if i have a java interface on a website and that interface contains a box where a user enters a string and then submits it. If I wanted to rapidly submit strings from a list I had (in a text file say), how would I go about doing this?
I have looked at the source code for the interface but I don't really know java that well. There must be a way to "connect" to the interface and rapidly submit strings.
I'm diong a little rummaging around for a nearby school who said they are having a bit of trobule with their digital library system. I was recommended and said I would take an initial look at the system. Mind you if you know about infosec than this is grey box testing.
THe application I'm focusing on is alexandria v5.5.67 which is a library management and interface tool. I've found a number of pretty serious XSS and even SQLinjection errors in their coding. I believe these are new and I've reproted them to Alexandria but the problem lies within me fixing this.
I was able to give a proof of concept test on URL piping commands with the python used to drive it and a proof of concept for the login system using their poorly coded perl. I'm having a bit of trouble and I'm a little new to this. I'm attempting to do a proof of concept on their main page using their search function. I've already exploited using a basic
What I"m trying to do is actually edit the elements of a div container on the page. I've never actually used DIV's with javascript or any scripting for that matter other than Server side includes in PHP, but thats not client side and I don't know much about Javascript. What I'm looking to do is change or alter the content of a particular div, its not necessarily a div but rather a class. I'm having trouble even using javscript URL commands to get the contents of a particular Div to display.
I've read enough about email validation to know that the only real validation is having a user respond to a confirmation message you've sent them. However, I want to store the address temporarily, so I want to make sure what is entered is safe to work with.
I have a basic understanding of regexps, so I could write one that checks for a simple
format like: something followed by @ followed by something followed by
.. followed by something. I can also make a good guess at understanding
the regexps I come across in validation schemes people have posted.
However, each scheme that is posted seems to get criticized for
invalidating some esoteric, but valid, addresses.
I'm wondering if there is a minimum validation you can do that will
prevent basic attacks like sql injection attacks. For example, if I
weed out anything with single and double quotes, and semicolons, am I
barring some people unnecessarily? Seems like you'd be trying to mess
with people by putting a semicolon in your email address.
I've implemented jQuery within a web application where a very large number of DOM elements, comments in this case, are injected post-load by a 'Show all' button. Returned via JSON is a HTML string of <li> elements, to be injected into a pre-existing <ul> element. I'm looking to make this more efficient, as reading various sites I've been led to believe that wrapping new elements in a parent wrapper node before injecting would yield the best speed. Here, however, I'm injecting into an <ul> element that already has elements in, so can't wrap it.
What's the most efficient way of tackling this?
a) Wrap them in an element, inject, then unwrap and move into the target?
b) Clone the existing <ul>, add the elements in-memory and then replace in the DOM with the consolidated version
In Chrome, the login page on my schools educational online platform [URL] doesn't remember the login info. So i made a bookmark with this javascript injection, that fills in the info, and focusses on the 'aanmelden' button (='login' in dutch), so that i only have to press enter to continue. Here's the javascript injection:
Code:
javascript: document.getElementById('username').value='23889493984';document.getElementById('password').value='4 42384985';return false;document.getElementById('login').focus();
This works fine but i'd like to make it happen faster. I wish i could let the script be activated instantly when the page loads, so i only have to press enter, or if possible, let the script click the login button itself.
So what happens is that I have a page that uses a Javascript tab navigation div, named 'Tabber', working perfectly. Basically it picks up HTML tags with a specific classname and after the page is loaded it creates a small portion of HTML to create the desired effect. The problem is that it only does it after the page is loaded, which I am fine with it, but before that, the contents of that same div (that come from a SQL query) are not formated and the page just breaks apart untill the document is fully loaded (my current workaround is an overflow:hidden but...it is still ugly to watch), and only then it adjusts itself due to the right CSS propreties.
Now, it would be great if I could just have a loading icon showing up inside the div while the page is not loaded, so I can manage to hide that Javascript HTML injection process.
I've been learning javascript for about a week and I'm really struggling right now. This is a homework assignment to help in learning loops and arrays.
What I want to happen is when a form button is hit it will replace the array from the one previous instead of just adding to it. Hopefully that makes sense. What do I need to do? here's my code....
i want to ask that is it possible that using javascript injection the contents of a web page can be altered (add / edit / deleted) in Line of Code.Since, this has happened with me couple of times,talking to the support team at my hosting provider, they say that its due to the security holes in the Coding, but i think that its the security issue at the hosting side (since modifying the web pages code)i've found this code immediately after the opening of the body tagearlier the page snoofing for the above URL was working, but now its not producing the output. (so can not post whats inside it).My Another website (hosted by the same provider) is also infected. there the code immediately after the body tag is again the page snoofing yeilds no output with the error
View 6 Replies View RelatedThe client we're building a site for recently had a server wide scan done by [UR] for PCI compliance. This was required by their banks commercial credit card service. The report came back with a "Possible blind sql injection" vulnerability warning level 4 out of 7 for the Superfish menu javascript. Anything 4 and above keeps them out of compliance. This file is for the Superfish menu. Is there a workaround for this potential issue?
View 4 Replies View RelatedI am maintaining a program that has a web user interface and is written in the combination of ASP.NET and javascript. One thing that I cannot understand is that the program doesn't run directly in a browser. Actually the program looks just like a window application.Then I can search additional info about it.
1. I cannot examine the HTML to look for error.
2. I cannot use the following javascript to bring up Page-Setup dialog box:
Code:
shell = new ActiveXObject( "WScript.Shell" );
window.setTimeout( "javascript:shell.SendKeys('%fu');", 1000 );
I've got an interface with some panel that can be minimize/maximize with Javascript/CSS.
