I know this question have already been asked. BUT NONE of this,this, this,this,this or this solutions worked for me. I'm only using HTML / CSS / JS for the moment on my website. Later this should run on an apache or IIS server.
Situation :
On my website I wish user to access different servers. I got a html select with a lot of choice. Once they made their choice and click on connection button I check the choice they made and open it (it's a web interface like 127.0.0.1) in a new tab the link.
Problem : Some of the servers should not being accesssed if one is already used.
Example : If 127.0.0.1 is used by someone, no one should access 128.0.0.1 or 129.0.0.1
The solution I found was creating a file when someone access 127.0.0.1. So when someone want to access 128.0.0.1 or 129.0.0.1, I check if the file exists.
If it does exists I don't open the link and show an alert, if it does not exist I create it and open the link in new tab.
Another problem : How can I know when the tab will be closed in order to delete the file ?
Have you got another solution to this problem ?
Thx in advance for helping me, I'm just a beginner in web. No solutions worked for me so far ...
This code help you to detect when user close a tab.
<script>
window.onbeforeunload = function () {
//write your code here
return false;
};
<script>
Related
So I have a website on Google Sites, and I want to add a 'random post/page' button. I found this code on GitHub and edited it by putting my own URL's. Everything works according to plan except the code uses cookies, basically you go to the link once, it redirects you to a random URL that you have chosen, and it saves that URL. I want to make it so that it's always random, no cookies. I've tried altering the code but nothing seems to work since I don't know much about code, except for the basics. Could anyone help remove the use of cookies of this code? You can view the code below. Thank you.
This is the GitHub code
I tried deleting any code that I thought could be related to the cookies, basically the bottom of the code. The code still worked, but the cookies we're still saving. Like I said, I only know the basics so I was just deleting and praying it would fix it.
Can be massively simplified if you don't need the cookie functionality:
const redirectUrls = [
"http://www.aftonbladet.se/",
"http://www.dn.se/",
"http://www.svd.se/",
]
document.location = redirectUrls[Math.floor(Math.random() * redirectUrls.length)]
so i know this may sound stupid, but I want to know if there is any way that i could redirect someone to a website, and then display an alert box on the web page, using either javascript or any other interface that can be weaved into HTML5. I asked some of my classmates, and they didn't know, so I just need a confirmation that this isn't possible.
I have ran a few trials i found, but on further review, they wouldn't work.
edit I have control over the site, but I wish for the box to only pop up if i redirect it.
I can give the code if it would help, but I'm doubtful it will help
sorry for wasting your time if i did. thanks.
Similar to Gerard's answer, but using query strings. A possibly more standard solution.
On the first page:
<script>
window.location = 'https://{your website here}/?showAlert=true';
</script>
Then on the 2nd page.
const urlParams = new URLSearchParams(window.location.search);
const showAlert = urlParams.get('showAlert');
if(showAlert === "true") {
alert("Hello");
}
Note this will not work in internet explorer
You could communicate to the new site that it's a redirect by appending the route:
On the site you want to redirect from:
<script>
// if you can't use a normal link, change the url with JS
window.location = 'https://{your website here}/#redirect';
</script>
On the site you want to show the alert:
<script>
if (window.location.pathname.includes('#redirect') alert('What you want to say');
</script>
If you only have control over the first site, you could alert before redirecting, there wouldn't be much difference to the user since the alert blocks execution of other code.
You can call an alert box in a HTML document with JavaScript like this:
window.onload = function () {
alert("Hello World!");
}
-> https://jsfiddle.net/u8x6s31v/
You can also redirect somebody, if the page he's visiting is yours. Is that what you mean?
Update:
I think you can't see the URL where someone comes from with JavaScript. The only way to trigger scripts for some people is to add a hash.
window.onload = function () {
hashUrl = window.location.hash;
if (hashUrl == "#alert") {
alert("Hello World!");
}
}
Then call for example: domain.tld/path/index.html#alert
-> https://jsfiddle.net/u8x6s31v/1/
This is a vague questions with a lot of possible answers but seeing as how you're new, I'm going to speculate on what you might be asking and try to answer it.
It's not clear what you mean by "redirect".
Is this a server-side redirect like when you move/change a URL and you redirect the old URL to a new URL? Is this a Javascript meta refresh that you put in a 404 template? Is this a redirect that occurs after a user takes an action?
Regardless, you're going to have to "annotate" that user and then take action upon that annotation. The most obvious method would be based on the "referrer" HTTP header but it is also possible to do it based on the presence of a cookie.
Additionally, adding URL parameters to a redirect is trivially easy and often used for stuff like this.
