<SCRIPT language='JavaScript'>try{var tparent;if(parent.EnableClock == null){if(parent.parent.EnableClock == null){tparent = parent.parent.parent;}else{tparent = parent.parent;}}else{tparent = parent;} tparent.resetClock();tparent.EnableClock = true;tparent.startClock(" + Session.Timeout.ToString() + ");}catch(err){alert(err.message);}</SCRIPT>";
Response.Write(strOut);
The error that i get is when the debugger goes on "parent.parent",it says "ACCESS IS DENIED"
Please help
|
|
|
|
|
I am guessing that when you develop both sites are on localhost or something similar and when they are deployed they are on different domains. You are trying to do Cross Site Scripting, which is considered a big security problem.
|
|
|
|
|
I'm developing HTML application which reads some encrypted data from server, then decrypts it by password provided by user. How can I force browser to save the password in javascript? The password must never be sent to the server, so I cannot use cookies. I know there is some local storage in HTML5, but I'm afraid it is not widely supported. Any ideas?
Thank you.
|
|
|
|
|
The browser market is heavily adopting HTML5, so i wouldn't worry about it.
Go ahead and use LocalStorage (and SessionStorage if needed)..........i would.
|
|
|
|
|
It wouldn't do any good to store the password in JavaScript anyway. Assuming you have a login page to authenticate the user, this information would be sent to the server for validation, then sent back to the client for storage, a large security hole. Then once another page is requested the JavaScript is lost, in which case you would need to resend the password to the client for storage once again exposing it.
I know the language. I've read a book. - _Madmatt
|
|
|
|
|
Server is just storage for client's encrypted data, server must not know the password. I don't worry about secrity of client's password in his browser, it is his problem to secure his computer (actually it is designed primarily for smartphones).
|
|
|
|
|
rrrado wrote: server must not know the password
Then how do you indend to authenticate the users?
rrrado wrote: I don't worry about secrity of client's password in his browser
You are a complete FOOL!
rrrado wrote: it is his problem to secure his computer
Wrong answer. You are writing the application, it is up to you to provide the appropriate level of security for your application.
I know the language. I've read a book. - _Madmatt
|
|
|
|
|
Mark Nischalke wrote: Then how do you indend to authenticate the users?
It is not important in my question, it can be done by classic login form (with another pass) + cookies, or HTTP auth, or none. Let's say I've already received encrypted data from server.
Mark Nischalke wrote: You are a complete FOOL!
Thank you, but I really think it is not possible to save password "safely" in javascript when USER decides to save it. Only to save it encrypted with some master password which would user need to type each time which does not give sense to save the first password in this case.
|
|
|
|
|
rrrado wrote: I really think it is not possible to save password "safely" in javascript
EXACTLY!!! It doesn't matter if you use a master password of some sort, it still must be transmitted to the client and decrypted in JavaScript! The only thing you accomplish with transmitting the master password is to give someone access to ALL instances of your application, not just one. At that point you might as well not even use authentication because you have no security.
Please stop posting until you learn more about what you are doing.
I know the language. I've read a book. - _Madmatt
|
|
|
|
|
I'm afraid you don't understand what I need to do. I'll try explain in other words. I'm not solving the problem with authentication. User creates some data at his computer. Then encrypts them LOCALLY with some password and upload to server. Server does not know the password, server is not able to decrypt the data! (When somebody hacks the server, he can get the data but has no password). Then user goes to some URL with web application, downloads the data from server (don't think about authentication it is not important now). It will provide pass to JS which decrypts the data. I need to offer storing the password somewhere so he don't need to type the pass each time he opens the application in browser. If he is paranoid then he won't save the password.
I was hoping somebody will know whether it is possible to force browser (from JS) to save the password into it's auto-form-filler store which fills the forms.
|
|
|
|
|
I'm afraid you have not been listening. So you have a password on the client machine, yes, auto-complete forms do this all the time. Now you are transmitting the encrypted data to the client for decryption by a JavaScript function. Where does the JavaScript come from? It has to be downloaded to the client which leaves it vulnerable to interception. Now your encryption algorithm is exposed along with the data. How long will it take for some script kiddie to hack in with this info? I doubt you are even using a secure protocol or know what it is or how to use it.
Your ignorance is putting the client's data at risk unnecessarily and they should terminate the engagement with you.
Now, once again, stop posting until you learn what you are doing.
