w3hello.com logo
Home PHP C# C++ Android Java Javascript Python IOS SQL HTML videos Categories
Parse.com Sign Up Issue - Javascript
According to the Parse documentation, signUp is a static method on Parse.User so it should be called a little differently. You also need to pass signUp the username and password. function myFunction() { Parse.initialize("ID", "PASS"); var username = $("#signup-username").val(), password = $("#signup-password").val(); Parse.User.signUp(username, password, {}, { success: function (user) { alert("Yay!"); }, error: function (user, error) { alert("Error: " + error.code + " " + error.message); } }); }

Categories : Javascript

JavaScript JSON Parse Issue ($.getJSON)
Use callback=? rather than callback=json so that jQuery knows you are using JSONp and can choose it's own name for the callback function. $.getJSON('roomupdate.php?level=1&div=1&callback=?',function(res){ //alert('Your name is '+res.rooms); console.log(res.rooms.name[0]); }); See http://api.jquery.com/jQuery.getJSON/#jsonp for details. Edit: Looking again, you will need to change the way you are accessing the data around. res.rooms.name[0] should be res.rooms[0].name because rooms is a list, and each room has a name property.

Categories : Javascript

Javascript window.open function to open all urls in a json feed
for(var i=0; i<len; i++) { links[i].addEventListener('click', function(e){ window.open(this.href, '_blank', 'location=yes'); e.preventDefault(); }); }

Categories : Javascript

Best OOP JavaScript practice for security
JavaScript is really never secure since it runs entirely client side with everything visible and open to manipulation. I tend to manage scope using closures to limit scope to what's appropriate for my different code blocks. However, this does not offer any security advantages I favor the closure model since it offers good encapsulation for internal methods and variables. You can define functionality without worrying about it "polluting" the global space and potentially interfering with other functionality. As far as I'm concerned, there is no pattern that will protect you against manipulation. The best advice is to not trust JavaScript variables and always use proper server side validation before accepting their values.

Categories : Javascript

PBKDF2 security in Javascript
Using the username as a salt is mostly satisfying, but does not protect against several attack scenarios. As for example, the password can be compared in the databases of two websites that use the same algorithm. Furthermore, rainbow tables can be generated in advance, hence reducing the cracking time after compromise. For this exact reason, the salt should be generated using a cryptographic PRNG. The idea of having the source code of the random source visible to attackers isn't a problem in itself, if it is non-predictable. See this question for how to generate it using javascript.

Categories : Javascript

Open a new javascript window(.open) along with its CSS styling
Build a complete HTML page in the opened window and reference your CSS-file there: var win = window.open('','printwindow'); win.document.write('<html><head><title>Print it!</title><link rel="stylesheet" type="text/css" href="styles.css"></head><body>'); win.document.write($("#content").html()); win.document.write('</body></html>'); win.print(); win.close();

Categories : Javascript

JavaScript Security - Access to the DOM by an outsider
Assuming that: you are not including any 3rd party content within the page are using an SSL encrypted connection to avoid man-in-the-middle attacks/content injection the user is actually paying attention to the SSL certificate (look up SSL proxies/connection termination and renegotiation by a trusted man in the middle) the user's computer is clean (i.e. no malware, malicious browser addons etc.) it should be as secure as it can be. If any of the above points are not true, the system cannot be fully trusted anymore. If any 3rd party script/content/program is introduced anywhere at these points, it's not really possible to guarantee an unobserved communication.

Categories : Javascript

Web App with manifest security through javascript and local storage
Everything downloaded to a client must be considered insecure, sharable and scrutinize-able. There is no way to secure or protect Javascript source or any of the data downloaded. It's just a matter of setting up a proxy such as Fiddler or just copy data from the cache directly (or save the source files from within the browser). Even going with a private-public key approach won't do as it's rather easy to jump the function used to do the checking. So yes, all data can be copied and shared and there exist no such thing as unbreakable code :) This is a classic situation - you need to calculate that there will be some illegitimate use of your software no matter what you do - you can make it more difficult, but not prevent it (especially in the case such as downloaded Javascript). My 2-ce

Categories : Javascript

Is Javascript based validtion a security risk?
Javascript should never be your security screening. Javascript being client side, is vulnerable. Javascript validation is used to ease user experience. It is better to use server side scripting for security purposes.

