Tag Archives: Javascript

Infinite Recursion Loops In Javascript.

It would seem according to this article https://bugzilla.mozilla.org/show_bug.cgi?id=682793 that under certain conditions i.e. having Firebug (in this case) installed while traversing a page that contains an infinite recursion loop in Javascript has been problematic for Firefox since about 2011. I haven’t really looked into it but it may be one of these kinds of situations where it gets patched and then something changes and then it bugs out again which is common with all software. Anyway,that is neither here nor there but I have an example of an infinite recursion in Javascript.

Bugs are cool because it’s always the combination of one thing plus another thing and then maybe one more thing, that causes the issue. The unexpected.. it’s always usually 😉 the unexpected stuff where things get trippy. Here is a really good example of that (Firefox + Firebug + Infinite Recursion Loop in Javascript)

Here is the error that gets thrown.
InternalError: too much recursion

Here is an infinite recursion loop. It’s very simple. Create a function then as part of the function call the function again. It will cascade into a series of never ending function calls.

var Russell_Rockefeller = {
job: “unemployed software tester”,
married: true,
speak: function(mood) {
console.log(“Hello, I am feeling” + “” + russ.speak());
}
};

russ.speak(“great”);
russ.speak(“just okay”);
// borrowed and modified from codeacademy.com where I originally caused the problem.

Linux – Secure Email Unsubscribe Form.

This is a secure unsubscribe form that is resistant to injection type attacks and other vectors. It should be set up behind a valid SSL certificate, in a hardened server environment.

I. Testing Environment

  1. Download VMware player for windows from http://www.vmware.com/download/player/download.html and install it

Install it following on screen instructions.

  1. Download LAMP Virtual Machine from TurnkeyLinux.com using one of the following links:

http://www.turnkeylinux.org/download?file=turnkey-lamp-12.1-squeeze-amd64-vmdk.zip

or

http://sourceforge.net/projects/turnkeylinux/files/vmdk/turnkey-lamp-12.1-squeeze-amd64-vmdk.zip/download?use_mirror=iweb

Unzip it and double click the file: turnkey-lamp-12.1-squeeze-amd64.vmx

  1. The Virtual machine will start and ask for some options such as root password, mysql root password etc

Once finished your computer will have running a lamp virtual machine

record the network parameters that the installation wizard gives so you can access the virtual machine.

II. Installing the scripts

Log into your VM machine pointing your browser to the IP address given by the installation wizard in this example is 192.168.147.138. NOTE: in order for the Webmin interface to work you need Java Run time environment (JRE) installed and enabled in the computer that will access the VM machine remotely
Image and video hosting by TinyPic

Click on Webmin to access the login screen
Image and video hosting by TinyPic

Username is root and the password the one you setup when installing the VM, click on login
Once inside Webmin click Tools->File Manager
Image and video hosting by TinyPic

If a window appears titled “Java Update Needed” please select the option “Later”
If a security warning window appears press “Continue”
Now you will need to upload the following files to the Virtual Machine in /var/www that is the root of the webserver.
• home.html
• filter.js
• filter.php
• form-style.css
• unsubscribe.log
• unsubscribe.txt
NOTE: You can also create a directory under /var/www and install the same files but keep in mind the name of the folder in order to access the scripts, if you choose to do so just keep all the files in the same folder/directory. To upload use upload button in the file manager
Image and video hosting by TinyPic

or using the menu from the webmin interface Tools->Upload and Download

The files must have the following permissions and ownership

III. File permissions and ownership

  1. home.html, filter.js, filter.php and form style.css must be owned by root and belong to root group
  2. unsubscribe.log and unsubscribe.txt must be owned by the user that executes the webserver in this case www-data and group www-data, in other platforms the user is nobody
  3. The file permission for all the files must be 644 or rw-r-r

To change verify the ownership and permissions open a command console either from the main webpage of the turnkey VM interface or using ssh

Logout form Webmin

enter the IP address of the webserver in this case 192.168.147.138
Image and video hosting by TinyPic

You will receive the following screen
Image and video hosting by TinyPic

Enter user root and your password
Now enter the following commands:
cd /var/www
ls -la
You will have an output very similar to this:
Image and video hosting by TinyPic

if the ownership is not the correct you can fix it by executing the following command
chown root:root FILE
where FILE is one of the following: home.html, filter.js, filter.php or form style.css files
For unsubscribe.txt and unsubscribe.log you can execute:
chown www-data:www-data unsusbscribe.*
If the files unsubscribe.log and unsubscribe.txt are not present you can create them with the following commands:
touch unsubscribe.log
touch unsubscribe.txt
chown root:root FILE
where FILE is one of the following: home.html, filter.js, filter.php or form style.css files and
chown www-data:www-data unsusbscribe.*
chmod 644 FILE
Where FILE is each name of the files that belong to the script.
IV. Installing in production environment
The production environment could be different than the one for test but the following points must be observed
1. All the files must be in the same directory
2. The file permissions must be 644 or rw-r-r
3. The ownership must follow the guidelines described in the section III “File Permissions and ownership”

HTML Form
Copy and paste the code to home.html

<!DOCTYPE html> <html lang=”en“> <head> <meta charset=”utf-8“> <title>Unsubscribe email</title> <link rel=’stylesheethref=’form-style.csstype=’text/css‘ /> </head> <body onload=’document.form1.text1.focus()‘> <div class=”mail“> <h2>Input an email and Submit</h2> <form name=”form1action=”filter.phpmethod=”post“> <ul> <li><input type=’textname=’text1‘/></li> <li>&nbsp;</li> <li class=”submit“><input type=”submitname=”submitvalue=”Submitonclick=”return ValidateEmail(document.form1.text1)“/></li> <li>&nbsp;</li> </ul> </form> </div> <script src=”filter.js“></script> </body> </html>

CSS
Copy and paste to form-style.css
li {list-style-type: none;
font-size: 16pt;
}
.mail {
margin: auto;
padding-top: 10px;
padding-bottom: 10px;
width: 470px;
background : #e9b663;
border: 1px soild silver;
}
.mail h2 {
margin-left: 38px;
}
input {
font-size: 20pt;
}
input:focus, textarea:focus{
background-color: lightyellow;
}
input submit {
font-size: 12pt;
}
.rq {
color: #FF0000;
font-size: 10pt;
}

Filter.php
Copy and paste to filter.php

<?php
//error_reporting(E_ALL); ini_set(‘display_errors’,’1′);

$errors = ”;
$email_address = $_POST[‘text1’];
if (preg_match(“/^(?=.{6,45}$)[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i”,$email_address))
{
$mylist = “unsubscribe.txt”;
$fh = fopen($mylist, ‘a’) or die(“can’t open file”);
$stringData = $email_address . “\n”;
fwrite($fh, $stringData);
fclose($fh);
echo “Thanks! Your email ” . $email_address . ” will be removed from our lists\n”;
}
else
{

$errors .= “\n Error: Invalid email address”;
$mylog = “unsubscribe.log”;
$flh = fopen($mylog, ‘a’) or die(“can’t open file”);
$stringlogData = $errors;
fwrite($flh, $stringlogData);
fclose($flh);
echo “Sorry, but yor email ” . $email_address . ” is an invalid email address\n”;

}

?>

filter.js
Copy and Paste to filter.js

function ValidateEmail(inputText)
{
var mailformat = /^\w+([\.-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$/;
if(inputText.value.match(mailformat))
{
document.form1.text1.focus();
return true;
}
else
{
alert(“You have entered an invalid email address!”);
document.form1.text1.focus();
return false;
}
}

Author Gregorio Narvaez for Debbie Ridenour, Russell Rockefeller