使用JS重写API拦截运营商广告

左手 posted @ 2016年7月21日 23:21 in 前端开发 with tags js api重写 js拦截广告 , 8711 阅读

近期公司站点通过联通4G网站访问时被运营商插入广告代码,通过手机抓包定位到运营商值入的广告代码。

植入的广告代码通过在固定url的请求中添加内容插行一段js,通过body.appendChild在页面引入一段js代码。想到一个应急方案,通过改写appendChild来拦截广告,经测试有效。代码如下:

(function() {
var rootEl = top.document.body;
var originAppendChild = rootEl.appendChild;
try {
    rootEl.appendChild = function (elem) {
    var src = '';
    if (typeof elem == 'object' && elem != null && elem.getAttribute) {
        src = elem.getAttribute('src');
    }
    if (typeof src == 'string' && src.length) {
        if ( src.match(/^(?:http(?:s)?:)?\/\/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/)
            || src.match(/cifenqi\.com/) != null) {
        return;
        }
    }
    originAppendChild.apply(rootEl, [].slice.call(arguments, 0));
    }
}
catch(e) { }
})();

ISP广告干的是非法勾当多使用ip地址,因此直接屏蔽ip地址的元素。此方法只能应急可被绕过,难怪某度、某宝纷纷启用全站https。

Avatar_small
welefen 说:
2016年8月09日 09:56

hi,你好

我是开源项目 ThinkJS 的作者,这个项目是 360 奇舞团的开源项目之一,看到你在 GitHub 上使用的用户名是 thinkjs,请问是否愿意将 thinkjs 转移给我们,我们愿意支出一定的报酬。

Avatar_small
welefen 说:
2016年8月09日 09:57

如果愿意,请添加 QQ 499979038 细聊,非常感谢!

Avatar_small
HRMS SBI 说:
2022年8月02日 15:17

SBI HRMS is a self service ESS portal for all the employees of State Bank of India all across the country, and this portal serves as a Human Resource Management System for present working and retired employees of SBI in order to exercise different information and benefits through ‘Multi-factor Authorization’. HRMS SBI the SBI HRMS stands for State Bank of Indian Human Resource Management System which is an all in one platform to get different employee services right away such as details of the salary, Profile Information, Vacation, Career History, Apply Leave, Download Salary slip, View Pay or Pension details, Check Holidays, Apply Tour and other financial beneficial information of SBI working employee and pensioner. the SBI HRMS stands for State Bank of Indian Human Resource Management System which is an all in one platform to get different employee services right away such as details of the salary, Profile Information, Vacation, Career History.


登录 *


loading captcha image...
(输入验证码)
or Ctrl+Enter