[LivingNightmare]

Hello everyone,

I was given this script (without the comments), and I need to figure out what it does. I've added the comments as a guess as to what it does, but I have never done any javascript before. So clarifications would be appreciated.

var _0x39e7=["\x76\x61\x6C\x75\x65", // value
	"\x67\x65\x74\x45\x6C\x65\x6D\x65\x6E\x74\x42\x79\x49\x64", // getElementById
	"\x3C", // <
	"\x26\x6C\x74\x3B", // &lt;
	"\x72\x65\x70\x6C\x61\x63\x65", // replace
	"\x3E", // >
	"\x26\x67\x74\x3B", // &gt;
	"\x5C\x22"]; // \"
	
function sanitize(_0xe049x2){
	var _0xe049x3=document[_0x39e7[1]](_0xe049x2)[_0x39e7[0]]; // x = document.getElementById(BLAH).value
	var _0xe049x4=_0xe049x3[_0x39e7[4]](_0x39e7[2],_0x39e7[3]); // y = x.replace(<, &lt;);
	_0xe049x4=_0xe049x4[_0x39e7[4]](_0x39e7[5],_0x39e7[6]); // y = y.replace(>, &gt;);
	_0xe049x4=_0xe049x4[_0x39e7[4]](/"/g,_0x39e7[7]); // y = y.replace(/"/g, "\"");
	document[_0x39e7[1]](_0xe049x2)[_0x39e7[0]]=_0xe049x4; // document.getElementById(BLAH).value = y
} ;

So if all of my comments are indeed correct, what does the replace(/"/g, "\"") call do? It seems like we are replacing quotes by quotes ... or something? Doesn't seem to make much sense to me...

Thanks!

[e_i_pi]

The Javascript has been scrambled, likely by the developer for a reason. If you want to know what it does, best bet would be to look at the original source.

[LivingNightmare]

I don't have the original source. This is only what I have access to for my assignment. I've also translated the hex characters into proper ascii within the comments. Also, I believe that all it does it replace < by &lt;, > by &gt; and /"/g by \". What I want to know is, given that the inputs to this function is a url, why would one do this? And lastly, what do we get by calling replace(/"/g, \") ? Are we just replacing quotes by quotes? This seems useless to me...

Explanations are appreciated.
Thanks!

[LivingNightmare]

~Bump~ - I'm still not having much luck with this... Help would be greatly appreciated!