Bookmarklet that uses current url in post request - javascript

Sorry if my question displays a lack of fundamental Javascripting knowledge as I have next to none.
I Frankensteined together the following bookmarklet during hours of obsessive Googling for a way to do what I want to do:
javascript:'<body onload="document.forms[0].submit()"><form method="post" action="https://generic.web.proxy/request.php?do=go"><input type="text" name="get" value=???></form>'
(Mostly based on this.)
Basically, it mostly does what it should: performing a post request on that web proxy's page with whatever string is used for value. The problem is what I want to use for value, namely the URL of the current Firefox tab. In other bookmarklet examples I've seen this seems to be accomplished with location.href, but if I do it like this
value=location.href
it simply assumes that it's the string "location.href". I assume that's because I'm stupidly trying to directly use a Javascript thingie in the html part of the script, but what is the alternative?

Oh boy, I think I just figured it out. Since the javascript treats the html like any other string, I can simply use normal string manipulation on it:
'<beginningofhtml'+location.href+'endofhtml>'
Applied to my bookmarklet:
javascript:'<body onload="document.forms[0].submit()"><form method="post" action="https://generic.web.proxy/request.php?do=go"><input type="text" name="get" value='+location.href+'></form>'
And it works!
(the fake example web proxy url still needs to be replaced with the correct one of corse; it works with a site called Proxfree)

Related

Getting access to the original HTML in HtmlUnit HtmlElement?

I am using HtmlUnit to read content from a web site.
Everything works perfectly to the point where I am reading the content with:
HtmlDivision div = page.getHtmlElementById("my-id");
Even div.asText() returns the expected String object, but I want to get the original HTML inside <div>...</div> as a String object. How can I do that?
I am not willing to change HtlmUnit to something else, as the web site expects the client to run JavaScript, and HtmlUnit seems to be capable of doing what is required.
If by original HTML you mean the HTML code that HTMLUnit has already formatted then you can use div.asXml(). Now, if you really are looking for the original HTML the server sent you then you won't find a way to do so (at least up to v2.14).
Now, as a workaround, you could get the whole text of the page that the server sent you with this answer: How to get the pure raw HTML of a page in HTMLUnit while ignoring JavaScript and CSS?
As a side note, you should probably think twice why you need the HTML code. HTMLUnit will let you get the data from the code, so there shouldn't be any need to store the source code but rather the information it is contained in it. Just my 2 cents.

If source code is altered then redirect

Is it possible to use jQuery/Javascript to see if a webpages source code is altered by a visitor and if so redirect them?
And by altered, I mean if they open firebug or something and edit anything on the page once its finished loading?
This seems like a hack to prevent people from messing with your forms.
This is most definitely not the right way to make your site more secure; security must always come from the server-side or, if everything is done via the front-end, in a way that can only hurt the user who is currently signed in.
Even if you did succeed in implementing this using JavaScript, the first thing I would do is disable exactly that :) or just disable JavaScript, use wget, inspect the code first, then write a curl work-around, etc.
Even if there is a way to do that, the visitor can still edit this verification, so this is pointless.
yes. at the loading store the innerhtml of the html element in a string.
then set an interval every second to check if the current html matches the stored var.

Use bing translator in my website

I recently have come across with a need for some type of "translation"-type that could translate specific text fields or areas to other languages.
I want when user will write texts in **<input type="text" id="texttotranslate"/>** html control and after space the text should get converted to local language i.e. Hindi, Arabic Finnish
I am not sure if something like this even is out there - but I thought this might be a good place to ask.
Link 1
I came accorss this links as well but i want it Javascript / ajax solution to get it done
Link 2
I went through this and create my APPID
I am getting link 1 working in my C# console application but
i want a javascript solution for the same. ie. when i write a word in the text box it should get converted to local language i set .
if you are using Bing translator in your website, then there is no need to write any code in C#. You can use the Bing URL directly to translate the words.
Please refer to the following URL: http://basharkokash.com/post/Bing-Translator-for-developers.aspx
One option would be to put the Microsoft Translator widget on your site (http://www.microsofttranslator.com/widget). Mark up the fields that you don't want translated using the class="notranslate" tag.
Alternatively, if you want to use the API, I recommend following the tutorials here:
http://blogs.msdn.com/b/translation/p/gettingstarted1.aspx
and
http://blogs.msdn.com/b/translation/p/gettingstarted2.aspx
While the second link does it in ASP.NET, instead of JavaScript, it should give you a rough idea for how to do it. At the very least I recommend getting your access token server side, using ASP.NET, PHP or something similar, so your Client ID and Client Secret are not in-the-clear on your site.
Finally, take a look here: http://msdn.microsoft.com/en-us/library/ff512385.aspx, for the MSDN documentation on the AJAX API, including how to access it using JavaScript.

