Comcast is using JavaScript injection to popup modem upgrade ads on non-HTTPS sites
| <script language="JavaScript" type="text/javascript"> | |
| // Copyright (C) 2015 Comcast Cable Communications, LLC | |
| // Contact Us: http://customer.xfinity.com/contact-us/ | |
| // Intended use of this message is to display critical and time sensitive notifications to customers. | |
| /* | |
| This program is free software; you can redistribute it and/or | |
| modify it under the terms of the GNU General Public License | |
| as published by the Free Software Foundation; either version 2 | |
| of the License, or (at your option) any later version. | |
| This program is distributed in the hope that it will be useful, | |
| but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| GNU General Public License for more details. | |
| You should have received a copy of the GNU General Public License | |
| along with this program; if not, write to the Free Software | |
| Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |
| http://www.gnu.org/licenses/old-licenses/lgpl-2.0.en.html | |
| */ | |
| var _ComcastAlert = (function(){ | |
| return { | |
| SYS_URL: '/e8f6b078-0f35-11de-85c5-efc5ef23aa1f/aupm/notify.do' | |
| , dragObj: {zIndex: 999999} | |
| , browser: null | |
| , comcastCheck: 1 | |
| , comcastTimer: null | |
| , xmlhttp: null | |
| , go: function(){ | |
| if(self.location !== top.location) return; | |
| if(document.body){ | |
| _ComcastAlert.ComcastBrowserNotice(); | |
| _ComcastAlert.browser = _ComcastAlert.checkBrowser(); | |
| _ComcastAlert.getXmlhttp(); | |
| _ComcastAlert.checkBulletin(); | |
| return _ComcastAlert; | |
| }else{ | |
| setTimeout(_ComcastAlert.go, 200); | |
| } | |
| } | |
| , ComcastBrowserNotice: function(){ | |
| var image_url = 'http://bnpsa.g.comcast.net:80/images/mydevicealert/browser/'; | |
| var comcastAlertAnalytics = 'DPE_Group_19_D3_EOL_Speed_Own_All.png'; | |
| var notice_width = '600px'; | |
| var notice_height = '550px'; | |
| var winObj = { | |
| image_url: image_url | |
| , comcastAlertAnalytics: comcastAlertAnalytics | |
| , notice_width: notice_width | |
| , notice_height: notice_height | |
| , comcastlogo_url: '<img src="' + image_url + 'comcast-logo-115x50.png" height="50" width="115"/>' | |
| , xfinitylogo_url: '<img src="' + image_url + 'Xfinity-Logo-White-221x124.png" height="55" width="99"/>' | |
| , headertext1: '<b>We've increased Internet speeds in your area.</b>' | |
| , headertext2: '<b>Update your modem to start enjoying them.</b>' | |
| , textline1: 'We've noticed you have an older modem that can't keep up with faster Internet speeds now available in your area.' | |
| , textline2: 'To start enjoying faster Internet, you can:' | |
| , textline3: '<b>Buy from a retailer</b>' | |
| , textline4: 'Before you make your purchase, visit <a href=\"#\" onClick="document.location.href=\'' + this.SYS_URL + '?dispatch=ackBulletinRedirectSleep&redirectName=dpe_mydeviceinfo_portal\'"><font color=#008EC9>mydeviceinfo.xfinity.com</font></a> to view a list of modems certified on our network.' | |
| , textline5: '<b>Lease an XFINITY Gateway</b> (current lease fees would apply)' | |
| , textline6: 'Visit <a href=\"#\" onClick="document.location.href=\'' + this.SYS_URL + '?dispatch=ackBulletinRedirectSleep&redirectName=dpe_device_upgrade_portal\'"><font color=#008EC9>xfinity.com/deviceupgrade</font></a> to order a self-install kit or call <font color=#008EC9></br>1-855-242-2876</font>.' | |
| , textline7: 'Questions? Find answers at <a href=\"#\" onClick="document.location.href=\'' + this.SYS_URL + '?dispatch=ackBulletinRedirectSleep&redirectName=dpe_trade_up\'"><font color=#008EC9>xfinity.com/tradeup</font></a>.' | |
| , textline8: 'Thank you for choosing XFINITY. Ensuring that you get the most from your Internet service is part of our commitment to improving your overall experience.' | |
| , textline9: 'Equipment Update' | |
| , privacypolicylink: '<a href="http://my.xfinity.com/privacy/" target="_new" style="color: #000000">PRIVACY POLICY</a>' | |
