Scan your site now

Security Report Summary
D
Site:
Scanned Site(s):
1
IP Address:
185.246.46.123
Report Time:
22 Jan 2021 16:59:58 UTC
Checks:
Window Referrer
Window Opener
Comments
Enabled Debugging
Unsafe Functions
Warning:
Please have a look at the security issues / warnings in the report.
Security Issues
Window Referrer
  • window.open(old_href, old_target);[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • window.open(link,target);[http://www.mostawrd.com/wp-content/plugins/ap-mega-menu/js/frontend.js?ver=ap-mega-menu]
  • window.open(link,target);[http://www.mostawrd.com/wp-content/plugins/ap-mega-menu/js/frontend.js?ver=ap-mega-menu]
Warnings
Comments
Comments should be removed from the public code of a web application, since it can give an aggressor critical insights into the inner structure of the program. By using this information, the attacker could easier understand how the user session is handled by javascript or figure out the pathway data is sent to the server.
  • /*! * jQuery JavaScript Library v1.11.1 * http://jquery.com/ * * Includes Sizzle.js * http://sizzlejs.com/ * * Copyright 2005, 2014 jQuery Foundation, Inc. and other contributors * Released under the MIT license * http://jquery.org/license * * Date: 2014-05-01T17:42Z */[https://code.jquery.com/jquery-1.11.1.js]
  • /* jshint eqeqeq: false */[https://code.jquery.com/jquery-1.11.1.js]
  • /*! * Sizzle CSS Selector Engine v1.10.19 * http://sizzlejs.com/ * * Copyright 2013 jQuery Foundation, Inc. and other contributors * Released under the MIT license * http://jquery.org/license * * Date: 2014-04-18 */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Create key-value caches of limited size * @returns {Function(string, Object)} Returns the Object data after storing it on itself with * property name the (space-suffixed) string and (if the cache is larger than Expr.cacheLength) * deleting the oldest entry */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Mark a function for special use by Sizzle * @param {Function} fn The function to mark */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Support testing using an element * @param {Function} fn Passed the created div and expects a boolean result */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Adds the same handler for all of the specified attrs * @param {String} attrs Pipe-separated list of attributes * @param {Function} handler The method that will be applied */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Checks document order of two siblings * @param {Element} a * @param {Element} b * @returns {Number} Returns less than 0 if a precedes b, greater than 0 if a follows b */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Returns a function to use in pseudos for input types * @param {String} type */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Returns a function to use in pseudos for buttons * @param {String} type */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Returns a function to use in pseudos for positionals * @param {Function} fn */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Checks a node for validity as a Sizzle context * @param {Element|Object=} context * @returns {Element|Object|Boolean} The input node if acceptable, otherwise a falsy value */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Detects XML nodes * @param {Element|Object} elem An element or a document * @returns {Boolean} True iff elem is a non-HTML XML node */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Sets document-related variables once based on the current document * @param {Element|Object} [doc] An element or document object to use to set the document * @returns {Object} Returns the current document */[https://code.jquery.com/jquery-1.11.1.js]
  • /* Attributes ---------------------------------------------------------------------- */[https://code.jquery.com/jquery-1.11.1.js]
  • /* getElement(s)By* ---------------------------------------------------------------------- */[https://code.jquery.com/jquery-1.11.1.js]
  • /* QSA/matchesSelector ---------------------------------------------------------------------- */[https://code.jquery.com/jquery-1.11.1.js]
  • /* Contains ---------------------------------------------------------------------- */[https://code.jquery.com/jquery-1.11.1.js]
  • /* Sorting ---------------------------------------------------------------------- */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Document sorting and removing duplicates * @param {ArrayLike} results */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Utility function for retrieving the text value of an array of DOM nodes * @param {Array|Element} elem */[https://code.jquery.com/jquery-1.11.1.js]
