I Want To Add a Password System To My Code To Prevent My Code From Being Run By Someone else, is There Any Way How Can i do so?
Interface can be like asking for password before starting development server in reactjs
I have put together an example of what I meant in the comments:
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8">
<title>SourceCode Encryption example</title>
<script src="https://cdnjs.cloudflare.com/ajax/libs/sjcl/1.0.8/sjcl.min.js" integrity="sha512-s0r9TyYSs5CusSDL5s/QEZQZ4DNYLDXx0S+imS+SHR9mw0Yd0Z5KNS9dw7levSp7GpjOZu/bndds3FEDrKd8dg==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
</head>
<body>
<script type="text/javascript">
// Hide this part from the end user
var password = "MySourceCodePassword";
var sourceCode = 'alert(\'Ur name is: \' + prompt("What is ur name?"))';
var encryptedSourceCode = sjcl.encrypt(password, sourceCode);
// User endpoint code
// You would have the encryptedSourceCode stored into an string and only
// is the propper key is used then it would be decrypted and evaluated.
try {
var userPassword = prompt("Whats the sourceCode password?");
eval(sjcl.decrypt(userPassword, encryptedSourceCode));
} catch (error) {
alert(error.message);
}
</script>
</body>
</html>
In your case you would have to provide your encoded Reactjs code and the required html dom element, I have simplied this example wrapping it in an html page and prompting the user for a password but u could use a form or whatever you might require.
Be aware that once the know the key to decrypt the will be able to see your javascript source code, and so far it is the way it works, since the browser need to read javascript you cannot hide it from it. If you wanna make it harded you can always minify so it is harder to read.
Related
Im trying to embed my 2sxc App into a Theme layout page.
The App view html does render
<%-- This namespace provides this.GetScopedService<T>() --%>
<%# Import Namespace="ToSic.Sxc.Dnn" %>
<%-- This namespace provides all the common 2sxc services --%>
<%# Import Namespace="ToSic.Sxc.Services" %>
<%= this.GetScopedService<IRenderService>().Module(1041,3421) %>
, but its Javascript crashes.
The App uses its own API for searching.
1. // get the sxc-controller for this module
2. var sxc = $2sxc(3421);
3. // now get the data in the promise
4. sxc.webApi.get('app/auto/api/Forms/SearchForm')
5. .then(data => {
6. console.log(data)
7. });
originally line 2 crashed saying $2sxc is not recognised.
we resolved that by adding this script reference to our layout page
<script src="/desktopmodules/tosic_sexycontent/js/2sxc.api.min.js" type="text/javascript"></script>
And now it crashes on line 4 when trying to use sxc.webApi.get
Uncaught Can't find page - something went wrong, pls contact 2sxc.org
It seems I need to include another JS script.
I tried to also include
<script src="/desktopmodules/tosic_sexycontent/dist/inpage/inpage.min.js" type="text/javascript"></script>
but that made it worse
I resolved this by adding this
var page = GetService<ToSic.Sxc.Services.IPageService>();
page.Activate("2sxc.JsCore");
Update: to use the JS better in the theme, I've just pushed an update to 14.07.04.
Basically you can force a different context than the automatic one, using
var sxc = $2sxc({ pageId: 27, moduleId: 42, zoneId: 3, appId: 8});
sxc.webApi.fetchJson(...).then(...);
this uses the context identifier https://docs.2sxc.org/api/js/ContextIdentifier.html#Api_Js_SxcJs_ContextIdentifier which has existed for a few versions now, but there was a bug that was fixed in 14.07.04
See also https://docs.2sxc.org/api/js/SxcGlobal.html#Api_Js_SxcJs_SxcGlobal_get_3
I need to make a command that searches my google custom search for a google website. I already have the custom-search ID and key.
I've tried using a few of the google npm nodes, but nothing gave me the result I was looking for, most are for image queries.
This is from google
<html>
<head>
<title>JSON Custom Search API Example</title>
</head>
<body>
<div id="content"></div>
<script>
function hndlr(response) {
for (var i = 0; i < response.items.length; i++) {
var item = response.items[i];
// in production code, item.htmlTitle should have the HTML entities escaped.
document.getElementById("content").innerHTML += "<br>" + item.htmlTitle;
}
}
</script>
<script src="https://www.googleapis.com/customsearch/v1?key=YOUR-KEY&cx=017576662512468239146:omuauf_lfve&q=cars&callback=hndlr">
</script>
</body>
</html>
Like I said, I want to use it for d.js for a custom-search command...just don't understand much on it. While i'm still new, I've coded my own bot so i'm not extremely new on it, this part is just leaving me stumped.
