The Un-Official Proxomitron Forum
Firefox Noscript and Sidki's JS Insertion - Printable Version

+- The Un-Official Proxomitron Forum (https://www.prxbx.com/forums)
+-- Forum: Proxomitron Config Sets (/forumdisplay.php?fid=43)
+--- Forum: Sidki (/forumdisplay.php?fid=44)
+--- Thread: Firefox Noscript and Sidki's JS Insertion (/showthread.php?tid=1089)

Pages: 1 2


Firefox Noscript and Sidki's JS Insertion - whenever - Sep. 05, 2008 02:34 AM

I am just trying Firefox with Noscript extension set to block scripts globally. I had put local.ptron into whitelist to allow 3rd party js code inserted by proxomitron.

However, sidki uses below code to insert his js:
Code:
    <script id="proxScrHead" type="text/javascript">//<![CDATA[
     if (typeof prxCountLd == "undefined") {
       var prxO = {oSet: {
         $_cfg: "2008-01-02", $_level: 4, $_xns: document.documentElement ? document.documentElement.namespaceURI : null,
         _titTime: "10:09:53", _catchBoxes: 10, _catchErrors: 6, _catchRnd: 20,
         $css: 4, $toDo: 1+2+4+8+16+32+64, $stopMe: 1+2+4+8, $popUp: 1+2+4+8, $toButton: 1+2+4+8
       }, oNce: {
         ncFrom: "http://slashdot.org/search/referrer-karma.php%3Fq%3DBig+Bang",
         ncWith: "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.9.9"
       }};

       (function () {
         var jsLoc = "http://local.ptron/sidki_h_" + prxO.oSet.$_cfg + "/proxjs-full.js";
         if (document.write && !prxO.oSet.$_xns)
           document.write("\n<script id=\"proxScrLink\" type=\"text/javascript\" src=\"" + jsLoc + "\">\<\/script>");
         else {
           var tag = prxO.oSet.$_xns ? document.createElementNS(prxO.oSet.$_xns, "script") : document.createElement("script");
           tag.src = jsLoc; tag.type = "text/javascript"; tag.id = "proxScrLink";
           document.getElementById("proxScrHead").parentNode.appendChild(tag);
         }
       }) ();
     }
    //]]></script>

The above code is considered as the 1st party script to the current page viewed. When the site is not in the whitelist, the above code is blocked and then sidki's proxjs-(full|min).js is not inserted sucessfuly.

I had tried to insert sidki's js directly by adding a new filter that inserts:
Code:
<script id="proxScrLink" src="http://local.ptron/sidki_h_2008-01-02/proxjs-full.js" type="text/javascript">

but it broke some sites.

It seems sidki has his reason to insert his code that way but I know nothing about javascript code. Banging Head

Anybody could have a look? Smile!


RE: Firefox Noscript and Sidki's JS Insertion - Guest - Sep. 07, 2008 11:32 PM

up
ty


RE: Firefox Noscript and Sidki's JS Insertion - Kye-U - Sep. 11, 2008 01:25 PM

This is being injected into the top of every page by the Header Top Add: Initial JS Code filter.

If you look at the replacement text:

Code:
\t<script id="proxScrHead" type="text/javascript">//<![CDATA[\r\n
\t if (typeof prxCountLd == "undefined") {\r\n
\t   var prxO = {oSet: {\r\n
\t     $_cfg: "$GET(cfg)", $_level: \6,\5
$_xns: document.documentElement ? document.documentElement.namespaceURI : null,\r\n
\t     $GET(jsVarsT)\r\n
\t     $GET(jsVarsB)\r\n

You can see that it prints out different variables. I think this page would be of some help: http://feather.elektrum.org/book/src.html

We'll have to somehow pass along the different values in an include of the Javascript, such as:

Code:
<script id="proxScrLink" src="http://local.ptron/sidki_h_2008-01-02/proxjs-full.js?$_cfg=2008-01-02&$_level=4&....." type="text/javascript">

And, in turn, we'll need to modify the Javascript file to read the values passed (using the parseQuery function in the URL I linked above).

Sounds like a pretty interesting project Wink I'll see what I can do. I can't really test it out since Firefox is blocked, but if I understand how NoScript works correctly, this would theoretically work.