  • /* matches from matchExpr["CHILD"] 1 type (only|nth|...) 2 what (child|of-type) 3 argument (even|odd|\d*|\d*n([+-]\d+)?|...) 4 xn-component of xn+y argument ([+-]?\d*n|) 5 sign of xn-component 6 x of xn-component 7 sign of y-component 8 y of y-component */[https://code.jquery.com/jquery-1.11.1.js]
  • /* Internal Use Only */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * A low-level selection function that works with Sizzle's compiled * selector functions * @param {String|Function} selector A selector or a pre-compiled * selector function built with Sizzle.compile * @param {Element} context * @param {Array} [results] * @param {Array} [seed] A set of elements to match against */[https://code.jquery.com/jquery-1.11.1.js]
  • /* jshint -W018 */[https://code.jquery.com/jquery-1.11.1.js]
  • /* * Create a callback list using the following parameters: * * options: an optional list of space-separated options that will change how * the callback list behaves or a more traditional option object * * By default a callback list will act like an event callback list and can be * "fired" multiple times. * * Possible options: * * once: will ensure the callback list can only be fired once (like a Deferred) * * memory: will keep track of previous values and will call any callback added * after the list has been fired right away with the latest "memorized" * values (like a Deferred) * * unique: will ensure a callback can only be added once (no duplicate in the list) * * stopOnFalse: interrupt callings when a callback returns false * */[https://code.jquery.com/jquery-1.11.1.js]
  • /* fnDone, fnFail, fnProgress */[https://code.jquery.com/jquery-1.11.1.js]
  • /* , ..., subordinateN */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Clean-up method for dom ready events */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * The ready event handler and self cleanup method */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Determines whether an object can have data */[https://code.jquery.com/jquery-1.11.1.js]
  • /* Internal Use Only */[https://code.jquery.com/jquery-1.11.1.js]
  • /* jshint eqeqeq: false */[https://code.jquery.com/jquery-1.11.1.js]
  • /* jshint eqeqeq: true */[https://code.jquery.com/jquery-1.11.1.js]
  • /* * Helper functions for managing events -- not part of the public interface. * Props to Dean Edwards' addEvent library for many of the ideas. */[https://code.jquery.com/jquery-1.11.1.js]
  • /* jshint eqeqeq: false */[https://code.jquery.com/jquery-1.11.1.js]
  • /* jshint eqeqeq: true */[https://code.jquery.com/jquery-1.11.1.js]
  • /*INTERNAL*/[https://code.jquery.com/jquery-1.11.1.js]
  • /* internal */[https://code.jquery.com/jquery-1.11.1.js]
  • /* Internal Use Only */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Retrieve the actual display of a element * @param {String} name nodeName of the element * @param {Object} doc Document object */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Try to determine the default display value of an element * @param {String} nodeName */[https://code.jquery.com/jquery-1.11.1.js]
  • /* jshint validthis: true */[https://code.jquery.com/jquery-1.11.1.js]
  • /* Prefilters * 1) They are useful to introduce custom dataTypes (see ajax/jsonp.js for an example) * 2) These are called: * - BEFORE asking for a transport * - AFTER param serialization (s.data is a string if s.processData is true) * 3) key is the dataType * 4) the catchall symbol "*" can be used * 5) execution will start with transport dataType and THEN continue down to "*" if needed */[https://code.jquery.com/jquery-1.11.1.js]
  • /* Transports bindings * 1) key is the dataType * 2) the catchall symbol "*" can be used * 3) selection will start with transport dataType and THEN go to "*" if needed */[https://code.jquery.com/jquery-1.11.1.js]
  • /* Handles responses to an ajax request: * - finds the right dataType (mediates between content-type and expected dataType) * - returns the corresponding response */[https://code.jquery.com/jquery-1.11.1.js]
  • /* Chain conversions given the request and the original response * Also sets the responseXXX fields on the jqXHR instance */[https://code.jquery.com/jquery-1.11.1.js]
  • /* timeout: 0, data: null, dataType: null, username: null, password: null, cache: null, throws: false, traditional: false, headers: {}, */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Load a url into a page */[https://code.jquery.com/jquery-1.11.1.js]
  • /** * Gets a window from an element */[https://code.jquery.com/jquery-1.11.1.js]
  • /*! * Bootstrap v3.3.7 (http://getbootstrap.com) * Copyright 2011-2016 Twitter, Inc. * Licensed under the MIT license */[http://www.mostawrd.com/wp-content/themes/buy2alibaba/js/bootstrap.min.js]
