Reputation: 201
localhost javascript bundled is trying to be injected to my website by an user. (Reported by Sentry an error and performance tracking tool)
I can see in Sentry report that, Along with my vendors~main-6319dfea084cb55e85bf.js,main-6319dfea084cb55e85bf.js and other resource.scripts and resource.css files i can see https://localhost:49506/7pp3ab609c5236b3bf34c2b621ac79ba.js script is been injected and also- GET https://localhost:49506/storage/userId and GET https://localhost:49506/storage/pendingRequests api calls has been triggered.
The attacker tried this from EDGE browser. The application was developed with typescript and Reactjs.
My questions are,
- What type of attack it is?
- How can i handled this?
Also if any additional info, please post here.
Thanks in advance.
Upvotes: 5
Views: 1292
Answers (1)
Reputation: 1238
Had a user complaining our website wouldn't work on their version of MacOS. The information already posted here is correct. Remove any application from your computer named Survey Junky and any browser extension you may have installed by a similar name such as SJ Pulse. I suspect the program puts a proxy on your computer and when the proxy isn't running your web browser stops working correctly. Or it just interferes with internet connections in general.
Upvotes: 1
Related Questions
- React Typescript Problem with injected props
- Javascript injected in all drupal websites of a server
- How to prevent script injection attacks
- "WebExtension::executeScript: content script injected VM149:1" in Chrome loading React app
- Why would Webpack inject React
- React.js SPA security issues
- Having a prod build issue with Webpack, React, postCSS, and possibly other JS code being injected properly
- Javascript Injected in browser
- Preventing Javascript Injection(not sure if it is js injection)
- How to prevent JavaScript Injection Attacks