Decoding html pages

Discussion in 'Javascript' started by Santander, Oct 23, 2008.

  1. Santander

    Santander Guest

    Santander, Oct 23, 2008
    #1
    1. Advertising

  2. Santander wrote:

    > how to decode HTML pages encoded like this:
    > http://www.long2consulting.com/seeinaction2008/Simplicity_Beach_table/index.htm
    > Is there script that will do this automatically and generate normal fully
    > readable HTML?


    It can be decrypted with relatively little effort. Line 5 is the
    percent-encoding of (line-ends and intervals added):

    <SCRIPT LANGUAGE="JavaScript">
    <!--
    hp_ok=true;
    function hp_d01(s) {
    if (!hp_ok) return;
    var o="",
    ar=new Array(),
    os="",
    ic=0;
    for (i=0;i<s.length;i++) {
    c=s.charCodeAt(i);
    if (c<128)
    c=c^2;
    os+=String.fromCharCode(c);
    if (os.length>80) {
    ar[ic++]=os;
    os=""
    }
    }
    o=ar.join("")+os;
    document.write(o)
    }
    //-->
    </SCRIPT>

    Info:
    http://en.wikipedia.org/wiki/Percent-encoding

    Function 'hp_d01' takes the square number of the character code when
    it's below 128. For a decryption, this operation can be reversed by
    taking the square root, eg. Math.sqrt(64).

    Hope this helps,

    --
    Bart
    Bart Van der Donck, Oct 23, 2008
    #2
    1. Advertising

  3. Santander

    Santander Guest

    well, I've decoded the very top part of script:

    <SCRIPT LANGUAGE="JavaScript"><!--
    hp_ok=true;function hp_d01(s){if(!hp_ok)return;var o="",ar=new
    Array(),os="",ic=0;for(i=0;i<s.length;i ){c=s.charCodeAt(i);if(c<128)c=c^2;os
    =String.fromCharCode(c);if(os.length>80){ar[ic ]=os;os=""}}o=ar.join("")
    os;document.write(o)}//--></SCRIPT>


    but it tells me nothing though. How to decode the rest part of page? any
    automated tool/script availble?
    ------------------------

    "Santander" <> wrote in message
    news:49007a82$0$90270$...
    > how to decode HTML pages encoded like this:
    > http://www.long2consulting.com/seeinaction2008/Simplicity_Beach_table/index.htm
    > Is there script that will do this automatically and generate normal fully
    > readable HTML?
    Santander, Oct 23, 2008
    #3
  4. Santander meinte:
    > how to decode HTML pages encoded like this:
    > http://www.long2consulting.com/seeinaction2008/Simplicity_Beach_table/index.htm
    >
    > Is there script that will do this automatically and generate normal
    > fully readable HTML?


    LOL. Tells me something about both the authors of this page and you as
    the upcoming hakk3r...

    Just have a look at "generated source" with FF's web developer
    extension, or inspect the page with Firebug.


    Gregor
    Gregor Kofler, Oct 23, 2008
    #4
  5. Gregor Kofler meinte:
    > Santander meinte:
    >> how to decode HTML pages encoded like this:
    >> http://www.long2consulting.com/seeinaction2008/Simplicity_Beach_table/index.htm
    >>
    >> Is there script that will do this automatically and generate normal
    >> fully readable HTML?

    >
    > LOL. Tells me something about both the authors of this page and you as
    > the upcoming hakk3r...
    >


    Forget my above posting. Working with the mentioned tools without the
    experience can lead to a complete loss of data and system crashes.
    Seriously.

    I do have an offer here: Get the full and completely disclosed template
    for, say, 40 bucks? Perhaps you're interested in a few more templates?
    Bulk discounts are negotiable...

    Gregor
    Gregor Kofler, Oct 23, 2008
    #5
  6. Santander

    Santander Guest

    yes, I find this. But how to use this key? Just tried insert that script
    into page header section and run, not help, strange.
    any ideas? Automated tool encode/ decode?

    S.
    ---------

    "Bart Van der Donck" <> wrote in message
    news:...
    > Santander wrote:
    >
    >> how to decode HTML pages encoded like this:
    >> http://www.long2consulting.com/seeinaction2008/Simplicity_Beach_table/index.htm
    >> Is there script that will do this automatically and generate normal fully
    >> readable HTML?

    >
    > It can be decrypted with relatively little effort. Line 5 is the
    > percent-encoding of (line-ends and intervals added):
    >
    > <SCRIPT LANGUAGE="JavaScript">
    > <!--
    > hp_ok=true;
    > function hp_d01(s) {
    > if (!hp_ok) return;
    > var o="",
    > ar=new Array(),
    > os="",
    > ic=0;
    > for (i=0;i<s.length;i++) {
    > c=s.charCodeAt(i);
    > if (c<128)
    > c=c^2;
    > os+=String.fromCharCode(c);
    > if (os.length>80) {
    > ar[ic++]=os;
    > os=""
    > }
    > }
    > o=ar.join("")+os;
    > document.write(o)
    > }
    > //-->
    > </SCRIPT>
    >
    > Info:
    > http://en.wikipedia.org/wiki/Percent-encoding
    >
    > Function 'hp_d01' takes the square number of the character code when
    > it's below 128. For a decryption, this operation can be reversed by
    > taking the square root, eg. Math.sqrt(64).
    >
    > Hope this helps,
    >
    > --
    > Bart
    Santander, Oct 23, 2008
    #6
  7. Santander

    Santander Guest

    any *positive* ideas? if not - no probs.. I already decode 1/2 and even
    without your valuable help..

    S.
    ------

    "Gregor Kofler" <> wrote in message
    news:po0Mk.45$...
    > Gregor Kofler meinte:
    >> Santander meinte:
    >>> how to decode HTML pages encoded like this:
    >>> http://www.long2consulting.com/seeinaction2008/Simplicity_Beach_table/index.htm
    >>> Is there script that will do this automatically and generate normal
    >>> fully readable HTML?

    >>
    >> LOL. Tells me something about both the authors of this page and you as
    >> the upcoming hakk3r...
    >>

    >
    > Forget my above posting. Working with the mentioned tools without the
    > experience can lead to a complete loss of data and system crashes.
    > Seriously.
    >
    > I do have an offer here: Get the full and completely disclosed template
    > for, say, 40 bucks? Perhaps you're interested in a few more templates?
    > Bulk discounts are negotiable...
    >
    > Gregor
    >
    Santander, Oct 23, 2008
    #7
  8. Santander meinte:
    > any *positive* ideas? if not - no probs.. I already decode 1/2 and even
    > without your valuable help..


    Must be tough, since you've problems perhaps not with reading, but
    definitely with *understanding*. Just have a look at the "generated
    source" in FF's "web developer extension" (or a similiar tool, Firebug
    and I suppose Opera Dragonfly works, too).

    Since you are posting with Outlook Express, and are raiding a web site
    offering templates for FrontPage and Expression Web, you've probably
    never heard of alternatives to IE...

    To be even mor constructive: here's the complete source. This time for
    free [1]. Make sure to scroll to the bottom...

    Gregor


    [1]
    <html xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" lang="en"><head>
    <!--hppage status="protected"-->

