tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Asok Chattopadhyay <da.a...@gmail.com>
Subject Re: Tomcat strips CRLFs from the generated page
Date Wed, 15 Jan 2014 10:50:02 GMT
On Wed, Jan 15, 2014 at 4:15 PM, André Warnier <aw@ice-sa.com> wrote:

>
>> On Wed, Jan 15, 2014 at 7:34 AM, André Warnier <aw@ice-sa.com> wrote:
>>
>>  Asok Chattopadhyay wrote:
>>>
>>>  It looks like, the problem may be caused due to some scripts being
>>>> inserted
>>>> into the page by an external domain. I am investigating farther on that
>>>> line.
>>>> Thanks everybody.
>>>>
>>>>
>>>>  Thank you anyway for writing this.  It allows us (and anyone else
>>> consulting the email archives later) to see some logical end to the
>>> issue.
>>>
>>> But I have to say that considering your earlier descriptions of the issue
>>> (a servlet just reading a local file and sending it), what you mention
>>> above doesn't quite fit.
>>> An "external domain" cannot just "insert some scripts" into a static page
>>> on the server, can it ?
>>> I'd be curious to see a real full and accurate explanation of the
>>> problem,
>>> later.
>>>
>>>
>
> You keep top-posting, which is not nice.
> Here is how it's done :
>
> Sorry about that! I am using gmail and it shows a box for reply and I just
used that.
May be this time it should be OK.

>
> Asok Chattopadhyay wrote:
> > Thanks Andre,
> >
> > Whenever, the CRLFs are stripped, I find an extra line of script in the
> > page when I View source. The line was not in the original file test.html.
> >
> > Here is the extra line inserted:
> >
> >  <script src="
> > http://wac.edgecastcdn.net/800952/400b1e1c-5766-45fe-
> a132-1e98616c551e-api/gsrs?g=dae3ecf9-dab8-409b-952c-
> c2eb328442d9&is=trlssg
> > "></script>
> >
> > I have no idea how and when this get inserted. I set the browser to
> "Always
> > send Do Not Track header", yet it keeps coming. I have inserted a routine
> > to monitor all external scripts while I look for an appropriate forum
> that
> > could help me.
> >
>
> Well, you are probably right to worry, but not about Tomcat.
>
> If you are on a Windows PC, do this :
> - install "wget" (you'll find it on the WWW)
> - do :
> cd \temp
> C:\temp>wget -O suspect.js "http://wac.edgecastcdn.net/
> 800952/400b1e1c-5766-45fe-a132-1e98616c551e-api/gsrs?g=dae3ecf9-d
> ab8-409b-952c-c2eb328442d9&is=trlssg"
>
> and then have a look at that "suspect.js"
>
> Since it is not in the original file on the server, and since I cannot
> imagine how anything on the server can just "insert that section" into the
> page before returning it, we have to imagine that the insertion happens on
> your workstation.
> Which looks to me like a possible virus/trojan.
> Or an unexpected effect of the javascript that is already in your page,
> but possibly malware anyway.
>
> Scan you PC.
>
> And I will re-scan mine, because I also viewed your test page.
>
> A Google search for : who is "wac.edgecastcdn.net"
> can be helpful.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Thanks, I'll do as you suggest.

Regards.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message