I know the language. I've read a book. - _Madmatt
|
|
|
|
|
I know what am I doing. I've asked some question. If you don't know the answer, ok. If you have some ideas in area I haven't asked about, I can discuss about it, maybe we both will learn something. But why are you so offensive and writing me to stop posting? You don't know all the details about used algorithm (because it is not important to get answer to my question) but you know I'm complete fool If you are concerned about details I haven't wrote, just ask. FYI data is transmitted over HTTPS. The AES is used to encrypt the data. I don't know script kiddies which can crack HTTPS, then AES. Whole point is to make server unable to decrypt the data. Yes server could modify the JS to send the password back, but JS is easy to read and paranoid user can see what is it doing, or can save the HTML+JS locally and use always trusted copy. If you can see some way how can script kid steal other user's data, let me know.
|
|
|
|
|
You are missing the fundamental point... The Data WILL ALWAYS come from the server.. It's useless to wrap a completely insecure process with some faux authentication that in reality does nothing.
I wasn't, now I am, then I won't be anymore.
|
|
|
|
|
As I've wrote before, I'm not solving authentication problem.
|
|
|
|
|
[ Vigourosly banging head on wall, then giving up ]
I wasn't, now I am, then I won't be anymore.
|
|
|
|
|
Move over, save some wall for me
I know the language. I've read a book. - _Madmatt
|
|
|
|
|
It is that time of the day. hungry i cant cope anymore
I have a Javascript written like this
function Jump() {
var txtUnitLen1 = document.getElementById("<%= txtUnitLen1.ClientID %>").value;
var txtUnitLen2 = document.getElementById("<%= txtUnitLen2.ClientID %>").value;
var txtUnitLen3 = document.getElementById("<%= txtUnitLen3.ClientID %>").value;
var txtUnitLen4 = document.getElementById("<%= txtUnitLen4.ClientID %>").value;
var txtUnitLen5 = document.getElementById("<%= txtUnitLen5.ClientID %>").value;
var txtUnitLen6 = document.getElementById("<%= txtUnitLen6.ClientID %>").value;
var txtUnitLen7 = document.getElementById("<%= txtUnitLen7.ClientID %>").value;
var txtUnitLen8 = document.getElementById("<%= txtUnitLen8.ClientID %>").value;
var txtUnitLen9 = document.getElementById("<%= txtUnitLen9.ClientID %>").value;
var txtUnitLen10 = document.getElementById("<%= txtUnitLen10.ClientID %>").value;
var txtUnitLen11 = document.getElementById("<%= txtUnitLen11.ClientID %>").value;
var txtUnitLen12 = document.getElementById("<%= txtUnitLen12.ClientID %>").value;
var txtUnitLen13 = document.getElementById("<%= txtUnitLen13.ClientID %>").value;
var txtUnitLen14 = document.getElementById("<%= txtUnitLen14.ClientID %>").value;
var txtUnitLen15 = document.getElementById("<%= txtUnitLen15.ClientID %>").value;
var txtUnitLen16 = document.getElementById("<%= txtUnitLen16.ClientID %>").value;
var txtUnitLen17 = document.getElementById("<%= txtUnitLen17.ClientID %>").value;
var txtUnitLen18 = document.getElementById("<%= txtUnitLen18.ClientID %>").value;
var txtUnitLen19 = document.getElementById("<%= txtUnitLen19.ClientID %>").value;
var txtUnitLen20 = document.getElementById("<%= txtUnitLen20.ClientID %>").value;
var ddlAutoText = document.getElementById("<%= ddlAutoText.ClientID %>").value;
if (ddlAutoText > 0)
{
if (txtUnitLen1.length >= ddlAutoText)
{
document.getElementById("<%= txtUnitLen2.ClientID %>").focus();
}
if (txtUnitLen2.length >= ddlAutoText)
{
document.getElementById("<%= txtUnitLen3.ClientID %>").focus();
}
if (txtUnitLen3.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen4.ClientID %>").focus();
}
if (txtUnitLen4.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen5.ClientID %>").focus();
}
if (txtUnitLen5.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen6.ClientID %>").focus();
}
if (txtUnitLen6.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen7.ClientID %>").focus();
}
if (txtUnitLen7.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen8.ClientID %>").focus();
}
if (txtUnitLen8.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen9.ClientID %>").focus();
}
if (txtUnitLen9.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen10.ClientID %>").focus();
}
if (txtUnitLen10.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen11.ClientID %>").focus();
}
if (txtUnitLen11.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen12.ClientID %>").focus();
}
if (txtUnitLen12.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen13.ClientID %>").focus();
}
if (txtUnitLen13.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen14.ClientID %>").focus();
}
if (txtUnitLen14.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen15.ClientID %>").focus();
}
if (txtUnitLen15.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen16.ClientID %>").focus();
}
if (txtUnitLen16.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen17.ClientID %>").focus();
}
if (txtUnitLen17.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen18.ClientID %>").focus();
}
if (txtUnitLen18.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen19.ClientID %>").focus();
}
if (txtUnitLen19.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen20.ClientID %>").focus();
}
if (txtUnitLen20.length >= ddlAutoText) {
document.getElementById("<%= txtUnitLen1.ClientID %>").focus();
}
}
and i am setting the max length of the text on the server side. Now this is working , the main purpose of this javascript is that when the user types till the "MaxLength" of the textbox. Now this works fine, when the value of the maxlength is 3 , if a user tries to type the 4th text, it will set the focus to the next textbox.