    <meta http-equiv="Content-Type" content="text/html;
    charset=windows-1252"><script language="JavaScript"><!--
    document.write(unescape("%3C%53%43%52%49%50%54%20%4C%41%4E%47%55%41%47%45%3D%22%4A%61%76%61%53%63%72%69%70%74%22%3E%3C%21%2D%2D%0D%0A%68%70%5F%6F%6B%3D%74%72%75%65%3B%66%75%6E%63%74%69%6F%6E%20%68%70%5F%64%30%31%28%73%29%7B%69%66%28%21%68%70%5F%6F%6B%29%72%65%74%75%72%6E%3B%76%61%72%20%6F%3D%22%22%2C%61%72%3D%6E%65%77%20%41%72%72%61%79%28%29%2C%6F%73%3D%22%22%2C%69%63%3D%30%3B%66%6F%72%28%69%3D%30%3B%69%3C%73%2E%6C%65%6E%67%74%68%3B%69%2B%2B%29%7B%63%3D%73%2E%63%68%61%72%43%6F%64%65%41%74%28%69%29%3B%69%66%28%63%3C%31%32%38%29%63%3D%63%5E%32%3B%6F%73%2B%3D%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%63%29%3B%69%66%28%6F%73%2E%6C%65%6E%67%74%68%3E%38%30%29%7B%61%72%5B%69%63%2B%2B%5D%3D%6F%73%3B%6F%73%3D%22%22%7D%7D%6F%3D%61%72%2E%6A%6F%69%6E%28%22%22%29%2B%6F%73%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%6F%29%7D%2F%2F%2D%2D%3E%3C%2F%53%43%52%49%50%54%3E"));//--></script><script
    language="JavaScript"><!--
    hp_ok=true;function hp_d01(s){if(!hp_ok)return;var o="",ar=new
    Array(),os="",ic=0;for(i=0;i<s.length;i++){c=s.charCodeAt(i);if(c<128)c=c^2;os+=String.fromCharCode(c);if(os.length>80){ar[ic++]=os;os=""}}o=ar.join("")+os;document.write(o)}//--></script><script
    language="JavaScript"><!--
    hp_d01(unescape(">QAPKRV%22NCLEWCEG? HctcQapkrv
    %3C>#//dwlavkml%22jr]fl*c+ypgvwpl%22dcnqg%7Fdwlavkml%22jr]ao*+ycngpv*
    ^w2276^w224:^w224;^w2251^w2202^w2252^w2243^w2245^w2247^w2202^w224:^w2243^w2251^w2202^w2240^w2247^w2247^w224G^w2202^w2252^w2250^w224D^w2256^w2247^w2241^w2256^w2247^w2246^w220G^w2202^w2272^w2250^w2247^w2254^w224;^w2247^w2255^w2202^w224D^w224G^w224A^w225;^w220G
    +9pgvwpl%22dcnqg%7Fdwlavkml%22jr]fg*g+ypgvwpl*g,vcpegv,vceLcog#?lwnn$$g,vcpegv,vceLcog,qgcpaj*%25%5C*KLRWV~VGZVCPGC~@WVVML~QGNGAV+&%25+#?/3+%7F9dwlavkml%22jr]of*g+yoca?lctkecvmp,wqgpCeglv,klfgzMd*%25Oca%25+#?/39kd*fmawoglv,cnn+ykd*gtglv,`wvvml??0~~*oca$$*gtglv,avpnIg{~~gtglv,ig{Amfg??;3+++ycngpv*
    ^w2276^w224:^w224;^w2251^w2202^w2252^w2243^w2245^w2247^w2202^w224:^w2243^w2251^w2202^w2240^w2247^w2247^w224G^w2202^w2252^w2250^w224D^w2256^w2247^w2241^w2256^w2247^w2246^w220G^w2202^w2272^w2250^w2247^w2254^w224;^w2247^w2255^w2202^w224D^w224G^w224A^w225;^w220G
    +9pgvwpl*dcnqg+%7F%7Fgnqgykd*g,ujkaj??1~~*oca$$*g,omfkdkgpq??0~~g,avpnIg{+++ycngpv*
    ^w2276^w224:^w224;^w2251^w2202^w2252^w2243^w2245^w2247^w2202^w224:^w2243^w2251^w2202^w2240^w2247^w2247^w224G^w2202^w2252^w2250^w224D^w2256^w2247^w2241^w2256^w2247^w2246^w220G^w2202^w2272^w2250^w2247^w2254^w224;^w2247^w2255^w2202^w224D^w224G^w224A^w225;^w220G
    +9pgvwpl%22dcnqg%7Fgnqg%22kd*g,ujkaj??3+yuklfmu,acrvwpgGtglvq*Gtglv,OMWQGOMTG+9uklfmu,mlomwqgomtg?jr]fl%7F%7F%7Fdwlavkml%22jr]ow*g+ykd*g,ujkaj??3+yuklfmu,pgngcqgGtglvq*Gtglv,OMWQGOMTG+9uklfmu,mlomwqgomtg?lwnn%7F%7Fkd*lctkecvmp,crrLcog,klfgzMd*%25Klvgplgv%22Gzrnmpgp%25+??/3~~*lctkecvmp,wqgpCeglv,klfgzMd*%25OQKG%25+#?/3$$fmawoglv,cnn,nglevj#?2++ykd*fmawoglv,cnn+yoca?lctkecvmp,wqgpCeglv,klfgzMd*%25Oca%25+#?/39tgpqkml?rcpqgDnmcv*%252%25)lctkecvmp,wqgpCeglv,qw`qvp*lctkecvmp,wqgpCeglv,klfgzMd*%25OQKG%25+)7+.32+9kd*#oca$$tgpqkml%3C6+yfmawoglv,mlamlvgzvoglw?jr]ao%7Fgnqgyfmawoglv,mlomwqgfmul?jr]of9fmawoglv,mlig{fmul?jr]of9%7Ffmawoglv,mlqgngavqvcpv?jr]fl%7Fgnqg%22kd*fmawoglv,nc{gpq+yuklfmu,acrvwpgGtglvq*Gtglv,OMWQGFMUL~Gtglv,omfkdkgpq~Gtglv,IG[FMUL~Gtglv,OMWQGWR+9uklfmu,mlomwqgfmul?jr]of9uklfmu,mlig{fmul?jr]of9uklfmu,mlomwqgwr?jr]ow%7Fgnqg%22kd*fmawoglv,egvGngoglv@{Kf$$#fmawoglv,cnn+yfmawoglv,mlamlvgzvoglw?jr]ao9fmawoglv,mlomwqgfmul?jr]fg%7F%7Fkd*fmawoglv,WPN,qw`qvpkle*2.6+??
    dkng +yjr]mi?dcnqg9uklfmu,nmacvkml? c`mwv8`ncli
    %7Fdwlavkml%22jr]fr3*+ydmp*k?29k>fmawoglv,cnn,nglevj9k))+ykd*fmawoglv,cnnYk_,qv{ng,tkqk`knkv{#?
    jkffgl +yfmawoglv,cnnYk_,qv{ng,tkqk`knkv{? jkffgl 9fmawoglv,cnnYk_,kf?
    jr]kf
    %7F%7F%7F9dwlavkml%22jr]fr0*+ydmp*k?29k>fmawoglv,cnn,nglevj9k))+ykd*fmawoglv,cnnYk_,kf??
    jr]kf +fmawoglv,cnnYk_,qv{ng,tkqk`knkv{?
    %7F%7F9uklfmu,ml`gdmpgrpklv?jr]fr39uklfmu,mlcdvgprpklv?jr]fr09fmawoglv,upkvg*%25>qv{ng%22v{rg?
    vgzv-aqq %22ogfkc? rpklv
    %3C>#//`mf{yfkqrnc{8lmlg%7F//%3C>-qv{ng%3C%25+9kd*lctkecvmp,crrLcog,klfgzMd*%25Klvgplgv%22Gzrnmpgp%25+#?/3$$*lctkecvmp,wqgpCeglv,klfgzMd*%25OQKG%25+??/3~~fmawoglv,cnn,nglevj??2++jr]mi?dcnqg9kd*fmawoglv,cnn+fmawoglv,upkvg*%25>nkli%22pgn?qv{ngqjggv%22v{rg?
    vgzv-aqq %22jpgd? jr]lwnn,aqq
    %3C%25+9--//%3C>-QAPKRV%3C"));//--></script><script
    language="JavaScript"><!--
    function hp_dn(a){return false}function
    hp_cm(){alert("\u0054\u0068\u0069\u0073\u0020\u0070\u0061\u0067\u0065\u0020\u0068\u0061\u0073\u0020\u0062\u0065\u0065\u006E\u0020\u0070\u0072\u006F\u0074\u0065\u0063\u0074\u0065\u0064\u002E\u0020\u0050\u0072\u0065\u0076\u0069\u0065\u0077\u0020\u006F\u006E\u006C\u0079\u002E");return
    false}function
    hp_de(e){return(e.target.tagName!=null&&e.target.tagName.search('^(INPUT|TEXTAREA|BUTTON|SELECT)$')!=-1)};function
    hp_md(e){mac=navigator.userAgent.indexOf('Mac')!=-1;if(document.all){if(event.button==2||(mac&&(event.ctrlKey||event.keyCode==91))){alert("\u0054\u0068\u0069\u0073\u0020\u0070\u0061\u0067\u0065\u0020\u0068\u0061\u0073\u0020\u0062\u0065\u0065\u006E\u0020\u0070\u0072\u006F\u0074\u0065\u0063\u0074\u0065\u0064\u002E\u0020\u0050\u0072\u0065\u0076\u0069\u0065\u0077\u0020\u006F\u006E\u006C\u0079\u002E");return(false)}}else{if(e.which==3||(mac&&(e.modifiers==2||e.ctrlKey))){alert("\u0054\u0068\u0069\u0073\u0020\u0070\u0061\u0067\u0065\u0020\u0068\u0061\u0073\u0020\u0062\u0065\u0065\u006E\u0020\u0070\u0072\u006F\u0074\u0065\u0063\u0074\u0065\u0064\u002E\u0020\u0050\u0072\u0065\u0076\u0069\u0065\u0077\u0020\u006F\u006E\u006C\u0079\u002E");return
    false}else
    if(e.which==1){window.captureEvents(Event.MOUSEMOVE);window.onmousemove=hp_dn}}}function
    hp_mu(e){if(e.which==1){window.releaseEvents(Event.MOUSEMOVE);window.onmousemove=null}}if(navigator.appName.indexOf('Internet
    Explorer')==-1||(navigator.userAgent.indexOf('MSIE')!=-1&&document.all.length!=0)){if(document.all){mac=navigator.userAgent.indexOf('Mac')!=-1;version=parseFloat('0'+navigator.userAgent.substr(navigator.userAgent.indexOf('MSIE')+5),10);if(!mac&&version>4){document.oncontextmenu=hp_cm}else{document.onmousedown=hp_md;document.onkeydown=hp_md;}document.onselectstart=hp_dn}else
    if(document.layers){window.captureEvents(Event.MOUSEDOWN|Event.modifiers|Event.KEYDOWN|Event.MOUSEUP);window.onmousedown=hp_md;window.onkeydown=hp_md;window.onmouseup=hp_mu}else
    if(document.getElementById&&!document.all){document.oncontextmenu=hp_cm;document.onmousedown=hp_de}}if(document.URL.substring(0,4)=="file"){hp_ok=false;window.location="about:blank"}function
    hp_dp1(){for(i=0;i<document.all.length;i++){if(document.all.style.visibility!="hidden"){document.all.style.visibility="hidden";document.all.id="hp_id"}}};function
    hp_dp2(){for(i=0;i<document.all.length;i++){if(document.all.id=="hp_id")document.all.style.visibility=""}};window.onbeforeprint=hp_dp1;window.onafterprint=hp_dp2;document.write('<style
    type="text/css"
    media="print"><!--body{display:none}--></style>');if(navigator.appName.indexOf('Internet
    Explorer')!=-1&&(navigator.userAgent.indexOf('MSIE')==-1||document.all.length==0))hp_ok=false;if(document.all)document.write('<link
    rel=stylesheet type="text/css"
    href="hp_null.css">');//--></script><style type="text/css"
    media="print"><!--body{display:none}--></style>
    <title>Home</title>

    <meta name="description" content="website template">
    <meta name="keywords" content="website, template, long2 consulting">
    <meta name="owner" content="">
    <meta name="copyright" content="">

