I'm trying to use just plain JavaScript within jsFiddle to run a JSON Ajax test...
http://jsfiddle.net/qwYu9/
...but all I get back is an empty object '{}'?
You can see an alternative version by adding /1/ to the end of the above URL - and from that example it breaks completely.
I've looked at the API documentation http://doc.jsfiddle.net/use/echo.html and it's not that helpful (to me anyway).
Can anyone shed any light on this please.
Regards,
Mark
data should be in URL format
/echo/json/?json={"text":"some text","array":[1,2,"three"],"object":{"par1":"another text","par2":[3,2,"one"],"par3":{}}}&delay=3
http://jsfiddle.net/zalun/qwYu9/7/
You are trying to query a domain different from the one the javascript is running in. That's not possible since it might pose a security risk and is blocked at the browser level.
This error was generated:
Unsafe JavaScript attempt to access frame with URL http://jsfiddle.net/qwYu9/ from frame with URL http://fiddle.jshell.net/qwYu9/show/. Domains, protocols and ports must match.
XHR finished loading: "http://fiddle.jshell.net/echo/json/".
As you can see, domains differ from jshell.net and jsfiddle.net
Related
I want to secure JavaScript Codes. I secure my JavaScript with https://javascriptobfuscator.com/ but it can also stolen from view source.
I want a codes which redirect to my website when JavaScript used on wrong site.
This is possible I know but I don't know how?
What you could do is check the return of location.host or location.hostname.
To redirect to another URL you would change the value of location:
location = "https://mywebsite.com";
//or alternatively
location.assign("https://mywebsite.com");
However, the redirection may will be prevented by Cross-origin resource sharing policies (see Michael's comment). So you could just display an alert dialog.
alert("Don't use my script on your website");
The person trying to use your code on their website will be warned during development by this alert.
In any case, your obfuscated code can still be changed and someone that is determined will remove these "security" measures and it can even be deobfuscated.
Are you sure all of this is needed ? Modifying a stolen code to make it work on another website can be harder/longer than just rewriting a similar code. Apart if you are doing something very special and new, I think you are just losing time by trying to protect your code.
I've spent a good portion of my evening working on this.
I am trying to get this live json data http://citibikenyc.com/stations/json loaded onto a page on my website using d3.json.
Just testing:
var bike = "http://citibikenyc.com/stations/json";
d3.json(bike, function(error, json) {
console.log(json);
});
doesn't work. I get the error
XMLHttpRequest cannot load http://citibikenyc.com/stations/json. Origin http://hochemoche.com is not allowed by Access-Control-Allow-Origin.
Is there something that I'm missing? Is there possibly some restriction coming from the page which I'm submitting my request to? Any help on this would be greatly appreciated. I don't believe that there is any restriction coming from citibike's site because this same request works as a curl from my Terminal, also other's have used this data, but can't seem to figure out how they are loading it based on their code.
eg: http://jehiah.cz/citibikenyc
#Blaklaybul
The Access-Control-Allow-Origin parameter must be set by the JSON source, in this case it is "http://citibikenyc.com/stations/json".
Try to include the CORS parameters in the header of the ajax request you are making. See http://techblog.constantcontact.com/software-development/using-cors-for-cross-domain-ajax-requests/
You can try other alternatives like jsonp etc, again information of which is available in the above link.
If you use Chrome browser, you might also use an extension namely "Allow-Control-Allow-Origin: *". After installing and launching it, I believe it will work.
Hope all thing will be ok!
I'm writing a Firefox extension and I need to to access items in Firefox's memory cache.
Here is the code I'm working with:
nsICache = Components.interfaces.nsICache
cacheservice = Components.classes["#mozilla.org/network/cache-service;1"].getService(Components.interfaces.nsICacheService);
cachesession = cacheservice.createSession("javascript", nsICache.STORE_IN_MEMORY, false);
cachesession.doomEntriesIfExpired=false;
//fileurl is captured from the nsIObserver and does print out correctly
cachedescriptor = cachesession.openCacheEntry( fileurl, nsICache.ACCESS_READ, false );
ERROR:NS_ERROR_CACHE_KEY_NOT_FOUND here
Since this is data fetched in the background, I have to use an nsIObserver to capture the request and snag it's URI to be used as the cache key.