Categories : Javascript

Security in embedded iframe/javascript widget
If you want to keep it as a simple, client-side only widget, the simple answer is you can't do it exactly like you describe. The two solutions that come to mind for this are as follows, the first being a compromise but simple and the second being a bit more involved (for both you and users of your widget). Referer Check You could validate the referer HTTP header to check that the domain matches the one expected for the particular Site ID, but keep in mind that not all browsers will send this (and most will not if the referring page is HTTPS) and that some browser privacy plugins can be configured to withhold it, in which case your widget would not work or you would need an extra, clunky, step in the user experience. Website www.foo.com embeds your widget using say an embedded script

Categories : Javascript

Browser Javascript security warnings and errors
This doesn't effect the functionality of page. You are seeing this error because your main page is from https:// and iframe you are loading in that page is from http://, That is the only reason. Try using relative protocol e.g.; <iframe src="//example.com"/> and try to correct this warning. It is ok to have this error but this error should be solved because this may impact user experience in few circumstances depending your page code approach.

Categories : HTML

Holding password in javascript variable - security implications?
Leaving the password in a variable leaves it open to people to access simply in their browser tools! lets say the function called when the store password button is pressed, stores the password in a variable called password. Even if this variable is not used on the page at all after that, simply handled later on somewhere in the code, all one has to do is open up the developer tools in their browser, add in a statement like alert(password); , and Bam, the password literally pops up infront of them. Admitedly, any code simple enough to let someone do that is probably unworthy of being on the web, and even less worthy of being meddled with, but I guess it's a lesson in how vunerable we really are.

Categories : Javascript

javascript - bypassing iframe cross domain security
The script hosted on the publisher site need not (in fact should not) bust the iframe. Instead the purpose of this script is to establish a communication channel between the AD iframe (hosted inside DFP) and the publisher page. The catch here is - At runtime the script on the pub page knows what is the DFP iframe url domain but the script served through cloudfront does not know what is the publisher page url because of cross domain access restriction. So the publisher script can set a postMessage handler to receive messages from the ad Iframe. It can do something similar to this function registerPostMessageHandler() { // Listen to message from child window var eventMethod = window.addEventListener ? "addEventListener" : "attachEvent"; var even

Categories : Javascript

Security in a Javascript based app -refreshing a users hash
Basicallly on the clients side you shouldnt have anything except hash. On the server side this hash must be associated with user it belongs to, expire time and anything else you need. Send this hash with each request, and on server side validate it. When it expires you have to send (server) appropriate headers like 401 - Unauthorized. Client have to understand that response and try to exchange hash to new one. And finally when client gets new valid hash it can resume sending requests. ... and you shouldnt check expire time at client, this job for server. thanks.

Categories : Javascript

javascript send form to spring security validation
You need to prevent the default action of the anchor element <a href="#" onclick="return postForm();">Demo</a> And <script type="text/javascript"> function postForm() { document.getElementById("username").value="demo"; document.getElementById("password").value="demo"; document.getElementById("login").submit(); return false; } </script> Demo: Plunker

Categories : Javascript

Mitigating security risks of javascript objects using require.js
No you can't. Even if you don't have any global variable the user can still go through your source code and add break points, then when the code reach the breakpoint he can manipulate all the variables that are accessible in the actual scope. Take a look at this gamedev question which has some advices on how to make it harder (but not impossible) for users to cheat your code.

Categories : Security

Cannot perform CAS Asserts in Security Transparent methods security level issue
I guess you are using a shared host, so there's no way you can changed trust level if they don't give you permissions to do it. What versions of the MySQL connector are you using? Have you tried copying them to the in folder of your project? (right-click on MySQL.* references and setting then to "Copy Local = true") Are you able to try to connect to your database server from localhost to make sure your connection string parameters are ok?