    <meta name="author" content="YourNameHere">
    <meta name="rating" content="General">
    <meta name="revisit-after" content="7 days">
    <link rel="stylesheet" type="text/css" href="styles.css">
    </head><body><noscript>To display this page you need a browser with
    JavaScript support.</noscript><script language="JavaScript"><!--
    hp_d01(unescape(">`mf{%3C>fkt%22kf? upcrrgp
    %3C>vc`ng%3C >vp%3C >vf%22kf? jgcfgp3 %3C>fkt%22ancqq?
    jgcfgpamlvglv %3C >#//ug``mv%22`mv? Klanwfg %22W/Klanwfg?
    klanwfgq-amorcl{lcog,jvo %22VCE? @MF[
    %22qvcpvqrcl%22//%3CAmorcl{%22Lcog>#//ug``mv%22`mv? Klanwfg
    %22k/ajgaiqwo? 1;043
    %22glfqrcl%22//%3C>-fkt%3C>-vf%3C >-vp%3C >vp%3C >vf%22kf? vmrlct %3C >#//ug``mv%22`mv?
    Klanwfg %22W/Klanwfg? klanwfgq-vmrlctnkliq,jvo %22VCE? @MF[
    %22qvcpvqrcl%22//%3C >fkt%22ancqq? vmrlctnkliq %3C >c%22jpgd?
    klfgz,jvo %3CJmog>-c%3C >c%22jpgd? dcsq,jvo %3CDCSq>-c%3C >c%22jpgd?
    qvmpg,jvo %3CMwp%22Qvmpg>-c%3C >c%22jpgd? nc{mwv3,jvo
    %3CNc{mwv%223>-c%3C >c%22jpgd? nc{mwv0,jvo
    %3CNc{mwv%220>-c%3C >c%22jpgd? nc{mwv1,jvo
    %3CNc{mwv%221>-c%3C >c%22jpgd? egvvkleqvcpvgf,jvo
    %3CEgvvkle%22Qvcpvgf>-c%3C >-fkt%3C>#//ug``mv%22`mv? Klanwfg
    %22k/ajgaiqwo? 350:7
    %22glfqrcl%22//%3C>-vf%3C >-vp%3C>-vc`ng%3C>vc`ng%22ancqq? `mf{vc`ng
    %3C >vp%3C  >vf%22kf? `mf{0 %3C>fkt%22ancqq?
    `mf{0amlvglv %3C >#//ug``mv%22`mv? Klanwfg %22W/Klanwfg?
    klanwfgq-qkfgnkliq,jvo %22VCE? @MF[ %22qvcpvqrcl%22//%3C>fkt%22ancqq?
    oglwjgcfgp3 %3C>c%22jpgd? ! %3COckl%22Oglw>-c%3C>-fkt%3C>fkt%22ancqq?
    qkfgnkliq %3C >c%22jpgd? klfgz,jvo
    %3CJmog>-c%3C >c%22jpgd? dcsq,jvo %3CDCSq>-c%3C >c%22jpgd?
    qgptkagq,jvo %3CQgptkagq>-c%3C >c%22jpgd? amlvcavwq,jvo
    %3CAmlvcav%22Wq>-c%3C>-fkt%3C>fkt%22ancqq? oglwjgcfgp3
    %3C>c%22jpgd? qvmpg %3CMwp%22Qvmpg>-c%3C>-fkt%3C>fkt%22ancqq?
    qkfgnkliq %3C >c%22jpgd? rpmfwav3,jvo
    %3CRpmfwav%223>-c%3C>-fkt%3C >fkt%22ancqq? oglwjgcfgp3
    %3C>c%22jpgd? ! %3CNc{mwvq>-c%3C>-fkt%3C>fkt%22ancqq?
    qkfgnkliq %3C >c%22jpgd? nc{mwv3,jvo
    %3CNc{mwv%223>-c%3C >c%22jpgd? nc{mwv0,jvo
    %3CNc{mwv%220>-c%3C >c%22jpgd? nc{mwv1,jvo
    %3CNc{mwv%221>-c%3C>-fkt%3C >fkt%22ancqq? oglwjgcfgp3
    %3C>c%22jpgd? ! %3CVgorncvg%22Kldm>-c%3C>-fkt%3C>fkt%22ancqq?
    qkfgnkliq %3C >c%22jpgd? egvvkleqvcpvgf,jvo
    %3CEgvvkle%22Qvcpvgf>-c%3C >c%22jpgd? v{rmepcrj{,jvo
    %3CV{rmepcrj{>-c%3C>-fkt%3C>#//ug``mv%22`mv? Klanwfg %22k/ajgaiqwo?
    77;:7 %22glfqrcl%22//%3C>-fkt%3C>-vf%3C >vf%22kf? `mf{3
    %3C>fkt%22ancqq? `mf{3amlvglv %3C >j0%3CVjkq%22vgorncvg%22dgcvwpgq,,,>-j0%3C >wn%3C >nk%3CC%22>`%3Cqvcpvgp%22ug`%22vgorncvg>-`%3C%22vm%22jgnr%22{mw%22apgcvg%22 c%22lgu%22ug`%22qkvg,%22[mw%22oc{%22gcqkn{%22cff%22{mwp%22mul%22amlvglv%22 clf%22ompg%22rcegq,>-nk%3C >nk%3C>`%3CFgqkelgf%22dmp%223206%22Z%2254:,%22 Vjpgg%22nc{mwvq%22/%223.%220.%22clf%221%22amnwolq,>-`%3C>-nk%3C >nk%3C>`%3CVc`ng/`cqgf%22nc{mwv>-`%3C%22dmp%22gcq{%22wqg%22kl%22 DpmlvRceg%220220%22clf%220221,%22Vjkq%22vgorncvg%22acl%22cnqm%22`g%22 wqgf%22ukvj%22Gzrpgqqkml%22Ug`,>-nk%3C >nk%3C>`%3CKlanwfg%22rcegq>-`%3C%22cpg%22wqgf%22dmp%22amorcl{%22lcog.%22 lctkecvkml%22nkliq.%22lguq.%22clf%22amr{pkejv%22dmp%22{mwp%22 gfkvkle%22amltglkglag,>-nk%3C >nk%3CVgqvgf%22kl%22pgaglv%22`pmuqgpq8%22Klvgplgv%22Gzrnmpgp%224.%22 Lgvqacrg%225).%22Mrgpc%22;.%22clf%22DkpgDmz,>-nk%3C >nk%3C>`%3CTcnkfcvgf>-`%3C%22ZJVON%
    223,2%22qvpkav.%22AQQ,%22Rpkmpkv{%223%22clf%220%22 UACE%223,2%22clf%22Qgavkml%2272:%22caagqqk`ng,>-nk%3C >-wn%3C >j0%3CAcqacfkle%22Qv{ng%22Qjggvq>-j0%3C >r%3CVjkq%22vgorncvg%22wqgq%22vc`ngq%22clf%22AQQ%22dmp%22vjg%22nc{mwv,%22@gacwqg%22vjg%22 DpmlvRceg%22$swmv9fgqkel%22tkgu$swmv9%22kq%22lmv%22cq%22qmrjkqvkacvgf%22cv%22fkqrnc{kle%22AQQ%22rpmrgpn{.%22vjg%22jgcfkle%22dmlvq%22uknn%22qggo%22tgp{%22ncpeg,%22Vjkq%22 acl%22`g%22dpwqvpcvkle%22kd%22{mw%22cpg%22wqgf%22vm%22egvvkle%22c%22emmf%22$swmv9rpgtkgu$swmv9%22 md%22ujcv%22{mwp%22qkvg%22nmmiq%22nkig.%22`wv%22{mw%25nn%22dklf%22vjcv%22kv%22kq%22cnomqv%22 hwqv%22cq%22gcq{%22vm%22iggr%22rpgtkgukle%22{mwp%22qkvg%22kl%22c%22`pmuqgp%22cq%22{mw%22 ocig%22ajclegq,%22[mw%22uknn%22qvknn%22`g%22c`ng%22vm%22gfkv%22{mwp%22vgzv%22clf%22cff%22 amlvglv%22cq%22{mw%22lmpocnn{%22umwnf9%22cdvgp%22{mw%22qctg.%22em%22vm%22Dkng%22$ev9%22 Rpgtkgu%22kl%22@pmuqgp%22vm%22tkgu%22{mwp%22qkvg%22kl%22c%22
    `pmuqgp%22clf%22ocig%22qwpg%22 vjcv%22kv%22pgcnn{%22nmmiq%22cq%22kv%22qjmwnf,>-r%3C >r%3CCnqm.%22maacqkmlcnn{%22DpmlvRceg%25q%22Lmpocn-Fgqkel%22tkgu%22oc{%22$swmv9nmqg$swmv9%22vjg%22 dmpocvvkle,%22Ujgl%22vjkq%22jcrrglq.%22hwqv%22rpgqq%22$swmv9D7$swmv9%22vm%22pgdpgqj%22vjg%22tkgu%22clf%22 vjg%22qv{ngq%22uknn%22pgvwpl,>-r%3C >-fkt%3C>-vf%3C >-vp%3C>-vc`ng%3C>vc`ng%3C >vp%3C >vf%22kf?
    dmmvgp %3C>fkt%22ancqq? dmmvgpamlvglv %3C >#//ug``mv%22`mv? Klanwfg
    %22W/Klanwfg? klanwfgq-amr{pkejv,jvo %22VCE? @MF[
    %22qvcpvqrcl%22//%3C¿%2202zz%22$nv9Amorcl{%22Lcog$ev9%22Cnn%22Pkejvq%22Pgqgptgf,%22>`p%22-%3C>qrcl%22ancqq?
    vkl{ %3CFgqkel%22`{%22>c%22jpgd? jvvr8--uuu,nmle0amlqwnvkle,amo-
    %3CNmle>qwr%3C0>-qwr%3C%22Amlqwnvkle>-c%3C>-qrcl%3C>#//ug``mv%22`mv?
    Klanwfg %22k/ajgaiqwo? 5326
    %22glfqrcl%22//%3C>-fkt%3C>-vf%3C >-vp%3C>-vc`ng%3C>-fkt%3C>-`mf{%3C"));//--></script>
    <div id="wrapper">
    <table>
    <tbody><tr>
    <td id="header1"><div class="headercontent">
    <!--webbot bot="Include" U-Include="includes/companyname.htm"
    TAG="BODY" startspan -->

    Company Name


    <!--webbot bot="Include" i-checksum="39261" endspan --></div></td>
    </tr>
    <tr>
    <td id="topnav">
    <!--webbot bot="Include" U-Include="includes/topnavlinks.htm"
    TAG="BODY" startspan -->
    <div class="topnavlinks">
    <a href="index.htm">Home</a>
    <a href="faqs.htm">FAQs</a>

    <a href="store.htm">Our Store</a>
    <a href="layout1.htm">Layout 1</a>
    <a href="layout2.htm">Layout 2</a>
    <a href="layout3.htm">Layout 3</a>
    <a href="gettingstarted.htm">Getting Started</a>
    </div>

    <!--webbot bot="Include" i-checksum="17285" endspan --></td>
    </tr>
    </tbody></table>
    <table class="bodytable">
    <tbody><tr>

    <td id="body2"><div class="body2content">
    <!--webbot bot="Include" U-Include="includes/sidelinks.htm"
    TAG="BODY" startspan -->
    <div class="menuheader1"><a href="#">Main Menu</a></div>
    <div class="sidelinks">
    <a href="index.htm">Home</a>

    <a href="faqs.htm">FAQs</a>
    <a href="services.htm">Services</a>
    <a href="contactus.htm">Contact Us</a>
    </div>

    <div class="menuheader1"><a href="store">Our Store</a></div>
    <div class="sidelinks">
    <a href="product1.htm">Product 1</a>

    </div>

    <div class="menuheader1"><a href="#">Layouts</a></div>
    <div class="sidelinks">
    <a href="layout1.htm">Layout 1</a>
    <a href="layout2.htm">Layout 2</a>
    <a href="layout3.htm">Layout 3</a>
    </div>

    <div class="menuheader1"><a href="#">Template Info</a></div>

    <div class="sidelinks">
    <a href="gettingstarted.htm">Getting Started</a>
    <a href="typography.htm">Typography</a>
    </div>
    <!--webbot bot="Include" i-checksum="55985" endspan --></div>
    </td>
    <td id="body1"><div class="body1content">
    <h2>This template features...</h2>
    <ul>

    <li>A <b>starter web template</b> to help you create
    a new web site. You may easily add your own content
    and more pages.</li>
    <li><b>Designed for 1024 X 768.
    Three layouts - 1, 2, and 3 columns.</b></li>
    <li><b>Table-based layout</b> for easy use in
    FrontPage 2002 and 2003. This template can also be
    used with Expression Web.</li>
    <li><b>Include pages</b> are used for company name,
    navigation links, news, and copyright for your
    editing convenience.</li>