  • /**********************************************************/[http://www.mostawrd.com/wp-content/themes/buy2alibaba/popup/popup.js]
  • /* <![CDATA[ */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* ]]> */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* <![CDATA[ */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* ]]> */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* <![CDATA[ */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* ]]> */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* Get Top Most Parent and the siblings */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* Close up just the top level parents to key the rest as it was */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* Set each parent arrow to inactive */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* Now Repeat for the current item siblings */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* Fix for when close menu on parent clicks is on */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /*lets remove pagination from woof_current_page_link*/[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /*!!important*/[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /*var woof_submit_link = "";*/[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /*toggles*/[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /*for extensions*/[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* <![CDATA[ */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* ]]> */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* <![CDATA[ */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* ]]> */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* <![CDATA[ */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* ]]> */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* <![CDATA[ */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* ]]> */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* <![CDATA[ */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* ]]> */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* <![CDATA[ */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* ]]> */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* <![CDATA[ */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /* ]]> */[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • /*! jQuery v1.12.4 | (c) jQuery Foundation | jquery.org/license | WordPress 2019-05-16 */[http://www.mostawrd.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp]
  • /*! jQuery Migrate v1.4.1 | (c) jQuery Foundation and other contributors | jquery.org/license */[http://www.mostawrd.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1]
  • /** * AP Mega Menu jQuery Plugin*/[http://www.mostawrd.com/wp-content/plugins/ap-mega-menu/js/frontend.js?ver=ap-mega-menu]
  • /* searchtype onclick function */[http://www.mostawrd.com/wp-content/plugins/ap-mega-menu/js/frontend.js?ver=ap-mega-menu]
  • /*! * JavaScript Cookie v2.1.4 * https://github.com/js-cookie/js-cookie * * Copyright 2006, 2015 Klaus Hartl & Fagner Brack * Released under the MIT license */[http://www.mostawrd.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4]
  • /** * jQuery SelectBox * * v1.2.0 * github.com/marcj/jquery-selectBox */[http://www.mostawrd.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0]
  • /* * Polyfill for Internet Explorer * See https://developer.mozilla.org/en-US/docs/Web/API/CustomEvent/CustomEvent */[http://www.mostawrd.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2.2]
  • /*-------------------------------------------------------------------------------* * Script for onClick trigger functionality used by flag images * Script modified from original GTranslate plugin created by Edvard Ananyan at http://edo.webmaster.am * GTranslate Free Version is licensed under GNU/GPL license *-------------------------------------------------------------------------------*/[http://www.mostawrd.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.8]
  • /** * Toolbar.js * * @fileoverview jQuery plugin that creates tooltip style toolbars. * @link http://paulkinzett.github.com/toolbar/ * @author Paul Kinzett (http://kinzett.co.nz/) * @version 1.1.0 * @requires jQuery 1.7+ * * @license jQuery Toolbar Plugin v1.1.0 * http://paulkinzett.github.com/toolbar/ * Copyright 2013 - 2015 Paul Kinzett (http://kinzett.co.nz/) * Released under the MIT license. * <https://raw.github.com/paulkinzett/toolbar/master/LICENSE.txt> */[http://www.mostawrd.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.8]
  • /* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0*/[http://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit]
