? ? ? ? 很多第三方的廣告系統都是使用document.write來加載廣告,如下面的一個javascript的廣告鏈接:
? ? ? ? ?這個javascript請求返回的是這樣的一段代碼:
? ? ? ?這種加載來自第三方,并且代碼都添加了統計的功能,上面的javascript的廣告鏈接每請求一次都會統計一次,生成的代碼也有點擊統計的功能,也就是說必須以這種方式來進行加載。
? ? ? ? 例子1:www.piaohua.com,左上角廣告banner和左下角浮窗廣告都是通過加載廣告腳本,可以通過攔截該piaohua_banner_980_60_4.js的請求,來終止document.writeln的寫入。
? ? ? ?例子2:(廣告通過iframe加載#document然后一個完整的html來實現)
攔截實例:http://blog.csdn.net/cteng/article/details/42681299
? ? ? ? <img src="http://f12.baidu.com/it/u=200290511,3287632236&fm=76" id="img_6" class="figure" style="opacity: 1;">
? ? ? ?||pos.baidu.com/icrm?rdid=2895327 … … // ADBlock攔截規則
//iframe元素會創建包含另外一個文檔的內聯框架(即行內框架)。
id="iframeu2895327_0"src="http://pos.baidu.com/icrm?rdid=2895327
&dc=3&di=u2895327&dri=0&… > … …
? ? ? ? Key:這一類廣告通常采用阻塞資源加載即可,
? ? ? ? 另一例子:http://www.w3school.com.cn/tags/tag_iframe.asp
? ? ? ?因請求的失敗相應的腳本也會更改:
? ? ? ?<div id="sub-frame-error-details" jsselect="summary" jsvalues=".innerHTML:msg" jstcache="2">對服務器的請求已遭到某個擴展程序的阻止。</div>
? ? ? ? ?例子3:彈窗廣告(document.open(); ?document.write())
<iframe scrolling="no" frameborder="0" src='javascript:(function()
{document.open();document.write("<!DOCTYPE HTML><html><head><meta charset=UTF-8><title>mblog-proxy</title><style>html,body,*{margin:0;padding:0}</style></head><body marginwidth=\"0\" marginheight=\"0\"><script type=\"text/javascript\" src=\"http://zzy.mipujia.com/rg3a1ece92f1ccff39db046a92f0b03ae645f7d70d3aac32ed12.js\"></script> ? ?</body></html>");document.close();})();' style="width: 100%; height: 150px;"></iframe>
匯總一下浮窗廣告特征:
1.<embed> ,?<embed> 標簽定義嵌入的內容,比如插件:
<embed pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/
x-shockwave-flash" src="http://sjs.sinajs.cn/blog7swf/lookViewSpring.swf?2" width="140" height="87" style="undefined" id="map" name="map" bgcolor="#000" quality="high" scale="noscale" allowscriptaccess="always" wmode="transparent" flashvars="url=http://
weibo.com/blogkefu&realfull=1&moz=1"/" title="Adobe Flash Player">
2.<img>,例如:
<img src="http://f12.baidu.com/it/u=198212411,3052252488&fm=76" id="img_4"?
class="figure" style="opacity: 1;">
<img data-src="http://asearch.alicdn.com/bao/uploaded/i4/170740129052234075/
TB2b_BygXXXXXapXpXXXXXXXXXX_!!55027074-0-saturn_solar.jpg_160x160.jpg_.webp" src="http://asearch.alicdn.com/bao/uploaded/i4/170740129052234075/TB2b_BygXXXXXapXpXXXXXXXXXX_!!55027074-0-saturn_solar.jpg_160x160.jpg_.webp">
3.<ins>,帶有已刪除部分和新插入部分的文本,例如:
<ins class="sinaads sinaads-done" data-ad-pdps="PDPS000000049439" style="width: 1000px; margin: 0px auto; display: block; overflow: hidden; text-decoration: none;" data-ad-status="done"><ins style="text-decoration:none;margin:0px auto;width:1000px;display:block;
position:relative;overflow:hidden;"><a style="display:block;line-height:0;" href="http://
