I'm not expecting an answer, just thought I'd throw this out there...
I have an ASP.NET site running on IIS 7.5. Relatively often, maybe 10% of requests, one or two users receive errors while loading javascript resources.
One of the users (IE9) recorded the errors in the F12 tools. There are a couple dozen javascript files on our page, and most of them errored out with the following:
SCRIPT1014: Invalid character
xxxxx.js, line 1 character 11
All of the ones that errored give exactly line 1 character 11. Drilling down into the script files in IE through this error message, everything looked fine - the content that IE showed for these files was exactly what it should be.
But these script files, including jQuery, some third party plugins, and some internal scripts, apparently blew up completely when loading. All of our js files are hosted on our servers - no CDNs.
However, a few of the javascript files apparently were more successful, just erroring out with 'jQuery' is undefined or similar, telling me those must have at least started to execute properly.
Compression is enabled and working properly. I considered the possibility that maybe compression was to blame, and IE was attempting to execute gzip-compressed script without first decompressing it. However, when I force gzip bytes down a response, IE errors with line 1 character 1, and these are consistently character 11.
IE9 in "InPrivate" mode works fine - not a single error.
Something that may be related - the browser isn't properly using cached content. When loading the page from my machine (also IE9), the If-Modified-Since and If-None-Match request headers are sent every time on a refresh, which means the response comes back as a 304 every time, and regular navigation always simply uses cache with no requests. On the problem machine, about 1/3 of the time, the browser requests these files again, with no headers, which means they come back with 200's.
I watched Fiddler, and even with that weirdness, all requests and responses are properly formatted and contain good content, so while the caching thing is weird and possibly related, it does not appear to be the direct cause.
Of course I tried to reproduce a couple thousand times on my machine, manually and through Fiddler, and everything was always perfect. And the user can't reproduce on demand. So I can't even confirm whether it's a server or browser issue, or if it's unique to IE or IE9.
Any thoughts on what could cause this specific scenario? The line 1 character 11 thing is what leads me to believe there's some kind of pattern here.
Related
I can tell from my webserver logs that one of my Javascript files is treated by (some?) iOS 14 as "injected". My script is run in a separate environment (namespace?). And its attempts to do AJAX fail, apparently because it's assigned an "origin" which doesn't match my webserver, so the standard same-origin policy forbids the operation.
I would expect to get caught like this if I was trying to do something blackhattish. But it's just typical Javascript which works on all other browsers. Especially, my Javascript is loaded as an external file in the head portion of its HTML page as usual
<script type="text/javascript" src="foobar.js?baz"></script>
All the page files -including the problematic Javascript- are loaded from the same site-- http://www.foo.bar
How can I tell what the issue is from the server side? (I cannot recreate the problem from the client side - in particular I don't have access to any failing iPhone.)
EDIT 23 - April 2021 - Problem partially (but not fully) disappears on iPhone versions later than 14.0.3.
In answer to my own question: Once I set up my web server to use https: rather than http:, the problems I was experiencing all went away.
Apparently the infrastructure behind the latest Safari browser (as of May 2021) does not fully trust scripts in the head that are loaded over http:, and so isolates them in a separate namespace as though they were "injected".
I'm working on a headless browser based on WebKit (using C++/Qt4) with JavaScript support. The main purpose for this is being able to generate a HTML spanshot of websites heavily based on JavaScript (see Backbone.js or any other JavaScript MVC).
I'm aware that there isn't any way for knowing when the page is completely loaded (please see this question) and because of that, after I get the loadFinished signal (docs here) I create a timer and start polling the DOM content (as in checking every X ms the content of the DOM) to see if there were any changes. If there werent I assume that the page was loaded and print the result. Please keep in mind that I already know this is not-near-to-perfect solution, but it's the only one I could think of. If you have any better idea please answer this question
NOTE: The timer is non-blocking, meaning that everything running inside WebKit shouldn't be affected/blocked/paused in any way.
After testing the headless browser with some pages, everything seems to work fine (or at least as expected). But here is where the heisenbug appears. The headless browser should be called from a PHP script, which should wait (blocking call) for some output and then print it.
On my test machine (Apache 2.3.14, PHP 5.4.6) running the PHP script outputs the desired result, aka, the headless browser fetches the website, runs the JavaScript and prints what a user would see; but running the same script in the production server will fetch the website, run some of the JavaScript code and print the result.
The source code of the headless browser and the PHP script I'm using can be found here.
NOTE: The timer (as you can see in the source code of the headless browser) is set to 1s, but setting a bigger amount of time doesn't fix the problem
NOTE 2: Catching all JavaScript errors doesn't show anything, so it's not because of a missing function, wrong args, or any other type of incorrect code.
I'm testing the headless browser with 2 websites.
This one is working on both my test machine and in production server, while this one works only in my test machine.
I'm more propone to think that this is some weird bug in the JavaScript code in the second website rather than in the code of the headless browser, as it generates a perfect HTML snapshot of the first website, but then again, this is a heisenbug so I'm not really sure what is causing all this.
Any ideas/comments will be appreciated. Thank you
Rather than polling for DOM changes, why not watch network requests? This seems like a safer heuristic to use. If there has been no network activity for X ms (and there are no pending requests), then assume page is fully "loaded".
In our silverlight application we set the location hash property of the browser window to bookmark the current control and query parameters being requested. This is done through javascript via Silverlight like so:
var hashCode = "Example.ControlNamespace.ClassName?clientID=62189";
HtmlPage.Window.Eval(string.Format("window.location.hash='{0}'", hashCode));
This works well enough, but we get intermittent errors from production where this is failing with a stack track that ends at that line..
