var enableInspectElement = 'false';
            
     if (enableInspectElement == 'false') {
        $(document).bind("contextmenu",function(e) {
            e.preventDefault();
        });
        
        document.onkeydown = function (e) {
            if (event.keyCode == 123) {
                return false;
            }
            if (e.ctrlKey && e.shiftKey && (e.keyCode == 'I'.charCodeAt(0) || e.keyCode == 'i'.charCodeAt(0))) {
                return false;
            }
            if (e.ctrlKey && e.shiftKey && (e.keyCode == 'C'.charCodeAt(0) || e.keyCode == 'c'.charCodeAt(0))) {
                return false;
            }
            if (e.ctrlKey && e.shiftKey && (e.keyCode == 'J'.charCodeAt(0) || e.keyCode == 'j'.charCodeAt(0))) {
                return false;
            }
            if (e.ctrlKey && (e.keyCode == 'U'.charCodeAt(0) || e.keyCode == 'u'.charCodeAt(0))) {
                return false;
            }
            if (e.ctrlKey && (e.keyCode == 'S'.charCodeAt(0) || e.keyCode == 's'.charCodeAt(0))) {
                return false;
            }
        }
    }
    
$(document).ready(function () {

    
        logMsg('SDDI Url : https://traffic.rta.ae/trfesrv');
        logMsg('CSRF_TOKEN_NAME : CSRFfpsf8z');
        logMsg('CSRF_TOKEN_VALUE : w3b49550a8az');
        var start = new Date().getTime();
        try {
    
            scanForms();
            scanLinks();
            scanIFrames();
            scanImages();
            
            var taskTrf75209Enabled = 'false';
            if (taskTrf75209Enabled == 'false') {
               encryptLinks();
            }
        } catch(err) {
            alert('Error applying CSRF security :' + err);
            logMsg('Error : ' + err);
        }
        var end = new Date().getTime();
        window.console.log( 'CSRF scan took about : [' + ( end - start )/1000 + '] second' );
    
});

/**
 * Scan Links and encrypt it's href
 */
function encryptLinks() {
   var taskSLI13209Enabled = 'true';
    if (taskSLI13209Enabled == 'false') {
        return;
    }
    
    var requestURI = window.location.pathname;
    var skippedCryptoURL = isSkippedRequest(requestURI);
    if (skippedCryptoURL == 'true') {
        return;
    }
    
    $("a").each(function() {
        var encryptedLink = encryptLinkParameters($(this).attr('href'));
        $(this).attr('href', encryptedLink);
    });
}

    /**
     * Checks if passed URL is skipped crypto URL or not
     *
     * @param requestURI
     * @returns {string}
     */
    function isSkippedRequest(requestURI) {
    if (isEmpty(requestURI)) {
        return 'true';
    }

    var result = 'false';
    try {
        $.ajax( {
            type : 'GET',
            dataType : 'text',
            async : false,
            cache : true,
            url : appendCSRFTokenToURL('/trfesrv/urlCryptoLogServlet'),
            data :  {
                'value' : trim(requestURI),
                'command' : 'isSkippedCryptoURL',
                'isPublicAccess' : true
            },
            success : function (response) {
                result = response;
            },
            error : function (e) {
                return 'false';
            }
        });
    } catch (e) {
        console.log("Error while trying to check url ="  + value  + " is skipped crypto URL or not ,because of "  + e);
    }

    return result;
}

/**
 * Scan dom tree for <form> elements, if found add a new hidden input 
 * with CSRF token
 */
function scanForms() { 

    $("form").each(function() {
        
        if ( $(this).find('input:hidden[name=CSRFfpsf8z]').length == 0 ) {
            $(this).append('<input type="hidden" id="CSRFfpsf8z"' +  
                    'name="CSRFfpsf8z" ' + 
                    'value="w3b49550a8az" />');
            
            var formId = $(this).attr('id'); 
            formId = !isEmpty( formId ) ? 
                    'id=' + formId : 
                    'name=' + $(this).attr('name');
            logMsg(  'Adding CSRF token to form [' + formId + ', action=' + $(this).attr('action') + ']' );
        }
        
    });
}

/**
 * Scan dom tree for <a> elements (link or anchor), if a link found and its referencing SDDI page
 * append CSRF token param at the end of it
 */
function scanLinks() { 

    $("a").each(function() {
    
        var href = $(this).attr('href');
        if (  isURLValidToCSRF( href ) ) {
                
                csrfProtectedHRef = appendCSRFTokenToURL(href);                
                $(this).attr('href', csrfProtectedHRef);
                
                var linkId = $(this).attr('id');
                linkId = !isEmpty(linkId) ? 
                        'id=' + linkId :
                        'name=' + $(this).attr('name');
                    
                logMsg(  'Adding CSRF token to Link [' + linkId + ', href=' + href + ', new href=' + csrfProtectedHRef + ']' );

