Why oh why would you put something on the internet if you don't want people to view it?
So many times I have seen a really nifty piece of work and wanted to know how the author did it. They, however, had different ideas and implement some contrived method of stopping you from right clicking and viewing the source.
To these authors I have one thing to say, not even Microsoft, the notorious closed source initiative stops people viewing the source on their website.
Think about it. The internet is PUBLIC network. Anything posted on a PUBLIC network is open to, yes you guessed it, the public. Implementing these stupid "anti-right click" mechanisms pisses people off just enough to figure out a way round it.
There are a multitude of ways to get round it and I am going to list them:
A) Save the web page and open it in your favourite text editor locally
B) Certain methods implemented in IE will not work in Firefox, so open the site in that browser rather and then right click and view source.
C) If you have office installed you will have the option to edit in Office, this will reveal the code
D) any site "optimised for Microsoft Internet Explorer" open in firefox or some other browser to circumvent any source protection.
E) Alot of people (including myself but for other reasons) reference external javascripts. look for the tag <script language="JavaScript" src="myjavascript.js"> . Copy the src value and past it int the browser after the domain. This will reveal the javascript file
F) Close the site and never, ever go back. You have to ask yourself what that site is doing and why they would want to prevent you from viewing the source? Something malicious maybe? Javascript security flaws are a dim a dozen.
G)Copy the url and paste it into your favourite download manager and download the processed page for editing locally.
Oh and one other thing for you developers using the .inc file extension. Please, please, please for your own safety map the extention to be processed by the script engine you are running (ASP, PHP etc). If you don't these pages can be viewed in plain text and it is amazing the imformation that can be gleaned from them.
Those of you preventing the right click, STOP! You are wasting your time and effort. You could be doing something more productive and remember, what every you have done, someone else has done better.
Have a happy day :)
Thursday, May 25, 2006
Friday, May 19, 2006
C# 505 protocol unsupported and psychotic episodes
There is nothing basic about BASIC authentication when using Tomcat and AXIS to serve web services and a C# windows forms client to consume them.
Many a google search turned up nothing aside from people using a work around to force the client to use HTTP/1.0. I didn't believe this was the best solution as you would have to change it every time you updated the client.
I managed to get Tomcat authenticating users off an OpenLDAP server (very cool). There is also a windows port of the popular LDAP server (search google "windows OpenLDAP"). Then came the mission of getting the client to authenticate against the Tomcat server.
It appears that the problem is related to the Keep Alive settings on the Tomcat server and the way C# deals with it's authentication information. Upon setting the server to not keep connections alive everything started grooving.
so effectively all you do is add the attribute maxKeepAliveRequests="1" to the Tomcat server.conf <Connector> entry and restart apache. Below is an example
Then in C# create the NetworkCredentials object like so
and assign it to the web service object credentials you have created and away you go! I will be posting a tutorial on this soon.
I hope this helps someone, as for more info on the topic refer to the apache bug log here.
On another note a very bright chap pointed out that setting ServicePointManager.Expect100Continue = false; also works (thus allowing the keep alives). His comments can be found here
One day our technologies will talk to each other and be happy. Anyways, I can finally get some sleep tonight and if you have a web service containing sensitive information, please for your own good, secure it. Basic is not the best route to go but it is a start.
Many a google search turned up nothing aside from people using a work around to force the client to use HTTP/1.0. I didn't believe this was the best solution as you would have to change it every time you updated the client.
I managed to get Tomcat authenticating users off an OpenLDAP server (very cool). There is also a windows port of the popular LDAP server (search google "windows OpenLDAP"). Then came the mission of getting the client to authenticate against the Tomcat server.
It appears that the problem is related to the Keep Alive settings on the Tomcat server and the way C# deals with it's authentication information. Upon setting the server to not keep connections alive everything started grooving.
so effectively all you do is add the attribute maxKeepAliveRequests="1" to the Tomcat server.conf <Connector> entry and restart apache. Below is an example
<Connector port="8080"
maxHttpHeaderSize="8192"
maxKeepAliveRequests="1"
maxThreads="150"
minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false"
redirectPort="8443"
acceptCount="100"
connectionTimeout="20000"
disableUploadTimeout="true" />
Then in C# create the NetworkCredentials object like so
NetworkCredential cred =
new NetworkCredential("username", "password");
and assign it to the web service object credentials you have created and away you go! I will be posting a tutorial on this soon.
I hope this helps someone, as for more info on the topic refer to the apache bug log here.
On another note a very bright chap pointed out that setting ServicePointManager.Expect100Continue = false; also works (thus allowing the keep alives). His comments can be found here
One day our technologies will talk to each other and be happy. Anyways, I can finally get some sleep tonight and if you have a web service containing sensitive information, please for your own good, secure it. Basic is not the best route to go but it is a start.
Thursday, May 11, 2006
Would you like milk with your serialization?
Man what a mission! I have been sitting for the past four hours trying to figure out how to pass a custom object via SOAP. Everything deals with serailizing the object then calling it using Java. Now my problem lays in the fact that it will be called by C#.
I finally figured out the process I am supposed to follow but for the life of me can't find any decent documentation. Will soldier on though (have, it is my job LOL).
If any of you guys out there have any pointers to some decent documentation I would appreciate it. The platform that is serving the web services is Apache Axis. The client consuming the services is C#.
