stackoom
  简体   繁体   中英

injecting javascript in my html

 原文  2015-12-07 09:37:18       javascript/ html/ security/ http

Question

Very frequently I find in the logs requests for javascript that are not part of my website.

One such javascript is "showpass-1.5.js" and error looks like: 

2015/12/06 07:03:27 [error] 14129#0: *54208136 open() "/usr/share/nginx/html/nsl.mapticket.net/sd/apps/showpass/showpass-1.5.js" failed (2: No such file or directory) [...]

I'm thinking that someone injects arbitrary code into the html of my website and tries to collect information about my users. But who and in what circumstances?

I don't have a lot of experience with HTTP protocols. Is this a vulnerability of the sites using HTTP (so not HTTPS) and how one can protect his website from this types of activities?

1 answers

solution1
 0 ACCPTED  2016-01-09 04:19:16

Those requests are coming from the ShowPass adware script - as the above commenter noted, it's most likely a matter of your visitors' machines being infected, rather than your site. There's not much you can do about it, but it isn't a direct threat to your site or server.

For more details: http://www.shouldiremoveit.com/ShowPass-Smartbar-132262-program.aspx

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Injecting data in html with javascript Injecting Javascript snippet in HTML Injecting javascript to click on html button Injecting CSS and JavaScript in HTML code Injecting javascript and HTML using AJAX Injecting html via javascript/jquery? Injecting CSS like HTML through JavaScript into the DOM JavaScript: Dynamically injecting and removing html pages injecting arbitrary HTML string into document (javascript) - updated Injecting and executing JavaScript string in a specific HTML element
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM