1. Home
  2. Categories
  3. Side Bar WTF
  4. Javascript writing Javascript writing Javascript!

Javascript writing Javascript writing Javascript!

  • Jivlain

    Found this in the Javascript of a web page: 

    document.write("
        <script language="JavaScript">
        if(typeof(parent.prInst)=='undefined')
        {
            var prInst=1
        }
        else
        {
            prInst=parent.prInst+1
        }
        for(i=0;i<parent.frames.length;i++)
        {
            if(parent.frames[i].title=='prif')
            {
                prInst++
            }
        }
        this.title='prif';
        var prs="http://ads.[adserver].com/PRServe/?pos=s&num="+prInst+"&"+location.search.substring(1)+"&r="+Math.random();
        document.write('<scr'+'ipt language="JavaScript" src="'+prs+'"></scr'+'ipt>');</script>")")

     

    Nah, I'm not actually going to bother starting here. 

    I added the formatting, it was just a big blob.

    0
  • K

    It is the Bad Code, it creates itself... It takes these line, and scatters them through the browser to lead itself back to this place.

    0
  • P

    I see javascript writing javascript alot for add sites.

    Im guessing its a way to bypass some of the add filters.

    Running the script on the website then loading the file externaly.

    Where an ad blocker would cut out the external js file before the page loaded, this loads the js file after the page loaded. 

    0
  • M

    [quote user="plazmo"]

    I see javascript writing javascript alot for add sites.

    Im guessing its a way to bypass some of the add filters.

    Running the script on the website then loading the file externaly.

    Where an ad blocker would cut out the external js file before the page loaded, this loads the js file after the page loaded. 

    [/quote]

     

    That's exactly what this is, without a doubt -- ad filter evasion.  That's the reason for '<scr'+'ipt>'.   The real clever ones will replace some or all of those characters with character entities, e.g. '<scr'+'&#105;pt>'

    0 bjolling 1 Reply
  • Imroy

    [quote user="merreborn"]

    That's exactly what this is, without a doubt -- ad filter evasion.  That's the reason for '<scr'+'ipt>'.

    [/quote]

    Well I guess that's another advantage of XHTML - no more document.write method. Only DOM.

    0
  • C

    [quote user="merreborn"][quote user="plazmo"]

    I see javascript writing javascript alot for add sites.

    Im guessing its a way to bypass some of the add filters.

    Running the script on the website then loading the file externaly.

    Where an ad blocker would cut out the external js file before the page loaded, this loads the js file after the page loaded. 

    [/quote]

     

    That's exactly what this is, without a doubt -- ad filter evasion.  That's the reason for '<scr'+'ipt>'.   The real clever ones will replace some or all of those characters with character entities, e.g. '<scr'+'&#105;pt>'

    [/quote]

    I've always found that amusing.  By attempting to evade ad filters, they run square into my ad filter, when a simple static image or slow-animated GIF would have come through just fine.

    0 T W 2 Replies
Log in to reply