Rule Engine in JavaScript [closed] - javascript

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 8 years ago.
Improve this question
Is there any Rule engine in JavaScript?
The question is in this context:
Consider a web application having a form that users fill up.
As a user fills up each field and proceeds to the next, business logic written in JavaScript controls the visibility(and other attributes) of form elements further down the page.
The same business logic is also applied at the server side after the form gets submitted, albeit, in Java to guard against any mishaps/manipulations at the browser side.
Now, Wouldn't it be nice if we have a JSR 94/Drools/JRules like rule engine that would execute rules in both Java and in JavaScript? With such a rule engine, I can avoid hard coding my rules, and I also retain the flexibility of having client-side as well as server-side validation
(PS: I've tried the AJAX route and seen that the application becomes a lot less responsive, making it hard to sell to users who've been accustomed to a hand-coded, pure-javascript version.)

JSR-94 is a Java specification, so I don't see what it has to do with the browser.
There's Google JSON rules:
http://code.google.com/p/jsonrules/
You said you tried the AJAX route. Does that mean a rules engine running on the server and an asynch call to access it?

This is a valid question. From this article, JSR 94
does not standardize the following:
The rule engine itself
The execution flow for rules
The language used to describe the rules
The deployment mechanism for Java EE technology
Thus, it may be possible to use a DSL that could be executed on the client and server, and this could be developed, executed, and managed as per the JSR 94 architecture. Or not.
Another article Creating a simple rules engine using the Java scripting API employs JSR-233 plus other stuff to create a rule engine system. This however predates the JSR 94.
I got to this stackoverflow page since I too was looking for a solution. Currently, I have a page to validate on client side where groups of fields can trigger different validation rules, and requirements are changing. To write this in imperative code just creates a mess with high cyclomatic complexity.
However, the easiest thing to do is use one of the many JavaScript form validation libraries out there. Still looking.

Since the javascript lives in the browser, it's fairly easy for a user to check your source code and bypass any js validation mechanisms. That's why it's usually done server-side.
It's a pain but I usually implement validation both in javascript and on the server, that way "normal" users will have a quick response, and "hackers" will be kept out of the system. Unfortunately I think that's the way you need to go if you want both good user experience and good security.
To answer your question, to my knowledge there's no common library that can be used both on the client side and the server side.
PS. remember JavaScript is not Java ! :-)
http://en.wikipedia.org/wiki/JavaScript#JavaScript_and_Java

Related

Is there any way to reverse encrypted captcha to plain text [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 5 years ago.
Improve this question
I am writing a small software to extract text from website. but there is encrypted captcha available there. I want to decrypt that in my c# program and bypass that. here is encrypted captcha found on that page and corresponding plain captcha.
Encrypted captcha :
VFRZWVdLYlRpSUpXN1ZDdU1BcDZiK0lOWFdCTFNtM2cxZFRqb0dlR0txZnlmWHJ2U01OV0hFeW5FYm1YNUloR3JPdHhQaHBFT2tsbwpJbmlSbkxzNmdPblVGc1N0UmdnZDQxVUNHYlJseXFGRkE1d1o5ODNuSGc9PQ==
Output plain text captcha is: 8RTE9
Is there any way by which I can guess algorithm used in this encryption?
The simple answer to this is you can't.
Not using the method you want to use anyway.
The reason captcha exists is to prevent machines from performing automated login or just to verify that the user is actually a human.
You're not going to be able to decrypt a captcha on the client side. Chances are the captcha processing is done entirely on the server side.
The encryption keys aren't available to you and to 'guess' (brute force) the encryption key will likely take conventional hardware until after the heat death of the universe. That's if captcha even uses encryption. It might use hashing instead (which is more likely).
As for identifying the encryption/hashing algorithm used? If you can work out what captcha library is being used you MAY be able to figure out if it uses default values and use that as a baseline for creating a data set for machine learning. Again, these are big IFS and BUTS.
If it's an open source captcha library then it's possible you could use machine learning to circumvent the captcha by generating a training set for a machine learning algorithm using the library.
Of course ultimately you should tell your boss at the company you work at that you can't do this. Years of research and probably hundreds of thousands or millions of dollars have gone into creating this kind of technology to prevent people from being able to do exactly what you're suggesting you need to do.

