Extract plain text from a LINK - javascript

Solution: I used PYTHON and retrieved the text using SELENIUM, since I had to login and it was easier using automated chrome. Thanks!
I've a web URL which returns a plain text.
The URL Looks like this:
http://xxx.xx.xxx.x/cgi-bin/p05_equip_sample.cgi?_equipId=7&_op_type=1
and it returns a plain text like this one:
'' 4017,机房UPS,ENP_UPS_NXC304060K[COM]^2,Input Voltage of Phase A,240.500000,V,1581995093,0,1,1,2,2;3,Input Voltage of Phase B,234.100006,V,1581995093,0,1,1,2,2;4,''
which are values from different sensors that I want to include into a JS Heatmap plugin.
What I need to do is include all that text into a var so I can extract the characters that I need (I know it's not the best solution, but text position never changes, only values).
I tried to use Jquery with GET but I think I'm missing something and with other methods I get a CORS warning. I need to do it on client side so no NODE.JS or PHP I guess.
Thanks!!!

Related

How to get value of the textarea in Gmail?

I need to get the value of the Gmail's textarea (the textarea where one write the email body).
Since I need to perform some I/O ops on the value of the text area I need to text to be formatted correctly.
Since I noticed that the value of the textarea in gmail is oddly always undefined (see img below)..
.. I started to implement some internal utilities to get the right HTML node, transform it into a string and extract the text out of it. I thought I'd be able to reproduce the original text formatting by searching for <br> tags and
Unfortunately, it's much more nuanced than this, there are much more edge cases that are hardly predictable.
Does anybody know if this is actually a solvable problem and if so, how?
I don't know what you are trying to accomplish here but It seems like you need to change the content of a message and send it to using gmail message box and send the email
since you are using js you can try node js and try to scrape it using a web scraper
you will have to install node js and install "request" and "cheerio" dependencies and make a req to Gmail/compose mail and scrape that page and target the test area you want and append your message what ever you wan to do and internally post it

Search Engine Result Page Url includes Search Value

I am trying to create a new language translator engine (only two language available a<->b) its just to learn PHP & Mysql etc. a little bit better. Now I have a search form where a user can enter a value and a php code which check if that word is available to give the result in an antoher fix language. But a user enter a value ex. "food" and submit it then the url should look like that
https://domain.com/search/food
How is it possible to get a permalink without using a CMS. I only want to do all as static page and PHP, MYSQL AND JS nothing more if possible
I see that already on a few pages but not sure how to do that and hope you could give me only a few advices.
Unless you want to store a file for every single possible word, this isn't possible with straight PHP, you will have to leverage your server's functionality.
Assuming you are using Apache, check the documentation for mod_rewrite.
But, you could also simply use URL parameters, which is easier and will act pretty much the same in practice. e.g.:
https://domain.com/search.php?term=food
PHP:
$_GET['term'] // => "food"
http://php.net/manual/en/reserved.variables.get.php

