I was going through a website I've taken over and came across this section in one of the pages:
<a href="javascript:window.location='<%=GetSignOutUrl()%>';">
// img
</a>
Apparently anyone who has ever used the site without javascript would not be able to log out properly (surprisingly enough, this has never come up).
So the first thing that comes to mind is
<a href="<%=GetSignOutUrl()" onclick="javascript:window.location='<%=GetSignOutUrl()%>';">
// img
</a>
Then I realized I don't know why I'm keeping the javascript call around at all. I'm just a little confused as to why it would have been written like that in the first place when a regular link would have worked just fine. What benefit does window.location have over just a regular link?
This is also the only place in the website I've seen something like this done (so far).
Edit: The programmer before me was highly competent, which is actually why I was wondering if there was something I wasn't taking into account or if he just made a simple oversight.
There are three possibilites:
The developer was trying to enforce Javascript use before sending the user along.
The developer was trying to mask the href in the link. Perhaps this was so it wouldn't be crawled effectively, or the status bar had something to do with it.
The developer was a non-conformist.
I would remove it and see if it breaks. But then again, I'm a conformist.
My guess is that if the developer didn't know to consider the client's capability of executing javascript, they might not have known what a href is. It's unlikely but not impossible.
It could be because multiple domains possibly are used and which one was unclear or not easily available in the code?
This might be an attempt to hide the link from search engines.
Related
I'm trying to implement a drag-n-drop fileupload to my website and found a piece of java called Dropzone.js, it holds everything i need . . . i just have no idea of how to use it!
So far I've been programming only in razor ASP.NET (c#) / HTML / CSS, but so far no javascript / jquery.
It's razor webpages, so no mvc.
Due to my current lack of knowledge in java, i apologize in advance but i'm stuck !!
What i'd like to know is:
I'f i've understood things correct, i should not modify Dropzone.js directly, i should use it as a library and integrate it in my other scripts, e.g. in another .js file. Correct?
Any help in this will be greatly appreciated.
Kind regards,
Daniel A. Rischel
.. Edited as per requested.
Well, you're wrong somewhat. It might not be related to the question but please note these scripts are JavaScript and
java != javascript
Got the point? :) Please try to note this in future. Also, Java code cannot be added to these server-side language, because java itself is a language. You can use JavaScript or its library (jQuery) and create some plugins.
I'f i've understood things correct, i should not modify Dropzone.js directly, i should use it as a library and integrate it in my other scripts, e.g. in another .js file. Correct?
True, you need to link this plugin dropzone.js to the site using
<script href="/link/to/dropzone.js"></script>
Then you'll use this script on the whole of the page where it is linked.
And you should never edit the source code of a plugin, untill or unless you know what you're doing. Because you might mess up with the code.
I'd really like to see some source code examples of what a single file drag-n-drop fileupload form would look like. I've googled extensively but not found something i can use yet.
Did you try to read their documentations? They have a good code explaination on the default (main) page of their website too. And really it depends on just the way you style it. Its just a plugin, you will need to add your own CSS code to style the form. This plugin won't style the form for you, all it will do is to handle the upload events and get back with the result. So, which means that form creation and elements is all upto you!
If there is a dummies tutorial in making this work, i'd really like to be pointed in the right direction!
There is no perfect answer to provide you with, however I will provide you with some basics
http://www.javascriptoo.com/dropzone-js
https://stackoverflow.com/questions/tagged/dropzone.js?sort=newest&pageSize=15 (stackoverflow tag)
In the second link, you can go and see what are the very basic of the issues that are handled with what code. Easy methods will be hanlded by you! You'll need some guidance in just the hard jobs. Good luck for that!
My suggestion for you is to first undertand and learn jQuery, then learn how to make ajax calls. After that you'll know how to create and handle the events. The basic code will be
$('input[type=file]').change(function () { // change in value
// send the file via ajax
}
http://jquery.com
This method will be best as you will know what code you're using and what it will do. Using plugin is easy method then this one. But my preference is with the second one; creating your own plugin.
I have the following problem. My C# application makes use of a webrequest and reades the html code of a url in order to do a bunch of things later on. While everything works fine, there are some websites that when visited they redirect you to another website (http://something.com/disclamer) for example and after you click yes you go back to the original website.
When I run my app it always only checks the html code of the disclaimer page and never gets to the actual page I asked for. I cannot really find a solution at this point since I can't find anything useful in the short html code of the disclaimer site (that comes before the one I want to check).
Any ideas on how I can skip that and take the code for the website I am actually interested in? Please note that I can't find any html redirection code indication (META HTTP-EQUIV etc) in any of the two websites.
Thank you
You can check the StatusCode to decide if you have been redirected. Status codes of 30x will tell you that you've been redirected, in which case you'll need to follow the link in the redirect.
http://msdn.microsoft.com/en-GB/library/system.net.httpwebresponse.statuscode.aspx
I believe you have to analyse the HTML code of such a page with a disclaimer to know which method is used there to make a redirect. Each case can be different: it can be either client-side or server-side redirection. If this disclaimer button submits a form, you will need to make a POST request imitating a button click.
I use RecaptchaControl, and the users complain that the image is not that clear (the black part in the the captcha is too hard to read). Is there any property to make the image less difficult (less noisy)?
<recaptcha:RecaptchaControl ID="recaptcha" runat="server" PublicKey="XXX" PrivateKey="YYY" OverrideSecureMode="true" />
To put it simply, no.
As others have said you can only customise the UI.