But, how can I save those information so when the user click on another page or sign out, next time he came back, the interface will look the same?
I guess I can do that with cookie but, is there others solution? Can I save that on server instead of client side?
how to do a text editing interface similar to the one on this forum, where you can click on a bold B to set the tags between the text to be bold, etc. How do you get a javascript window with a text field so users can enter the text, and then how do I enclose the tags around that value?
The rest of the stuff in PHP I can do (just substitute [b] for strong or whatever), but I'm baffled about the javascript bit.
I have been tasked with reproducing something quite similar to the following website [url]...
I examined the site, and after looking at the source I have determined that a lot of it looks like it was coded in JavaScript. While I do know a bit of JavaScript but I must admit it's not the sharpest tool in my arsenal.
Since this "application" will be heavy on the JavaScript interface, I was wondering if there was a GUI RAD tool for JavaScript similar to Visual C# for .NET.
So far I have looked into Visual Web Developer 2010 Express, Dreamweaver, and most recently the Google Web Toolkit (with GWT Designer), is anyone familiar with any of these tools, and will any of these help me develop a largely GUI based JS application?
I am building an application where more than one device can change settings on a webserver.Imagine using 2 smartphones. If a button on smartphone#1 is being pressed by a user, then on the webserver the status changes from 0 -> 1. I need both smartphone#1 and smartphone#2 to change from 0->1 and vice-versa so that the user knows the current value of the status.How can I accomplish this? Meaning, if I want to make a toggle switch.I read on the website:The first option will be styled as the "on" state switch and the second will be styled as the "off" state so write your options in the correct order.[code]My first guess is to create a function in the <head> in script, with one for the on and one for the off state.Depending on the current value I either load one of the two codes in the <body> section.The script in the <head> decides.
View 1 Replies View RelatedThere are tons of lightbox apps out there, but none that I could find that use YUI. I'm sure there are lots of developers out there already using YUI and don't want to have to use another library such as jQuery to get lightbox functionality. I have two demos available from the link below and you can download a zip file of the complete application including the YUI files needed.
Supports 3 modes (LightBox, Overlay and Remote), but many many more configurations...
I had a div boxs set on the page left, when user onclick the div that will set the display element to none..("display:none")
However, when the user change to other page, the display setting will return to before. How to use cookie to store the display setting?
Does anyone know if it is possible to write a user interface in javascript for email?
View 6 Replies View RelatedI just came across following demo application: [URL] I have a few questions about this:What is the right approach to start a project, which have heavy use of JS? how to choose which library is best, or one should develop his own library specific to requirements to keep the file size smaller?
View 24 Replies View RelatedNotice: This is a discussion thread for comments about the SitePoint article, Adapting an Interface for Touch Devices.
Interesting technique!
Which one is easier? and which gives best design and interface?
View 1 Replies View Relatedim not new to jquery but have limited skills. I wonder if anyone has seen any plugins or sites that have a similar interface to the new windows 8 interface...or indeed that windows phone. Interested in building a tile based site.
View 2 Replies View Relatedworking on a feature that displays 3 news stories. The stories are accessed by 3 buttons on the top, sort of like a tab-style navigation. The catch is that all 3 stories are on the same html page, the "navigation" is just showing/hiding content based on Java, CSS & div's. Where I'm stuck is creating On/Off state for the tab buttons. What I'd like to do is:
Click button 1, buttons 2 & 3 turn off.
Click button 2, buttons 1 & 3 turn off.
Click button 3, buttons 1 & 2 turn off.
Naturally I have separate version of each button for the on/off state, I'm just not sure how to initiate the swap...Do I set a JS variable on the onclick? Or is it just a function?
Would I use php or javascript to make an admin interface so someone can update the web page I made for them earlier? As of now, they need to change the html page and upload an image using filezilla. Are there any Admin interfaces that allow you to customize what you want to change/add to an html page?
View 8 Replies View RelatedAM FINDING IT DIFFICULT TO Design and develop, using Javascript, a graphic based user interface for Internet banking servicesHave created the 1st page which IS THE LOGIN PAGE AND THIS INCLUDES USERNAME AND PASSWORD BUT I NEED HELP IN LINKING THAT PAGE TO THE NEXT PAGE WHICH IS MEANT TO ASK FOR MEMORABLE INFORMATION IF THERE USERNAME AND PASSWORD IS CORRECT
View 3 Replies View RelatedI've got a drag and drop interface working using bbc's glow, its great, but I have a slight problem.The script at the top of the page creates the widgets using dom functions. It gets the order from a string stored in a cookie. The widgets are also in the page as a default layout incase JS is turned off.This works fine in FF. However in IE, the default widget layout flashes for a couple of seconds, then JS creates the new layout. Is there anyway to stop this?Is it to do with the way IE reads the page?
I have abasic example here, if you drag and drop a heading in a blue box, refresh the page, you should see the default appear for a few seconds before the JS kick in.http:[url].....
I'd like to setup a drag and drop interface for organising menu items in a WordPress plugin I wrote. Unfortunately I know next to nothing about Javascript so don't even know where to start.I've found the following link which demonstrates the sort of interface I'd like:However, I have no idea what to do with the boxes once I have them set up. How would I detect where they are on the page and perhaps add that information to an input box?I don't need pixel perfect information, just knowing that box 1 is stacked on top of box 2, or box 4 is the first box in the middle column etc. would be enough.Then if it could add that information to a hidden input box, or maybe an input box for each box, then when the user hits a submit button the data would be stored. I'm sure this is very simple but I don't even know where to begin
View 6 Replies View Related