From the "If you want it done right, do it yourself... maybe"
department.

Today I was looking at a webpage that used html encoding
(ie, "a" in place of "a") to obfuscate much of it's contents.
This displeased me for several reasons. (Not the least of
which was a standing order from General Principles.)

So I looked around online for a web-based tool that I could
paste the text into and get back a more useful form. But
everything I found either didn't work, or just didn't convert
ordinary letters.

So I said to heck with it, I can write something to do this
myself.

I didn't use CGI for two reasons. 1) I remember the last time I
tried experimenting with CGI, and had to severely hack the
library to get it to let me use html generation methods in a
non-server environment. 2) The description of unescapeHTML
sounded as though it would only unescape the special characters
that have to be escaped.

So, I ended up with this:


===
outfile = File.new(ARGV[1], File::CREAT|File::WRONLY|File::EXCL)
IO.readlines(ARGV[0]).each{ |line|
	begin
	outfile.puts line.gsub(/&#(\d+);/) { |x|
		if $1.to_i < 256
			$1.to_i.chr
		else
			x
		end
	}
	rescue
	outfile.puts line
	puts line
	end
	
}
outfile.close
===

And it worked.

Then I thought of looking at the source of unescapeHTML, and
found that the description or my interpretation of it was wrong.
Not only would it handle all the escaped ascii characters, it was
a class method, so I didn't need to deal with the enviroment
issues.

Which lead to...

===
require 'cgi'
outfile = File.new(ARGV[1], File::CREAT|File::WRONLY|File::EXCL)
IO.readlines(ARGV[0]).each{ |line|
	outfile.puts CGI::unescapeHTML(line)
}
outfile.close
===

Which is much simpler; just some file handling stuff around
the unescapeHTML function. Maybe later I'll try something with
rubywebdialogs that'll let me paste into a web browser window
and get back results the way I'd like to be able to do...

The moral of this story is, html obfuscation sucks.

(What? That's *not* the moral? Oh well...)

-Morgan


-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.344 / Virus Database: 267.10.21/96 - Release Date: 09/10/2005