I'm the author of the article about the recaptcha API tutorial #web-development-blog.com and must say it's often very hard to read the text created images by recaptcha. While using the API I got sometimes better results while using a different language for the challenges.
In one of my projects I got a lot of complains and switched to a different script:
http://code.google.com/p/cool-php-captcha/
The challenges are less hard to solve and the script is very easy to use.
Possibly not what you are looking for but there are lots of custom captcha controls out there i.e.
CaptchaNET_2.aspx
With a bit of knowledge of the Graphics classes in C# it isn't a hard job to tweak the code to make the captcha simplier (or harder). We use one for a mobile phone web site and control is important otherwise it is unreadable in lower res phones
In some reCaptchas (I'm guessing this is somehow configurable), you only have to get one word right (I'm not sure how close the second word must be).
I've tested in the reCaptcha in my own website and it worked (two words wrong = fail, one word right + one wrong = success); tested in stackoverflow's reCaptcha and it didn't... I had to get both words right. That's why I think it's configurable.
I found this post along with the one below (where I read that only one word had to be right) exactly because I too am finding it too hard to get through reCaptcha's; too often having to refresh more than 5 times to get a readable pair. Other post:
Are reCAPTCHA CAPTCHAs getting harder or is just me
Google now allows you to change the difficulty setting.
I am fairly new to asp.net so this may seem like a stupid question, but:
I am attempting to modify a pre-exsiting help menu in a web-app.
In this menu the previous developer, just used three literals seperated by paragraphs and a button linking to a 100 page manual. (i know doesn't seem to be much help, hence why i was planning to update and fix this)
What i had in mind was setting something up like a menu that would link to the different section of the page when the title is clicked.
So something along these lines:
<h1>Menu Contents</h1>
<ol>
<li>section1</li>
<li>section2</li>
<li>etc</li>
</ol>
After the contents section i would have the first section with it's details.
What i am wondering is why would i use asp-literals over just sticking to html?
So basically i would like to know what are the benefits or reasons for using asp literals and i guess when is it that i should use them?
I've attempted to find the solution to this on my own, but the only related matters i have been able to find have to deal with people arguing whether literals or labels are the best option so it's not entirely helpful.
Any help or suggestions are greatly appreciated.
Thanks.
You generally use literals if you want to be able to control the text you display programmatically. Say your page has a way to edit the section titles of your manual, for instance. Or say your manual is in multiple languages and you want the user to be able to set her language and see the section titles displayed in that language.
In your case, by what you're saying, I infer none of this applies and your manual is quite static. In that case I would stick to simple HTML.
Maybe it's been done that way so it would allow the links to be built dynamically, something like:
litMenuItem1.Text = "section1";
thus giving full control over the output? There are better ways to do that however.
In my web application I am developing a comment functionality, where user's can comment. But I am facing a problem which is I want to allow simple HTML tags in the comment box. HTML tags like <b>, <strong>, <i>, <em>, <u>, etc., that are normally allowed to enter in a commenting box. But then I also want when user presses enter then it will be automatically converted into breaks (<br /> tags) and get stored into database, so that when I'll display them in the web page then they'll look like as user entered.
Can you please tell me how to parse that user entered only allowed set of HTML tags and how to convert enters into <br /> tags and then store them in database.
Or if anyone have some better idea or suggestion to implement this kind of functionality. I am using ASP.NET 2.0 (C#)
I noticed that StackOverflow.com is doing the same thing on Profile Editing. When we edit our profile then below the "About Me" field "basic HTML allowed" line is written, I want to do almost the same functionality.
I don't have a C# specific answer for you, but you can go about it a few different ways. One is to let the user input whatever they want, then you run a filter over it to strip out the "bad" html. There are numerous open source filters that do this for PHP, Python, etc. In general, it's a pretty difficult problem, and it's best to let some well developed 3rd party code do this rather than write it yourself.
Another way to handle it is to allow the user to enter comments in some kind of simpler markup language like BBCode, Textile, or Markdown (stackoverflow is using Markdown), perhaps in conjunction with a nice Javascript editor. You then run the user's text through a processor for one of these markup languages to get the HTML. You can usually obtain implementations of these processors for whatever language you are using. These processors usually strip out the "bad" HTML.
Its rather "simple" to do that in php and python due to the large number of functions.I am still learning c# .lol. but havent yet come across the function.The chances are that it exists and all you need to do is search for it.I mean a function that can take the user input,search for the allowed tags (which are in an array of course) and replace the <> with something else like [] then use a function to escape the other html tags.In php we use htmlentities().
Something like
<code>
$txt=$_POST['comment'];
$txt=strreplace("<b>*</b>","[b]*[/b],"$txt");
$securetxt=htmlentities($txt);
$finaltxt=strreplace("[b]*[/b]","<b>*</b>","$securetxt");
//Now save to Db
I'm not sure, but I think you have to escape html characters when inserting in database and when retrieving echo them unescaped, so the browser can see it just like html.
I don´t know asp.net, but in php there´s an easy function, strip_tags, that let you add exceptions (in your case, b, em, etc.). If there´s nothing like that in C# you can write a regular expression that strips out all tags except the allowed ones but chances are that such an expression already exists so it should be easy to find.
replacing \n (or something similar) with br shouldn´t be a problem either with a simple search and replace.
This is a dangerous road to go down. You might think you can do some awesome regexes, or find someone who can help you with it, but sanitizing SOME markup and leaving other is just crazy talk.
I highly recommend you look into BBCode or another token system. Even something untokenized such as what SO uses, is probably a much better solution.