In Javascript, what is the preferred way to validate if a GWT *.nocache.js file has loaded properly?
Background
My GWT application loads an *.nocache.js file within a simple shell .html page.
If a user visits the page with a stale auth cookie, the .html file loads perfectly from browser cache, but the *.nocache.js file fails to load, because the user needs a fresh auth token.
Since the .js file fails to load, it fails silently. The user sees a blank .html page with no indication that they need to refresh the page.
(note the particular failure here is that the .js file does not load due to wrong mime type. The auth layer handles stale auth cookies by redirecting to the login page. This page is a text/html document so the browser rejects loading it in a tag. Assume for this question that I cannot change this behavior in the application :)
What's the best way to detect this circumstance and, for example, force a refresh of the page.
Note a hard refresh will force a fetch of the .html page from the server, which will be redirect to the login.
One approach would be to tell the browser to not cache the .html file, but I'd prefer another solution that lets the .html file be cached.
Given that you cannot change things in your application, I will answer just to your question.
You need some javascript in your page.html in order to check whether the gwt script has been loaded after a fixed time:
<head>
<script>
setTimeout(function() {
if (!document.getElementById("my_module_name")) {
window.location.reload();
}
}, 4000)
</script>
<script language="javascript" src="my_module_name.nocache.js"></script>
</head>
In the case you use an iframe based linker (standard, xsiframe), the .nocache.js creates an iframe to load the appropriate permutation, and gives it the name of the module, so checking for the presence of that element after a while is enough to know whether the app was loaded.
You could also check for the presence of especial properties which gwt sets to the window like window.__gwt_activeModules
Typically, a GWT app loads first, then you do authentication. You can use a split point, if you want, to load only the login page. Then, after the authentication is confirmed, you load the other parts of your app.
I have never seen a scenario where authentication is done before a page loads. Maybe you can explain why you did it this way.
As for your question, you need a JavaScript to detect if another JavaScript was successfully loaded, but this solution adds an unnecessary level of complexity.
Related
I just read https://developers.google.com/web/updates/2018/07/nostate-prefetch, and it's about the nostate prefetch for prerendering resources. And im confuse about the line:
NoState Prefetch only fetches resources in advance: it does not execute code or render the page
does that mean NoState only prefetch and cache the contents but not rendering or execute them? so who gonna prerender, the browser? or I will have to execute the contents first before it can fully render? I'm a new programmer and really want to know an answer, I knew that prerender will be applied to next navigation and really wanted to know if you could somehow prerender the content without having to manually execute JavaScript or prerendering it thanks!
Prerender
It ensures that a URL with all necessary static resources is fully loaded and set up in the background. You can imagine it as opening a URL in advance in a new tab, but it stays hidden until the user actually calls up the page.
All activities that would take place during an actual page impression, are carried out in the background. If for example you are logged in to an online shop and load the log-off page with the prerender, then you'll be logged off on the next page.
If you are logged into an online shop and load the unsubscribe page via prerender, you are logged off the next time you call up the site.
Prerender stores a URL and all its associated resources in the browser cache and renders the complete page at the same time.
Preload: the resources (URL or image, css, js) are made available as soon as they are required. In other words, they're stored with high priority in the browser cache.
Prefetch: The entire file (css, js, image) is downloaded and saved with low priority in the browser cache.
I have been recently working on a website for myself, http://retrixsolutions.pw/, and I have a process before which loaded my website and redirected it to another page:
<script type="text/javascript">
document.location = "homepage.html";
</script>
Using this script, it automatically redirected my websites' index.html to homepage.html
I then looked into another website design and decided I liked that one better. I removed the files on my CentOS webserver and then uploaded the new ones. These files do not require me to redirect.
If you go to http://retrixsolutions.pw/ it works, but if you go to http://retrixsolutions.pw/index.html, it redirects to another page even though the script to redirect is completely removed.
I have restarted my webserver, shut it down and then re-uploaded the files but still the index.html file relocates to homepage.html.
Thanks for your help.
Adding on to what JBDouble05 said, another easy way to clear your cache is to hold Shift while clicking the refresh button.
What you'd need to do is make sure your browser is not caching the files. Caching is essentially the browser saving time and effort, and it saves a local copy of the file to its storage, which means that if you boot up that page, it will load the saved file, even if the file online changes. To clear cache, you can refresh the page, hard refresh and clear cache, or use an incognito or private browser (such as Epic)
I was wondering if there's any way to attach a js lib to an external webpage after the page has loaded?
