https://vjs.zencdn.net/5.2.4/video.js included in each page!

https://vjs.zencdn.net/5.2.4/video.js included in each page!

  
Hi Guys,

Whe have something strange happening, on each page in our enviroment there is a include of the video.js file from the link: https://vjs.zencdn.net/5.2.4/video.js. Even when we create a empty new espace there is a include of the file. Only problem we can't find where this include is done so we can remove it. Anyone a idea what this could be?
are you sure it's being added by outsystems?

- Check on the server itself and check the pages in the iis-directory.
- Do you have a factory-application active?
- Does it happen on every PC? 





Hi Joost,

Thanks for you reply.
We can't find anywhere where it is included.
We're upto doing a search on the server itself now to see in which files exectly it is mentioned.

It's pretty sick that the inclusion is so far hidden it's invisible to find.
True, but it could be a virus or browser-addon...

that's why I asked if you are 100% it's included from the server.

good luck!

Hi freek,

We have an API called Include Javascript that allows you to include scripts across all eSpaces in your environment.
Someone might have used it to register this script and this is why you are getting it on every module. 

I suggest you to list all the scripts you have (you have an action for that) and remove the script using the Delete script action.

You can access it here:
Add remove references > IncludeJavascript_API (extension)

regards,
Hélio
Hélio, thanks for you post; we've checked and it only seems to be used in two E-spaces:
  • PerformanceProbe
  • VerticalTimeline
They seem to me as internal E-spaces.
Hélio,

I think you might have pointed us on the right track.
Let me get back to you on this.
Yes; that was it!
I probably tried out this function not knowing it would be registered everywhere!

Thumbs up for Hélio!

Regards,

Eric
Great! 
And btw... that's how we include the performance monitor scripts :)

regards,
Hélio




Hélio Dolores wrote:
Great! 
And btw... that's how we include the performance monitor scripts :)

regards,
Hélio



 
 I'd also think it's the best way to "inject" some malicious javascript all through a website.
Just post an interesting thing in the force and make the customer run it once. (evil-grin)