JavaScript in Password Protected Folder?

Re: JavaScript in Password Protected Folder?

> >Because the organization wishes to protect its source code,[color=blue][color=green]
> >since it is proprietary and may reveal internal details that
> >we prefer to keep secret.[/color]
>
> Client-side code (including Java, which may be decompiled) should
> not contain internal details that can be exploited. You don't keep
> secrets by distributing them to people you can't trust to keep
> them for you.[/color]

Well, the secrets aren't critical, so a "moderate" level of protection
is enough for us. Sure, they can decompile, but that would require a
lot of effort (and knowledge) on their part. It isn't a casual effort
like browsing JavaScript source. Also, if you are going to go through
that level of effort, there has to be a motivation. Casual browsing
can be done without serious motivation. All this leads to a "good
enough" level of protection.

Also, the issue isn't trust. As a matter of course, anything intended
for commercial use is to be regarded as intellectual property and kept
secret. This includes source code, and since there's no way (that I
know of) to conveniently distribute a program without opening up the
possibility of decompilation, then compilation is the best way of
doing it.

Lastly, the intended audience is the general public, or at least
certain members thereof. This is basically a "shrink-wrapped"
application, and as such, we don't have things like NDAs, etc...

[color=blue]
> Richard.[/color]


Thanks.

Re: JavaScript in Password Protected Folder?

Richard Cornford wrote:
[color=blue]
> [top posting fixed][color=green]
>>xmp333@yahoo. com wrote:[/color]
> <snip>[color=green][color=darkred]
>>>I am trying to hide my JavaScript source. ...[/color][/color]
> <snip>
> "StanD" <StanD.11r18o@m ail.forum4desig ners.com> wrote in message
> news:StanD.11r1 8o@mail.forum4d esigners.com...[/color]

By all means, please shorten your attribution(s).
[color=blue][color=green]
>>JavaScript is a client side script, ...[/color]
> <snip>
>
> Pleas do not top-post to comp.lang.javas cript. The group FAQ outlines
> acceptable posting style in section 2.3 paragraph 5 and references the
> applicable standard.[/color]

Full ACK
[color=blue]
> Your posting software appears to exhibiting faulty behaviour in its
> handling of the "References " header in your postings.[/color]

Nonsense.
[color=blue]
> It has sent (split across lines at the location of spaces to avoid
> uncontrolled wrapping):-
>
> References: <4a0da86b.04021 60725.11462a4b@ posting.google. com>
> <c0qq5p$h0h$1$8 302bc10@news.de mon.co.uk>
> <403101d9$0$567 $e4fe514c@news. xs4all.nl>
> <Ao-dndO9Rb2p0KzdRV n-ug@comcast.com>[/color]

This is perfectly OK according to the standards. RFC 1036 (which is
BTW not even on the Standards Track) is an extension to RFC 822, and
later RFC 2822 (which is on the Standards Track). It does not
redefine the format of header lines, neither does the part of the RFC
you have quoted. *Your* news client software is simply incapable and
it is *your* software which disobeys the standards also in this regard.

WFM. Mozilla Thunderbird 0.5+ (20040220).

You should get a working client or workaround this bug with
additional software. See <http://insideoe.tomste rdam.com/>


HTH

PointedEars

Re: JavaScript in Password Protected Folder?

Thomas 'PointedEars' Lahn wrote:[color=blue]
> Richard Cornford wrote:[/color]
<snip>[color=blue][color=green]
>>Your posting software appears to exhibiting faulty behaviour in its
>>handling of the "References " header in your postings.[/color]
>
> Nonsense.
>[color=green]
>>It has sent (split across lines at the location of spaces to avoid
>>uncontrolle d wrapping):-
>>
>>References: <4a0da86b.04021 60725.11462a4b@ posting.google. com>
>><c0qq5p$h0h$1 $8302bc10@news. demon.co.uk>
>><403101d9$0$5 67$e4fe514c@new s.xs4all.nl>
>><Ao-dndO9Rb2p0KzdRV n-ug@comcast.com>[/color]
>
> This is perfectly OK according to the standards. RFC 1036 (which is
> BTW not even on the Standards Track) is an extension to RFC 822, and
> later RFC 2822 (which is on the Standards Track). It does not
> redefine the format of header lines, neither does the part of the RFC
> you have quoted. *Your* news client software is simply incapable and
> it is *your* software which disobeys the standards also in this
> regard.[/color]
<snip>