To provide a simple example, could I load www.google.com into IE and somehow display the webpage with a green scroll bar?
I would like this process to happen automatically on each page load instead of having to manually execute this process on each page load.
I am assuming that you are talking from a web developer's point of view.
I don't think it is possible without any hacks.
This would also be a huge security risk, because loading javascript code on an external website means that the code can potentially do anything on behalf of the user. It can capture keystrokes, take screenshots, note down passwords and do a lot of illegal stuff.
So instead of this, you can create a browser extension (add-on) which will have to be installed by user's permission (and his knowledge), and can run any code on any page (if the user allows it)
I have a web service that works through giving users javascript to embed in their code. Users can also place that code on other sites to make it work there. However I also need to allow users to create a blacklist of sites that the JS should not function on. For example, a competitor or an inappropriate site.
Is there a way to check where our JS files are being loaded from, and block loading or break functionality on a per account basis?
Edit: The javascript loads an iframe on the site, so another solution would be to somehow block certain domains from loading an iframe from our server, or serve different content to that iframe
Edit 2: We're also trying to avoid doing this from with the JS because it could be downloaded and modified to get pass the block
Inspecting the url of the page
Yes, the javascript file, when it starts executing, can inspect window.url and see if the url of the main document is ok.
To see where the script was loaded from
It can also go through the dom, looking for the script node which brought in the javascript file itself and see from where the JS was loaded.
However
Anyone can load the javascript into a text editor, then change it to eliminate the tests, then host the modified JS on their own server. Obfuscating or minimizing the JS can slow someone down but obscurity is not security.
One thing you could do is have the javascript load another javascript file. That you serve from the server at a given url. The trick here is that that url will not go to a file but to a server end point that will return a javascript file. The you have that endpoint check for the routes for that user and decide if it will return the javascript you want to work or an error javascript of some kind.
This blog shows how to do it in php.dynamic-javascript-with-php
I would like a javascript to run after a page is loaded , like on the example below with a delay of 6seconds. Right after the page loads the rest of JS is lost (obvious)...
Got any ideea how change content after page is loaded without clicking a button?
javascript:window.location = "http://example.com";
setTimeout(function() {
document.getElementById('lightbox').style.display = 'none';
}, 6000);
Once you set window.location the original page will be unloaded before the new page is loaded by the browser. This means your script will be gone before the new page start loading and thus can't modify the new HTML anymore.
This behavior is inherent to the security model of the browser. Without it you could inject any JavaScript into any web site of your choosing, which would be a huge security risk. What you are asking for is so-called XSS (for cross site scripting), which is prevented by the browser applying a so-called SOP (for same-original policy).
There are some common ways to work around this limitation in a safe way:
Set up a proxy to serve both your JavaScript and the original site. This way both your script and the original site come from the same domain and satisfy the browser's same-original policy (SOP). You could run the original site in an iframe with your custom script occupying the top-level window. Alternatively you could inject your script into the HTML as it is being retrieved through your proxy.
Run your script as a browser add-on or user-script. If you choose to do this, the user will have to specifically grant your script the rights to run locally with elevated rights. Greasemonkey popularized client-side scripts for Firefox a few years ago, but recently they seem to have lost momentum.
Ask the site owner to include your script. I doubt this is a valid option for your situation. But if it is a valid option it is definitely the simplest one.
Ask the user to run your script after the site has loaded. This one is probably also not valid for you, but if valid it would once again be a very simple solution.
Your example shows that you are first redirecting and then attempting to hide #lightbox. This script would not work, because you are redirecting the browser to another site before #lightbox gets hidden.
In short, you cannot have Javascript of a previous page manipulate DOM of the next page if you redirect the user to another URL (or even the same URL). Only Javascript that is 'on currently open page' can manipulate currently open page and no other pages.
I have not understood what you are saying. JS is lost? Please be more clear.
I think what you are talking about is the jquery ready function which runs after the DOM is ready. Or in the other case, try using window.onload() function.
This should do the job:
$(window).bind('load', function() {
// your code here
});
Then simply add the delay to your added code with .delay("6000");
The inserted code will only run when your page is completely loaded.