RE: Firefox Noscript and Sidki's JS Insertion - whenever - Sep. 21, 2008 05:00 AM

It should work as long as local.ptron is put into whitelist.

I would be pleased to test it when you make progress. Wink


RE: Firefox Noscript and Sidki's JS Insertion - Kye-U - Oct. 09, 2008 12:28 AM

Just wanted to let everyone know that I've been having some trouble getting the variables and attempting to convert them into a ?var1=val1&var2=val2&var3=val3... format. I have to find out where they're being set, and somehow change the format. This doesn't mean I'm stumped though Wink I'm eager to have this fixed since I know many people use the NoScript extension with Firefox.


RE: Firefox Noscript and Sidki's JS Insertion - z12 - Oct. 09, 2008 12:32 PM

Kye-U Wrote:I've been having some trouble getting the variables and attempting to convert them into a ?var1=val1&var2=val2&var3=val3... format. I have to find out where they're being set, and somehow change the format.

Maybe you could pass the variables to the script, more or less as is, via a meta tag thats injected before prox.js is.
The content attribute of the meta tag could be used to pass the jsVars.

The prox.js scripts would have to be modified to read the content attribute of the meta tag.
Or, this could be done by injecting a new external js file that is called before the prox.js is injected.
This script would create the cfg object and eliminate the need for modifying the existing scripts.

Something like this maybe:

Inject the meta tag and the JsCfg script before injecting prox.js script
Code:
<meta name="prxJsVars" content="foo,bar,etc,$GET(jsVar)" />\r\n
<script type="text/javascript" src="http://local.ptron/sidkiJsCfg.js"></script>\r\n

Example js code for sidkiJsCfg.js
Code:
function createPrxJsCfgObj(){
  
  // Read the meta tags content attribute string
  var prxJsCfg=document.getElementsByName("prxJsVars")[0].content;
  
  // create the proxO object using the passed values
  
}

createPrxJsCfgObj();

Just a thought.
z12


RE: Firefox Noscript and Sidki's JS Insertion - lnminente - Oct. 09, 2008 02:20 PM

Hope this code helps, you could use it inside $URL():
Code:
[Patterns]
Name = "<example> Convert url to vars {ln}081009"
Active = FALSE
Limit = 256
Match = "(http://local.ptron/sidki_h_2008-01-02/proxjs-full.js?"
        "((\#"
        "(\$_$SET(\#=\r\nvar )"
        "|\&$SET(\#=; ))"
        ")+\#)"
        ")"
Replace = "\@;"
Test it with the next text in the test window:
http://local.ptron/sidki_h_2008-01-02/proxjs-full.js?$_cfg=2008-01-02&$_level=4&$_level=4&$_cfg=2008-01-02&$_level=4&$_cfg=2008-01-02

Note1: If the name of the vars includes _ at the biginning change (\$_$SET(\#=\r\nvar ) by (\$$SET(\#=\r\nvar )
Note2: I don't know about javascript but i think the result is well formated.


RE: Firefox Noscript and Sidki's JS Insertion - Kye-U - Oct. 09, 2008 07:40 PM

I've finished =]

You only need to make three "changes" (note, you MUST have the 2008-01-02 version of Sidki's config pack):

-overwrite the old proxjs-min.js file (in Proxomitron Naoko-4\html\sidki_h_2008-01-02) (I recommend backing it up)
-overwrite the old proxjs-full.js file (in Proxomitron Naoko-4\html\sidki_h_2008-01-02) (I recommend backing this up as well)
-import the new "Header Top Add: Initial JS Code" filter (and disable/delete the old filter)

The two JS files:
[attachment=172]
[attachment=171]

