Scan your site now

Security Report Summary
E
Site:
Scanned Site(s):
1
IP Address:
66.199.189.163
Report Time:
23 Jan 2021 17:07:41 UTC
Checks:
Window Referrer
Window Opener
Comments
Enabled Debugging
Unsafe Functions
Warning:
Please have a look at the security issues / warnings in the report.
Security Issues
Window Referrer
  • window.open(url, title, (options ? options + ',' : '') + ['width=' + width, 'height=' + height, 'left=' + left, 'top=' + top].join());[http://fb88nephew4.bravesites.com/javascripts/plugins/jquery.asterion.utils.ui.js?1610396125]
  • window.open(url, '_blank');[http://fb88nephew4.bravesites.com/javascripts/plugins/jquery.asterion.link-intercept.js?1610396125]
  • window.open( data.link, '_blank' );[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • window.open( data.link, '_blank' );[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
Warnings
Comments
Comments should be removed from the public code of a web application, since it can give an aggressor critical insights into the inner structure of the program. By using this information, the attacker could easier understand how the user session is handled by javascript or figure out the pathway data is sent to the server.
  • /*! jQuery v1.12.4 | (c) jQuery Foundation | jquery.org/license */[http://fb88nephew4.bravesites.com/javascripts/jquery-1.12.4.min.js]
  • /*! jQuery UI - v1.12.1 - 2016-09-14* http://jqueryui.com* Includes: widget.js, position.js, data.js, disable-selection.js, effect.js, effects/effect-blind.js, effects/effect-bounce.js, effects/effect-clip.js, effects/effect-drop.js, effects/effect-explode.js, effects/effect-fade.js, effects/effect-fold.js, effects/effect-highlight.js, effects/effect-puff.js, effects/effect-pulsate.js, effects/effect-scale.js, effects/effect-shake.js, effects/effect-size.js, effects/effect-slide.js, effects/effect-transfer.js, focusable.js, form-reset-mixin.js, jquery-1-7.js, keycode.js, labels.js, scroll-parent.js, tabbable.js, unique-id.js, widgets/accordion.js, widgets/autocomplete.js, widgets/button.js, widgets/checkboxradio.js, widgets/controlgroup.js, widgets/datepicker.js, widgets/dialog.js, widgets/draggable.js, widgets/droppable.js, widgets/menu.js, widgets/mouse.js, widgets/progressbar.js, widgets/resizable.js, widgets/selectable.js, widgets/selectmenu.js, widgets/slider.js, widgets/sortable.js, widgets/spinner.js, widgets/tabs.js, widgets/tooltip.js* Copyright jQuery Foundation and other contributors; Licensed MIT */[http://fb88nephew4.bravesites.com/javascripts/jquery-ui-1.12.1.min.js]
  • /*! * imagesLoaded PACKAGED v4.1.1 * JavaScript is all like "You images are done yet or what?" * MIT License */[http://fb88nephew4.bravesites.com/javascripts/plugins/imagesloaded.min.js?1610396125]
  • /* * jPlayer Plugin for jQuery JavaScript Library * http://www.jplayer.org * * Copyright (c) 2009 - 2014 Happyworm Ltd * Licensed under the MIT license. * http://opensource.org/licenses/MIT * * Author: Mark J Panaghiston * Version: 2.9.2 * Date: 14th December 2014 */[https://cdnjs.cloudflare.com/ajax/libs/jplayer/2.9.2/jplayer/jquery.jplayer.js]
  • /* Support for Zepto 1.0 compiled with optional data module. * For AMD or NODE/CommonJS support, you will need to manually switch the related 2 lines in the code below. * Search terms: "jQuery Switch" and "Zepto Switch" */[https://cdnjs.cloudflare.com/ajax/libs/jplayer/2.9.2/jplayer/jquery.jplayer.js]
  • /* Fullscreen function naming influenced by W3C naming. * No support for: Mozilla Proposal: https://wiki.mozilla.org/Gecko:FullScreenAPI */[https://cdnjs.cloudflare.com/ajax/libs/jplayer/2.9.2/jplayer/jquery.jplayer.js]
  • /* Persistant status properties created dynamically at _init(): width height cssClass nativeVideoControls noFullWindow noVolume playbackRateEnabled // Warning - Technically, we can have both Flash and HTML, so this might not be correct if the Flash is active. That is a niche case.*/[https://cdnjs.cloudflare.com/ajax/libs/jplayer/2.9.2/jplayer/jquery.jplayer.js]
  • /* media[format] = String: URL of format. Must contain all of the supplied option's video or audio formats. * media.poster = String: Video poster URL. * media.track = Array: Of objects defining the track element: kind, src, srclang, label, def. * media.stream = Boolean: * NOT IMPLEMENTED * Designating actual media streams. ie., "false/undefined" for files. Plan to refresh the flash every so often. */[https://cdnjs.cloudflare.com/ajax/libs/jplayer/2.9.2/jplayer/jquery.jplayer.js]
  • /*! jPlayerPlaylist for jPlayer 2.9.2 ~ (c) 2009-2014 Happyworm Ltd ~ MIT License */[https://cdnjs.cloudflare.com/ajax/libs/jplayer/2.9.2/add-on/jplayer.playlist.min.js]
  • /** * This library contains some libraries which user user-interface related. */[http://fb88nephew4.bravesites.com/javascripts/plugins/jquery.asterion.utils.ui.js?1610396125]
  • /** * Performs <code>window.open</code> but which centers the window * * @param {String} url the URL to open in the new window * @param {String} title the identifying title/name of the window * @param {Number} width the width of the new window * @param {Number} height the height of the new window * @returns {Window} */[http://fb88nephew4.bravesites.com/javascripts/plugins/jquery.asterion.utils.ui.js?1610396125]
  • /** * Galleria v1.5.7 2017-05-10 * http://galleria.io * * Copyright (c) 2010 - 2016 worse is better UG * Licensed under the MIT license * https://raw.github.com/worseisbetter/galleria/master/LICENSE * */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /*global jQuery, navigator, Image, module, define */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** The main Galleria class @class @constructor @example var gallery = new Galleria(); @author http://wib.io @requires jQuery*/[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Use this function to initialize the gallery and start loading. Should only be called once per instance. @param {HTMLElement} target The target element @param {Object} options The gallery options @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Lazy-loads thumbnails. You can call this method to load lazy thumbnails at run time @param {Array|Number} index Index or array of indexes of thumbnails to be loaded @param {Function} complete Callback