HTML Encoded strings recognized by the javascript engine, how's it possible?

Well. This night was a very strange night to me. I am sorry to create a new question after creating two other questions previously, but this is another argument at all. If I get an answer here, I'll get an answer to those questions too so please somebody listen to me and try to understand.
It all began with a simple script JS to be generated through an aspx codebehind file.
On a control, I had to put a JavaScript in this way:
this.MyTxtBox.Attributes["onfocus"] = "windows.alert('Hello World!');";
OK. You might think, where's the problem? The problem is that ASP.NET 4.0 encodes everything, and I say everything in order to avoid XSS to be performed on a site. Well this might not seem a problem but if you look at the rendered page you'll make a jump on the chair like I did:
<textarea id="..." onfocus="windows.alert('Hello World!');"></textarea>
As you can see the html, the final html is a bit odd... JavaScript engine should not accept this situation.
So I started this questions:
ASP.NET quote character encoding causes problems when setting a control's property
Asp.Net encoding configuration
Well I still haven't got any answer YES we could not understand what the hell it is necessary to modify in the .net configuration in order not to let this situation happen.
But now I consider one thing, one important thing: JavaScript engine works!
Even with that odd code that should not be interpreted...
I hope everything was clear until now... The question now comes:
Is this a normal situation for the JavaScript engine?
Does every browser will correctly interpret a JavaScript having quotes replaced with their encoded strings?
If this is true I have to suppose that the .net does not provide a mechanism to avoid encoding just for this reason!
Re:
<textarea id="..." onfocus="windows.alert('Hello World!');"></textarea>
There's nothing odd about that (other than your using windows.alert instead of window.alert). It should work fine (and does; example). The HTML parser parses HTML attribute values, and handles processing entities like '. The JavaScript source code it eventually hands to the JavaScript interpreter will have quotes in it. The browser doesn't hand the literal characters & # 3 9 ; to the JavaScript interpreter.
It's just the same as:
<input type='text' value="This is a 'funny' value too">
The HTML parser processes the entities, and the actual value assigned to the input is This is a "funny" value too.
Incidentally, this is also why this seemingly-innocent HTML is actually wrong and will fail validation (although most browsers will allow it):
<a href='http://www.google.com/search?q=foo&hl=en'>Search for foo</a>
More correctly, that should be:
<a href='http://www.google.com/search?q=foo&hl=en'>Search for foo</a>
<!-- ^^^^^--- difference here -->
...because the HTML parser parses the value, then assigns the parsed result to the href attribute. And of course, an & introduces a character entity and so to literally get an & you must use & everywhere in HTML. (Again, most browsers will let you get away with it if what follows the & doesn't look like an entity. But that can and will bite you.)

Is there a way to validate the HTML of a page after AJAX operations are performed on it?

I'm writing a web app that inserts and modifies HTML elements via AJAX using JQuery. It works very nicely, but I want to be sure everything is ok under the bonnet. When I inspect the source of the page in IE or Chrome it shows me the original document markup, not what has changed since my AJAX calls.
I love using the WC3 validator to check my markup as it occasionally reminds me that I've forgotten to close a tag etc. How can I use this to check the markup of my page after the original source served from the server has been changed via Javascript?
Thank you.
Use developer tool in chrome to explore the DOM : it will show you all the HTML you've added in javascript.
You can now copy it and paste it in any validator you want.
Or instead of inserting code in JQuery, give it to the console, the browser will then not be able to close tags for you.
console.log(myHTML)
Both previous answers make good points about the fact the browser will 'fix' some of the html you insert into the DOM.
Back to your question, you could add the following to a bookmark in your browser. It will write out the contents of the DOM to a new window, copy and paste it into a validator.
javascript:window.open("").document.open("text/plain", "").write(document.documentElement.outerHTML);
If you're just concerned about well-formedness (missing closing tags and such), you probably just want to check the structure of the chunks AJAX is inserting. (Once it's part of the DOM, it's going to be well-formed... just not necessarily the structure you intended.) The simplest way to do that would probably be to attempt to parse it using an XML library. (one with an HTML mode that can be made strict, if you're not using XHTML)
Actual validation (Testing the "You can't put tag X inside tag Y" rules which browsers generally don't care too much about) is a lot trickier and, depending on how much effort you're willing to put into it, may not be worth the trouble. (Because, if you validate them in isolation, you'll get a lot of "This is just a fragment" false positives)
Whichever you decide to use, you need to grab the AJAX responses before the browser parses them if you want a reliable test result. (While they're still just a string of text rather than a DOM tree)

Categories