The updated filter:
Code:
[Patterns]
Name = "Header Top Add: Initial JS Code     7.11.29 (ccw! !mos) [...] (d.r) [ku]"
Active = TRUE
URL = "$TYPE(htm)(^$TST(hOrigUA=ncsa mosaic*))"
Limit = 16
Match = "(^(^<ProxHdrTop>))$STOP()$TST(volat=(*.headok:)\71.\8)$SET(volat=\72.\8)"
        ""
        "$SET(jsVarsB="
        "$TST(flag=*.size_b:[#1:*].*)"
        "$TST(jsVarsB=(*$toDo: )\7(0|$SET(5=+)([^,]+)\6) \8)"
        "\7\6\564\8"
        ")"
        "$SET(5=$TST(tFrameset=*) $_frameset: 1,)"
        ""
        "$SET(8=full)($TST(keyword=*.i_level:((1$SET(8=min)|[2-9])(.[0-9])+&&\6).*)|$SET(6=null))"
        "($OHDR(Referer:( ) \2)|)((^$TST(keyword=*.i_ua:*))$OHDR(User-Agent:( ) \3)|)"
        "($TST(hOrigUA=mozilla/4.[1-9]*)$SET(8=min)|$SET(4= id=\\"proxScrLink\\"))"
Replace = "<textarea id="prxJsVarsSidki" style="display: none !important;">"
          "$_cfg: "$GET(cfg)", $_level: \6,\5 "
          "$_xns: document.documentElement ? document.documentElement.namespaceURI : null,"
          "$GET(jsVarsT)"
          "$GET(jsVarsB)"
          "|||"
          "ncFrom>>>"$ESC(\2)"___ncWith>>>"\3""
          "</textarea>"
          "<script type="text/javascript" src="http://local.ptron/sidki_h_$GET(cfg)/proxjs-\8.js"></script>"
          "$SET(jsVarsB=)$SET(jsVarsT=)"

Technical Details:

The following will be injected at the top of every page you visit:

Code:
<textarea id="prxJsVarsSidki" style="display: none !important;">$_cfg: "2008-01-02", $_level: 4, $_xns: document.documentElement ? document.documentElement.namespaceURI : null,_titTime: "15:04:42", _titMod: "16 Sep 2008 16:58", _catchBoxes: 10, _catchErrors: 6, _catchRnd: 20, $css: 4, $toDo: 1+2+4+8+32+64, $stopMe: 1+2+4+8, $popUp: 1+2+4+8, $toButton: 1+2+8|||ncFrom>>>""___ncWith>>>"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US)"</textarea><script type="text/javascript" src="http://local.ptron/sidki_h_2008-01-02/proxjs-full.js"></script>

I've coded a "parser" in the proxjs-min.js and proxjs-full.js files, to create and populate the necessary object(s) using the variables in the hidden textarea (lines ~11 to ~53).

The parser:
  • creates the necessary objects
  • reads the variables and values from the first textarea on the page
  • splits the content into two sections, prxO.oSet and prxO.oNce
  • parses and populates the prxO.oSet keys and values
  • parses and populates the prxO.oNce keys and values

You can view the JS files themselves to read up on the comments I've included so that you can better understand the code and the reasoning behind it.
I haven't tested it extensively (yet); I just wanted to share this with everyone Smile!
Thanks.

Here's the new code I've coded for both the JS files (just FYI, you don't have to continue reading this post):

Code:
/* ====================================
   Create and populate "prxO" object with variables [ku]
   ==================================== */

function trim(stringToTrim) { // function from http://www.somacon.com/p355.php => thank you!
    return stringToTrim.replace(/^\s+|\s+$/g,"");
}

// Initialize prxO object, with two nested objects (oSet and oNce)
var prxO = {oSet: {},
            oNce: {}};

// Get variables
var prxJsCfg = document.getElementsByTagName("textarea")[0].innerHTML;

// Sort variables into prxO.oSet and prxO.oNce variables
prxJsCfg = prxJsCfg.split("|||"); // split prxO.oSet and prxO.oNce variables

// Split prxO.oSet keys + values
prxJsCfg_oSet = prxJsCfg[0].split(",");
for (a=0; a < prxJsCfg_oSet.length; a++) {
    oSetVal = prxJsCfg_oSet[a].split(":");

    if (oSetVal.length > 2) { // There are ":"s in the key value, so we need to combine all the split values together; this problem is caused by $_xns, _titTime, _titMod and maybe more).
        oSetValFinal = "";
        for (b=1; b < oSetVal.length; b++) { // b starts from 1 because oSetVal[0] = the key name
            oSetValFinal += oSetVal[b] + ":"; // merge all the values together, appending the ":" at the end for each value
        }
        oSetValFinal = oSetValFinal.slice(0, -1); // remove the last ":" from the appended value string (fixes "14:11:00": to be "14:11:00")
    } else {
        oSetValFinal = oSetVal[1];
    }
    
