The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,839 other subscribers

Archive for the ‘JavaScript/ECMAScript’ Category

« Previous Entries
Next Entries »

Google Cloud Shell: tools, languages and “safe mode”

Posted by jpluimers on 2023/01/19

After publishing Free Linux cloud shell for Gmail users – shell in the browser that works in all locations I’ve been so far, the Google Cloud Shell got extended quite a bit.

There is now [Wayback/Archive] Safe Mode (which skips initialisation scripts):

If there’s a problem in your .bashrc or .tmux.conf files, Cloud Shell immediately close after connection. To resolve this, open Cloud Shell in safe mode by appending cloudshellsafemode=true to the URL. This restarts your Cloud Shell instance and logs you in as root, allowing you to fix any issues in the files.

To permanently delete all files in your home directory and restore your Cloud Shell home directory to a clean state, you can reset your Cloud Shell VM.

And there is support for way more [Wayback/Archive] tools and languages:

Read the rest of this entry »

Posted in .NET, C#, Cloud, Development, Go (golang), Google, GoogleCloudShell, Infrastructure, Java, Java Platform, JavaScript/ECMAScript, Node.js, Perl, PHP, Power User, Python, Ruby, Scripting, Software Development | Leave a Comment »

Some QR code generators on github.io

Posted by jpluimers on 2023/01/03

QR codes often are the quickest way to copy/paste some data to a smartphone.

So, via [Wayback/Archive] generate qr code site:github.io – Google Search, I found these two (the first is based on the JavaScript source in second, but has QR codes with larger blocks and is therefore easier to scan):

  1. [Wayback/Archive] QR Code Generator
  2. [Wayback/Archive] QR Code Generator

–jeroen

Posted in Development, HTML, JavaScript/ECMAScript, Scripting, Software Development, Web Development | Leave a Comment »

google chrome devtools – Use JavaScript to set value of textbox when .value and events don’t seem to work – Stack Overflow

Posted by jpluimers on 2022/11/29

For my link archive: [Wayback/Archive] google chrome devtools – Use JavaScript to set value of textbox when .value and events don’t seem to work – Stack Overflow

TL;DR

Sometimes fields are blocked from pasting values.

Normally a trick like this works in the chrome development panel console:

document.getElementById('nonPasteElementID').value = 'myValueFromTheClipboard'

With some web development environments this does not work.

For react, after finding the react render name for the input (in the case of the answer, it was “reactNameForInputElement“) this is a solution:

To make it work you will need this:

const input = document.getElementById('nonPasteElementID');
const event = new Event('reactNameForInputElement', { bubbles: true });
input.value = '1';
input.dispatchEvent(event);

–jeroen

Posted in Chrome, Chrome, Development, Google, JavaScript/ECMAScript, Power User, Scripting, Software Development, Web Browsers, Web Development | Leave a Comment »

Database fiddle sites

Posted by jpluimers on 2022/10/27

I knew there was JSFiddle for live playing around with JavaScript and more in your browser, so I wondered if there was a similar site for databases and SQL queries.

There are, so here are a few database fiddle sites: SQL playgrounds where you can live play with SQL queries (sometimes even without an underlying example database).

All via [Wayback/Archive.is] database fiddle – Google Search:

Read the rest of this entry »

Posted in Conference Topics, Conferences, Database Development, DB2, Development, Event, Firebird, JavaScript/ECMAScript, JSFiddle, MariaDB, MySQL, OracleDB, PL/SQL, PostgreSQL, Scripting, Software Development, SQL, SQL Server, SQLite, T-SQL | Leave a Comment »

On the research list: ahochsteger/gmail2gdrive: Gmail2GDrive is a Google Apps Script which automatically stores and sorts Gmail attachments into Google Drive folders.

Posted by jpluimers on 2022/10/13

On the research list: [Wayback/Archive.is] ahochsteger/gmail2gdrive: Gmail2GDrive is a Google Apps Script which automatically stores and sorts Gmail attachments into Google Drive folders.

The script is in JavaScript and runs on Archive.is Apps Script – Google Apps Script.

Because of [Wayback/Archive.is] gmail – Way to automatically download or print attachments or URLs from emails with specific labels – Web Applications Stack Exchange.

–jeroen

Posted in Development, GMail, Google, JavaScript/ECMAScript, Power User, Scripting, Software Development | Leave a Comment »

Type safe versus interpreted languages: which ones are safer?

