haw*_*126 1 html javascript php mailto cloudflare
我有一个开发站点和生产站点:
我在底部有一个mailto电子邮件链接,php源代码如下:
<section>
<h2>Looking for a LAMP, WordPress or Drupal Developer?</h2>
<p>Contact me today: <br/>
<a href='mailto:mail@example.com'>mail@example.com</a>
<br/>
<a href='tel:+13334445555'>333 444 5555</a>
</p>
</section>
我的开发网站上的一切都很正常,生成的html如下:
<section>
<h2>Looking for a LAMP, WordPress or Drupal Developer?</h2>
<p>Contact me today: <br>
<a href="mailto:mail@example.com">mail@example.com</a>
<br>
<a href="tel:+13334445555">333 444 5555</a>
</p>
</section>
然后神秘地在我的生产网站上一些javascript被添加到我的mailto链接(并且只有mailto链接,在这种情况下只是一个但我已经添加了更多并且脚本也被添加到它们中)这是生产中的html输出现场:
<section>
<h2>Looking for a LAMP, WordPress or Drupal Developer?</h2>
<p>Contact me today: <br>
<a href="mailto:mail@example.com">mail@example.com
<script cf-hash="f9e31" type="text/javascript">
/* <![CDATA[ */!function(){try{var t="currentScript"in document?document.currentScript:function() {for(var t=document.getElementsByTagName("script"),e=t.length;e--;)if(t[e].getAttribute("cf-hash"))return t[e]}();if(t&&t.previousSibling){var e,r,n,i,c=t.previousSibling,a=c.getAttribute("data-cfemail");if(a){for(e="",r=parseInt(a.substr(0,2),16),n=2;a.length-n;n+=2)i=parseInt(a.substr(n,2),16)^r,e+=String.fromCharCode(i);e=document.createTextNode(e),c.parentNode.replaceChild(e,c)}}}catch(u){}}();/* ]]> */
</script>
</a>
<br>
<a href="tel:+13334445555">333 444 5555</a>
</p>
</section>
我检查了生产服务器上的代码,这个脚本不存在.
可能会发生什么?
Couldflare 不同语言的电子邮件反混淆:
function cfDecodeEmail(encodedString) {
var email = "", r = parseInt(encodedString.substr(0, 2), 16), n, i;
for (n = 2; encodedString.length - n; n += 2){
i = parseInt(encodedString.substr(n, 2), 16) ^ r;
email += String.fromCharCode(i);
}
return email;
}
console.log(cfDecodeEmail("543931142127353935313e352e7a373b39")); // usagedef cfDecodeEmail(encodedString):
r = int(encodedString[:2],16)
email = ''.join([chr(int(encodedString[i:i+2], 16) ^ r) for i in range(2, len(encodedString), 2)])
return email
print( cfDecodeEmail('543931142127353935313e352e7a373b39') ) # usage
function cfDecodeEmail($encodedString){
$k = hexdec(substr($encodedString,0,2));
for($i=2,$email='';$i<strlen($encodedString)-1;$i+=2){
$email.=chr(hexdec(substr($encodedString,$i,2))^$k);
}
return $email;
}
echo cfDecodeEmail('543931142127353935313e352e7a373b39'); // usage
package main
import (
"bytes"
"strconv"
)
func cf(a string) (s string) {
var e bytes.Buffer
r, _ := strconv.ParseInt(a[0:2], 16, 0)
for n := 4; n < len(a)+2; n += 2 {
i, _ := strconv.ParseInt(a[n-2:n], 16, 0)
e.WriteString(string(i ^ r))
}
return e.String()
}
func main() {
email := cf("543931142127353935313e352e7a373b39") // usage
print(email)
print("\n")
}
#include <iostream>
#include <string>
using namespace std;
string cfDecodeEmail(string encodedString);
int main()
{
cout << cfDecodeEmail("543931142127353935313e352e7a373b39") << endl;
}
string cfDecodeEmail(string encodedString)
{
string email;
char xorKey = stoi( encodedString.substr(0, 2), nullptr, 16);
for( unsigned i = 2; i < encodedString.length(); i += 2)
email += stoi( encodedString.substr(i, 2), nullptr, 16) ^ xorKey;
return email;
}
using System;
public class Program
{
public static string cfDecodeEmail(string encodedString)
{
string email = "";
int r = Convert.ToInt32(encodedString.Substring(0, 2), 16), n, i;
for (n = 2; encodedString.Length - n > 0; n += 2)
{
i = Convert.ToInt32(encodedString.Substring(n, 2), 16) ^ r;
char character = (char)i;
email += Convert.ToString(character);
}
return email;
}
public static void Main(string[] args)
{
Console.WriteLine(cfDecodeEmail("543931142127353935313e352e7a373b39")); // usage
}
}