• Cri (unregistered)

    if(!isFirstComment()){ location.href="wtf.htm"; }

  • (cs)

    That must be the very definition of facepalm code.

  • (cs)

    if(!user_owns_a_computer()) return false; return true;

  • Jon (unregistered)

    Wow, I don't normally comment, but that made me say "W T F" (as separate letters!) out loud...

  • (cs) in reply to aggle-rithm
    aggle-rithm:
    if(!user_owns_a_computer()) return false; return true;

    Oops, I just realized this is badly flawed code. Should be:

    return using_a_computer();

    Implementation:

    function using_a_computer() { switch(get_hardware_type()) { case(COMPUTER) return true; case(MICROWAVE) return false; case(ANSWERING_MACHINE) return false; case(BATTERY_OPERATED_MARITAL_AID) return false; } }

    No, I'm not giving you the implementation for get_hardware_type(). Do I have to do everything?

  • Not THAT Alex (unregistered)

    Schodinger-Oriented Programming

    (CAPTCHA:appellatio. Who is going to protect us?)

  • Shipment of Fail (unregistered)

    I suppose this is the Web 2.0 reinvention of <noscript>.

  • Friendly Neighborhood QA (unregistered) in reply to aggle-rithm
    aggle-rithm:
    aggle-rithm:
    if(!user_owns_a_computer()) return false; return true;

    Oops, I just realized this is badly flawed code. Should be:

    return using_a_computer();

    Implementation:

    function using_a_computer() { switch(get_hardware_type()) { case(COMPUTER) return true; case(MICROWAVE) return false; case(ANSWERING_MACHINE) return false; case(BATTERY_OPERATED_MARITAL_AID) return false; } }

    No, I'm not giving you the implementation for get_hardware_type(). Do I have to do everything?

    Your code submission lacks (A) the critical "FOR CASE" construct (B) the following "computer equipment" type case:

    case(WOODEN_TABLE) return FILE_NOT_FOUND;
    

    Please correct deficiencies and re-submit for code re-audit per Consolidated Process Work Instructions SWE-15893-122, QE-5613-123, and VTE-1348-992 within 5 working days to avoid implementation scheduling variance.

  • Another Andrew (unregistered)

    function validateSettings(){ if(!javascriptEnabled()){ // << Armageddon here if user enables javascript just in time location.href="no_js.htm"; } }

  • (cs)

    This somehow reminds me of Quietust's signature (no, not signature guy, the one about the note).

  • Tempura (unregistered)
    1. They appear on thedailywtf.com

    2. They appear on thedailywtf.com, because they made a wtf failure.

  • (cs) in reply to mxx
    mxx:
    This somehow reminds me of Quietust's signature (no, not signature guy, the one about the note).

    For the benefit of others, that would be "P.S. If you don't get this note, let me know and I'll write you another." (which is a quote from a The Three Stooges short).

  • Osno (unregistered)

    Original dev: "Well, it works on my computer!"

  • kalleguld (unregistered)
    Javascript, motherf*cker! Do you speak it?
    There really is only one answer
  • ih8u (unregistered) in reply to DOA
    DOA:
    That must be the very definition of facepalm code.

    It reminds me of a time when email went down at a reasonably large company I used to work for. We were told to log off our email clients and wait until further notice to log back in -- or we'd wreck the system and end life on earth.

    Much later in the day, we received word from the boss that it was ok to check email again and found a message from the admins that said something like "email works now. you can log back in. kthx".

  • Henk (unregistered)

    Omg... ontzettende prutsers.

  • mauhiz (unregistered)

    What's the most disturbing, that junior dev was never checked on, or that senior dev codes like that?

  • Brompot (unregistered) in reply to ih8u
    ih8u:
    DOA:
    That must be the very definition of facepalm code.

    It reminds me of a time when email went down at a reasonably large company I used to work for. We were told to log off our email clients and wait until further notice to log back in -- or we'd wreck the system and end life on earth.

    Much later in the day, we received word from the boss that it was ok to check email again and found a message from the admins that said something like "email works now. you can log back in. kthx".

    Here we send and email, alert the receiver by SMS, ICQ them to check their phone and walk by to tell them they're wanted on ICQ. Just in case some medium fails.

  • jlintz (unregistered)

    So this is why the stock market crashed

  • Devilfish (unregistered)

    I can't decide whether I should comment on this WTF or knock myself unconscious over it.