  • /*! * jQuery blockUI plugin * Version 2.70.0-2014.11.23 * Requires jQuery v1.7 or later * * Examples at: http://malsup.com/jquery/block/ * Copyright (c) 2007-2013 M. Alsup * Dual licensed under the MIT and GPL licenses: * http://www.opensource.org/licenses/mit-license.php * http://www.gnu.org/licenses/gpl.html * * Thanks to Amir-Hossein Sobhi for some excellent contributions! */[http://www.mostawrd.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70]
  • /* * VenoBox - jQuery Plugin * version: 1.8.4 * @requires jQuery >= 1.7.0 * * Examples at http://veno.es/venobox/ * License: MIT License * License URI: https://github.com/nicolafranchini/VenoBox/blob/master/LICENSE * Copyright 2013-2017 Nicola Franchini - @nicolafranchini * */[http://www.mostawrd.com/wp-content/plugins/woo-product-gallery-slider/assets/public/js/venobox.min.js?ver=2.0]
  • /** MultiSlider | MIT License** Copyright (c) 2017 Trevor Blackman* http://www.multislider.info** Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.*/[http://www.mostawrd.com/wp-content/themes/buy2alibaba/featured-carousel/multislider.js?ver=5.3.6]
  • /* * Script for placeholder in search box * Removes the default text onclick */[http://www.mostawrd.com/wp-content/themes/buy2alibaba/js/migrateshop_search.js?ver=1.0]
  • /*! * jQuery UI Core 1.11.4 * http://jqueryui.com * * Copyright jQuery Foundation and other contributors * Released under the MIT license. * http://jquery.org/license * * http://api.jqueryui.com/category/ui-core/ */[http://www.mostawrd.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4]
  • /*! * jQuery UI Datepicker 1.11.4 * http://jqueryui.com * * Copyright jQuery Foundation and other contributors * Released under the MIT license. * http://jquery.org/license * * http://api.jqueryui.com/datepicker/ */[http://www.mostawrd.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4]
  • /*! * jQuery UI Widget 1.11.4 * http://jqueryui.com * * Copyright jQuery Foundation and other contributors * Released under the MIT license. * http://jquery.org/license * * http://api.jqueryui.com/jQuery.widget/ */[http://www.mostawrd.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4]
  • /*! * jQuery UI Button 1.11.4 * http://jqueryui.com * * Copyright jQuery Foundation and other contributors * Released under the MIT license. * http://jquery.org/license * * http://api.jqueryui.com/button/ */[http://www.mostawrd.com/wp-includes/js/jquery/ui/button.min.js?ver=1.11.4]
  • /*! * jQuery UI Spinner 1.11.4 * http://jqueryui.com * * Copyright jQuery Foundation and other contributors * Released under the MIT license. * http://jquery.org/license * * http://api.jqueryui.com/spinner/ */[http://www.mostawrd.com/wp-includes/js/jquery/ui/spinner.min.js?ver=1.11.4]
  • /*! tooltipster v4.2.7 */[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/js/tooltipster.bundle.min.js?ver=1.2.4.2]
  • /***jQuery(function ($) { jQuery('body').append('<div id="woof_html_buffer" class="woof_info_popup" style="display: none;"></div>');//http://stackoverflow.com/questions/2389540/jquery-hasparent jQuery.extend(jQuery.fn, { within: function (pSelector) { // Returns a subset of items using jQuery.filter return this.filter(function () { // Return truthy/falsey based on presence in parent return jQuery(this).closest(pSelector).length; }); } }); //+++ if (jQuery('#woof_results_by_ajax').length > 0) { woof_is_ajax = 1; } //listening attributes in shortcode [woof] woof_autosubmit = parseInt(jQuery('.woof').eq(0).data('autosubmit'), 10); woof_ajax_redraw = parseInt(jQuery('.woof').eq(0).data('ajax-redraw'), 10); //+++ woof_ext_init_functions = jQuery.parseJSON(woof_ext_init_functions); //fix for native woo price range woof_init_native_woo_price_filter(); jQuery('body').bind('price_slider_change', function (event, min, max) { if (woof_autosubmit && !woof_show_price_search_button && jQuery('.price_slider_wrapper').length < 3) { jQuery('.woof .widget_price_filter form').trigger('submit'); } else { var min_price = jQuery(this).find('.price_slider_amount #min_price').val(); var max_price = jQuery(this).find('.price_slider_amount #max_price').val(); woof_current_values.min_price = min_price; woof_current_values.max_price = max_price; } }); jQuery('body').on('change','.woof_price_filter_dropdown', function () { var val = jQuery(this).val(); if (parseInt(val, 10) == -1) { delete woof_current_values.min_price; delete woof_current_values.max_price; } else { var val = val.split("-"); woof_current_values.min_price = val[0]; woof_current_values.max_price = val[1]; } if (woof_autosubmit || jQuery(this).within('.woof').length == 0) { woof_submit_link(woof_get_submit_link()); } }); //change value in textinput price filter if WOOCS is installed woof_recount_text_price_filter(); //+++ jQuery('body').on('change','.woof_price_filter_txt', function () { var from = parseInt(jQuery(this).parent().find('.woof_price_filter_txt_from').val(), 10); var to = parseInt(jQuery(this).parent().find('.woof_price_filter_txt_to').val(), 10); if (to < from || from < 0) { delete woof_current_values.min_price; delete woof_current_values.max_price; } else { if (typeof woocs_current_currency !