    <li>Tested in recent browsers: Internet Explorer 6,
    Netscape 7+, Opera 9, and FireFox.</li>
    <li><b>Validated</b> XHTML 1.0 strict, CSS. Priority 1 and 2
    WCAG 1.0 and Section 508 accessible.</li>
    </ul>
    <h2>Cascading Style Sheets</h2>
    <p>This template uses tables and CSS for the layout. Because the
    FrontPage "design view" is not as sophisticated at displaying CSS
    properly, the heading fonts will seem very large. This
    can be frustrating if you are used to getting a good "preview"
    of what your site looks like, but you'll find that it is almost
    just as easy to keep previewing your site in a browser as you
    make changes. You will still be able to edit your text and add
    content as you normally would; after you save, go to File &gt;
    Preview in Browser to view your site in a browser and make sure
    that it really looks as it should.</p>

    <p>Also, occasionally FrontPage's Normal/Design view may "lose" the
    formatting. When this happens, just press "F5" to refresh the view and
    the styles will return.</p>

    </div>
    </td>
    </tr>
    </tbody></table>
    <table>
    <tbody><tr>
    <td id="footer"><div class="footercontent">
    <!--webbot bot="Include" U-Include="includes/copyright.htm"
    TAG="BODY" startspan -->

    ¿ 20xx &lt;Company Name&gt; All Rights Reserved.
    <br><span class="tiny">Design by <a
    href="http://www.long2consulting.com/">Long<sup>2</sup>
    Consulting</a></span>
    <!--webbot bot="Include" i-checksum="7104" endspan --></div></td>
    </tr>
    </tbody></table>
    </div>
    </body></html>
    Gregor Kofler, Oct 23, 2008
    #8
  9. In comp.lang.javascript message <54ad6fa4-90bb-40f6-9334-dabcd75f4614@v5
    6g2000hsf.googlegroups.com>, Thu, 23 Oct 2008 07:37:12, Bart Van der
    Donck <> posted:

    > c=s.charCodeAt(i);
    > if (c<128)
    > c=c^2;
    > os+=String.fromCharCode(c);


    >Function 'hp_d01' takes the square number of the character code when
    >it's below 128.


    ! c=c^2 squares? I thought it did 32-bit bitwise XOR.

    --
    (c) John Stockton, nr London, UK. ?@merlyn.demon.co.uk Turnpike v6.05 MIME.
    Web <URL:http://www.merlyn.demon.co.uk/> - FAQqish topics, acronyms & links;
    Astro stuff via astron-1.htm, gravity0.htm ; quotings.htm, pascal.htm, etc.
    No Encoding. Quotes before replies. Snip well. Write clearly. Don't Mail News.
    Dr J R Stockton, Oct 23, 2008
    #9
  10. Santander

    Spamless Guest

    On 2008-10-23, Santander <> wrote:
    > how to decode HTML pages encoded like this:
    > http://www.long2consulting.com/seeinaction2008/Simplicity_Beach_table/index.htm
    > Is there script that will do this automatically and generate normal fully
    > readable HTML?


    I loaded into vim, piped the first line through an "unescape" script
    to get the definition of the decoding function, hp_d01(.), changed the
    document.write to print (to pipe through a javascript interpreter whose
    output is given by "print(.)") and piped it through the interpreter.

    The top part is more Javascript when decoded. The trick I use to reformat
    that is to wrap it in:

    function mycrap(){
    ... the javascript ...
    };print(mycrap.toString())

    since the interpreter I use (the firefox spider monkey) reformats and
    neatens things. The result is something I often used to see on spamvertized
    pages to "protect them". The first section "protects" the page, defining various
    functions and assigning them to onmousedown, oncontextmenu, etc. events so that
    it controls what you see when you try to examine the page. The functions
    simply block you from doing things. For example, note the
    document.URL.substring(0, 4) == "file"
    section below. If you make a copy of the file and attempt to load it
    in your browser (a local copy will be accessed with a "file://" URL)
    you get nothing
    window.location = "about:blank"

    The decoding is not hard (I have seen code using arguments.callee.toString()
    along with the referrer and page URL as part of the decoding key and others
    on UTF8 web pages where one had to use a UTF8 locale (or something like
    uni2ascii, a utility which can convert UTF8 into \u#### escaped unicode
    which javascript can handle without a browser) and as I said, I have seen
    this used on spamvertized sites, but this appears not to be one.


    The second part decodes to HTML, a sample page (as another has displayed).
    The decoded and reformatted top section is
    ==========================================

    function hp_dn(a) {
    return false;
    }


    function hp_cm() {
    alert("This page has been protected. Preview only.");
    return false;
    }


    function hp_de(e) {
    return e.target.tagName != null &&
    e.target.tagName.search("^(INPUT|TEXTAREA|BUTTON|SELECT)$") != -1;
    }


    function hp_md(e) {
    mac = navigator.userAgent.indexOf("Mac") != -1;
    if (document.all) {
    if (event.button == 2 ||
    mac && (event.ctrlKey || event.keyCode == 91)) {
    alert("This page has been protected. Preview only.");
    return false;
    }
    } else {
    if (e.which == 3 || mac && (e.modifiers == 2 || e.ctrlKey)) {
    alert("This page has been protected. Preview only.");
    return false;
    } else if (e.which == 1) {
    window.captureEvents(Event.MOUSEMOVE);
    window.onmousemove = hp_dn;
    }
    }
    }


    function hp_mu(e) {
    if (e.which == 1) {
    window.releaseEvents(Event.MOUSEMOVE);
    window.onmousemove = null;
    }
    }

    if (navigator.appName.indexOf("Internet Explorer") == -1 ||
    navigator.userAgent.indexOf("MSIE") != -1 &&
    document.all.length != 0) {
    if (document.all) {
    mac = navigator.userAgent.indexOf("Mac") != -1;
    version = parseFloat("0" + navigator.userAgent.substr(navigator.userAgent.indexOf("MSIE") + 5), 10);
    if (!mac && version > 4) {
    document.oncontextmenu = hp_cm;
    } else {
    document.onmousedown = hp_md;
    document.onkeydown = hp_md;
    }
    document.onselectstart = hp_dn;
    } else if (document.layers) {
    window.captureEvents(Event.MOUSEDOWN | Event.modifiers | Event.KEYDOWN | Event.MOUSEUP);
    window.onmousedown = hp_md;
    window.onkeydown = hp_md;
    window.onmouseup = hp_mu;
    } else if (document.getElementById && !document.all) {
    document.oncontextmenu = hp_cm;
    document.onmousedown = hp_de;
    }
    }
    if (document.URL.substring(0, 4) == "file") {
    hp_ok = false;
    window.location = "about:blank";
    }

    function hp_dp1() {
    for (i = 0; i < document.all.length; i++) {
    if (document.all.style.visibility != "hidden") {
    document.all.style.visibility = "hidden";
    document.all.id = "hp_id";
    }
    }
    }


    function hp_dp2() {
    for (i = 0; i < document.all.length; i++) {
    if (document.all.id == "hp_id") {
    document.all.style.visibility = "";
    }
    }
    }

    window.onbeforeprint = hp_dp1;
    window.onafterprint = hp_dp2;
    document.write("<style type=\"text/css\" media=\"print\"><!--body{display:none}--></style>");
    if (navigator.appName.indexOf("Internet Explorer") != -1 &&
    (navigator.userAgent.indexOf("MSIE") == -1 ||
    document.all.length == 0)) {
    hp_ok = false;
    }
    if (document.all) {
    document.write("<link rel=stylesheet type=\"text/css\" href=\"hp_null.css\">");
    }
    Spamless, Oct 24, 2008
    #10
  11. Santander

    Santander Guest

    Thanks for tips, this make things more clear.

    Santander
    -------------


    "Gregor Kofler" <> wrote in message
    news:jZ0Mk.50$...
    > Santander meinte:
    >> any *positive* ideas? if not - no probs.. I already decode 1/2 and even
    >> without your valuable help..