    prxO.oSet[trim(oSetVal[0])] = trim(oSetValFinal); // populate prxO.oSet object
}

// Split prxO.oNce keys + values
prxJsCfg_oNce = prxJsCfg[1].split("___"); // need to split by "___" because the User Agent could have comma(s)
for (a=0; a < prxJsCfg_oNce.length; a++) {
    oSetVal = prxJsCfg_oNce[a].split(">>>"); // need to split by ">>>" because the two keys may contain URLs
    prxO.oNce[trim(oSetVal[0])] = trim(oSetVal[1]); // populate prxO.oNce object
}



RE: Firefox Noscript and Sidki's JS Insertion - Kye-U - Oct. 09, 2008 10:03 PM

Whoops, I forgot about Bottom Add: Final JS Code, I'll see what I can do.

EDIT: Just tested, and it doesn't work D'oh!

Hopefully someone out there can point out what I'm doing wrong. Attached are my latest "works".

[attachment=173]
[attachment=174]

Code:
[Patterns]
Name = "Header Top Add: Initial JS Code     7.11.29 (ccw! !mos) [...] (d.r) [ku]"
Active = TRUE
URL = "$TYPE(htm)(^$TST(hOrigUA=ncsa mosaic*))"
Limit = 16
Match = "(^(^<ProxHdrTop>))$STOP()$TST(volat=(*.headok:)\71.\8)$SET(volat=\72.\8)"
        ""
        "$SET(jsVarsB="
        "$TST(flag=*.size_b:[#1:*].*)"
        "$TST(jsVarsB=(*$toDo: )\7(0|$SET(5=+)([^,]+)\6) \8)"
        "\7\6\564\8"
        ")"
        "$SET(5=$TST(tFrameset=*) $_frameset: 1,)"
        ""
        "$SET(8=full)($TST(keyword=*.i_level:((1$SET(8=min)|[2-9])(.[0-9])+&&\6).*)|$SET(6=null))"
        "($OHDR(Referer:( ) \2)|)((^$TST(keyword=*.i_ua:*))$OHDR(User-Agent:( ) \3)|)"
        "($TST(hOrigUA=mozilla/4.[1-9]*)$SET(8=min)|$SET(4= id=\\"proxScrLink\\"))"
Replace = "<textarea id="prxJsVarsSidki" style="display: none !important;">"
          "$_cfg: "$GET(cfg)", $_level: \6,\5 "
          "$_xns: document.documentElement ? document.documentElement.namespaceURI : null,"
          "$GET(jsVarsT)"
          "$GET(jsVarsB)"
          "|||"
          "ncFrom___"$ESC(\2)"____ncWith___"\3""
          "</textarea>"
          "<script type="text/javascript" id="proxScrHead" src="http://local.ptron/sidki_h_$GET(cfg)/proxjs-\8.js"></script>\r\n"
          "$SET(jsVarsB=)$SET(jsVarsT=)"