| , termslink: '<a href="http://my.xfinity.com/terms/" target="_new" style="color: #000000">TERMS OF SERVICE</a>' | |
| , closebulletin: '<a href=\"#\" onClick=\"javascript:_ComcastAlert.close_comcast_alert()\"><img src="' + image_url + 'close_button_78x78.png" height="28" width="28"/></a>' | |
| , ackbulletin: '<a href=\"#\" onClick="document.location.href=\'' + this.SYS_URL + '?dispatch=ackBulletinRedirectSleep&redirectName=dpe_trade_up\'"><img src="' + image_url + 'trade_up_now_button_270x90.png" height="40" width="121"/></a>' | |
| , analytics: '<img src="' + image_url + encodeURIComponent(comcastAlertAnalytics) + '?' + _ComcastAlert.comcastContentnoCache() + '">' | |
| }; | |
| this.createWindow(winObj); | |
| } | |
| , createWindow: function(winObj){ | |
| var html = '<style type="text/css">'; | |
| html += '#comcast_content {width: ' + winObj.notice_width + '; height:' + winObj.notice_height + '; background:#ffffff; border: 1px solid #454545; position:absolute; top:150px; left:100px; zoom:1; z-index: 9999999999; opacity:0.99; filter:alpha(opacity=99);}'; | |
| html += '#comcast_content .header {height: 60px; width: ' + winObj.notice_width + '; background-color:#000000; repeat-x; z-index: 99999999;}'; | |
| html += '#comcast_content .content-wrapper {padding-left: 5px; padding-right: 5px; padding-bottom: 5px;}'; | |
| html += '#comcast_content .titletext1 {margin: 30px 20px 20px 30px; color: #303030; text-align: left; padding: 0; font: 22px/24px bold Helvetica, Geneva, sans-serif; font-weight: 200;}'; | |
| html += '#comcast_content .titletext2 {margin: 15px 20px 20px 30px; color: #303030; text-align: left; padding: 0; font: 16px/18px bold Helvetica, Geneva, sans-serif; font-weight: 200;}'; | |
| html += '#comcast_content .textcontent1 {margin: 15px 20px 0 30px; color: #303030; text-align: left; padding: 0; font: 15px/16px Helvetica, Geneva, sans-serif; font-weight: 200; line-height: 1.1;}'; | |
| html += '#comcast_content .textcontent2 {margin: 40px 20px 0 30px; color: #4C4C4C; text-align: left; padding: 0; font: 15px/16px Helvetica, Geneva, sans-serif; font-weight: 200; line-height: 1.2;}'; | |
| html += '#comcast_content .textcontent3 {margin: 10px 20px 0 40px; color: #000000; text-align: left; padding: 0; font: 15px/15px Helvetica, Geneva, sans-serif; font-weight: 200; line-height: 1.0;}'; | |
| html += '#comcast_content .privacystatement {display: inline-block; position:absolute; bottom:5px; left:20px; font: 12px/12px Helvetica, Geneva, sans-serif; font-weight: 200; text-align: bottom; white-space:nowrap;}'; | |
| html += '#comcast_content .privacystatement:link {color:#000000; text-decoration:none;}'; | |
| html += '#comcast_content .privacystatement:visited {color:#000000; text-decoration:none;}'; | |
| html += '#comcast_content .privacystatement:hover {color:#000000; text-decoration:underline;}'; | |
| html += '#comcast_content .termsofservice {display: inline-block; position:absolute; bottom:5px; left:150px; font: 12px/12px Helvetica, Geneva, sans-serif; font-weight: 200; text-align: bottom; white-space:nowrap;}'; | |
| html += '#comcast_content .termsofservice:link {color:#000000; text-decoration:none;}'; | |
| html += '#comcast_content .termsofservice:visited {color:#000000; text-decoration:none;}'; | |
| html += '#comcast_content .termsofservice:hover {color:#000000; text-decoration:underline;}'; | |
| html += '#comcast_content .comcastlogo {display: inline-block; position:absolute; bottom:5px; right:5px; margin: 0 0 0 0; height:50px; width:115px; z-index: 9999999999;}'; | |
| html += '#comcast_content .comcastanalytics {display: inline-block; position:absolute; bottom:3px; right:3px; height: 1px; width: 1px; z-index: -99999; margin: 0 0 0 0; }'; | |
| html += '#comcast_content .acknowledgebutton {display: inline-block; margin: 15px 20px 0 30px; color: #303030; text-align: left; padding: 0; font: 14px/16px Verdana, Geneva, sans-serif; line-height: 1.2; z-index: 9999999999; }'; | |