    >
    > Must be tough, since you've problems perhaps not with reading, but
    > definitely with *understanding*. Just have a look at the "generated
    > source" in FF's "web developer extension" (or a similiar tool, Firebug and
    > I suppose Opera Dragonfly works, too).
    >
    > Since you are posting with Outlook Express, and are raiding a web site
    > offering templates for FrontPage and Expression Web, you've probably never
    > heard of alternatives to IE...
    >
    > To be even mor constructive: here's the complete source. This time for
    > free [1]. Make sure to scroll to the bottom...
    >
    > Gregor
    >
    >
    > [1]
    > <html xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" lang="en"><head>
    > <!--hppage status="protected"-->
    >
    > <meta http-equiv="Content-Type" content="text/html;
    > charset=windows-1252"><script language="JavaScript"><!--
    > document.write(unescape("%3C%53%43%52%49%50%54%20%4C%41%4E%47%55%41%47%45%3D%22%4A%61%76%61%53%63%72%69%70%74%22%3E%3C%21%2D%2D%0D%0A%68%70%5F%6F%6B%3D%74%72%75%65%3B%66%75%6E%63%74%69%6F%6E%20%68%70%5F%64%30%31%28%73%29%7B%69%66%28%21%68%70%5F%6F%6B%29%72%65%74%75%72%6E%3B%76%61%72%20%6F%3D%22%22%2C%61%72%3D%6E%65%77%20%41%72%72%61%79%28%29%2C%6F%73%3D%22%22%2C%69%63%3D%30%3B%66%6F%72%28%69%3D%30%3B%69%3C%73%2E%6C%65%6E%67%74%68%3B%69%2B%2B%29%7B%63%3D%73%2E%63%68%61%72%43%6F%64%65%41%74%28%69%29%3B%69%66%28%63%3C%31%32%38%29%63%3D%63%5E%32%3B%6F%73%2B%3D%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%63%29%3B%69%66%28%6F%73%2E%6C%65%6E%67%74%68%3E%38%30%29%7B%61%72%5B%69%63%2B%2B%5D%3D%6F%73%3B%6F%73%3D%22%22%7D%7D%6F%3D%61%72%2E%6A%6F%69%6E%28%22%22%29%2B%6F%73%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%6F%29%7D%2F%2F%2D%2D%3E%3C%2F%53%43%52%49%50%54%3E"));//--></script><script
    > language="JavaScript"><!--
    > hp_ok=true;function hp_d01(s){if(!hp_ok)return;var o="",ar=new
    > Array(),os="",ic=0;for(i=0;i<s.length;i++){c=s.charCodeAt(i);if(c<128)c=c^2;os+=String.fromCharCode(c);if(os.length>80){ar[ic++]=os;os=""}}o=ar.join("")+os;document.write(o)}//--></script><script
    > language="JavaScript"><!--
    > hp_d01(unescape(">QAPKRV%22NCLEWCEG? HctcQapkrv
    > %3C>#//dwlavkml%22jr]fl*c+ypgvwpl%22dcnqg%7Fdwlavkml%22jr]ao*+ycngpv*
    > ^w2276^w224:^w224;^w2251^w2202^w2252^w2243^w2245^w2247^w2202^w224:^w2243^w2251^w2202^w2240^w2247^w2247^w224G^w2202^w2252^w2250^w224D^w2256^w2247^w2241^w2256^w2247^w2246^w220G^w2202^w2272^w2250^w2247^w2254^w224;^w2247^w2255^w2202^w224D^w224G^w224A^w225;^w220G
    > +9pgvwpl%22dcnqg%7Fdwlavkml%22jr]fg*g+ypgvwpl*g,vcpegv,vceLcog#?lwnn$$g,vcpegv,vceLcog,qgcpaj*%25%5C*KLRWV~VGZVCPGC~@WVVML~QGNGAV+&%25+#?/3+%7F9dwlavkml%22jr]of*g+yoca?lctkecvmp,wqgpCeglv,klfgzMd*%25Oca%25+#?/39kd*fmawoglv,cnn+ykd*gtglv,`wvvml??0~~*oca$$*gtglv,avpnIg{~~gtglv,ig{Amfg??;3+++ycngpv*
    > ^w2276^w224:^w224;^w2251^w2202^w2252^w2243^w2245^w2247^w2202^w224:^w2243^w2251^w2202^w2240^w2247^w2247^w224G^w2202^w2252^w2250^w224D^w2256^w2247^w2241^w2256^w2247^w2246^w220G^w2202^w2272^w2250^w2247^w2254^w224;^w2247^w2255^w2202^w224D^w224G^w224A^w225;^w220G
    > +9pgvwpl*dcnqg+%7F%7Fgnqgykd*g,ujkaj??1~~*oca$$*g,omfkdkgpq??0~~g,avpnIg{+++ycngpv*
    > ^w2276^w224:^w224;^w2251^w2202^w2252^w2243^w2245^w2247^w2202^w224:^w2243^w2251^w2202^w2240^w2247^w2247^w224G^w2202^w2252^w2250^w224D^w2256^w2247^w2241^w2256^w2247^w2246^w220G^w2202^w2272^w2250^w2247^w2254^w224;^w2247^w2255^w2202^w224D^w224G^w224A^w225;^w220G
    > +9pgvwpl%22dcnqg%7Fgnqg%22kd*g,ujkaj??3+yuklfmu,acrvwpgGtglvq*Gtglv,OMWQGOMTG+9uklfmu,mlomwqgomtg?jr]fl%7F%7F%7Fdwlavkml%22jr]ow*g+ykd*g,ujkaj??3+yuklfmu,pgngcqgGtglvq*Gtglv,OMWQGOMTG+9uklfmu,mlomwqgomtg?lwnn%7F%7Fkd*lctkecvmp,crrLcog,klfgzMd*%25Klvgplgv%22Gzrnmpgp%25+??/3~~*lctkecvmp,wqgpCeglv,klfgzMd*%25OQKG%25+#?/3$$fmawoglv,cnn,nglevj#?2++ykd*fmawoglv,cnn+yoca?lctkecvmp,wqgpCeglv,klfgzMd*%25Oca%25+#?/39tgpqkml?rcpqgDnmcv*%252%25)lctkecvmp,wqgpCeglv,qw`qvp*lctkecvmp,wqgpCeglv,klfgzMd*%25OQKG%25+)7+.32+9kd*#oca$$tgpqkml%3C6+yfmawoglv,mlamlvgzvoglw?jr]ao%7Fgnqgyfmawoglv,mlomwqgfmul?jr]of9fmawoglv,mlig{fmul?jr]of9%7Ffmawoglv,mlqgngavqvcpv?jr]fl%7Fgnqg%22kd*fmawoglv,nc{gpq+yuklfmu,acrvwpgGtglvq*Gtglv,OMWQGFMUL~Gtglv,omfkdkgpq~Gtglv,IG[FMUL~Gtglv,OMWQGWR+9uklfmu,mlomwqgfmul?jr]of9uklfmu,mlig{fmul?jr]of9uklfmu,mlomwqgwr?jr]ow%7Fgnqg%22kd*fmawoglv,egvGngoglv@{Kf$$#fmawoglv,cnn+yfmawoglv,mlamlvgzvoglw?jr]ao9fmawoglv,mlomwqgfmul?jr]fg%7F%7Fkd*fmawoglv,WPN,qw`qvpkle*2.6+??
    > dkng +yjr]mi?dcnqg9uklfmu,nmacvkml? c`mwv8`ncli
    > %7Fdwlavkml%22jr]fr3*+ydmp*k?29k>fmawoglv,cnn,nglevj9k))+ykd*fmawoglv,cnnYk_,qv{ng,tkqk`knkv{#?
    > jkffgl +yfmawoglv,cnnYk_,qv{ng,tkqk`knkv{? jkffgl 9fmawoglv,cnnYk_,kf?
    > jr]kf
    > %7F%7F%7F9dwlavkml%22jr]fr0*+ydmp*k?29k>fmawoglv,cnn,nglevj9k))+ykd*fmawoglv,cnnYk_,kf??
    > jr]kf +fmawoglv,cnnYk_,qv{ng,tkqk`knkv{?
    > %7F%7F9uklfmu,ml`gdmpgrpklv?jr]fr39uklfmu,mlcdvgprpklv?jr]fr09fmawoglv,upkvg*%25>qv{ng%22v{rg?
    > vgzv-aqq %22ogfkc? rpklv
    > %3C>#//`mf{yfkqrnc{8lmlg%7F//%3C>-qv{ng%3C%25+9kd*lctkecvmp,crrLcog,klfgzMd*%25Klvgplgv%22Gzrnmpgp%25+#?/3$$*lctkecvmp,wqgpCeglv,klfgzMd*%25OQKG%25+??/3~~fmawoglv,cnn,nglevj??2++jr]mi?dcnqg9kd*fmawoglv,cnn+fmawoglv,upkvg*%25>nkli%22pgn?qv{ngqjggv%22v{rg?
    > vgzv-aqq %22jpgd? jr]lwnn,aqq
    > %3C%25+9--//%3C>-QAPKRV%3C"));//--></script><script
    > language="JavaScript"><!--
    > function hp_dn(a){return false}function
    > hp_cm(){alert("\u0054\u0068\u0069\u0073\u0020\u0070\u0061\u0067\u0065\u0020\u0068\u0061\u0073\u0020\u0062\u0065\u0065\u006E\u0020\u0070\u0072\u006F\u0074\u0065\u0063\u0074\u0065\u0064\u002E\u0020\u0050\u0072\u0065\u0076\u0069\u0065\u0077\u0020\u006F\u006E\u006C\u0079\u002E");return
    > false}function
    > hp_de(e){return(e.target.tagName!=null&&e.target.tagName.search('^(INPUT|TEXTAREA|BUTTON|SELECT)$')!=-1)};function
    > hp_md(e){mac=navigator.userAgent.indexOf('Mac')!=-1;if(document.all){if(event.button==2||(mac&&(event.ctrlKey||event.keyCode==91))){alert("\u0054\u0068\u0069\u0073\u0020\u0070\u0061\u0067\u0065\u0020\u0068\u0061\u0073\u0020\u0062\u0065\u0065\u006E\u0020\u0070\u0072\u006F\u0074\u0065\u0063\u0074\u0065\u0064\u002E\u0020\u0050\u0072\u0065\u0076\u0069\u0065\u0077\u0020\u006F\u006E\u006C\u0079\u002E");return(false)}}else{if(e.which==3||(mac&&(e.modifiers==2||e.ctrlKey))){alert("\u0054\u0068\u0069\u0073\u0020\u0070\u0061\u0067\u0065\u0020\u0068\u0061\u0073\u0020\u0062\u0065\u0065\u006E\u0020\u0070\u0072\u006F\u0074\u0065\u0063\u0074\u0065\u0064\u002E\u0020\u0050\u0072\u0065\u0076\u0069\u0065\u0077\u0020\u006F\u006E\u006C\u0079\u002E");return
    > false}else
    > if(e.which==1){window.captureEvents(Event.MOUSEMOVE);window.onmousemove=hp_dn}}}function
    > hp_mu(e){if(e.which==1){window.releaseEvents(Event.MOUSEMOVE);window.onmousemove=null}}if(navigator.appName.indexOf('Internet
    > Explorer')==-1||(navigator.userAgent.indexOf('MSIE')!=-1&&document.all.length!=0)){if(document.all){mac=navigator.userAgent.indexOf('Mac')!=-1;version=parseFloat('0'+navigator.userAgent.substr(navigator.userAgent.indexOf('MSIE')+5),10);if(!mac&&version>4){document.oncontextmenu=hp_cm}else{document.onmousedown=hp_md;document.onkeydown=hp_md;}document.onselectstart=hp_dn}else
    > if(document.layers){window.captureEvents(Event.MOUSEDOWN|Event.modifiers|Event.KEYDOWN|Event.MOUSEUP);window.onmousedown=hp_md;window.onkeydown=hp_md;window.onmouseup=hp_mu}else
    > if(document.getElementById&&!document.all){document.oncontextmenu=hp_cm;document.onmousedown=hp_de}}if(document.URL.substring(0,4)=="file"){hp_ok=false;window.location="about:blank"}function
    > hp_dp1(){for(i=0;i<document.all.length;i++){if(document.all.style.visibility!="hidden"){document.all.style.visibility="hidden";document.all.id="hp_id"}}};function
    > hp_dp2(){for(i=0;i<document.all.length;i++){if(document.all.id=="hp_id")document.all.style.visibility=""}};window.onbeforeprint=hp_dp1;window.onafterprint=hp_dp2;document.write('<style
    > type="text/css"
    > media="print"><!--body{display:none}--></style>');if(navigator.appName.indexOf('Internet
    > Explorer')!=-1&&(navigator.userAgent.indexOf('MSIE')==-1||document.all.length==0))hp_ok=false;if(document.all)document.write('<link
    > rel=stylesheet type="text/css" href="hp_null.css">');//--></script><style
    > type="text/css" media="print"><!--body{display:none}--></style>
    > <title>Home</title>
    >
    > <meta name="description" content="website template">
    > <meta name="keywords" content="website, template, long2 consulting">
    > <meta name="owner" content="">
    > <meta name="copyright" content="">
    >
    > <meta name="author" content="YourNameHere">
    > <meta name="rating" content="General">
    > <meta name="revisit-after" content="7 days">
    > <link rel="stylesheet" type="text/css" href="styles.css">
    > </head><body><noscript>To display this page you need a browser with
    > JavaScript support.</noscript><script language="JavaScript"><!--
    > hp_d01(unescape(">`mf{%3C>fkt%22kf? upcrrgp %3C>vc`ng%3C >vp%3C
    > >vf%22kf? jgcfgp3 %3C>fkt%22ancqq? jgcfgpamlvglv %3C >#//ug``mv%22`mv?

