is there a way to inject javascript into pages served by tomcat?
I know it can be performed by http://httpd.apache.org/ but not sure about tomcat.
Reason: I do not wish to edit the deployment by project team to perform instrumentation, they might blame me for code change, but if I can inject without change to their code It will insulate myself from being blamed =x
Please provide reason when voting my question so I can improve.
If you don't care about persistent code, I think the fastest way to inject code is to open up the developer tools and copy&paste the javascript code you need to inject.
In chrome you can edit the source code and when you "save" the changes it will recompile all the javascript code.
Other browsers should have this "feature" as well.
Keep in mind that if you leave/close/refresh the page all the code you have injected will be lost.
Hope this helps
Related
I am trying to find the way to debug javascript code inside the php file. I have a lot of javascript code embedded inside the php file.
I can debug php code using netbeans with the help of XDebug. I can also debug javascript separately inside html or js file with browser like chrome or firefox.
What I want is to debug javascript code inside the php file if it is possible. I am sure a lot of people will be using javascript embedded with php file. I don't like it personally, but I have to work it on. I know I can write the code separately in js file and then can debug with browsers, but it's lot of code, take time for the separation.
Can anybody here suggest me a way if it's possible what I am asking.
Debug Javascript in netbeans 7.4 inside PHP project
https://netbeans.org/kb/docs/php/debugging.html
https://confluence.jetbrains.com/display/PhpStorm/Debugging+PHP+and+JavaScript+code+at+the+same+time+in+PhpStorm
https://blog.jetbrains.com/phpstorm/2014/06/debugging-php-and-javascript-code-at-the-same-time/
IMHO, without even looking it up, i don't think that it is (nor should) be feasible.
Here's why:
Your PHP gets processed on the server side, that's when XDebug kicks in and enables you to breakpoint all your PHP code. Then the server output gets to the client, that's when the actual JS is processed inline in the parsed HTML. Which means you would have to intercept the HTML in some way, parse it, detect eventual inlined JS scripts... and set your breakpoint(s) at that time (yes on each run), then output to client, which parses the HTML yet again to render it and process eventual breakpoints. It would be a tedious process and even more tedious to get to work i guess and that is why nobody even tried making an extension for that.
To my knowledge, inlined JS is also a lot harder to debug and i never saw an actual setup that would allow breakpointing embedded tags in a static HTML document directly from the IDE, which would've been somewhat a little easier to achieve than breakpointing JS in PHP...
Your best shot i guess would be to externalise your JS in separate files and only hard code <script src="path/to/your/app.js"></script> in your PHP templates, which indeed would be much more comfortable to work with on the long run anyways.
Then you would be able to breakpoint all the stuff in app.js, plus have an actual front-end architecture, syntax-highlighting, impress your boss, make your life a lot easier, the world a better place, etc.
Also, for reference: How to debug JavaScript code with Netbeans? (answer #45515159)
And read on: https://netbeans.org/kb/docs/webclient/html5-js-support.html
Edit: seems like setting JS breakpoints in static HTML tags is feasible in Visual Code for example -> https://github.com/Microsoft/vscode-chrome-debug/issues/122
I don't know if I am late, but, I came across the following website and was able to setup the debugger for Javascript and PHP which supports to debug embedded JavaScript in PHP scripts.
source: https://abcmemo.com/2017/04/20/debug-php-and-javascript-in-visual-studio-code/
The website uses PHP.exe as a web service.
It is also possible to use IIS, Apache or others.
Requirements:
IDE: Visual studio code
Extension: PHP debug
Extension: Debugger for (Chrome, Firefox or Edge)
Xdebug set in php.ini
Extension in browser (optional): PHP xdebug if you want to debug on trigger.
You need to have two debuggers running at the same time one for PHP and one for JavaScrpit.
PHP sample
JavaScript sample
I worked with a lot of wordpress templates where I had to deal with some js inside my php files. Assuming that you can run your code on a server, you can easily debug your output in dev tools in chrome (if using chrome). Chrome also allows for setting of breakpoints so you can go line by line, and since your browser ultimately runs the js, you can monitor your code behavior without dealing with the php. That was my main way of dealing with this issue.
