Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this question
I wrote a basic python 2.7 game using things like print, for, if, else, etc. I also made a website to hold the game downloads. I was wondering if there is a way to embed the python game directly into the HTML5 website. All of the other questions that I looked at contained links to non-existant websites.
Depends on what you want and how the game does I/O, but I'd check out pypy.js, it's a version of pypy running in the browser, capable of basic I/O and what not, that would require a minimal amount of reworking your current setup. For faster loading, you could use the same toolchain as pypy.js to compile your python code to C, and the C to asm.js. That would require reworking your code to valid RPython, which requires runtime variables to be statically typed and a few other restrictions. It would allow your game to run in the console at near native speed.
If you want the game code running on a web server, a COMET/AJAX solution is the way to go. I usually use Athena LivePage from the Nevow for that type of thing. A 'drop-in' solution would be to use something like ShellInABox or PyInABox to run a server-side shell, and the run your python script inside the shell, running as a no-permissions user inside a chroot.
As I said, I'm not familiar with javascript (I have some experience in java though), but here's what I see you would have to do: Redirect print to a separate file, not sys.stdout, send to an output stream, and have javascript display the information received in the stream in the browser.
About javascript, I'm not entirely sure.
But here is a little guidance for your python code:
print "Hi! I'm Zin"
to...
print >> (destination file), "Hi! I'm Zin"
print >> sys.stderr, "Hi I'm Zin" # Will print to Python's built in error stream.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 2 years ago.
Improve this question
I got a project to design a website which has a javascript & HTML interpreters, Database, C++ compiler. I have searched related websites and I ended searching with codecademy
. Now I'm thinking to build something like codecademy website with my own features and functionality. Although I know how to create a dynamic website but I don't know how to embed interpreters, compilers and all. Please guys help me to build this project and successfully run
In very simplified terms, there are two ways to achieve a live interpreter/compiler on a web site:
Find (or write) a compiler/interpreter for your language that is written in Javascript
Create a (native) CGI application and run it on your server that will run a given piece of code through a (native) interpreter/compiler (also on your server) and return the result of the run. Then write a web page that calls on that CGI to do the work, usually using AJAXy Javascript things like xmlHttpRequest, or at least a web form.
That's what all of these sites essentially boil down to. Some just have an interpreter or CGI that can remember state between calls, and can then show you intermediate steps. This could be because your JavaScript-based interpreter supports pausing, or your CGI could e.g. have the program run in lldb and then your page sends certain commands to LLDB and returns information.
Note: If your question was more about how to actually write an interpreter in JavaScript, I detail the basics of parts of an interpreter here: http://orangejuiceliberationfront.com/how-to-write-a-compiler/ It is for C programmers, but the basics hold true in any programming language. You can always use arrays instead of memory blocks, and array indexes instead of memory addresses.
Simply web application takes our code as input and store in file with respective the programming language extension like .java, .c etc and then they used the server side install compiler to run the code and forward the output to the client through web page.
Suppose in java, there is class Runtime and Process with the help of this class we get the control on server side install software like java, javac etc with that we run the program and transfer the output to User..
It is very simple if any one want code for that then ping me..
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I am building a web application for a company so they can test the app on a control group of people to see if they would like to try funding the app. Funding beforehand is not an option, however I would like to keep the code somewhat private, so that someone from an IT team can't just easily download all the app files and claim it as theirs. I have researched a little but also found little on what can be done to protect the files for the app which are written in javascript, html, css, ect. basic web development languages. i was just curious if anyone knew of a way to somehow protect these files if it is even possible. I'm not against sharing my code, however for a business opportunity I prefer that it remain private for the time being.
This question has been answered before: How can I obfuscate (protect) JavaScript?
But anyway, here's my take on the question:
You don't need to protect your HTML/CSS code, unless that aspect of the app is what is so proprietary. If that is so, obfuscate your code (there are many websites online that will do this for you).
From the information you gave me, I can infer that it's not the styling or the UI you want to protect, it's the application's logic. In that case, you can obfuscate and then minify the JS code such that it's very hard to deconstruct (although some web browsers do pretty-print the code). To see an example of this, go to Google, open the dev tools, and look at any JS file under the Sources.
I also saw another interpretation to your question. If you meant "to protect the application from being downloaded and then reuploaded", that sadly isn't possible with web apps (unless you explicitly check the domain that the app is running on and restrict the app from running on domains other than yours).
An implementation of the domain-protection would look something like this:
if (window.location.hostname !== "yourwebsite.com") {
alert("Invalid domain, redirecting to official app...");
document.location = "http://www.yourwebsite.com/app/";
}
After adding this protection, you can stop it from being removed by minifying and obfuscating the JS code.
For the css and Js a lot of people use minification. This makes your code really hard to read and finding the business logic in your code. As for the HTML you could uglify it. There is no real way to hide HTML,CSS, JS in your browser because the browser dev tools would reveal all of the code. There are only ways to make it unreadable.
JS minification tool : https://javascript-minifier.com/
Css minification tool : https://cssminifier.com/
https://developers.google.com/speed/docs/insights/MinifyResources
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
I'm a C# developer, and use XAML for user interfaces. Lately I've been wondering something regarding HTML5+JavaScript development (used in Universal Windows App development, as well as for websites). Javascript is compiled and executed at run-time on the client device. So any user can go into the folder where they're stored on computer, and see all the code in it, right?
