Changing my birthdate Flaming British Sheep Shagger (The Drink)
Jan 20

Watching for the expiration of JavaScript domains

Ajax, Tech with tags: Add comments

The porn site redirect exploit isn’t new.

We tend to often trust the people that we load JavaScript from too much. So many new startups require you to just include that little tidbit of JavaScript. “Just copy and paste this somewhere on your blog”.

Of course, if the site gets compromised in anyway you are loading script from the Bad Guys. If you are a bad guy what are you doing? Looking for third parties that offer services that people embed, and watching like a hawk to see them mess up their DNS so you can pounce. You have automated systems to do this.

Watch out, and let’s get together to work out a possible solution, whether it be short term or longer.

One Response to “Watching for the expiration of JavaScript domains”

  1. henrah Says:

    That google caja link is missing the protocol — it’s rendering as a relative link.

Leave a Reply

Spam is a pain, I am sorry to have to do this to you, but can you answer the question below?

Q: Type in the word 'cricket'