Now my problem is that now , let us say one made a mistake in textbox 3 and want to go and edit, immidiately when you edit the text in the textbox 3 , the focus jumps quickly to textbox1 before the editing is finished. Below is the event that is used
<asp:TextBox ID="txtUnitLen1" onKeyUp="Jump()" runat="server" </asp:TextBox>
I just need to go and eat, i will look at your reply tomorow.
thanks again for your help
Thanks
Vuyiswa Maseko,
Spoted in Daniweb-- Sorry to rant. I hate websites. They are just wierd. They don't behave like normal code.
C#/VB.NET/ASP.NET/SQL7/2000/2005/2008
http://www.vuyiswamaseko.com
vuyiswa@its.co.za
http://www.itsabacus.co.za/itsabacus/
|
|
|
|
|
Try this
Xtended TextBox[^] It contains different types of textboxes like IPAddress, Phone, Social Security Number, Credit Card, etc.,
thatraja |Chennai|India|
Brainbench certifications Down-votes are like kid's kisses don't reject it Do what you want quickly because the Doomsday on 2012
|
|
|
|
|
hello everyone.
Inside my form I have a field like this:
<input type="text" id="UserEmail" name="UserEmail" />
If I set the Id in my Ext source it works fine:
var txt_email = new Ext.form.TextField
({
applyTo: 'UserEmail' ,
allowBlank: false,
x:10,
y:50
});
But if I set one button, it doesn't work.
I don't wanna override the attributes in my widgets.
Where are my mistakes?
the example:
<html><head><title>Hello World</title>
<link rel="stylesheet" type="text/css" href="ext/resources/css/ext-all.css" />
<script type="text/javascript" src="ext/adapter/ext/ext-base.js"></script>
<script type="text/javascript" src="ext/ext-all.js"></script>
<script type="text/javascript">
Ext.onReady(function()
{
Ext.QuickTips.init();
var txt_email = new Ext.form.TextField
({
applyTo: 'UserEmail' ,
allowBlank: false,
x:110,
y:50
});
var btn_submit = new Ext.Button
({
applyTo: 'submit' ,
x:280,
y:50
});
var viewport = new Ext.Viewport
({
renderTo: document.body,
frame:true, layout:'fit',
items:[{
xtype:'panel',
layout:'absolute',
items:[txt_email, btn_submit]
}]
});
viewport.show();
});
</script>
</head>
<body>
<form id="anyname">
<input type="text" id="UserEmail" name="UserEmail" />
<input type="button" id="submit" name="submit" onclick="alert('hello')" />
</form>
</body>
</html>
Thanks!
|
|
|
|
|
Hello!
I found the solution:
http://stackoverflow.com/questions/2944322/extjs-login-with-remember-me-functionality
new Ext.Panel({
el: 'auth-form',
autoShow: true,
layout: 'form',
items: [
{
xtype: 'textfield',
el: 'auth-username',
autoShow: true,
name: 'username',
fieldLabel: 'Username',
anchor: '100%'
},
{
xtype: 'textfield',
el: 'auth-password',
autoShow: true,
name: 'password',
fieldLabel: 'Password',
anchor: '100%'
}
],
buttons: [
{
text: 'Log in',
handler: function() {
Ext.get('auth-submit').dom.click();
}
}
]
});
the problem was in the 'el' and the 'handler'
this is the example html form:
<form id="auth-form" action="/url/of/your/login/action" method="POST">
<input id="auth-username" type="text" name="username" class="x-hidden">
<input id="auth-password" type="password" name="password" class="x-hidden">
<input id="auth-submit" type="submit" class="x-hidden">
</form>
|
|
|
|
|
Okay, I just got a somewhat of a horrifying script. It has about 60 functions in it and the creator decided that for every function he should use another function to call it, function names are none descriptive (func123), I already found 3 functions that call the exact same function and doesn’t do anything else.
I have been asked to document it and tidy it up, but right now I can’t tell right from left.
What I want to ask is:
Does anyone know of an editor for javascript that can tell me where what function is called and where what variable is used?
|
|
|
|
|
Use a decent editor that will allow you to easily find the functions. We use a lot of TCL in house and have found notepad++ invaluable for searching and editing the code.
Panic, Chaos, Destruction.
My work here is done.
or "Drink. Get drunk. Fall over." - P O'H
OK, I will win to day or my name isn't Ethel Crudacre! - DD Ethel Crudacre
|
|
|
|
|
|
+10 for Notepad++. I even use it to browse individual code files (C++, C#, VB, VBS, XML...) when I don't want to load studio and wait for it to initialize.
I wasn't, now I am, then I won't be anymore.
|
|
|
|