== 'undefined') { from = Math.ceil(from / parseFloat(woocs_current_currency.rate)); to = Math.ceil(to / parseFloat(woocs_current_currency.rate)); } woof_current_values.min_price = from; woof_current_values.max_price = to; } if (woof_autosubmit || jQuery(this).within('.woof').length == 0) { woof_submit_link(woof_get_submit_link()); } }); //*** jQuery('body').on('click','.woof_open_hidden_li_btn', function () { var state = jQuery(this).data('state'); var type = jQuery(this).data('type'); if (state == 'closed') { jQuery(this).parents('.woof_list').find('.woof_hidden_term').addClass('woof_hidden_term2'); jQuery(this).parents('.woof_list').find('.woof_hidden_term').removeClass('woof_hidden_term'); if (type == 'image') { jQuery(this).find('img').attr('src', jQuery(this).data('opened')); } else { jQuery(this).html(jQuery(this).data('opened')); } jQuery(this).data('state', 'opened'); } else { jQuery(this).parents('.woof_list').find('.woof_hidden_term2').addClass('woof_hidden_term'); jQuery(this).parents('.woof_list').find('.woof_hidden_term2').removeClass('woof_hidden_term2'); if (type == 'image') { jQuery(this).find('img').attr('src', jQuery(this).data('closed')); } else { jQuery(this).text(jQuery(this).data('closed')); } jQuery(this).data('state', 'closed'); } return false; }); //open hidden block woof_open_hidden_li(); //*** woocommerce native "AVERAGE RATING" widget synchronizing jQuery('.widget_rating_filter li.wc-layered-nav-rating a').click(function () { var is_chosen = jQuery(this).parent().hasClass('chosen'); var parsed_url = woof_parse_url(jQuery(this).attr('href')); var rate = 0; if (parsed_url.query !== undefined) { if (parsed_url.query.indexOf('min_rating') !== -1) { var arrayOfStrings = parsed_url.query.split('min_rating='); rate = parseInt(arrayOfStrings[1], 10); } } jQuery(this).parents('ul').find('li').removeClass('chosen'); if (is_chosen) { delete woof_current_values.min_rating; } else { woof_current_values.min_rating = rate; jQuery(this).parent().addClass('chosen'); } woof_submit_link(woof_get_submit_link()); return false; }); //WOOF start filtering button action jQuery('body').on('click','.woof_start_filtering_btn', function () { var shortcode = jQuery(this).parents('.woof').data('shortcode'); jQuery(this).html(woof_lang_loading); jQuery(this).addClass('woof_start_filtering_btn2'); jQuery(this).removeClass('woof_start_filtering_btn'); //redrawing [woof ajax_redraw=1] only var data = { action: "woof_draw_products", page: 1, shortcode: 'woof_nothing', //we do not need get any products, seacrh form data only woof_shortcode: shortcode }; jQuery.post(woof_ajaxurl, data, function (content) { content = jQuery.parseJSON(content); jQuery('div.woof_redraw_zone').replaceWith(jQuery(content.form).find('.woof_redraw_zone')); woof_mass_reinit(); }); return false; }); //*** var str = window.location.href; window.onpopstate = function (event) { try { console.log(woof_current_values) if (Object.keys(woof_current_values).length) { var temp = str.split('?'); var get1=""; if(temp[1]!=undefined){ get1 = temp[1].split('#'); } var str2 = window.location.href; var temp2 = str2.split('?'); if(temp2[1]==undefined){ //return false; var get2={0:"",1:""}; }else{ var get2 = temp2[1].split('#'); } if (get2[0] != get1[0]) { woof_show_info_popup(woof_lang_loading); window.location.reload(); } return false; } } catch (e) { console.log(e); } }; //*** //ion-slider price range slider woof_init_ion_sliders(); //*** woof_init_show_auto_form(); woof_init_hide_auto_form(); //*** woof_remove_empty_elements(); woof_init_search_form(); woof_init_pagination(); woof_init_orderby(); woof_init_reset_button(); woof_init_beauty_scroll(); //+++ woof_draw_products_top_panel(); woof_shortcode_observer(); //tooltip woof_init_tooltip(); //+++ //if we use redirect attribute in shortcode [woof is_ajax=0] //not for ajax, for redirect mode only if (!woof_is_ajax) { woof_redirect_init(); } woof_init_toggles();});//if we use redirect attribute in shortcode [woof is_ajax=0]//not for ajax, for redirect mode onlyfunction woof_redirect_init() { try { if (jQuery('.woof').length ) { //https://wordpress.org/support/topic/javascript-error-in-frontjs?replies=1 if (undefined !== jQuery('.woof').val()) { woof_redirect = jQuery('.woof').eq(0).data('redirect');//default value if (woof_redirect.length > 0) { woof_shop_page = woof_current_page_link = woof_redirect; } //*** /* var events = ['click', 'change', 'ifChecked', 'ifUnchecked']; for (var i = 0; i < events.length; i++) { jQuery('div.woof input, div.woof option, div.woof div, div.woof label').live(events[i], function (e) { try { if (jQuery(this).parents('.woof').data('redirect').length > 0) { woof_redirect = jQuery(this).parents('.woof').data('redirect'); } } catch (e) { console.log('Error: attribute redirection doesn works!'); } e.stopPropagation(); }); } */[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/front.js?ver=1.2.4.2]