If you don't believe that RFC 1036 (Standard for Interchange of USENET
Messages) is applicable to Usenet posts how about:-

| RFC 977 Network News Transfer Protocol February 1986
|
| 1.4. A Central News Server
| ...
| NNTP is modelled upon the news article specifications in RFC 850,
| which describes the USENET news system. However, NNTP makes few
| demands upon the structure, content, or storage of news articles,
| and thus we believe it easily can be adapted to other non-USENET
| news systems.
| ...
| 3.10.1. POST
| ...
| If posting is permitted, the article should be presented in the
| format specified by RFC850, and should include all required
| header lines. ...
| ...

- which is a standards track document and directly employs:-

| RFC 850 Standard for Interchange of USENET Messages June 1983
|
| 2.2.6 References This field lists the message ID's of
| any articles prompting the submission of this article. It
| is required for all follow-up articles, and forbidden when
| a new subject is raised. Implementations should provide a
| follow-up command, which allows a user to post a follow-up
| article. This command should generate a Subject line
| which is the same as the original article, except that if
| the original subject does not begin with "Re: " or "re: ",
| the four characters "Re: " are inserted before the
| subject. If there is no References line on the original
| header, the References line should contain the message ID
| of the original article (including the angle brackets).
| If the original article does have a References line, the
| followup article should have a References line containing
| the text of the original References line, a blank, and the
| message ID of the original article.
| ...

- which RFC 1036 updates an replaces (without any change to the
definition of the References header).

But even then:-

| RFC 2822 Internet Message Format April 2001
|
| 3.6.4. Identification fields
| ...
| The "References :" field will contain the contents of the parent's
| "References :" field (if any) followed by the contents of the parent's
| "Message-ID:" field (if any). If the parent message does not contain
| a "References :" field but does have an "In-Reply-To:" field
| containing a single message identifier, then the "References :" field
| will contain the contents of the parent's "In-Reply-To:" field
| followed by the contents of the parent's "Message-ID:" field (if
| any). If the parent has none of the "References :", "In-Reply-To:",
| or "Message-ID:" fields, then the new message will have no
| "References :" field.
| ...

The only pertinent differences between RFC 2822 and 850/1036 (and
thus, by implication 977) is in providing more detail of what
should happen if the message responded to does not have References,
Message-ID and/or In-Reply-To fields. The References header in the
message I was responding to still couldn't be validly constructed
in response to any of the preceding messages in this thread. That
is, it is impossible to take the References header (or the lack of
it in the original post) and append the Message-ID field to come
up with the References field in that response.
[color=blue]
> You should get a working client or workaround this bug with
> additional software. See <http://insideoe.tomste rdam.com/>[/color]

What bug? My software didn't build the References header in the
message I was responding to, and it did a fairly reasonable job of
interpreting information that was incorrect to start with.

Richard.

Re: JavaScript in Password Protected Folder?

Richard Cornford wrote:
[color=blue]
> Thomas 'PointedEars' Lahn wrote:[color=green]
>> Richard Cornford wrote:[color=darkred]
>>>Your posting software appears to exhibiting faulty behaviour in its
>>>handling of the "References " header in your postings.[/color]
>>
>> Nonsense.
>>[color=darkred]
>>>It has sent (split across lines at the location of spaces to avoid
>>>uncontroll ed wrapping):-
>>>
>>>References : <4a0da86b.04021 60725.11462a4b@ posting.google. com>
>>><c0qq5p$h0h$ 1$8302bc10@news .demon.co.uk>
>>><403101d9$0$ 567$e4fe514c@ne ws.xs4all.nl>
>>><Ao-dndO9Rb2p0KzdRV n-ug@comcast.com>[/color]
>>
>> This is perfectly OK according to the standards. RFC 1036 (which is
>> BTW not even on the Standards Track) is an extension to RFC 822, and
>> later RFC 2822 (which is on the Standards Track). It does not
>> redefine the format of header lines, neither does the part of the RFC
>> you have quoted. *Your* news client software is simply incapable and
>> it is *your* software which disobeys the standards also in this
>> regard.[/color]
> <snip>
>
> If you don't believe that RFC 1036 (Standard for Interchange of USENET
> Messages) is applicable to Usenet posts[/color]

