Javascript Prompt Box Reappears out of nowhere

Discussion in 'Web Design and Development' started by P.Bechthold, Feb 13, 2012.

  1. P.Bechthold macrumors newbie

    Joined:
    Jan 27, 2011
    #1
    Hello,

    I have an iWeb site I maintain for my portfolio, part of a requirement for my BEd.

    One of the pages contains all kinds of reference letters and my resume. I was informed by a professor that I needed to either password it or take it down because it violated FOIP. Rather than go into this with him, I obliged and put a script on the said page that would require a password to allow the page to open. If the password is incorrect it would redirect back to the home page. Here is the snippet:

    <SCRIPT language="JavaScript">
    <!--hide
    var password;
    var pass1="XPASSWORDX";
    password=prompt('For privacy reasons, please contact XMYEMAIL@EMAIL.COMX to gain access','');
    if (password==pass1)
    alert('The password is correct. Click OK to continue.');
    else
    {
    alert('Incorrect password');
    window.location="http://www.PBechthold.com/";
    }
    //-->
    </SCRIPT>

    Of course, XPASSWORDX would be replaced with the real password and XMYEMAIL@EMAIL.COMX with my email address.

    I have used a similar script on other pages too because I wanted some privacy. I understand how meager this is and wouldn't even call it security, but I do like the simplicity of implementation and it provides at least one roadblock to anyone out creeping the site.

    Here is the problem:

    When I start up safari on my mac or sometimes even just new tabs, I have found I get prompted with the password box as if I was trying to access the webpage in question (Resume.PBechthold.com) even when I am just opening gmail or something.

    Question 1: If you visit the site and try to get in but cancel, do you have a similar symptom later on?

    Question 2: If you get in to the site then leave, are you getting the prompt later as well?

    Question 3: How easy is it to find out the password? I am not posting the password here and would request that you do not either if you find out what it is... But I trust it is very easy.

    Thanks for all your help!
     
  2. Darth.Titan macrumors 68030

    Darth.Titan

    Joined:
    Oct 31, 2007
    Location:
    Austin, TX
    #2
    1. I didn't experience that.
    2. I didn't experience that either, of course I didn't play with it long. I suspect the reason has something to do with you loading Resume_and_References.html into a frame.
    3. I don't need the password. All I have to do is turn off javascript and the browser bypasses your "login" altogether. At that point of course all it would take is a quick "View Source" to get the password.
    A javascript login is worse than useless.
     
  3. P.Bechthold thread starter macrumors newbie

    Joined:
    Jan 27, 2011
    #3

    Yup it is pretty useless. Like I said though, it is more meant to be a due diligence bow to FOIP. I originally had all of these sites public until recently (2 years later) someone pointed out it should have some form of password.

    I am very much a newbie to web development and I am just looking for the simplest password protection as possible. It also needs to be easy to add back in after publishing with iWeb because I update the pages frequently. Any suggestions?

    Thanks for the details about how to bypass it. I find that interesting.

    Please post back if you stat experiencing the randomly appearing prompt.
     

Share This Page