Posted by jpluimers on 2022/10/06

An interesting thread by Kristian Köhntopp last year:

[Archive.is] Kristian Köhntopp on Twitter: “Python: >>> print(1+2+” = “+2+1) Traceback (most recent call last): File “”, line 1, in TypeError: unsupported operand type(s) for +: ‘int’ and ‘str’ Java: System.out.println(1+2+” = “+1+2); 3=12”

The examples from him and others in the thread:

Python:
>>> print(1+2+" = "+2+1)
Traceback (most recent call last):
  File "", line 1, in 
TypeError: unsupported operand type(s) for +: 'int' and 'str'

Java:
System.out.println(1+2+" = "+1+2);
3=12

php8.1  -r 'print 1+2+" = "+2+1;'
PHP Fatal error:  Uncaught TypeError: Unsupported operand types: int + string in Command line code:1
Stack trace:
#0 {main}
  thrown in Command line code on line 1

php7.3  -r 'print 1+2+" = "+2+1;'
PHP Warning:  A non-numeric value encountered in Command line code on line 1

Node?
Chrome & FF dev console:
window.alert(1+2+" = "+1+2)
3 = 12

Sind ja immerhin verschiedene Sprachen.

SELECT Wert1 
FROM table1
WHERE Wert1 < AVG(Wert1);

DB2 vs. Oracle vs. MSSQL vs. ....

The joke is that Python actually does better than Java.

But in practice, this is a problem on many platforms, so it deserves constant attention, that’s why Kristian pointed to [Archive] Anna “Legacy Archaeologist” Filina on Twitter: “My annotated slides “Fantastic Bugs and How to Avoid Them” from @LonghornPHP:  #LonghornPHP”

[Wayback/Archive] Fantastic Bugs and How to Avoid Them – Speaker Deck

I’ve expanded the examples from the thread below. The results are interesting and consistent over versions of the various languages.

–jeroen

Read the rest of this entry »

Posted in Development, Java, Java Platform, JavaScript/ECMAScript, Node.js, PHP, Python, Scripting, Software Development | Leave a Comment »

Converting an html dl (delimited list) on a page to a table from the Chrome console

Posted by jpluimers on 2022/09/14

A while ago, I wanted to convert the dl delimited list html element on a web page into a regular table so I could more easily reorder the data into cells.

So I ran the below bit of code in the Chrome Console after first putting the mentioned table with id here_table in the place where I wanted the table to be included:


<table id="here_table"></table>

view raw

_table.html

hosted with ❤ by GitHub


var arr = $("#delimitedList").children().map(function () {
return $(this).html();
}).get();
for (var i = 0; i < arr.length; i += 2) {
$('#here_table').append('<tr><td>' + arr[i] + '</td><td>' + arr[i + 1] + '</td></tr>');
}

view raw

convertDlToTable.js

hosted with ❤ by GitHub

For this script to work, you need jQuery, so yesterday I wrote Better, Stronger, Safer jQuerify Bookmarklet | Learning jQuery.

The code is based on [Wayback/Archive.is] Rebuild each definition list () as a table using JQuery – Stack Overflow (thanks [Wayback/Archive.is] easy!) with an important adoption instead of calling text() to get the textual dt and dd information, it uses html() so the original innerHTML is being preserved.

Some similar JavaScript pieces of code are at [Wayback/Archive.is] Turning HTML into a nested JavaScript array with jQuery – Stack Overflow.

Related:

–jeroen

Posted in Bookmarklet, Chrome, Development, Google, JavaScript/ECMAScript, jQuery, Pingback, Power User, Scripting, Software Development, Stackoverflow, Web Browsers, Web Development | Leave a Comment »

Better, Stronger, Safer jQuerify Bookmarklet | Learning jQuery

Posted by jpluimers on 2022/09/06

For my link archive, the [Wayback] Better, Stronger, Safer jQuerify Bookmarklet | Learning jQuery

Via: [Wayback/Archive.is] Include jQuery in the JavaScript Console – Stack Overflow (thanks [Wayback/Archive.is] brichins!)

When you do not have jQuery installed, then the Chrome console will give you the error [Wayback/Archive.is] javascript – TypeError: $(...).children is not a function – Stack Overflow which has code to load jQuery in this gist: [Wayback/Archive.is] use jQuery in Chrome javascript console.