I have never stated that. But you have, again, nothing quoted that
states that wrapped References are not OK according to any standard.
[color=blue]
> [...][color=green]
>> You should get a working client or workaround this bug with
>> additional software. See <http://insideoe.tomste rdam.com/>[/color]
>
> What bug? My software didn't build the References header in the
> message I was responding to, and it did a fairly reasonable job of
> interpreting information[/color]

No, it did not, it failed.
[color=blue]
> that was incorrect to start with.[/color]

It was not incorrect.


PointedEars

Re: JavaScript in Password Protected Folder?

Thomas 'PointedEars' Lahn <PointedEars@we b.de> wrote in message news:<403BDB49. 3030907@Pointed Ears.de>...
<snip>[color=blue][color=green]
>> If you don't believe that RFC 1036 (Standard for Interchange
>> of USENET Messages) is applicable to Usenet posts[/color]
>
> I have never stated that.[/color]

You stated that the header I quoted was "perfectly OK according
to the standards" when it is structurally incorrect according
to RFC 1036, which implied that you didn't believe that
RFC 1036 was a standard that should be applied to a Usenet post.
[color=blue]
> But you have, again, nothing quoted that states that
> wrapped References are not OK according to any standard.[/color]

Why would I want to quote anything that stated that wrapped
References headers are not OK? That would have no baring on
the number and sequence of message IDs in the References
header that I was criticising.

You didn't by any chance not bother to read what I had
written (twice) and instead jump to an irrelevant conclusion
based on some preconception that you have? If you are going
to do that and then post statements like "Nonsense" based on
your irrelevant preconception the least you could do is go
on to state why you think something is nonsense so that it
would be clear that that you are thinking about something
unrelated and irrelevant.

<snip>[color=blue][color=green]
>> What bug? My software didn't build the References header
>> in the message I was responding to, and it did a fairly
>> reasonable job of interpreting information[/color]
>
> No, it did not, it failed.[/color]

No it didn't, it associated the message with the message
baring the Message-ID that appeared last in the sequence of
message IDs in the References header. One of three equally
reasonable responses based on the data provided, but probably
the most common response by newsreaders as that would
normally be the ID of the message being responded to.
[color=blue][color=green]
>> that was incorrect to start with.[/color]
>
> It was not incorrect.[/color]

It is not possible to employ the procedure for building a
References header described in RFCs 850, 1036 and/or 2822
and come up with the References header that I was
commenting on. In context no References header could be built
with more than two message IDs and in a reply to the OP that
header should only contain one message ID, while the header
in question has 4. That is objectively incorrect and if you
had bothered to read what I said you would not have wasted
your time making irrelevant comments, my time responding to
those and everyone else's time reading a reiteration of an
argument that was correct to start with.

Richard.

[OT] Clarification of References issue (was: JavaScript in PasswordProtect ed Folder?)