I also recommend separating as much js as possible into separate files in your assets folder. Depending on your project, you rarely have to inline your code, In my opinion it's messy to include a lot of JS right in your php, unless you use onclick="" or onchange="" attributes (which can also be handled with event listeners.
Aside from that, console.log() the crap out of everything.
I helped my self with the following steps if it could help any body else
Note:- If your rendered code is inline specific to java-script then it would hard to debug like this.
Run the required page of your application using browser like chrome, edge etc
Open the inspection page by pressing f12 or (Ctrl+Shift+I), Or you can right click on the page see the option for the inspection and click on it.
Goto sources and double click on the source file(this will be probably your php file).
If code not loaded then reload the page by pressing f5 or Ctrl+R, you will see your java-script code there embedded with the html after rendering, then you can put the break point wherever you want and debug through the browser tools(you can see some buttons there to guide you about debugging like step-over,step-into etc).
You will also see errors there regarding java-script,
I have an Angular project and I would like to know if it's possible to obfuscate the code that rendered the browser, so others cannot copy it.
The Web Project is Angular + TS
And I Would like know if it's possible obfuscate the JS Code that I can view in the browser console
No it is not possible. The browser needs to understand what you have wrote.
As you already said, the only option is obfuscation, it doesn't make your code safe just harder to read.
We have a Sitecore installation, and in our environment we are seeing 404 errors when our site is requesting the following files:
sptier0.js
sptier0-ajax.js
sptier0-window.js
My Google-fu doesn't turn up much.
What are these files, and what in their purpose?
Thanks!
I have found that these scripts are most probably related to SharePath performance monitoring tool of Correlsense (http://www.correlsense.com/product/).
I would start the investigation from viewing the html source in a browser, finding the place where the scripts are injected and then analyzing the sources in this area to find how does these links appear on the page.
These JavaScript files are indeed part of SharePath.
Specifically, they are added to existing application HTML pages in order to measure and report browser timing.
Your question, in addition to your comment to Vadim Dubovitsky, suggest that the tool was not properly uninstalled - the files were deleted, but they are still being referenced by (or injected into) the application code.
Disclaimer: I work at Correlsense.
There's an animation done in jQuery within jsfiddle. I do not have a website as of now to "implant" it and share the URL.
I also can't give the jsfiddle. So how can I share my animation to the audience without showing the code? Does github or any other facility tools allow locking the code and showing the final product without having a website, yet I could get a URL for the audience to view it?
I regret for the rookie-question in this context as I am still new to web stuff.
EDIT:
jsFiddle shows 3 code windows along the results :html, css, js. My requirement is to only show the results window to the audience and by all means to hide codes and leads via URL to the codes.
Ideal solution demands a results to be shown and URL that is encrypted (at best).
If I understand your question you could try the following:
Copy your jsfiddle text to a single index.html file (use script tag for js and style tag for css)
Install node.js on your development computer
Install a tool to obfuscate your file (e.g. npm install -g munch)
Obfuscate your file (see instructions https://www.npmjs.org/package/munch)
Host your file somewhere (could be a github project page with a repository containing only the obfuscated file - although its not really the point of github).
Send url to audience
Someone could still reverse engineer your animation but it would take a lot of effort and would probably be easier to write from scratch.
However, perhaps you would be better off doing a screen cast and sharing a youtube link.
The thing you're asking for is simply not possible.
JavaScript is a client-side scripting language and is interpreted by the browser of the viewer of your animation. This means that, by the nature of the language, the viewer needs the code loaded in his/her browser to view your animation.
More in-depth information can be found here: http://computer.howstuffworks.com/javascript.htm
The only way you could achieve your goal is by screen capturing the animation, but that would, of course, only work with static animations.
Now that you've clarified your question, we can give you an actual answer.
Click the Share button in jsFiddle's toolbar (after saving your fiddle) to get a link to the result only.
If you don't want users to see your code do this in your html code:
<body oncontextmenu="return false;">
I'm using Tincr (http://tin.cr/) to take advantage of Chrome's code hot-swapping functionality. However, now I need to disable Meteor's refreshing of the page each time I save a file since the code is already update in the browser's runtime environment thanks to chrome hot-swapping.
How can I do that?
i found the answer. add a '~' at the end of files or folders you don't want causing reloads.