In my html document (which is in the xampp/htdocs directory), I'm using an external .js file. The .js file is in the same directory as my html file. I'm simply trying to use document.write() function and it's not printing anything.
I don't understand what I'm doing wrong. Whats the issue?
HTML file
<!DOCTYPE html>
<html>
<head>
<?php include 'include/head_elements.html'?>
<script type="text/javascript" src="register.js"></script>
</head>
<body>
<h1>Company Account creation</h1>
<div id="registration_menu">
<!--Elements are added and removed dynamically using JS-->
</div>
<script>
hello();
load_element_group("email_verification");
</script>
</body>
</html>
JS file
function hello(){
document.write("Hello world")
}
Internet Explorer's security policy may block certain scripts from running on a local machine.
There are ways to avoid this -- such as by adding the XAMPP website as a trusted location -- but often this gets tricky since the default "Intranet Zone" is auto-configured on a PC and modifying that can have other consequences (different zones assume different settings, such as passing NTLM credentials to local websites).
See also https://stackoverflow.com/a/7038775/3196753
A quick fix often is to add the fully qualified domain name (FQDN) to the URL, but depending on the zone settings, this may still cause issues.
A final solution, and one many developers fall back on, is to actually use a registered DNS address, such as http://localtest.me/, which points back to localhost and should use the "Internet Zone".
As Chris G points out in the comments, this isn't typical. Normally localhost can be used without issue so I've provided an example Local Intranet setting which can cause this:
Related
When I load My website from Oman there is extra script being loaded that does not exist in my source code. This script dose not appear when I load from any other country. This script makes my website take more time to timeout using chrome, while it is loaded successfully from edge.
I am hosting my website on IIS, it is a php, html and js website only.
I using IIS10, PHP5 and MySQL 5.7
I am hosting my website in Oman, and this IP is owned by one of the ISP in Oman
Here is the script which appears exactly before the end of the body tag
<script type = 'text/javascript' id ='1qa2ws' charset='utf-8' src='http://212.72.31.34:8080/www/default/base.js'{$MarketingParam$}></script></body>
1- Is that really injected script?
2- If I can not remove it, How to block it from being called?
Yes, it's an ISP injecting the script. You can stop it by moving your website from insecure HTTP to HTTPS.
I found one small solution,
you can either delete the tag where ISP is looking for it to inject.
as they mentioned in other questions, browsers are closing the tags by itself.
or adding the following script instead of the tag
<script type="text/javascript">
$(document).ready(function(){
$('body').append("</bo"+"dy>");
});
</script>
adding the scripts worked for me.
I am having two JSP files in my main application whereas one is MAIN.jsp and another one is CSS & JS import.jsp file.
MAIN.jsp is the main page of main application.The import.jsp file will import the CSS and JS of partner application in MAIN.jsp file which is used for support the few functionality with main application as partner.
But all the application (Main and Partner) are deployed in same server. So basically the host name of both the application will not change but context root alone will get change.
i have used jsp import tag to import the import.jsp in MAIN.jsp like mentioned below code.
MAIN.jsp
<html>
<head>
<c:import url="resourceImport/import.jsp">
</head>
<body>
</body>
</html>
import.jsp
<html>
<head>
<link url="http://hostName/DifferentContext/example.css" rel="stylesheet" type="test/css">
<script type="text/javascript" src="http://hostName/DifferentContext/sample.js" > </script>
</head>
<body>
</body>
</html>
Currently i have hard coded the partner HTTP URL in import.jsp for load all the resource in MAIN.jsp file. But moving forward we are planing to run the application in HTTP and HTTPS environment.
So how can i make it dynamic way of getting protocol in import.jsp file. I have tried following methods to get the protocol dynamically but its not working.
Method 1:
Removing Protocol and make it relative URL
<head>
<link url="//hostName/DifferentContext/example.css" rel="stylesheet" type="test/css">
<script type="text/javascript" src="//hostName/DifferentContext/sample.js" > </script>
</head>
Method 2
Removing Protocol and Host name and make it relative URL
<head>
<link url="//DifferentContext/example.css" rel="stylesheet" type="test/css">
<script type="text/javascript" src="//DifferentContext/sample.js" > </script>
</head>
So could you please anyone help me to get resolve this issue.
If there is anything that makes it worth to use https (and these days there is), I'd opt for less hassle and just go https everywhere.
No more worries, no accidental information leak and protocol change. Easier maintenance and no later update will inadvertently bring back a wrong protocol link.
Check HSTS as an option to force compliant browsers to not bother with any http connection attempt in the future.
That being said, relative links are another way to stay in the same protocol and probably beneficial: You rarely want to hard code domain names into your applications - Depending on the programming style that you're using in your app, you might want to use page-relative links (../DifferentContext/example.css) or server-relative (/DifferentContext/example.css). Protocol relative is fine as well, but hardcodes the domain name.
Yet another option is to make that location completely configurable. This way you can decide later (provided that you've changed all occurrences to the configured value): ${config.theOtherAppBaseUrl}/example.css. With this, you can try out all the different options yourself and within 10 minutes. And change your mind later, when you come to the conclusion that it's worth to go https everywhere.
