Re: [WWWOFFLE-Users] POST session variable cause infinite download loop ?

Sat, 11 Sep 2004 22:25:45 -0700 

mi <[EMAIL PROTECTED]> writes:

> [EMAIL PROTECTED] (Andrew M. Bishop):
> 
> > Can you give me a URL and instructions on how you started on this
> > path so that I can try and replicate it.
> 
> http://ted.publications.eu.int/official/Exec?DataFlow=call_one_detail.dfl&Template=TED/result_one_detail.xsl&TableName=TED_EN&Query=ND:%22142264%202004%22&Lang=EN&StatLang=EN
> 
> Looks as changing the tab causes the POST data upload request.
> I opened the URL, changed the tab (to lookup the index), changed back again and 
> imediately it
> starts the requests.

The page seems to contain some very nasty Javascript.  There are four
forms hidden in the page, but you can't see any of them because all of
the fields are marked as hidden.  There is lots of Javascript all over
the place, in the HTML and in the four additional Javascript files
that it loads.

I think that the problem is caused by the following function which is
called when the page loads.  This selects one of the hidden forms,
sets some parameters and sends it.  This is why WWWOFFLE is getting
requests that you did not make.

        function onLoadPage()
        {  
          // debugger;
           var p_lang='EN';
           // If variable defined, take it into account
           if (p_lang.substring(0,1) != "$") 
           {
           
                // If language not yet set in session, set it (for dynamic dico 
translation)
                if ('${se.docLang}' != p_lang)
                {
                    var fwk = document.forms.setEnv;            
                    fwk.Name.value = "[EMAIL PROTECTED]";        
                    fwk.Value.value = p_lang + "@" + p_lang;
                    fwk.theLang.value = p_lang;  
                    fwk.Redirect.value = document.location;  
                    fwk.submit();
                }
           }
        }

Since you have enabled Javascript in your browser it means that you
have allowed the browser to run any Javascript code that any web
server sends you.  WWWOFFLE can help if you enable the option to
modify the HTML and cause scripts to be disabled.  You can then
selectively enable JavaScript on web sites where it is useful but
leave it disabled generally.

This is how I have WWWOFFLE and my browser configured.  I have no
problems when visiting this page with extra requests being made.

-- 
Andrew.
----------------------------------------------------------------------
Andrew M. Bishop                             [EMAIL PROTECTED]
                                      http://www.gedanken.demon.co.uk/

WWWOFFLE users page:
        http://www.gedanken.demon.co.uk/wwwoffle/version-2.8/user.html

Reply via email to