The immediate things that come to my mind would be via Google Analytics (preferably implemented via Google Tag Manager because it'll make it easier).
Look into "outbound link tracking", "cross-domain tracking" and "UTM campaign tracking" (all related to Google Analytics and/or Google Tag Manager) and you'll probably find something that suits your needs.
URL shorteners are commonly used to mask parameters in links and there are open source libraries that allow you to host your own URL shortener (which you could integrate into your redirects) or do some other type of link tracking like is often used for affiliates.
This question already has answers here:
How to disable (View Source) and (Ctrl + C ) from my site
(10 answers)
Closed 9 years ago.
I'm looking for disable keyboard script to protect hidden content.
It is not possible. A user will always be able to view your source since he needs to download it in order to render the page.
There are more ways to view source than what you are trying to prevent:
Using firebug
Using wget
Right clicking on content choosing 'view source'
Using the menu option
Via man in the middle
probably more...
This is not very complicated but totally unreliable. Its same with all other Javascript protections.
First the trick (IE incompatible):
function denyKey(event) {
var code = event.keyCode;
if(event.ctrlKey) {
if(code==85)
return false;
}
}
window.addEventListener("keydown", denyKey);
My code is just scratch, it is not cross-browser. This is where to get keyCodes. I did not put much effort in the code since I want to discourage you from using it.
Once you send data to user, he can read the data unless you encrypt them without giving him the key. This means any:
Javascript authentication
Secret loading pages
Javascript "Wait before download..."
Blocked mouse buttons
..can and will be bypassed by the user.
I have a bookmarklet to unblock mouse buttons for example.
That is not possible, even if it was, it would have been a horrible protection. Even I could write a simple script that fetches the source of an arbitrary page. Everything that the client sees, is 'view source'-able (somebody edit that). Only server-side code is safe. Even if it was only possible to view your page through a real browser (but you can't make it so) you'll probably overlook a accelerator key, or other shortcut. If you don't want the client to see some code, don't give it to him! Keep it server-side (and not in a .txt file, that's accessible too) or don't keep it.
Using Drupal 7 I am adding js using drupal_add_js from within hook_user_login.
After adding the js I can call drupal_get_js() and I can see that my js has been added, but when the page is loading the js has gone.
My code is:
function popups_user_login(&$edit, $account) {
$js = 'some inline js here';
drupal_add_js($js, array('type'=>'inline', 'weight'=>1));
drupal_add_js(drupal_get_path('module', 'popups').'/popups.js', array('weight'=>2));
}
The aim of the module is to create a popup once the user has logged in if certain criteria are met.
There is a similar question on drupal.org just here.
Can anyone tell me what is going on here?
(I've tried this on 2 separate Drupal 7 installs and have experienced the same problem on both sites)
Like Clive said this was due to a redirect happening directly after login.
This can be checked by installing Devel and turning on "Display redirection page" on the Devel settings page.
The solution is to set a session variable in hook_user_login (which in my case contained the nids of the popups I want to display), which can then be read in hook_page_alter and add the necessary JS added at this point.
For support reasons I want to be able for a user to take a screenshot of the current browser window as easy as possible and send it over to the server.
Any (crazy) ideas?
That would appear to be a pretty big security hole in JavaScript if you could do this. Imagine a malicious user installing that code on your site with a XSS attack and then screenshotting all of your daily work. Imagine that happening with your online banking...
However, it is possible to do this sort of thing outside of JavaScript. I developed a Swing application that used screen capture code like this which did a great job of sending an email to the helpdesk with an attached screenshot whenever the user encountered a RuntimeException.
I suppose you could experiment with a signed Java applet (shock! horror! noooooo!) that hung around in the corner. If executed with the appropriate security privileges given at installation it might be coerced into executing that kind of screenshot code.
For convenience, here is the code from the site I linked to:
import java.awt.Dimension;
import java.awt.Rectangle;
import java.awt.Robot;
import java.awt.Toolkit;
import java.awt.image.BufferedImage;
import javax.imageio.ImageIO;
import java.io.File;
...
public void captureScreen(String fileName) throws Exception {
Dimension screenSize = Toolkit.getDefaultToolkit().getScreenSize();
Rectangle screenRectangle = new Rectangle(screenSize);
Robot robot = new Robot();
BufferedImage image = robot.createScreenCapture(screenRectangle);
ImageIO.write(image, "png", new File(fileName));
}
...