Name = "Bottom Add: Final JS Code     7.09.06 (ccw! !mos) [...] (d.r) [ku]"
Active = TRUE
URL = "$TYPE(htm)(^$TST(hOrigUA=ncsa mosaic*))"
Limit = 16
Match = "(^(^<ProxBottom>))$STOP()$TST(keyword=*.i_level:([#*:*])\0.*)"
        "("
        "$TST(volat=*.headok:2*)"
        "|($TST(volat=*.log:[12]*)$ADDLST(Log-Rare,WEB JS_Inject failed\t\u)|)PrxFail$TST()"
        ")"
        ""
        "("
        "(^$TST(keyword=*.i_level:1.*)|$TST(hOrigUA=mozilla/4.[1-9](^*opera)*))"
        ""
        "$SET(9="
        "$TST(volat=*.menu:([12])\0.*)"
        "$TST(keyword=(*.(i_layout:(1|2)\1|i_script:(1|2)\2.|i_proxy:(1|2)\3|i_spoof:(1|2)\4))+*)"
        "$TST(volat=(*.(top:(*/)\5|up:(*/)\6|headers:(1)\7))+*)"
        "\t<textarea style="display: none !important;">"
        ""\0", "\1", "\2", "\3", "\4", "\5", "\6", "\7", "$ESC(\u)""
        "</textarea>\r\n"
        ")"
        "(^$TST(keyword=*.a_noprint.*))"
        "("
        "$TST(eAdJS=*)($TST(\0=[123])$SET(eAdJS=)|$SET(#="
        "\\n<span class=\\"ProxAdScript Prox\\" style=\\"display:$GET(displayI)\\">&#8226;&#160;"
        "<a class=\\"ProxAdScript Prox\\""
        " onmouseover=\\"prxO.oFly.flShow('%3Cdiv id=%22proxFlyCt-Div%22>$GET(eAdJS)%3C/div>',event,0);\\""
        " onmouseout=\\"prxO.oFly.flDHide();\\">js out<\\/a> <\\/span>$SET(eAdJS=)))"
        "|)("
        "$TST(eAdComm=*)$SET(eAdCommII=)($TST(\0=[123])$SET(eAdComm=)|$SET(#="
        "\\n<span class=\\"ProxComment Prox\\" style=\\"display:$GET(displayI)\\">&#8226;&#160;"
        "<a class=\\"ProxComment Prox\\""
        " onmouseover=\\"prxO.oFly.flShow('%3Cdiv id=%22proxFlyCt-Div%22>$GET(eAdComm)%3C/div>',event,0);\\""
        " onmouseout=\\"prxO.oFly.flDHide();\\">comments<\\/a> <\\/span>$SET(eAdComm=)))"
        "|)("
        "$TST(eHits=*)$SET(#="
        "\\n<span class=\\"ProxAlert Prox\\" style=\\"display:$GET(displayI)\\">&#8226;&#160;"
        "<a class=\\"ProxAlert Prox\\""
        " onmouseover=\\"prxO.oFly.flShow('%3Cdiv id=%22proxFlyCt-Div%22>$GET(eHits)%3C/div>',event,0);\\""
        " onmouseout=\\"prxO.oFly.flDHide();\\">hits<\\/a> <\\/span>$SET(eHits=))"
        "|)("
        "$TST(pIframe=*)$SET(#="
        "\\n<span class=\\"ProxToggleI Prox\\" style=\\"display:$GET(displayI)\\">&#8593;"
        "<a class=\\"ProxToggleI Prox\\""
        " href=\\"javascript:prxO.oInt.inToggleB('ProxIframe','cl','span');"
        "prxO.oInt.inToggleC('ProxIframe','iframe');\\""
        " title=\\"Toggle $GET(pIframe) iFrame(s)\\" target=\\"_self\\">iframe<\\/a> <\\/span>)"
        "|)("
        "$TST(pApplet=*)$SET(#="
        "\\n<span class=\\"ProxToggleI Prox\\" style=\\"display:$GET(displayI)\\">&#8593;"
        "<a class=\\"ProxToggleI Prox\\""
        " href=\\"javascript:prxO.oInt.inToggleB('ProxApplet','cl','span,applet');\\""
        " title=\\"Toggle $GET(pApplet) Java Applet(s)\\" target=\\"_self\\">java<\\/a> <\\/span>)"
        "|)("
        "$TST(pMarquee=*)$SET(#="
        "\\n<span class=\\"ProxToggleI Prox\\" style=\\"display:$GET(displayI)\\">&#8593;"
        "<a class=\\"ProxToggleI Prox\\""
        " href=\\"javascript:prxO.oInt.inToggleB('ProxMarquee','cl','span,marquee');\\""
        " title=\\"Toggle $GET(pMarquee) scrolling Marquee(s)\\" target=\\"_self\\">marquee<\\/a> <\\/span>)"
        "|)("
        "$TST(pMovie=*)$SET(#="
        "\\n<span class=\\"ProxToggleI Prox\\" style=\\"display:$GET(displayI)\\">&#8593;"
        "<a class=\\"ProxToggleI Prox\\""
        " href=\\"javascript:prxO.oInt.inToggleB('ProxEmbed','cl','span');\\""
        " title=\\"Toggle $GET(pMovie) Movie(s)\\" target=\\"_self\\">media<\\/a> <\\/span>)"
        "|)"
        ""
        "($TST(displayI=inline)$SET(8=block)|$SET(8=none))"
        "|)"
Replace = "\t<textarea style="display: none !important;">"
          ""\8","$GET(dCookies)","\@$GET(dAll)""
          "</textarea>\r\n"
          "\9$GET(dJS)"
          "\r\n"
          "<script type="text/javascript" src="http://local.ptron/sidki_h_$GET(cfg)/proxjs-\8.js?endofpage=1"></script>"
          "\r\n"
          "$SET(dAll=)$SET(dCookies=)$SET(dJS=)$SET(pIframe=)$SET(pApplet=)"
          "$SET(pBGsound=)$SET(pBGsrc=)$SET(pMarquee=)$SET(pMovie=)"