There is no unreadable alternative for js and html5. That's why so many websites are so slow in adopting html5 video and replacing adobe flash.
But if your entire application is client side and you worry about your code being stolen you're doing something wrong. Almost any application requires serverside code that isn't accessible.
And it doesn't matter anyway, who cares about some js that makes a div draggable or moves some html around.
I dont think readable javascript code is of any value...what matters is the server side code like php or ASP which really matters in the security of the websites
And even if the developer didnt want the user to read the javascript framework.. what option does he/she have to prevent it..?none!
The client side code is indeed visible by the client. If something is available client side, then you won't need a round trip to the server to get it.
For example you could imagine a simple calculator application. You could write it client-side, in Javascript, the app can ouptut the calculations immediately. Or you could write it server-side (in wathever language you want), which means you need to ask the server for the calculation (with an ajax request probably), and wait for it to respond.
Also some things doesn't make sense on the server-side. Pretty much any action that changes the DOM, which only exists client-side, in the browser.
I wrote about this on my blog a while back, see Protecting Your Code,
as an addendum to my free ebook, Programming Windows Store Apps with HTML, CSS, and JavaScript, 2nd Edition.
The short of it is that JS code it not protected, though you can make things a little more difficult with minification/uglification like many website authors do. You can also take steps by putting some of the code you care about into Windows Runtime Components written in C++ (C# can be decompiled). The only really secure solution is to have code on a server, and draw from that in an app which of course doesn't work for all cases, but is an option.
Note that some of my comments in that blog from 3 years ago might be a little dated. I believe that current Windows Store policy now allows you to load code from a remote server at run time.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I'm trying to accomplish the following:
Pull information from a module through Python. [Accomplished]
Constantly pull information from Python for use in HTML.
Avoid writing the entire HTML/CSS/JS document in print statements.
I've seen the term CGI thrown around, but don't really understand how it works. Simply put, I want to run the Python script which returns an integer value. I then would like to take that integer value into JavaScript so that it may update the designated tag. It should be able to execute the Python script every two seconds, receive the output, then apply it to the page. I do not want to write out the entire HTML document in Python by doing one line at a time, as I've seen some people doing on sites I've found.
It seems like doing something like this is far more complicated than it should be. The page should run, call the script for its output, then give me the output to use.
Well if you don't know what CGI is and find that what you ask for is "far more complicated than it should be", you first have to learn the HTTP protocol, obviously, and that's way to broad for a SO answer.
Basically what you want requires:
an html document
some javascript code, either linked from the document or embedded into it
a web server to serve the document (and the javascript)
a web server (can of course be the same as the previous one) that knows how to invoke your python script and return the result as an HTTP response (you'll probably want a json content type) - this can be done with plain CGI or with a wsgi or fcgi connector, in your case CGI might well be enough.
Then in the browser your javascript code will have to issue a GET request (ajax) every x seconds to the web server hosting the Python script and update the DOM accordingly.
This is all ordinary web programming, and as I said, a basic understanding of the HTTP protocol is the starting point.
Trying to write anything from scratch, if you don't know anything about the subject, is always going to be complicated.
That is why there is a whole world of tools to help you. I don't think you want CGI at all; look into one of the Python micro frameworks, in particular Flask. The tutorial there should give you the introduction you need.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 3 years ago.
Improve this question
I have a method I'm testing right now for hiding javascript so that the user can't go around searching for it in the source files.
The method is this:
You have a bunch of javascript files included to make your application work. Libraries like jQuery, dojo, and your own code. This is pretty standard.
There is one critical piece of javascript code without which the app will not function, nor will any curious user be able to make heads or tails of the app without it. This critical piece does not get loaded by script tags. Instead, a small unobtrusive script calls to a database and returns the javascript in a big long string.
This string gets eval()-ed to make it live code. But the code was dynamically generated, so it won't show up if the user is looking through the source code or saves the website. Furthermore, you can add some kind of a salt or time-stamp to prevent users from trying to trick the database into revealing your javascript kernel.
I'm trying to get feedback on this from the community, and most of the examples I've turned up for hiding javascript with server-side code has just been people wanting to to include a .php file in the tags instead of .js. This is totally different.
So there you have it. Is this a good idea? What are the weaknesses?
eval() is generally frowned upon, but regardless, the big weakness is that I can simply sniff the HTTP requests and get your script. Obfuscation can make this more inconvenient, but with a good debugger its not that hard to follow a stack trace and get a good idea of what is occurring.
Even if the resource is transferred over SSL, it can be perused/manipulated once it has been loaded by the browser. To test this, I went to a secure website and examined a raw TCP response (both synchronous and asynchronous using XML HTTP) using SmartSniff. As expected, it's encrypted and unreadable. However, the same requests are all visible as plain text in Chrome's network activity inspector.
It's trivial to make Javascript code unreadable by humans (and even highly resistant to reverse engineering) - and you don't need to hide it in a of of other code. But why? Generically, the name given to this kind of code is malware.