劫持处理
2017-04-26 本文已影响0人
哪吒闹海全靠浪
<!-- 反劫持 S -->
<script>
(function () {
//设置cookie
function setCookie(name, value, domain, path, expires) {
if(expires){
expires = new Date(+new Date() + expires);
}
var tempcookie = name + '=' + escape(value) +
((expires) ? '; expires=' + expires.toGMTString() : '') +
((path) ? '; path=' + path : '') +
((domain) ? '; domain=' + domain : '');
//Ensure the cookie's size is under the limitation
if(tempcookie.length < 4096) {
document.cookie = tempcookie;
}
}
//获取cookie
function getCookie(name) {
var arr, reg = new RegExp("(^| )" + name + "=([^;]*)(;|$)");
if (arr = document.cookie.match(reg))
return (arr[2]);
else
return null;
}
//创建并发送请求
function createSender(url){
var img = new Image();
img.onload = img.onerror = function(){
img = null;
};
img.src = url;
}
/*
*防劫持逻辑所需参数在此处设置参数即可
*cookieName:用于记录连续被劫持的次数,为防止死循环,cookie值为3以上则不进行url重置
*cookieDomain:cookie所在的域
*reportUrl:非连续性劫持时上报的接口地址【如无需上报,可不填】
*reportUrl2:连续性劫持时上报的接口地址【如无需上报,可不填】
*/
var cookieName = 'hiijack';
var cookieDomain = '.readnovel.com';
var reportUrl = '<%= staticConf.domains.hiijack %>/ajax/safe/hiijackReport?times=1&_csrfToken='+ getCookie('_csrfToken')||'';
var reportUrl2 = '<%= staticConf.domains.hiijack %>/ajax/safe/hiijackReport?times=3&_csrfToken='+ getCookie('_csrfToken')||'';
//判断是否被iframe
if (top.location !== self.location) {
//用于记录被劫持的次数
var countHijack;
//如果未设置cookie,则需要set一下cookie,否则获取此cookie的值
if(!getCookie(cookieName)){
setCookie(cookieName,0 ,cookieDomain, '', 30*24*60*60*1000);
countHijack = 0;
}else{
countHijack = parseInt(getCookie(cookieName));
}
//如果连续被劫持的次数大于等于3次,则发请求上报此情况,否则上报非连续性的情况,同时累加被劫持次数、重置当前url
if(countHijack >= 3){
reportUrl2 && reportUrl2!='' && createSender(reportUrl2);
}else{
reportUrl && reportUrl!=''&& createSender(reportUrl);
countHijack ++;
setCookie(cookieName, countHijack ,cookieDomain, '', 30*24*60*60*1000);
top.location = self.location;
}
}
//每次成功进入页面则计数清0
setCookie(cookieName, 0 ,cookieDomain, '', 30*24*60*60*1000);
})();
</script>
<!-- 反劫持 E -->