Richard Cornford wrote:
[color=blue]
> Thomas 'PointedEars' Lahn <PointedEars@we b.de> wrote [...][color=green][color=darkred]
>>> If you don't believe that RFC 1036 (Standard for Interchange of
>>> USENET Messages) is applicable to Usenet posts[/color]
>>
>> I have never stated that.[/color]
>
> You stated that the header I quoted was "perfectly OK according to
> the standards" when it is structurally incorrect according to RFC
> 1036, which implied that you didn't believe that RFC 1036 was a
> standard that should be applied to a Usenet post.[/color]

Misunderstandin g. I always referred to the
formatting, not the structure. See below.
[color=blue][color=green]
>> But you have, again, nothing quoted that states that wrapped
>> References are not OK according to any standard.[/color]
>
> Why would I want to quote anything that stated that wrapped
> References headers are not OK? That would have no baring on
> the number and sequence of message IDs in the References
> header that I was criticising.
>
> You didn't by any chance not bother to read what I had written
> (twice) [...][/color]

Oh, in fact I *did*. But sorry, you've lost me. Let us recapitulate:

We have an OP:

| From: xmp333@yahoo.co m
| Message-ID: <4a0da86b.04021 60725.11462a4b@ posting.google. com>
(no References header)

According to the quotes, beside others, it was replied to with

| From: Randy Webb <hikksnotathome @aol.com>
| Message-ID: <Ao-dndO9Rb2p0KzdRV n-ug@comcast.com>
| References: <4a0da86b.04021 60725.11462a4b@ posting.google. com>

and

| From: "Richard Cornford" <Richard@litote s.demon.co.uk>
| Message-ID: <c0qq5p$h0h$1$8 302bc10@news.de mon.co.uk>
| References: <4a0da86b.04021 60725.11462a4b@ posting.google. com>

and

| From: StanD <StanD.11r18o@m ail.forum4desig ners.com>
| Message-ID: <StanD.11r18o@m ail.forum4desig ners.com>
| References: <4a0da86b.04021 60725.11462a4b@ posting.google. com>
| <c0qq5p$h0h$1$8 302bc10@news.de mon.co.uk>
| <403101d9$0$567 $e4fe514c@news. xs4all.nl>
| <Ao-dndO9Rb2p0KzdRV n-ug@comcast.com>
(no word-wrap!)

which you replied to with

| From: "Richard Cornford" <Richard@litote s.demon.co.uk>
| Message-ID: <c0s1v9$1td$1$8 300dec7@news.de mon.co.uk>
| References: <4a0da86b.04021 60725.11462a4b@ posting.google. com>
| <c0qq5p$h0h$1$8 302bc10@news.de mon.co.uk>
| <403101d9$0$567 $e4fe514c@news. xs4all.nl>
| <Ao-dndO9Rb2p0KzdRV n-ug@comcast.com>
| <StanD.11r18o@m ail.forum4desig ners.com>
(no word-wrap either)

In the above posting, you stated that

| [StanD's] posting software appears to exhibiting faulty behaviour in
| its handling of the "References " header in [StanD's] postings.

which I have come to recognize as truth, and

| It has sent (split across lines at the location of spaces to avoid
| uncontrolled wrapping):-

which is wrong anyway. Now, on closer inspection, I fail to observe
wrapped References here, so it is likely that your news client software
does this by default (which is perfectly OK, nevertheless it makes the
above statement wrong). See also Google Groups where there is no
wrapping either:



(But that is only for the records.)

| References: <4a0da86b.04021 60725.11462a4b@ posting.google. com>
| <c0qq5p$h0h$1$8 302bc10@news.de mon.co.uk>
| <403101d9$0$567 $e4fe514c@news. xs4all.nl>
| <Ao-dndO9Rb2p0KzdRV n-ug@comcast.com>

And then you cited from the RFC (I think I already know pretty well).
So I, indeed, falsely assumed that with the RFC quote and your trailing
comments you only try to prove that it is not standards-compliant to
wrap References. Alas, I overlooked that you also wrote:

| And if intended to be a response to any of the other contributors to
| date would be only the References header from that "original message"
| (singular) followed with a space and the message ID of that message.

(please note that English is not my native tongue) and thus I correctly
argued (but there was nothing to argue for in this context, since there
was in fact no dissent about it) that wrapped References are in fact
standards-compliant. *I am sorry, my bad.*

So let us be this a draw, OK? If you would have argued more exactly for
what you were trying to prove (and, ex post facto, not assumed that your
client software leaves the References formatting unchanged) and if I
would have taken more care in reading your postings (and, ex post facto,
all headers involved), this misunderstandin g would most certainly not
have arised in the first place.