        }
    });
}

function callCSRFfunction(){
    logMsg('SDDI Url : https://traffic.rta.ae/trfesrv');
    logMsg('CSRF_TOKEN_NAME : CSRFfpsf8z');
    logMsg('CSRF_TOKEN_VALUE : w3b49550a8az');
    var start = new Date().getTime();
    try {

        scanForms();
        scanLinks();
        scanIFrames();
        scanImages();
        
        
    } catch(err) {
        alert('Error applying CSRF security :' + err);
        logMsg('Error : ' + err);
    }
    var end = new Date().getTime();
    window.console.log( 'CSRF scan took about : [' + ( end - start )/1000 + '] second' );
}
var callCount = 1;
var repeater = setInterval(function () {
  if (callCount < 4) {
    callCSRFfunction();
    callCount += 1;
  } else {
    clearInterval(repeater);
  }
}, 1000);

/**
 * Scan dom tree for <iframe> elements, if found and is referencing SDDI page
 * append CSRF token param at the end of its src attribute
 */
function scanIFrames() {
    
    $("iframe").each(function() {
    
        var src = $(this).attr('src');
        if (  isURLValidToCSRF( src ) ) {
                
                var csrfProtectedSrc = appendCSRFTokenToURL(src);                
                $(this).attr('src', csrfProtectedSrc);
                
                var iFrameId = $(this).attr('id');
                iFrameId = !isEmpty(iFrameId) ? 
                        'id=' + iFrameId :
                        'name=' + $(this).attr('name');
                    
                logMsg(  'Adding CSRF token to iframe [' + iFrameId + ', src=' + src + ', new src=' + csrfProtectedSrc + ']' );

        } else {
            $(this).attr('src', encryptUrl(src));
        }
    });
}


/**
 * Scan dom tree for <img> elements, if found and its src attribute using java to load
 * then append CSRF token param at the end of its src attribute
 */
function scanImages() {
    
    $("img").each(function() {
    
        if (  isImageLoadedUsingJava( src ) ) {
                
                var src = $(this).attr('src');
                var csrfProtectedSrc = appendCSRFTokenToURL(src);                
                $(this).attr('src', csrfProtectedSrc);
                
                var imageId = $(this).attr('id');
                imageId = !isEmpty(imageId) ? 
                        'id=' + imageId :
                        'name=' + $(this).attr('name');

        }
    });
}

/**
 * Check if url valid to add CSRF token to it
 * 
 * @param href : link href to validate
 * @return true if url: not empty 
 *                      has no CSRF toekn yet
 *                      has no hash mark
 *                      has no javascript call
 */
function isURLValidToCSRF(href) {
   
   if ( !isEmpty( href ) && 
        href.indexOf('CSRFfpsf8z') == -1 &&
        !isHashUrl( href ) && 
        href.indexOf( 'javascript:' ) == -1 ) {
        
        return true;
    }
    return false;
}


/**
 * Check if image src is using java
 * 
 * @param src : image src attribute to be inspected
 * @return true if image is loaded using file extention
 */
function isImageLoadedUsingJava( src ) {
   
   if ( isEmpty( src ) ) {
        return false;
   }
   
   if ( src.indexOf('.do') != -1 || 
        src.indexOf('.jsp') != -1 ) {
        
        return true;
    }
    return false;
}



/**
 * Check if passed value is empty
 * 
 * @param val 
 * @return true if value is empty , null or undefined
 */
function isEmpty (val) {
    
    if (val != '' 
        && val != null 
        && typeof val !== typeof undefined
        && val !== false) {
        return false;
    }
    return true;
}

/**
 * Check if the passed url referencing SDDI page
 * 
 * @param url 
 * @return true if url is referencing SDDI page
 */
function isSDDIUrl(url) {
    
    // if the url is relative then its definetly SDDI
    if ( url.indexOf('http://') == -1 && url.indexOf('https://') == -1 ) {
        return true;
    }
    var SDDI_URL = 'https://traffic.rta.ae/trfesrv';    
    var sddiHostName = getURLHostName( SDDI_URL );
    var urlHost = getURLHostName( url );
    
    if ( sddiHostName == urlHost ) {
        return true;
    }
    return false; 
}

/**
 * Extract the host name from the passed url
 * 
 * @param url 
 * @return host name from the url
 */
function getURLHostName( url ) { 
    if (url.indexOf('http://') > -1) {
        urlParts = url.match(/^http:\/\/[^/]+/);
    }
    
    if (url.indexOf('https://') > -1) {
        urlParts = url.match(/^https:\/\/[^/]+/);
    }
    
    return urlParts ? urlParts[0] : null;
}

/**
 * Display messages on browser cosole
 * 
 * @param msg : message to be displayed on browser cosole
 */
function logMsg (msg) {
    
    var hasConsole = window.console;
    if (hasConsole) {
        // window.console.log(msg);
    }
} 

