- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Achtung - I Bin Frist Berliner
Admin
Does Java even allow this to compile (I don't normally use Java)? I thought that 'Microsoft Internet Explorer' would throw an exception since ' is reserved for chars not strings.
Admin
In JavaScript (which is generally interpreted, not compiled, btw.) both " and ' can be used to delimit strings. In JavaScript, chars are not seperate types, but simply strings with length 1, so there is no reason to distinguish between strings and chars.
Admin
It's JavaScript of course, so it doesn't compile anyway.
Admin
Most JavaScript runtimes do compile the code, these days. JIT compilation, but still compiled. It's interpreted in the same way that MSIL is interpreted.
Admin
The best bit is the condition which starts:
Or perhaps they’re already ready for quantum computing, where the key code can be 8 and 18 simultaneously?
Admin
This comment is TRWTF
Admin
LMAO. Schrödinger's "event.keyCode"
Admin
So, to fix it, Wladimir installed Firefox or Chrome for his father?
Admin
I wonder what they would have coded for Lynx.
Admin
[quote]The jury's still out as to whether or not this contributes to the overall quality of the site, but rest assured Netscape fans, you are not forgotten.[/b]
Let's work on our punctuation, shall we?
Admin
Wladimir Palant is btw notable for being the developer of the Adblock Plus extension: http://adblockplus.org/en/
Admin
bigger article 'bout the same bank (GERMAN) http://www.infogurke.de/2010/07/erfahrungen-mit-bank-of-scotland/
Admin
Other WTFs to those not familiar with JS:
event/e object is just data about the event. Setting properties on it has no effect outside of the event handler AFAIK, other event handlers will receive a fresh, new event object without the changed data. Only exception is event object has functions on it which do affect how the event is processed after this handler.
Other than that... this is actually somewhat standard JS afaik for blocking certain keys from triggering standard browser actions. They could certainly write it better to work on all browsers (sniff based on event object presence and properties, not on app name).
But they probably are being a little overzealous on the key blocking. 8 is the key code for the TAB key, which switches keyboard input between form fields, and you probably shouldn't block it for keyboard navigation/accessibility.
Admin
Admin
TRWTF is that event is undefined in this function. They named the parameter e.
e is only used in "else if (navigator.appName == 'Netscape')".
Thank the coder for cut/paste.
Admin
Admin
I really like the function above that one in the js file:
function returnFalse () {return false;}
Why just use false, when you can returnFalse()?
Admin
Unless IE is more messed up than I think it is, 8 is backspace. 9 is tab.
Admin
Admin
Event isn't undefined. All browsers (minus IE) use the first argument as the event object. IE uses window.event, which is the last pushed event.
Admin
Admin
TRWTF is the Bank of Scotland using German text? Ach, laddie! This canna be troo!
Admin
Judging by the comments and disagreement so far about how JavaScript behaves or doesn't behave in certain browsers, once again, it must be said - TRWTF is JavaScript. But I guess it still beats flash.
Admin
Of course the code tests for equality not substring. Not that we were running short on WTFs today, but one must save up for potential lean times ahead.
captcha: augue ... a fever that portends ill
Admin
Apparantly they have some German speaking customers, considering the existence of www-dot-bankofscotland-dot-de (Bad akismet slap. Enterily relevant stuff, here).
Admin
This bit is not bad, either:
if ((event.altKey) && (event.srcElement.tagName == "INPUT")) { } if ((event.keyCode == 96) || (event.keyCode == 97) || (event.keyCode == 98)) { } if ...missing some else statements, perhaps?
Admin
There, fixed it.
Admin
However, the ones who choose to use Netscape are expected to cope with an error message in English.
Admin
There is some more work to be done here. I see quite a few return falses in the code. These should all be rewritten: return returnFalse();
Of course there are also return trues, hence a new function
function returnTrue() {return true;}with usage: return returnTrue();
Of course, this is horrible practice, because it should be refactored to a single function:
function returnTrueOrFalseOrSomethingElse(bool) { try{ returnTrueOrFalse( (bool)?bool:false); } catch(e) { return (bool)?bool:false; }and we can use it like this both as a return value or as an parameter-less event handler.
I suppose all that recursion makes the function robust enough that it can be used a general-purpose returner function, so all stupid usages like return returnValue; can be replaced with return returnTrueOrFalseOrSomethingElse(returnvalue);
C programmers of course would just overload return.
