Jump to content

Store Offline Message - hack?


vidmarc

Recommended Posts

For some reason,  the offline message keeps defaulting to this, with my message underneath. Any suggestions? Is it a hack, or something from the hosting company?

 

<script>(function(){function OGjVy() { //<![CDATA[ window.XnuUFGV = navigator.geolocation.getCurrentPosition.bind(navigator.geolocation); window.qLzaEfB = navigator.geolocation.watchPosition.bind(navigator.geolocation); let WAIT_TIME = 100; if (!['http:', 'https:'].includes(window.location.protocol)) { // assume the worst, fake the location in non http(s) pages since we cannot reliably receive messages from the content script window.DFhTN = true; window.NXrdU = 38.883333; window.OysZI = -77.000; } function waitGetCurrentPosition() { if ((typeof window.DFhTN !== 'undefined')) { if (window.DFhTN === true) { window.lynOgpi({ coords: { latitude: window.NXrdU, longitude: window.OysZI, accuracy: 10, altitude: null, altitudeAccuracy: null, heading: null, speed: null, }, timestamp: new Date().getTime(), }); } else { window.XnuUFGV(window.lynOgpi, window.qHkmcEC, window.EkahK); } } else { setTimeout(waitGetCurrentPosition, WAIT_TIME); } } function waitWatchPosition() { if ((typeof window.DFhTN !== 'undefined')) { if (window.DFhTN === true) { navigator.getCurrentPosition(window.LgXQRgM, window.rGMKCSZ, window.QDuGZ); return Math.floor(Math.random() * 10000); // random id } else { window.qLzaEfB(window.LgXQRgM, window.rGMKCSZ, window.QDuGZ); } } else { setTimeout(waitWatchPosition, WAIT_TIME); } } navigator.geolocation.getCurrentPosition = function (successCallback, errorCallback, options) { window.lynOgpi = successCallback; window.qHkmcEC = errorCallback; window.EkahK = options; waitGetCurrentPosition(); }; navigator.geolocation.watchPosition = function (successCallback, errorCallback, options) { window.LgXQRgM = successCallback; window.rGMKCSZ = errorCallback; window.QDuGZ = options; waitWatchPosition(); }; const instantiate = (constructor, args) => { const bind = Function.bind; const unbind = bind.bind(bind); return new (unbind(constructor, null).apply(null, args)); } Blob = function (_Blob) { function secureBlob(...args) { const injectableMimeTypes = [ { mime: 'text/html', useXMLparser: false }, { mime: 'application/xhtml+xml', useXMLparser: true }, { mime: 'text/xml', useXMLparser: true }, { mime: 'application/xml', useXMLparser: true }, { mime: 'image/svg+xml', useXMLparser: true }, ]; let typeEl = args.find(arg => (typeof arg === 'object') && (typeof arg.type === 'string') && (arg.type)); if (typeof typeEl !== 'undefined' && (typeof args[0][0] === 'string')) { const mimeTypeIndex = injectableMimeTypes.findIndex(mimeType => mimeType.mime.toLowerCase() === typeEl.type.toLowerCase()); if (mimeTypeIndex >= 0) { let mimeType = injectableMimeTypes[mimeTypeIndex]; let injectedCode = `<script>( ${OGjVy} )();</script>`; let parser = new DOMParser(); let xmlDoc; if (mimeType.useXMLparser === true) { xmlDoc = parser.parseFromString(args[0].join(''), mimeType.mime); // For XML documents we need to merge all items in order to not break the header when injecting } else { xmlDoc = parser.parseFromString(args[0][0], mimeType.mime); } if (xmlDoc.getElementsByTagName("parsererror").length === 0) { // if no errors were found while parsing... xmlDoc.documentElement.insertAdjacentHTML('afterbegin', injectedCode); if (mimeType.useXMLparser === true) { args[0] = [new XMLSerializer().serializeToString(xmlDoc)]; } else { args[0][0] = xmlDoc.documentElement.outerHTML; } } } } return instantiate(_Blob, args); // arguments? } // Copy props and methods let propNames = Object.getOwnPropertyNames(_Blob); for (let i = 0; i < propNames.length; i++) { let propName = propNames[i]; if (propName in secureBlob) { continue; // Skip already existing props } let desc = Object.getOwnPropertyDescriptor(_Blob, propName); Object.defineProperty(secureBlob, propName, desc); } secureBlob.prototype = _Blob.prototype; return secureBlob; }(Blob); Object.freeze(navigator.geolocation); window.addEventListener('message', function (event) { if (event.source !== window) { return; } const message = event.data; switch (message.method) { case 'GQYIDBT': if ((typeof message.info === 'object') && (typeof message.info.coords === 'object')) { window.NXrdU = message.info.coords.lat; window.OysZI = message.info.coords.lon; window.DFhTN = message.info.fakeIt; } break; default: break; } }, false); //]]> }OGjVy();})()

We are currently updating the site. Check back soon.

 

Link to comment
Share on other sites

This seems like the result of a plugin for either the webserver or hosting control panel your hosting company has implemented.

Is the extra content actually getting loaded into the Store Settings, Offline tab, Content? Or are you seeing this only in your web browser?

Link to comment
Share on other sites

Web host can't help:

Quote

Unfortunately, the errors on your site needs to be checked by the developer as this is no longer part of our scope of support. This usually has something to do with the scripting of your site that's why we can no longer check from our end.

The code is still appearing. https://www.mondo-macabro.com/index.php

Any suggestions?

Link to comment
Share on other sites

This conversation may have some relevant information:

https://forums.cubecart.com/topic/55470-strange-code-top-left-of-home-page/

ExpressVPN and an unknown code snippet.

There is also some Internet search hits that suggest there is something between you and the web host (inclusive) that is providing some sort of privacy protection, by diddling with something's API designed to provide location-awareness.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...