/**
 * Check if the url contains a fragment identifier; 
 * Fragment identifier is a hash mark '#' which is used to reference other
 * sections in the same page
 * 
 * @param url 
 * @return true if url contains hash (#)
 */
function isHashUrl(url) {

    var urlHash = $("<a>").attr( { 'href' : url } )[0].hash;
    var hasHashMark = !isEmpty(urlHash) || url === '#';
    return hasHashMark;
}

/**
 * Add CSRF generated token to the passed href
 * 
 * @param href : url to add CSRF tokens to
 */
function appendCSRFTokenToURL(href) {

    if ( isEmpty( href ) ) {
        return href;
    }
    
    href = trim( href )
    var csrfProtectedHRef = href;
    if ( isURLValidToCSRF( href ) && isSDDIUrl( href ) ) {
    
        var csrfAddedToken = 'CSRFfpsf8z=' + 
                             'w3b49550a8az';
        
        if ( href.indexOf('?') == -1 ) {
            csrfProtectedHRef = href + '?' + csrfAddedToken;
        } else if ( href.indexOf('?') == (href.length-1) ) {
            csrfProtectedHRef = href + csrfAddedToken;
        } else {
            csrfProtectedHRef = href + '&' + csrfAddedToken;
        }
    } else {
    
        logMsg(  'Ignoring Invalid Link [' + href + ']' );
    }
    
    csrfProtectedHRef = encryptUrl(csrfProtectedHRef);
    
    return csrfProtectedHRef;
}

/**
 * Open new window
 * 
 * @param url       : Page url to open
 * @param name      : Window name (but not the window title)
 * @param specs     : Windows properties
 * @param replace   : Boolean indicate whether the url creates a new entry or replaces the current entry in the browser history
 *                    ( true ) means ulr replaces current document in browser history 
 *                    ( false )
 */
function openWindow(url, name, specs, replace) {
    
    var csrfProtectedHRef = appendCSRFTokenToURL( url );
    
    // If the window name have spaces then IE will not open the window
    // just replace any empty spaces with the underscore character '_'
    if ( !isEmpty( name ) ) {
        name = name.replace(' ', '_');
    }
    
    return window.open(csrfProtectedHRef, name, specs, replace);
}


/**
 * Redirect the current opened window to the passed url 
 * 
 * @param url       : Page url to edirect to
 * @param isOpener  : Boolean to indicate wethere redirection should happend on the open caller or not 
 * @param isParent  : Boolean to indicate wethere redirection should happend on parent window or not
 */
function redirectToLocation( url, isOpener, isParent) {
    
    if ( isEmpty( url ) ) {
    
        var errMsg = 'Cannot redirect to empty URL';
        logMsg( errMsg );
        alert( 'Error : ' + errMsg );
    } else {
    
        var selectedWindow = window;
        if ( !isEmpty( isOpener ) && isOpener ) {
            selectedWindow = window.opener;
        } else if ( !isEmpty( isOpener ) && isParent ) {
            selectedWindow = window.parent;
        }
        
        if(selectedWindow == null){
            selectedWindow = window;
        }

        var csrfProtectedHRef = appendCSRFTokenToURL( url );
        selectedWindow.location = csrfProtectedHRef;
        
    }
}

/**
 * Set the selectedLocation href property to the passed url value
 * 
 * @param selectedLocation : This is the location object (default is window.location)
 * @param url              : the URL you want to set the location href property to
 */
function redirectToHRef( selectedLocation, url) {
    
    if ( isEmpty( url ) ) {
    
        var errMsg = 'Cannot redirect HRef to empty URL';
        logMsg( errMsg );
        alert( 'Error : ' + errMsg );
    } if ( isEmpty( selectedLocation ) ) {
        
        var errMsg = 'Cannot redirect HRef using empty location object';
        logMsg( errMsg );
        alert( 'Error : ' + errMsg );
    } else {
        
        var csrfProtectedHRef = appendCSRFTokenToURL( url );
        selectedLocation.href = csrfProtectedHRef;
    }
}


/*------------------------------------------------------------------------------
  -- Trim empty spaces from string object. If str is null, null value will be 
  -- returned.
  
