Javascript Copy Hijack
11 years ago
I found an interesting feature in the Digital Spy website today: text copy hijacking.
If you select some text on the site, hit Ctrl-C or right click and copy, you don't get exactly what you asked for. I copied this text from the site (I am looking out for Glastonbury tickets):
Ticket + Coach packages will go on sale on Thursday, April 2. at 7pm.
And when I pasted it I got the following:
Ticket + Coach packages will go on sale on Thursday, April 2. at 7pm.
Read more: http://www.digitalspy.co.uk/music/news/a561396/glastonbury-festival-2014-ticket-resale-announced.html#~oAboMkgLeXyhqY#ixzz2xdI6jiXf
Follow us: @digitalspy on Twitter | digitalspyuk on Facebook
A link back has been added on the end as well as Twitter and Facebook links for the site. Apart from being a bit shady, how do they do this?
At first I thought there must be a flash shim, to modify the system clipboard, since Javascript provides no way to modify this. Looking through the requests the site makes though there is no trace of anything like Jeffery Larson's _clipboard.swf
.
Grepping the source for the site for the phrase "Read more:" reveals a javascript file from tynt.com, who promote their ability to "Leverage On-Site Copy & Paste Activity". Culprits identified!
My next guess was that on mouse up TYNT are adding a hidden element to the page within your selection. Checking window.getSelection(), the anchorNode and extentNode match what I selected and don't seem to have been modified.
Looking through the included ti.js I found an event listener being attached to the copy event, which it turns out is quite widely supported. When this fires the selection is grabbed using Window.getSelection(), a new temporary element is created on the page using document.createElement(). Then the selection is modified using selectAllChildren() and the temporary element is removed.
Here's a demo of the effect.
Bicycle Playing Cards
11 years ago
"It was erroneously believed that the Viet Cong believed the card to be a symbol of death and would flee at the sight of the Ace. [...] Thousands of decks of [...] Aces were shipped to Vietnam where the Aces were purposely scattered throughout the jungle and villages during raids."
Args.js
11 years ago
At my day job, making wearable cameras, the Autographer, I've just released my first stab at useful open-source software.
Args.js is library for javascript that lets you specify function definitions. You can have optional arguments, named arguments, argument groups and default values for undefined arguments.
Have a look at the home page for examples and the code.
There was some discussion about it on Hacker News too.
Eigenfaces
11 years ago
via opencv
Image Homography Gone Wrong
11 years ago