If this bookmarklet ever starts to fail, then I need to check out these links:

The content of the JQueryfi bookmarklet is in the below gist:


javascript:(function(){var%20el=document.createElement(%22div%22),b=document.getElementsByTagName(%22body%22)[0],otherlib=!1,msg=%22%22;el.style.position=%22fixed%22,el.style.height=%2232px%22,el.style.width=%22220px%22,el.style.marginLeft=%22-110px%22,el.style.top=%220%22,el.style.left=%2250%25%22,el.style.padding=%225px%2010px%22,el.style.zIndex=1001,el.style.fontSize=%2212px%22,el.style.color=%22#222%22,el.style.backgroundColor=%22#f99%22;function%20showMsg(){var%20txt=document.createTextNode(msg);el.appendChild(txt),b.appendChild(el),window.setTimeout(function(){txt=null,typeof%20jQuery==%22undefined%22?b.removeChild(el):(jQuery(el).fadeOut(%22slow%22,function(){jQuery(this).remove()}),otherlib&&(window.$jq=jQuery.noConflict()))},2500)}if(typeof%20jQuery!=%22undefined%22)return%20msg=%22This%20page%20already%20using%20jQuery%20v%22+jQuery.fn.jquery,showMsg();typeof%20$==%22function%22&&(otherlib=!0);function%20getScript(url,success){var%20script=document.createElement(%22script%22);script.src=url;var%20head=document.getElementsByTagName(%22head%22)[0],done=!1;script.onload=script.onreadystatechange=function(){!done&&(!this.readyState||this.readyState==%22loaded%22||this.readyState==%22complete%22)&&(done=!0,success(),script.onload=script.onreadystatechange=null,head.removeChild(script))},head.appendChild(script)}getScript(%22http://code.jquery.com/jquery.min.js%22,function(){return%20typeof%20jQuery==%22undefined%22?msg=%22Sorry,%20but%20jQuery%20was%20not%20able%20to%20load%22:(msg=%22This%20page%20is%20now%20jQuerified%20with%20v%22+jQuery.fn.jquery,otherlib&&(msg+=%22%20and%20noConflict().%20Use%20$jq(),%20not%20$().%22)),showMsg()})})();

view raw

jQuerify.url

hosted with ❤ by GitHub


javascript:(function(){var el=document.createElement("div"),b=document.getElementsByTagName("body")[0],otherlib=!1,msg="";el.style.position="fixed",el.style.height="32px",el.style.width="220px",el.style.marginLeft="-110px",el.style.top="0",el.style.left="50%",el.style.padding="5px 10px",el.style.zIndex=1001,el.style.fontSize="12px",el.style.color="#222",el.style.backgroundColor="#f99";function showMsg(){var txt=document.createTextNode(msg);el.appendChild(txt),b.appendChild(el),window.setTimeout(function(){txt=null,typeof jQuery=="undefined"?b.removeChild(el):(jQuery(el).fadeOut("slow",function(){jQuery(this).remove()}),otherlib&&(window.$jq=jQuery.noConflict()))},2500)}if(typeof jQuery!="undefined")return msg="This page already using jQuery v"+jQuery.fn.jquery,showMsg();typeof $=="function"&&(otherlib=!0);function getScript(url,success){var script=document.createElement("script");script.src=url;var head=document.getElementsByTagName("head")[0],done=!1;script.onload=script.onreadystatechange=function(){!done&&(!this.readyState||this.readyState=="loaded"||this.readyState=="complete")&&(done=!0,success(),script.onload=script.onreadystatechange=null,head.removeChild(script))},head.appendChild(script)}getScript("http://code.jquery.com/jquery.min.js&quot;,function(){return typeof jQuery=="undefined"?msg="Sorry, but jQuery was not able to load":(msg="This page is now jQuerified with v"+jQuery.fn.jquery,otherlib&&(msg+=" and noConflict(). Use $jq(), not $().")),showMsg()})})();

view raw

UrlDecoded.js

hosted with ❤ by GitHub

–jeroen

Posted in Bookmarklet, Development, JavaScript/ECMAScript, jQuery, Power User, Scripting, Software Development, Web Browsers, Web Development | Leave a Comment »

iOS/Android Privacy: InAppBrowser.com – see what JavaScript commands get injected through an in-app browser · Felix Krause

Posted by jpluimers on 2022/08/31

Especially on Archive, but also on Android and other mobile operating systems, mobile apps can have their in-app browsers to circumvent the OS provided wrapper around the system browser.

On iOS, the Safari is the only system browser engine whereas on Android you can have other engines too, so less Android applications have in-app browsers.

