Beware the hidden proxy…

I lost several hours troubleshooting a particularly bizarre problem.

I’m currently developing a “simple” admin interface for our customer database here at IceTV and I found that certain pages would fail to load for no adequately explained reason.

I spent hours scowering logs, debuging our in-house Template engine, all to no avail.

The only things I noticed were

1) That the pages that failed to load had one thing in common, they contained some Javascript

and

2) That aditional javascript code was appearing in those pages, the extra code consisted of two blocks of Javascript, one at the top of the page and the other at the bottom of the pages, here they are…..

Top of page

function SymError()
{
  return true;
}

window.onerror = SymError;

var SymRealWinOpen = window.open;

function SymWinOpen(url, name, attributes)
{
  return (new Object());
}

window.open = SymWinOpen;

Bottom of page

var SymRealOnLoad;
var SymRealOnUnload;

function SymOnUnload()
{
  window.open = SymWinOpen;
  if(SymRealOnUnload != null)
     SymRealOnUnload();
}

function SymOnLoad()
{
  if(SymRealOnLoad != null)
     SymRealOnLoad();
  window.open = SymRealWinOpen;
  SymRealOnUnload = window.onunload;
  window.onunload = SymOnUnload;
}

SymRealOnLoad = window.onload;
window.onload = SymOnLoad;

It turns out that Norton Internet Security that came pre-installed on our machines is configured by default to do “Ad Blocking” and it does this by adding its own Javascript code to the downloaded pages (see above).

Unfortunately, for whatever reason it sometimes returns an empty page instead of the requested page, hence my problems.

Disabling the “Ad Blocking” functionality seems to have solved the problem.

It seems that a lot of the security tools around today intercept internet traffic, it may not be obvious so be warned!!!!

This entry was posted in Technology. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>