Determining saftey of Javascript from other authors, with example - javascript

I would like to know what kind of safety measurements do you take into consideration when importing javascript code from another author (stated free to use) into your project.
So if you came across a super simple navigation template from codepen, after I d/l it I found out it didn't work unless it uses a js file that contained an XMLHttpRequest (why would you need an http request for this template, I don't know) here's another example with a lot of var declarations and replaces.
So to reiterate my question, other than seeing if this following code is dodgy, I would also like to know why would you need an http request for a simple website like this and what measurement would you take when you use other people's code, or maybe you never use other people code?
!function () {
function e(e, r) {
return [].slice.call((r || document).querySelectorAll(e))
}
if (window.addEventListener) {
var r = window.StyleFix = {
link: function (e) {
try {
if ("stylesheet" !== e.rel || e.hasAttribute("data-noprefix"))return
} catch (t) {
return
}
var n, i = e.href || e.getAttribute("data-href"),
a = i.replace(/[^\/]+$/, ""), o = (/^[a-z]{3,10}:/.exec(a) || [""])[0],
s = (/^[a-z]{3,10}:\/\/[^\/]+/.exec(a) || [""])[0], l = /^([^?]*)\??/.exec(i)[1], u = e.parentNode, p = new XMLHttpRequest;
p.onreadystatechange = function () {
4 === p.readyState && n()
}, n = function () {
var t = p.responseText;
if (t && e.parentNode && (!p.status || p.status < 400 || p.status > 600)) {
if (t = r.fix(t, !0, e), a) {
t = t.replace(/url\(\s*?((?:"|')?)(.+?)\1\s*?\)/gi, function (e, r, t) {
return /^([a-z]{3,10}:|#)/i.test(t) ? e : /^\/\//.test(t) ? 'url("' + o + t + '")' : /^\//.test(t) ? 'url("' + s + t + '")' : /^\?/.test(t) ? 'url("' + l + t + '")' : 'url("' + a + t + '")'
});
var n = a.replace(/([\\\^\$*+[\]?{}.=!:(|)])/g, "\\$1");
t = t.replace(RegExp("\\b(behavior:\\s*?url\\('?\"?)" + n, "gi"), "$1")
}
var i = document.createElement("style");
i.textContent = t, i.media = e.media, i.disabled = e.disabled, i.setAttribute("data-href", e.getAttribute("href")), u.insertBefore(i, e), u.removeChild(e), i.media = e.media
}
};
try {
p.open("GET", i), p.send(null)
} catch (t) {
"undefined" != typeof XDomainRequest && (p = new XDomainRequest, p.onerror = p.onprogress = function () {
}, p.onload = n, p.open("GET", i), p.send(null))
}
e.setAttribute("data-inprogress", "")
}, styleElement: function (e) {
if (!e.hasAttribute("data-noprefix")) {
var t = e.disabled;
e.textContent = r.fix(e.textContent, !0, e), e.disabled = t
}
}, styleAttribute: function (e) {
var t = e.getAttribute("style");
t = r.fix(t, !1, e), e.setAttribute("style", t)
}, process: function () {
e("style").forEach(StyleFix.styleElement), e("[style]").forEach(StyleFix.styleAttribute)
}, register: function (e, t) {
(r.fixers = r.fixers || []).splice(void 0 === t ? r.fixers.length : t, 0, e)
}, fix: function (e, t, n) {
for (var i = 0; i < r.fixers.length; i++)e = r.fixers[i](e, t, n) || e;
return e
}, camelCase: function (e) {
return e.replace(/-([a-z])/g, function (e, r) {
return r.toUpperCase()
}).replace("-", "")
}, deCamelCase: function (e) {
return e.replace(/[A-Z]/g, function (e) {
return "-" + e.toLowerCase()
})
}
};
!function () {
setTimeout(function () {
}, 10), document.addEventListener("DOMContentLoaded", StyleFix.process, !1)
}()
}
}(), function (e) {
function r(e, r, n, i, a) {
if (e = t[e], e.length) {
var o = RegExp(r + "(" + e.join("|") + ")" + n, "gi");
a = a.replace(o, i)
}
return a
}
if (window.StyleFix && window.getComputedStyle) {
var t = window.PrefixFree = {
prefixCSS: function (e, n) {
var i = t.prefix;
if (t.functions.indexOf("linear-gradient") > -1 && (e = e.replace(/(\s|:|,)(repeating-)?linear-gradient\(\s*(-?\d*\.?\d*)deg/gi, function (e, r, t, n) {
return r + (t || "") + "linear-gradient(" + (90 - n) + "deg"
})), e = r("functions", "(\\s|:|,)", "\\s*\\(", "$1" + i + "$2(", e), e = r("keywords", "(\\s|:)", "(\\s|;|\\}|$)", "$1" + i + "$2$3", e), e = r("properties", "(^|\\{|\\s|;)", "\\s*:", "$1" + i + "$2:", e), t.properties.length) {
var a = RegExp("\\b(" + t.properties.join("|") + ")(?!:)", "gi");
e = r("valueProperties", "\\b", ":(.+?);", function (e) {
return e.replace(a, i + "$1")
}, e)
}
return n && (e = r("selectors", "", "\\b", t.prefixSelector, e), e = r("atrules", "#", "\\b", "#" + i + "$1", e)), e = e.replace(RegExp("-" + i, "g"), "-"), e = e.replace(/-\*-(?=[a-z]+)/gi, t.prefix)
}, property: function (e) {
return (t.properties.indexOf(e) ? t.prefix : "") + e
}, value: function (e) {
return e = r("functions", "(^|\\s|,)", "\\s*\\(", "$1" + t.prefix + "$2(", e), e = r("keywords", "(^|\\s)", "(\\s|$)", "$1" + t.prefix + "$2$3", e)
}, prefixSelector: function (e) {
return e.replace(/^:{1,2}/, function (e) {
return e + t.prefix
})
}, prefixProperty: function (e, r) {
var n = t.prefix + e;
return r ? StyleFix.camelCase(n) : n
}
};
!function () {
var e = {}, r = [], n = getComputedStyle(document.documentElement, null), i = document.createElement("div").style, a = function (t) {
if ("-" === t.charAt(0)) {
r.push(t);
var n = t.split("-"), i = n[1];
for (e[i] = ++e[i] || 1; n.length > 3;) {
n.pop();
var a = n.join("-");
o(a) && -1 === r.indexOf(a) && r.push(a)
}
}
}, o = function (e) {
return StyleFix.camelCase(e) in i
};
if (n.length > 0)for (var s = 0; s < n.length; s++)a(n[s]); else for (var l in n)a(StyleFix.deCamelCase(l));
var u = {uses: 0};
for (var p in e) {
var f = e[p];
u.uses < f && (u = {prefix: p, uses: f})
}
t.prefix = "-" + u.prefix + "-", t.Prefix = StyleFix.camelCase(t.prefix), t.properties = [];
for (var s = 0; s < r.length; s++) {
var l = r[s];
if (0 === l.indexOf(t.prefix)) {
var c = l.slice(t.prefix.length);
o(c) || t.properties.push(c)
}
}
"Ms" != t.Prefix || "transform" in i || "MsTransform" in i || !("msTransform" in i) || t.properties.push("transform", "transform-origin"), t.properties.sort()
}(), function () {
function e(e, r) {
return i[r] = "", i[r] = e, !!i[r]
}
var r = {
"linear-gradient": {property: "backgroundImage", params: "red, teal"},
calc: {property: "width", params: "1px + 5%"},
element: {property: "backgroundImage", params: "#foo"},
"cross-fade": {property: "backgroundImage", params: "url(a.png), url(b.png), 50%"}
};
r["repeating-linear-gradient"] = r["repeating-radial-gradient"] = r["radial-gradient"] = r["linear-gradient"];
var n = {
initial: "color",
"zoom-in": "cursor",
"zoom-out": "cursor",
box: "display",
flexbox: "display",
"inline-flexbox": "display",
flex: "display",
"inline-flex": "display",
grid: "display",
"inline-grid": "display",
"min-content": "width"
};
t.functions = [], t.keywords = [];
var i = document.createElement("div").style;
for (var a in r) {
var o = r[a], s = o.property, l = a + "(" + o.params + ")";
!e(l, s) && e(t.prefix + l, s) && t.functions.push(a)
}
for (var u in n) {
var s = n[u];
!e(u, s) && e(t.prefix + u, s) && t.keywords.push(u)
}
}(), function () {
function r(e) {
return a.textContent = e + "{}", !!a.sheet.cssRules.length
}
var n = {
":read-only": null,
":read-write": null,
":any-link": null,
"::selection": null
}, i = {keyframes: "name", viewport: null, document: 'regexp(".")'};
t.selectors = [], t.atrules = [];
var a = e.appendChild(document.createElement("style"));
for (var o in n) {
var s = o + (n[o] ? "(" + n[o] + ")" : "");
!r(s) && r(t.prefixSelector(s)) && t.selectors.push(o)
}
for (var l in i) {
var s = l + " " + (i[l] || "");
!r("#" + s) && r("#" + t.prefix + s) && t.atrules.push(l)
}
e.removeChild(a)
}(), t.valueProperties = ["transition", "transition-property"], e.className += " " + t.prefix, StyleFix.register(t.prefixCSS)
}
}(document.documentElement);
Here is the code.

why would you need an http request for a simple website like this
You don't. The effect on the page is done entirely with CSS. You can delete all the JS and it still works.
The JavaScript is a minified (which is why it's so hard to read) version of this library, which is a complicated and brittle attempt to adapt CSS styles for older browsers that require browser-specific property prefixes for some of the newer CSS features. It has to do XMLHttpRequests in order to fetch the stylesheet files and fiddle with them.
It's unclear why the example code has bothered use that library, since the CSS already contains the prefixed versions of the properties. But that's the joy and curse of grabbing random code off the internet, you have no idea if it's at all sensible...
I would like to know what kind of safety measurements do you take into consideration when importing javascript code from another author (stated free to use) into your project.
There's no magic bullet. You have to read and understand what all the code is doing, or you have to completely trust the author of the code (and the operators of the service hosting it, if you're linking it directly from a third-party server like a CDN).