JFTR: The References header quoted above is in fact incorrect, but
not for its wrapped M-IDs (formatting) but for its wrong order and
occurrences of M-IDs (structure). The web interface used for posting
(www.Forum4designers.com gateway) is malfunctioning, I think neither
of our news client software is in this regard. (But note that my
software nevertheless displayed the forum4designers .com posting as
followup to the OP, as it was intended :-) Randy may find this
interesting, as he is also using a mozilla.org product, but of an
earlier release version.)


\V/ Live long and prosper

PointedEars

Re: [OT] Clarification of References issue (was: JavaScript in Password Protected Folder?)

Thomas 'PointedEars' Lahn wrote:
<snip>[color=blue]
> In the above posting, you stated that
>
>| [StanD's] posting software appears to exhibiting faulty behaviour
>| in its handling of the "References " header in [StanD's] postings.
>
> which I have come to recognize as truth, and
>
>| It has sent (split across lines at the location of spaces to avoid
>| uncontrolled wrapping):-
>
> which is wrong anyway. Now, on closer inspection, I fail to observe
> wrapped References here, so it is likely that your news client
> software does this by default (which is perfectly OK, nevertheless
> it makes the above statement wrong). ...[/color]
<snip>

That is probably the origin of your misconception. My statement was
intended to indicate that I had wrapped the reported header, and explain
how I had gone about it (replacing spaces with newlines). I wrapped it
myself because I knew that my newsreader would attempt to wrap it a 72
characters if I did not, and I did not want it splitting the message IDs
as they were important to the point I was attempting to make.

<snip>[color=blue]
> (please note that English is not my native tongue) ...[/color]
<snip>

Fair enough. Though accompanying your assertion of nonsense with an
explanation of why you thought it nonsense would have allowed me to
explain that than wrapping of the header (or lack thereof) was not the
issue.
[color=blue]
> ... . The web interface used for posting
> (www.Forum4designers.com gateway) is malfunctioning,[/color]

They claim to have fixed it. Time will tell. But forum4designers are not
the only site out there using this software so it will be a recurring
problem for a while yet even if forum4designers ' version is now working
properly.
[color=blue]
> I think neither of our news client software is in this
> regard. (But note that my software nevertheless displayed
> the forum4designers .com posting as followup to the OP,
> as it was intended :-) Randy may find this interesting, as
> he is also using a mozilla.org product, but of an earlier
> release version.)[/color]

Given the 4 possible places in the thread that the message could have
been inserted by a newsreader, I could see three likely possibilities:
Recognising that the header was meaningless and placing the response as
a reply to the OP. Recognising an initial sequence of OP then my reply,
then giving up when the chain came to an end and placing it as a reply
to me. Or, working back from the end and placing the message as a reply
to Randy. All seem reasonable ways of handling a header malformed in
that way.

It all goes to show what sort of wrong thinking there is in the minds of
the authors of the posting software, who seem to think that an
unthreaded web forum style interface can be sensibly integrated with
Usenet.

Richard.

Re: JavaScript in Password Protected Folder?

> Java is the only other possibility that I can see, but I have no idea[color=blue]
> of its future -- especially on the Windows platform.[/color]

You can download the Java runtime for free from Sun.

[color=blue]
> Furthermore,
> since this application is targeted towards end users, I don't want
> people to have to go through any hassle to run it -- and this includes
> installing additional components.[/color]

This is true.

I read where Microsoft was planning in the future to ship the Sun
runtime library with some future version of Windows. I think I read it
in the papers. I couldn't find a reference to this on the Microsoft
web site. Could have been a legal dodge.
[color=blue]
>
> Oh well, if it weren't a challenge, it wouldn't be fun :D[/color]


You could patent anything new or somewhat new.
[color=blue]
>
>[color=green]
> > Brian[/color]
>
>
> Thanks.[/color]