I'm trying to get a Yes/Cancel confirmation screen to appear when a user tries to save a opportunity with a "Proposal" stage that asks "Are you sure?"
The route I'm taking is adding a Visualforce page to a standard Opportunity object. The code I've included launching the confirmation window after it's been saved
Please help!
Error 1 enter image description here
Error 2 enter image description here
<apex:page standardController="Opportunity" rendered="{!Opportunity.StageName == 'Proposal Request'}">
<script type="text/javascript">
{ window.alert("Are you ready to send a proposal?"); }
</script>
</apex:page>
You can achieve this by Jquery and call the below while loading the page.
var htmlhead = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">';
var$g=jQuery.noConflict();$g(function({$g('head').append(htmlhead);$g('head').append('<linkrel="stylesheet"href="yourstaticresources"type="text/css"media="all"/>');$g('body').append('Any dialog box');$g("#dialog").dialog({autoOpen: true,buttons: {'{!$Label.Yes}': function() {ifYes();},'{!$Label.No}': function() {$g(this).dialog("close");}}});})} else{ifNo();}}
This will open dialog box with Yes or No. Handle your logic accordingly
I have this example, using a route with an utf-8 non-ascii character:
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Backbone Test</title>
</head>
<body>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script>
<script src="http://ajax.cdnjs.com/ajax/libs/underscore.js/1.3.1/underscore-min.js"></script>
<script src="http://ajax.cdnjs.com/ajax/libs/backbone.js/0.9.2/backbone-min.js"></script>
<script>
(function(){
window.App = {
Models: {},
Collections: {},
Views: {},
Router: {}
};
})();
App.Router = Backbone.Router.extend({
routes: {
'charñ': 'charChrome',
'char%C3%B1': 'charSafari'
},
charChrome: function(){
$(document.body).append("Chrome-compatible route triggered.<br/>");
},
charSafari: function(){
$(document.body).append("Safari-compatible route triggered.<br/>");
},
});
new App.Router;
Backbone.history.start();
</script>
<h1>HELLO THERE</h1>
</body>
</html>
When the page got called with something like:
file://localhost/whatever.html#charñ
...it trigger a different function on Safari and Chrome.
It's REALLY not easy for me to change backbone version.
Is there a way to avoid that difference?
Note: interesting enough, removing the meta tag breaks Chrome routing.
This shouldn't be seen as an answer to that makes every browsers works the same but prevent this from happening. As far as I know, there is no much control on what backone will trigger. It's not like you can really filter the url before it gets handled by the Router.
That said, you can create routes for both style. To make this easier, you can create a special object that will get a utf8 string and create a urlencoded version of the route. Both routes will have the same callback.
On other possibility is to avoid utf-8 symbols in the url and report a bug to backbonejs. Having both routes created with urlencoded/urldecoded will make the site work for possibly every browsers supporting javascript. The downside is that you'll have to create n*2 routes.
Have you tried decoding the URL when it's passed to your function? It may be that Chrome decodes the URL for you while Safari does not. 'char%C3%B1' will decode to 'charñ' just fine when using a URI decoder, and it should have no effect on already-decoded strings (assuming the encoding used was the correct one, of course).
decodeURIComponent('char%C3%B1')
/*
charñ
*/
decodeURIComponent('charñ')
/*
charñ
*/
Going by http://backbonejs.org/docs/backbone.html#section-156, you may be able to substitute _extractParameters with a version that calls decodeURI or decodeURIComponent on fragment before executing the regular expression.
Another possibility to try, as I just noticed that routes can be regular expressions (see http://backbonejs.org/docs/backbone.html#section-152): if you don't have many of them, you could use something like /char(ñ|%C3%B1)/g, or write a function to produce such a regular expression for the unencoded value, such that makeRegex('charñ') would produce /char(ñ|%C3%B1)/g, or whatever the regular expression would be.