Thanks in advanced
I finally figured out the process I am supposed to follow but for the life of me can't find any decent documentation. Will soldier on though (have, it is my job LOL).
If any of you guys out there have any pointers to some decent documentation I would appreciate it. The platform that is serving the web services is Apache Axis. The client consuming the services is C#.
Thanks in advanced
Friday, May 05, 2006
Procedural is for the army
Okay, don't get me wrong, but procedural code has its place. Inside a little box far away from enterprise solutions. It is great for the quick fix it or the once off or twice off export.
The reason I say this is because developers come and go but the application running your enterprise will be around for a long, long time. Now if you write this solution in procedural code making changes is a NIGHTMARE! If you change one line of code the implications bubble through all 1000 lines of your web page!
Now take Object Orientated design and you have a scalabile, updatable model. It might take longer to design and impliment but at the end of the day are you looking for a quick fix or a long term solution?
Every developer has different ways of developing procedual and object orientated code BUT the object orientated code (if designed properly) has more advantage is the long run. It makes finding procedures easier, updating the procedure shouldn't affect the objects that hook into it (unless it is exposed and used by other classes). What a pleasure!
Anyways, you take the high road and I'll take the low road and have less maintenance to do, which means I get home before you! :P
Enjoy your weekend people.
The reason I say this is because developers come and go but the application running your enterprise will be around for a long, long time. Now if you write this solution in procedural code making changes is a NIGHTMARE! If you change one line of code the implications bubble through all 1000 lines of your web page!
Now take Object Orientated design and you have a scalabile, updatable model. It might take longer to design and impliment but at the end of the day are you looking for a quick fix or a long term solution?
Every developer has different ways of developing procedual and object orientated code BUT the object orientated code (if designed properly) has more advantage is the long run. It makes finding procedures easier, updating the procedure shouldn't affect the objects that hook into it (unless it is exposed and used by other classes). What a pleasure!
Anyways, you take the high road and I'll take the low road and have less maintenance to do, which means I get home before you! :P
Enjoy your weekend people.
Thursday, May 04, 2006
mod_rewrite and the jaws of insanity
WOW! what a mission. Who would have thought it would take me almost 12 hours to right a simple rewrite rule! In all fairness I did trash the server config my host so generously set up to run off PHP5 at my request (great bunch of people).
The biggest problem is that I was unable to log the rewrite rule, so eventually I started from scratch and slowly added and subtracted things until I had the rule running. In my rampant search on google I came across some very interesting material. I will post the links tomorrow. It is amazing what is available out there.
The rewrite rule was to convert dynamic urls to appear to be static urls. As soon as I did this I noticed an increase in google activity on the site and the sitemap revealed more pages. So it worked :)
Added two more tutorials to rabiddog.co.za. Both PHP. One dealing with classes and the other dealing with output buffering. The tutorials section is still look a bit bleak but time will fill the holes. This weekend I am hoping to get onto the next section of the site.
Oh and in my travels I came across an article that pretty much sums up the challenge facing good developers and the plague destroying the programming art. http://www.sadeveloper.net/Articles_View.aspx?articleID=235
The biggest problem is that I was unable to log the rewrite rule, so eventually I started from scratch and slowly added and subtracted things until I had the rule running. In my rampant search on google I came across some very interesting material. I will post the links tomorrow. It is amazing what is available out there.
The rewrite rule was to convert dynamic urls to appear to be static urls. As soon as I did this I noticed an increase in google activity on the site and the sitemap revealed more pages. So it worked :)
Added two more tutorials to rabiddog.co.za. Both PHP. One dealing with classes and the other dealing with output buffering. The tutorials section is still look a bit bleak but time will fill the holes. This weekend I am hoping to get onto the next section of the site.
Oh and in my travels I came across an article that pretty much sums up the challenge facing good developers and the plague destroying the programming art. http://www.sadeveloper.net/Articles_View.aspx?articleID=235
Wednesday, May 03, 2006
The FAST Lane
Driving home this evening on the M1 I encountered a traffic jam (nothing strange really, happens everyday) and for some arb reason I had a thought. I asked myself "how on earth can the fast lane stop?"
Valid question if you think about it. The fast lane has no off-ramps, no robots (traffic-lights) and no stop streets. To effectively jam up the fast lane it would mean that the lanes end must have stopped.
The fastest lane on the highway has to be the emergency (taxi) lane. These guys rip down the emergency lane and block off ramps because they need to get past them.
Viva metro police, viva traffic police, viva South African law enforcement and excuse me while I vomit.
Valid question if you think about it. The fast lane has no off-ramps, no robots (traffic-lights) and no stop streets. To effectively jam up the fast lane it would mean that the lanes end must have stopped.
The fastest lane on the highway has to be the emergency (taxi) lane. These guys rip down the emergency lane and block off ramps because they need to get past them.
Viva metro police, viva traffic police, viva South African law enforcement and excuse me while I vomit.
Up, up and away!
Finally the Rabid Dog labs website has been launched. Although things have started pretty slow I am hopeful that they will pick up. So If you know anyone that does development, that needs a tutorial, a code library or an application, PLEASE ask them to request it at my site. The only way this thing is going to get any bigger is if I get feed back from the community.
Subscribe to:
Comments (Atom)