Related

Azure Application Insights not logging unhandled browser events or exceptions

I'm attempting to log unhandled browser exceptions in an ASP.NET Core web application. I'm following the setup documentation noted here on learn.microsoft.com. I'm not currently seeing anything being logged, even if I manually call appInsights.trackException(ex). It should be noted that I am able to see logs that are coming from the backend code, just not anything from the client's browser.
While I can't post the code directly related to the project I'm working on, I've created a small web page that I can run locally just to recreate the issue.
<!DOCTYPE html>
<html lang="en">
<head>
<script type="text/javascript">
!function (T, l, y) { var S = T.location, k = "script", D = "instrumentationKey", C = "ingestionendpoint", I = "disableExceptionTracking", E = "ai.device.", b = "toLowerCase", w = "crossOrigin", N = "POST", e = "appInsightsSDK", t = y.name || "appInsights"; (y.name || T[e]) && (T[e] = t); var n = T[t] || function (d) { var g = !1, f = !1, m = { initialize: !0, queue: [], sv: "5", version: 2, config: d }; function v(e, t) { var n = {}, a = "Browser"; return n[E + "id"] = a[b](), n[E + "type"] = a, n["ai.operation.name"] = S && S.pathname || "_unknown_", n["ai.internal.sdkVersion"] = "javascript:snippet_" + (m.sv || m.version), { time: function () { var e = new Date; function t(e) { var t = "" + e; return 1 === t.length && (t = "0" + t), t } return e.getUTCFullYear() + "-" + t(1 + e.getUTCMonth()) + "-" + t(e.getUTCDate()) + "T" + t(e.getUTCHours()) + ":" + t(e.getUTCMinutes()) + ":" + t(e.getUTCSeconds()) + "." + ((e.getUTCMilliseconds() / 1e3).toFixed(3) + "").slice(2, 5) + "Z" }(), iKey: e, name: "Microsoft.ApplicationInsights." + e.replace(/-/g, "") + "." + t, sampleRate: 100, tags: n, data: { baseData: { ver: 2 } } } } var h = d.url || y.src; if (h) { function a(e) { var t, n, a, i, r, o, s, c, u, p, l; g = !0, m.queue = [], f || (f = !0, t = h, s = function () { var e = {}, t = d.connectionString; if (t) for (var n = t.split(";"), a = 0; a < n.length; a++) { var i = n[a].split("="); 2 === i.length && (e[i[0][b]()] = i[1]) } if (!e[C]) { var r = e.endpointsuffix, o = r ? e.location : null; e[C] = "https://" + (o ? o + "." : "") + "dc." + (r || "services.visualstudio.com") } return e }(), c = s[D] || d[D] || "", u = s[C], p = u ? u + "/v2/track" : d.endpointUrl, (l = []).push((n = "SDK LOAD Failure: Failed to load Application Insights SDK script (See stack for details)", a = t, i = p, (o = (r = v(c, "Exception")).data).baseType = "ExceptionData", o.baseData.exceptions = [{ typeName: "SDKLoadFailed", message: n.replace(/\./g, "-"), hasFullStack: !1, stack: n + "\nSnippet failed to load [" + a + "] -- Telemetry is disabled\nHelp Link: https://go.microsoft.com/fwlink/?linkid=2128109\nHost: " + (S && S.pathname || "_unknown_") + "\nEndpoint: " + i, parsedStack: [] }], r)), l.push(function (e, t, n, a) { var i = v(c, "Message"), r = i.data; r.baseType = "MessageData"; var o = r.baseData; return o.message = 'AI (Internal): 99 message:"' + ("SDK LOAD Failure: Failed to load Application Insights SDK script (See stack for details) (" + n + ")").replace(/\"/g, "") + '"', o.properties = { endpoint: a }, i }(0, 0, t, p)), function (e, t) { if (JSON) { var n = T.fetch; if (n && !y.useXhr) n(t, { method: N, body: JSON.stringify(e), mode: "cors" }); else if (XMLHttpRequest) { var a = new XMLHttpRequest; a.open(N, t), a.setRequestHeader("Content-type", "application/json"), a.send(JSON.stringify(e)) } } }(l, p)) } function i(e, t) { f || setTimeout(function () { !t && m.core || a() }, 500) } var e = function () { var n = l.createElement(k); n.src = h; var e = y[w]; return !e && "" !== e || "undefined" == n[w] || (n[w] = e), n.onload = i, n.onerror = a, n.onreadystatechange = function (e, t) { "loaded" !== n.readyState && "complete" !== n.readyState || i(0, t) }, n }(); y.ld < 0 ? l.getElementsByTagName("head")[0].appendChild(e) : setTimeout(function () { l.getElementsByTagName(k)[0].parentNode.appendChild(e) }, y.ld || 0) } try { m.cookie = l.cookie } catch (p) { } function t(e) { for (; e.length;)!function (t) { m[t] = function () { var e = arguments; g || m.queue.push(function () { m[t].apply(m, e) }) } }(e.pop()) } var n = "track", r = "TrackPage", o = "TrackEvent"; t([n + "Event", n + "PageView", n + "Exception", n + "Trace", n + "DependencyData", n + "Metric", n + "PageViewPerformance", "start" + r, "stop" + r, "start" + o, "stop" + o, "addTelemetryInitializer", "setAuthenticatedUserContext", "clearAuthenticatedUserContext", "flush"]), m.SeverityLevel = { Verbose: 0, Information: 1, Warning: 2, Error: 3, Critical: 4 }; var s = (d.extensionConfig || {}).ApplicationInsightsAnalytics || {}; if (!0 !== d[I] && !0 !== s[I]) { var c = "onerror"; t(["_" + c]); var u = T[c]; T[c] = function (e, t, n, a, i) { var r = u && u(e, t, n, a, i); return !0 !== r && m["_" + c]({ message: e, url: t, lineNumber: n, columnNumber: a, error: i }), r }, d.autoExceptionInstrumented = !0 } return m }(y.cfg); function a() { y.onInit && y.onInit(n) } (T[t] = n).queue && 0 === n.queue.length ? (n.queue.push(a), n.trackPageView({})) : a() }(window, document, {
src: "https://js.monitor.azure.com/scripts/b/ai.2.min.js", // The SDK URL Source
// name: "appInsights", // Global SDK Instance name defaults to "appInsights" when not supplied
// ld: 0, // Defines the load delay (in ms) before attempting to load the sdk. -1 = block page load and add to head. (default) = 0ms load after timeout,
// useXhr: 1, // Use XHR instead of fetch to report failures (if available),
crossOrigin: "anonymous", // When supplied this will add the provided value as the cross origin attribute on the script tag
// onInit: null, // Once the application insights instance has loaded and initialized this callback function will be called with 1 argument -- the sdk instance (DO NOT ADD anything to the sdk.queue -- As they won't get called)
cfg: { // Application Insights Configuration
instrumentationKey: "myInstrumentationKey"
}
});
</script>
<script>
console.log(appInsights); // this produces an output, so appInsights is at least created
try {
x.hello; // x is not defined, this throws an exception
} catch (ex) {
appInsights.trackException(ex); // attempting to log exception manually
appInsights.flush();
throw ex; // attempting to log unhandled exception
}
</script>
</head>
</html>
In this code, I initialize everything using the snippet provided in the link above. I try to call x.hello, but x isn't defined so any exception is thrown. I then attempt to log that exception manually using appInsights.trackException(ex) and I also re-throw the exception because, according to the link above, unhandled browser exceptions should be logged automatically. I am however not seeing either of these events appear in application insights.
I know my instrumentation key is correct, because an incorrect one would yield some 400 errors when attempting to connect. This is what my network tab looks like after connecting.
Any ideas where I'm going wrong here?
I am following the same snippet which you are used.
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
<script type="text/javascript">
!function (T, l, y) { var S = T.location, k = "script", D = "instrumentationKey", C = "ingestionendpoint", I = "disableExceptionTracking", E = "ai.device.", b = "toLowerCase", w = "crossOrigin", N = "POST", e = "appInsightsSDK", t = y.name || "appInsights"; (y.name || T[e]) && (T[e] = t); var n = T[t] || function (d) { var g = !1, f = !1, m = { initialize: !0, queue: [], sv: "5", version: 2, config: d }; function v(e, t) { var n = {}, a = "Browser"; return n[E + "id"] = a[b](), n[E + "type"] = a, n["ai.operation.name"] = S && S.pathname || "_unknown_", n["ai.internal.sdkVersion"] = "javascript:snippet_" + (m.sv || m.version), { time: function () { var e = new Date; function t(e) { var t = "" + e; return 1 === t.length && (t = "0" + t), t } return e.getUTCFullYear() + "-" + t(1 + e.getUTCMonth()) + "-" + t(e.getUTCDate()) + "T" + t(e.getUTCHours()) + ":" + t(e.getUTCMinutes()) + ":" + t(e.getUTCSeconds()) + "." + ((e.getUTCMilliseconds() / 1e3).toFixed(3) + "").slice(2, 5) + "Z" }(), iKey: e, name: "Microsoft.ApplicationInsights." + e.replace(/-/g, "") + "." + t, sampleRate: 100, tags: n, data: { baseData: { ver: 2 } } } } var h = d.url || y.src; if (h) { function a(e) { var t, n, a, i, r, o, s, c, u, p, l; g = !0, m.queue = [], f || (f = !0, t = h, s = function () { var e = {}, t = d.connectionString; if (t) for (var n = t.split(";"), a = 0; a < n.length; a++) { var i = n[a].split("="); 2 === i.length && (e[i[0][b]()] = i[1]) } if (!e[C]) { var r = e.endpointsuffix, o = r ? e.location : null; e[C] = "https://" + (o ? o + "." : "") + "dc." + (r || "services.visualstudio.com") } return e }(), c = s[D] || d[D] || "", u = s[C], p = u ? u + "/v2/track" : d.endpointUrl, (l = []).push((n = "SDK LOAD Failure: Failed to load Application Insights SDK script (See stack for details)", a = t, i = p, (o = (r = v(c, "Exception")).data).baseType = "ExceptionData", o.baseData.exceptions = [{ typeName: "SDKLoadFailed", message: n.replace(/\./g, "-"), hasFullStack: !1, stack: n + "\nSnippet failed to load [" + a + "] -- Telemetry is disabled\nHelp Link: https://go.microsoft.com/fwlink/?linkid=2128109\nHost: " + (S && S.pathname || "_unknown_") + "\nEndpoint: " + i, parsedStack: [] }], r)), l.push(function (e, t, n, a) { var i = v(c, "Message"), r = i.data; r.baseType = "MessageData"; var o = r.baseData; return o.message = 'AI (Internal): 99 message:"' + ("SDK LOAD Failure: Failed to load Application Insights SDK script (See stack for details) (" + n + ")").replace(/\"/g, "") + '"', o.properties = { endpoint: a }, i }(0, 0, t, p)), function (e, t) { if (JSON) { var n = T.fetch; if (n && !y.useXhr) n(t, { method: N, body: JSON.stringify(e), mode: "cors" }); else if (XMLHttpRequest) { var a = new XMLHttpRequest; a.open(N, t), a.setRequestHeader("Content-type", "application/json"), a.send(JSON.stringify(e)) } } }(l, p)) } function i(e, t) { f || setTimeout(function () { !t && m.core || a() }, 500) } var e = function () { var n = l.createElement(k); n.src = h; var e = y[w]; return !e && "" !== e || "undefined" == n[w] || (n[w] = e), n.onload = i, n.onerror = a, n.onreadystatechange = function (e, t) { "loaded" !== n.readyState && "complete" !== n.readyState || i(0, t) }, n }(); y.ld < 0 ? l.getElementsByTagName("head")[0].appendChild(e) : setTimeout(function () { l.getElementsByTagName(k)[0].parentNode.appendChild(e) }, y.ld || 0) } try { m.cookie = l.cookie } catch (p) { } function t(e) { for (; e.length;)!function (t) { m[t] = function () { var e = arguments; g || m.queue.push(function () { m[t].apply(m, e) }) } }(e.pop()) } var n = "track", r = "TrackPage", o = "TrackEvent"; t([n + "Event", n + "PageView", n + "Exception", n + "Trace", n + "DependencyData", n + "Metric", n + "PageViewPerformance", "start" + r, "stop" + r, "start" + o, "stop" + o, "addTelemetryInitializer", "setAuthenticatedUserContext", "clearAuthenticatedUserContext", "flush"]), m.SeverityLevel = { Verbose: 0, Information: 1, Warning: 2, Error: 3, Critical: 4 }; var s = (d.extensionConfig || {}).ApplicationInsightsAnalytics || {}; if (!0 !== d[I] && !0 !== s[I]) { var c = "onerror"; t(["_" + c]); var u = T[c]; T[c] = function (e, t, n, a, i) { var r = u && u(e, t, n, a, i); return !0 !== r && m["_" + c]({ message: e, url: t, lineNumber: n, columnNumber: a, error: i }), r }, d.autoExceptionInstrumented = !0 } return m }(y.cfg); function a() { y.onInit && y.onInit(n) } (T[t] = n).queue && 0 === n.queue.length ? (n.queue.push(a), n.trackPageView({})) : a() }(window, document, {
src: "https://js.monitor.azure.com/scripts/b/ai.2.min.js", // The SDK URL Source
// name: "appInsights", // Global SDK Instance name defaults to "appInsights" when not supplied
// ld: 0, // Defines the load delay (in ms) before attempting to load the sdk. -1 = block page load and add to head. (default) = 0ms load after timeout,
// useXhr: 1, // Use XHR instead of fetch to report failures (if available),
crossOrigin: "anonymous", // When supplied this will add the provided value as the cross origin attribute on the script tag
// onInit: null, // Once the application insights instance has loaded and initialized this callback function will be called with 1 argument -- the sdk instance (DO NOT ADD anything to the sdk.queue -- As they won't get called)
cfg: { // Application Insights Configuration
instrumentationKey: "Your Instrumentation key"
/* ...Other Configuration Options... */
}
});
</script>
<script>
//function getCookieValue(key) {
// const cookie = document.cookie
// .split('; ')
// .find(cookie => cookie.startsWith(key));
// return cookie ? cookie.split('=')[1] : null;
//}
//var telemetryInitializer = (envelope) => {
// const environment = getCookieValue('x-ms-routing-name') || 'production';
// envelope.data['slot'] = environment;
//}
//appInsights.addTelemetryInitializer(telemetryInitializer);
console.log(appInsights); // this produces an output, so appInsights is at least created
try {
s.hello; // x is not defined, this throws an exception
} catch (ex) {
//appInsights.trackException(ex); // attempting to log exception manually
appInsights.flush();
throw ex; // attempting to log unhandled exception
}
</script>
</head>
Without adding the appInsights.trackException(ex); I am able to see the uncaught ReferenceError in application insights.
Refer here for more info

