我有一个检测Javascript错误在我的网站,并将它们发送到我的后台报告的脚本:
I have a script that detects Javascript errors on my website and sends them to my backend for reporting:
<script>
window.onerror = function(msg, url, line, col, error){
msg = msg || '';
url = url || '';
line = parseInt(line || 0);
// Note that col & error are new to the HTML 5 spec and may not be supported in every browser.
col = parseInt(col || 0);
error = error || '';
try
{
// Ajax Request for IE 5.5+, Firefox, Opera, Chrome, Safari XHR object
var x = new (this.XMLHttpRequest || ActiveXObject)('MSXML2.XMLHTTP.3.0');
x.open('POST', '/log.php', 1);
x.setRequestHeader('X-Requested-With', 'XMLHttpRequest');
x.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
x.send('msg='+encodeURIComponent(msg)+'&url='+encodeURIComponent(url)+'&line='+line+'&col='+col+'&error='+encodeURIComponent(error));
x.onreadystatechange = function()
{
if( (x.readyState > 3) && (x.status > 0 && x.status < 400))
window.console && console.log(x.responseText);
};
}
catch(e)
{
window.console && console.log(e);
}
return true;
};
</script>
我有一个服务器端的PHP脚本将侦听Ajax请求,并写入日志文件
I have a server-side php script that will listen for Ajax request and writes a log file
<?php
if( $handle = fopen('log.txt', 'a') ) {
$log = date('d/m/Y H:i:s').PHP_EOL;
if( isset($_REQUEST['msg']) )
$log .= 'msg:'.$_REQUEST['msg'].PHP_EOL;
if( isset($_REQUEST['url']) )
$log .= 'url:'.$_REQUEST['url'].PHP_EOL;
if( isset($_REQUEST['line']) )
$log .= 'line:'.$_REQUEST['line'].PHP_EOL;
if( isset($_REQUEST['col']) )
$log .= 'col:'.$_REQUEST['col'].PHP_EOL;
if( isset($_REQUEST['error']) )
$log .= 'error:'.$_REQUEST['error'].PHP_EOL;
$log .= '---------------------------------------------'.PHP_EOL;
fwrite($handle, $log);
fclose($handle);
echo 1;
} else {
echo 0;
}
如果在一个页面上涨JavaScript异常,如:
if in a page rise a javascript exception, eg:
<script> call_undefined_function(); </script>
写在日志文件...
write in the log file...
25/10/2014 11:31:08
msg:ReferenceError: call_undefined_function is not defined
url:http://www.test.it/
line:46
col:1
error:ReferenceError: call_undefined_function is not defined
---------------------------------------------
一切都运行得很好!
但是,我找了很多日志通过插件,工具栏,蠕虫或浏览器扩展使用的用户提出...
But, i find a lot of logs raised by plug-ins, toolbars, worms or browser extensions used by the users...
例如
24/10/2014 10:20:32
msg:Unsafe JavaScript attempt to access frame
url: http://ads.XXXXXX.net/?XXXXXX
line:0
col:0
error:Unsafe JavaScript attempt to access frame
---------------------------------------------
显然,这个剧本是不是我的网站,做一些研究,我发现是Internet Explorer的一个蠕虫病毒的
我的问题是:?如何限制日志以我自己的脚本
推荐答案
您可以随时检查针对的网址:
You could always check against the URL:
// If the script is not being loaded from my domain
if(url.indexOf('http://mydomain') == -1)
{
// Allow the error to propagate normally
return false;
}
这可能无效但是,如果一些第三方的注入,而不是外部加载的那些内嵌脚本。
This may not be effective however if some third party is injecting inline scripts as opposed to externally loaded ones.
相关推荐
最新文章