System.InvalidOperationException: Eval failed.
at System.Windows.Browser.HtmlWindow.Eval(String code)
This only happens occasionally, but I would like to know what is causing it. I've been able to replicate it once myself using IE8, so I don't think there are any obscure browsers causing this. It seems that it is sometimes invalid to set the hash, but I don't know why. Also if it matters its hosted on a secure connection, https.
Thanks in advance.
Edit: I was able to replicate it again. When debugging the javascript the error was 'permission denied'. This seems to only happen on the first load of the page, so maybe the page isn't finished loading and the url hash is not allowed to be changed until it is complete?
This may be associated with this particular issue here:
Suppress navigation when setting HtmlPage.Window.CurrentBookmark property in Silverlight.
The behavior I've seen is that when you set the hash in IE after a redirect, the page refreshes (rather than giving you an "permission denied"), but perhaps there are other scenarios when you're not allowed to do so, e.g., if you're running under HTTPS.
If it does turn out that this is the problem, the only real workaround I've seen is to detect if you're in that scenario (i.e., you've reached this page after a redirect, and you're running in IE), and refresh the page (using JavaScript) before you load your Silverlight application.
In the Firebug add-on for Firefox, how is Firebug able to get the connecting, waiting, and receiving time? Also, how is it that Firebug can know the file size before the file is even finished loading?
Is JavaScript used in these calculations, or does Firebug use another method altogether?
Firebug plugs into Firefox and can fetch data from there. The webserver maybe sends a Content-Length HTTP header, so this is the expected size of the downloaded file. Firefox puts all resources to load into a queue while parsing the website. The time from putting an item into the queue until it is fetched can be considered "waiting time". The HTTP fetch engine from Firefox can give information about how long a connect() to the server takes.
So to put a long story short, I believe Firefox has an API so that extensions can fetch information like that from the engine.
Firebug is most, if not all, JavaScript.
If you're truly interested, you can find the network monitor related bits and pieces here in the Firebug source tree.
I have a page that calls a script in the header, like so:
<script type="text/javascript" src="http://www.discoverfire.net/analytics/l/a.js"></script>
(Note you will NOT be able to load this script as it is DNSd locally as a staging domain)
Very Simple.
Firefox, IE, Chrome all have no problem with this basic, square-one feature.
Opera, however, refuses to load the script. Any variables or functions in it are "undefined" and in dragonfly, the script tag is shown in the DOM, but the "Script" tab says "No script files found."
I go to google and find random pages, their external .js files seem to work just fine.
Any idea why Opera hates me? Is there a security/javascript thing I am missing?
A few things that may be relevant, but really should make no difference:
The script is on a different domain than the page.
The script is only available on my local network. The domain is DNS'd locally for staging, from outside the network it points somewhere else. Does Opera have a setting to secretly use an external DNS server?
The script works on every other browser I have.
The problem isn't in the script content. I've reduced it to a single line with an alert and it simply won't work in Opera.
Update:
OK, the problem seems to be how Opera treats the domain.
I have moved the script to several other domains, and it DOES work just fine. I've moved it to several paths on the locally DNS'd domain, and it won't work from anywhere on that domain.
This leads me to believe that the problem is that Opera can't, or won't, load the script from this domain for some reason.
Strangely, there seems to be no problem loading pages and other resources from the domain, the problem lies in .js files only.
The domain is registered, but parked. We DNS'd it locally so we can use it for staging/testing, and that may be messing with Opera somehow with JS security.
I could be wrong though - I really have no idea. If anyone else has one, I'd love to hear it.
Update 2:
Regarding Dragonfly and the error console/developer tools, they don't say anything about the script at all. There are plenty of Undefined Variable errors for variables and functions that should be present from the script, but other than that, no errors. Oddly, the script tag does show up in the DOMM, but if I click on the Scripts tab, it says "No Scripts Found".
Update 3:
There is no blocked content, so we can at least rule out that setting.
You may want to see if its ad blocker is getting in the way. Your URL contains the text "analytics," which may be part of a "block this" pattern. I know some block Google analytics through Opera. An easy test for this may be to try moving your .js to a different path on the host.
Have you checked Opera's error console? Tools > Advanced > Error Console
It should provide information on why it won't load or if there another error of some kind.
Like Jacob suggested, you should check if it isn't blocked. To do this:
Right-click on your page
Select "Block Content..." in the context menu
At the top of the screen, click the "Details..." button
You should see the URL's that are blocked on the current page
You should ask in the Opera Forums. I had some problems with Opera in the past and they answered quickly.
Is the host serving the correct mime type of the JavaScript file. It's not a commonly known fact but the type=text/javascript attribute is actually ignored by browsers as it trusts that the server is specifying the correct type.
Additionally the mime type of text/javascript is actually wrong when it comes to JavaScript, the actual JavaScript mime type is application/ecmascript (if I recall correctly, it may be application/javascript though). If you don't believe me you should have a look here where I had more information and linked off to the Douglas Crockfords videos where he discussed the mime type.
I had something similar recently - opera would just not run a script on an external server... nor if I downloaded it and had it on localhost. It only ran when copy/pasted between script tags into the html page.
It turned out that the script was encoded with UTF-16 and that was somehow confusing the browser. When I converted it to UTF-8, everything ran fine.
So, just in case and if you still have that problem, check out the encoding settings...
I had the exact same issue, tying to load a script from a localhost/development server into a page, hosted on the public server at no avail. The only way I managed the script to load in Opera was to save a copy of the page into a location on the same development server and use the tag to refer to the original domain to get the page's .css and .js linked files. That worked. Looks like Opera doesn't like to mix public and localhost domains, but handles localhost without complaints.
what you're seeing is probably Opera's security precaution against the so-called "phish pharm" attacks: cross-network protection. You can not mix content from a public server and content from a local server.
Have a look at my answer here for a workaround:
Opera won't load some JavaScript files