~~HTML/text/JavaSript Escaping/Encoding Script Tool~~
These scripts are intended to explain how to "hide" HTML and/or javascript from other people who view your page's source code. It is not foolproof, but it does make it more difficult to read and understand the source code. Due to the nature of how these scripts work, the explanation may seem complicated and drawn out, but be patient and it should make sense once you gain a little experience with them. You don't really have to know the ins-and-outs of these scripts, but it does help you understand how and why they work. So, take a seat and I'll do my best to make this seem as un-complicated as possible.
For example, if you had an HTML filename of page one, the escaped URL code would look like page%20one. The %20 is the escaped value for a space. Normally, you would only escape special characters (generally any character other than a-z, A-Z, and 0-9), but the script below actually escapes all the text simply by replacing all characters with their escaped equivalents. So, if you were to fully escape the words page one, it would look like: %70%61%67%65%20%6F%6E%65. Now, none of the text is easily decipherable even though most of it was made up of normal characters.
Since the browser can inherently handle escape codes, this can be used pretty easily without having to add any more script to decipher them. So, if you want the browser to write that escaped text to the page, you could do something like:
The two textboxes below will let you fully escape and unescape any text you want. Just type whatever text/HTML/JavaScript you want in the left box and click the --> button to fully escape it. Likewise, click the <-- button to convert it back to normal text to verify that it is the same as the original. You can copy & paste the escaped code into your page (don't forget to use the unescape() and document.write() methods).
All I'm doing here is putting the escaped string in a set of quotes (important!), wrapping that inside the built-in unescape() method, and then wrapping that in a document.write() method. This might seem a little worthless, but you could hide an email address this way to prevent web crawlers from snagging your e-mail address from your webpage to use in mass spam e-mailings, yet allowing visitors to read it fine... Unless, of course, you actually like getting Viagra solicitations. :)
The following steps are what the script does to accomplish this effect when you click the --> (encode) button:
1. First, all the text is escaped.
2. Then the script finds the Unicode values for each character in the string.
3. Then the script adds whatever the Code Key drop-down box value is to each character's Unicode value.
4. Then the script derives characters based on the shifted Unicode values.
5. The Code Key value is also embedded in the decoded text so the script knows how to properly decode the string again.
6. Finally, it escapes the result one more time to remove any special characters. Now, the output looks totally foreign to someone who cannot un-shift Unicode values in their head. :)
The decode step <-- simply reverses the process.
Unfortunately, the browser does not have any built-in ability to handle the decoding, so we have to use a function for that. So, you have to escape the function that handles the decoding to hide that part, and have the browser write it to the document. You don't really have to escape the decoding function, but it will make it that much harder for someone to figure out what's going on. Then, the decoding function can be used to decode the rest of whatever content you have encoded. I'll outline the steps below one-by-one to make this less confusing.
