Recently I came across a website that sells adds ( http://buysellads.com/ ) on a friends computer with Adblock enabled and the site seems to detect the browser add-on and it disables the CSS and JS.
I have been trying to read their code, but I can not seem to find the line that makes this happen. I know there are ways to detect and give the user a message to disable the plugin, but I find this way to be more clever.
I appreciate if somebody knows or finds the code that triggers and executes.
Bonus question: How would this work with a cache plugin like W3 Total Cache for Wordpress? I make this question because I wonder how the website would look after the person whitelisted the page and the site refreshes. In theory it should display the CSS and JS because Adblock is not found, but I am not sure if cache plugins would break that and display the site as it looked before without any CSS or JS.
Thanks in advance.
I don't know how this particular site does it, but one possibility is to add/load the JS and CSS files via an ad serving system that is blocked by Adblock (load the style and script tags in an ad placement).
Depending on how Adblock works, it could be enough to host the files on a subdomain like ads.your-domain.com or banner.your-domain.com.
You could then set display=none with inline style on a wrapper containing the whole page, and display=block on an element outside the wrapper, containing the message to the user. The CSS file loaded via an ad serving system could then change the display properties of the two elements (so the users without Adblock gets the content of the page and not the message).
Related
i'm building an online document portal that supports all Microsoft Office formats.
Instead of building my own module, i'm utilizing Google Docs Online Viewer since it already handles
this task properly, my only problem is it loads the header toolbar, which i dont want.
take for example This custom pdf-URL(i just googled for any pdf document), The navigation toolbar at the foot, but the header toobar, i want it hidden - all within the iFrame.
https://docs.google.com/viewer?url=http://www.scorpioncomputerservices.com/Press%20Coverage/Billgates.doc&embedded=false&controls=false
After Inspecting the Element on Chrome, i found the section of code controlling the element, problem is, how to hide this element on page load, by forcing a script/style to be executed on the page, while loading.
i would like to know if there's a way i could force-delete or hide the element controlling the toolbar within the iFrame, or better still if there are any alternatives to what i intend to do. my code would have looked like this
var obj = iframe.document.querySelectorAll('[role="toolbar"]');
obj.parentNode.removeElement(obj);
// or - i'm not sure anyof this would work.. and since it is loaded inside an iframe
// how do i execute this.
obj.remove();
i dont want my audience to be able to download the document, obviously curious developers might find a way, but thats going to be less than 2% - 5% of the total users.
how do i go about this please using javascript/CSS/or any library.
If you change the GET variable embedded to true the viewer won't display the top bar, however there's no way to edit the page inside the iFrame as Google has enabled cross site protection so the browser will prevent you from running any javascript to modify the content of the iFrame.
The only way to use the google document viewer is to get your site to load it in the background (not using an iFrame) and modify it before serving the page to the user.
Or alternitively I reccommend using an open source JS PDF viewer such as ViewerJS
I want to know if it is possible to block JS, loaded by an iframe, from running on my Wordpress site. I currently embed iframe generated by a service I pay to use for my business. The iframe comes with Google AdSense ads embedded in it. Recently, the rogue pop-ups have been affecting my customers. Essentially, these are ads that run on the mobile version of my site and initiate a series of redirects. I can prevent these on my own device with an AdBlocker, but not all of my customers are that savvy.
I have tried to disable the Google AdSense ads a few ways: CSS display:none; (fails, as the JS is loaded even if the element is hidden with CSS), PHP (created a plugin that leverages wp_deqeue_script, targeting the google ad script files (blocks some JS, but ultimately fails to prevent every instance of the ads), and even HTML in the head section of my site, (the idea is that it prevents loading sources outside my domain, fails).
Is there a way to programmatically prevent these JS files from loading on my site?
There is not so much you can do about it. As #charietfl states in the comment you should think in the first place about not embedding this at all if that is a possibility for you.
From programming perspective there is only one reliable thing you can do: use iframe sandbox mode.
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe
This way you can prevent the IFRAME target from running ANY scripts - I do not know though if its a valid scenario for you. Otherwise there is actually no reliable way to affect the loaded iframe.