(Note: You have an issue in your question's code: The last link refers to //DifferentContext...., which would assume that DifferentContext is a hostname - this is a protocol relative URL)
It is a rather wierd problem. Consider the following small perl code:
#!/usr/bin/perl
use strict;
use warnings;
use CGI qw{ :standard };
use CGI::Carp qw{ fatalsToBrowser };
my $q = CGI->new;
print "Content-type: text/html\n\n";
print "<head>\n";
print "<script src='/home/bloodcount/Desktop/pm.js' type='text/javascript'></script>\n";
print "</head>\n";
print "<body>\n";
print "<h1>Click any number to see its factors</h1>\n";
print "</body></html>";
It prints a very small html page and includes a jasvascript file. The problem is that the javascript file isn't included. The "physical" copy is in the correct place. I thought that something may be wrong with the code I am generating so I copied the raw html which comes out if you run this file in the console which is:
Content-type: text/html
<head>
<script src='/home/bloodcount/Desktop/pm.js' type='text/javascript'></script>
</head>
<body>
<h1>Click any number to see its factors</h1>
</body></html>
I ran it in chrome and it worked perfectly. The javascript file has exactly one line if code which is:
console.log("It works!");
Any ideas what may be causing this?
Note: I know that the second code listing doesn't have !DOCTYPE.
Since you are able to execute the CGI within your browser you must have a local web server running. Your <script src='...'> path is likely unreachable from the browser due to a lack of access rights or the proper alias configured within your web server.
It works from the static file because the browser is then going though filesystem directly, so the JS file path name resolves.
You have to put the .js file somewhere that the web server knows about, and then formulate your src path correctly.
Check your web server logs and documentation to see how to set up the proper access rights and/or aliases. Note you probably do not want to expose ~/Desktop to the internet.
As an example, if you are using Apache, see USERDIR, ACCESS CONTROL, ALIAS.
After some tinkering I found the solution:
Apache searches for scripts and files only in the folder for this website meaning that each website has one specific folder where you must put the scripts. The base folder path is: /var/www/ and from there on you must find your website.
This means that when before the set path was: /home/bloodcount/Desktop/pm.js
it actually searched for the path /var/www/home/bloodcount/Desktop/pm.js which didn't exist. It wasn't searching in the real desktop, nor was there a permission problem.
I run a sub-site at my work, and while my live site is on the same "main server" as the company's main site, my dev environment is hosted on a separate server.
For some reason my dev site is unable to access a specific JavaScript file that is hosted on the "main server". All of the other JavaScript files, like jQuery, and jQueryTools can be accessed, but main.js cannot. My only guess would be because it is a custom JavaScript file created by our head web developer, but I don't know why that would make a difference. (Cross-site scripting limitations?)
I link to it just like I do with all the other JavaScript files, right after our main wrapper (it's the 3rd from the bottom):
<script type="text/javascript" src="ui/2009/js/jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="ui/2009/js/jquerytools/1.2.2/jquery.tools.min.js"></script>
<script type="text/javascript" src="ui/2009/js/jquery.cycle.all.min.js"></script>
<script type="text/javascript" src="ui/2009/js/main.js"></script>
<script type="text/javascript" src="ui/2009/js/jquery.jgfeed-min.js"></script>
<script type="text/javascript" src="ui/2009/js/hr.js"></script>
To troubleshoot follow these steps:
Check whether the file ui/2009/js/main.js is actually in that
location, if so be sure it doesn't have uppercase characters (the
server OS may be case sensitive)
Check whether the file main.js has the same permissions (i.e. chmod) as the other .js files (e.g. 755)
Check whether the file main.js is actually accessed (how do you know the file is
not accessed from your page in the dev server? It may be accessed but not working because of variable
conflicts with the .js you previously load, for instance). To do so,
you can a) check the server logs and see if you have a "not found"
error referred to the main.js file b) in main.js delete temporarily all
the content and print some simple output (either to screen with
document.write or to the javascript console with console.log)
In the VS2010 IDE when a breakpoint (or an error) is hit, it opens a read-only [dynamic] version of the external JavaScript file I referenced. My workflow would be vastly improved if I could immediately edit this file, and refresh the browser. That is as opposed to digging up the original JS file opening it, finding the correct line and editing there.
I only know that this is possible because I was able to do this on my old work computer configuration, but for the life of me I can't duplicate it at home.
Has anyone made this work? Perhaps an extension? or maybe it has to with the way the files are referenced, or my basehref tag, or url rewriting.
This happens when the base href specifies a domain other than localhost. My issue was that to enable a local environment for Facebook JS, I need my domain in the url. So I set up my host file to remap localhost.mydomain.com to localhost.
When the Visual Studio IDE encounters a file reference which is something other than localhost, it does not attempt to grab the local file since it assumes (correctly in most cases) that it is being served from another site. In these cases it loads a file as [dynamic] and readonly.
Here is the test case:
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<base href="http://localhost.mydomain.com/virtual-directory/" />
<script type="text/javascript" src="test.js"></script>
</head>
<body>
</html>
Any breakpoint within test.js will result in opening a readonly dynamic file.
how are you referencing your files? whenever a script block is written inside the html or is dynamically inserted the debugger will open the instance of the page where the code stops. If you reference the script using tags vs should open the original script file (at least that's what it does on my machine). could you upload an example of your current structure?