  • /*** return woof_redirect; } } } catch (e) { console.log(e); }}function woof_init_orderby() { jQuery('body').on('submit','form.woocommerce-ordering', function () { /* woo3.3 */[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/front.js?ver=1.2.4.2]
  • /* +++ */[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/front.js?ver=1.2.4.2]
  • /* woo3.3 */[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/front.js?ver=1.2.4.2]
  • /* +++ */[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/front.js?ver=1.2.4.2]
  • /*** woof_submit_link(link); if (woof_is_ajax) { history.pushState({}, "", link); if (woof_current_values.hasOwnProperty('page_id')) { woof_current_values = {'page_id': woof_current_values.page_id}; } else { woof_current_values = {}; } } } return false; });}function woof_init_pagination() { if (woof_is_ajax === 1) { //jQuery('body').on('click','.woocommerce-pagination ul.page-numbers a.page-numbers', function () { jQuery('body').on('click','a.page-numbers', function () { var l = jQuery(this).attr('href'); if (woof_ajax_first_done) { //wp-admin/admin-ajax.php?paged=2 var res = l.split("paged="); if (typeof res[1] !== 'undefined') { woof_ajax_page_num = parseInt(res[1]); } else { woof_ajax_page_num = 1; } var res2 = l.split("product-page="); if (typeof res2[1] !== 'undefined') { woof_ajax_page_num = parseInt(res2[1]); } } else { var res = l.split("page/"); if (typeof res[1] !== 'undefined') { woof_ajax_page_num = parseInt(res[1]); } else { woof_ajax_page_num = 1; } var res2 = l.split("product-page="); if (typeof res2[1] !== 'undefined') { woof_ajax_page_num = parseInt(res2[1]); } } //+++ //if (woof_autosubmit) - pagination doesn need pressing any submit button!! { woof_submit_link(woof_get_submit_link(),0); } return false; }); }}function woof_init_search_form() { woof_init_checkboxes(); woof_init_mselects(); woof_init_radios(); woof_price_filter_radio_init(); woof_init_selects(); //for extensions if (woof_ext_init_functions !== null) { jQuery.each(woof_ext_init_functions, function (type, func) { eval(func + '()'); }); } //+++ //var containers = jQuery('.woof_container'); //+++ jQuery('.woof_submit_search_form').click(function () { if (woof_ajax_redraw) { //[woof redirect="http://test-all/" autosubmit=1 ajax_redraw=1 is_ajax=1 tax_only="locations" by_only="none"] woof_ajax_redraw = 0; woof_is_ajax = 0; } //*** woof_submit_link(woof_get_submit_link()); return false; }); //*** jQuery('ul.woof_childs_list').parent('li').addClass('woof_childs_list_li'); //*** woof_remove_class_widget(); woof_checkboxes_slide();}var woof_submit_link_locked = false;function woof_submit_link(link,ajax_redraw) { if (woof_submit_link_locked) { return; } if(typeof WoofTurboMode!='undefined'){ WoofTurboMode.woof_submit_link(link); return; } if(typeof ajax_redraw == 'undefined' ){ ajax_redraw=woof_ajax_redraw; } woof_submit_link_locked = true; woof_show_info_popup(woof_lang_loading); if (woof_is_ajax === 1 && !ajax_redraw) { woof_ajax_first_done = true; var data = { action: "woof_draw_products", link: link, page: woof_ajax_page_num, shortcode: jQuery('#woof_results_by_ajax').data('shortcode'), woof_shortcode: jQuery('div.woof').data('shortcode') }; jQuery.post(woof_ajaxurl, data, function (content) { content = jQuery.parseJSON(content); if (jQuery('.woof_results_by_ajax_shortcode').length) { if(typeof content.products!="undefined"){ jQuery('#woof_results_by_ajax').replaceWith(content.products); } } else { if(typeof content.products!="undefined"){ jQuery('.woof_shortcode_output').replaceWith(content.products); } } if(typeof content.additional_fields != "undefined"){ jQuery.each(content.additional_fields,function(selector,html_data){ jQuery(selector).replaceWith(html_data); }); } jQuery('div.woof_redraw_zone').replaceWith(jQuery(content.form).find('.woof_redraw_zone')); woof_draw_products_top_panel(); woof_mass_reinit(); woof_submit_link_locked = false; //removing id woof_results_by_ajax - multi in ajax mode sometimes //when uses shorcode woof_products in ajax and in settings try ajaxify shop is Yes jQuery.each(jQuery('#woof_results_by_ajax'), function (index, item) { if (index == 0) { return; } jQuery(item).removeAttr('id'); }); //infinite scroll woof_infinite(); //*** script after ajax loading here woof_js_after_ajax_done(); //*** change link in button "add to cart" woof_change_link_addtocart(); /*tooltip*/[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/front.js?ver=1.2.4.2]
