The Un-Official Proxomitron Forum / Proxomitron Filters / Filter Help/Request v / document.write(unescape


Post Reply 
document.write(unescape
Nov. 05, 2010, 04:05 PM (This post was last modified: Nov. 05, 2010 04:14 PM by Toppy.)
Post: #3
Toppy Offline
Member
**
 		Posts: 123
Joined: Apr 2008
RE: document.write(unescape
Thanks JJoe,

It doesn't catch the majority of these things like :
Code:
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
but it's a start.Wink
Don't even know if it's possible to catch exactly what it has to, will probably have to take into account that all those functions start with a ( and end with a )
My limited knowledge hasn't got to handle it perfectly yet, but I'll keep trying.

EDIT: Currently I have this, which *seems* to catch all at first sight.Smile!
Code:
[Patterns]
Name = "Log Unescaped javascript code - Tpy - TEST"
Active = TRUE
Multi = TRUE
Bounds = "<script*</script>"
Limit = 4096
Match = "\0"
        "&*document.write\(unescape\("\1"\)"
Replace = "\0\r\n"
          "<!--"
          "Unescape script above reads :\r\n"
          "$UESC(\1)"
          "\r\n//-->\r\n"
... yet I don't know why the unecaped replacement still contains %20 as space:
Code:
<script language='Javascript'>document.write(unescape('%4e%41%53%43%41%52%20%53%70%72%69%6e%74%20%43%75%70'));</script>

<!--Unescape script above reads :
NASCAR%20Sprint%20Cup
//-->
Add Thank You Quote this message in a reply
Post Reply 


Messages In This Thread
document.write(unescape - Toppy - Nov. 04, 2010, 01:40 AM
RE: document.write(unescape - JJoe - Nov. 05, 2010, 12:32 AM
RE: document.write(unescape - Toppy - Nov. 05, 2010 04:05 PM
RE: document.write(unescape - JJoe - Nov. 05, 2010, 06:40 PM

Forum Jump:


Contact Us | The Un-Official Proxomitron Site | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication