Above is the code Comcast is injecting into their customers web traffic when they need to display an "important message".
Feel free to read the blog post that goes along with this code.
Last active
June 10, 2023 14:40
-
-
Save ryankearney/4146814 to your computer and use it in GitHub Desktop.
This is the code Comcast is injecting into its users web traffic.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script language="JavaScript" type="text/javascript"> | |
| // Comcast Cable Communications, LLC Proprietary. Copyright 2012. | |
| // Intended use is to display browser notifications for critical and time sensitive alerts. | |
| var SYS_URL='/e8f6b078-0f35-11de-85c5-efc5ef23aa1f/aupm/notify.do'; | |
| // var image_url='http://servicealerts.comcast.net:8080/images/mt'; | |
| var image_url='http://xfinity.comcast.net/constantguard/BotAssistance/notice/images'; | |
| var headertext1='<strong>Comcast Courtesy Notice</strong>'; | |
| var textline1='You have reached 90% of your <b>monthly data usage allowance</b>.'; | |
| var textline2='Please sign in for more information and to remove this alert.'; | |
| var acknowledgebutton='<a href=\"#\" onClick="document.location.href=\''+SYS_URL+'?dispatch=redirect&redirectName=login¶mName=bmUid\'" title="Sign in to acknowledge" style="color: #FFFFFF;"><img alt="Sign in to acknowledge" src="'+image_url+'/mt_signin.png"/></a>'; | |
| var verifybulletin='<a href="http://customer.comcast.com/help-and-support/internet/data-usage-plans-nash/" target="_new">How do I know this message is from Comcast?</a>'; | |
| if(self.location==top.location) { | |
| document.write('<style type="text/css">'); | |
| document.write('#comcast_content {width: 600px; height:240px; box-shadow: 10px 10px 5px #888; background: #fff; border: 1px solid #454545; position:absolute; top:50px; left:100px; zoom:1; z-index: 9999999; opacity:0.90; filter:alpha(opacity=90);}'); | |
| document.write('#comcast_content .header {height: 35px; background:url('+image_url+'/headerbg.gif) repeat-x;}'); | |
| document.write('#comcast_content .a {color: #00a3e0;}'); | |
| document.write('#comcast_content .logo {float:left;}'); | |
| document.write('#comcast_content .content-wrapper {padding-left: 18px; padding-right: 15px; padding-bottom: 12px;}'); | |
| document.write('#comcast_content .headerimage { margin-top: 15px;}'); | |
| document.write('#comcast_content .header1 {margin: 18px 0 0 0; color: #C00000; padding: 3px; font: 23px/24px bold Arial, Helvetica, sans-serif;}'); | |
| document.write('#comcast_content .textcontent {margin: 12px 0 0 0; text-align: center; color: #303030; word-spacing: 0px; font: 14px/15px Arial, Helvetica, sans-serif; line-height: 1.20;}'); | |
| document.write('#comcast_content .acknowledge {padding-top:6px; text-align: center;}'); | |
| document.write('#comcast_content .how-do-i {float:left; position:absolute; bottom:20px; left:18px; margin: 12px 0 0 0; font: 13px/14px bold Arial, Helvetica, sans-serif; text-align: bottom;}'); | |
| document.write('#comcast_content .comcast-wrapper {float:right; position:absolute; bottom:15px; right:18px; padding-top:0px; text-align: right;}'); | |
| document.write('</style>'); | |
| document.write('<div class="main-wrapper" id="comcast_content">'); | |
| document.write('<div class="header" onmousedown="javascript:dragStart(event,\'comcast_content\')">'); | |
| document.write('<img src="'+image_url+'/xfinity-logo.gif" alt="Xfinity" class="logo"/>'); | |
| document.write('</div>'); | |
| document.write('<div class="content-wrapper">'); | |
| document.write('<p class="header1">'); | |
| document.write(headertext1); | |
| document.write('</p>'); | |
| document.write('<p class="textcontent">'); | |
| document.write(textline1); | |
| document.write('</p>'); | |
| document.write('<p class="textcontent">'); | |
| document.write(textline2); | |
| document.write('</p>'); | |
| document.write('<p class="how-do-i">'); | |
| document.write(verifybulletin); | |
| document.write('</p>'); | |
| document.write('<div class="acknowledge">'); | |
| document.write(acknowledgebutton); | |
| document.write('</div>'); | |
| document.write('<div class="comcast-wrapper">'); | |
| document.write('<img src="'+image_url+'/message-by-comcast.gif" alt="Message by Comcast"/>'); | |
| document.write('</div>'); | |
| document.write('</div>'); | |
| document.write('</div>'); | |
| } | |
| // Function to Determine browser and version. Copyright 2001 by Mike Hall. | |
| // See http://www.brainjar.com for terms of use. | |
| function Browser() { | |
| var ua, s, i; | |
| this.isIE = false; | |
| this.isNS = false; | |
| this.version = null; | |
| ua = navigator.userAgent; | |
| s = "MSIE"; | |
| if ((i = ua.indexOf(s)) >= 1) { | |
| this.isIE = true; this.version = parseFloat(ua.substr(i + s.length)); return; | |
| } | |
| s = "Netscape6/"; | |
