Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

How to i make this java script more secure? How can i improve it? // This displa

ID: 3889757 • Letter: H

Question

How to i make this java script more secure? How can i improve it?

// This displays the login information on the page

function showlogin() {

var myform = "<form name="login" id="log" method="post" action="" + form_dest + "">";

myform += "<input type=hidden name="tokenid" value="login">";

myform += "Email: <input type=text name="us"><br>";

myform += "Password: <input type=password name="pw"><br>";

myform += "<a class="la" href="#">Login!</a></form>";

this.document.getElementById("mylogin").innerHTML = myform;

}

//Registration script

//Verify on client side and submit if valid.

function verifyreg() {

// test for empty values

// test for required values

// test for variable length

// test for illegal or harmful characters

document.regist.submit();

}

// Login script

//Verify on client side and submit if valid.

function verifylogin() {

// test for empty values

// test for required values

// test for variable length

// test for illegal or harmful characters

document.login.submit();

}

// The following allow navigation - Do not edit!

function link(token, redir) {

//alert(token + " " + redir);

document.sessions.tokenid.value = token;

document.sessions.pagereq.value = redir;

//alert(document.sessions.tokenid.value + " " + document.sessions.pagereq.value);

document.sessions.submit();

//alert(redir);

}

function innerlink(redir) {

document.getElementById("thispage").innerHTML = displayfile(redir);

}

function rescript(redir) {

document.getElementById("thispage").innerHTML = redir;

}

//Logout

function logout() {

document.sessions.tokenid.value = "logout";

document.sessions.pagereq.value = "include/desc.html";

document.sessions.submit();

}

Explanation / Answer

Here is one of the most secure login page andtechnique I made for my website. Hope this will help you in getting what I am trying to say by giving you this code.

login.htm

<?xml version="1.0" encoding="utf-8"?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"

"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >

<head>

<title>Login</title>

<script type="text/javascript">

<!--

function authPass(u,p) {

if (u && p) self.location = "auth.htm?" + u + p;

return false;

}

// -->

</script>

</head>

<body>

<div>

<script type="text/javascript">

<!--

if (location.search.indexOf("auth=failed") != -1) {

document.write("<span>Authorization Failed!</span>");

}

// -->

</script>

<form id="form1" action="javascript://">

<table>

<tr>

<td>Username: </td><td><input type="text" name="user" /></td>

</tr>

<tr>

<td>Password: </td><td><input type="text" name="pass" /></td>

</tr>

<tr>

<td colspan="2" align="center"><input type="submit" value="Login" /></td>

</tr>

</table>

</form>

</div>

</body>

</html>

page.htm

<?xml version="1.0" encoding="utf-8"?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"

"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >

<head>

<title>Login</title>

</head>

<body>

Correct password (destination page goes here, instead of this one)

</body>

</html>

auth.htm

<?xml version="1.0" encoding="utf-8"?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"

"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >

<head>

<title>Authorization in progress...</title>

<script type="text/javascript">

var authstring = "<script type="text/javascript" src="" + location.search.substring(1) + ".js"></script>";

if (location.search) document.write(authstring);

// -->

</script>

</head>

<body>

<script type="text/javascript">

<!--

window.auth ? location.replace(redirect) : location.replace("login.htm?auth=failed");

// -->

</script>

</body>

</html>

This is the code which will tell you what things are required to keep the code secure and page redirection is the most important thing when making a login page.Number of wrong attempts is also important to make the user from doing brute-force attack and dictionary attacks on the page.

Rate an upvote......Thankyou

Hope this helps....

Related Questions

How to find the maximum number of triangles or hexagons that can fit in a given
Question #2899617
How to find the reflection point and tanh from a data table? MET 180 Manual Spri
Question #2075550
How to find the total bits in cache, I found the professor\'s note and online so
Question #3659260
How to find the weighted deviation squared for returns and show process Covarian
Question #2796458
How to find theoretical yield of 1-bromobutane, formed from 1-butanol, sodium br
Question #539063
How to finish Exercise 13.1? How to finish Exercise 13.1? Practical exercises Ex
Question #2568126
How to finish this java?! Exercises #5, 6, 7, and 8 You are to implement all fou
Question #3859626
How to finish this program? Description: Write a program that creates a new text
Question #3569984
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
How to i find/calculate Return on sales? Income Statement All numbers in thousan
Next
How to i turn this into a digital clock for microcontroller pic16f1829 in Mplab?

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.