What is nio.js?

I am seeing an unknown script being displayed on all pages hosted on my site. This was not added by me to any of the pages, so i am assuming the hosting company is adding it on the fly when a page is requested.
This is what is added to the the page
<script>
! function(n, e, i, o, t) {
'use strict';
if (!n.nio) {
n.nio = function() {
n.nio.execAction ? n.nio.execAction.apply(window.nio, arguments) : n.nio.queue.push(arguments)
}, n.nio.push = n.nio, n.nio.loaded = !0, n.nio.version = '1.0', n.nio.queue = [];
var s = e.createElement(i);
s.async = !0, s.src = o;
var r = e.getElementsByTagName(i)[0];
r.parentNode.insertBefore(s, r)
}
}(window, document, 'script', '//cdn.narrative.io/js/nio-js/v1.1/nio.js');
nio('init', 9);
</script>
<noscript><img height='1' width='1' style='display:none' src='https://io.narrative.io?noscript=1&id=9'/></noscript>
This is what the nio.js file contains.
! function(t, e, n, r, i) {
"use strict";
var o, a, u = "__nio";
if (!t.nio || 1 !== t.nio.libLoaded) {
var s = function() {
return "//" + r
},
c = function(t) {
var e = typeof t;
return "object" === e && "function" !== e && null !== t
};
o = "undefined" != typeof JSON && null !== JSON && JSON.stringify ? JSON.stringify : function() {
var t = Object.prototype.toString,
e = Array.isArray || function(e) {
return "[object Array]" === t.call(e)
},
n = {
'"': '\\"',
"\\": "\\\\",
"\b": "\\b",
"\f": "\\f",
"\n": "\\n",
"\r": "\\r",
" ": "\\t"
},
r = function(t) {
return n[t] || "\\u" + (t.charCodeAt(0) + 65536).toString(16).substr(1)
},
i = /[\\"\u0000-\u001F\u2028\u2029]/g;
return function o(n) {
if (null == n) return "null";
if ("number" == typeof n) return isFinite(n) ? n.toString() : "null";
if ("boolean" == typeof n) return n.toString();
if ("object" == typeof n) {
if ("function" == typeof n.toJSON) return o(n.toJSON());
if (e(n)) {
for (var a = "[", u = 0; u < n.length; u++) a += (u ? ", " : "") + o(n[u]);
return a + "]"
}
if ("[object Object]" === t.call(n)) {
var s = [];
for (var c in n) n.hasOwnProperty(c) && s.push(o(c) + ": " + o(n[c]));
return "{" + s.join(", ") + "}"
}
}
return '"' + n.toString().replace(i, r) + '"'
}
}();
var f = Object.assign || function(t) {
if (t === i || null === t) throw new TypeError("Cannot convert undefined or null to object");
for (var e = Object(t), n = 1; n < arguments.length; n++) {
var r = arguments[n];
if (r !== i && null !== r)
for (var o in r) r.hasOwnProperty(o) && (e[o] = r[o])
}
return e
},
l = function(t) {
var e, n = [];
for (var r in t) t.hasOwnProperty(r) && (e = c(t[r]) ? o(t[r]) : t[r], n.push(encodeURIComponent(r) + "=" + encodeURIComponent(e)));
return n.join("&")
},
p = "addEventListener" in e,
h = p ? "addEventListener" : "attachEvent",
d = p ? "removeEventListener" : "detachEvent",
m = function(t, e, n) {
e = p ? e : "on" + e;
var r = function(i) {
t[d](e, r, !1), n(i)
};
t[h](e, r, !1)
},
v = {
_isFiring: !1,
numOfRequests: 0,
addQueue: function(t) {
this.queue = this.queue.concat(t)
},
queue: [],
isEmpty: function() {
return 0 === this.queue.length
},
complete: function(t) {
return t || this.queue.shift(), this._isFiring = !1, this._fire()
},
_fire: function() {
if (0 !== this.queue.length) {
var t = this.queue[0],
e = t[0] + "?" + l(t[1]);
return this._isFiring = !0, this.numOfRequests++, e.length > 2048 ? this.fireForm(t[0], t[1]) : this.fireImage(e)
}
},
request: function() {
return this.queue.push(Array.prototype.slice.call(arguments)), this._isFiring ? this._isFiring : this._fire()
},
fireForm: function(t, n) {
var r = this,
i = "nio" + Math.random().toString().replace("0.", ""),
a = e.createElement("form"),
u = e.attachEvent && !e.addEventListener,
s = u ? '<iframe name="' + i + '">' : "iframe",
f = e.createElement(s);
a.method = "post", a.action = t, a.target = i, a.acceptCharset = "utf-8", a.style.display = "none", f.src = "javascript:false", f.id = i, f.name = i, a.appendChild(f), m(f, "load", function() {
var t, i = function(t) {
var e = c(t) ? t.type : null;
return a.parentNode.removeChild(a), r.complete("load" !== e)
};
for (var u in n) n.hasOwnProperty(u) && (t = e.createElement("input"), t.name = u, t.value = c(n[u]) ? o(n[u]) : n[u], a.appendChild(t));
m(f, "load", i), m(f, "error", i), a.submit()
}), e.body.appendChild(a)
},
fireImage: function(t) {
var e = new Image,
n = this,
r = function() {
n.complete()
};
return e.onload = r, e.onerror = r, e.src = t, t
}
},
g = {
companyId: null,
options: {
forceSSL: !1,
forcePost: !1
},
getStandardVars: function() {
return {
companyId: this.companyId,
ret: "img",
ts: (new Date).valueOf()
}
},
errors: [],
error: function(t) {
this.errors.push(t)
},
init: function(t, e) {
this.companyId = t, this.config(e)
},
config: function(t) {
for (var e in t) t.hasOwnProperty(e) && (this.options[e] === i && g.error("Narrative.io: " + e + " is not a valid config option"), this.options[e] = t[e])
},
data: function(t) {
return this.submit(t)
},
submit: function(t) {
var e = s();
e = (this.options.forceSSL ? "https:" : n.protocol) + e;
var r = f({}, this.getStandardVars(), t);
return v.request(e, r)
}
};
t.nio._debug = function() {
return [g, v, a]
}, t.nio.execAction = function(t) {
var e = Array.prototype.slice.call(arguments).slice(1);
switch (t) {
case "init":
return g.init.apply(g, e);
case "data":
return g.data.apply(g, e);
default:
return g.error("Narrative.io: " + t + " is not a valid action")
}
}, t.nio.libLoaded = !0, t.nio.libVersion = "1.0", t.nio.isValid = function() {
return 0 === g.errors.length
};
for (var y = t.nio.queue.slice(), S = 0; S < y.length; S++) t.nio.execAction.apply(t.nio, y[S]);
if (y.length = 0, a = null, t.sessionStorage) {
a = function() {
!v.isEmpty() && c(JSON) && "function" == typeof JSON.parse && t.sessionStorage.setItem(u, o(v.queue))
}, m(t, "beforeunload", a, !1);
var b = t.sessionStorage.getItem(u);
if (null !== b) try {
b = JSON.parse(b), v.addQueue(b)
} catch (O) {
g.error("Narrative.io: " + O.message)
} finally {
t.sessionStorage.removeItem(u)
}
}
setTimeout(function(t, e) {
return function() {
0 === e.numOfRequests && t.execAction("data")
}
}(t.nio, v), 250)
}
}(window, document, location, "io.narrative.io");
I am trying to understand what this script intends to do. Google search did not yield any useful information, and the company hosting the js file does not have much information on it. Hoping to get some javascript expert make sense of this.
This was resolved. The hosting company did some more digging and found out from their development team that this was part of a pilot program to collect some analytics data.

Using Firebug to watch a code

So I'm new to programming and are trying to learn javascript, html and css right now. I'm using Firebug to see code and trying to understand it. Found someones
"Hangman Game" that looks pretty cool to be able to do.
However when I try to see how it's done via Firebug I see "strange characters" which make it difficult to really understand everything. Looks like some things have the same variable even though they are different.
So wondering if it's possible to do anything about this?
The code looks like this
window.Hangman = function () {
'use strict';
var e = {
partAsElement: {
hill: document.getElementById('hang_hill'),
gallow: document.getElementById('hang_construction'),
body: document.getElementById('hang_body'),
rightarm: document.getElementById('hang_rightarm'),
leftarm: document.getElementById('hang_leftarm'),
rightleg: document.getElementById('hang_rightleg'),
leftleg: document.getElementById('hang_leftleg'),
rope: document.getElementById('hang_rope'),
head: document.getElementById('hang_head')
},
validParts: [
'hill',
'gallow',
'rope',
'head',
'body',
'rightarm',
'leftarm',
'rightleg',
'leftleg'
],
ordlista: [
'FANTASY',
'NOTHING',
'INDIGO',
'NATIVE',
'FOREARM',
'NODE',
'EYESOCKET'
],
strecklista: [
],
usedlista: [
],
k: 0,
isValid: function (e) {
return - 1 === this.validParts.indexOf(e) ? (console.log('The part is not valid: ' + e), !1) : (console.log('The part is valid: ' + e), !0)
},
hide: function (e) {
this.isValid(e) && (console.log('Hiding part: ' + e), this.partAsElement[e].style.display = 'none')
},
show: function (e) {
this.isValid(e) && (console.log('Showing part: ' + e), this.partAsElement[e].style.display = 'inline')
},
shuffle: function (e) {
var t,
n,
l;
for (l = e.length; l; l -= 1) t = Math.floor(Math.random() * l),
n = e[l - 1],
e[l - 1] = e[t],
e[t] = n
},
pickWord: function () {
var e;
return this.shuffle(this.ordlista),
e = this.ordlista[0],
console.log(e),
e
},
drawUnderscore: function (e) {
var t,
n,
l;
for (console.log(e), t = document.getElementById('streck'), n = 0; n < e.length; n++) this.strecklista.push('_');
return l = this.strecklista.join(' '),
t.innerHTML = l,
l
},
'klickaVälj': function (n) {
var l,
o,
s,
a,
i,
r;
l = document.getElementsByClassName('bokstav'),
s = document.getElementById('streck'),
a = document.getElementById('used'),
l[n].addEventListener('click', function () {
for (l[n].classList.add('selected'), o = this.innerHTML, i = 0, r = 0, n = 0; n < t.length; n++) t[n] === o ? (console.log(t[n]), e.strecklista[n] = o) : (console.log('bokstaven finns inte på plats ' + n), i++);
for (console.log('j = ' + i), console.log(e.strecklista), n = 0; n < e.strecklista.length; n++) '_' === e.strecklista[n] && (r++, console.log(r));
s.innerHTML = e.strecklista.join(' '),
0 === r && window.alert('You won!'),
console.log(e.k),
i === t.length && (console.log('utför andra if-satsen'), e.usedlista.push(o), console.log('usedlista' + e.usedlista), e.show(e.validParts[e.k]), e.k++, e.k === e.validParts.length && window.alert('You lost!')),
a.innerHTML = e.usedlista
})
},
addClick: function () {
var e;
e = document.getElementsByClassName('bokstav');
for (var t = 0; t < e.length; t++) this.klickaVälj(t)
}
},
t = e.pickWord();
return e.drawUnderscore(t),
console.log(t),
console.log('You can now use the hangman object as a part of the window-object. Try\n\nwindow.Hangman.hide(\'gallow\')\nwindow.Hangman.show(\'gallow\')\n\nHere are all the parts you can work on.'),
console.log(e.validParts),
e
}();
EDIT: https://jsfiddle.net/8c34noqf/ (from what I can see they use 2 js-files and I can only paste one of them). So here's the other one
!function () {
'use strict';
function n() {
for (a = 0; a < i.length; a++) window.Hangman.hide(i[a])
}
var a,
i;
i = window.Hangman.validParts,
n(),
window.Hangman.addClick()
}();