Don't the data attribute options used in Bootstrap, Angular.js, and Ember.js conflict with Unobtrusive Javascript principles? [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 9 years ago.
Improve this question
I've always been told it's good practice (ala 'unobtrusive javascript') separate JavaScript from HTML markup. However, I've been seeing the opposite trend with a number of new and popular frameworks such as Bootstrap, Angular.js, and Ember.js. Can someone tell me why this isn't considered bad practice?
Unobtrusive Javascript is a good practice for many places on the web. The frameworks you mentioned are often used for creating full-blown Javascript applications. In many of these apps, the experience without Javascript is often a blank page. In that environment, the value of separating your markup from Javascript is relatively low.
I'm asking the same question myself and have come to the following conclusion:
HTML is markup language for presenting documents. The semantics that everyone is referring all around is actually related to representing rich documents. This includes images and links that allow more richer experience.
The same principles can be applied to Word documents, where instead of marking a specific text as red, you can mark it as emphasis and then style the emphasis as red, which will be semantically correct way to express the intend.
The problem arises because HTML actually includes elements that allow user interaction - forms . The initial design was to allow non professionals to create simple interactive UIs. When I checked different desktop GUI frameworks there is no such thing as separation between actual view and view logic, because when you build GUI you don't need that separation.
For me the importance is how much of what you writing is content based or GUI based. Because the HTML serves two purposes it's difficult to know what to serve from the server.
Basically sites like Wikipedia, and even Stackoverflow are content oriented. This means that if they want to be accessible to broader range of clients, like bots and older browsers they should be able to stream pure html.
I'm thinking of two possible strategies when you want to provide content and some richer UI experience, like the textare where I'm writing this comment. The one is to server the html and then initialize the GUI. This is also referred as unobtrusive javascript and semantical HTML. This is what most content oriented sites do. This is mostly to be able to benefit from browsers and bots that will allow their content to be more accessible.
The other strategy will be to identify the type of client and serve different content, which can only be achieved reliably only on the client side, because in both cases html will be served. This is still close to the first stategy, because of the way HTML is used/abused as both content and GUI representation.
If you are writing an application that don't provide content but actual service/process then architecture like AngularJS and similar is suited better.
In my experience most business have to provide both. Let's say you have an app that uses HTML/Javascript to allow users to create drawings. This app doesn't need to follow any unobtrusive guidelines, but it won't be able to run on old browsers too. But if you provide a social sharing of the drawings between users, allowing comments and other content then it's better to write this part of the site in a way that bots and other clients can access the content easily.

RIA liblaries/framework in day-to-day development [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 3 years ago.
Improve this question
I need to develop quite simple web application with some Ajax functionality and GUI components with Java as a server-side language. The main purpose for me is to learn sth about designing web app that I can make use of when I start looking for a job ... .I ran into lots of framework (RAP, Nice JSF implementations etc.) and there are also GWT and JQuery . I started reading about GWT and it seems to be great at the beginning, but there are limited number of visual components. When You missed one it seems to be much harder to write it with GWT than in JavaScript/JQuery (e.g sortable components).
Also:
If JavaScript is is easy why to learn API to just make translation?
The main argument seems to be that GWT is for developers who don't
know Java Script very well, but is JS harder than GWT API and
configuration to work with?
GWT offers also very nice Remote Procedure Call and translating
objects to JS, but there are lots of libraries like DWR.
You need also to use standard servlet to e.g send file stream to a
user, so You need also to save it to a Database or as a hidden XHTML files to make them available to servlet.
So should I start to learn GWT? It is really wide spread? Or maybe JSF implementations with Ajax support outperforms GWT in usability? The biggest problem I have that I cannot imagine how to solve simple problems in GWT while they are almost complete solutions with JQuery. Mixing JavaScript native code with GWT don't seems to be a good option also.
When working with GWT, its always better to now whats going on behind. So you have to learn HTML, CSS and JavaScript as anyway. Maybe you can start with less knowledge on browser frontend technologies. But you will come to the point where you need to know whats going on.
So ask yourself. Is your app large enough that its worth to start with complex GWT app. Also if you're on a large team and familiar with JAVA, Maven and Junit it makes senses.
On the other hand there are a bunch of small (backbone.js with jquery), middle (mootools) or large (extjs) JavaScript frameworks to build RIA.
I've never work with JSF, but all people a meet that used it, wasn't really satisfied.
After all I dont think its a good idea to select a framework by the current feature set of your app. As this can change of the time, you will have to implement it later with a technologie you not familiar with.
Note there is a table sort library for GWT as well: http://code.google.com/p/gwt-advanced-table/
GWT contains several unique features which make it difficult to be compared with other frameworks. The key point is that GWT isn't just a framework or library -- it's a toolkit. Consider:
Ability to use Java IDE's and debugger during development
Automatic generation of compiled scripts optimized for different browsers
Benefits of java for organization of code-base: OOP, package system, checked exceptions, compile-time type-checking etc.
These features make GWT suitable for big projects built by large teams that should be enhanced and maintained over a large time-frame. Off course, many projects do not have such requirements and therefore developers should give more weight to other consideration like widget library and learning curve.