    So, if you don't see this comment, I've chosen the latter, so please call an ambulance.

  • BeOS easter eggs (unregistered)

    http://www.eeggs.com/items/15121.html

    
    #include <stdio.h> 
    #include <be/kernel/OS.h> 
    
    int main() 
    { 
        printf("%f\n", is_computer_on()); 
        printf("%i\n", is_computer_on_fire()); 
    }
    
  • (cs) in reply to Friendly Neighborhood QA
    Friendly Neighborhood QA:

    Your code submission lacks (A) the critical "FOR CASE" construct (B) the following "computer equipment" type case:

    case(WOODEN_TABLE) return FILE_NOT_FOUND;
    

    Please correct deficiencies and re-submit for code re-audit per Consolidated Process Work Instructions SWE-15893-122, QE-5613-123, and VTE-1348-992 within 5 working days to avoid implementation scheduling variance.

    Your rejection of my code has been rejected.

    If you would like to appeal this rejection, please fill out form 1080SWBS9 and file it under "Q" in the file cabinet of your choice.

    Thank you.

  • (cs) in reply to BeOS easter eggs
    BeOS easter eggs:
    http://www.eeggs.com/items/15121.html
    
    #include <stdio.h> 
    #include <be/kernel/OS.h> 
    
    int main() 
    { 
        printf("%f\n", is_computer_on()); 
        printf("%i\n", is_computer_on_fire()); 
    }
    

    This is exactly the sort of code I dream about at night.

    Night after night.

    Sometimes, I wish I could have my old brain back...

  • (cs) in reply to kalleguld
    kalleguld:
    Javascript, motherf*cker! Do you speak it?
    Quoted for awesomeness.
  • (cs)

    so what is a good way to check for JS detection...

  • Edward Royce (unregistered)

    Hmmm.

    I don't see what the problem is.

    If Javascript is not enabled then the function won't operate. Thus success!

    Sooooo. What's yer problem then?

    LAUGH

  • (cs)

    headdesk

  • Pez (unregistered)

    Erm... Don't do it. Graceful degradation / progressive enhancement FTW

  • Anonymous (unregistered) in reply to DeLos

    The simplest way is to present the non-javascript version and turn on javascript functionality using javascript. If the javascript page is very different you may redirect the user with javascript.

    The best way is to make sure that the page works without javascript so you don't really care if the user has javascript enabled or not.

  • JuanCarlosII (unregistered) in reply to DeLos
    <noscript> <script type="text/javascript"> location.href = 'no_js.htm'; </script> </noscript>

    ... obviously.

  • (cs)

    Heh, well, it didn't make it past me into general testing, but I had something similar here.

    The developers were using JavaScript to hide the "You must enable Javascript" message, but the users were complaining that the message would sometimes flash on screen as the page loaded.

    So what did the developers do? Flip the logic of course (to use Javascript to make the message appear if Javascript was turned off).

    More disturbing (yes, it gets worse) is that I suggested using <noscript> BEFORE they made the change, and again afterwards... but it took 2 more tries for them to actually listen. All of which was, of course, after I had to convince my boss that the <noscript> tag wasn't some kind of personal hack that was just an excuse for an ego trip for me.</p> <p>Disclaimer: I wrote none of this code, nor was I around when it was written. Nor will I be around for more fun and games after I leave for greener (and saner) pastures on Friday.</p> </noscript>

  • Leo (unregistered) in reply to Brompot
    Brompot:
    Here we send and email, alert the receiver by SMS, ICQ them to check their phone and walk by to tell them they're wanted on ICQ. Just in case some medium fails.

    ICQ? Is it still 1999 where you work?

  • Edward Royce (unregistered) in reply to DeLos
    DeLos:
    so what is a good way to check for JS detection...

    Have the default version be the Javascript disabled and then have a <script> tag that redirects the browser to the Javascript enabled version.

    <script> window.location = "http://www.myuglywebsite.com/js_enabled.php"; </script> <p>If Javascript = off then you're ok.</p> <p>If Javascript = on then the browser gets redirected.</p> <p><em>shrug</em> that's what I know. Is there a better method?</p> </script>
  • (cs) in reply to Edward Royce
    Edward Royce:
    DeLos:
    so what is a good way to check for JS detection...