Categories : C#

Best way to parse an int in Javascript
The canonical way to parse a decimal int is parseInt(str, 10). Regarding other solutions : parseInt("-1") : use it only if you like to live dangerously (some browsers assume "009" is decimal, not all) Math.floor("-1") : it might be a floor and not an int, but that's not the right way if you want to be sure it's an integer Number("-1") : maybe you want an object so you can call methods without promotion and you want to be sure there's no garbage (Number('3 flowers') ==> NaN) "-1"|0, ~~"-1" and other combinations of implicit conversion and binary operation : you like code golf and don't want your code to be easily maintained (for those wondering : a binary operation takes the integer part of a number). As noted by Blender in comment, those solutions aren't suitable for big (positive or n

Categories : Javascript

Security considerations using "new Function(...)" (during rendertime, expression coming from my Javascript sources)
As you have said that you will only be doing this on code you wrote yourself - I'd say that it's fine. new Function() is definitely better than using eval() in any case. You won't be messing with any local variables and you're enforcing your own context by using fn.call. It seems to me that the problem you are trying to solve would be fairly straight forward if you were using an MVC or MVVM framework that supports 2 way data binding. I.e. changing the UI updates a backing model and updating the model will automatically refresh the UI for you. For example, knockout.js. In this case the visible databinding would be appropriate.

Categories : Javascript

Silverlight ShowDialog() throws security exception when triggered throguh javascript
Dialogs must be user-initiated in the sense that they have to occur due to a user interaction event (click, button press etc) within the Silverlight component. (In fact "due to" is really a restriction of having to occur within a certain period after the interaction, rather than some strict restriction such as relating to the call stack) From the perspective of the Silverlight security restriction, this is just an arbitrary javascript method calling into Silverlight, and so this will not be possible (for good reason). You would need to open the dialog from a real Silverlight button. If you really need to raise some kind of dialogs from a Silverlight control called via javascript, you may need to actually call back out to open a dialog in JavaScript/HTML (or some kind of popover in either

Categories : Javascript

Parse xml with Jquery and Javascript
This should do the trick: $(xmlDoc).find("telhdl").each(function() { var deviceId = $(this).find("deviceId").text(); var media = $(this).find("media").text(); ....etc.... var array = new Array(deviceId,media,...etc...); });

Categories : Javascript

Parse.com Javascript SDK for app API or just plain iOS SDK?
I don't think that it's obligatory to use Javascript Cloud to send push notification. In iOS case: https://parse.com/tutorials/ios-push-notifications As you can see, you have 4 choices for sending push notifications: Parse website, REST API, inside the app itself and also from Cloud code.

Categories : IOS

Parse xml with javascript without jquery
you can use the DOMParser ( or ActiveX if is Internet Explorer ) like below... if ( window.DOMParser ) { // Standard tmp = new DOMParser(); xml = tmp.parseFromString( data , "text/xml" ); } else { // IE xml = new ActiveXObject( "Microsoft.XMLDOM" ); xml.async = "false"; xml.loadXML( data ); } //the XML is a xml document now :D to navigate you can use xml.getElementsByTagName("tagName"); xml.querySelector("selector"); xml.querySelectorAll("[attr=value]"); //and others

Categories : Javascript

How should I parse XML-like data in JavaScript?
Unfortunately, unless you write a custom parser that can turn what you have into XML, you won't be able to use any traditional XML libraries to read your data. The only reason that people can perform XML queries over HTML is because there are clearly defined ways to convert HTML into a DOM, which can then be converted into XML. The same cannot be said for your data. While your data may resemble XML, the only thing it has in common is the use of < and > to delimit fields. As such, you are probably just better off using string searching and spliting to get the fields you need.

Categories : Javascript

How to parse The following JSON in Javascript?
tried this and worked var s = '{ "status_code": 200, "status_txt": "OK", "data": { "expand": [ { "short_url": "http://bit.ly/msapps", "long_url": "http://www.microsoft.com/web/gallery/?wt.mc_id=soc-in-wag-msp-M389", "user_hash": "gbL9jV", "global_hash": "eHgpGh" } ] } } ' var d = JSON.parse(s); console.log(d.data.expand[0].short_url); console.log(d.data.expand[0].long_url);

Categories : Javascript

Can't parse Xml with Namespaces and in javascript
I had to add the correct namespace definition at the beginning of the document <?xml version="1.0" ?> <w:document mc:Ignorable="w14 wp14" xmlns:m="http://schemas.openxmlformats.org/officeDocument/2006/math" xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main ...