Simple, secure scripting language implemented in JavaScript? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 6 years ago.
Improve this question
I would like to implement a scripting language to assist in partially automating certain tasks on a public wiki. I cannot install anything such as Google Caja on the server or modify the wiki software itself, but I can install JavaScript code for client-side execution. Because my intent is to allow ordinary users to create and post scripts, using JavaScript itself is insecure and could lead to account compromises.
Does such a scripting language implementation exist, or if not, is it relatively easy to create? My focus is on ease of text processing, Ajax requests, and implementation.
Here is an example task a script would need to perform, taken from Wikipedia's procedure for requesting article deletion:
Ask the user for the name of a wiki page and a good reason to delete it.
Get that page's source code, add a deletion notice to the top, and save the new text.
Create a new page (its name based on the first page's name) that includes the reason for deletion.
Get the list of users who edited the page and notify the first one (again, by editing a specific page) that the page he created is about to be deleted.
Here's an implementation of Tcl in javascript: Tcl in Javascript.
Here's the source: tcl.js.
And here's code implementing a live console in your browser to play with: A little tcl.js console
Tcl may not be your cup of tea but the implementation looks fairly simple straightforward. This is mainly because tcl itself is such a simple language. You can use it to get ideas on how to implement variables and functions.
Hint: in tcl, control structures are functions so look at where built-in functions are implemented to see the implementation of for, while and foreach.
Douglas Crockford's ADsafe is supposed to be a secure subset of JavaScript.
It consists of a runtime library (~20 KB minified) and a verifier (included in JSLint). If Crockford were to drop "The Software shall be used for Good, not Evil" from the license, both components would be GPL-compatible open-source programs.
Because JSLint is a JavaScript program, it can verify user scripts entirely within the web browser. This is in contrast to Google Caja, which is written in Java.
You could just sandbox; that is, scope in a couple of key variables so that the user's code is unable to access unsafe objects.
var execSandboxedJS = function (jsCode) {
var window = document.getElementById('myRootElement');
var document = window;
eval(jsCode);
};
Though, allowing user code to make ajax requests is, in itself, inherently unsafe. I would reconsider the sanity of the project if that's what's called for.

Tutorial/Example of how to implement "Browse A to Z" for a website [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
I have found that simply googling this does not return what I am looking for. I am to find something simple and easy. I don't know if this requires javascript or not. I know I can "View Page Source" but I was hoping to find a tutorial. Some examples of what I am talking about can be found here:
-IBM
-Auburn
-About.com
Javascipt code works by running code on the viewer's computer. The pages you're linking are being dynamically generated by code that runs on the webserver itself, not in the browser. More than likely, all of those sites have some sort of database behind them.
I see from your other questions that you know C#. Microsoft provides a framework that uses C# known as ASP.NET. You can write code in C# that will run whenever someone views a page on your site (provided your site is running under IIS).
The ASP.NET Community website is a great resource if you want to find out more about that.
Other such tools that perform server-side operations would be PHP, Ruby on Rails, or Django (to name a popular few).
From viewing the examples you mentioned, it does not seem like there is any javascript used to make these "browse a to z" lists. (There should be a better name for them than that. I'm just going to call it a sitemap.)
I couldn't find any tutorials online that would teach expressly this type of sitemap, but figuring it out should be pretty straight-forward. (At least for implementing sitemaps like the IBM or Auburn examples. The About.com example would be more difficult as it seems that it is backed by a database or lots and lots of individual html pages.)
The trickiest part of making a sitemap page like these is using the tag, and luckily, it is way easy. Just keep checking the source of those pages you can have your own version in no time. The most time consuming part will be putting all of the links down, from A to Z.
http://www.w3schools.com/HTML/html_links.asp

Categories