    Have the default version be the Javascript disabled and then have a <script> tag that redirects the browser to the Javascript enabled version.

    <script> window.location = "http://www.myuglywebsite.com/js_enabled.php"; </script> <p>If Javascript = off then you're ok.</p> <p>If Javascript = on then the browser gets redirected.</p> <p><em>shrug</em> that's what I know. Is there a better method? </div></BLOCKQUOTE></p> <p>For those who have missed the references.</p> <p>The <noscript> tag. Content inside this tag is only shown if JavaScript is turned off or if the browser does not support it.</p> <p>http://www.w3schools.com/TAGS/tag_noscript.asp</p> </script>
  • John (unregistered) in reply to JuanCarlosII
    JuanCarlosII:
    <noscript> <script type="text/javascript"> location.href = 'no_js.htm'; </script> </noscript>

    ... obviously.

    Ouch, almost wrote a serious reply to that one. I did try to add a method to unset the content attribute in a meta tag, but it that doesn't work as the browser's already started the timer to refresh/redirect the page (even if I extend the delay).

    <meta id='metaRefresh' http-equiv='refresh' content='1;url=http://www.google.com' /> <script type='text/javascript'>//<!--[CDATA[ document.getElementById('metaRefresh').content = null; //]]--></script>

    Removing the tag from the head doesn't work either.

  • Sashlik (unregistered) in reply to Leo
    Leo:
    Brompot:
    Here we send and email, alert the receiver by SMS, ICQ them to check their phone and walk by to tell them they're wanted on ICQ. Just in case some medium fails.

    ICQ? Is it still 1999 where you work?

    We love ICQ here in Russia, and use it widely :)

  • John (unregistered) in reply to FriedDan
    FriedDan:
    Edward Royce:
    DeLos:
    so what is a good way to check for JS detection...

    Have the default version be the Javascript disabled and then have a <script> tag that redirects the browser to the Javascript enabled version.

    <script> window.location = "http://www.myuglywebsite.com/js_enabled.php"; </script> <p>If Javascript = off then you're ok.</p> <p>If Javascript = on then the browser gets redirected.</p> <p><em>shrug</em> that's what I know. Is there a better method? </div></BLOCKQUOTE></p> <p>For those who have missed the references.</p> <p>The <noscript> tag. Content inside this tag is only shown if JavaScript is turned off or if the browser does not support it.</p> <p>http://www.w3schools.com/TAGS/tag_noscript.asp</div></BLOCKQUOTE></p> <p>But it's not the way management wanted it. How are you going to explain to your starving children that there's no food as daddy ignored his superiors.</p> </script>
  • Beldar the Phantom Replier (unregistered) in reply to John
    John:
    JuanCarlosII:
    <noscript> <script type="text/javascript"> location.href = 'no_js.htm'; </script> </noscript>

    ... obviously.

    Ouch, almost wrote a serious reply to that one. I did try to add a method to unset the content attribute in a meta tag, but it that doesn't work as the browser's already started the timer to refresh/redirect the page (even if I extend the delay).

    <meta id='metaRefresh' http-equiv='refresh' content='1;url=http://www.google.com' /> <script type='text/javascript'>//<!--[CDATA[ document.getElementById('metaRefresh').content = null; //]]--></script>

    Removing the tag from the head doesn't work either.

    I guess someone has been missing out on classic articles.

  • RBoy (unregistered) in reply to Sashlik
    Sashlik:
    Leo:
    Brompot:
    Here we send and email, alert the receiver by SMS, ICQ them to check their phone and walk by to tell them they're wanted on ICQ. Just in case some medium fails.

    ICQ? Is it still 1999 where you work?

    We love ICQ here in Russia, and use it widely :)

    In Soviet Russia, you don't seek me, ICQ!

    I'll be here all week, try the veal.

  • (cs) in reply to John
    John:
    FriedDan:
    For those who have missed the references.

    The <noscript> tag. Content inside this tag is only shown if JavaScript is turned off or if the browser does not support it.

    http://www.w3schools.com/TAGS/tag_noscript.asp

    But it's not the way management wanted it. How are you going to explain to your starving children that there's no food as daddy ignored his superiors.

    I dunno, even my "superior" caved after the developers screwed it up a few times.

    And then there's the added bonus of telling the "superior" that he has to explain to his boss about that pesky 2 weeks notice that helps a lot.

