tag:blogger.com,1999:blog-3517370354239262832024-03-08T08:07:35.197-08:00Javascript hacks<p>
I know nights are for passion,<br>
Birght sunny days are for wars<br>
And heroes killed in action.<br>
</p>Denhttp://www.blogger.com/profile/14525146563119430328noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-351737035423926283.post-64388190933170207952010-03-17T21:21:00.000-07:002010-03-18T03:34:23.745-07:00How AdSense works.Let's see what is happening when AdSense script runs in browser. Hope you are familiar with following code:
<samp style="background-color: rgb(238, 238, 238);"></samp><pre class="brush:javascript">
<script type="text/javascript">
google_ad_client = "pub-7777777777777";
google_ad_slot = "777777777777";
google_ad_width = 468;
google_ad_height = 60;
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script></pre>
In general <code>show_ads.js</code> does the following tasks:
<ol><li>script collects all available information about browser and <abbr title="Operating System">OS</abbr> (see: <a href="http://itranga.blogspot.com/2010/02/browser-fingerprint.html">Browser fingerprint</a>). This information includes: browser window size; display size; monitor color depth; plug-ins list; java version; checks if window has parent window; referrer;
</li><li>imports another 2 JS files - they are quite complicated to read because of obfuscation, but the main task they serve - make results more unpredictable and hard to mimic.</li><li>creates IFRAME, which has main parameters (1) in URL - thus sending valuable espionage information back to Google.</li><li>in the loaded IFRAME there are some scripts also, which IMHO are anti-bot watchers - they counts every mouse move over ads and then send this info to Google if ads link is clicked. I presume this helps detecting click-fraud bots.</li></ol>
<p>Well, definitely principal weaknesses exist in the online ads model itself, allowing to perform "perfect" (i.e. undetectable) click-fraud attack, but implementation is quite tricky and expensive and bottlenecks are traffic to <a href="http://en.wikipedia.org/wiki/Scraper_site#Made_for_AdSense" title="Made for AdSense">MFA</a> sites and payouts.</p>
<p>Actually, advertisment networks may perfectly track users — every time you visit website with ads browser sends a little string - "cookie" to an advertisment server, next page — the same cookie, thus ad networks follow you. But don't think you are genious if you clear cookies (or restrict them in browser) — remember <a href="http://itranga.blogspot.com/2010/02/browser-fingerprint.html">fingerprints</a> while surfing internet.</p>Denhttp://www.blogger.com/profile/14525146563119430328noreply@blogger.com0tag:blogger.com,1999:blog-351737035423926283.post-44923169058964920902010-02-09T12:35:00.000-08:002010-02-15T12:12:21.810-08:00Browser fingerprint<p><strong>Do you know that it is VERY VERY difficult to hide your internet activity from "smart" servers?</strong> If they do well, web-servers can detect (or at least guess) your return visit, despite you have cleared borwser's cookies and anonymized with proxy. According to Electronic Frontier Foundation browsers have "digital fingerprints", the vast combination of many parameters available to servers over HTTP, javascript, browsers plugins (Flash, Java and etc.), network settings (IP, DNS). As for now EFF has counted 2<sup>19</sup> (more than 524000) combinations of browser settings — little possibility to have another visitor with the same "fingerprint". You are under a sight!