Most of those in-app browsers are in social media applications that go to great length to keep their users inside a walled garden.

The site [Wayback/Archive] inAppBrowser.com helps checking how severely information is leaked through the in-app browser as those potentially have a lot of control. TikTok is worst capturing all input including credentials like user names and passwords.

Read the rest of this entry »

Posted in Chrome, Conference Topics, Conferences, Development, Event, Firefox, iOS Development, JavaScript/ECMAScript, Mobile Development, Power User, Privacy, Safari, Scripting, Security, Software Development, Web Browsers, Web Development | Leave a Comment »

OWASP WebGoat repositories: Deliberately insecure JavaEE application to teach application security

Posted by jpluimers on 2022/08/02

Last year in OWASP top rated security “feature” A01:2021 – Broken Access Control, I promised to write more about how learn about OWASP documented and rated security vulnerabilities.

Today is the day you should start learning from [Wayback/Archive.is] Github: OWASP WebGoat:

Deliberately insecure JavaEE application to teach application security

It is a Java backend with a JavaScript/HTML frontend, but the vulnerabilities just as easily apply to other back-end stacks.

Repositories:

  1. [Wayback/Archive.is] WebGoat/WebGoat: WebGoat is a deliberately insecure application

    WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons.

    This program is a demonstration of common server-side application flaws. The exercises are intended to be used by people to learn about application security and penetration testing techniques.

    WARNING 1: While running this program your machine will be extremely vulnerable to attack. You should disconnect from the Internet while using this program. WebGoat’s default configuration binds to localhost to minimize the exposure.

    WARNING 2: This program is for educational purposes only. If you attempt these techniques without authorization, you are very likely to get caught. If you are caught engaging in unauthorized hacking, most companies will fire you. Claiming that you were doing security research will not work as that is the first thing that all hackers claim.

  2. [Wayback/Archive.is] WebGoat/WebGoat-Lessons: 7.x – The WebGoat STABLE lessons supplied by the WebGoat team.

    This repository contains all the lessons for the WebGoat container. Every lesson is packaged as a separate jar file which can be placed into a running WebGoat server.

  3. [Wayback/Archive.is] WebGoat/WebWolf (Can’t have a goat without a wolf, but I wonder where the cabbage is)
  4. [Wayback/Archive.is] WebGoat/WebGoat-Legacy: Legacy WebGoat 6.0 – Deliberately insecure JavaEE application
    This is the WebGoat Legacy version which is essentially the WebGoat 5 with a new UI.
    This program is a demonstration of common server-side application flaws. The exercises are intended to be used by people to learn about application penetration testing techniques.
  5. [Wayback/Archive.is] WebGoat/WebGoat-Archived-Releases: WebGoat 5.4 releases and older

    WebGoat 5.4 releases and older

  6. [Wayback/Archive.is] WebGoat/groovygoat: POC for dynamic groovy/thymeleaf based lesson system

    POC to demonstrate dynamic lessons with groovy controller/thymeleaf templates

They are by OWASP:

The Open Web Application Security Project (OWASP) is an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.[4][5]The Open Web Application Security Project (OWASP) provides free and open resources. It is led by a non-profit called The OWASP Foundation. The OWASP Top 10 – 2021 is the published result of recent research based on comprehensive data compiled from over 40 partner organizations.

Very important is the [Wayback/Archive.is] OWASP Top Ten Web Application Security Risks | OWASP:

The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.

Globally recognized by developers as the first step towards more secure coding.

Companies should adopt this document and start the process of ensuring that their web applications minimize these risks. Using the OWASP Top 10 is perhaps the most effective first step towards changing the software development culture within your organization into one that produces more secure code.
Changes in the OWASP Top 10 between 2017 and 2021:

More OWASP repositories (including the [Wayback/Archive.is] OWASP/Top10: Official OWASP Top 10 Document Repository and [Wayback/Archive.is] OWASP/www-project-top-ten: OWASP Foundation Web Respository which seem to be at a 4-year update interval got updated in 2021) are at [Wayback/Archive.is] Github: OWASP.

Related: [Archive.is] Jeroen Wiert Pluimers on Twitter: “This so much sounds like German government IT-projects: …”

Via:

–jeroen

Posted in Authentication, CSS, Development, Encryption, HTML, Java Platform, JavaScript/ECMAScript, Pen Testing, Scripting, Security, Software Development, Web Development | Leave a Comment »

« Previous Entries
Next Entries »