| html += '#comcast_content .xfinitylogo {display: inline-block; position:absolute; z-index: 9999999999; left:10px; top:5px; margin: 0 0 0 0; height:62px; width:110px;}'; | |
| html += '#comcast_content .closebn {display: inline-block; position:absolute; z-index: 9999999999; left:555px; top:16px; height:32px; width:32px; margin: 0 0 0 0;}'; | |
| html += '</style>'; | |
| html += '<div class="main-wrapper" id="comcast_content">'; | |
| html += '<div class="header" onmousedown="javascript:_ComcastAlert.dragStart(event,\'comcast_content\')">'; | |
| html += '</div>'; | |
| html += '<div class="content-wrapper">'; | |
| html += '<p class="xfinitylogo">'; | |
| html += winObj.xfinitylogo_url; | |
| html += '</p>'; | |
| html += '<p class="closebn">'; | |
| html += winObj.closebulletin; | |
| html += '</p>'; | |
| html += '<p class="titletext1">'; | |
| html += winObj.headertext1; | |
| html += '</p>'; | |
| html += '<p class="titletext2">'; | |
| html += winObj.headertext2; | |
| html += '</p>'; | |
| html += '<p class="textcontent1">'; | |
| html += winObj.textline1; | |
| html += '</p>'; | |
| html += '<p class="textcontent1">'; | |
| html += winObj.textline2; | |
| html += '</p>'; | |
| html += '<p class="textcontent3">'; | |
| html += winObj.textline3; | |
| html += '</p>'; | |
| html += '<p class="textcontent3">'; | |
| html += winObj.textline4; | |
| html += '</p>'; | |
| html += '<p class="textcontent3">'; | |
| html += winObj.textline5; | |
| html += '</p>'; | |
| html += '<p class="textcontent3">'; | |
| html += winObj.textline6; | |
| html += '</p>'; | |
| html += '<p class="textcontent1">'; | |
| html += winObj.textline7; | |
| html += '</p>'; | |
| html += '<p class="textcontent1">'; | |
| html += winObj.textline8; | |
| html += '</p>'; | |
| html += '<p class="textcontent2">'; | |
| html += winObj.textline9; | |
| html += '</p>'; | |
| html += '<p class="privacystatement">'; | |
| html += winObj.privacypolicylink; | |
| html += '</p>'; | |
| html += '<p class="termsofservice">'; | |
| html += winObj.termslink; | |
| html += '</p>'; | |
| html += '<p class="comcastlogo">'; | |
| html += winObj.comcastlogo_url; | |
| html += '</p>'; | |
| html += '<p class="comcastanalytics">'; | |
| html += winObj.analytics; | |
| html += '</p>'; | |
| html += '</div>'; | |
| html += '</div>'; | |
| html += '</div>'; | |
| document.body.innerHTML = document.body.innerHTML + html; | |
| } | |
| // Function to Determine browser and version. Copyright 2001 by Mike Hall. | |
| , checkBrowser: function() { | |
| var ua, s, i; | |
| var browser = { | |
| isIE: false | |
| , isNS: false | |
| , version: null | |
| }; | |
| ua = navigator.userAgent; | |
| s = "MSIE"; | |
| if ((i = ua.indexOf(s)) >= 1) { | |
| browser.isIE = true; browser.version = parseFloat(ua.substr(i + s.length)); | |
| } | |
| s = "Netscape6/"; | |
| if ((i = ua.indexOf(s)) >= 0) { | |
| browser.isNS = true; browser.version = parseFloat(ua.substr(i + s.length)); | |
| } | |
| s = "Gecko"; | |
| if ((i = ua.indexOf(s)) >= 0) { | |
| browser.isNS = true; browser.version = 6.1; | |
| } | |
| return browser; | |
| } | |
| , dragStart: function(event, id) { | |
| var browser1 = _ComcastAlert.browser; | |
| var dragObj = _ComcastAlert.dragObj; | |
| var el; | |
| var x, y; | |
| if (id) dragObj.elNode = document.getElementById(id); | |
| else { | |
| if (browser1.isIE) dragObj.elNode = window.event.srcElement; | |
| if (browser1.isNS) dragObj.elNode = event.target; | |
| if (dragObj.elNode.nodeType == 3) dragObj.elNode = dragObj.elNode.parentNode; | |
| } | |
| if (browser1.isIE) { | |
| x = window.event.clientX + document.documentElement.scrollLeft + document.body.scrollLeft; | |
| y = window.event.clientY + document.documentElement.scrollTop + document.body.scrollTop; | |
| } | |
| if (browser1.isNS) { | |
| x = event.clientX + window.scrollX; | |
| y = event.clientY + window.scrollY; | |
| } | |
| dragObj.cursorStartX = x; | |