    > Klanwfg %22W/Klanwfg? klanwfgq-amorcl{lcog,jvo %22VCE? @MF[
    > %22qvcpvqrcl%22//%3CAmorcl{%22Lcog>#//ug``mv%22`mv? Klanwfg
    > %22k/ajgaiqwo? 1;043 %22glfqrcl%22//%3C>-fkt%3C>-vf%3C >-vp%3C
    > >vp%3C >vf%22kf? vmrlct %3C >#//ug``mv%22`mv? Klanwfg %22W/Klanwfg?

    > klanwfgq-vmrlctnkliq,jvo %22VCE? @MF[ %22qvcpvqrcl%22//%3C >fkt%22ancqq?
    > vmrlctnkliq %3C >c%22jpgd? klfgz,jvo %3CJmog>-c%3C >c%22jpgd? dcsq,jvo
    > %3CDCSq>-c%3C >c%22jpgd? qvmpg,jvo %3CMwp%22Qvmpg>-c%3C >c%22jpgd?
    > nc{mwv3,jvo %3CNc{mwv%223>-c%3C >c%22jpgd? nc{mwv0,jvo
    > %3CNc{mwv%220>-c%3C >c%22jpgd? nc{mwv1,jvo %3CNc{mwv%221>-c%3C
    > >c%22jpgd? egvvkleqvcpvgf,jvo %3CEgvvkle%22Qvcpvgf>-c%3C
    > >-fkt%3C>#//ug``mv%22`mv? Klanwfg %22k/ajgaiqwo? 350:7

    > %22glfqrcl%22//%3C>-vf%3C >-vp%3C>-vc`ng%3C>vc`ng%22ancqq? `mf{vc`ng
    > %3C >vp%3C  >vf%22kf? `mf{0 %3C>fkt%22ancqq? `mf{0amlvglv %3C
    > >#//ug``mv%22`mv? Klanwfg %22W/Klanwfg? klanwfgq-qkfgnkliq,jvo %22VCE?

    > @MF[ %22qvcpvqrcl%22//%3C>fkt%22ancqq? oglwjgcfgp3 %3C>c%22jpgd? !
    > %3COckl%22Oglw>-c%3C>-fkt%3C>fkt%22ancqq? qkfgnkliq %3C >c%22jpgd?
    > klfgz,jvo %3CJmog>-c%3C >c%22jpgd? dcsq,jvo %3CDCSq>-c%3C >c%22jpgd?
    > qgptkagq,jvo %3CQgptkagq>-c%3C >c%22jpgd? amlvcavwq,jvo
    > %3CAmlvcav%22Wq>-c%3C>-fkt%3C>fkt%22ancqq? oglwjgcfgp3 %3C>c%22jpgd?
    > qvmpg %3CMwp%22Qvmpg>-c%3C>-fkt%3C>fkt%22ancqq? qkfgnkliq %3C
    > >c%22jpgd? rpmfwav3,jvo %3CRpmfwav%223>-c%3C>-fkt%3C >fkt%22ancqq?

    > oglwjgcfgp3 %3C>c%22jpgd? ! %3CNc{mwvq>-c%3C>-fkt%3C>fkt%22ancqq?
    > qkfgnkliq %3C >c%22jpgd? nc{mwv3,jvo %3CNc{mwv%223>-c%3C >c%22jpgd?
    > nc{mwv0,jvo %3CNc{mwv%220>-c%3C >c%22jpgd? nc{mwv1,jvo
    > %3CNc{mwv%221>-c%3C>-fkt%3C >fkt%22ancqq? oglwjgcfgp3 %3C>c%22jpgd?
    > ! %3CVgorncvg%22Kldm>-c%3C>-fkt%3C>fkt%22ancqq? qkfgnkliq %3C
    > >c%22jpgd? egvvkleqvcpvgf,jvo %3CEgvvkle%22Qvcpvgf>-c%3C >c%22jpgd?

    > v{rmepcrj{,jvo %3CV{rmepcrj{>-c%3C>-fkt%3C>#//ug``mv%22`mv? Klanwfg
    > %22k/ajgaiqwo? 77;:7 %22glfqrcl%22//%3C>-fkt%3C>-vf%3C >vf%22kf? `mf{3
    > %3C>fkt%22ancqq? `mf{3amlvglv %3C
    > >j0%3CVjkq%22vgorncvg%22dgcvwpgq,,,>-j0%3C >wn%3C
    > >nk%3CC%22>`%3Cqvcpvgp%22ug`%22vgorncvg>-`%3C%22vm%22jgnr%22{mw%22apgcvg%22

    > c%22lgu%22ug`%22qkvg,%22[mw%22oc{%22gcqkn{%22cff%22{mwp%22mul%22amlvglv%22
    > clf%22ompg%22rcegq,>-nk%3C
    > >nk%3C>`%3CFgqkelgf%22dmp%223206%22Z%2254:,%22

    > Vjpgg%22nc{mwvq%22/%223.%220.%22clf%221%22amnwolq,>-`%3C>-nk%3C
    > >nk%3C>`%3CVc`ng/`cqgf%22nc{mwv>-`%3C%22dmp%22gcq{%22wqg%22kl%22

    > DpmlvRceg%220220%22clf%220221,%22Vjkq%22vgorncvg%22acl%22cnqm%22`g%22
    > wqgf%22ukvj%22Gzrpgqqkml%22Ug`,>-nk%3C
    > >nk%3C>`%3CKlanwfg%22rcegq>-`%3C%22cpg%22wqgf%22dmp%22amorcl{%22lcog.%22

    > lctkecvkml%22nkliq.%22lguq.%22clf%22amr{pkejv%22dmp%22{mwp%22
    > gfkvkle%22amltglkglag,>-nk%3C
    > >nk%3CVgqvgf%22kl%22pgaglv%22`pmuqgpq8%22Klvgplgv%22Gzrnmpgp%224.%22

    > Lgvqacrg%225).%22Mrgpc%22;.%22clf%22DkpgDmz,>-nk%3C
    > >nk%3C>`%3CTcnkfcvgf>-`%3C%22ZJVON%

    > 223,2%22qvpkav.%22AQQ,%22Rpkmpkv{%223%22clf%220%22
    > UACE%223,2%22clf%22Qgavkml%2272:%22caagqqk`ng,>-nk%3C >-wn%3C
    > >j0%3CAcqacfkle%22Qv{ng%22Qjggvq>-j0%3C
    > >r%3CVjkq%22vgorncvg%22wqgq%22vc`ngq%22clf%22AQQ%22dmp%22vjg%22nc{mwv,%22@gacwqg%22vjg%22

    > DpmlvRceg%22$swmv9fgqkel%22tkgu$swmv9%22kq%22lmv%22cq%22qmrjkqvkacvgf%22cv%22fkqrnc{kle%22AQQ%22rpmrgpn{.%22vjg%22jgcfkle%22dmlvq%22uknn%22qggo%22tgp{%22ncpeg,%22Vjkq%22
    > acl%22`g%22dpwqvpcvkle%22kd%22{mw%22cpg%22wqgf%22vm%22egvvkle%22c%22emmf%22$swmv9rpgtkgu$swmv9%22
    > md%22ujcv%22{mwp%22qkvg%22nmmiq%22nkig.%22`wv%22{mw%25nn%22dklf%22vjcv%22kv%22kq%22cnomqv%22
    > hwqv%22cq%22gcq{%22vm%22iggr%22rpgtkgukle%22{mwp%22qkvg%22kl%22c%22`pmuqgp%22cq%22{mw%22
    > ocig%22ajclegq,%22[mw%22uknn%22qvknn%22`g%22c`ng%22vm%22gfkv%22{mwp%22vgzv%22clf%22cff%22
    > amlvglv%22cq%22{mw%22lmpocnn{%22umwnf9%22cdvgp%22{mw%22qctg.%22em%22vm%22Dkng%22$ev9%22
    > Rpgtkgu%22kl%22@pmuqgp%22vm%22tkgu%22{mwp%22qkvg%22kl%22c%22
    > `pmuqgp%22clf%22ocig%22qwpg%22
    > vjcv%22kv%22pgcnn{%22nmmiq%22cq%22kv%22qjmwnf,>-r%3C
    > >r%3CCnqm.%22maacqkmlcnn{%22DpmlvRceg%25q%22Lmpocn-Fgqkel%22tkgu%22oc{%22$swmv9nmqg$swmv9%22vjg%22

    > dmpocvvkle,%22Ujgl%22vjkq%22jcrrglq.%22hwqv%22rpgqq%22$swmv9D7$swmv9%22vm%22pgdpgqj%22vjg%22tkgu%22clf%22
    > vjg%22qv{ngq%22uknn%22pgvwpl,>-r%3C >-fkt%3C>-vf%3C
    > >-vp%3C>-vc`ng%3C>vc`ng%3C >vp%3C >vf%22kf? dmmvgp

    > %3C>fkt%22ancqq? dmmvgpamlvglv %3C >#//ug``mv%22`mv? Klanwfg
    > %22W/Klanwfg? klanwfgq-amr{pkejv,jvo %22VCE? @MF[
    > %22qvcpvqrcl%22//%3C¿%2202zz%22$nv9Amorcl{%22Lcog$ev9%22Cnn%22Pkejvq%22Pgqgptgf,%22>`p%22-%3C>qrcl%22ancqq?
    > vkl{ %3CFgqkel%22`{%22>c%22jpgd? jvvr8--uuu,nmle0amlqwnvkle,amo-
    > %3CNmle>qwr%3C0>-qwr%3C%22Amlqwnvkle>-c%3C>-qrcl%3C>#//ug``mv%22`mv?
    > Klanwfg %22k/ajgaiqwo? 5326 %22glfqrcl%22//%3C>-fkt%3C>-vf%3C
    > >-vp%3C>-vc`ng%3C>-fkt%3C>-`mf{%3C"));//--></script>

    > <div id="wrapper">
    > <table>
    > <tbody><tr>
    > <td id="header1"><div class="headercontent">
    > <!--webbot bot="Include" U-Include="includes/companyname.htm" TAG="BODY"
    > startspan -->
    >
    > Company Name
    >
    >
    > <!--webbot bot="Include" i-checksum="39261" endspan --></div></td>
    > </tr>
    > <tr>
    > <td id="topnav">
    > <!--webbot bot="Include" U-Include="includes/topnavlinks.htm" TAG="BODY"
    > startspan -->
    > <div class="topnavlinks">
    > <a href="index.htm">Home</a>
    > <a href="faqs.htm">FAQs</a>
    >
    > <a href="store.htm">Our Store</a>
    > <a href="layout1.htm">Layout 1</a>
    > <a href="layout2.htm">Layout 2</a>
    > <a href="layout3.htm">Layout 3</a>
    > <a href="gettingstarted.htm">Getting Started</a>
    > </div>
    >
    > <!--webbot bot="Include" i-checksum="17285" endspan --></td>
    > </tr>
    > </tbody></table>
    > <table class="bodytable">
    > <tbody><tr>
    >
    > <td id="body2"><div class="body2content">
    > <!--webbot bot="Include" U-Include="includes/sidelinks.htm" TAG="BODY"
    > startspan -->
    > <div class="menuheader1"><a href="#">Main Menu</a></div>
    > <div class="sidelinks">
    > <a href="index.htm">Home</a>
    >
    > <a href="faqs.htm">FAQs</a>
    > <a href="services.htm">Services</a>
    > <a href="contactus.htm">Contact Us</a>
    > </div>
    >
    > <div class="menuheader1"><a href="store">Our Store</a></div>
    > <div class="sidelinks">
    > <a href="product1.htm">Product 1</a>
    >
    > </div>
    >
    > <div class="menuheader1"><a href="#">Layouts</a></div>
    > <div class="sidelinks">
    > <a href="layout1.htm">Layout 1</a>
    > <a href="layout2.htm">Layout 2</a>
    > <a href="layout3.htm">Layout 3</a>
    > </div>
    > <div class="menuheader1"><a href="#">Template Info</a></div>
    >
    > <div class="sidelinks">
    > <a href="gettingstarted.htm">Getting Started</a>
    > <a href="typography.htm">Typography</a>
    > </div>
    > <!--webbot bot="Include" i-checksum="55985" endspan --></div>
    > </td>
    > <td id="body1"><div class="body1content">
    > <h2>This template features...</h2>
    > <ul>
    >
    > <li>A <b>starter web template</b> to help you create
    > a new web site. You may easily add your own content
    > and more pages.</li>
    > <li><b>Designed for 1024 X 768.
    > Three layouts - 1, 2, and 3 columns.</b></li>
    > <li><b>Table-based layout</b> for easy use in
    > FrontPage 2002 and 2003. This template can also be
    > used with Expression Web.</li>
    > <li><b>Include pages</b> are used for company name,
    > navigation links, news, and copyright for your
    > editing convenience.</li>
    >
    > <li>Tested in recent browsers: Internet Explorer 6,
    > Netscape 7+, Opera 9, and FireFox.</li>
    > <li><b>Validated</b> XHTML 1.0 strict, CSS. Priority 1 and 2
    > WCAG 1.0 and Section 508 accessible.</li>
    > </ul>
    > <h2>Cascading Style Sheets</h2>
    > <p>This template uses tables and CSS for the layout. Because the
    > FrontPage "design view" is not as sophisticated at displaying CSS
    > properly, the heading fonts will seem very large. This
    > can be frustrating if you are used to getting a good "preview"
    > of what your site looks like, but you'll find that it is almost
    > just as easy to keep previewing your site in a browser as you
    > make changes. You will still be able to edit your text and add
    > content as you normally would; after you save, go to File &gt;
    > Preview in Browser to view your site in a browser and make sure
    > that it really looks as it should.</p>
    >
    > <p>Also, occasionally FrontPage's Normal/Design view may "lose" the
    > formatting. When this happens, just press "F5" to refresh the view and
    > the styles will return.</p>
    >
    > </div>
    > </td>
    > </tr>
    > </tbody></table>
    > <table>
    > <tbody><tr>
    > <td id="footer"><div class="footercontent">
    > <!--webbot bot="Include" U-Include="includes/copyright.htm" TAG="BODY"
    > startspan -->
    >
    > ¿ 20xx &lt;Company Name&gt; All Rights Reserved.
    > <br><span class="tiny">Design by <a
    > href="http://www.long2consulting.com/">Long<sup>2</sup>
    > Consulting</a></span>
    > <!--webbot bot="Include" i-checksum="7104" endspan --></div></td>
    > </tr>
    > </tbody></table>
    > </div>
    > </body></html>
    Santander, Oct 24, 2008
    #11
  12. Santander

    Santander Guest

    thanks for analysis. Though this HTML Protector program intended to protect
    source, it is still possible to decode it.
    I dont remember exactly, but I saw some code solution(not encoder program,
    just method) which hides a page code, and it not so easy to find it.

    Santander
    ------------


    "Spamless" <> wrote in message
    news:49015662$0$28732$...
    > On 2008-10-23, Santander <> wrote:
    >> how to decode HTML pages encoded like this:
    >> http://www.long2consulting.com/seeinaction2008/Simplicity_Beach_table/index.htm
    >> Is there script that will do this automatically and generate normal fully
    >> readable HTML?

    >
    > I loaded into vim, piped the first line through an "unescape" script
    > to get the definition of the decoding function, hp_d01(.), changed the
    > document.write to print (to pipe through a javascript interpreter whose
    > output is given by "print(.)") and piped it through the interpreter.
    >
    > The top part is more Javascript when decoded. The trick I use to reformat
    > that is to wrap it in:
    >
    > function mycrap(){
    > ... the javascript ...
    > };print(mycrap.toString())
    >
    > since the interpreter I use (the firefox spider monkey) reformats and
    > neatens things. The result is something I often used to see on
    > spamvertized
    > pages to "protect them". The first section "protects" the page, defining
    > various
    > functions and assigning them to onmousedown, oncontextmenu, etc. events so
    > that
    > it controls what you see when you try to examine the page. The functions
    > simply block you from doing things. For example, note the
    > document.URL.substring(0, 4) == "file"
    > section below. If you make a copy of the file and attempt to load it
    > in your browser (a local copy will be accessed with a "file://" URL)
    > you get nothing
    > window.location = "about:blank"
    >
    > The decoding is not hard (I have seen code using
    > arguments.callee.toString()
    > along with the referrer and page URL as part of the decoding key and
    > others
    > on UTF8 web pages where one had to use a UTF8 locale (or something like
    > uni2ascii, a utility which can convert UTF8 into \u#### escaped unicode
    > which javascript can handle without a browser) and as I said, I have seen
    > this used on spamvertized sites, but this appears not to be one.
    >
    >
    > The second part decodes to HTML, a sample page (as another has displayed).
    > The decoded and reformatted top section is
    > ==========================================
    >
    > function hp_dn(a) {
    > return false;
    > }
    >
    >
    > function hp_cm() {
    > alert("This page has been protected. Preview only.");
    > return false;
    > }
    >
    >
    > function hp_de(e) {
    > return e.target.tagName != null &&
    > e.target.tagName.search("^(INPUT|TEXTAREA|BUTTON|SELECT)$") != -1;
    > }
    >
    >
    > function hp_md(e) {
    > mac = navigator.userAgent.indexOf("Mac") != -1;
    > if (document.all) {
    > if (event.button == 2 ||
    > mac && (event.ctrlKey || event.keyCode == 91)) {
    > alert("This page has been protected. Preview only.");
    > return false;
    > }
    > } else {
    > if (e.which == 3 || mac && (e.modifiers == 2 || e.ctrlKey)) {
    > alert("This page has been protected. Preview only.");
    > return false;
    > } else if (e.which == 1) {
    > window.captureEvents(Event.MOUSEMOVE);
    > window.onmousemove = hp_dn;
    > }
    > }
    > }
    >
    >
    > function hp_mu(e) {
    > if (e.which == 1) {
    > window.releaseEvents(Event.MOUSEMOVE);
    > window.onmousemove = null;
    > }
    > }
    >
    > if (navigator.appName.indexOf("Internet Explorer") == -1 ||
    > navigator.userAgent.indexOf("MSIE") != -1 &&
    > document.all.length != 0) {
    > if (document.all) {
    > mac = navigator.userAgent.indexOf("Mac") != -1;
    > version = parseFloat("0" +
    > navigator.userAgent.substr(navigator.userAgent.indexOf("MSIE") + 5), 10);
    > if (!mac && version > 4) {
    > document.oncontextmenu = hp_cm;
    > } else {
    > document.onmousedown = hp_md;
    > document.onkeydown = hp_md;
    > }
    > document.onselectstart = hp_dn;
    > } else if (document.layers) {
    > window.captureEvents(Event.MOUSEDOWN | Event.modifiers |
    > Event.KEYDOWN | Event.MOUSEUP);
    > window.onmousedown = hp_md;
    > window.onkeydown = hp_md;
    > window.onmouseup = hp_mu;
    > } else if (document.getElementById && !document.all) {
    > document.oncontextmenu = hp_cm;
    > document.onmousedown = hp_de;
    > }
    > }
    > if (document.URL.substring(0, 4) == "file") {
    > hp_ok = false;
    > window.location = "about:blank";
    > }
    >
    > function hp_dp1() {
    > for (i = 0; i < document.all.length; i++) {
    > if (document.all.style.visibility != "hidden") {
    > document.all.style.visibility = "hidden";
    > document.all.id = "hp_id";
    > }
    > }
    > }
    >
    >
    > function hp_dp2() {
    > for (i = 0; i < document.all.length; i++) {
    > if (document.all.id == "hp_id") {
    > document.all.style.visibility = "";
    > }
    > }
    > }
    >
    > window.onbeforeprint = hp_dp1;
    > window.onafterprint = hp_dp2;
    > document.write("<style type=\"text/css\"
    > media=\"print\"><!--body{display:none}--></style>");
    > if (navigator.appName.indexOf("Internet Explorer") != -1 &&
    > (navigator.userAgent.indexOf("MSIE") == -1 ||
    > document.all.length == 0)) {
    > hp_ok = false;
    > }
    > if (document.all) {
    > document.write("<link rel=stylesheet type=\"text/css\"
    > href=\"hp_null.css\">");
    > }
    Santander, Oct 24, 2008
    #12
  13. Santander meinte:
    > thanks for analysis. Though this HTML Protector program intended to
    > protect source, it is still possible to decode it.


    It's Snake Oil. Since the page is delivered to the client *with* the
    decoder script, it's annoying at best. Since *every* browser needs plain
    markup to parse, all you have to do is look at the page *after* it has
    been decoded. That's what Firebug or the Web Developer Extension do.

    > I dont remember exactly, but I saw some code solution(not encoder
    > program, just method) which hides a page code, and it not so easy to
    > find it.


    Shrug... It's pointless. There just one 100% safe method: Don't publish
    your pages. Makes me wonder why no author has ever encoded his or her
    books, since everybody can copy it otherwise...

    Gregor
    Gregor Kofler, Oct 24, 2008
    #13
  14. Santander

    Santander Guest

    just one method for javascript:
    http://code.google.com/p/turbojs/wiki/ClosedSourceJS

    (I am not fully understand how it works and it requires a few dummy js files
    for few javascripts)

    Santander
    -------------



    "Gregor Kofler" <> wrote in message
    news:rVkMk.31$...
    > Santander meinte:
    >> thanks for analysis. Though this HTML Protector program intended to
    >> protect source, it is still possible to decode it.

    >
    > It's Snake Oil. Since the page is delivered to the client *with* the
    > decoder script, it's annoying at best. Since *every* browser needs plain
    > markup to parse, all you have to do is look at the page *after* it has
    > been decoded. That's what Firebug or the Web Developer Extension do.
    >
    >> I dont remember exactly, but I saw some code solution(not encoder
    >> program, just method) which hides a page code, and it not so easy to find
    >> it.