As I showed above, I get a NS_ERROR_CACHE_KEY not found, though a look through about:cache shows that it clearly is there. I also used a proxy to force caching to disk, but I got the same problem (with the code modified to look at the disk cache). I thought that this might be because the cache item was still being written, so I made a recursive window.setTimeout to continuously call the functions, but even after it is finished downloading I get the same error.
Is this, perhaps, and issue with the nsICacheSession? Maybe I'm not use the correct clientId. If so, what clientId should I be using?
I'm really at a loss here, so I'm hoping you guys can help me out.
Problem was the clientId. I used "javascript" because I saw it in an example. Turns out I needed to use "HTTP" instead.
How can I write something ("hello my client" for example) in the browser's address bar with javascript after the page is completely loaded?
Mean writing something in address bar without entering - is it possible?
It seems we can do this job with JavaScript, if not can we do that with server side code?
How?
This is possible, but only the part after the hostname:
history.pushState(null, "page 2", '/foo.html');
Try this in your javascript console, this effectively changes the current path with /foo.html. (It's a new html5 feature, and is available in recent browsers only.)
See mozilla docs: https://developer.mozilla.org/en/DOM/Manipulating_the_browser_history#Adding_and_modifying_history_entries
Browser Compatibility
Why?
This is used to make ajax sites history/bookmark/link friendly by updating the URL as the content is updated. Currently most sites do this by only changing the hash part of the URL (e.g. Twitter with their #!.)
For instance Github uses this for their code browser: https://github.com/blog/760-the-tree-slider
Maybe its already answered # Change the URL in the browser without loading the new page using JavaScript .
You can set location.hash, but you can't replace the entire URI.
The reason this is not possible is it presents a security violation. This is why phishers write a gif file over where they believe the address bar will be.
My question is why would you want to do this? The only reason I can think of is you want to make someone think they are at http://Iamreallyyourbank.com when they are at http://IamStealingYourMoney.com, which is why the security is in place.
This is not possible. You cannot change the URL displayed in the browser. Not only would it be a horrible security practice, it would be a violation of trust to the people visiting your site.
I am debugging a large, complex web page that has a lot of JavaScript, JQuery, Ajax and so on. Somewhere in that code I am getting a rouge request (I think it is an empty img) that calls the root of the server. I know it is not in the html or the css and am pretty convinced that somewhere in the JavaScript code the reqest is being made, but I can't track it down. I am used to using firebug, VS and other debugging tools but am looking for some way to find out where this is executed - so that I can find the offending line amongst about 150 .js files.
Apart from putting in a gazzillion console outputs of 'you are now here', does anyone have suggestions for a debugging tool that could highlight where in Javascript requests to external resources are made? Any other ideas?
Step by step debugging will take ages - I have to be careful what I step into (jQuery source - yuk!) and I may miss the crucial moment
What about using the step-by-step script debugger in Firebug ?
I also think that could be a very interesting enhancement to Firebug, being able to add a breakpoint on AJAX calls.
You spoke of jQuery source...
Assuming the request goes through jQuery, put a debug statement in the jQuery source get() function, that kicks in if the URL is '/'. Maybe then you can tell from the call stack.
You can see all HTTP request done through JavaScript using the Firebug console.
If you want to track all HTTP requests manually, you can use this code:
$(document).bind('beforeSend', function(event, request, ajaxOptions)
{
// Will be called before every jQuery AJAX call
});
For more information, see jQuery documentation on AJAX events.
If its a HTTPRequest sent to a web server, I would recommend using TamperData plugin on Firefox. Just install the plugin, start tamper data, and every request sent will be prompted to tamper/continue/abort first.
Visit this page at Mozilla website
Just a guess here, but are you using ThickBox? It tries to load an image right at the start of the code.
First thing I would do is check whether this rouge request is an Ajax request or image load request via the Net panel in Firebug.
If it's Ajax, then you can overload the $.ajax function with your own and do a strack trace and include the URL requested before handing off to the original $.ajax.
If it's an image, it's not ideal, but if you can respond to the image request with a server side sleep (i.e. php file that just sleeps for 20 seconds) you might be able to hang the app and get a starting guess as to where the problem might be.