edit substring length from obfuscated JavaScript

On my blogger site, the template uses a substring to place a brief description of the contents on the front page. I have narrowed down the substring function to something I found while looking through the code, however it is in uglyfied/obfuscated javascript and I cannot read it.
Upon looking on-line I cannot find something to make this readable for me, perhaps someone here can help.
the code is:
var _0x3a04=["$(3C).4Z(2(){3 o=\x2218\x22,y=\x224r\x22,u=\x223F.\x22,s=\x223v\x22,t=\x22.3D\x22,x=\x223G\x22,w=\x223o\x22,q=\x22.m\x22,p=\x222s\x22,l=q+p,v=\x224H\x22,z=\x223q\x22,r=\x223B\x22;5($(\x22.2s\x22+y+\x22x\x22).1d(\x22a\x22).2M(o)==\x221g://\x22+u+\x22i\x22+s+\x22h\x22+r+\x22s.1D\x22\x26\x26$(\x22.2s\x22+y+\x22x\x22).1d(l).2M(o)==\x221g://\x22+x+\x22r-s\x22+w+\x22.3t\x22+v+\x22t\x22+t+\x22m\x22){1m.3A=(2(){3 a=2(c){3 f=c||{},b=f.1Z||1m.21.2a,g=f.3k||\x221g://1.2q.2g.1D/-2w/2x/2y/2C/2E/2H.2o\x22,d=f.4C||50,e=f.3m||0;(2(j){3 h=j(\x22#1E-2n-3y\x22),k=h.1d(\x22:2m\x22);h.2A(\x27\x3C12 3E=\x222n-1x\x22\x3E\x3C/12\x3E\x27);3 i=j(\x22#2n-1x\x22);h.2F(\x223H\x22,2(){3 m=k.4i();i.4q().15(\x221M...\x22);j.1E({1w:\x221g://\x22+b+\x22/1O/2l/1C?1v=1X-1f-20\x26q=\x22+m+\x22\x262k-22=2B\x22,1s:\x2224\x22,26:\x2227\x22,28:2(I){3 H=I.1B.2e,E,D,G,F,A=\x22\x22;5(H!==1Q){A=\x22\x3C1r\x3E3w 22 1a 3z \x262D;\x22+m+\x22\x262D;\x3C/1r\x3E\x22;A+=\x27\x3Ca 11=\x221U\x22 18=\x22/\x22\x3E\x262j;\x3C/a\x3E\x3C2J\x3E\x27;1a(3 C=0;C\x3CH.16;C++){3 n=46 4a(m,\x224f\x22),G=H[C].1G.$t.1i(n,\x22\x3C25\x3E\x22+m+\x22\x3C/25\x3E\x22);1a(3 B=0;B\x3CH[C].14.16;B++){5(H[C].14[B].1n==\x2229\x22){F=H[C].14[B].18}}5(\x221A\x221f H[C]){E=H[C].1A.$t}17{5(\x221C\x221f H[C]){E=H[C].1C.$t}17{E=\x22\x22}}E=E.1i(/\x3C\x5CS[^\x3E]*\x3E/g,\x22\x22);5(E.16\x3Ee){E=E.1y(0,e)+\x22...\x22}E=E.1i(n,\x22\x3C25\x3E\x22+m+\x22\x3C/25\x3E\x22);5(\x222f$1H\x221f H[C]){D=H[C].2f$1H.1w.1i(/\x5C/s[0-9]+\x5C-c/g,\x22/s\x22+d+\x22-c\x22)}17{D=g}A+=\x27\x3C7\x3E\x3Ca 18=\x22\x27+F+\x27\x22 1K=\x221L\x22\x3E\x3C13\x3E\x3C1N 2p=\x22\x27+d+\x27\x22 1b=\x22\x27+d+\x27\x22 1P=\x22\x27+D+\x27\x22/\x3E\x3C/13\x3E\x3Cb\x3E\x27+G+\x22\x3C/b\x3E\x3C/a\x3E\x3Cp\x3E\x22+E+\x22\x3C/p\x3E\x3C/7\x3E\x22}A+=\x22\x3C/2J\x3E\x22;i.15(A)}17{i.15(\x27\x3Ca 11=\x221U\x22 18=\x22/\x22\x3E\x262j;\x3C/a\x3E\x3C1h\x3E1R 1x!\x3C/1h\x3E\x27)}},1S:2(){i.15(\x27\x3Ca 11=\x221U\x22 18=\x22/\x22\x3E\x262j;\x3C/a\x3E\x3C1h\x3E1T 4p 1B.\x3C/1h\x3E\x27)}});1j 1t});h.2F(\x224s\x22,\x22.1U\x22,2(){i.4x();1j 1t})})(1c)};1j 2(b){a(b)}})();1m.4D=(2(){3 a=2(A){3 d=A||{},h=d.1Z||1m.21.2a,n=d.4G||8,g=d.3f||\x22#3g\x22,e=d.3h||3i,c=d.3j||1W,f=d.3l||4,b=d.3n||2G,m=d.3p||1Y,j=d.3r||1t,k=d.3s||\x222I\x22,i=d.3u||\x221g://1.2q.2g.1D/-2w/2x/2y/2C/2E/2H.2o\x22;$.1E({1w:\x221g://\x22+h+\x22/1O/2l/2h?1v=1X-1f-20\x262k-22=\x22+n+\x22\x22,1s:\x2224\x22,26:\x2227\x22,28:2(G){3 I,B,H,K,M,J,D=\x22\x22,L=G.1B.2e;5(L!==1Q){5(j){D=\x22\x3C1e 11=\x272U 2V\x27\x3E\x22}17{D=\x22\x3C1e 11=\x272V\x27\x3E\x22}1a(3 F=0;F\x3CL.16;F++){1a(3 E=0;E\x3CL[F].14.16;E++){5(L[F].14[E].1n==\x2229\x22){I=L[F].14[E].18;1q}}1a(3 C=0;C\x3CL[F].14.16;C++){5(L[F].14[C].1n==\x222Y\x22\x26\x26L[F].14[C].1s==\x222m/15\x22){H=L[F].14[C].1G.30(\x22 \x22)[0];1q}}5(\x221A\x221f L[F]){K=L[F].1A.$t}17{5(\x221C\x221f L[F]){K=L[F].1C.$t}17{K=\x22\x22}}5(\x222f$1H\x221f L[F]){M=L[F].2f$1H.1w.1i(/\x5C/s[0-9]+\x5C-c/g,\x22/s\x22+e+\x22-c\x22)}17{M=i}K=K.1i(/\x3C\x5CS[^\x3E]*\x3E/g,\x22\x22);5(K.16\x3Ec){K=K.1y(0,c)+\x22...\x22}B=L[F].1G.$t;J=L[F].31.$t.1y(0,10),J=J.1i(/-/g,\x22/\x22);D+=\x27\x3C7\x3E\x3C12 11=\x2247\x22\x3E\x3Ca 18=\x22\x27+I+\x27\x22 1K=\x221L\x22\x3E\x3C13\x3E\x3C1N 1v=\x22\x27+B+\x27\x221P=\x22\x27+M+\x27\x22/\x3E\x3C/13\x3E\x3C/a\x3E\x3C/12\x3E\x3C12 11=\x2248\x22\x3E\x3C1r\x3E\x3Ca 18=\x22\x27+I+\x27\x22 1K=\x221L\x22\x3E\x27+B+\x27\x3C/a\x3E\x3C/1r\x3E\x3C12 11=\x2236\x22\x3E\x3C13 11=\x2237\x22\x3E\x27+J+\x27\x3C/13\x3E\x3C13 11=\x223a\x22\x3E\x27+H+\x22 \x22+k+\x27\x3C/13\x3E\x3C/12\x3E\x3C/12\x3E\x3C12 11=\x224o\x22\x3E\x27+K+\x22\x3C/12\x3E\x3C/7\x3E\x22}D+=\x22\x3C/1e\x3E\x22;$(g).15(D);(2(N){N.2u.2v=2(O,Q,P){O=O||4;Q=Q||2z;P=P||1Y;1j 19.2b(2(){3 X=N(19),W=1F,V=[],U=O,R=X.1d(\x22\x3E 7:2i\x22).1b(),T=0;2 S(){5(W){3 Y=N(V[U]).1u({1b:0,1o:0}).2K(X);X.1d(\x22\x3E 7:2L\x22).1p({1o:0},P,2(){Y.1p({1b:R},P).1p({1o:1},P);N(19).23()});U++;5(U\x3E=T){U=0}}2N(S,Q)}X.1d(\x22\x3E 7\x22).2b(2(){V.2O(\x22\x3C7\x3E\x22+N(19).15()+\x22\x3C/7\x3E\x22)});T=V.16;X.2P(\x27\x3C12 11=\x223x\x22 /\x3E\x27).2Q().1u({1b:R*O});X.1d(\x22\x3E 7\x22).2R(\x22:2S(\x22+(O-1)+\x22)\x22).23();X.1k(\x221J\x22,2(){W=1t}).1k(\x221I\x22,2(){W=1F});S()})}})(1c);1c(2(){5(j){1c(\x221e.2U\x22).2v(f,b,m).1k(\x222W\x22,2(){1c(19).2c(\x221J\x22)}).1k(\x222X\x22,2(){1c(19).2c(\x221I\x22)})}})}17{$(g).15(\x22\x3C13\x3E1R 1x!\x3C/13\x3E\x22)}},1S:2(){$(g).15(\x22\x3C1h\x3E1T 1M 2r!\x3C/1h\x3E\x22)}})};1j 2(b){a(b)}})();1m.3I=(2(){3 a=2(B){3 e=B||{},k=e.1Z||1m.21.2a,c=e.3J||\x22#3K\x22,m=e.3L||6,j=e.3M||3N,i=e.3O||1t,b=e.3P||4,h=e.3Q||2G,g=e.3R||1Y,f=e.3S||1W,A=e.3T||\x221g://4.2q.2g.1D/-3U/3V/3W/3X/3Y/3Z-40-41.42\x22,n=e.43||50,d=e.44||\x22\x22;$.1E({1w:\x221g://\x22+k+\x22/1O/45/2h?1v=1X-1f-20\x22,1s:\x2224\x22,26:\x2227\x22,28:2(Q){3 I,K=Q.1B.2e;5(K!==1Q){I=\x22\x3C1e 11=\x272Z\x27\x3E\x22;1V=0;1a(3 H=0;H\x3Cn;H++){3 G,M,J,C,L,E;5(H==K.16){1q}5(1V\x3E=m){1q}3 P=K[H];1a(3 F=0;F\x3CP.14.16;F++){5(P.14[F].1n==\x2229\x22){G=P.14[F].18}}1a(3 O=0;O\x3CP.1z.16;O++){M=P.1z[O].49.