Skip to content


Standalone Animation Player

I’ve created an animation player. It works with all ajax animator animations, and when compressed is a mere 3kb (which I believe is lower than OnlyPath Viewer).

It is built using the very same sources of the Ajax Animator, the whole purpose of all those *_core.js files. It uses the files
Ext.ux.clone.js, op_view.js, svgrenderer_mini.js, vmlrenderer_mini.js, wrapper_core.js, view_wrapper.js, and tween_core.js.

svgrenderer_mini.js when compressed is just over 1.1kb and same is for vmlrenderer_mini.js

I’m on my linux development environment now, so I haven’t tested it in IE, but it will 100% fail, as the rendering engines is not detected and it uses SVGRenderer always.

See it in action here:

http://ajaxanimator.googlecode.com/svn/trunk/ajaxanimator/html/player.htm

Posted in Ajax Animator.

Tagged with , , .


36 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

  1. josep_ssv says

    MAGNIFY!!!!!
    It is the way to build useful applications.
    An approach to Flash and SilverLight
    http://silverlight.net/

  2. admin says

    silverlight xaml is planned

  3. 'a' = 'a' says

    Wtf dis page about, i just come from your javascript game where i hacked admin, since you very new in javascript… every noob can hack admin in wt game btw.
    Nice game btw, i downloaded it and it works fine from mine computer, even php work, have no idea how…
    You really need to read more tuts about JavaScript

  4. admin says

    yes, its designed that way. There is really no way to do secure clientside passwords and they were added just to keep noob retards out.

    I would not consider myself “new” to javascript. Security is a joke to me, none exists

    If you think that was hacking, you are mistaken. I designed it to be wiki-type

    And if you are leet enough to read the source, it says just about 50 exploits (backdoors for me and others)

    And the game wasn’t even a big project of mine, its a 2 week mini project

  5. 'a' = 'a' says

    nvm…
    its first ever online game who works for me from my computer, i mean after i downloaded it its online :|, what shows what you don’t have much ideas about security. by the way, game graphics pathetic and very much mistakes.

  6. 'a' = 'a' says

    btw, there is way to create secure paswords, what is impossible to break even using client side, what shows again your JavaScript knowledge…

  7. admin says

    no, they can be decrypted. I use secure SHA-1 hashing for other projects, and a few of them are hash cracking systems

    And if you knew much about javascript, the graphics are fine. Dont expect OpenGl or such in a browser environment

  8. admin says

    If you use a “secure” one-way hash algorithim on the client such as SHA-1, you have really no control over the password. Even though the algorithm is “one-way” the client can run brute-force or dictionary attack with you having no knowledge of that happening. Its not good, security wise.

    And, no security is fully “impossible” to break. Theoretically, you can do brute-force on any type of security, and given an infinite time (which won’t be necessary for most of the time), you can decrypt anything. Unless the server has to be queried to check passwords, where you have full control over the situation, and can at most ban you or take the authentication server offline.

    Security isn’t even about “JavaScript” it’s cryptography, and its common knowledge, no DRM or security can truly exist perfectly on the client. If you are a hacker, you should know that.

    If I used a hash algorithm, and encoded the password as 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 (SHA-1), a dictionary attack could decrypt it in less than a millisecond.

    Unless, youre suggesting for me to have a more secure password, which again, was against my original password design strategy.

    The idea of the MMORPG was using Comet (Server-Push) and standardized browser technologies. That means No Flash (neopets), No Java (Runescape). Please tell me if *any* other such games fit the description, because AFIK, there is none.

    You are limited ALOT to what you can do thanks to the horrific state of web standards. I excluded myself from using fairly decent modern technologies such as SVG, CANVAS, and more HTML5/WHATWG because of IE.

    The game actually was just for a stupid competition. There was very little effort in the game, I rarely used anything more than DOM 0. I’m no professional, I’m still a kid, but I have to say that I feel very much more capable than the others of similar age group. And if you don’t mind, can you show me some of what you’ve done? I won’t blatantly claim that you are just jealous or a noob, but I would be interested in learning about how I can improve.

  9. admin says

    And what do you mean by a game that works on your computer? Can you explain to me how you accomplished this feat? Its mostly client-side, so are you sure you acquired all the PHP code as well?

