Comment On Bulletproof JavaScript Detection

if(!isFirstComment()){
location.href="wtf.htm";
}

That must be the very definition of facepalm code.

if(!user_owns_a_computer()) return false;
return true;

Wow, I don't normally comment, but that made me say "W T F" (as separate letters!) out loud...

aggle-rithm:

if(!user_owns_a_computer()) return false;
return true;

Oops, I just realized this is badly flawed code. Should be:

return using_a_computer();

Implementation:

function using_a_computer()
{
switch(get_hardware_type())
{
case(COMPUTER) return true;
case(MICROWAVE) return false;
case(ANSWERING_MACHINE) return false;
case(BATTERY_OPERATED_MARITAL_AID) return false;
}
}

No, I'm not giving you the implementation for get_hardware_type(). Do I have to do everything?

Schodinger-Oriented Programming

(CAPTCHA:appellatio. Who is going to protect us?)

I suppose this is the Web 2.0 reinvention of <noscript>.

aggle-rithm:

aggle-rithm:

if(!user_owns_a_computer()) return false;
return true;

Oops, I just realized this is badly flawed code. Should be:

return using_a_computer();

Implementation:

function using_a_computer()
{
switch(get_hardware_type())
{
case(COMPUTER) return true;
case(MICROWAVE) return false;
case(ANSWERING_MACHINE) return false;
case(BATTERY_OPERATED_MARITAL_AID) return false;
}
}

No, I'm not giving you the implementation for get_hardware_type(). Do I have to do everything?

Your code submission lacks (A) the critical "FOR CASE" construct
(B) the following "computer equipment" type case:

case(WOODEN_TABLE) return FILE_NOT_FOUND;

Please correct deficiencies and re-submit for code re-audit per Consolidated Process Work Instructions SWE-15893-122, QE-5613-123, and VTE-1348-992 within 5 working days to avoid implementation scheduling variance.

function validateSettings(){
if(!javascriptEnabled()){
// << Armageddon here if user enables javascript just in time
location.href="no_js.htm";
}
}

This somehow reminds me of Quietust's signature (no, not signature guy, the one about the note).

1) They appear on thedailywtf.com

10) They appear on thedailywtf.com, because they made a wtf failure.

mxx:

This somehow reminds me of Quietust's signature (no, not signature guy, the one about the note).

For the benefit of others, that would be "P.S. If you don't get this note, let me know and I'll write you another." (which is a quote from a The Three Stooges short).

Original dev: "Well, it works on my computer!"

Javascript, motherf*cker! Do you speak it?

There really is only one answer

DOA:

That must be the very definition of facepalm code.

It reminds me of a time when email went down at a reasonably large company I used to work for. We were told to log off our email clients and wait until further notice to log back in -- or we'd wreck the system and end life on earth.

Much later in the day, we received word from the boss that it was ok to check email again and found a message from the admins that said something like "email works now. you can log back in. kthx".

Omg... ontzettende prutsers.

What's the most disturbing, that junior dev was never checked on, or that senior dev codes like that?

ih8u:

DOA:

That must be the very definition of facepalm code.

It reminds me of a time when email went down at a reasonably large company I used to work for. We were told to log off our email clients and wait until further notice to log back in -- or we'd wreck the system and end life on earth.

Much later in the day, we received word from the boss that it was ok to check email again and found a message from the admins that said something like "email works now. you can log back in. kthx".

Here we send and email, alert the receiver by SMS, ICQ them to check their phone and walk by to tell them they're wanted on ICQ. Just in case some medium fails.

So this is why the stock market crashed

I can't decide whether I should comment on this WTF or knock myself unconscious over it.

So, if you don't see this comment, I've chosen the latter, so please call an ambulance.

http://www.eeggs.com/items/15121.html

#include <stdio.h> 

#include <be/kernel/OS.h> 



int main() 

{ 

    printf("%f\n", is_computer_on()); 

    printf("%i\n", is_computer_on_fire()); 

}

Friendly Neighborhood QA:

Your code submission lacks (A) the critical "FOR CASE" construct
(B) the following "computer equipment" type case:

case(WOODEN_TABLE) return FILE_NOT_FOUND;

Please correct deficiencies and re-submit for code re-audit per Consolidated Process Work Instructions SWE-15893-122, QE-5613-123, and VTE-1348-992 within 5 working days to avoid implementation scheduling variance.

Your rejection of my code has been rejected.

If you would like to appeal this rejection, please fill out form 1080SWBS9 and file it under "Q" in the file cabinet of your choice.

Thank you.

BeOS easter eggs:

http://www.eeggs.com/items/15121.html

#include <stdio.h> 

#include <be/kernel/OS.h> 



int main() 

{ 

    printf("%f\n", is_computer_on()); 

    printf("%i\n", is_computer_on_fire()); 

}

This is exactly the sort of code I dream about at night.