</p><p>Test yourself on EFF's <a href="http://panopticlick.eff.org/">Panopticlick</a>. They surprised even me! I didn't expect possibility to detect:<ul><li>system fonts</li><li>DNS server i use</li><li>the same Flash cookie in all my browsers</li></ul></p><p>With a little help of sociology, <a href="http://www.google.com/adplanner">web statistic</a> and <a href="http://jeremiahgrossman.blogspot.com/2006/08/i-know-where-youve-been.html">CSS web-history exploit</a> servers can <a href="http://www.mikeonads.com/2008/07/13/using-your-browser-url-history-estimate-gender/">guess your gender</a> and age. Hasta la vista, anonymity!</p>Denhttp://www.blogger.com/profile/14525146563119430328noreply@blogger.com0tag:blogger.com,1999:blog-351737035423926283.post-72067515025998869432010-01-28T14:36:00.000-08:002010-01-29T01:23:32.380-08:00I know nights are for passion<div style="font-size:1em">
<div style="float:left"><blockquote style="float:left;width:17em;padding:1em;">I know nights are for passion,<br />Birght sunny days are for wars<br />
And heroes killed in action.</blockquote><address style="font-size:smaller"><a href="http://en.wikipedia.org/wiki/Nikolay_Gumilyov">Nikolay Gumilyov</a>, 1905<br />(RU => EN) Denis Kalinin, 2010</address></div><div><blockquote style="padding:1em;">Я знаю, что ночи любви нам даны<br />И яркие, жаркие дни для войны.</blockquote><address style="font-size:smaller"><a href="http://ru.wikipedia.org/wiki/Гумилёв,_Николай_Степанович">Николай Гумилёв</a>, 1905</address></div></div>Denhttp://www.blogger.com/profile/14525146563119430328noreply@blogger.com1tag:blogger.com,1999:blog-351737035423926283.post-60895979273675502192009-11-06T13:07:00.000-08:002009-11-09T14:02:10.719-08:00Geolocating Google News<p lang="en">Suppose you want to get news depending on their location — the only tool i have found is (no surprise) <a href="http://news.google.com/">Google News</a>! It has <em>almost unkown</em> functionality of locating news articles, not perfect one, but IMHO quite sufficient. The Google's <a href="http://code.google.com/apis/ajaxsearch/documentation/reference.html#_fonje_news"><code>geo</code></a> search parameter seems to work in US only.</p><p><span title="IT: OK!" lang="it">Va bene</span>! <cite title="proverb" lang="en">Monkey see, monkey do</cite>: to get news from Rome and Lazio region (Italy) use this RSS URL:
<a href="http://news.google.com/news?output=rss&q=location:Roma+OR+location:Lazio">http://news.google.com/news?output=rss&q=location:Roma+OR+location:Lazio</a>. The "OR" parameter has reason here, because some sources are possibly marked as originating from Lazio (Rome itself is in Lazio region) but concern to Rome also.</p><p>Google.News request parameters:</p><dl>
<dt>q</dt><dd>query string,<code>location</code> — subparameter to define news location. In the example above i defined that i search news from either Rome OR Lazio. <span style="color: rgb(255, 0, 0); font-weight: bold;">NB!</span> Substitute white spaces and hyphens in geographical names with underline "_": <samp title="How to write Addis Ababa (Ethiopian capital) in Google News request">Addis Abbaba → <a href="http://news.google.com/news?output=rss&ned=en&hl=it&q=location:Addis_Ababa">Addis_Ababa</a></samp>. This is the hack! The feature is not documented by Google. Уou can use national geographical names in your requests <samp title="How write national geographical names in Google News requests"><a href="http://news.google.com/news?output=rss&q=location:Odessa+OR+location:Одесса+OR+location:Одеса+OR+location:Одесская_область">Odessa OR Одесса OR Одеса OR Одесская область</a></samp>: the second usefulness of "OR" operation — news source location is marked either in english or national language, you'd better search for both.</dd>