sax.sina.com.cn/dsp/click?t=MjAxNy0wMy0yMSAxNDoyNjoxOAkxMTkuMTQ1Ljg5Ljk3CTExOS4xNDUuODkuOTdfMTQ4OTk5MjMwNC4xNzM0MjkJOWQ3ZTAzMDMtZmQyNC00OWYyLThjMmItZDI5MDE2MDQ5ODM5CTc0MzkyNQk1ODc3NjEwNDM3X1BJTlBBSS1DUEMJMjY3NDM4CTE5OTAyNAk0Ljc0NzAyRS00CTEJdHJ1ZQlQRFBTMDAwMDAwMDQ5NDM5CTE4NDc5MzcJUEMJaW1hZ2UJLQkwfDJBVWxQR1JMWTVOWUhNR3BHd1V0R1h8bnVsbHxudWxsfGJqfDc0MzkyNXwxNk1tVTcwVXMwQnhqRk9LZ1hvUkhoCW51bGwJMQktCS0JLQkwCTExOS4xNDUuODkuOTdfMTQ4OTk5MjMwNC4xNzM0MjkJUENfSU1BR0UJLQlmbS1zaW1pZC1ydAkt&userid=119.145.89.97_1489992304.173429&auth=935b701a15e9be83&p=qwyTl52jN76Q6C8ezBcqktTctmKhhxGdokYAVg%3D%3D&url=http%3A%2F%2Fsax.sina.com.cn%2Fclick%3Ftype%3D2%26t%3DYWIwYzkzOTctOWRhMy0zN2JlLTkwZTgtMmYxZWNjMTcyYTkyCTE3CVBEUFMwMDAwMDAwNDk0MzkJMTg0NzkzNwkxCVJUQgkt%26id%3D17%26url%3Dhttp%253A%252F%252F51485148.com%252F%253Fgzid%253DC100090%2526SET_A%253DPDPS000000049439%2526SET_B%253D743925%2526SET_C%253D1847937%2526SET_D%253D9d7e0303-fd24-49f2-8c2b-d29016049839%2526SET_E
%253D267438%2526SET_F%253D1%26sina_sign%3D5f4dd73742df4865&sign=8fd9f19820ac0b91&am=%7Bclkx%3A534%2Cclky%3A21%7D" target="_blank" data-link="http://
sax.sina.com.cn/dsp/click?t=MjAxNy0wMy0yMSAxNDoyNjoxOAkxMTkuMTQ1Ljg5Ljk3CTExOS4xNDUuODkuOTdfMTQ4OTk5MjMwNC4xNzM0MjkJOWQ3ZTAzMDMtZmQyNC00OWYyLThjMmItZDI5MDE2MDQ5ODM5CTc0MzkyNQk1ODc3NjEwNDM3X1BJTlBBSS1DUEMJMjY3NDM4CTE5OTAyNAk0Ljc0NzAyRS00CTEJdHJ1ZQlQRFBTMDAwMDAwMDQ5NDM5CTE4NDc5MzcJUEMJaW1hZ2UJLQkwfDJBVWxQR1JMWTVOWUhNR3BHd1V0R1h8bnVsbHxudWxsfGJqfDc0MzkyNXwxNk1tVTcwVXMwQnhqRk9LZ1hvUkhoCW51bGwJMQktCS0JLQkwCTExOS4xNDUuODkuOTdfMTQ4OTk5MjMwNC4xNzM0MjkJUENfSU1BR0UJLQlmbS1zaW1pZC1ydAkt&userid=119.145.89.97_1489992304.173429&auth=935b701a15e9be83&p=qwyTl52jN76Q6C8ezBcqktTctmKhhxGdokYAVg%3D%3D&url=http%3A%2F%2Fsax.sina.com.cn%2Fclick%3Ftype%3D2%26t%3DYWIwYzkzOTctOWRhMy0zN2JlLTkwZTgtMmYxZWNjMTcyYTkyCTE3CVBEUFMwMDAwMDAwNDk0MzkJMTg0NzkzNwkxCVJUQgkt%26id%3D17%26url%3Dhttp%253A%252F%252F51485148.com%252F%253Fgzid%253DC100090%2526SET_A%253DPDPS000000049439%2526SET_B%253D743925%2526SET_C%253D1847937%2526SET_D%253D9d7e0303-fd24-49f2-8c2b-d29016049839%2526SET_E%
253D267438%2526SET_F%253D1%26sina_sign%3D5f4dd73742df4865&sign=8fd9f19820ac0b91" onmousedown="return sinaadToolkit.url.fortp(this, event);"><img border="0" src="http://d6.sina.com.cn/pfpghc2/201703/21/ff328cbc465743fdb8e2be2160d77133.jpg" style="width:1000px;height:90px;border:0" alt="http://d6.sina.com.cn/pfpghc2/201703/21/ff328cbc465743fdb8e2be2160d77133.jpg"></a><div style="width: 26px; height: 13px; position: absolute; right: 1px; bottom: 1px; z-index: 99; background: url("//d2.sina.com.cn/litong/zhitou/sinaads/release/ad_logo_update_IAB.gif") no-repeat;"></div></ins></ins>
4.<iframe>
5.關閉廣告(標簽):
<div style="background: url("http://d1.sina.com.cn/litong/zhitou/sinaads/
60x18_2_close.gif") left top no-repeat; cursor: pointer; z-index: 11010; position: absolute; width: 60px; height: 18px; right: 7px; top: 1px;"></div>
6.<a>…</a>,例子:url: http://www.piaohua.com/
<div style="position:absolute;z-index:1">
<a target="_blank">
<img src=http://dm.flash.twyxi.com/flash//c.gif width="300" height="250" border="0">
</a></div>
7.小部分浮窗廣告為flash(chrome瀏覽器自動屏蔽flash)
PS:
1 <a href="javascript:alert(1)" ></a>
2 <iframe src="javascript:alert(1)" />
3 <img src='x' onerror="alert(1)" />
4 <video src='x' onerror="alert(1)" ></video>
5 <div onclick="alert(1)" onmouseover="alert(2)" ><div>
6 flash