I have two different questions I would like to ask. I am new to javascript and I am trying to create a project ... of some sort.
Firstly, is it possible to have an integrated webbrowser within ... say a PHP page? e.g. using javascript, I have a canvas sized 500 x 700 within my "index.php" page, and can navigate to any website while remaining on my "index.php", but the websites appearing on that canvas?
If this is not possible, then is it possible to navigate to a website, and then interact with the elements thereof? I doubt this because you would no longer be connected to your file if you rediirect to another website, hence the integrated idea.
If neither or those are a possibility, then is it at all possible to interact with an EXTERNAL website's elements? External being not yours in this context.
You can use an iframe tag to load an external page, however
With most modern browsers you're not allowed to interact with the elements for security reasons
Many sites (still for security reasons) don't want to be loaded inside an iframe and they try to either escape the iframe or just render back a blank page instead.
One security problem is that a malicious page could open an iframe with e.g. a buy page of amazon.com and then render over it another opaque element that lets the click go through it.
This way a user may be tricked into click over a "watch the cute kitties" button and instead is clicking on the one-click-buy button of amazon (or liking a facebook page, or starting following a spammer on twitter or ...).
I wish to disable loading the plone site if JS is disabled in the browser. Where exactly do I change the code? Which template/skin do I choose? I want to ensure that JS is always enabled while browsing any part of the plone site.
While browsing, if JS is disabled, I can redirect to another page with tag to enable the JS in the browser and give a hlink to the site back if it is enabled. I am using Plone 4.1
There is no way to enable JS without the user doing it himself from the browser settings. You can add instructions on how to enable JavaScript or redirect to a page which has the instructions by using the noscript tags like this:
<noscript>
<meta http-equiv="Refresh" content="5;url=http://example.com/foo/bar.php?js=false" />
</noscript>
The meta tag redirects to your no JS page in 5 seconds to allow browsers to come to the current page by clicking the back button. If the time of the redirect is too little, the page may not be saved in the history according to this article
Are you willing to also require cookies? If so, one way to solve this is:
Modify Plone's main template to include a test for a particular cookie.
If that cookie is not found (test with template logic), show the "oops, you need js" content.
In that no-cookie content section, include inline javascript to set a cookie and reload the page. If you don't want to allow js to set cookies, you can still set a query parameter on the redirect.
If the cookie or query parameter is found, return the real content. If the query parameter, set the http-only cookie.
If you want to avoid cookies or other sessioning mechanisms, an alternative approach would be:
Modify Plone's main template to
Set a display:none style on the visual portal or similar wrapper;
Add a JavaScript-needed to view this page message with display style on;
Put in inline JavaScript to set display:none on the JS-needed message and display:block on visual portal wrapper.
The gotcha on this is that the pages will actually be loaded w/o js — just not displayed. It's also certainly possible that the js-needed message might flash up while other resources load. Make sure the JS display fiddling is inline (not keyed to page ready or any other event) to minimize the effect.
Your pages must be loaded by JavaScript, which replaces static page Please enable JavaScript in your browser. This is only way to solve the problem.
I have no experience in Plone and don't know what template do that.
I really want to make google mail by default bottom posting, in other words, I want the cursor in the textarea in a reply message to move automatically to the bottom.
Is this possible with google chrome extensions?
Have you maybe any other suggestions?
Problems I'm facing:
Run the extension script when gmail is fully loaded
The target textarea is in it's own iframe, is it possible to access it?
Yes, you may use the Content Scripts feature of a Chrome extension in order to manipulate the
page a user is browsing. Your content script code will run in the context of the web page the user is browsing, and it may interact with the host page almost without limit.
Manipulating Gmail might be a bit trickier than most other pages, due to its dynamic nature. Consider using the jQuery .live() method to make it easy bind to the elements you want to manipulate.
With regard to iframes, you just have to turn on the "all_frames" option in your manifest, which "controls whether the content script runs in all frames of the matching page, or only the top frame."
(I know this question is a bit stale, but I thought maybe you'd still appreciate an answer.)
I hope that helps.