Please see the answer shared here for a relatively successful implementation of this:
https://stackoverflow.com/a/6678156/291640
Utilizing:
https://github.com/niklasvh/html2canvas
You could try to render the whole page in canvas and save this image back to server. have fun :)
A webpage can't do this (or at least, I would be very surprised if it could, in any browser) but a Firefox extension can. See https://developer.mozilla.org/en/Drawing_Graphics_with_Canvas#Rendering_Web_Content_Into_A_Canvas -- when that page says "Chrome privileges" that means an extension can do it, but a web page can't.
Seems to me that support needs (at least) the answers for two questions:
What does the screen look like? and
Why does it look that way?
A screenshot -- a visual -- is very necessary and answers the first question, but it can't answer the second.
As a first attempt, I'd try to send the entire page up to support. The support tech could display that page in his browser (answers the first question); and could also see the current state of the customer's html (helps to answer the second question).
I'd try to send as much of the page as is available to the client JS by way of AJAX or as the payload of a form. I'd also send info not on the page: anything that affects the state of the page, like cookies or session IDs or whatever.
The cust might have a submit-like button to start the process.
I think that would work. Let's see: it needs some CGI somewhere on the server that catches the incoming user page and makes it available to support, maybe by writing a disk file. Then the support person can load (or have loaded automatically) that same page. All the other info (cookies and so on) can be put into the page that support sees.
PLUS: the client JS that handles the submit-button onclick( ) could also include any useful JS variable values!
Hey, this can work! I'm getting psyched :-)
HTH
-- pete
I've seen people either do this with two approaches:
setup a separate server for screenshotting and run a bunch of firefox instances on there, check out these two gem if you're doing it in ruby: selenium-webdriver and headless
use a hosted solution like http://url2png.com (way easier)
You can also do this with the Fireshot plugin. I use the following code (that I extracted from the API code so I don't need to include the API JS) to make a direct call to the Fireshot object:
var element = document.createElement("FireShotDataElement");
element.setAttribute("Entire", true);
element.setAttribute("Action", 1);
element.setAttribute("Key", "");
element.setAttribute("BASE64Content", "");
element.setAttribute("Data", "C:/Users/jagilber/Downloads/whatev.jpg");
if (typeof(CapturedFrameId) != "undefined")
element.setAttribute("CapturedFrameId", CapturedFrameId);
document.documentElement.appendChild(element);
var evt = document.createEvent("Events");
evt.initEvent("capturePageEvt", true, false);
element.dispatchEvent(evt);
Note: I don't know if this functionality is only available for the paid version or not.
Perhaps http://html2canvas.hertzen.com/ could be used. Then you can capture the display and then process it.
You might try PhantomJs, a headlesss browsing toolkit.
http://phantomjs.org/
The following Javascript example demonstrates basic screenshot functionality:
var page = require('webpage').create();
page.settings.userAgent = 'UltimateBrowser/100';
page.viewportSize = { width: 1200, height: 1200 };
page.clipRect = { top: 0, left: 0, width: 1200, height: 1200 };
page.open('https://google.com/', function () {
page.render('output.png');
phantom.exit();
});
I understand this post is 5 years old, but for the sake of future visits I'll add my own solution here which I think solves the original post's question without any third-party libraries apart from jQuery.
pageClone = $('html').clone();
// Make sure that CSS and images load correctly when opening this clone
pageClone.find('head').append("<base href='" + location.href + "' />");
// OPTIONAL: Remove potentially interfering scripts so the page is totally static
pageClone.find('script').remove();
htmlString = pageClone.html();
You could remove other parts of the DOM you think are unnecessary, such as the support form if it is in a modal window. Or you could choose not to remove scripts if you prefer to maintain some interaction with dynamic controls.
Send that string to the server, either in a hidden field or by AJAX, and then on the server side just attach the whole lot as an HTML file to the support email.
The benefits of this are that you'll get not just a screenshot but the entire scrollable page in its current form, plus you can even inspect and debug the DOM.
Print Screen? Old school and a couple of keypresses, but it works!
This may not work for you, but on IE you can use the snapsie plugin. It doesn't seem to be in development anymore, but the last release is available from the linked site.
i thing you need a activeX controls. without it i can't imagine. you can force user to install them first after the installation on client side activex controls should work and you can capture.
We are temporarily collecting Ajax states, data in form fields and session information. Then we re-render it at the support desk. Since we test and integrate for all browsers, there are hardly any support cases for display reasons.
Have a look at the red button at the bottom on holidaycheck
Alternatively there is html2canvas of Google. But it is only applicable for never browsers and I've never tried it.
In JavaScript? No. I do work for a security company (sort of NetNanny type stuff) and the only effective way we've found to do screen captures of the user is with a hidden application.