$t;J=P.1z[O].32$4b.1P}5(M!=d\x26\x261V\x3Cm){1V++;I+=\x22\x3C7\x3E\x22;5(J==\x221g://4c.4d.1D/1N/4e.2o\x22){C=A}17{C=J.1i(/\x5C/s[0-9]+(\x5C-c|\x5C/)/,\x22/s\x22+j+\x22$1\x22)}3 E=(P.1z[0].33)?P.1z[0].33.$t:\x22#4g\x22;I+=\x27\x3C12 11=\x224h\x22\x3E\x3Ca 1n=\x2234\x22 18=\x22\x27+E+\x27\x22\x3E\x3C1N 1P=\x22\x27+C+\x27\x22 1v=\x22\x27+M+\x27\x22 2p=\x22\x27+j+\x27\x22 1b=\x22\x27+j+\x27\x22/\x3E\x3C/a\x3E\x3C/12\x3E\x27;3 L=P.32$4j[1].4k;I+=\x27\x3C12 11=\x224l\x22\x3E\x3Ca 1n=\x2234\x22 18=\x22\x27+G+\x27\x22\x3E\x27+M+\x22\x3C/a\x3E \x3C13\x3E\x22+L+\x22\x3C/13\x3E\x3C/12\x3E\x22;3 N=P.1A.$t;3 D=N.1i(/(\x3C([^\x3E]+)\x3E)/4m,\x22\x22);5(D!=\x22\x22\x26\x26D.16\x3Ef){D=D.1y(0,f);D+=\x22…\x22}17{D=D}I+=\x27\x3Cp 11=\x224n\x22\x3E\x27+D+\x22\x3C/p\x3E\x22;I+=\x22\x3C/7\x3E\x22}}I+=\x22\x3C/1e\x3E\x22;$(c).15(I);(2(R){R.2u.35=2(S,U,T){S=S||4;U=U||2z;T=T||1Y;1j 19.2b(2(){3 1l=R(19),2d=1F,Z=[],Y=S,V=1l.1d(\x22\x3E 7:2i\x22).1b(),X=0;2 W(){5(2d){3 38=R(Z[Y]).1u({1b:0,1o:0}).2K(1l);1l.1d(\x22\x3E 7:2L\x22).1p({1o:0},T,2(){38.1p({1b:V},T).1p({1o:1},T);R(19).23()});Y++;5(Y\x3E=X){Y=0}}2N(W,U)}1l.1d(\x22\x3E 7\x22).2b(2(){Z.2O(\x22\x3C7\x3E\x22+R(19).15()+\x22\x3C/7\x3E\x22)});X=Z.16;1l.2P(\x27\x3C12 11=\x224t\x22 /\x3E\x27).2Q().1u({1b:V*S});1l.1d(\x22\x3E 7\x22).2R(\x22:2S(\x22+(S-1)+\x22)\x22).23();1l.1k(\x221J\x22,2(){2d=1t}).1k(\x221I\x22,2(){2d=1F});W()})}})(1c);1c(2(){5(i){1c(\x221e.2Z\x22).35(b,h,g).1k(\x222W\x22,2(){1c(19).2c(\x221J\x22)}).1k(\x222X\x22,2(){1c(19).2c(\x221I\x22)})}})}17{$(c).15(\x22\x3C13\x3E1R 1x!\x3C/13\x3E\x22)}},1S:2(){$(c).15(\x22\x3C1h\x3E1T 1M 2r!\x3C/1h\x3E\x22)}})};1j 2(b){a(b)}})();1m.4u=(2(){3 a=2(d){3 g=d||{},b=g.1Z||1m.21.2a,f=g.4v||8,e=g.4w||\x22#2t\x22,h=g.4y||1F,c=g.4z||\x222I\x22;$.1E({1w:\x221g://\x22+b+\x22/1O/2l/2h?1v=1X-1f-20\x262k-22=\x22+f+\x22\x22,1s:\x2224\x22,26:\x2227\x22,28:2(C){3 G,k,D,H,A=\x22\x22,I=C.1B.2e;5(I!==1Q){A=\x22\x3C1e\x3E\x22;1a(3 E=0;E\x3CI.16;E++){1a(3 B=0;B\x3CI[E].14.16;B++){5(I[E].14[B].1n==\x2229\x22){G=I[E].14[B].18;1q}}1a(3 m=0;m\x3CI[E].14.16;m++){5(I[E].14[m].1n==\x222Y\x22\x26\x26I[E].14[m].1s==\x222m/15\x22){D=I[E].14[m].1G.30(\x22 \x22)[0];1q}}k=I[E].1G.$t;H=I[E].31.$t.1y(0,10);H=H.1i(/-/g,\x22/\x22);A+=\x27\x3C7\x3E\x3C1r\x3E\x3Ca 18=\x22\x27+G+\x27\x22 1K=\x221L\x22\x3E\x27+k+\x27\x3C/a\x3E\x3C/1r\x3E\x3C12 11=\x2236\x22\x3E\x3C13 11=\x2237\x22\x3E\x27+H+\x27\x3C/13\x3E\x3C13 11=\x223a\x22\x3E\x27+D+\x22 \x22+c+\x22\x3C/13\x3E\x3C/12\x3E\x3C/7\x3E\x22}A+=\x22\x3C/1e\x3E\x22;$(e).15(A);5(h){2 F(){$(\x22#2t 1e 7:2i\x22).1p({1o:0},4A,2(){$(19).4B($(\x22#2t 1e\x22)).1u(\x221o\x22,1)})}3 n=3b(2(){F()},3c);$(e).4E(2(){4F(n)},2(){3b(2(){F()},3c)})}}17{$(e).15(\x22\x3C13\x3E1R 1x!\x3C/13\x3E\x22)}},1S:2(){$(e).15(\x22\x3C1h\x3E1T 1M 2r!\x3C/1h\x3E\x22)}})};1j 2(b){a(b)}})()}17{$(z).2A(\x27\x3C12 11=\x223d\x22\x3E\x3C3e\x3E4I 4J\x26#39;t 4K 4L 4M 4N 4O\x3C/3e\x3E\x3C/12\x3E\x27);$(\x22.3d\x22).1u({4P:\x224Q\x22,4R:\x220\x22,4S:\x224T 0 0 0\x22,\x224U-4V\x22:\x224W%\x22,\x22z-4X\x22:\x222B\x22,\x224Y-2T\x22:\x2251\x22,2p:\x221W%\x22,1b:\x221W%\x22,2T:\x2252\x22})}});","|","split","||function|var||if||li||||||||||||||||||||||||||||||||||||||||||||||||||||||||class|div|span|link|html|length|else|href|this|for|height|jQuery|find|ul|in|http|strong|replace|return|bind|ab|window|rel|opacity|animate|break|h4|type|false|css|alt|url|result|substring|author|content|feed|summary|com|ajax|true|title|thumbnail|start|stop|target|_blank|Loading|img|feeds|src|undefined|No|error|Error|close|ntotal|400|json|1000|url_blog|script|location|results|remove|get|mark|dataType|jsonp|success|alternate|host|each|trigger|aa|entry|media|blogspot|default|first|times|max|posts|text|search|gif|width|bp|Feed|kr|isibreakingnews|fn|simpleSpy|htG7vy9vIAA|Tp0KrMUdoWI|AAAAAAAABAU|5000|append|9999|e7XkFtErqsU|quot|s1600|on|4000|grey|Comments|ol|prependTo|last|attr|setTimeout|push|wrap|parent|filter|gt|color|spyrcp|recntpst|mouseenter|mouseleave|replies|rcomnetspy|split|published|gd|uri|nofollow|simpleSpyRkm|datex|dt|ac||cm|setInterval|3000|errorx|h1|id_cintainrp|rcentpost|thumbSize|70|contjumlah|srcBlank|limitspy|summaryLength|intervalspy|ite|tickspeed|body|animatedRecentPost|cmtext|blo|pBlank|vyt|Search|spyWrapper|form|keyword|searchxx|eme|document|co|id|www|mk|submit|rccommnetsx|id_containrc|rcentcomnets|numComments|avatarSize|60|animatedRecentcomments|limitspyrkm|intervalspyrkm|tickspeedrkm|characters|defaultAvatar|AEWksK942OE|UFiyLzXJhiI|AAAAAAAAFKE|jBegaGPClxI|s70|user|anonymous|icon|png|maxfeeds|adminBlog|comments|new|thumbp|titlexp|name|RegExp|image|img1|blogblog|blank|ig|nope|kmtimg|val|extendedProperty|value|ketkomt|gi|komtsum|contxisi|loading|show|edit|click|spyWrapperrkm|breakingnews|breakingpostx|id_breaking|fadeOut|animatedBreaking|breakingcmtext|200|appendTo|scrthumbSize|rccpostsx|hover|clearInterval|numpostx|gspo|Please|Don|Remove|or|change|Credit|Link|position|fixed|top|padding|150px|font|size|120|index|background|ready||black|white","","fromCharCode","replace","\x5Cw+","\x5Cb","g"];eval(function (_0x1995x1,_0x1995x2,_0x1995x3,_0x1995x4,_0x1995x5,_0x1995x6){_0x1995x5=function (_0x1995x3){return (_0x1995x3<_0x1995x2?_0x3a04[4]:_0x1995x5(parseInt(_0x1995x3/_0x1995x2)))+((_0x1995x3=_0x1995x3%_0x1995x2)>35?String[_0x3a04[5]](_0x1995x3+29):_0x1995x3.toString(36));} ;if(!_0x3a04[4][_0x3a04[6]](/^/,String)){while(_0x1995x3--){_0x1995x6[_0x1995x5(_0x1995x3)]=_0x1995x4[_0x1995x3]||_0x1995x5(_0x1995x3);} ;_0x1995x4=[function (_0x1995x5){return _0x1995x6[_0x1995x5];} ];_0x1995x5=function (){return _0x3a04[7];} ;_0x1995x3=1;} ;while(_0x1995x3--){if(_0x1995x4[_0x1995x3]){_0x1995x1=_0x1995x1[_0x3a04[6]]( new RegExp(_0x3a04[8]+_0x1995x5(_0x1995x3)+_0x3a04[8],_0x3a04[9]),_0x1995x4[_0x1995x3]);} ;} ;return _0x1995x1;} (_0x3a04[0],62,313,_0x3a04[3][_0x3a04[2]](_0x3a04[1]),0,{}));
