qwert Posted September 29, 2008 Share Posted September 29, 2008 I've encountered a web site that attempts to block the viewer from highlighting and copying any sections of text. In analyzing the html obtained by viewing the page source, I've found a section of code that appears to control the disabling and reenabling of highlighting: <script language="Javascript"> if (window!=top){top.location.href=location.href;} </script> <script type="text/javascript"> <!-- var omitformtags=["input", "textarea", "select"] omitformtags=omitformtags.join("|") function disableselect(e){ if (omitformtags.indexOf(e.target.tagName.toLowerCase())==-1) return false } function reEnable(){ return true } if (typeof document.onselectstart!="undefined") document.onselectstart=new Function ("return false") else{ document.onmousedown=disableselect document.onmouseup=reEnable }I don't know any Java whatsoever, so my own analysis has been limited to these two observations: If I disable Java scripts in my browser, the pages behave normally ... but disabling causes problems with logons to other sites. If I remove the line "document.onmousedown=disableselect", I can view the captured html with my browser and the pages behave normally. So my questions are: Can anyone provide a brief explanation of what the above Java code is doing? Can anyone suggest a countermeasure that could be built into an AutoIt3 script that could globally block the disabling action of the Java script? Just thought I would ask. Thanks for any help. Link to comment Share on other sites More sharing options...
James Posted September 29, 2008 Share Posted September 29, 2008 Wrong place. 1, the code makes an array of different control types then creates a block and unblock function. 2, No. We do not encourage the hacking of websites etc. Blog - Seriously epic web hosting - Twitter - GitHub - Cachet HQ Link to comment Share on other sites More sharing options...
qwert Posted September 29, 2008 Author Share Posted September 29, 2008 I'm surprised to hear this would be considered hacking, since I can get the unblocked result simply by turning off Java scripts in my browser. Thanks for the response. Link to comment Share on other sites More sharing options...
Valik Posted September 29, 2008 Share Posted September 29, 2008 2, No. We do not encourage the hacking of websites etc.LoL? Then I guess we all better delete the various Greasemonkey threads we've created. I believe I even mentioned once how to remove the banner on this very forum via userContent.css (Firefox).Anyway, what browser do you use? If you're using Firefox you could just use Greasemonkey to write a script to unset those events so they don't do anything anymore (Script would be in java but should be incredibly simple). If you're using IE then you could use an AutoIt script and IE.au3 to modify the content in the same way although it wouldn't be "integrated" into the page and run automatically every time like it would be with Greasemonkey and Firefox. Link to comment Share on other sites More sharing options...
qwert Posted September 29, 2008 Author Share Posted September 29, 2008 If you're using IE then you could use an AutoIt script and IE.au3 to modify the content ...Yes, that's the kind of solution I'd like. But would you happen to know of any way to simply toggle the Java script option in IE off and back on using a AutoIt script? "Modifying the content" sounds more complicated at this point, but either way I could have a taskbar icon to "activate the unblock mode" whenever needed.Thanks very much for the suggestions. Link to comment Share on other sites More sharing options...
James Posted September 29, 2008 Share Posted September 29, 2008 Valik, it's the website that you moderate. This could be for anything, how do you know Blog - Seriously epic web hosting - Twitter - GitHub - Cachet HQ Link to comment Share on other sites More sharing options...
LarryDalooza Posted September 29, 2008 Share Posted September 29, 2008 Valik, it's the website that you moderate. This could be for anything, how do you know But data is being modified "client side". There is no ethical restriction with what a user does with the data on their own computer. If he tries to secretly get someone to execute his script on their PC... that is wrong.Lar. AutoIt has helped make me wealthy Link to comment Share on other sites More sharing options...
jvanegmond Posted September 29, 2008 Share Posted September 29, 2008 But data is being modified "client side". There is no ethical restriction with what a user does with the data on their own computer. If he tries to secretly get someone to execute his script on their PC... that is wrong.Lar.Decompiling. I thought this had an ethical restriction, no matter what reason you would use it for.@OP, there is a value in the registry which you can toggle to enable/disable Javascript in IE.Disable javascriptCreate the IE objectEnable javascript (if it was enabled) github.com/jvanegmond Link to comment Share on other sites More sharing options...
Valik Posted September 29, 2008 Share Posted September 29, 2008 Manadar, since when did reading plain text become "decompiling"? Link to comment Share on other sites More sharing options...
DaleHohm Posted September 29, 2008 Share Posted September 29, 2008 Note that Trixie "does GreaseMonkey" for IE... it even uses the same scripts...Dale Free Internet Tools: DebugBar, AutoIt IE Builder, HTTP UDF, MODIV2, IE Developer Toolbar, IEDocMon, Fiddler, HTML Validator, WGet, curl MSDN docs: InternetExplorer Object, Document Object, Overviews and Tutorials, DHTML Objects, DHTML Events, WinHttpRequest, XmlHttpRequest, Cross-Frame Scripting, Office object model Automate input type=file (Related) Alternative to _IECreateEmbedded? better: _IECreatePseudoEmbedded Better Better? IE.au3 issues with Vista - Workarounds SciTe Debug mode - it's magic: #AutoIt3Wrapper_run_debug_mode=Y Doesn't work needs to be ripped out of the troubleshooting lexicon. It means that what you tried did not produce the results you expected. It begs the questions 1) what did you try?, 2) what did you expect? and 3) what happened instead? Reproducer: a small (the smallest?) piece of stand-alone code that demonstrates your trouble Link to comment Share on other sites More sharing options...
jvanegmond Posted September 29, 2008 Share Posted September 29, 2008 (edited) Manadar, since when did reading plain text become "decompiling"?I never said that so don't imply that I did. I am just reporting my unbiased observation. Edited September 29, 2008 by Manadar github.com/jvanegmond Link to comment Share on other sites More sharing options...
Valik Posted September 29, 2008 Share Posted September 29, 2008 I never said that so don't imply that I did. I am just reporting my unbiased observation.Alright, then let's here your reason for mentioning decompilation. Link to comment Share on other sites More sharing options...
Wus Posted October 1, 2008 Share Posted October 1, 2008 If using the 'View Source' button is ethical/legal to do, which I think everyone would agree is true, then modifying the local copy of that HTML source is obviously (to anyone who gives it a moments consideration) legitimate as well. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now