By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
459,516 Members | 1,137 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 459,516 IT Pros & Developers. It's quick & easy.

My site was attacked - XSS, Javascript, moz-binding, firefox

P: 36
So I implemented a javascript-based menu. And I wanted to keep the state of that menu when a person comes back to my page. So to do that, I create a cookie using javascript and I put the clicked link into that cookie. So each time the page is loaded, it checks the cookie and sets the page so that link is "clicked" and associated content is shown.

So I visit my site (in firefox) and I notice that -moz-binding is being applied to all elements that start with 'adText.' This is a javascript hack - it shows up in firebug but not in the source and it only shows up on my machine.

So I'm assuming it has something to do with my cookie? I tried deleting all cookies, offline content but it still doesn't get rid of the moz-binding.

Any ideas?

Edit: Oops I figured out the problem... I don't need help with this anymore.

How do you delete threads?
Feb 26 '09 #1
Share this Question
Share on Google+
5 Replies

Expert 5K+
P: 7,435
You can't. You shouldn't. Deleting your post was not nice. Not supplying the solution is not helpful for others. Some of us will remember that next time you need help.
Feb 26 '09 #2

P: 36
It was a silly mistake on my part. My site wasn't attacked. There was no problem in the first place hence no "solution." The "solution" was turning off Ad-block plus in firefox.
Feb 26 '09 #3

Expert Mod 15k+
P: 16,027
I hope you don't mind, but I took the liberty of pasting back your original text to give the thread some context in case someone comes across the thread looking for a "solution" to the same "problem". Anyway, glad to see that you managed to figure it out and thanks for posting.

Feb 27 '09 #4

P: 36
Ok, no problem. I'm new to a lot of this stuff - javascript cookies, jquery, css. So when I heard about xss, I got really paranoid and I thought that that's what happened in this situation. I did some googling and read about LiveJournal and I thought I had a similar problem. But apparently not!
Feb 27 '09 #5

P: n/a
Thanks for placing the post back cos I just had the same problem. Spent more than an hour trying to "solve" a problem caused by Adblock Plus. I would never have if not for this post. Thankks
Sep 29 '10 #6

Post your reply

Sign in to post your reply or Sign up for a free account.