Secure database entry against XSS

I'm creating an app that retrieves the text within a tweet, store it in the database and then display it on the browser.
The problem is that I'm thinking if the text has PHP tags or HTML tags it might be a security breach there.
I looked into strip_tags() but saw some bad reviews. I also saw suggestions to HTML Purifier but it was last updated years ago.
So my question is how can I be 100% secure that if the tweet text is "<script> something_bad() </script>" it won't matter?
To state the obvious the tweets are sent to the database from users so I don't want to check all individually before displaying them.
You are NEVER 100% secure, however you should take a look at this. If you use ENT_QUOTES parameter too, currently there are no ways to inject ANY XSS on your website if you're using valid charset (and your users don't use outdated browsers). However, if you want to allow people to only post SOME html tags into their "Tweet" (for example <b> for bold text), you will need to take a deep look at EACH whitelisted tag.
You've passed the first stage which is to recognise that there is a potential issue and skipped straight to trying to find a solution, without stopping to think about how you want to deal the scenario of the content. This is a critical pre-cusrsor to solving the problem.
The general rule is that you validate input and escape output
validate input
- decide whether to accept or reject it it in its entirety)
if (htmlentities($input) != $input) {
die "yuck! that tastes bad";
}
escape output
- transform the data appropriately according to where its going.
If you simply....
print "<script> something_bad() </script>";
That would be bad, but....
print JSONencode(htmlentities("<script> something_bad() </script>"));
...then you'd would have done something very strange at the front end to make the client susceptivble to a stored XSS attack.
If you're outputting to HTML (and I recommend you always do), simply HTML encode on output to the page.
As client script code is only dangerous when interpreted by the browser, it only needs to be encoded on output. After all, to the database <script> is just text. To the browser <script> tells the browser to interpret the following text as executable code, which is why you should encode it to <script>.
The OWASP XSS Prevention Cheat Sheet shows how you should do this properly depending on output context. Things get complicated when outputting to JavaScript (you may need to hex encode and HTML encode in the right order), so it is often much easier to always output to a HTML tag and then read that tag using JavaScript in the DOM rather than inserting dynamic data in scripts directly.
At the very minimum you should be encoding the < & characters and specifying the charset in metatag/HTTP header to avoid UTF7 XSS.
You need to convert the HTML characters <, > (mainly) into their HTML equivalents <, >.
This will make a < and > be displayed in the browser, but not executed - ie: if you look at the source an example may be <script>alert('xss')</script>.
Before you input your data into your database - or on output - use htmlentities().
Further reading: https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet

Getting access to the original HTML in HtmlUnit HtmlElement?

I am using HtmlUnit to read content from a web site.
Everything works perfectly to the point where I am reading the content with:
HtmlDivision div = page.getHtmlElementById("my-id");
Even div.asText() returns the expected String object, but I want to get the original HTML inside <div>...</div> as a String object. How can I do that?
I am not willing to change HtlmUnit to something else, as the web site expects the client to run JavaScript, and HtmlUnit seems to be capable of doing what is required.
If by original HTML you mean the HTML code that HTMLUnit has already formatted then you can use div.asXml(). Now, if you really are looking for the original HTML the server sent you then you won't find a way to do so (at least up to v2.14).
Now, as a workaround, you could get the whole text of the page that the server sent you with this answer: How to get the pure raw HTML of a page in HTMLUnit while ignoring JavaScript and CSS?
As a side note, you should probably think twice why you need the HTML code. HTMLUnit will let you get the data from the code, so there shouldn't be any need to store the source code but rather the information it is contained in it. Just my 2 cents.

Use bing translator in my website

I recently have come across with a need for some type of "translation"-type that could translate specific text fields or areas to other languages.
I want when user will write texts in **<input type="text" id="texttotranslate"/>** html control and after space the text should get converted to local language i.e. Hindi, Arabic Finnish
I am not sure if something like this even is out there - but I thought this might be a good place to ask.
Link 1
I came accorss this links as well but i want it Javascript / ajax solution to get it done
Link 2
I went through this and create my APPID
I am getting link 1 working in my C# console application but
i want a javascript solution for the same. ie. when i write a word in the text box it should get converted to local language i set .
if you are using Bing translator in your website, then there is no need to write any code in C#. You can use the Bing URL directly to translate the words.
Please refer to the following URL: http://basharkokash.com/post/Bing-Translator-for-developers.aspx
One option would be to put the Microsoft Translator widget on your site (http://www.microsofttranslator.com/widget). Mark up the fields that you don't want translated using the class="notranslate" tag.
Alternatively, if you want to use the API, I recommend following the tutorials here:
http://blogs.msdn.com/b/translation/p/gettingstarted1.aspx
and
http://blogs.msdn.com/b/translation/p/gettingstarted2.aspx
While the second link does it in ASP.NET, instead of JavaScript, it should give you a rough idea for how to do it. At the very least I recommend getting your access token server side, using ASP.NET, PHP or something similar, so your Client ID and Client Secret are not in-the-clear on your site.
Finally, take a look here: http://msdn.microsoft.com/en-us/library/ff512385.aspx, for the MSDN documentation on the AJAX API, including how to access it using JavaScript.

Categories