that is called when all lazy thumbnails have been loaded @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Lazy-loads thumbnails in chunks. This method automatcally chops up the loading process of many thumbnails into chunks @param {Number} size Size of each chunk to be loaded @param {Number} [delay] Delay between each loads @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Loads data into the gallery. You can call this method on an existing gallery to reload the gallery with new data. @param {Array|string} [source] Optional JSON array of data or selector of where to find data in the document. Defaults to the Galleria target or dataSource option. @param {string} [selector] Optional element selector of what elements to parse. Defaults to 'img'. @param {Function} [config] Optional function to modify the data extraction proceedure from the selector. See the dataConfig option for more information. @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Destroy the Galleria instance and recover the original content @example this.destroy(); @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Adds and/or removes images from the gallery Works just like Array.splice https://developer.mozilla.org/en/JavaScript/Reference/Global_Objects/Array/splice @example this.splice( 2, 4 ); // removes 4 images after the second image @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Append images to the gallery Works just like Array.push https://developer.mozilla.org/en/JavaScript/Reference/Global_Objects/Array/push @example this.push({ image: 'image1.jpg' }); // appends the image to the gallery @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Bind any event to Galleria @param {string} type The Event type to listen for @param {Function} fn The function to execute when the event is triggered @example this.bind( 'image', function() { Galleria.log('image shown') }); @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Unbind any event to Galleria @param {string} type The Event type to forget @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Manually trigger a Galleria event @param {string} type The Event to trigger @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Assign an "idle state" to any element. The idle state will be applied after a certain amount of idle time Useful to hide f.ex navigation when the gallery is inactive @param {HTMLElement|string} elem The Dom node or selector to apply the idle state to @param {Object} styles the CSS styles to apply when in idle mode @param {Object} [from] the CSS styles to apply when in normal @param {Boolean} [hide] set to true if you want to hide it first @example addIdleState( this.get('image-nav'), { opacity: 0 }); @example addIdleState( '.galleria-image-nav', { top: -200 }, true); @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Removes any idle state previously set using addIdleState() @param {HTMLElement|string} elem The Dom node or selector to remove the idle state from. @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Force Galleria to enter idle mode. @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Force Galleria to exit idle mode. @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Enter FullScreen mode @param {Function} callback the function to be executed when the fullscreen mode is fully applied. @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Exits FullScreen mode @param {Function} callback the function to be executed when the fullscreen mode is fully applied. @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Toggle FullScreen mode @param {Function} callback the function to be executed when the fullscreen mode is fully applied or removed. @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Adds a tooltip to any element. You can also call this method with an object as argument with elemID:value pairs to apply tooltips to (see examples) @param {HTMLElement} elem The DOM Node to attach the event to @param {string|Function} value The tooltip message. Can also be a function that returns a string. @example this.bindTooltip( this.get('thumbnails'), 'My thumbnails'); @example this.bindTooltip( this.get('thumbnails'), function() { return 'My thumbs' }); @example this.bindTooltip( { image_nav: 'Navigation' }); @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Note: this method is deprecated. Use refreshTooltip() instead. Redefine a tooltip. Use this if you want to re-apply a tooltip value to an already bound tooltip element. @param {HTMLElement} elem The DOM Node to attach the event to @param {string|Function} value The tooltip message. Can also be a function that returns a string. @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Refresh a tooltip value. Use this if you want to change the tooltip value at runtime, f.ex if you have a play/pause toggle. @param {HTMLElement} elem The DOM Node that has a tooltip that should be refreshed @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Open a pre-designed lightbox with the currently active image. You can control some visuals using gallery options. @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Close the lightbox. @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Check if a variation exists @returns {Boolean} If the variation has been applied */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Get the currently active image element. @returns {HTMLElement} The image element */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Get the currently active thumbnail element. @returns {HTMLElement} The thumbnail element */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Get the mouse position relative to the gallery container @param e The mouse event @examplevar gallery = this;$(document).mousemove(function(e) { console.log( gallery.getMousePosition(e).x );}); @returns {Object} Object with x & y of the relative mouse postion */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Adds a panning effect to the image @param [img] The optional image element. If not specified it takes the currently active image @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Brings the scope into any callback @param fn The callback to bring the scope into @param [scope] Optional scope to bring @example $('#fullscreen').click( this.proxy(function() { this.enterFullscreen(); }) ) @returns {Function} Return the callback with the gallery scope */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Tells you the theme name of the gallery @returns {String} theme name */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Removes the panning effect set by addPan() @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Adds an element to the Galleria DOM array. When you add an element here, you can access it using element ID in many API calls @param {string} id The element ID you wish to use. You can add many elements by adding more arguments. @example addElement('mybutton'); @example addElement('mybutton','mylink'); @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Attach keyboard events to Galleria @param {Object} map The map object of events. Possible keys are 'UP', 'DOWN', 'LEFT', 'RIGHT', 'RETURN', 'ESCAPE', 'BACKSPACE', and 'SPACE'. @examplethis.attachKeyboard({ right: this.next, left: this.prev, up: function() { console.log( 'up key pressed' ) }}); @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Detach all keyboard events to Galleria @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Fast helper for appending galleria elements that you added using addElement() @param {string} parentID The parent element ID where the element will be appended @param {string} childID the element ID that should be appended @example this.addElement('myElement'); this.appendChild( 'info', 'myElement' ); @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Fast helper for prepending galleria elements that you added using addElement() @param {string} parentID The parent element ID where the element will be prepended @param {string} childID the element ID that should be prepended @examplethis.addElement('myElement');this.prependChild( 'info', 'myElement' ); @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Remove an element by blueprint @param {string} elemID The element to be removed. You can remove multiple elements by adding arguments. @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Updates the carousel, useful if you resize the gallery and want to re-check if the carousel nav is needed. @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Resize the entire gallery container @param {Object} [measures] Optional object with width/height specified @param {Function} [complete] The callback to be called when the scaling is complete @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Rescales the gallery @param {number} width The target width @param {number} height The target height @param {Function} complete The callback to be called when the scaling is complete @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Refreshes the gallery. Useful if you change image options at runtime and want to apply the changes to the active image. @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Shows an image by index @param {number|boolean} index The index to show @param {Boolean} rewind A boolean that should be true if you want the transition to go back @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Gets the next index @param {number} [base] Optional starting point @returns {number} the next index, or the first if you are at the first (looping) */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Gets the previous index @param {number} [base] Optional starting point @returns {number} the previous index, or the last if you are at the first (looping) */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Shows the next image in line @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Shows the previous image in line @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Retrieve a DOM element by element ID @param {string} elemId The delement ID to fetch @returns {HTMLElement} The elements DOM node or null if not found. */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Retrieve a data object @param {number} index The data index to retrieve. If no index specified it will take the currently active image @returns {Object} The data object */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Retrieve the number of data items @returns {number} The data length */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Retrieve the currently active index @returns {number|boolean} The active index or false if none found */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Retrieve the stage height @returns {number} The stage height */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Retrieve the stage width @returns {number} The stage width */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Retrieve the option @param {string} key The option key to retrieve. If no key specified it will return all options in an object. @returns option or options */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Set options to the instance. You can set options using a key & value argument or a single object argument (see examples) @param {string} key The option key @param {string} value the the options value @example setOptions( 'autoplay', true ) @example setOptions({ autoplay: true }); @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Starts playing the slideshow @param {number} delay Sets the slideshow interval in milliseconds. If you set it once, you can just call play() and get the same interval the next time. @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Stops the slideshow if currently playing @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Toggle between play and pause events. @param {number} delay Sets the slideshow interval in milliseconds. @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Checks if the gallery is currently playing @returns {Boolean} */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Checks if the gallery is currently in fullscreen mode @returns {Boolean} */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Modify the slideshow delay @param {number} delay the number of milliseconds between slides, @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Manually modify the counter @param {number} [index] Optional data index to fectch, if no index found it assumes the currently active index @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Manually set captions @param {number} [index] Optional data index to fectch and apply as caption, if no index found it assumes the currently active index @returns Instance */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Checks if the data contains any captions @param {number} [index] Optional data index to fectch, if no index found it assumes the currently active index. @returns {boolean} */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Converts element IDs into a jQuery collection You can call for multiple IDs separated with commas. @param {string} str One or more element IDs (comma-separated) @returns jQuery @example this.