Known Threat error for Javascript code

  • Resolved gayathri7066

    (@gayathri7066)


    8 years, 4 months ago

    Hi,

    I installed the plugin on one of my sites, and it reports a Known Threat for one of the php files of my plugin. I had a closer look at it and it shows the threat in the lines of code where I have included Javascript. For example, the below lines are reported as a threat:

    <script>
    function backtologin(){
    jQuery(‘#back_to_login_form’).submit();
    }
    </script>

    How is having a script on the php file identified as a threat?

    Please give some insights on this.

    Thanks,
    Gayathri S.

Viewing 1 replies (of 1 total)
  • Plugin Author Eli

    (@scheeeli)

    8 years, 4 months ago

    Hi Gayathri,
    I see that you posted this same question on my website also, but with a different code snippet. Neither the code you posted here nor the code you posted on my website have anything malicious in them. To answer your question directly: having a script in a php file is not a threat.

    It might have helped to have a little bit more information about the surrounding code or where these snippets of benign code were found but I think I can make a guess that could be a little more helpful. Is it possible that this JavaScript was not placed inside of the BODY or HEAD tags?

    Because it is common for hackers to inject JavaScript into the wrong places in your HTML, and it is improper to place a SCRIPT tag outside or even between the HEAD and BODY tags.

    Please feel free to post a reply with more details or you can contact me directly if you have any sensitive information that you don’t want posted publicly:
    eli AT gotmls DOT net

Viewing 1 replies (of 1 total)

The topic ‘Known Threat error for Javascript code’ is closed to new replies.