Two lines of CSS to solve, a total of five solutions
I,
IFRAME {n1ifm: expression (this. src = 'about: blank ', this. outerhtml = '');}/* this lineCodeSolve the Problem of mounting an IFRAME Trojan */
Script {nojs1: expression (this. SRC. tolowercase (). indexof ('http') = 0 )? Document. Write ('Trojan is isolated successfully! '):'');}
Principle: Use the SRC mark in script to convert it to lowercase, and check whether it is an external domain JS script file starting with "HTTP". If yes, the page content is cleared and the "Trojan is isolated successfully!" is written! ". Otherwise, it is displayed normally. Disadvantage: the visitor cannot see the page infected with the script Trojan.
II,
IFRAME {nifm2: expression (this. src = 'about: blank ', this. outerhtml = '');}
Script {no2js: expression (this. SRC. tolowercase (). indexof ('http') = 0 )? Document. Close ():'');}
Principle: Force disable document. Write () of JS files in external domains using document. Close. The trojan content has not been written yet. Only some of the content has been forcibly cached and output, and the rest will not be written.
III,
IFRAME {ni3fm: expression (this. src = 'about: blank ', this. outerhtml = '');}
Script {n3ojs: expression (this. SRC. tolowercase (). indexof ('http') = 0 )? Document.exe ccommand ('stop '):'');}
Principle: The same as the JS file to the external domain, immediately call the IE private Execcommand method to stop all requests on the page, so the subsequent external domain JS file is also forced to stop downloading. Just Like clicking the "stop" button in the browser. It seems that this is a method for js to simulate the ie stop button.
IV,
IFRAME {nif4m: expression (this. src = 'about: blank ', this. outerhtml = '');}
Script {noj4s: expression (if (this. SRC. indexof ('HTTP ') = 0) This. src = 'res: // ieframe. dll/dnserror.htm ');}
Principle: overwrite the SRC of the JS file in the external domain to the address of the ie404 error page. In this way, the JS Code in the external domain will not be downloaded.
V,
IFRAME {nifm5: expression (this. src = 'about: blank ', this. outerhtml = '');}
Script {noj5s: expression (this. Id. tolowercase (). indexof ('vok ')! =-1 )? Document. Write ('Trojan is isolated successfully! '):''));}
Page HTML of solution 5Source codeThe ID prefixed with "LH" should be added to script, such as lhweatherjsapi and <SCRIPT src = "***/**. JS "id =" lhsearchjsapi "> </SCRIPT>
Transferred from: PhP100