Just remove the eval, paste it in the console and you will get a readable code string:
$(document).ready(function () {
var o = "href",
y = "edit",
u = "www.",
s = "vyt",
t = ".co",
x = "mk",
w = "ite",
q = ".m",
p = "kr",
l = q + p,
v = "gspo",
z = "body",
r = "eme";
if ($(".kr" + y + "x").find("a").attr(o) == "http://" + u + "i" + s + "h" + r + "s.com" && $(".kr" + y + "x").find(l).attr(o) == "http://" + x + "r-s" + w + ".blo" + v + "t" + t + "m") {
window.searchxx = (function () {
var a = function (c) {
var f = c || {}, b = f.url_blog || window.location.host,
g = f.srcBlank || "http://1.bp.blogspot.com/-htG7vy9vIAA/Tp0KrMUdoWI/AAAAAAAABAU/e7XkFtErqsU/s1600/grey.gif",
d = f.scrthumbSize || 50,
e = f.summaryLength || 0;
(function (j) {
var h = j("#ajax-search-form"),
k = h.find(":text");
h.append('<div id="search-result"></div>');
var i = j("#search-result");
h.on("submit", function () {
var m = k.val();
i.show().html("Loading...");
j.ajax({
url: "http://" + b + "/feeds/posts/summary?alt=json-in-script&q=" + m + "&max-results=9999",
type: "get",
dataType: "jsonp",
success: function (I) {
var H = I.feed.entry,
E, D, G, F, A = "";
if (H !== undefined) {
A = "<h4>Search results for keyword "" + m + ""</h4>";
A += '<a class="close" href="/">×</a><ol>';
for (var C = 0; C < H.length; C++) {
var n = new RegExp(m, "ig"),
G = H[C].title.$t.replace(n, "<mark>" + m + "</mark>");
for (var B = 0; B < H[C].link.length; B++) {
if (H[C].link[B].rel == "alternate") {
F = H[C].link[B].href
}
}
if ("content" in H[C]) {
E = H[C].content.$t
} else {
if ("summary" in H[C]) {
E = H[C].summary.$t
} else {
E = ""
}
}
E = E.replace(/<\S[^>]*>/g, "");
if (E.length > e) {
E = E.substring(0, e) + "..."
}
E = E.replace(n, "<mark>" + m + "</mark>");
if ("media$thumbnail" in H[C]) {
D = H[C].media$thumbnail.url.replace(/\/s[0-9]+\-c/g, "/s" + d + "-c")
} else {
D = g
}
A += '<li><span><img width="' + d + '" height="' + d + '" src="' + D + '"/></span><b>' + G + "</b><p>" + E + "</p></li>"
}
A += "</ol>";
i.html(A)
} else {
i.html('<a class="close" href="/">×</a><strong>No result!</strong>')
}
},
error: function () {
i.html('<a class="close" href="/">×</a><strong>Error loading feed.</strong>')
}
});
return false
});
h.on("click", ".close", function () {
i.fadeOut();
return false
})
})(jQuery)
};
return function (b) {
a(b)
}
})();
window.rccpostsx = (function () {
var a = function (A) {
var d = A || {}, h = d.url_blog || window.location.host,
n = d.numpostx || 8,
g = d.id_cintainrp || "#rcentpost",
e = d.thumbSize || 70,
c = d.contjumlah || 400,
f = d.limitspy || 4,
b = d.intervalspy || 4000,
m = d.tickspeed || 1000,
j = d.animatedRecentPost || false,
k = d.cmtext || "Comments",
i = d.pBlank || "http://1.bp.blogspot.com/-htG7vy9vIAA/Tp0KrMUdoWI/AAAAAAAABAU/e7XkFtErqsU/s1600/grey.gif";
$.ajax({
url: "http://" + h + "/feeds/posts/default?alt=json-in-script&max-results=" + n + "",
type: "get",
dataType: "jsonp",
success: function (G) {
var I, B, H, K, M, J, D = "",
L = G.feed.entry;
if (L !== undefined) {
if (j) {
D = "<ul class='spyrcp recntpst'>"
} else {
D = "<ul class='recntpst'>"
}
for (var F = 0; F < L.length; F++) {
for (var E = 0; E < L[F].link.length; E++) {
if (L[F].link[E].rel == "alternate") {
I = L[F].link[E].href;
break
}
}
for (var C = 0; C < L[F].link.length; C++) {
if (L[F].link[C].rel == "replies" && L[F].link[C].type == "text/html") {
H = L[F].link[C].title.split(" ")[0];
break
}
}
if ("content" in L[F]) {
K = L[F].content.$t
} else {
if ("summary" in L[F]) {
K = L[F].summary.$t
} else {
K = ""
}
} if ("media$thumbnail" in L[F]) {
M = L[F].media$thumbnail.url.replace(/\/s[0-9]+\-c/g, "/s" + e + "-c")
} else {
M = i
}
K = K.replace(/<\S[^>]*>/g, "");
if (K.length > c) {
K = K.substring(0, c) + "..."
}
B = L[F].title.$t;
J = L[F].published.$t.substring(0, 10), J = J.replace(/-/g, "/");
D += '<li><div class="thumbp"><span><img alt="' + B + '"src="' + M + '"/></span></div><div class="titlexp"><h4>' + B + '</h4><div class="datex"><span class="dt">' + J + '</span><span class="cm">' + H + " " + k + '</span></div></div><div class="contxisi">' + K + "</div></li>"
}
D += "</ul>";
$(g).html(D);
(function (N) {
N.fn.simpleSpy = function (O, Q, P) {
O = O || 4;
Q = Q || 5000;
P = P || 1000;
return this.each(function () {
var X = N(this),
W = true,
V = [],
U = O,
R = X.find("> li:first").height(),
T = 0;
function S() {
if (W) {
var Y = N(V[U]).css({
height: 0,
opacity: 0
}).prependTo(X);
X.find("> li:last").animate({
opacity: 0
}, P, function () {
Y.animate({
height: R
}, P).animate({
opacity: 1
}, P);
N(this).remove()
});
U++;
if (U >= T) {
U = 0
}
}
setTimeout(S, Q)
}
X.find("> li").each(function () {
V.push("<li>" + N(this).html() + "</li>")
});
T = V.length;
X.wrap('<div class="spyWrapper" />').parent().css({
height: R * O
});
X.find("> li").filter(":gt(" + (O - 1) + ")").remove();
X.bind("stop", function () {
W = false
}).bind("start", function () {
W = true
});
S()
})
}
})(jQuery);