| dragObj.cursorStartY = y; | |
| dragObj.elStartLeft = parseInt(dragObj.elNode.style.left, 10); | |
| dragObj.elStartTop = parseInt(dragObj.elNode.style.top, 10); | |
| if (isNaN(dragObj.elStartLeft)) dragObj.elStartLeft = 100; | |
| if (isNaN(dragObj.elStartTop)) dragObj.elStartTop = 50; | |
| if (browser1.isIE) { | |
| document.attachEvent("onmousemove", _ComcastAlert.dragGo); | |
| document.attachEvent("onmouseup", _ComcastAlert.dragStop); | |
| window.event.cancelBubble = true; | |
| window.event.returnValue = false; } | |
| if (browser1.isNS) { | |
| document.addEventListener("mousemove", _ComcastAlert.dragGo, true); | |
| document.addEventListener("mouseup", _ComcastAlert.dragStop, true); | |
| event.preventDefault(); | |
| } | |
| } | |
| // End Function | |
| , comcastContentnoCache: function() { | |
| return Math.round(Math.random() * 96151252); | |
| } | |
| , dragGo: function(event) { | |
| var browser1 = _ComcastAlert.browser; | |
| var dragObj = _ComcastAlert.dragObj; | |
| var x, y; | |
| if (browser1.isIE) { | |
| x = window.event.clientX + document.documentElement.scrollLeft + document.body.scrollLeft; | |
| y = window.event.clientY + document.documentElement.scrollTop + document.body.scrollTop; | |
| } | |
| if (browser1.isNS) { | |
| x = event.clientX + window.scrollX; y = event.clientY + window.scrollY; | |
| } | |
| dragObj.elNode.style.left = (dragObj.elStartLeft + x - dragObj.cursorStartX) + "px"; | |
| dragObj.elNode.style.top = (dragObj.elStartTop + y - dragObj.cursorStartY) + "px"; | |
| if (browser1.isIE) { window.event.cancelBubble = true; window.event.returnValue = false; } | |
| if (browser1.isNS) event.preventDefault(); | |
| } | |
| , dragStop: function(event) { | |
| var browser1 = _ComcastAlert.browser; | |
| if (browser1.isIE) { | |
| document.detachEvent("onmousemove", _ComcastAlert.dragGo); | |
| document.detachEvent("onmouseup", _ComcastAlert.dragStop); | |
| } | |
| if (browser1.isNS) { | |
| document.removeEventListener("mousemove", _ComcastAlert.dragGo, true); | |
| document.removeEventListener("mouseup", _ComcastAlert.dragStop, true); | |
| } | |
| } | |
| , getXmlhttp: function(){ | |
| var xmlhttp=false; /*@cc_on @*/ /*@if (@_jscript_version >= 5) try { xmlhttp = new ActiveXObject("Msxml2.XMLHTTP"); } catch (e) { try { xmlhttp = new ActiveXObject("Microsoft.XMLHTTP"); } catch (E) { xmlhttp = false; } } @end @*/ | |
| if (!xmlhttp && typeof XMLHttpRequest!='undefined') { | |
| try { | |
| xmlhttp = new XMLHttpRequest(); | |
| } catch (e) { | |
| xmlhttp=false; | |
| } | |
| } | |
| if (!xmlhttp && window.createRequest) { | |
| try { | |
| xmlhttp = window.createRequest(); | |
| } catch (e) { | |
| xmlhttp=false; | |
| } | |
| } | |
| this.xmlhttp = xmlhttp; | |
| } | |
| , checkBulletin: function(){ | |
| if(_ComcastAlert.comcastCheck==0) { return; } | |
| var xmlhttp = _ComcastAlert.xmlhttp; | |
| xmlhttp.open("GET", _ComcastAlert.SYS_URL+'?dispatch=checkBulletin',true); | |
| xmlhttp.onreadystatechange = function() { | |
| if (xmlhttp.readyState == 4) { | |
| if(xmlhttp.responseText.indexOf('43a1028c-7d11-11de-b687-1f15c5ad6a13') == -1){ | |
| document.getElementById('comcast_content').style.display="none"; | |
| _ComcastAlert.comcastCheck = 0; | |
| } | |
| _ComcastAlert.comcastTimer = setTimeout("_ComcastAlert.checkBulletin()",5000); | |
| }; | |
| }; | |
| xmlhttp.send(null); | |
| } | |
| , close_comcast_alert: function() { | |
| document.getElementById('comcast_content').style.display = "none"; | |
| _ComcastAlert.sendAck(); | |
| } | |
| , acknowledge: function() { | |
| _ComcastAlert.sendAck(); | |
| document.getElementById('comcast_content').style.display = "none"; | |
| } | |
| , sendAck: function(){ | |
| var xmlhttp = _ComcastAlert.xmlhttp; | |
| xmlhttp.open("GET", _ComcastAlert.SYS_URL+'?dispatch=ackBulletin',true); | |
| xmlhttp.send(null) | |
| } | |
| } | |
| }()); | |
| _ComcastAlert.go(); | |
| </script> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment