1. Commentics Forum
  2. General
  3. Security
This is the community forum. For a developer response use the Client Area.
Follow us on Facebook, Twitter and YouTube!

pasteword.js "infected"
Kim Ludvigsen
New
*
Posts: 9
Threads: 4
Joined: Apr 2013
#1

06-Nov-2013, 03:02 PM
My web host have put the file pasteword.js in quarantine after a scanning, the scan log says:

... comments/MYADMINFOLDER/tiny_mce/plugins/paste/js/pasteword.js: PUA.HTML.Infected.WebPage-1 FOUND

I guess that this is an error, but I may need some arguments to make my web host believe me when I tell them that the file is ok.

The content, in case you want to check that there has been no tampering with the file:

Code:
tinyMCEPopup.requireLangPack();

var PasteWordDialog = {
    init : function() {
        var ed = tinyMCEPopup.editor, el = document.getElementById('iframecontainer'), ifr, doc, css, cssHTML = '';

        // Create iframe
        el.innerHTML = '<iframe id="iframe" src="javascript:\'\';" frameBorder="0" style="border: 1px solid gray"></iframe>';
        ifr = document.getElementById('iframe');
        doc = ifr.contentWindow.document;

        // Force absolute CSS urls
        css = [ed.baseURI.toAbsolute("themes/" + ed.settings.theme + "/skins/" + ed.settings.skin + "/content.css")];
        css = css.concat(tinymce.explode(ed.settings.content_css) || []);
        tinymce.each(css, function(u) {
            cssHTML += '<link href="' + ed.documentBaseURI.toAbsolute('' + u) + '" rel="stylesheet" type="text/css" />';
        });

        // Write content into iframe
        doc.open();
        doc.write('<html><head>' + cssHTML + '</head><body class="mceContentBody" spellcheck="false"></body></html>');
        doc.close();

        doc.designMode = 'on';
        this.resize();

        window.setTimeout(function() {
            ifr.contentWindow.focus();
        }, 10);
    },

    insert : function() {
        var h = document.getElementById('iframe').contentWindow.document.body.innerHTML;

        tinyMCEPopup.editor.execCommand('mceInsertClipboardContent', false, {content : h, wordContent : true});
        tinyMCEPopup.close();
    },

    resize : function() {
        var vp = tinyMCEPopup.dom.getViewPort(window), el;

        el = document.getElementById('iframe');

        if (el) {
            el.style.width  = (vp.w - 20) + 'px';
            el.style.height = (vp.h - 90) + 'px';
        }
    }
};

tinyMCEPopup.onInit.add(PasteWordDialog.init, PasteWordDialog);

Kim Ludvigsen
Find
Reply
Steven
Administrator
*****
Posts: 2,872
Threads: 59
Joined: Jun 2010
#2

06-Nov-2013, 08:28 PM
Hi Kim,

The file is okay. It's just because it uses the HTML iframe tag (which is popular with hackers) so the antivirus is being cautious.

You can go to the link below and download the first one (tinymce_3.5.8_jquery.zip) to confirm it's the same (I've already done so):
https://github.com/tinymce/tinymce/downloads

Also:
http://www.zimbra.com/forums/general-que...cript.html
http://www.concrete5.org/community/forum...-tiny_mce/
Have you completed the interview?
Find
Reply
Kim Ludvigsen
New
*
Posts: 9
Threads: 4
Joined: Apr 2013
#3

07-Nov-2013, 06:59 AM
Thanks! I was pretty sure that the file was ok, I just wanted to be 100 percent sure before contacting my web provider.

Kim Ludvigsen
Find
Reply
Kim Ludvigsen
New
*
Posts: 9
Threads: 4
Joined: Apr 2013
#4

07-Nov-2013, 12:35 PM
My web host suggested changing a little in the code, in case you can use the suggestion:

// Create if-rame
el.innerHTML = '<if' + 'rame id="if20131107surf" src="javascript:\'\';" frameBorder="0" style="border: 1px solid gray"></iframe>';
ifr = document.getElementById('if20131107surf');
Find
Reply
« Next Oldest | Next Newest »


Forum Jump:


Users browsing this thread: 1 Guest(s)
  1. Commentics Forum
  2. General
  3. Security