<dt>ned</dt><dd>national "news edition". See <a href="http://news.google.com/news?ned=fr">Googel News France</a></dd>
<dt>hl</dt><dd>means "human language" i presume. Forces to set news language in spite of <code>ned</code> parameter. <a href="http://news.google.com/news?output=rss&ned=en&hl=it&q=location:Paris">News from Paris in ITALIAN language for english edition</a></dd>
<dt>as_scoring</dt><dd>News sorting order. Seems to be useful only when searching with keywords. <code>as_scoring=n</code> sort by date, <code>as_scoring=n</code> sort by relevance. <a href="http://news.google.com/news?output=rss&ned=en&hl=it&q=location:Paris&as_scoring=n">Sorted by date News from Paris in italian</a></dd>
</dl><p></p>Denhttp://www.blogger.com/profile/14525146563119430328noreply@blogger.com0tag:blogger.com,1999:blog-351737035423926283.post-43271161449452504792009-10-14T22:14:00.000-07:002009-11-13T04:58:13.574-08:00Bing maps driving directions<p><a href="http://www.bing.com/maps/">Bing Maps</a> (formely VirtualEarth Maps) has a splendid driving direction service, covering the <strong>whole world</strong> — neither Google Maps no another webmaps do that.</p><p>As a GIS-web developer you can face a little problem - driving direction has limited API access and you cat get generalized route only (i.e. curve of few points <a href="http://msdn.microsoft.com/en-us/library/bb877815.aspx">VERouteItineraryItem</a> instead of shape <a href="http://msdn.microsoft.com/en-us/library/bb412535.aspx">VEShape</a>), because API property <a href="http://msdn.microsoft.com/en-us/library/cc470011.aspx">VERoute.ShapePoints</a> is available with <q>explicit permission</q> from Microsoft, in other words — they encrypt shape data and if you subscribe the service will give you the key. I have figured out there are limitations for number of requests - 1000 per day for <em>developer</em> and $0.01 per request for <em>enterprise</em>.</p><h4>Bing directions with OpenLayers</h4><p>The idea:</p><ol><li>create Bing layer without tiles <code>VEMapOptions.LoadBaseTiles=false</code></li><li>get route with Bing API</li><li>maximum zoom layer to get detailed shape</li><li>parse SVG or VML poliline with pixel-to-LonLat function</li></ol>It seems to be easier than breaking encrypted VERoute.ShapePoints data. In a couple of days i will upload working sample to OpenLayers sandbox.<p></p>Denhttp://www.blogger.com/profile/14525146563119430328noreply@blogger.com0tag:blogger.com,1999:blog-351737035423926283.post-29085573462273886882009-03-10T09:01:00.000-07:002010-03-17T16:33:09.746-07:00Google AdSense keywords hack<p>AdSense is placed in iframe on webpage by adsenes's javascript. This fact has given me an idea to put adsense in my own iframe where i can define my own keywords, the result - ads will differ from top page content!! Cool - keyword hack! But adsense script checks for 'window.top' and if true - script will show adsense according to top page content.
The trick is to set <code>window.top=window.self</code> before adsense script (may not work in some IE, because MSIE doesn't allow javascript to rewrite «window» - DOM object).</p>
EXAMPLE (Topic: <a href="http://dev.openlayers.org/sandbox/itranga/openlayers/examples/ads/degree_online.html" rel="nofollow">Online education</a>)
<div id="rotatorDiv" style="overflow: hidden; width: 468px; height: 60px; float: right;">
<iframe hspace="0" vspace="0" marginheight="0" marginwidth="0" allowtransparency="true" src="http://dev.openlayers.org/sandbox/itranga/openlayers/examples/ads/degree_online.html" frameborder="0" height="180" scrolling="no" width="468"></iframe>