I solved it by adding an additional line in the while loop, inside _bindRoutes, to bind the encoded routes as well:
_bindRoutes: function() {
if (!this.routes) return;
this.routes = _.result(this, 'routes');
var route, routes = _.keys(this.routes);
while ((route = routes.pop()) != null) {
this.route(route, this.routes[route]);
//add this line:
this.route(encodeURIComponent(route).replace(/%2F/g,'/').replace(/%3A/g,':'), this.routes[route]);
}
}
While doing Silverlight's interoperability with JavaScript I've faced a strange behaviour in my Silverlight Out-of-Browser (OOB) application. My goal is to http-post some data to the specific site. We can post data using WebClient or HTTPWebRequest classes. But then how to redirect the response to external web browser?
I thought I would generate a dynamic HTML form with post method and invoke a JavaScript function from Silverlight which would submit the form. Unfortunately it only submits the form with target="_self" and not with target="_blank".
Code for loading generated html string into Silverlight's WebBrowser control:
WebBrowser wb = parameter as WebBrowser;
if (wb == null)
return;
wb.NavigateToString(GetHtml());
Simple test method to generate HTML:
private string GetHtml ()
{
StringBuilder sb = new StringBuilder ();
sb.Append ("<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">");
sb.Append ("<html xmlns=\"http://www.w3.org/1999/xhtml\">");
sb.Append ("<head><title></title>");
sb.Append(
"<script type=\"text/javascript\">function submitForm(){" +
"document.forms[0].submit(); window.external.notify(\"Form Submitted!\");}</script>");
sb.Append("</head>");
sb.Append ("<body>");
sb.Append ("<form id=\"mainForm\" name=\"formName1\" action=\"http://localhost:53222/ReceivePost.aspx\" method=\"POST\" target=\"_blank\">");
sb.Append ("<input type=\"text\" name=\"u\" value=\"username\"/>");
sb.Append ("<input type=\"password\" name=\"p\" value=\"password\"/>");
sb.Append ("<input type=\"submit\" value=\"Submit\"/>");
sb.Append("</form>");
sb.Append("</body></html>");
return sb.ToString ();
}
which generates such HTML page:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title></title>
<script type="text/javascript">
function submitForm(){
document.forms[0].submit();
window.external.notify("Form Submitted!");
}
</script>
</head>
<body>
<form id="mainForm" name="formName1" action="http://localhost:53222/ReceivePost.aspx" method="POST" target="_blank">
<input type="text" name="u" value="username"/>
<input type="password" name="p" value="password"/>
<input type="submit" value="Submit"/>
</form>
</body>
</html>
And the code for invoking JS function:
innerWebBrowser.ScriptNotify += (o, args) =>
{
MessageBox.Show("JS says: " + args.Value);
};
innerWebBrowser.InvokeScript ("submitForm");
As I said, this code works fine with target set to "_self" but doesn't work with target set to "_blank". Even if I press Submit button with a mouse the post data is not sent, just web site is rendered in external browser without post data. Is it due to the security mechanism in Silverlight? I should also mention that I am posting to the same site where Silverlight app is published: http://localhost:53222 (well it's not published yet as I run it straight from VisualStudio in OOB mode). Thus it shouldn't be categorized as cross-site scripting I guess...
Is there any way to post data to some website (not necessarily from the same domain) and redirect the response to external browser?
Anyway, your comments are most welcome.
I've come up with a workaround which performs exactly what I wanted (starts external browser and loads specific web site while posting some parameters to it). Instead of using WebBrowser control HTML file (similar as in the question) with Form and a JavaScript to submit the form onLoad event is generated. Then the generated HTML content is written into the file system and started with default browser later on.
File may be created with similar code:
using (StreamWriter file = File.CreateText (filePath))
{
file.WriteLine (GetHtml());
file.Close ();
}
Default browser may be opened with something like the following code:
using (dynamic shell = AutomationFactory.CreateObject ("WScript.Shell"))
{
shell.Run (filePath, 7, false);
}
And after the default browser is up and running we may delete the file we just generated:
if (File.Exists (filePath))
{
File.Delete (filePath);
}
Please note that in order to create/delete a file your SL application needs to be trusted application. That is, it has to have elevated permissions (check Application.Current.HasElevatedPermissions property).
Access local file system in Silverlight 5. In SL 4 one could use com interoperability and Scripting.FileSystemObject to access local file system.