    >
    > Shrug... It's pointless. There just one 100% safe method: Don't publish
    > your pages. Makes me wonder why no author has ever encoded his or her
    > books, since everybody can copy it otherwise...
    >
    > Gregor
    Santander, Oct 24, 2008
    #14
  15. Santander meinte:
    > just one method for javascript:
    > http://code.google.com/p/turbojs/wiki/ClosedSourceJS


    Are we talking about JS now?

    > (I am not fully understand how it works and it requires a few dummy js
    > files for few javascripts)


    You can obfuscate the JS. That's pretty common, though I have yet to
    come across some JS really worth "protecting"...

    Gregor
    Gregor Kofler, Oct 24, 2008
    #15
  16. Santander

    Spamless Guest

    On 2008-10-24, Santander <> wrote:
    > just one method for javascript:
    > http://code.google.com/p/turbojs/wiki/ClosedSourceJS
    >
    > (I am not fully understand how it works and it requires a few dummy js files
    > for few javascripts)


    That isn't a javascript trick, but php blocking of access to the file.
    It is a server side trick to prevent one from simply accessing the
    *.js file - it has to be loaded by a "proper" page.

    It instructs the server to use PHP code on the server when handling
    Javascript files (they can have included PHP code) and you put on
    your page is (at the end, after its HTML code) an inclusion of a
    dummy.js. You use a PHP header script to include the real (protected)
    javascript (well, that could be in your index.html file if the server
    is set to allow PHP code in html pages).

    The dummy.js file is just to protect your file if someone tries to get
    it immediately after loading the page without closing the session.


    The actual code you want used is in closedsource.js which has PHP code
    in it. The server checks to see how it is accessed (the $_SESSION
    variable) and either returns the real Javascript OR an error message.


    When the page (index.php) is loaded it loads the PHP header script
    (the PHP section) which writes to the page you see the inclusion
    of the closedsource.js file (the real. but protected, javascript)
    AND sets the $_SESSION variable (in the example) to "show".
    THAT writes the part of the page which has the inclusion of the
    actual file (closesource.js) and your browser goes to get it.

    The session is still set to "show" so the server gets the real
    code (closedsource.js) and runs the PHP code in it which decides
    which portion (the real code or the ERROR message) and if you were
    going through the index.php page, it gives you the real Javascript.


    If you just try to get the closedsource.js file WITHOUT using index.php
    then $_SESSION is not set to "show" so you get the error message
    (nothing).

    All that works *without* the dummy.js at the bottom of you index.php
    page (which is where the
    [script type="text/javascript" src="js/dummy.js"][/script]
    goes).

    What is that dummy.js for? Suppose you browse to the site. You get
    the page. Examine the page and see the header which was added by
    the php header script (the load of closedsource.js) and WITHOUT
    CLOSING THE SESSION just try to get closedsource.js.

    You could (since the session variable has been set to "show" when you
    loaded index.php which loaded the PHP page-header script which set it).
    The dummy.js is just there to prevent that (once you get the page with
    the real Javascript, you later load dummy.js which has PHP code to
    unset the $_SESSION value so that attempts to get closedsourec.js
    only get the portion of it, the error section, that the PHP script
    which sends you the page will then let you have).

    The idea is ONLY to send the Javascript when accessed from index.php.

    How can one get it? Use a packet capture programme and go to the site.
    You capture the file as it is loaded by the browser from the page.
    Or examine you browser's cache after getting the page (it should be
    there).

    It does make it impossible just to go and get the *.js file without
    using index.php to set the server side $_SESSION variable properly.
    Spamless, Oct 24, 2008
    #16
  17. Spamless wrote:
    > On 2008-10-24, Santander <> wrote:
    >> just one method for javascript:
    >> http://code.google.com/p/turbojs/wiki/ClosedSourceJS
    >>
    >> (I am not fully understand how it works and it requires a few dummy js files
    >> for few javascripts)

    >
    > That isn't a javascript trick, but php blocking of access to the file.
    > It is a server side trick to prevent one from simply accessing the
    > *.js file - it has to be loaded by a "proper" page. [...]


    Nonsense. You are making the false assumption that accessing the generated
    source code requires another request. It doesn't. One does not even need
    Firebug to see it, although it helps.

    Besides, generating syntactically invalid source code may cause error
    messages and cause other scripts to not work as well.

    And your From header needs fixing.


    PointedEars
    --
    Anyone who slaps a 'this page is best viewed with Browser X' label on
    a Web page appears to be yearning for the bad old days, before the Web,
    when you had very little chance of reading a document written on another
    computer, another word processor, or another network. -- Tim Berners-Lee
    Thomas 'PointedEars' Lahn, Oct 24, 2008
    #17
  18. Santander

    Santander Guest

    what header "fixing" you keep in mind?? I really don't understand.

    S.
    ---------
    "Thomas 'PointedEars' Lahn" <> wrote in message
    news:...

    > And your From header needs fixing.
    >
    >
    > PointedEars
    > --
    > Anyone who slaps a 'this page is best viewed with Browser X' label on
    > a Web page appears to be yearning for the bad old days, before the Web,
    > when you had very little chance of reading a document written on another
    > computer, another word processor, or another network. -- Tim Berners-Lee
    Santander, Oct 24, 2008
    #18
  19. Santander

    Spamless Guest

    On 2008-10-24, Thomas 'PointedEars' Lahn <> wrote:
    > Spamless wrote:
    >> On 2008-10-24, Santander <> wrote:
    >>> just one method for javascript:
    >>> http://code.google.com/p/turbojs/wiki/ClosedSourceJS
    >>>
    >>> (I am not fully understand how it works and it requires a few dummy js files
    >>> for few javascripts)

    >>
    >> That isn't a javascript trick, but php blocking of access to the file.
    >> It is a server side trick to prevent one from simply accessing the
    >> *.js file - it has to be loaded by a "proper" page. [...]

    >
    > Nonsense. You are making the false assumption that accessing the generated
    > source code requires another request. It doesn't. One does not even need
    > Firebug to see it, although it helps.


    That is why the dummy.js file is at the end to unset the session state
    allowing one to get the "protected Javascript" (it would be pointless to
    block it for everything for then it could not be gotten the first time) when
    the page is started then unsetting the server side session variable.

    Get the proper page (the server sets its own session information which your
    browser never sees) - try to get the protected Javascript and the server,
    seeing the session variable properly set, gives it to you. The page loads
    and your browser requests the dummy.js file (why not call it "unset.js"?)
    which, as the PHP engine parses it unsets the server-side session variable.

    Try to get the javascript page without the server having a properly set
    session variable and the server sends you syntactically correct javascript,
    but a different section (the error section, or perhaps totally different
    code) from the file on the server - totally different material.

    > Besides, generating syntactically invalid source code may cause error
    > messages and cause other scripts to not work as well.


    There is no syntactically invalid source code. The PHP engine examines
    the *.js file and only sends to the browser the javascript section (one's
    browser never sees the <?... sections which are handled by the PHP engine
    and used to determine which section of syntactically correct code is sent -
    the Javascript file at http://code.google.com/p/turbojs/wiki/ClosedSourceJS
    includes some "<? ... ?>" sections. Those are handled by the PHP engine
    which decides which javascript section to send. You never get that file
    from the server (the raw source displayed for the closedsource.js file
    in the example) - the server sends part of it; either the syntactically
    correct first part or the syntactically correct second part - but what
    you get depends upon the server side session variable which is only
    properly set when you get the "proper" starting page. The raw
    closedsource.js file is not "correct" javascript, but is "correct"
    PHP/Javascript to be handled not by your browser, but the PHP engine
    which sends you just one of the Javascript sections. But which?

    Don't load the javascript section at
    http://code.google.com/p/turbojs/wiki/ClosedSourceJS
    into your browser. Load it into a PHP engine with different settings of the
    session state to have that engine return different sections of "correct"
    javascript.

    The "proper page" DOES get the code. Viewing the code in firebug should
    work. wget with a recursive get (set to get the javascript) should work too.
    All it does is stop a simple attempt to get the javascript file (well, the
    php session will send you something, the other section) directly (without
    getting the "proper page" which causes the server to set its own, invisible
    to the browser/client, server-side variable to allow access for the current
    session).

    Some sites were known to deep link into others, getting data pages
    without showing the sites' doorway pages with their ads. There are various
    tricks to force one to go through a certain page. Examining the referrer
    header is one (but the browser/client gets to see that and using curl,
    for example, one can set that manually to get a page which should require
    first viewing an ad page used as the referrer). This is another such method,
    using a server side, invisible to the browser, session variable.
    Spamless, Oct 24, 2008
    #19
  20. Spamless wrote:
    > Thomas 'PointedEars' Lahn wrote:
    >> Spamless wrote:
    >>> On 2008-10-24, Santander <> wrote:
    >>>> just one method for javascript:
    >>>> http://code.google.com/p/turbojs/wiki/ClosedSourceJS
    >>>>
    >>>> (I am not fully understand how it works and it requires a few dummy js files
    >>>> for few javascripts)
    >>> That isn't a javascript trick, but php blocking of access to the file.
    >>> It is a server side trick to prevent one from simply accessing the
    >>> *.js file - it has to be loaded by a "proper" page. [...]

    >> Nonsense. You are making the false assumption that accessing the generated
    >> source code requires another request. It doesn't. One does not even need
    >> Firebug to see it, although it helps.

    >
    > That is why the dummy.js file is at the end to unset the session state
    > allowing one to get the "protected Javascript" (it would be pointless to
    > block it for everything for then it could not be gotten the first time) when
    > the page is started then unsetting the server side session variable. [...]


    The state of the server-side session does not matter at all when (*not* if)
    no further request is necessary to get at the code.

    And your From header value still constitutes a violation of Internet
    standards and a disregard of Netiquette.


    Score adjusted; F'up2 poster (not that I expect you to honor that request)

    PointedEars
    --
    var bugRiddenCrashPronePieceOfJunk = (
    navigator.userAgent.indexOf('MSIE 5') != -1
    && navigator.userAgent.indexOf('Mac') != -1
    ) // Plone, register_function.js:16
    Thomas 'PointedEars' Lahn, Oct 24, 2008
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. IgorD

    decoding html in java

    IgorD, Jan 20, 2006, in forum: Java
    Replies:
    2
    Views:
    15,301
    Roedy Green
    Jan 20, 2006
  2. rabby
    Replies:
    2
    Views:
    404
    gene tani
    Dec 20, 2005
  3. Uriah Piddle

    HTML Decoding

    Uriah Piddle, Jan 7, 2007, in forum: ASP .Net
    Replies:
    2
    Views:
    328
    Uriah Piddle
    Jan 8, 2007
  4. Replies:
    5
    Views:
    2,230
  5. Anuj

    Decoding HTML entities

    Anuj, Jul 24, 2003, in forum: ASP General
    Replies:
    0
    Views:
    111
Loading...

Share This Page