How can I use a regular expression in JavaScript to get a value from page source code from a function tag?

no i have already solved that!

can you take a look on this please ?
javascript - how can i inspect(document.body) in js while loading the page using object? - Stack Overflow

You need to address the CORS issue.

https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy

How to allow cross-origin access

Use CORS to allow cross-origin access. CORS is a part of HTTP that lets servers specify what hosts are permitted to load content from that server.

I am not sure what you need to do and you are probably not using the best solution. Since you describe your requirements in the context of describing the solution it is difficult to understand the requirements. Beginners often think that regular expressions are the easiest solution then they have problems using regular expressions. See the following.

If you can state the requirements clearly without describing how you think it should be done then it is much more likely people will help. If it is a complicated requirement and you can describe it clearly then many people here are likely to enjoy the challenge.

1 Like

if found where my problem relies … and couldn’t fix it correctly

<head1>
test
</head1>

<body1>    
<object type="text/html" data="http://page/" ></object>
<script>
let str = document.querySelector("body > script")
let pattern =/\bgetObj\("Frm_Logintoken"\)\.value = "([^"]+)";/;
console.log(str.match(pattern)[1]);

</script>
</body1>

the problem here is that the code works on the first page not the requested one .
if it was only possible to change from the top to 192.168.1.2 using code
62138280_1450974295045557_6919843156020166656_n

here is what i want to do in details
i want to make an auto login script in local level with a page that i can’t edit it’s code that have login token !

let’s say my page will be running on 192.168.1.5
and the other page is on 192.168.1.2
so my page should contain a code that is able to request the other page code and login to it .
this the curl login command … if it helps
curl "http://192.168.1.2/" --data "frashnum=&action=login&Frm_Logintoken=24&Username=adm1n&Password=admon"
Here is the source code of the other page.
and the regex that matches the login token
getObj\("Frm_Logintoken"\).value = "(.*)"; console.log(test[1]);
The line that has the login token value is at line 194 exactly
the username input area js path
document.querySelector("#Frm_Username")
the password input area js path
document.querySelector("#Frm_Password")
a function from the other page code that submits the login date
function dosubmit()
i am not really sure if the login needed if i am not using curl
as it’s not a value that the user inputs .
notes
the Frm_Logintiken is a token generated by the page and it basically increment by one on each successful login!
and i can’t use a proxy because mostly this will be local executed code .
i want that script to be able to work on phones browsers too

i hope i cleared this enough

If it is a complicated requirement and you can describe it clearly then many people here are likely to enjoy the challenge

i hope that’s true :slight_smile:

Isn’t that what you were asking about in your other thread that didn’t work either? I’d suggest to tackle one problem at a time, otherwise you won’t even know if the issue is with your current code or the code it depends on…

1 Like

no it’s not what i were asking !!!
it’s a whole different thing

In that case, unless you can get the script author to edit the file for you, you’re out of luck.

Since this approach is (probably?) a dead-end, I think it would be a good time to back up and rethink. i.e.

What is it about “non-auto login” that is trouble enough to make you want an auto login?

Chances are that others also have trouble with the existing UX and an improvement would be appreciated.

2 Likes

why out of luck … there is no possible solution ?

(one of) the problem(s) you have is wanting to bypass the Same-origin policy

You can either

  • host everything on the same origin
  • change your code to explicitly allow a different origin
  • petition the other origin to change their code to allow you access

If you can not do any of those, you’re out of luck.
https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy

The same-origin policy is a critical security mechanism that restricts how a document or script loaded from one origin can interact with a resource from another origin. It helps isolate potentially malicious documents, reducing possible attack vectors.

2 Likes
  • change your code to explicitly allow a different origin

you mean that code that is i am controlling ?

<object type="text/html" data="http://page/" ></object>
<script>
let str = document.querySelector("body > script")
let pattern =/\bgetObj\("Frm_Logintoken"\)\.value = "([^"]+)";/;
console.log(str.match(pattern)[1]);

without using php ?

What if he used an older browser version exclusively for this task, that doesn’t have the same origin restriction?

nah i don’t want old buggy browsers

Fair enough - you must then work within the security restrictions of modern web browsers.

In that case, the information from post #20 looks to be most relevant here.

I do not see Frm_Logintoken anywhere in that HTML so that does not help.

If it were me then I would probably put the HTML into a HTML parser and use the DOM to get the data. You make it difficult to understand the important part of what you need to do. It is not clear what Frm_Logintoken is. At first I thought you are trying to get data from within JavaScript source code. So I am not sure that parsing the HTML will do everything but it might and if it could then you should do that. Alternatively you could write a browser extension that could access the DOM.

There are alternatives that are more appropriate for browsers. You are not getting any help doing it using regular expressions.

no it 's there just look carefully !

@m_hutley
@Mittineague
@Paul_Wilkins
@SamuelCalifornia
here is the new working code everyone
i fixed it by var response
and then response = results;
and doing two requests one get and the other is post and adding the second one in set timeout function
https://pastebin.com/mVnNDcAg

<!DOCTYPE html>
<html>
<body>
<p id="demo"></p>
 
<script>
 
const http = new XMLHttpRequest();
var response;
const url = 'http://page/';
http.open('get', url, false);
//Send the proper header information along with the request
http.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
 
  http.onreadystatechange = function ()
    {
        if(http.readyState === 4)
        {
            if(http.status === 200 || http.status == 0)
            {
                let str = (http.responseText);
                let pattern =/\bgetObj\("Frm_Logintoken"\)\.value = "([^"]+)";/;
                let results = str.match(pattern)[1];
                alert(results)
                response = results;
 
            }
           
        }
    }
   
http.send();
     
var test;
setTimeout(function(){
   
const http1 = new XMLHttpRequest();
var params1 = 'frashnum=&action=login&Frm_Logintoken='+response+'&Username=admin&Password=test';
const url1 = 'http://page/';
http1.open('post', url, false);
//Send the proper header information along with the request
http1.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
test = params1;
http1.send(test);
alert(test)
}, 1000);
 
</script>
</body>
</html>

what do you think that’s wrong in this code and can be improved ?

here what i think i need to do.
make it redo the first request if the response is null or undefined and don’t do the second request till the response isn’t null or undefined.
but i have no clue how to do this so any help is appreciated.

Well generally you wont GET a form submission, you’d POST it.

Not gonna happen. If you don’t care to be more specific then I don’t care.

@m_hutley what do you meant ?