  • /*tooltip*/[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/front.js?ver=1.2.4.2]
  • /*** if (Object.keys(woof_current_values).length === 2) { if (('min_price' in woof_current_values) && ('max_price' in woof_current_values)) { woof_current_page_link = woof_current_page_link.replace(new RegExp(/page\/(\d+)\//), ""); var l = woof_current_page_link + '?min_price=' + woof_current_values.min_price + '&max_price=' + woof_current_values.max_price; if (woof_is_ajax) { history.pushState({}, "", l); } return l; } } //*** if (Object.keys(woof_current_values).length === 0) { if (woof_is_ajax) { history.pushState({}, "", woof_current_page_link); } return woof_current_page_link; } //+++ if (Object.keys(woof_really_curr_tax).length > 0) { woof_current_values['really_curr_tax'] = woof_really_curr_tax.term_id + '-' + woof_really_curr_tax.taxonomy; } //+++ var link = woof_current_page_link + "?" + swoof_search_slug + "=1"; //console.log(woof_current_page_link); //just for the case when no permalinks enabled if (!woof_is_permalink) { if (woof_redirect.length > 0) { link = woof_redirect + "?" + swoof_search_slug + "=1"; if (woof_current_values.hasOwnProperty('page_id')) { delete woof_current_values.page_id; } } else { link = location.protocol + '//' + location.host + "?" + swoof_search_slug + "=1"; /* if (!woof_is_ajax) { link = location.protocol + '//' + location.host + "?" + swoof_search_slug + "=1"; } if (woof_current_values.hasOwnProperty('page_id')) { link = location.protocol + '//' + location.host + "?" + swoof_search_slug + "=1"; } */[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/front.js?ver=1.2.4.2]
  • /*** if ((index == 'min_price' || index == 'max_price') && is_price_in) { return; } if ((index == 'min_price' || index == 'max_price') && !is_price_in) { is_price_in = true; index = 'price'; value = woof_lang_pricerange; } //+++ value = value.toString().trim(); if (value.search(',')) { value = value.split(','); } //+++ jQuery.each(value, function (i, v) { if (index == 'page') { return; } if (index == 'post_type') { return; } var txt = v; if (index == 'orderby') { if (woof_lang[v] !== undefined) { txt = woof_lang.orderby + ': ' + woof_lang[v]; } else { txt = woof_lang.orderby + ': ' + v; } } else if (index == 'perpage') { txt = woof_lang.perpage; } else if (index == 'price') { txt = woof_lang.pricerange; } else { var is_in_custom = false; if (Object.keys(woof_lang_custom).length > 0) { jQuery.each(woof_lang_custom, function (i, tt) { if (i == index) { is_in_custom = true; txt = tt; if (index == 'woof_sku') { txt += " " + v;//because search by SKU can by more than 1 value } } }); } if (!is_in_custom) { try { //txt = jQuery('.woof_n_' + index + '_' + v).val(); txt = jQuery("input[data-anchor='woof_n_" + index + '_' + v + "']").val(); //console.log("input[data-anchor='woof_n_" + index + '_' + v + "']") } catch (e) { console.log(e); } if (typeof txt === 'undefined') { txt = v; } } /* hidden feature if (jQuery('input[name=woof_t_' + index + ']').length > 0) { txt = jQuery('input[name=woof_t_' + index + ']').val() + ': ' + txt; } */[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/front.js?ver=1.2.4.2]
  • /* jQuery('.woof_radio_label').unbind(); jQuery('label.woof_radio_label').click(function () { jQuery(this).prev().find('.woof_radio_term').trigger('ifChecked'); jQuery(this).parents('.woof_list_radio').find('.checked').removeClass('checked'); jQuery(this).prev().addClass('checked'); return false; }); */[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/html_types/radio.js?ver=1.2.4.2]
  • /*{disable_search_threshold: 10}*/[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/html_types/select.js?ver=1.2.4.2]
  • /*{disable_search_threshold: 10}*/[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/html_types/mselect.js?ver=1.2.4.2]
  • /*! Chosen, a Select Box Enhancer for jQuery and Prototype by Patrick Filler for Harvest, http://getharvest.com Version 1.1.0 Full source at https://github.com/harvesthq/chosen Copyright (c) 2011 Harvest http://getharvest.com MIT License, https://github.com/harvesthq/chosen/blob/master/LICENSE.md This file is generated by `grunt build`, do not edit it by hand. */[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.jquery.min.js?ver=1.2.4.2]
Enabled Debugging
The JavaScript debugging functions should always removed after development stage, because they could expose informations on the inner workings of the code. In production, it is a loophole and could show a possible attacker where to find possibly exploitable vulnerabilities or interesting variables.