| if ((i = ua.indexOf(s)) >= 0) { | |
| this.isNS = true; this.version = parseFloat(ua.substr(i + s.length)); return; | |
| } | |
| s = "Gecko"; | |
| if ((i = ua.indexOf(s)) >= 0) { | |
| this.isNS = true; this.version = 6.1; return; | |
| } | |
| } | |
| var browser1 = new Browser(); | |
| var dragObj = new Object(); | |
| dragObj.zIndex = 99999; | |
| function dragStart(event, id) { | |
| var el; | |
| var x, y; | |
| if (id) dragObj.elNode = document.getElementById(id); | |
| else { | |
| if (browser1.isIE) dragObj.elNode = window.event.srcElement; | |
| if (browser1.isNS) dragObj.elNode = event.target; | |
| if (dragObj.elNode.nodeType == 3) dragObj.elNode = dragObj.elNode.parentNode; | |
| } | |
| if (browser1.isIE) { | |
| x = window.event.clientX + document.documentElement.scrollLeft + document.body.scrollLeft; | |
| y = window.event.clientY + document.documentElement.scrollTop + document.body.scrollTop; | |
| } | |
| if (browser1.isNS) { | |
| x = event.clientX + window.scrollX; | |
| y = event.clientY + window.scrollY; | |
| } | |
| dragObj.cursorStartX = x; | |
| dragObj.cursorStartY = y; | |
| dragObj.elStartLeft = parseInt(dragObj.elNode.style.left, 10); | |
| dragObj.elStartTop = parseInt(dragObj.elNode.style.top, 10); | |
| if (isNaN(dragObj.elStartLeft)) dragObj.elStartLeft = 100; | |
| if (isNaN(dragObj.elStartTop)) dragObj.elStartTop = 50; | |
| if (browser1.isIE) { | |
| document.attachEvent("onmousemove", dragGo); | |
| document.attachEvent("onmouseup", dragStop); | |
| window.event.cancelBubble = true; | |
| window.event.returnValue = false; } | |
| if (browser1.isNS) { | |
| document.addEventListener("mousemove", dragGo, true); | |
| document.addEventListener("mouseup", dragStop, true); | |
| event.preventDefault(); | |
| } | |
| } | |
| // End Function | |
| function dragGo(event) { | |
| var x, y; | |
| if (browser1.isIE) { | |
| x = window.event.clientX + document.documentElement.scrollLeft + document.body.scrollLeft; | |
| y = window.event.clientY + document.documentElement.scrollTop + document.body.scrollTop; | |
| } | |
| if (browser1.isNS) { | |
| x = event.clientX + window.scrollX; y = event.clientY + window.scrollY; | |
| } | |
| dragObj.elNode.style.left = (dragObj.elStartLeft + x - dragObj.cursorStartX) + "px"; | |
| dragObj.elNode.style.top = (dragObj.elStartTop + y - dragObj.cursorStartY) + "px"; | |
| if (browser1.isIE) { window.event.cancelBubble = true; window.event.returnValue = false; } | |
| if (browser1.isNS) event.preventDefault(); } | |
| function dragStop(event) { | |
| if (browser1.isIE) { | |
| document.detachEvent("onmousemove", dragGo); | |
| document.detachEvent("onmouseup", dragStop); | |
| } | |
| if (browser1.isNS) { | |
| document.removeEventListener("mousemove", dragGo, true); | |
| document.removeEventListener("mouseup", dragStop, true); | |
| } | |
| } | |
| var xmlhttp=false; /*@cc_on @*/ /*@if (@_jscript_version >= 5) try { xmlhttp = new ActiveXObject("Msxml2.XMLHTTP"); } catch (e) { try { xmlhttp = new ActiveXObject("Microsoft.XMLHTTP"); } catch (E) { xmlhttp = false; } } @end @*/ if (!xmlhttp && typeof XMLHttpRequest!='undefined') { try { xmlhttp = new XMLHttpRequest(); } catch (e) { xmlhttp=false; } } if (!xmlhttp && window.createRequest) { try { xmlhttp = window.createRequest(); } catch (e) { xmlhttp=false; } } | |
| function acknowledge() { sendAck(); document.getElementById('comcast_content').style.display="none"; } | |
| function sendAck(){ xmlhttp.open("GET", SYS_URL+'?dispatch=ackBulletin',true); xmlhttp.send(null) } | |
| var comcastCheck=1; | |
| var comcastTimer; | |
| function checkBulletin(){ | |
| if(comcastCheck==0) { return; } | |
| xmlhttp.open("GET", SYS_URL+'?dispatch=checkBulletin',true); | |
| xmlhttp.onreadystatechange = function() { | |
| if (xmlhttp.readyState == 4) { | |
| if(xmlhttp.responseText.indexOf('43a1028c-7d11-11de-b687-1f15c5ad6a13')==-1){ | |
| document.getElementById('comcast_content').style.display="none"; | |
| comcastCheck=1; | |
| } | |
| comcastTimer=setTimeout("checkBulletin()",5000); | |
| }; | |
| }; | |
| xmlhttp.send(null); | |
| } | |
| checkBulletin(); | |
| </script> |
still getting this message in 2019. doesn't seem like a very "critical time sensitive" notification.
how is this legal !?!? i thought for sure i had a virus.
http://bsonspec.org/spec.html is the page i was visiting
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@r3wt how is this legal? what law makes it legal? When a customer is coming to my site and they intercept the code that I own the copyright to and modify it, they are illegally making a derivative work of my code. I don't see how anyone can claim this is legal. I am waiting for a response from our attorneys, we are looking for any cases that legalize this, but right now I don't see how anyone can claim this is legal.