From: Karl Dahlke <eklhad@comcast.net>
To: Edbrowse-dev@lists.the-brannons.com
Subject: [Edbrowse-dev] DOMContentLoaded
Date: Tue, 13 Mar 2018 03:48:52 -0400 [thread overview]
Message-ID: <20180213034852.eklhad@comcast.net> (raw)
[-- Attachment #1: Type: text/plain, Size: 2597 bytes --]
tsp asked a relatively innocent question, which led to an interesting result.
Why can't we get to http://www.royalroadl.com
It gives http error 503, temporarily out of service. That makes you think their server is down, so you walk away and try later. But you always get this misleading error, always.
The page has some skeleton html and a couple dozen lines of javascript.
The skeleton is a form that says they are checking our browser,
and could I wait a few seconds.
I waited, plenty long enough, and then pushed submit, and got the same page with the same 503 error and the same form back again.
Time to read through the somewhat cryptic javascript.
The function basically attaches another function to document under the event DOMContentLoaded, and that's it.
It never dispatches that event, which means we're suppose to, and we don't.
I read about DOMContentLoaded on the internet.
Is it suppose to come before or after onload? Not clear.
Is it suppose to run like a function, as we do with onload, or through the dispatchEvent system? Not clear.
I did it the easiest way possible, called document.onDOMContentLoaded() at the end of runOnload() in html.c.
And what would this function do if it were run?
It does all sorts of weird computations in javascript, and updates a hidden input field with the answer, then it submits the form.
When I submitted the form manually it didn't cut any ice, because js had not put the correct answer in the hidden field.
I had to run js, and update the field, and submit the form.
This went to another page on the website wich verified the answer.
Apparently it was correct, because http 302 redirected me back to the home page, yes, the very same home page,
and this time it let me in. Code 200.
How did the home page know I had passed the test?
I didn't see any cookies fly by.
Did it record my IP address as ok?
That's rather crude; a thousand computers on an intranet can be behind one ip address as the gateway.
I don't know how it works on the server side, which frustrates me a little.
I do know that one line of code made the difference between being locked out and getting in. (Latest push).
1. Whoever said more and more sites will need js just to browse, was correct.
2. Whoever said events were critical to the success of edbrowse and javascript, was correct.
This is going to be a js intensive website, almost as bad as nasa.
I got you in, but not clear how many functions will work inside.
I'm sure we'll discover more things that we are missing, or not implementing correctly.
Karl Dahlke
next reply other threads:[~2018-03-13 7:47 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-13 7:48 Karl Dahlke [this message]
2018-03-14 2:21 ` Kevin Carhart
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180213034852.eklhad@comcast.net \
--to=eklhad@comcast.net \
--cc=Edbrowse-dev@lists.the-brannons.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).