</div>
<script type="text/javascript">
var bannerTimeout;
var loadingBanners=true;
var bannersLoadCounter=0;
var bannersOnPage=3;
var _times;
function scrollBanners(times, inTime){
if(!inTime || isNaN(inTime)){
scrollPace(times);
}else{
if(!bannerTimeout){}
else window.clearTimeout(bannerTimeout);
bannerTimeout=window.setTimeout("scrollPace("+times+")",inTime);
}
}
function scrollPace(times){
if(!times || times<=0){
if(!bannerTimeout){}
else window.clearTimeout(bannerTimeout);
jQuery("#rotatorDiv").animate({opacity:0},"slow",
function(){
jQuery("#rotatorDiv").scrollTop(0);
_times=bannersOnPage;
scrollBanners(_times);
jQuery("#rotatorDiv").animate({opacity:1},"slow");
});
return;
}else{
scrollPos=(bannersOnPage-times)*60;
if(scrollPos>0){var animParams = {scrollTop: (scrollPos) + "px"};
jQuery("#rotatorDiv").animate(animParams,300);
}
times--;_times=times; scrollBanners(times,5000);
}
}
scrollBanners(3);
</script>Denhttp://www.blogger.com/profile/14525146563119430328noreply@blogger.com2tag:blogger.com,1999:blog-351737035423926283.post-34249928257494039832009-03-05T13:56:00.000-08:002009-12-14T00:57:51.897-08:00OpenLayers and Yandex.Maps (Яндекс.Карты)<div style="border: 1px solid rgb(0, 0, 255);">
<span>15 May 2009</span>
<h1 style="font-size: 1.2em; color: rgb(255, 0, 0);">FIXED version is available</h1>
<p>Hello all! At last i have uploaded the fixed version of Yandex maps for openlayers. Look here: <a href="http://dev.openlayers.org/sandbox/itranga/openlayers/examples/YandexMap.html">Yandex maps for OpenLayers (in sandbox)</a>. This fix removes latitude distortion because of ellipsoid globe model used in YandexMaps in contrast to spheroid in Google and Bing. I can't make these changes in simple version (beneath)— i have no idea about projection (EPSG) used in this webmap. If you have — send me description (see <a href="http://spatialreference.org/">Spatialreference</a>).</p>
<p>
There are 2 files <a href="http://trac.openlayers.org/browser/sandbox/itranga/openlayers/examples/YandexMap.html">Yandex.html</a> and <a href="http://trac.openlayers.org/browser/sandbox/itranga/openlayers/lib/Itranga/OL_Yandex.js">OL_Yandex.js</a>
</p>
</div>
<p>OpenLayers is splendid opensource javascript framework for webmapping. "Yandex.Maps" (russian:<a href="http://beta-maps.yandex.ru/">Яндекс.Карты</a>) - russian webmapping service (like Google Maps or VirtualEarth)</p>
<style type="text/css">@import ("http://www.openlayers.org/dev/theme/default/style.css");</style>
<script type="text/javascript" src="http://www.openlayers.org/api/OpenLayers.js"></script>
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
<div id="map" style="border: 1px solid lightgray; margin: 0pt 0pt 30px; padding: 0pt; width: 450px; height: 256px;"></div>
<script type="text/javascript">
function initMap(){
var googleLat, googleLon, googleZoom;
if(google.loader.ClientLocation){
googleLat = google.loader.ClientLocation.latitude;
googleLon = google.loader.ClientLocation.longitude;
googleZoom = 6;}else{googleLat=0;googleLon=0;googleZoom=3;}
function yandex_getTileURL(bounds) {
var res = this.map.getResolution();
var maxExtent = (this.maxExtent)?this.maxExtent:yandexBounds;
var tileW = (this.tileSize)?this.tileSize.w:256;
var tileH = (this.tileSize)?this.tileSize.h:256;
var x = Math.round((bounds.left - maxExtent.left) / (res * tileW));
var y = Math.round((maxExtent.top - bounds.top) / (res * tileH));
var z = this.map.getZoom();var limit = Math.pow(2, z);
if(y<0&&y>=limit){return OpenLayers.Util.getImagesLocation() + "404.png";}
else {
x = ((x % limit) + limit) % limit;
url = (this.url)?this.url:"http://vec02.maps.yandex.net/";
return url+"tiles?l=map&v=2.2.3&x="+x+"&y="+y+"&z="+z;
}};
var yandexBounds = new OpenLayers.Bounds(-20037508,-20002151,20037508,20072865);
var map = new OpenLayers.Map('map', {projection: new OpenLayers.Projection("EPSG:900913"),displayProjection: new OpenLayers.Projection("EPSG:4326"),units: "m",maxResolution: 156543.0339,maxExtent: new OpenLayers.Bounds(-20037508, -20037508, 20037508, 20037508.34)});
function osmarenderer_getTileURL(bounds) {
var res = this.map.getResolution();
var x = Math.round((bounds.left - this.maxExtent.left) / (res * this.tileSize.w));
var y = Math.round((this.maxExtent.top - bounds.top) / (res * this.tileSize.h));
var z = this.map.getZoom();var limit = Math.pow(2, z);
if (y<0)if(y>= limit){return OpenLayers.Util.getImagesLocation() + "404.png";}else{x = ((x % limit) + limit) % limit;return this.url +"Tiles/tile/"+ z + "/" + x + "/" + y + "." + this.type;}}
var mapnik = new OpenLayers.Layer.TMS("OpenStreetMap","http://tah.openstreetmap.org/",{sphericalMercator:true,numZoomLevels:18,type:"png",getURL: osmarenderer_getTileURL,displayOutsideMaxExtent: true,attribution:'<a href="http://www.openstreetmap.org/">OpenStreetMap</a>',transitionEffect:"resize"});
var yandexMaps = new OpenLayers.Layer.TMS("Yandex","http://vec02.maps.yandex.net/", {maxExtent:yandexBounds,type:"png",getURL:yandex_getTileURL,numZoomLevels:18, attribution:'<a href="http://beta-maps.yandex.ru/">Яндекс.Карты</a>', transitionEffect:'resize'});map.addLayers([yandexMaps,mapnik]);map.addControl(new OpenLayers.Control.LayerSwitcher());map.setCenter(OpenLayers.Layer.SphericalMercator.forwardMercator(googleLon, googleLat),googleZoom,false,false);
};
initMap();
</script>
<p>This is example map (up) and here is the code (down):</p>
<samp style="background-color: rgb(238, 238, 238);">
<pre class="brush: javascript">
<script type="text/javascript" src="http://www.openlayers.org/api/OpenLayers.js"></script>
<div id="map" style="border: 1px solid lightgray; margin: 0pt 0pt 30px; padding: 0pt; width: 350px; height: 256px;"/>
<script type="text/javascript">
function yandex_getTileURL(bounds){
var res = this.map.getResolution();
var maxExtent = (this.maxExtent) ? this.maxExtent : yandexBounds;
var tileW = (this.tileSize)?this.tileSize.w:256;
var tileH = (this.tileSize)?this.tileSize.h:256;
var x = Math.round((bounds.left - maxExtent.left)/(res * tileW));
var y = Math.round((maxExtent.top - bounds.top)/(res * tileH));
var z = this.map.getZoom();var limit = Math.pow(2, z);
if (y <0>= limit) {
return OpenLayers.Util.getImagesLocation() + "404.png";
}else {
x = ((x % limit) + limit) % limit;
url = (this.url)?this.url:"http://vec02.maps.yandex.net/";
return url+"tiles?l=map&v=2.2.3&x="+x+"&y="+y+"&z="+z;
}
};
var yandexBounds = new OpenLayers.Bounds(-20037508,-20002151,20037508,20072865);
var map = new OpenLayers.Map('map', {
projection: new OpenLayers.Projection("EPSG:900913"),
displayProjection: new OpenLayers.Projection("EPSG:4326"),
units: "m",
maxResolution: 156543.0339,
maxExtent:new OpenLayers.Bounds(-20037508,-20037508,20037508,20037508.34)
});
var yandexMaps =
new OpenLayers.Layer.TMS("Yandex","http://vec02.maps.yandex.net/",
{
maxExtent:yandexBounds,
type:"png",
getURL:yandex_getTileURL,
numZoomLevels:18,
attribution:'<a href="http://beta-maps.yandex.ru/">Яндекс.Карты</a>',
transitionEffect:'resize'
});
map.addLayers([yandexMaps]);
map.addControl(new OpenLayers.Control.LayerSwitcher());
map.zoomTo(4);
</script></pre></samp>Denhttp://www.blogger.com/profile/14525146563119430328noreply@blogger.com7