I have run into a bizarre situation on a single computer in my office. All other computers work as they should.
What happens is web pages hosted on the internal server (local network: 192.168.1.6) will not execute any of the javascript functionality on the internal web application. Meaning the buttons, jquery and ajax functionality do nothing.
All 3 browsers on this single computer do not have any javascript functionality: not IE, not Firefox, not Chrome. They just do nothing when you click things.
I have tried uninstalling Firefox and reinstalling ... no change.
Web pages on the internet (such as Gmail or google) work just fine.
We have also tried turning off the virus protection (EmsiSoft) but to no avail.
Does anybody have any ideas short of wiping the machine? Is this a virus? Is it a "feature" of EmsiSoft?
Related
I'm facing a problem with my Chrome on both Ubuntu 15.04 and Windows 10. It's some sort of malware named xnxx-ads.js. This malware opens unwanted tabs and plays advertisement audio on all sorts of pages. For instance, I might have a SO tab open with a speaker icon! playing ad.
The thing that is important to me (as a web application developer) is that how this malware works!? How can some script be loaded on a web page without it being addressed in the source? Is it because of a security hole in Google Chrome?
BTW, my Chrome is: Version 46.0.2490.86 (64-bit) on both operating systems.
[UPDATE]
My Chrome was just updated to Version 47.0.2526.73 (64-bit) and the problem remains.
To get mal-ware inserted into pages, you generally need one of these things:
If it is only on a specific site, it is possible that that site has been compromised and the content comes from the site already infected.
Something in your ISP is compromised and the content comes from your ISP already infected.
Something in your own network (e.g. router) is compromised and the contents arrives on your PC already infected.
A malicious program got itself installed on your computer and it is injecting things into web pages as they arrive on your computer (either by modifying the incoming TCP or by messing with the browser).
A malicious browser extension got itself installed on your computer and it is injecting things into web pages as the browser loads them.
The most likely options are 4 and 5.
You can probably rule out 1, 2 and 3 by checking the site on your phone or tablet while attached to your home network's wifi. If there is no infection on the web pages viewed on the phone or tablet, then it is not likely 1 or 2 or 3.
If you disable all browser extensions in Chrome and the problem still occurs, then you can probably rule out #5. If the problem goes away when you disable all browser extensions, then you probably have a bad browser extension.
In all cases, you should run a good malware detector. When something like this happened to my daughter's computer, Microsoft Defender did not detect it, but when I downloaded and ran the free Malware-Bytes scanner, it did find the problem and removed it.
I've developed interactive content for a client ( VR Objects ) using javascript and Flash (if needed) that they now want to distribute to prospective customers via a flash drive. That makes it local content causing security issues especially with IE. Actually there doesn't seem to be much problem with any browser except IE. True, IE displays the "allow blocked content" button but they fear that is too complicated or scary. And on IE11 in Win 8.1 it still may not work.
The development environment I use has a way around that for testing using an "embedded web server" although all that seems to do is produce a localhost address such as http://localhost:60331/wyj-01xn/output/surfacide_flash.html. Paste that in the URL bar of any browser on the same machine and you are good. Try it on another machine and no go. So I gather the port address and whatever the /wyj-01xn/ is about are machine specific. Another possible problem -- it may not work easily with IE11 on Win8.1, but I don't personally have that setup to test.
QUESTION: Is there a way I can produce this same functionality for my client, distributed along with the content on the flash drive, without the need to install some special software (local web server) on each client computer??? The current workaround is to tell customers they should us any browser except IE. Client isn't happy.
You could distribute your webpages along with a portable Nginx server, or wrapped inside a Node-webkit or AppJS package.
In Firefox version 23, mixed content blocking behavior is added.It means that Firefox has blocked content that is insecure on the page you're visiting.It shows the shield icon in the address bar which blocks some uploads in my app.From development side how to turn off this behavior?? .I am in ruby on rails development.
Can anybody guide me??
You cannot turn this off remotely! Except in your own browser, of course.
That is: Your rails application cannot turn off mixed-content blocking in the browser.
This is a preference only a (skilled) user may change in her browser... But shouldn't in the age of Firesheep, etc.
Instead, you should make all your active content available via https.
Or downgrade to insecure http. Since you're essentially wanting to allow Man-In-The-Middle attacks anyway, because that's what mixed-content means, the result of using http in the first place wouldn't be that much different. The only difference would be that a MITM could stay passive in http-only, instead of having to actively modify data in https-mixed-mode. But, seriously, what percentage of your users would recognize an active MITM, who maybe even only runs a small targeted attack?
I think you are using firefox version below 23.0 my suggestion is to
first upgrade and then proceed
First Uninstall and reinstall Firefox using Ubuntu software center.
New version of Firefox is available in Ubuntu software center
Reboot the system
your firefox will be upgraded to 23.0 version
I have linked to the Jquery library at google in my header, and my local copy of the Galleria Javascript file - as the instructions on the Galleria website said to do.
The code functions perfectly in Chrome. However, when attempting to view the site in IE9 I am faced with "Internet Explorer restricted this webpage from running scripts or ActiveX controls." This is preventing (without user input) the Javascript/Jquery/Galleria stuff to function; it is also prevented an embedded Youtube video from displaying.
What am I missing - plenty of other websites use these functions and I don't get IE giving this message. What do I need to add or change?
I am viewing the website from my PC - it is stored locally at the moment.
Cheers!
This is happening because you are running your website locally. You can be sure that this will not happen once you upload it to a webserver.
You can also run a local webserver. I can recommend WAMP:
http://www.wampserver.com/en/
//Edit
Hello.
I have made a website and uploaded to the host. So, the codes what are in my localhost and in the website host are same. Everything works except one JavaScript(jQuery) action(A dropdown menu). On my localhost it works perfect, on the website host, it drops and rises again and than doesn't drop again.
site : http://www.hastahakki.com/index.php?page=anasayfa
The problem on the big buttons like "Doğru Hastane Seçimi" , "Hasta Şikayetleri"
How do I do?
It's rare for pure client code to work differently in a hosted environment provided it is uploaded properly and the same browser is used.
First I would check it's not a cache issue by clearing my browser cache.
Then I would view it in a browser with modern developer tools, which is most browsers with the latest version (Firefox requires the excellent Firebug plugin). In Chrome for instance, looking at the Network output will show you if any resources are failing to load, and the Scripts view will show you any local JavaScript errors that might be triggered by the hosted version.