居住在大深圳的关外几年,换了几家宽带运营商,对于运营商的DNS拦截投放广告已经无力吐槽了,在度娘上搜索任意东西他们时刻会提醒我,尤其是是惯了下淘宝或京东。作为一个小小的程序员,实在忍不住想看下究竟,也好发表下自己的不平。
一、现在更有甚者的是,我在浏览器上输入baidu.com的时候,居然会302重定向到另外一个静态页面,再重定向到baidu首页。以下是google抓到的网络请求包
1,在google上输入baidu.com
2.直接重定向到一个垃圾页面bd1.html
bd1.html的源码:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="0">
<title>百度一下,你就知道</title>
</head>
<body>
<script>
(function(d){
function isCkie(){
var isSupport=false;
if(typeof(navigator.cookieEnabled)!='undefined'){
isSupport=navigator.cookieEnabled;
}
return isSupport;
}
//Cookie相关函数
var sCkie=new function(){
//过期时间
this.expTime=function(millisecond){if(millisecond.length==0){millisecond=0};var exp=new Date();exp.setTime(exp.getTime()+parseInt(millisecond));return exp.toGMTString();};
//创建cookie
this.add=function(name,value,expires,path,domain,secure){d.cookie=name+"="+encodeURI(value)+(expires?(';expires='+expires):'')+(path?(';path='+path):'')+(domain?(';domain='+domain):'')+((secure)?';secure':'');};
//删除cookie
//this.del=function(name,path,domain){if(getCookie(name)){document.cookie=name+"="+((path)?(";path="+path):'')+((domain)?(";domain="+domain):'')+";expires=Mon,01-Jan-2006 00:00:01 GMT";}};
//获取cookie
this.get=function(name){var arg=name+"=";var alen=arg.length;var theCookie=''+d.cookie;var inCookieSite=theCookie.indexOf(arg);if(inCookieSite==-1||name==""){return '';}var begin=inCookieSite+alen;var end=theCookie.indexOf(';',begin);if(end==-1){end=theCookie.length;}return decodeURI(theCookie.substring(begin,end));};
};
var gUrl;
if(isCkie()){
var ckie=0;
var sid='lpvt_f6461a705844d7177814f8a1aa45aaa5';
var skie=sCkie.get(sid);
if (skie!='')
{
ckie=parseInt(skie);
}
if(ckie<1){
var rand=Math.random();
if(rand<1.8){
gUrl="https://www.baidu.com/?tn=93084597_hao_pg";
}else{
gUrl="https://www.baidu.com/";
}
sCkie.add(sid,'1',sCkie.expTime(30*60*1000),0,0,0);
}else{
gUrl="https://www.baidu.com/";
}
}else{
gUrl="https://www.baidu.com/";
}
(function(u){if(window.navigate&&typeof navigate=='function')navigate(u);var ua=navigator.userAgent;if(ua.match(/applewebkit/i)){var h = document.createElement('a');h.rel='noreferrer';h.href=u;document.body.appendChild(h);var evt=document.createEvent('MouseEvents');evt.initEvent('click', true,true);h.dispatchEvent(evt);}else{document.write('<meta http-equiv="Refresh" Content="0; Url='+u+'" >');}})(gUrl);
})(document);
</script>
</body>
</html>
3.一个不清楚的请求
4.一个垃圾服务器的ico请求
二、在百度上搜索京东,进入京东之前也302跳转了几次页面
1.在百度上搜索京东
2.选择第一个进入京东
jd2/的页面源码
<html>
<HEAD>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="0">
</HEAD>
<body style="display:none">
<script type="text/javascript">
function $do(u){
if(window.navigate&&typeof navigate=='function')
navigate(u);
var ua=navigator.userAgent;
if(ua.match(/applewebkit/i)){
var h = document.createElement('a');
h.rel='noreferrer';
h.href=u;document.body.appendChild(h);
var evt=document.createEvent('MouseEvents');
evt.initEvent('click', true,true);
h.dispatchEvent(evt);
}else{
document.write('<meta http-equiv="Refresh" Content="0; Url='+u+'" >');
}
}
var vol=['http://www.seelight.cn/uto/?01151'];
var index=Math.floor(Math.random()*vol.length);$do(vol[index]);
</script>
</body>
</html>
2.直接跳入待一个垃圾页面
?01151请求的源码:
<html>
<body>
<a id="form1" href="../"></a>
<a id="form2" href="../?1466916847"></a>
<script language="javascript" type="text/javascript">
(function(d){
var val="1466916847";
var sCkie=new function(){
this.get=function(name){
var arg=name+"=";
var alen=arg.length;
var theCookie=""+d.cookie;
var inCookieSite=theCookie.indexOf(arg);
if(inCookieSite==-1||name==""){
return "";
}
var begin=inCookieSite+alen;
var end=theCookie.indexOf(";",begin);
if(end==-1){end=theCookie.length;}
return decodeURI(theCookie.substring(begin,end));
};
};
var cst=sCkie.get("st");
var id="form2";
if(cst==val){
id="form1";
}
var comment=document.getElementById(id);
if (document.all){
comment.click();
}else if (document.createEvent) {
var ev = document.createEvent("MouseEvents");
ev.initEvent("click", false, true);
comment.dispatchEvent(ev);}
})(document);
</script></body></html>
3.跳入垃圾页面:seelight.cn
4.一个ico图片的请求
5.开始真正进入京东的页面
6.继续加载
7.最后url地址栏就变成这样了:https://www.jd.com/?cu=true&utm_source=www.seelight.cn&utm_medium=tuiguang&utm_campaign=t_1000003744_&utm_term=f12ba28f110e42989c8cc59aa02b5ece
猜测:这应该是网络运营商为了获取广告利润而采用的策略,不清楚还会不会对我的网购造成安全问题。
流程:以从百度进入京东的请求为例:运营商劫持了我的京东请求,然后跳入到自己的广告页面,再跳转到京东页面,此时京东就以为这个链接是从广告页面进来的,从而赚取广告点击。(默认这个点击应该是给百度赚的)