 |
|
 |
|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 355 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: New Recent Posts Block (Score: 1)
by Zhen-Xjell on Monday, January 12 @ 10:22:35 CET
(User Info | Send a Message) http://castlecops.com | To compare benign javascript code in php-nuke to malicious client side scripting is like comparing apples and oranges. For an example of what is considered 'bad' client side code I would recommend checking some of my original Proxomitron privacy work here:
http://computercops.us/downloads-file-91-details-zx_20020105.zip_(FULL_COMPLETE).html
You can download Proxomitron from here:
http://computercops.us/downloads-file-269-details-Proxomitron_Naoko_4.5_(ZIP).html
For support you can visit the general forum here:
http://computercops.us/forum10.html [computercops.us]
Here are some sample filters I had written to stop certain Javascript code:
Name = "Kill JavaScript Banners"
Active = TRUE
Bounds = "<script($INEST(<script,</script)</script>( <noscript>|)|*)"
Limit = 2048
Match = "*(://$AV($LST(AdList)*)|"
"=?=?=?=?|ad(click|cycle)|banner_height|<iframe|'ht'+'tp|.referrer)"
"&*>(�<noscript>|�)"
Replace = "<!-- JS Banner blocked -->
"
"<script language="ShonenScript">�"
Name = "Kill add-on JavaScripts "
Active = TRUE
Multi = TRUE
Limit = 1024
Match = "</html>1$NEST(<script,</script>)"
Replace = "<font size=1>[PostScript Killed]</font><br>
"
"</html>1
"
Name = "Kill Dynamic HTML JavaScripts"
Active = TRUE
Limit = 256
Match = "<start>"
Replace = "<!--//--><script> function NoWrite(txt){return(1);} "
"document.write=NoWrite; "
"document.writeln=NoWrite; "
"</script>
"
Name = "Stop JavaScript Redirects"
Active = FALSE
Limit = 30
Match = ".location(=|.)1"
Replace = ".NoLocation1"
Name = "Kill Nosey JavaScripts - GREG"
Active = FALSE
Bounds = "<script*</script>"
Limit = 16000
Match = "*(.(referrer|plugins|cookie|colorDepth|pixelDepth|external)|history.length)*"
Replace = "<!-- Killed Nosey JavaScript -->"
Reason for blocking such client side scripting is to disable user tracking.
And its because of this history that I know folks shut down client side scripting. Now the code in PHP-Nuke certainly doesn't qualify as 'bad' client side code. But there may be some folks who shut it down.
For instance, I notice many portal sites make use of right click disabling. Such code as the following would render that useless and would allow a web surfer to right click:
Name = "Allow Right Click"
Active = TRUE
Bounds = ""
Limit = 256
Match = "1oncontextmenu=2"
Replace = "1Prx_offcontextmenu=2"
Name = "Allow right mouse click"
Active = FALSE
Limit = 256
Match = ".(onmousedown=|captureEvents()1"
Replace = ".PrxOff_1"
At Computer Cops I make use of only the base php-nuke javascript code. Nothing additional. At CCSP I take pride that banners are not maintained and the site is fairly free of all that gibberish.
While at NC there is a different mindset than from CCSP. I don't doubt however that a minimal amount of netizens shut down the display of the banners, which of course are privacy tracking tools by those banner companies.
Hence... to enable maximum exposure for your code,
Read the rest of this comment... |
| Parent | | | | | |
|