I am trying to pass encrypted data via a browser/client session variable - not to be confused with server-side session variable:
encrypt:
var encrypted_user_id = CryptoJS.AES.encrypt(user_id, cipher_pass);
var encrypted_user_password = CryptoJS.AES.encrypt(password, cipher_pass);
sessionStorage.setItem('user_id', encrypted_user_id);
sessionStorage.setItem('user_password', encrypted_user_password);
decrypt:
var encrypted_user_id = sessionStorage.getItem('user_id');
var encrypted_user_password = sessionStorage.getItem('user_password');
var plaintext_user_id = CryptoJS.AES.decrypt(encrypted_user_id, cipher_pass).toString(CryptoJS.enc.Utf8);
var plaintext_user_password = CryptoJS.AES.decrypt(encrypted_user_password, cipher_pass).toString(CryptoJS.enc.Utf8);
There is no error, but the plaintext is empty string.
If I perform the exact same encryption/decryption using variables instead of sessionStorage it works fine.
What am I not understanding? Is there something about session variables that is different than a local variable?
So I've made a fiddle to test it out. And I think the problem (although in fairness your original code seemed to work for me too) is that for the encryption you should do this instead:
var encrypted_user_id = CryptoJS.AES.encrypt(user_id, cipher_pass).toString();
Why? Without the to string, you're storing an object that JSON can't serialize, so when you're getting your object back from session storage you're getting back something different than you intended.
Related
I need to get the data of productSkus[ using python but I don't know how to access it. the javascript comes from http://www.ulta.com/lid-lingerie-eye-tint?productId=xlsImpprod15361061 .
This is how it looks like.
<script type="text/javascript">
var currentSkuId = '2502111';
var currentProductId = 'xlsImpprod15361061';
var productSkus = new Object();
productSkus[2502111] =
{"displayName":"Fame & Fortune","id":"2502111","imgUrl":"http://images.ulta.com/is/image/Ulta/2502111?$detail$","largeImgUrl":"http://images.ulta.com/is/image/Ulta/2502111?$lg$","swatchImgUrl":"http://images.ulta.com/is/image/Ulta/2502111sw?$50px$","swatchHoverImgUrl":"http://images.ulta.com/is/image/Ulta/2502111sm?$md$","skuSize":"0.13","skuSizeUOM":"oz"};........
Can anyone help me with this?
If you want to use productSkus on the server side, then you need to use AJAX to send the JS variable to the server.
As Django template is compiled server side. It is then sent to the client where their browser executes the JavaScript. Nothing that is changed by the JavaScript executing on the client browser can have an affect on the template. It's too late at that point.
However the JavaScript could do something like make another request from the server for more information. Or you could just pre-compute the value on the server before you send it to the client.
You can of course use Django templates to set JavaScript variables.
<script>
var myVar = '{{ py_var }}';
</script>
use html form to submit the data to server, or across api
I'm having trouble passing the result of a query into a session variable, I think that the easiest way to do this is through Javascript. I have the query result showing but they will not pass to the session variable. At the end of each query resultant row, I have an add button that will activate the JS function to add to the session variable.
Query Result:
echo '<tr><td>'.$products['Name'].'</td><td>£'.$products['Price'].'</td><td>'.$products['Category'].'</td><td><img src="'.$products['Image'].'" width=100px /></td><td>'.$products['ProductID'].'</td><td><button onclick="setProduct('.$products['ProductID'].')">Add to Basket</button></td></tr>';
JS Function:
function setProduct(x){
var productID = x;
'<%Session["ProductID"] = "'+$products['productID']+'";%>';
Code displaying contents of session variable:
echo $_SESSION['ProductID'];
$_SESSION is a server-side variable. You'd most likely want to set a $_COOKIE instead. Those are accessible on the client-side.
In addition to the answer posted, you can create a jQuery post request (or you can use AJAX) and send the JS session as value to a PHP file where you can access that value and create the corresponding PHP session.
Let's say, your JS function:
function setProduct(x){
var productID = x;
'<%Session["ProductID"] = "'+$products['productID']+'";%>';
// ...
$.post('example.php', { session_name: YOUR-SESSION-NAME, session_value: YOUR-SESSION-VALUE });
example.php:
if (isset($_POST['session_name']) && isset($_POST['session_value'])) {
$_SESSION[$_POST['session_name']] = $_POST['session_value'];
}
This is not taking into consideration security issues you might face. You should encrypt your data before sending it.
My team must share data between a localnet html/js app, and a server in the same net listening on a websocket.
The first idea was to simply send variables to the server with get
http://192.168.1.100:8080/var=hello
It's simple and works, but we must add a security level to the data exchange, encrypting all in Aes and then hexing the result to send it as plain string.
The best solution that we found is Crypto-JS https://code.google.com/p/crypto-js/
We are able to follow the examples and encrypting/decrypting data inside the same js block, but are unable to decrypt the data on another software.
we do:
var text = "Message";
var password = "Secret Passphrase";
var encrypted = CryptoJS.AES.encrypt(text, password);
var EnText = encrypted.ciphertext; //returns the hexed/encrypted text
var Key = encrypted.key;
It doesn't work with the c# code running on the server, so we tried an online decrypting tool http://aes.online-domain-tools.com/ passing both the password and the Key, but similarly returns unreadable text
JS generated value for reference
EnText: 5768c9b4d75e0cc32b610d9e6f518c36
Key: 005e316192f5162f7fd104ce2c9fe91de6c6f2977849dcd5878226022a7073be
What are we missing?
Ok i got it, the text is in hexadecimal.
Try decyphering it there:
http://www.unit-conversion.info/texttools/hexadecimal/
According to the W3 Web Storage specs, values in localStorage are of type string.
Thus, an entry can't be granularly updated like a subproperty of a JS object and it's only possible to replace the entire key:
Updating/editing localStorage - JSONObject
Assume I want to "secure" user input frequently on the client side in the localStorage, and also update it on model changes on the server (only transmitting changes from server to client). How often can I JSON.stringify() my local data (=ViewModel state) and save it to the localStorage without causing trouble for the user? Is serializing and saving (not transmitting!) e.g. 30KB of data every 5 seconds to the localStorage going to cause lags?
Bonus question: Does any major browser vendor plan on storing JS objects directly in localStorage?
This may not be entirely true; there is a method for updating a single key to an object housed in local storage, and the code is below.
var updateLocalStorageKey = function(obj, key, val) {
var localObj = JSON.parse(localStorage[obj] )
localObj[key] = val;
//reset storage
localStorage[obj] = JSON.stringify(localObj)
}
The working jsbin is here: http://jsbin.com/jesapifa/4/edit?html,js,output
Hope this solves your problem!
I am working on one script which has been called from the websocket . This page of code is of html.erb
It pass variable to the javascript, and from that javascript variable i want to assign it to ruby variable ,
Here is the code
function set_color(val1,val2)
{
<%background_color_id = %>
var obj_color_id = '<%=background_color_id ='+val2+'%>' ;
console.log(obj_color_id)
}
The result from console log is +val2+
If I pass var obj_color_id = '<%=background_color_id ='val2'%>' ;
The result from console log is val2
Please help me assign javascript variable to ruby variable
You cannot do this. Javascript runs Client side, Ruby runs Server side.
You can't do that. All values <%= are translated on server side and their values are send to client. There is no ruby on client side. You have to send request to your websocket or http server in order to pass some data to server.
Actually, if I understand your code (your question is not well phrased, unfortunately), the simple solution is:
1- Assign a value via server-side code:
function set_color(val1,val2)
{
var bkgdColorId = "<%= background_color_id %>";
var obj_color_id = bkgdColorId;
console.log(obj_color_id)
}
2- (Or,) Assign a value from client-side code:
function set_color(val1,val2)
{
/** pseudo-code **/
on-click-event: makeAjaxCallToServer(){
urlForWebService, { color: val2 }
}
}
Using some jQuery (if assigning to server from client-side event) would greatly facilitate this process.