  • Ketchup (unregistered) in reply to Sashlik
    Sashlik:
    Leo:

    ICQ? Is it still 1999 where you work?

    We love ICQ here in Russia, and use it widely :)

    Nope, here in Russia we hate ICQ, it blocks alternative open-source clients and russian IP. Now we switching to jabber, including Google Talk.

  • John (unregistered) in reply to Beldar the Phantom Replier
    Beldar the Phantom Replier:
    John:
    JuanCarlosII:
    <noscript> <script type="text/javascript"> location.href = 'no_js.htm'; </script> </noscript>

    ... obviously.

    Ouch, almost wrote a serious reply to that one. I did try to add a method to unset the content attribute in a meta tag, but it that doesn't work as the browser's already started the timer to refresh/redirect the page (even if I extend the delay).

    <meta id='metaRefresh' http-equiv='refresh' content='1;url=http://www.google.com' /> <script type='text/javascript'>//<!--[CDATA[ document.getElementById('metaRefresh').content = null; //]]--></script>

    Removing the tag from the head doesn't work either.

    I guess someone has been missing out on classic articles.

    Hmm, I'd forgotten about that one. If that's a reference to my solution being overcomplicated, I disagree. It was the first solution I came up with that allowed the page to be redirected when Javascript is disabled.

    Other methods are: Redirecting to a page when javascript is enabled: not ideal because the majority of users enable javacript (as long as we're talking about a non-techie website).

    Using javascript to overwrite an element describing why javascript is needed can cause an annoying flicker when the page is loading, so again not ideal.

    That said, most my pages use javascript, but will still work if javascript is disabled as the effects are replicated by a post or get. Bit tedious but does mean the site is fast for javascript lovers and works for javascript haters.

  • (cs)

    This WTF wins the intertubes.

  • (cs) in reply to aggle-rithm
    aggle-rithm:
    case(BATTERY_OPERATED_MARITAL_AID) return false;
    Wouldn't that more accurately be, BATTERY_OPERATED_BACHELORETTE_AID?
  • Anon (unregistered) in reply to Code Dependent
    Code Dependent:
    aggle-rithm:
    case(BATTERY_OPERATED_MARITAL_AID) return false;
    Wouldn't that more accurately be, BATTERY_OPERATED_BACHELORETTE_AID?

    Someone's never been married for 5+ years...

  • justsomedude (unregistered)

    Gems like this make it easy for me to brush off the stigmas surronding VB. When it comes to code quality, which language is used seems significantly less important than the skill of the developers using them ;-)

  • mort8104 (unregistered)

    <% /**

    • a bulletproof test for the presence of a running computer
    • NOTE: also requires a browser, a connection to the Apache instance, and a user. **/ function UsingComputer() { return true; }

    switch (UsingComputer) { case true: echo 'congratulations, you appear to be using a computer'; break; default: echo 'oh dear, for this code to run you need a computer'; break; } %>

  • Edward Royce (unregistered)

    Well.

    "Redirecting to a page when javascript is enabled: not ideal because the majority of users enable javacript (as long as we're talking about a non-techie website). "

    Sure it's not ideal. What would be ideal is if the browser reported to the server in a variable the state of Javascript on/off and perhaps a type or version number or some such thing.

    Frankly the whole issue of Javascript on/off, issues with differences in functions, objects, DOM and other bullcrap makes writing web apps annoying at best and vastly irritating at worst.

    No wonder so many people are doing sites in flash.

  • Edward Royce (unregistered) in reply to justsomedude
    justsomedude:
    Gems like this make it easy for me to brush off the stigmas surronding VB. When it comes to code quality, which language is used seems significantly less important than the skill of the developers using them ;-)

    Hell if you think this stuff is amusing you see Google the fools who want to use Javascript as their language for doing -server side- coding.

    shrug what can I say.

  • LHC (unregistered) in reply to Code Dependent
    Code Dependent:
    aggle-rithm:
    case(BATTERY_OPERATED_MARITAL_AID) return false;
    Wouldn't that more accurately be, BATTERY_OPERATED_BACHELORETTE_AID?

    I thought that was a typo - battery operated nunchakas!!

Leave a comment on “Bulletproof JavaScript Detection”

Log In or post as a guest

Replying to comment #249667:

« Return to Article