  • console.log( event.keyCode );[http://www.mostawrd.com/groups/its-a-good-idea-to-agen-togel-online-optimistically-rather-than-to-end-in-smoke-cigarettes/]
  • console.log("JQMIGRATE: Migrate is installed"+(a.migrateMute?"":" with logging active")+", version "+a.migrateVersion),a.migrateTrace===c&&(a.migrateTrace=!0),a.migrateReset=function(){f={},a.migrateWarnings.length=0},"BackCompat"===document.compatMode&&d("jQuery is not compatible with Quirks Mode");[http://www.mostawrd.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1]
  • console.log("The "+a+" method of the "+d+" plugin conflicts with another plugin or native methods"):(c[a]=function(){return g[a].apply(g,Array.prototype.slice.apply(arguments))},c[a].bridged=g))}),c[d]=g}return this},__setWindow:function(a){return h.window=a,this},_getRuler:function(a){return new b(a)},_off:function(){return this.__$emitterPrivate.off.apply(this.__$emitterPrivate,Array.prototype.slice.apply(arguments)),this},_on:function(){return this.__$emitterPrivate.on.apply(this.__$emitterPrivate,Array.prototype.slice.apply(arguments)),this},_one:function(){return this.__$emitterPrivate.one.apply(this.__$emitterPrivate,Array.prototype.slice.apply(arguments)),this},_plugin:function(b){var c=this;if("string"==typeof b){var d=b,e=null;return d.indexOf(".")>0?e=c.__plugins[d]:a.each(c.__plugins,function(a,b){return b.name.substring(b.name.length-d.length-1)=="."+d?(e=b,!1):void 0}),e}if(b.name.indexOf(".")<0)throw new Error("Plugins must be namespaced");[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/js/tooltipster.bundle.min.js?ver=1.2.4.2]
  • console.log(c);[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/js/tooltipster.bundle.min.js?ver=1.2.4.2]
  • console.log(c),this.each(function(){var c=!1,d=a(this),e=d.data("tooltipster-ns"),f=null;e?g?c=!0:m&&false:c=!0,c&&(f=new a.Tooltipster(this,b[0]),e||(e=[]),e.push(f.__namespace),d.data("tooltipster-ns",e),d.data(f.__namespace,f),f.__options.functionInit&&f.__options.functionInit.call(f,f,{origin:this}),f._trigger("init")),a.tooltipster.__instancesLatestArr.push(f)}),this},b.prototype={__init:function(b){this.__$tooltip=b,this.__$tooltip.css({left:0,overflow:"hidden",position:"absolute",top:0}).find(".tooltipster-content").css("overflow","auto"),this.$container=a('<div class="tooltipster-ruler"></div>').append(this.__$tooltip).appendTo(h.window.document.body)},__forceRedraw:function(){var a=this.__$tooltip.parent();[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/js/tooltipster.bundle.min.js?ver=1.2.4.2]
  • console.log(data);[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/ext/query_save/js/query_save.js?ver=1.2.4.2]
  • console.log(req);[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/ext/query_save/js/query_save.js?ver=1.2.4.2]
  • console.log(result);[http://www.mostawrd.com/wp-content/plugins/woocommerce-products-filter/ext/query_save/js/query_save.js?ver=1.2.4.2]
Additional Information
Link Opener
The window.open("https://example.com/", "_blanc", "noopener"); attribute should always be added to the window.open() function, which open a site in a new tab, to reduce the risk of reverse tabnabbing. Otherwise javascript on the new page has full control over the previous visited page, including permission to change the DOM object and possibly steal session cookies.
Link Referrer
The window.open("https://example.com/", "_blanc", "referrer"); attribute should always be added to the window.open() function to prevent reverse tabnabbing for older browser, which do not support the noopener attribute and to prevent phishing attacks.
Comments
Comments should be removed from the public code of a web application, since it can give an aggressor critical insights into the inner structure of the program. By using this information, the attacker could easier understand how the user session is handled by javascript or figure out the pathway data is sent to the server.
Enabled Debugging
The JavaScript debugging functions should always removed after development stage, because they could expose informations on the inner workings of the code. In production, it is a loophole and could show a possible attacker where to find possibly exploitable vulnerabilities or interesting variables.
Unsafe Functions
eval() is eval! This functions and similar ones (document.write(), document.writeln(), element.innerHTML, element.outerHTML, element.insertAdjacentHTML()) should never be used in production stage of a website, because the parsing of the executable string is often not secure and result therefore often in a cross-site scripting vulnerability. Instead of these functions create html elements by script and add it to the DOM object.