Datatable CDN redirects to malicious links automatically

Datatable CDN redirects to malicious links automatically

casperkamalcasperkamal Posts: 9Questions: 2Answers: 0

Hi,

I'm using datatable for a internal portal. I have used the datatables CDN to include the JS file. As seen here

<script src="http://cdn.datatables.net/responsive/2.1.1/js/dataTables.responsive.min.js"></script>

In the last few months there have been instances where i see some strange sites getting opened when user clicks on datatable links. I initially thought it might be some click bait kind of addin from chrome for the specific user. But as days went on i found many users raising the complaint. When analyzed i found the malicious links are getting invoked through the CDN JS scripts that i have included. Please see screen shots of chrome inspection window

The malicious link http://mutualvehemence.com/rZj9J7NO6HBw4h0f3/7259?_=1542862081322 is invoked from Datatble included through cdn.

I have a valid license for Datatable editor for single site usage so i don't think this is because of license. Please let me know fi anybody else have faced similar issue and how this can be sorted out.

Thanks

Answers

  • colincolin Posts: 15,240Questions: 1Answers: 2,599
    edited November 2018

    Hi @casperkamal ,

    The DataTables JS files are self-contained and don't load anything else. It looks like the problem is the link that is contained in the data, rather than any links in the JS files themselves.

    Cheers,

    Colin

  • allanallan Posts: 63,494Questions: 1Answers: 10,470 Site admin

    I agree with Colin that my first impression is that the data being displayed by the DataTable is where such links would be coming from. Could you link to the page showing the issue so I can urgently dig into it to confirm if that is the case or not? PM me if you don't want to make the link public.

    Thanks,
    Allan

  • casperkamalcasperkamal Posts: 9Questions: 2Answers: 0

    Thanks for the response allan. It is a malware and it has to do with chrome extensions. I will sort out. Thanks again for coming forward

This discussion has been closed.