Categories : Javascript

FCKeditor JavaScript API throws "Security error" code: "1000" when I attempt SetHTML()
Pretty sure this is some cross domain issue where you probably think you're running on the same domain but actually are not. I would have to inspect the actual page this runs on to really be able to help you out, but try loading all the relevant fckeditor files using relative file paths (optionally from the root) and never include the actual domain, that will prevent a lot of trouble in general (what for example otherwise may happen is you being on example.com but loading files from www.example.com or similar problems). The odd thing is that you shouldn't be able to read files then either, but the triggered error is about unpriviliged actions which are nearly always cross domain issues (or some very tricky cross script context issues, but those are mostly only relevant if you develop addo

Categories : Javascript

IndexedDB database authentication - Security Options - Encryption / Hashing JavaScript HTML5
Why you need to keep password in client side? Regarding caching database on client side, you do not need to encrypt it. Just keep it there as long as user don't logout. If user initiate logout, wipe out the database. If the data is too sensitive like password, just don't save in client side.

Categories : Javascript

I have an api that returns a response in xml. How do i parse it using javascript?
You could use jQuery and then make your ajax call using jQuery.ajax() The code might look something like this... $.ajax({ type: "POST", contentType: "application/json; charset=utf-8", url: url, data: JSON.stringify(data), dataType: "json", error: function (response) { alert('Error: There was a problem processing your request, please refresh the browser and try again'); }, success: function (response) { if (response !== undefined && response !== null) { /* Evaluate the SOAP response object here */ } } });

Categories : Javascript

How to parse hierarchical xml file in javascript
With maintaining the order in which the XML is created. var string = '<node title="Home" controller="Home" action="Index"><node title="Product Listing" controller="Listing" action="Index" > <node title="Product Detail" controller="Ad" action="Detail" /></node><node title="About Us" controller="AboutUs" action="Index" /><node title="Contact Us" controller="Contact Us" action="Index" /><node title="Place Your Order" controller="Order" action="Index" > <node title="Order Placed" controller="Placed" action="Index" /></node><node title="FAQ" controller="FAQ" action="Index" /></node>' var $doc = $.parseXML(string); parse($($doc)) function parse($doc, array) { array = array || []; $doc.children('node').each(func

Categories : Javascript

How to parse date time in JavaScript
You don't need an external library to do this. See this doc link for the forms of date that JavaScript can process normally. For a specific solution to your question: var date = new Date("04/11/13" + " " + "17:02:30"); date.toISOString(); >> "2013-04-11T21:02:30.000Z" See this MDN page for more info on the Date object.

Categories : Javascript

Parse SVG transform attribute with javascript
var transform = "translate(6,5),scale(3,3)"; var translate = /translate(s*([^s,)]+)[ ,]([^s,)]+)/.exec(transform); var translateX = translate[1] var translateY = translate[2] var scale = /scale(s*([^s,)]+)[ ,]([^s,)]+)/.exec(transform); var scaleX = translate[1] var scaleY = translate[2] transformValues = {translate:{x:translateX,y:translateY}, scale:{x:scaleX,y:scaleY}} Pretty gross, but @icedwater was making me do all the work myself so...

Categories : Javascript

Parse date without timezone javascript
The Date object itself will contain timezone anyway, and the returned result is the effect of converting it to string in a default way. I.e. you cannot create a date object without timezone. But what you can do is mimic the behavior of Date object by creating your own one. This is, however, better to be handed over to libraries like moment.js.