  10. 'a' = 'a' says

    yep i managed to rip your game, and now i can run it from my computer and i see all what i see in game who is on your page :P.
    Yes there is and whiteout any encription, one way two ways no ways… lol
    there is way to make impossible to break password, but if i tell ya you can use it against me

  11. admin says

    Okay, so, why would I use it against you? If you ask ANY professional hacker, you’ll understand that there is NO WAY to possibly do such security on the client.

    And firstly, if you aready have it on your computer, how can I use it against you? If what you said is true, than I have no control over your instance of he game.

    And you know what? 99% of my game is CLIENT CODE. Right here:
    http://cometrpg.110mb.com/php/js.php

    If you push the game offline, most of the stuff will work fine.

  12. admin says

    Look, right here, in the source in line 3798:

    //Validation is not necessary due to the horrible security model, but there is a validation for the GUI for fake protection
    var admin = false;

    Why do you think its hacking to do that? Wanna know some awesome backdoors I built in?

    type in >openBackdoor(“alert(‘haxxed’)”) and EVERY USER CONNECTED TO THE SERVER will execute ANY code at your will. Do you consider that security?

    No, I didn’t design it for security in the first place. I designed it to work very simply, each client is “hacking” each other to get things done. In the attack code, it literally does
    >hackUser(“userstats.hp–”)

  13. 'a' = 'a' says

    nvm. there is way to setup impossible to break passwod wt javascript… here is tip: its not a password…

  14. 'a' = 'a' says

    by the way, check what JavaScript based game: http://www.fordana.com

  15. admin says

    BTW, that’s not ajax, especially not comet. And it looks as if much of the code is on the server. Nothing like mine.

    If you try downloading the client, it wont work without a server, mine will.

  16. 'a' = 'a' says

    Good for you. want to see impossible to break password in JavaScript?

  17. 'a' = 'a' says

    Script is only from 10lines, and doesn’t encrypted.

  18. admin says

    What are you talking about?

  19. 'a' = 'a' says

    about password script who will be impossible to break

  20. admin says

    What’s “10lines”?

  21. 'a' = 'a' says

    whole code are only from 10 lines

  22. admin says

    so what is it? I can make some pseudo encryption that is “impossible” to crack easily.

    “lets see if you can decode this”.split(“”).sort().join(” “).split(/[aeiou]/g).sort(function(a,b){return a.length-b.length}).join(” “).split(” “).join().replace(/,,,/g,”l”).replace(/,,/g,”a”).replace(“ll”,”x”)

    which comes out with:
    xll,yaf,hll,nlc,c,d,dls,s,s,t,tlllla

    less information than needed to reconstruct the phrase again. Doesn’t mean impossible, you can quite easily feed it into a brute-force cracking engine and get the answer. No hashing on the client side can be safe from that. You have no control over Who/What is doing.

  23. 'a' = 'a' says

    nvm what dis all about… there is no need to encrypt…
    here is script:
    script language=”JavaScript”>

    Hahahahahahahha owned!

  24. 'a' = 'a' says
  25. 'a' = 'a' says

    nice anti script posting protection… so how i can post script source>?

  26. admin says

    What? Um… I didn’t make any protection :P It comes with wordpress.

    Try stripping off all the < and > characters. and you knew more about hacking, you could probably get away with it :)

  27. 'a' = 'a' says

    OK here is script:

    var password = prompt(“Enter in the password.”,””)

    if (password == null) {
    history.back();
    }

    else {
    location = password.toLowerCase() “.html”

    You cant hack what javascript password script! :D

  28. admin says

    Because it’s using the server for validation. It’s not client-side.

  29. 'a' = 'a' says

    what do you mean?

  30. admin says

    Well, doing a window.location makes the browser query the server. The script requires a server.

    If you go to the web page, unplug your computer from the internet, the script won’t verify even if you have the right password.

    Anything that uses AJAX (XMLHTTPRequest), form submitting (form.submit()), setting the URL (window.location), is not client-side.

    It’s the server that checks whether the file is there or not.

  31. 'a' = 'a' says

    ok lol but its javascript. wan you talking tales about php and encrypting password…

  32. admin says

    ..but it’s not _pure_ javascript. and that was my point. The only way to do it with pure javascript is ineffective encryption.

  33. 'a' = 'a' says

    thre is way to decrypt any password who in js

  34. admin says

    my point exactly. I accept your defeat.

  35. 'a' = 'a' says

    what?
    you accept wt i lost?
    no guy, whats not deal.

  36. admin says

    Ok. so what? You couldn’t defend your point. So I am the clear “winner” of the argument.



Some HTML is OK

or, reply to this post via trackback.