[thelist] how do we hide contents? Challenge!!

Geoff Sheridan web2k2 at premonition.co.uk
Tue Dec 10 09:07:01 CST 2002


--
[ Picked text/plain from multipart/alternative ]
They've URL encoded the source so that:

%77%69%6E%64%6F%77%2E%73%74%61%74%75%73%3D%22%53%77%69%73%68%73%70%6F%74%20%44%65%73%69%67%6E%65%72%20%46%6F%72%75%6D%73%20%20%57%65%62%20%44%65%73%69%67%6E%20%43%6F%6D%6D%75%6E%69%74%79%20%61%6E%64%20%52%65%73%6F%75%72%63%65%73%22%3B%5F%64%77%3D%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%3D%6E%75%6C%6C%3B

becomes:
window.status="Swishspot Designer Forums Web Design Community and
Resources";_dw=document.write;document.write=null;

But they've then chopped up that encoded code, and mixed it up, as
can be seen by fragments of javascript like this (seen only after
using urldecode(); in PHP):
for(_i=0;_i<_c.length;_i++)if(_i%3==0)_d+="%";else
_d+=_c.charAt(_i);eval(unescape(_d));_d="";

...given that _d, _c etc are large blocks of text thus 'encoded'.

Javascript unencodes the page source. This means non javascript UAs
will see nothing or something unexpected. The majority view on Evolt
is that if you don't want people to see your source, don't put it on
the web. You can already see most of the source of this site by using
Mozilla's DOM inspector.

First one to post the complete plain html listing of
http://www.oaklanddesign.com/articles/pswf.html gets a (virtual) pat
on the back!

Geoff



More information about the thelist mailing list