Admin
from google translate:
The selected action can not be executed. Please use the navigation at your online banking division
Admin
That's a little unreasonable. Irrational differences in how browsers invoke Javascript functions are not the fault of Javascript, any more than rendering quirks are the fault of the graphics subsystem.
And most of the Javascript WTFs result from letting idiots write code. Just like every other language ...
Admin
Have Mozilla yet fixed the Alt-S for submit form rather than history yet?
Admin
Don't blame the language for the sins of the browser wars and piss poor browser/DOM integration. That's not the language's fault, it's Microsoft's fault. And Netscape's too.
It'd be great if we could get browser vendors to agree on a DOM, event, and parameter passing standard; and to cut all the old spaghetti code and make some rational sense of it all. But that'd break the web and browsers would have to provide backwards compatibility modes and things would only get worse. Better to use a library that abstracts all that away and let's you focus on using JS in all its glory (well it does have some) to write your app.
Admin
Admin
Let's work on our tag matching, shall we? (quote != b)
Muphry's Law strikes again.
Admin
It's a property in the Schrödinger.event .NET assembly.
Admin
This site really is horrible. If I hit the Enter key (in Opera) after entering name and password or the answer to the security question, I get the "400 - Bad request" error page. I have to grab the mouse and click the button instead.
Not surprising after seeing the code...
Admin
I don't think so.
I'm afraid you are very, very confused. It is my computer. Not yours. N-O-T Y-O-U-R C-O-M-P-U-T-E-R. Can you hear me yet?
There's a reason humans invented language. Not everything can be expressed by pointing and grunting. And even if it could, language is so much more efficient for those who can be bothered to learn it. And despite what the "usability" crapspewers insist, most everyone can learn language.
You can have my keyboard when you pry it from my cold dead fingers, fuckyouverymuch.
This is why I do not give permission for random asshats to take control of my browser.
You forgot to disable my shotgun while you were at it.
Do the world a favor and die. Please just die already. Yes I really mean it.
Admin
Seriously, if after about 17 years of Internet a developer - regardless of when they started calling themselves one - hasn't touched HTML (and, with it, JavaScript; and then some), please step away from the fucking computer.
Admin
Personally, I'm partial to this, because, you know, maybe event.keyCode will change when the if statement is evaluated...
if (event.keyCode == 8) { if ((event.keyCode == 8) && (event.srcElement.tagName != "INPUT")) { ... }Admin
There is precedent for not allowing you to have full control of your property when it is visiting the property of others, i.e. you may be stopped and/or removed from your vehicle if you are driving it through the 2nd floor of your local mall.
You can take your over reactions and your handy-dandy keyboard shortcuts to some other bank.
Admin
I don'y dirty my hands with javascript, but isn't this the sort of code you would need to write to capture shift-tab and the like?
Of course, trwtf is disabling keyboard navigation.
Admin
You may not be aware of it, but not all is Internet in IT. I've been writing programs for 30 years and still didn't have to touch HTML, believe it or not. Nothing wrong with the internet, but IT is more than websites.
Admin
Admin
Aaaaagh! That's... appalling, but it isn't even the worst thing about the Bank of Scotland's online system. A while ago, I had to reset my security information, a step which looked like a fairly innocuous "set up security question/answers" page - but I absolutely couldn't convince the form to submit...
You had to select three security questions from pick lists (what is your mother's maiden name, what was the make and model of your first car, and so on), and then type in an entirely custom question and answer for the fourth one. It was the custom question field that seemed to be the problem - all the other fields appeared to be all right, and I only ever got an unhelpful "Please set: Your own choice of question" error message when I tried to submit the form. So I initially thought that some overengineered security check was marking my question as being too common, or not forming a sentence it could parse, or something of equal silliness.
But then I tore into the Javascript of the page, and realized that their question field was subject to the same validation check as the rest of the fields - you can have no spaces or special characters in your question (such as, fairly importantly, a question mark), or it won't be accepted. Once I pared my question down to "whatisyourfavouritecolour", I could finally get through.
I have to wonder if they didn't notice a sharp drop in the number of online accounts being created...
Admin
In a word, no.
The only purpose served by code such as this is to use up processor cycles making tests that can never be satisfied.
Admin
In case the value of false ever changes, you only have to change it in one place.
Admin
Admin
var willValueOfFalseEverChange = returnFalse();