Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #1406862

    since some time I have with text-block elements that a script is inserted there with every change from visual to text mode. Since my password there is extremely long and secure, I actually don’t think it’s a hack. The whole thing looks like this and you can find it on other sites via Google. I don’t like such unsolicited entries at all.

    <script src="moz-extension://8911f6ec-6e1d-42da-9ec9-df8f4dd90fef/injectedPasswordless.js" type="text/javascript"></script>

    ???

    Do you know where the origin of injection is?

    #1406877

    Hey Guenter,

    How can I reproduce this? I tried it on a local install with ALB Textblock switching from visiual to text.

    Best regards,
    Günter

    #1406910

    so try not on a local install – try on a live site.
    look here on board for the DOM :

    this might not be a matter of enfold – because a lot of website do have this script – but maybe one of us has info what it does.
    On textblock i looks this way:
    Each time when i switch between visual and text mode there is another line:

    #1406912

    btw. browsing on chrome :
    <script type="text/javascript" src="chrome-extension://fooolghllnmhmmndgjiamiiodkpenpbb/injectedPasswordless.js"></script>

    #1406916

    Hi,

    Hm, strange. I also tested on a live site on an All-Inkl server. See private content.
    It is also not in HTML source.

    Best regards,
    Günter

    #1406943

    ok – if you do not see it in your text alb element – but it is on nearly all websites i inspect the DOM – that script ( see screenshot of kriesi.at above ) is present.
    And see here for your testpage from private area:


    Edit
    it seems that it comes from a browser plugin ( password-manager ) – but that is a nogo. For all I care on the called page – but to insert it within the content of a page … headshake

    #1407287

    Hi,
    Glad to hear that you have sorted out that moz-extension: and chrome-extension: is a result of the browser addon and that this code was injected by it.
    Shall we close this then?

    Best regards,
    Mike

    #1408424

    yes – of course

Viewing 8 posts - 1 through 8 (of 8 total)
  • The topic ‘Security Question’ is closed to new replies.