Categories : Javascript

JavaScript JSON.parse UTF-8 problems
I had faced same problem. I used following encode functions instead of default encode function. It gives me perfect result function json_encode_utf8($arr) { array_walk_recursive($arr, 'encode_utf8'); return mb_decode_numericentity(json_encode($arr), array(0x80, 0xffff, 0, 0xffff), 'UTF-8'); } function encode_utf8(&$item, $key) { if (is_string($item)) $item = mb_encode_numericentity($item, array(0x80, 0xffff, 0, 0xffff), 'UTF-8'); } $group_members = array('Matthias Schöbe'); $group_members_json = json_encode_utf8($group_members);

Categories : Javascript

Using JavaScript to parse serialized data
This is a custom format which isn't easy to parse but with a few changes, you can convert it to JSON: Replace query( with { Replace the tailing ) with } Replace " with " Replace ' with " If you want to keep query, then replace it with {"query":{ and replace ) with }} Note: This is a very simple and therefore brittle solution. A better solution would be to get your server side framework to produce proper JSON and send that to the browser. EDIT If you have a JSON string, you can use jQuery.parseJSON() to parse it.

Categories : Javascript

Parse JSON response in javascript
$scope.locations[latlng] gets you to the object containing the latlng key, not the object referred to by that key. Since the iteration variable is an index into the array, you'll find it less confusing to use a name that reflects this, e.g., i instead of latlng: for (var i in $scope.locations) { … var latitude = $scope.locations[i].latlng.lat; … } In most JavaScript implementations, you have another option: $scope.locations.forEach(function(location) { … var latitude = location.latlng.lat; … }); (Also note @rtcherry's comment.)

Categories : Javascript

Parse javascript value from HTML response in C#
Use a regular expression that captures the url in a group. string pattern = @"var HOST_DOMAIN = '([^']+)';"; Match match = Regex.Matches(html, pattern)).FirstOrDefault(); if (match != null) return match.Groups[1].Value; Explanation: The parenthesis define a group in the regular expression that gets stored in the Groups properties of the match. Possible problem: does not work if the url contains escaped apostrophs.

Categories : C#

Parse xml tag attributes using Javascript or Jquery?
you need to use filter() instead of find() here because company is the root element, ie currLoanXml refers to the company element. find will look for decedent elements only var currLoanXml = '<company sample="text"><employee id="001" sex="M" age="20">Premshree Pillai</employee></company>'; var pic = $(currLoanXml).filter('company').attr('sample'); alert(pic); Demo: Fiddle

Categories : Javascript

Ant script - Using Javascript Date.parse
sun.org.mozilla refers to the Rhino JavaScript engine. Date.parse() is not supported by Rhino, unless you have a recent version: New in Rhino 1.7R3 Use the Rhino console to check the version: java -jar $RHINOPATH/js.jar #Rhino, `$RHINOPATH` is environment specific jrunscript -q #Rhino via Mustang References Command Line Shell Scripting in Mustang Java 6 Scripting is no js.jar e4X is not Mustang JavaScript Debugging Tips for Mustang More JavaScript Debugging Tips for Mustang

Categories : Javascript

How can I parse Javascript variables using python?
The following makes a few assumptions such as knowing how the page is formatted, but a way of getting your example into memory on Python is like this # example data data = 'foo bar foo bar foo bar foo bar foo bar foo bar foo bar foo bar var line1= [["Wed, 12 Jun 2013 01:00:00 +0000",22.4916114807,"2 sold"], ["Fri, 14 Jun 2013 01:00:00 +0000",27.4950008392,"2 sold"], ["Sun, 16 Jun 2013 01:00:00 +0000",19.5499992371,"1 sold"], ["Tue, 18 Jun 2013 01:00:00 +0000",17.25,"1 sold"], ["Sun, 23 Jun 2013 01:00:00 +0000",15.5420341492,"2 sold"], ["Thu, 27 Jun 2013 01:00:00 +0000",8.79045295715,"3 sold"], ["Fri, 28 Jun 2013 01:00:00 +0000",10,"1 sold"]]; foo bar foo bar foo bar foo bar foo bar foo bar foo bar foo bar' # find your variable's start and end x = data.find('line1=') + 6 y = da

Categories : Javascript



© Copyright 2017 w3hello.com Publishing Limited. All rights reserved.