Thursday, September 11, 2008

Prevent multiple refresh button and multiple requests to server using javascript

Let me mention out at the start itself:- This post will help you prevent a stupid impatient user from sending multiple requests to your server. But a deliberate attack will go through without slightest of problems
Here is the scenario
You have a web application running on an slow server which can handle user requests simultaneously but when a impatient user starts hitting his refresh button million times a second, it leaves your server in a pity state. So how to go about?

Key is to use onbeforeunload event built into ie and Firefox browsers. But you would not want to trouble your users every time they want to leave a page. So key is to use a flag variable along with timeout function, check the code below:-

<title>Untitled Document</title>
<script language='javascript'>
var me = true;
function closeIt()
if(me == true) {me = false ; return;}
return "Server is still executing the previous request, Are you sure you wish to send another request?";
PUT a heavy server job here to actually test it

there are other methods to prevent the same, but most of them require to be taken care of while coding. This solution is useful when you already have an application ready but want a quick fix for the refresh button problem. If you are still in the coding stage of your application here is a more detailed way to implement it on server side for much more complete control

Monday, September 8, 2008

Blocking ads on webpages using hosts file

If the adblock plus extension is the only thing holding you back from using google chrome instead of firefox, Here's a simple solution for the same
if you are using windows

Just open this file:
c:\windows\system32\drivers\etc\hosts(assuming your windows is in c drive)
in any plaint old text editor maybe notepad
assuming your windows is in c drive
Now get a list of various adservers along with ipaddresses commonly used to supply ads for eg. here is one:-

copy all the entries from here and copy it to your own hosts file, you may want to keep the existing entries.

Thats it now no more ads will be served on your webpages.

For linux users edit the hosts.conf file in etc directory

You can also get the same hosts file here:

just extract the same to overwrite your original hosts file
P.S if you get empty pages or connection timed out on any site you wish to browse,just find the correponding entry in the hosts file and remove the same