jQuery(function () {
if (j) {
jQuery("ul.spyrcp").simpleSpy(f, b, m).bind("mouseenter", function () {
jQuery(this).trigger("stop")
}).bind("mouseleave", function () {
jQuery(this).trigger("start")
})
}
})
} else {
$(g).html("<span>No result!</span>")
}
},
error: function () {
$(g).html("<strong>Error Loading Feed!</strong>")
}
})
};
return function (b) {
a(b)
}
})();
window.rccommnetsx = (function () {
var a = function (B) {
var e = B || {}, k = e.url_blog || window.location.host,
c = e.id_containrc || "#rcentcomnets",
m = e.numComments || 6,
j = e.avatarSize || 60,
i = e.animatedRecentcomments || false,
b = e.limitspyrkm || 4,
h = e.intervalspyrkm || 4000,
g = e.tickspeedrkm || 1000,
f = e.characters || 400,
A = e.defaultAvatar || "http://4.bp.blogspot.com/-AEWksK942OE/UFiyLzXJhiI/AAAAAAAAFKE/jBegaGPClxI/s70/user-anonymous-icon.png",
n = e.maxfeeds || 50,
d = e.adminBlog || "";
$.ajax({
url: "http://" + k + "/feeds/comments/default?alt=json-in-script",
type: "get",
dataType: "jsonp",
success: function (Q) {
var I, K = Q.feed.entry;
if (K !== undefined) {
I = "<ul class='rcomnetspy'>";
ntotal = 0;
for (var H = 0; H < n; H++) {
var G, M, J, C, L, E;
if (H == K.length) {
break
}
if (ntotal >= m) {
break
}
var P = K[H];
for (var F = 0; F < P.link.length; F++) {
if (P.link[F].rel == "alternate") {
G = P.link[F].href
}
}
for (var O = 0; O < P.author.length; O++) {
M = P.author[O].name.$t;
J = P.author[O].gd$image.src
}
if (M != d && ntotal < m) {
ntotal++;
I += "<li>";
if (J == "http://img1.blogblog.com/img/blank.gif") {
C = A
} else {
C = J.replace(/\/s[0-9]+(\-c|\/)/, "/s" + j + "$1")
}
var E = (P.author[0].uri) ? P.author[0].uri.$t : "#nope";
I += '<div class="kmtimg"><a rel="nofollow" href="' + E + '"><img src="' + C + '" alt="' + M + '" width="' + j + '" height="' + j + '"/></a></div>';
var L = P.gd$extendedProperty[1].value;
I += '<div class="ketkomt"><a rel="nofollow" href="' + G + '">' + M + "</a> <span>" + L + "</span></div>";
var N = P.content.$t;
var D = N.replace(/(<([^>]+)>)/gi, "");
if (D != "" && D.length > f) {
D = D.substring(0, f);
D += "…"
} else {
D = D
}
I += '<p class="komtsum">' + D + "</p>";
I += "</li>"
}
}
I += "</ul>";
$(c).html(I);
(function (R) {
R.fn.simpleSpyRkm = function (S, U, T) {
S = S || 4;
U = U || 5000;
T = T || 1000;
return this.each(function () {
var ab = R(this),
aa = true,
Z = [],
Y = S,
V = ab.find("> li:first").height(),
X = 0;
function W() {
if (aa) {
var ac = R(Z[Y]).css({
height: 0,
opacity: 0
}).prependTo(ab);
ab.find("> li:last").animate({
opacity: 0
}, T, function () {
ac.animate({
height: V
}, T).animate({
opacity: 1
}, T);
R(this).remove()
});
Y++;
if (Y >= X) {
Y = 0
}
}
setTimeout(W, U)
}
ab.find("> li").each(function () {
Z.push("<li>" + R(this).html() + "</li>")
});
X = Z.length;
ab.wrap('<div class="spyWrapperrkm" />').parent().css({
height: V * S
});
ab.find("> li").filter(":gt(" + (S - 1) + ")").remove();
ab.bind("stop", function () {
aa = false
}).bind("start", function () {
aa = true
});
W()
})
}
})(jQuery);
jQuery(function () {
if (i) {
jQuery("ul.rcomnetspy").simpleSpyRkm(b, h, g).bind("mouseenter", function () {
jQuery(this).trigger("stop")
}).bind("mouseleave", function () {
jQuery(this).trigger("start")
})
}
})
} else {
$(c).html("<span>No result!</span>")
}
},
error: function () {
$(c).html("<strong>Error Loading Feed!</strong>")
}
})
};
return function (b) {
a(b)
}
})();
window.breakingnews = (function () {
var a = function (d) {
var g = d || {}, b = g.url_blog || window.location.host,
f = g.breakingpostx || 8,
e = g.id_breaking || "#isibreakingnews",
h = g.animatedBreaking || true,
c = g.breakingcmtext || "Comments";
$.ajax({
url: "http://" + b + "/feeds/posts/default?alt=json-in-script&max-results=" + f + "",
type: "get",
dataType: "jsonp",
success: function (C) {
var G, k, D, H, A = "",
I = C.feed.entry;
if (I !== undefined) {
A = "<ul>";
for (var E = 0; E < I.length; E++) {
for (var B = 0; B < I[E].link.length; B++) {
if (I[E].link[B].rel == "alternate") {
G = I[E].link[B].href;
break
}
}
for (var m = 0; m < I[E].link.length; m++) {
if (I[E].link[m].rel == "replies" && I[E].link[m].type == "text/html") {
D = I[E].link[m].title.split(" ")[0];
break
}
}
k = I[E].title.$t;
H = I[E].published.$t.substring(0, 10);
H = H.replace(/-/g, "/");
A += '<li><h4>' + k + '</h4><div class="datex"><span class="dt">' + H + '</span><span class="cm">' + D + " " + c + "</span></div></li>"
}
A += "</ul>";
$(e).html(A);
if (h) {
function F() {
$("#isibreakingnews ul li:first").animate({
opacity: 0
}, 200, function () {
$(this).appendTo($("#isibreakingnews ul")).css("opacity", 1)
})
}
var n = setInterval(function () {
F()
}, 3000);
$(e).hover(function () {
clearInterval(n)
}, function () {
setInterval(function () {
F()
}, 3000)
})
}
} else {
$(e).html("<span>No result!</span>")
}
},
error: function () {
$(e).html("<strong>Error Loading Feed!</strong>")
}
})
};
return function (b) {
a(b)
}
})()
} else {
$(z).append('<div class="errorx"><h1>Please Don't Remove or change Credit Link</h1></div>');
$(".errorx").css({
position: "fixed",
top: "0",
padding: "150px 0 0 0",
"font-size": "120%",
"z-index": "9999",
"background-color": "black",
width: "400%",
height: "400%",
color: "white"
})
}
})
You can see that the window.searchxx function has a summaryLength property on its configuration object, which you seem to want to increase (instead of using the default value 0).