  -- Note : This function has been copy/pasted from the public_html/common/script/common.js file specially 
            for the case of the kiosk, since it do not include common.js
  -- @param str: String object to be trimed. 
  ------------------------------------------------------------------------------
*/
function trim(str) {

    if (str == null || str == '' || str.length == 0) {
        return null;
    }
    
    if (isNumber(str)) {
        return str;
    }
    
    var newStr = '' + str;
    return newStr.replace(/^\s+|\s+$/g, '') ;
}

/*------------------------------------------------------------------------------
  -- Check if the txt value is a valid number.
  
  -- Note : This function has been copy/pasted from the public_html/common/script/common.js file specially 
            for the case of the kiosk, since it do not include common.js
  
  -- @param txt: text value to be parsed
  -- @return true if the text value is a valid number.
  ------------------------------------------------------------------------------
*/
function isNumber(txt) {
    if (txt != null && txt.length > 0) {
        var re = /^\d*$/;
        
        if (! re.test(txt)) {
            return false;            
        }
    }

        return true;
}


    function encryptUrl(url) {
        var taskTrf75209Enabled = 'false';
        if (taskTrf75209Enabled == 'true') {
            return encryptLinkParameters(url);
        }

        return url;
    }
    
    function encryptLinkParameters(href) {
        if (isEmpty(href)) {
            return href;
        }

        href = trim(href);
        if (isHashUrl(href) || href.indexOf( 'javascript:' ) > -1 ||
            !isSDDIUrl(href) || href.indexOf('?') == -1 ||
            (href.indexOf('?') == (href.length-1))) {
            return  href;
        }

        var link = href.substring(0,href.indexOf('?')+1);
        var sPageURL = href.substring(href.indexOf('?')+1);
        var sURLVariables = sPageURL.split('&');
        var encryptParamVal = false;
        for (var i = 0; i < sURLVariables.length; i++) {
            var firstIndex = sURLVariables[i].indexOf('=');

            name = sURLVariables[i].substring(0,firstIndex);    
            value = sURLVariables[i].substring(firstIndex + 1);

            if (i > 0) {
                link = link + "&";
            }

            if (name == 'CSRFfpsf8z') {
                link = link + name + "="  + value;
            } else {
                link = link + name + "="  + encryptValue(value);
                encryptParamVal = true;
            }
        }
        
        if (encryptParamVal) {
            logURLCrypto(href);
        }
        
        return link;
    }

    function encryptValue(value) {
        if (isEmpty(value)) {
            return value;
        }

        var encryptedValue = value;
        try {
            $.ajax( {
                type : 'GET',
                dataType : 'text',
                async : false,
                cache : true,
                url : appendCSRFTokenToURL('/trfesrv/urlCryptoLogServlet'),
                data :  {
                    'value' : trim(value),
                    'command' : 'encrypt',
                    'isPublicAccess' : true
                },
                success : function (response) {
                    encryptedValue = response;
                },
                error : function (e) {
                    return false;
                }
            });
        } catch (e) {
            console.log("Error while trying to encrypt value ="  + value  + " because of "  + e);
        }

        return encryptedValue;
    }
    
    
    function decryptValue(encryptedValue,requestParam) {
        if (isEmpty(encryptedValue)) {
            return encryptedValue;
        }

        var decryptedValue = '';
        try {
            $.ajax( {
                type : 'GET',
                dataType : 'text',
                async : false,
                cache : true,
                url : appendCSRFTokenToURL('/trfesrv/urlCryptoLogServlet'),
                data :  {
                    'value' : trim(encryptedValue),
                    'command' : 'decrypt',
                    'isPublicAccess' : true,
                    'requestParam' : requestParam
                },
                success : function (response) {
                    decryptedValue = response;
                },
                error : function (e) {
                    return false;
                }
            });
        } catch (e) {
            console.log("Error while trying to decrypt value ="  + encryptedValue  + " because of "  + e);
        }

        return decryptedValue;
    }

    function logURLCrypto(unencryptedLink) {
        var logURLCrypto = 'false';
        if (logURLCrypto == 'false') {
            return;
        }
        
        var logEncryptedURLCrypto = 'true';
        if (logEncryptedURLCrypto == 'true') {
            return;
        }
        
        try {
            $.ajax( {
                type : 'GET',
                dataType : 'text',
                async : false,
                cache : true,
                url : appendCSRFTokenToURL('/trfesrv/urlCryptoLogServlet'),
                data :  {
                    'value' : trim(unencryptedLink),
                    'command' : 'logCryptoUrl',
                    'activity' : '1',
                    'monitorStatus' : '1',
                    'isPublicAccess' : true
                },
                success : function (response) {
                },
                error : function (e) {
                    return false;
                }
            });
        } catch (e) {
            console.log("Error while trying to log crypto URL = "  + unencryptedLink  + " because of "  + e);
        }
    }