RE: Firefox Noscript and Sidki's JS Insertion - z12 - Oct. 23, 2008 10:41 AM

I suspect the problem is that prxjs was not designed to be called twice.

For example, this will always run and prxCountLd will always = 0 afterwards.
Code:
// This flag indicates where we currently are in our script. Three stages:
// 0 -> Beginning.
// 1 -> End of page.
// 2 -> Onload event has completed.
var prxCountLd = 0;
Also, window objects that were redefined on the first pass will be redefined again.

I think if you move your code into a separate js file you will have better luck.
Perhaps even split your code into two js files, a start and end js.

z12


RE: Firefox Noscript and Sidki's JS Insertion - sidki3003 - Dec. 25, 2008 05:29 PM

(Sep. 05, 2008 02:34 AM)whenever Wrote:  It seems sidki has his reason to insert his code that way but I know nothing about javascript code. Banging Head

There are two main reasons why the Proxomitron script gets inserted this way:
To declare the option flags prior to loading the external script. Kye-U, lnminente, z12 have shown alternatives.

To make sure that our external script gets loaded just once. "Final" HTML pages may come as a bunch of separate HTML fragments, each of which might be considered by Proxomitron as separate HTML page, resulting in multiple script injections. While loading an external script, the browser stops requesting any other page documents (images, CSS, JS, etc.).

IOW, multiple loads of the Proxomitron script would be a pane in the butt, even if the actual script code would get executed just once.


RE: Firefox Noscript and Sidki's JS Insertion - Toppy - Jan. 25, 2009 07:15 PM

Well, after a lot of consideration, I finally installed NoScript,
but I believe the combo Proxo-NoScript is a no-go by design....

Please, does anyone know how to make the 2 work correctly together ?


RE: Firefox Noscript and Sidki's JS Insertion - lnminente - Jan. 25, 2009 11:11 PM

The bad scripts use to be third party. I always allow first party scripts from second level (noscript.net), in that way most webs will not be broken and the sidki config could do his work...

If you really want to block certain first party scripts then we can write a proxomitron blocking filter for them or add it to the NoScript black list


RE: Firefox Noscript and Sidki's JS Insertion - leecovuk - Jan. 26, 2009 04:24 PM

Just to give a point of view from a non-techy type (me);

I have Prox+Sidki+NoScript installed, but I have NoScript set to allow everything globally by default leaving Prox+Sidki to handle script filtering.
Why then do I have NoScript installed at all? Well, I find it easier and simpler to use that to restrict/block the odd bit of script on the odd site, rather than try to do it via Prox. Although I am, as said recently, having a little more success with grappling with Prox Smile!

So, I haven't used NoScript's options extensively or really changed from its defaults (except for allowing everything), but I haven't come across it breaking alongside Prox+Sidki. It does however seem logical to me that using it to filter scripts as well as Prox+Sidki would understandably cause potential conflicts.

I do the same kind of procedure as above with the Adblock Plus addon. I don't have a blocklist subscription enabled, but I keep Adblock Plus on for easy blocking of the odd bit here and there. Not that I use it often.

Lee


RE: Firefox Noscript and Sidki's JS Insertion - lnminente - Jan. 26, 2009 06:35 PM

@leecovuk, i do aprox the same and think it's the best relation confort/safety.

I use adblock plus with the subcription filters updated but disabled. I use it to know what keywords are more important for filtering ads in my browsing abit. I started with a blank ad-list in proxomitron and added the most common keywords for me.

For noscript, i allow it globally too, and when i notice new ads i add the guilty scripts to the blocking list. Remember it also protects you from cross-site scripting etc...