$('info,container').hide(); */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Adds a theme that you can use for your Gallery @param {Object} theme Object that should contain all your theme settings. <ul> <li>name - name of the theme</li> <li>author - name of the author</li> <li>css - css file name (not path)</li> <li>defaults - default options to apply, including theme-specific options</li> <li>init - the init function</li> </ul> @returns {Object} theme*/[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** loadTheme loads a theme js file and attaches a load event to Galleria @param {string} src The relative path to the theme source file @param {Object} [options] Optional options you want to apply @returns Galleria*/[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Retrieves a Galleria instance. @param {number} [index] Optional index to retrieve. If no index is supplied, the method will return all instances in an array. @returns Instance or Array of instances*/[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Configure Galleria options via a static function. The options will be applied to all instances @param {string|object} key The options to apply or a key @param [value] If key is a string, this is the value @returns Galleria*/[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Bind a Galleria event to the gallery @param {string} type A string representing the galleria event @param {function} callback The function that should run when the event is triggered @returns Galleria*/[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Run Galleria Alias for $(selector).galleria(options) @param {string} selector A selector of element(s) to intialize galleria to @param {object} options The options to apply @returns Galleria*/[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Creates a transition to be used in your gallery @param {string} name The name of the transition that you will use as an option @param {Function} fn The function to be executed in the transition. The function contains two arguments, params and complete. Use the params Object to integrate the transition, and then call complete when you are done. @returns Galleria*/[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** The Galleria utilites*/[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** A helper metod for cross-browser logging. It uses the console log if available otherwise it falls back to alert @example Galleria.log("hello", document.body, [1,2,3]);*/[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** A ready method for adding callbacks when a gallery is ready Each method is call before the extend option for every instance @param {function} callback The function to call @returns Galleria*/[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Method for raising errors @param {string} msg The message to throw @param {boolean} [fatal] Set this to true to override debug settings and display a fatal error*/[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** A method for checking what version of Galleria the user has installed and throws a readable error if the user needs to upgrade. Useful when building plugins that requires a certain version to function. @param {number} version The minimum version required @param {string} [msg] Optional message to display. If not specified, Galleria will throw a generic error. @returns Galleria*/[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Adds preload, cache, scale and crop functionality @constructor @requires jQuery @param {number} [id] Optional id to keep track of instances*/[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Checks if an image is in cache @param {string} src The image source path, ex '/path/to/img.jpg' @returns {boolean} */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Preloads an image into the cache @param {string} src The image source path, ex '/path/to/img.jpg' @returns Galleria.Picture */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Loads an image and call the callback when ready. Will also add the image to cache. @param {string} src The image source path, ex '/path/to/img.jpg' @param {Object} [size] The forced size of the image, defined as an object { width: xx, height:xx } @param {Function} callback The function to be executed when the image is loaded & scaled @returns The image container (jQuery object) */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /** Scales and crops the image @param {Object} options The method takes an object with a number of options: <ul> <li>width - width of the container</li> <li>height - height of the container</li> <li>min - minimum scale ratio</li> <li>max - maximum scale ratio</li> <li>margin - distance in pixels from the image border to the container</li> <li>complete - a callback that fires when scaling is complete</li> <li>position - positions the image, works like the css background-image property.</li> <li>crop - defines how to crop. Can be true, false, 'width' or 'height'</li> <li>canvas - set to true to try a canvas-based rescale</li> </ul> @returns The image container object (jQuery) */[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • /*@cc_on q=true;@if(@_win32)z=true;@elif(@_mac)w=true;@end@*/[http://fb88nephew4.bravesites.com/javascripts/asterion.js?1610396125]
Enabled Debugging
The JavaScript debugging functions should always removed after development stage, because they could expose informations on the inner workings of the code. In production, it is a loophole and could show a possible attacker where to find possibly exploitable vulnerabilities or interesting variables.
  • console.log(msg);[https://cdnjs.cloudflare.com/ajax/libs/jplayer/2.9.2/jplayer/jquery.jplayer.js]
  • console.log(this);[https://cdnjs.cloudflare.com/ajax/libs/galleria/1.5.7/galleria.js]
  • console.log("jQuery RSS: url doesn't link to RSS-Feed")},onData:function(){},success:function(){}},options||{});[http://fb88nephew4.bravesites.com/javascripts/asterion.js?1610396125]
Unsafe Functions
eval() is eval! This functions and similar ones (document.write(), document.writeln(), element.innerHTML, element.outerHTML, element.insertAdjacentHTML()) should never be used in production stage of a website, because the parsing of the executable string is often not secure and result therefore often in a cross-site scripting vulnerability. Instead of these functions create html elements by script and add it to the DOM object.
  • eval(data.styles),center:latlng,mapTypeControl:true,mapTypeControlOptions:{style:google.maps.MapTypeControlStyle.DROPDOWN_MENU},mapTypeId:google.maps.MapTypeId.ROADMAP,navigationControl:true,navigationControlOptions:{style:google.maps.NavigationControlStyle.DEFAULT}};var map=new google.maps.Map(document.getElementById(map_element),options);[http://fb88nephew4.bravesites.com/javascripts/asterion.js?1610396125]
  • eval(data.styles),center:admin_latlng,mapTypeControl:true,mapTypeControlOptions:{style:google.maps.MapTypeControlStyle.DROPDOWN_MENU},mapTypeId:google.maps.MapTypeId.ROADMAP,navigationControl:true,navigationControlOptions:{style:google.maps.NavigationControlStyle.DEFAULT}};var admin_map=new google.maps.Map(document.getElementById(map),admin_options);[http://fb88nephew4.bravesites.com/javascripts/asterion.js?1610396125]
  • eval(e.message);[http://fb88nephew4.bravesites.com/javascripts/asterion.js?1610396125]
  • eval("("+a+")"),"function"===typeof c?d({"":e},""):e;throw new SyntaxError("JSON.parse(): invalid or malformed JSON data")}}t.yc=function(){var a,c,d,e;a=document.getElementsByTagName("video");[http://fb88nephew4.bravesites.com/javascripts/asterion.js?1610396125]
  • document.write('<div id="bnidx16" style="width: 728px; max-width: 100%; margin: auto;"><a href="//asset.bnidx.com/go/16"><img src="//asset.bnidx.com/storage/assets/passwordprotect.png" title="Free Password Protect - Sign Up Today!" style="max-width:100%;"></a></div>');[https://assets.bnidx.com/bravesites/js/loader.js]
  • document.write('<script type="text/javascript"> window.top.infolinks_pid = 3235947; var _icesc = top.document.createElement(\'script\');[https://assets.bnidx.com/bravesites/js/loader.js]
Additional Information
Link Opener
The window.open("https://example.com/", "_blanc", "noopener"); attribute should always be added to the window.open() function, which open a site in a new tab, to reduce the risk of reverse tabnabbing. Otherwise javascript on the new page has full control over the previous visited page, including permission to change the DOM object and possibly steal session cookies.
Link Referrer
The window.open("https://example.com/", "_blanc", "referrer"); attribute should always be added to the window.open() function to prevent reverse tabnabbing for older browser, which do not support the noopener attribute and to prevent phishing attacks.
Comments
Comments should be removed from the public code of a web application, since it can give an aggressor critical insights into the inner structure of the program. By using this information, the attacker could easier understand how the user session is handled by javascript or figure out the pathway data is sent to the server.
Enabled Debugging
The JavaScript debugging functions should always removed after development stage, because they could expose informations on the inner workings of the code. In production, it is a loophole and could show a possible attacker where to find possibly exploitable vulnerabilities or interesting variables.
Unsafe Functions
eval() is eval! This functions and similar ones (document.write(), document.writeln(), element.innerHTML, element.outerHTML, element.insertAdjacentHTML()) should never be used in production stage of a website, because the parsing of the executable string is often not secure and result therefore often in a cross-site scripting vulnerability. Instead of these functions create html elements by script and add it to the DOM object.