A challenge: filter redirecting inline javascript

[nicci1987]

Hey all,

I need a guru who could help me sort this out:

I have a website which has pretty nasty code inside:

Code: Select all

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML>
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">

<script language="JavaScript">
parent.location.href = 'tralala.htm';
</script>

(...)

So as soon as the javascript engine starts roaring, it will redirect to tralala.htm. Now I would like to block this redirection and display the rest of the page, but could not find a way to do so. If anyone of you has an idea how to deal with that script and to block its execution, you would make me truly happy

The page can be tested here: http://lesythe.bplaced.net/index.htm

Thank you a lot for any hints or help!

xoxo,
Nicci

[zaidgs]

Adblock Plus might not be the best program to help you here. One thing that Adblock can do for you is block that script from running. So, if you only want to block the script from running that's good.

The other option is to use NoScript Addon. I am not entirely sure about this, but I remember that I read once that NoScript has an option to replace JavaScript with other scripts. I don't use NoScript, so this might be false information. But if it is true, you can create an alternative script and copy-paste the JavaScript and just remove the offending code. Maybe you'd have better luck asking at the forums of NoScript.

[zaidgs]

Actually, I found a much simpler way. I noticed that it's inline JavaScript, so all I did was disable JavaScript, load the page, and saved it, modified it in notepad to remove the script, turned JavaScript on again.

Here is the output:

Sicherheit / Firewall
Betriebszustand Firewall
( ) Aus
( ) Ein
<< <<
Zurück <<
Speichern <<
Firewall Betriebszustand

Durch den Anschluss Ihres Netzwerks (LAN) an das öffentliche Netzwerk (Internet) entstehen Gefahren für die Sicherheit Ihrer Daten und Anwendungen. Die Firewall-Funktion schützt gegen solch einen unberechtigten Zugriff von außen (z.B. Hacker).

Es wird dringend empfohlen, diese Funktion einzuschalten.

Trotzdem sollten Sie die PCs in Ihrem Netzwerk jeweils durch lokal installierte Virenscanner gegen versteckte Angriffe (z.B. über E-Mail oder betrügerische Internet-Seiten) schützen.

[nicci1987]

Thanks, but I do not have the possibility to alter that page in any way, so it is not possible to remove content or run it locally (the cgi call will not work then).

Hence I would need some info how to block that script from running, if there is a possibility to do this with adblock I'm quite curious how to write such a filter. If Adblock can not handle this, I might give a try with NoScript.

Thanks anyways!

[mapx]

you could use proxomitron to rewrite the page you want

http://www.proxomitron.info/45/help/Web ... ditor.html