-
Posts
-
since some time I have with text-block elements that a script is inserted there with every change from visual to text mode. Since my password there is extremely long and secure, I actually don’t think it’s a hack. The whole thing looks like this and you can find it on other sites via Google. I don’t like such unsolicited entries at all.
<script src="moz-extension://8911f6ec-6e1d-42da-9ec9-df8f4dd90fef/injectedPasswordless.js" type="text/javascript"></script>???
Do you know where the origin of injection is?
Hey Guenter,
How can I reproduce this? I tried it on a local install with ALB Textblock switching from visiual to text.
Best regards,
Günterso try not on a local install – try on a live site.
look here on board for the DOM :
this might not be a matter of enfold – because a lot of website do have this script – but maybe one of us has info what it does.
On textblock i looks this way:
Each time when i switch between visual and text mode there is another line:
btw. browsing on chrome :
<script type="text/javascript" src="chrome-extension://fooolghllnmhmmndgjiamiiodkpenpbb/injectedPasswordless.js"></script>Hi,
Hm, strange. I also tested on a live site on an All-Inkl server. See private content.
It is also not in HTML source.Best regards,
Günterok – if you do not see it in your text alb element – but it is on nearly all websites i inspect the DOM – that script ( see screenshot of kriesi.at above ) is present.
And see here for your testpage from private area:
Edit it seems that it comes from a browser plugin ( password-manager ) – but that is a nogo. For all I care on the called page – but to insert it within the content of a page … headshakeHi,
Glad to hear that you have sorted out that moz-extension: and chrome-extension: is a result of the browser addon and that this code was injected by it.
Shall we close this then?Best regards,
Mike
- The topic ‘Security Question’ is closed to new replies.