[ale] Noscript found a couple of scripts I didn't write.

Jim Lynch ale_nospam at fayettedigital.com
Wed Apr 15 13:36:11 EDT 2009


Sean McNealy wrote:
> The HTML code to load the javascript could have been placed inside 
> your database.  Then your PHP code would attach it to your page, 
> displaying as what you thought was content.
>
> View source from the browser and see if you can grep through that to 
> see where it's loading from.
Since I wrote the javascript and the php, rest assured that there is no 
html code in the database. Even if it were there, my php doesn't yank 
html from the db.  It's membership data in the db and I just extract 
things like names, addresses, membership status, etc.  Then I plop the 
data into tables for display and update.

I keep all the source in a subversion repository.  svn status doesn't 
show any changes since the 9th.  svn log doesn't show any changes since 
then either, so I don't think anyone has screwed with my programs.  I 
didn't put the Dojo source into svn so I suppose someone could have put 
something in there.

Looking at the source doesn't get it.  Most of what is displayed is 
generated by js/php and is dynamic so all you see looking at the source 
is a skeleton.  The meat is dynamic, hence the AJAX usage.

Thanks,
Jim.
>
> (note: I didn't click those links since I can't risk my work machine.  
> I've no idea what's on those sites.)
>
> -Sean
>
> On Wed, Apr 15, 2009 at 1:00 PM, Jim Lynch 
> <ale_nospam at fayettedigital.com <mailto:ale_nospam at fayettedigital.com>> 
> wrote:
>
>     I have developed an ajax app using Dojo and php to support a club I
>     belong to.  It's been up and running for a short while but when I went
>     to it today, the FF plugin noscript asked if I wanted to permit
>     imiclk.com <http://imiclk.com> and abmr.com <http://abmr.com> to
>     run scripts on that page.
>
>     Where the dickens did those scripts come from and how'd they get
>     linked
>     in my page?
>
>     I did a search of my code and I find no references to them.  By what
>     magic did they get involved in my site?
>
>     Any suggestions as to where I should look or what's going on?
>
>     Thanks,
>     Jim.
>     _______________________________________________
>     Ale mailing list
>     Ale at ale.org <mailto:Ale at ale.org>
>     http://mail.ale.org/mailman/listinfo/ale
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>   



More information about the Ale mailing list