Night after night.

Sometimes, I wish I could have my old brain back...

kalleguld:

Javascript, motherf*cker! Do you speak it?

Quoted for awesomeness.

so what is a good way to check for JS detection...

Hmmm.

I don't see what the problem is.

If Javascript is not enabled then the function won't operate. Thus success!

Sooooo. What's yer problem then?

*LAUGH*

*headdesk*

Erm... Don't do it. Graceful degradation / progressive enhancement FTW

The simplest way is to present the non-javascript version and turn on javascript functionality using javascript. If the javascript page is very different you may redirect the user with javascript.

The best way is to make sure that the page works without javascript so you don't really care if the user has javascript enabled or not.

<noscript>
<script type="text/javascript">
location.href = 'no_js.htm';
</script>
</noscript>

... obviously.

Heh, well, it didn't make it past me into general testing, but I had something similar here.

The developers were using JavaScript to hide the "You must enable Javascript" message, but the users were complaining that the message would sometimes flash on screen as the page loaded.

So what did the developers do? Flip the logic of course (to use Javascript to make the message appear if Javascript was turned off).

More disturbing (yes, it gets worse) is that I suggested using <noscript> BEFORE they made the change, and again afterwards... but it took 2 more tries for them to actually listen. All of which was, of course, after I had to convince my boss that the <noscript> tag wasn't some kind of personal hack that was just an excuse for an ego trip for me.

Disclaimer: I wrote none of this code, nor was I around when it was written. Nor will I be around for more fun and games after I leave for greener (and saner) pastures on Friday.

Brompot:

Here we send and email, alert the receiver by SMS, ICQ them to check their phone and walk by to tell them they're wanted on ICQ. Just in case some medium fails.

ICQ? Is it still 1999 where you work?

DeLos:

so what is a good way to check for JS detection...

Have the default version be the Javascript disabled and then have a <script> tag that redirects the browser to the Javascript enabled version.

<script>
window.location = "http://www.myuglywebsite.com/js_enabled.php";
</script>

If Javascript = off then you're ok.

If Javascript = on then the browser gets redirected.

*shrug* that's what I know. Is there a better method?

Edward Royce:

DeLos:

so what is a good way to check for JS detection...

Have the default version be the Javascript disabled and then have a <script> tag that redirects the browser to the Javascript enabled version.

<script>
window.location = "http://www.myuglywebsite.com/js_enabled.php";
</script>

If Javascript = off then you're ok.

If Javascript = on then the browser gets redirected.

*shrug* that's what I know. Is there a better method?

For those who have missed the references.

The <noscript> tag. Content inside this tag is only shown if JavaScript is turned off or if the browser does not support it.

http://www.w3schools.com/TAGS/tag_noscript.asp

JuanCarlosII:

<noscript>
<script type="text/javascript">
location.href = 'no_js.htm';
</script>
</noscript>

... obviously.

Ouch, almost wrote a serious reply to that one. I did try to add a method to unset the content attribute in a meta tag, but it that doesn't work as the browser's already started the timer to refresh/redirect the page (even if I extend the delay).

<meta id='metaRefresh' http-equiv='refresh' content='1;url=http://www.google.com' />
<script type='text/javascript'>//<![CDATA[
document.getElementById('metaRefresh').content = null;
//]]></script>

Removing the tag from the head doesn't work either.

Leo:

Brompot:

Here we send and email, alert the receiver by SMS, ICQ them to check their phone and walk by to tell them they're wanted on ICQ. Just in case some medium fails.

ICQ? Is it still 1999 where you work?

We love ICQ here in Russia, and use it widely :)

FriedDan:

Edward Royce:

DeLos:

so what is a good way to check for JS detection...

Have the default version be the Javascript disabled and then have a <script> tag that redirects the browser to the Javascript enabled version.

<script>
window.location = "http://www.myuglywebsite.com/js_enabled.php";
</script>

If Javascript = off then you're ok.

If Javascript = on then the browser gets redirected.

*shrug* that's what I know. Is there a better method?

For those who have missed the references.

The <noscript> tag. Content inside this tag is only shown if JavaScript is turned off or if the browser does not support it.

http://www.w3schools.com/TAGS/tag_noscript.asp

But it's not the way management wanted it. How are you going to explain to your starving children that there's no food as daddy ignored his superiors.

John:

JuanCarlosII:

<noscript>
<script type="text/javascript">
location.href = 'no_js.htm';
</script>
</noscript>

... obviously.

Ouch, almost wrote a serious reply to that one. I did try to add a method to unset the content attribute in a meta tag, but it that doesn't work as the browser's already started the timer to refresh/redirect the page (even if I extend the delay).

<meta id='metaRefresh' http-equiv='refresh' content='1;url=http://www.google.com' />
<script type='text/javascript'>//<![CDATA[
document.getElementById('metaRefresh').content = null;
//]]></script>

Removing the tag from the head doesn't work either.

I guess someone has been missing out on classic articles.

Sashlik:

Leo:

Brompot:

Here we send and email, alert the receiver by SMS, ICQ them to check their phone and walk by to tell them they're wanted on ICQ. Just in case some medium fails.

ICQ? Is it still 1999 where you work?

We love ICQ here in Russia, and use it widely :)

In Soviet Russia, you don't seek me, ICQ!


I'll be here all week, try the veal.

John:

FriedDan:

For those who have missed the references.

The <noscript> tag. Content inside this tag is only shown if JavaScript is turned off or if the browser does not support it.

http://www.w3schools.com/TAGS/tag_noscript.asp

But it's not the way management wanted it. How are you going to explain to your starving children that there's no food as daddy ignored his superiors.

I dunno, even my "superior" caved after the developers screwed it up a few times.

And then there's the added bonus of telling the "superior" that he has to explain to his boss about that pesky 2 weeks notice that helps a lot.

Sashlik:

Leo:

ICQ? Is it still 1999 where you work?

We love ICQ here in Russia, and use it widely :)

Nope, here in Russia we hate ICQ, it blocks alternative open-source clients and russian IP.
Now we switching to jabber, including Google Talk.

Beldar the Phantom Replier:

John:

JuanCarlosII:

<noscript>
<script type="text/javascript">
location.href = 'no_js.htm';
</script>
</noscript>

... obviously.

Ouch, almost wrote a serious reply to that one. I did try to add a method to unset the content attribute in a meta tag, but it that doesn't work as the browser's already started the timer to refresh/redirect the page (even if I extend the delay).

<meta id='metaRefresh' http-equiv='refresh' content='1;url=http://www.google.com' />
<script type='text/javascript'>//<![CDATA[
document.getElementById('metaRefresh').content = null;
//]]></script>

Removing the tag from the head doesn't work either.

I guess someone has been missing out on classic articles.

Hmm, I'd forgotten about that one. If that's a reference to my solution being overcomplicated, I disagree. It was the first solution I came up with that allowed the page to be redirected when Javascript is disabled.

Other methods are:
Redirecting to a page when javascript is enabled: not ideal because the majority of users enable javacript (as long as we're talking about a non-techie website).

Using javascript to overwrite an element describing why javascript is needed can cause an annoying flicker when the page is loading, so again not ideal.

That said, most my pages use javascript, but will still work if javascript is disabled as the effects are replicated by a post or get. Bit tedious but does mean the site is fast for javascript lovers and works for javascript haters.

This WTF wins the intertubes.

aggle-rithm:

case(BATTERY_OPERATED_MARITAL_AID) return false;

Wouldn't that more accurately be, BATTERY_OPERATED_BACHELORETTE_AID?

Code Dependent:

aggle-rithm:

case(BATTERY_OPERATED_MARITAL_AID) return false;

Wouldn't that more accurately be, BATTERY_OPERATED_BACHELORETTE_AID?

Someone's never been married for 5+ years...

Gems like this make it easy for me to brush off the stigmas surronding VB. When it comes to code quality, which language is used seems significantly less important than the skill of the developers using them ;-)

<%
/**
* a bulletproof test for the presence of a running computer
* NOTE: also requires a browser, a connection to the Apache instance, and a user.
**/
function UsingComputer()
{
return true;
}

switch (UsingComputer)
{
case true:
echo 'congratulations, you appear to be using a computer';
break;
default:
echo 'oh dear, for this code to run you need a computer';
break;
}
%>

Well.

"Redirecting to a page when javascript is enabled: not ideal because the majority of users enable javacript (as long as we're talking about a non-techie website). "

Sure it's not ideal. What would be ideal is if the browser reported to the server in a variable the state of Javascript on/off and perhaps a type or version number or some such thing.

Frankly the whole issue of Javascript on/off, issues with differences in functions, objects, DOM and other bullcrap makes writing web apps annoying at best and vastly irritating at worst.

No wonder so many people are doing sites in flash.

justsomedude:

Gems like this make it easy for me to brush off the stigmas surronding VB. When it comes to code quality, which language is used seems significantly less important than the skill of the developers using them ;-)

Hell if you think this stuff is amusing you see Google the fools who want to use Javascript as their language for doing -server side- coding.

*shrug* what can I say.

Code Dependent:

aggle-rithm:

case(BATTERY_OPERATED_MARITAL_AID) return false;

Wouldn't that more accurately be, BATTERY_OPERATED_BACHELORETTE_AID?

I thought that was a typo - battery operated nunchakas!!