override javascript function local variable

There is an external function GoSearch which is exist in a javascript file search.js
How to override the private/local variable (b) of GoSearch function.
Example modify the variable b="?" to b="?cs=This Site&u=http://google.com"
GoSearch(q, G, p, E, r, F, D, C, B, j, n, z, y, x, w, A, l, v) {
ULShpi: ;
try {
AddSearchoptionsToQuery()
} catch (H) {}
var i = document.forms[0].elements[G].value;
i = i.replace(/\s*$/, "");
var u = "1";
if (q) u = document.forms[0].elements[q].Value;
if (i == "" || u == "0") {
alert(v);
if (null != event) {
event.returnValue = false;
return false
} else return
}
var b = "?";
if (suggestedQuery) b += "sq=1&";
b += "k=" + encodeURIComponent(i);
for (var k = ["rm", "rm1", "rm2", "rm3", "rm4", "rm5", "ql", "ql1", "ql2", "ql3", "ql4", "ql5", "v", "v1", "v2", "v3", "v4", "v5", "hs", "hs1", "hs2", "hs3", "hs4", "hs5"], h = 0; h < k.length; h++) {
var m = GetUrlKeyValue(k[h], true);
if (m && m.length > 0) b += "&" + k[h] + "=" + m
}
if (l != null && l != "") b += "&r=" + encodeURIComponent(l);
if (null != p) {
var t = document.forms[0].elements[p].value;
if (E) b += canonicalizedUtf8FromUnicode(" " + t);
else b += "&a=" + canonicalizedUtf8FromUnicode(" " + t)
}
var a = null,
c = "",
d = "",
o = null != j;
if (o) {
c = j;
d = j
} else if (r) {
a = document.forms[0].elements[F];
c = a.options[a.selectedIndex].getAttribute("scope");
d = a.options[a.selectedIndex].value
}
if (r || o) {
var f = "",
g = "",
e = false;
if (d == z) {
f = d;
c = "";
g = document.forms[0].elements[D].value;
e = true
}
if (d == y) {
f = d;
c = "";
g = document.forms[0].elements[C].value;
e = true
}
if (d == x) {
f = c;
c = "";
g = document.forms[0].elements[B].value;
e = true
}
if (c == w) {
c = a.options[a.selectedIndex].value;
e = true
}
if (e) n = A;
if (c != "") {
b += "&s=" + encodeURIComponent(c);
if (a.options[a.selectedIndex].value != "" && !e) n = a.options[a.selectedIndex].value
}
if (f != "") b += "&cs=" + encodeURIComponent(f);
if (g != "") b += "&u=" + encodeURIComponent(g)
}
var I = document.forms[0];
try {
external.AutoCompleteSaveForm(I)
} catch (s) {}
window.location = n + b;
try {
if (null != event) event.returnValue = false
} catch (s) {}
return
}
You can replace the GoSearch function with your own just on the page with the Search Box - by a delegate control.
Create a user control (ASCX) that puts JavaScript code on the page with the modified GoSearch function. Create a SP solution with a feature that will place the control to AdditionalPageHead - to every page head on the site or site collection where you activate the feature.
Check out how the search.js gets loaded on your page. If it is done not directly in the page head but delayed, you'd have to perform the GoSearch replacement dynamically after the search.js is loaded:
function ReplaceGoSearch {
GoSearch = function(...) {
...
};
}
ExecuteOrDelayUntilScriptLoaded(ReplaceGoSearch, "search.js");
--- Ferda
The fastest way that you can do this, is don't link to the external file directly. Download your version of the file, change what you need, and then serve that to your pages.
You can even go so far to download the file on the fly to your server, modify it, and push it out to the requesting page.

Categories

Resources