PHP的Session验证总是失败,没想却是ZoneAlarm搞怪

  今天调试一个基于PHP的Session验证的程序,发现总是登陆失败,debug发现Session注册没有成功,也就是cookie没有生成,以前很少遇到这样的问题,因为PHP的配置肯定是没有问题的,更为奇怪的是,这样的问题在IE和FireFox上会遇到,在TT浏览器上确正常了,折腾了半天才总算发现的问题所在。

  经过对TT和FireFox上页面返回源代码的对比,发现两者之间有差异,在IE和FireFox访问后的页面中,HTML源代码的Header部分总会被加入类似这样的一行代码

<script language='javascript' src='http://127.0.0.1:1025/js.cgi?caw&r=27432'></script>


  我刚开始还以为中了木马病毒,查杀了一番没有结果。于是通过获取 http://127.0.0.1:1025/js.cgi?caw&r=27432 返回的代码,发现是一些阻止弹出、注册Cookie之类的js代码,于是感觉应该是防火墙之类的在作鬼,进一步分析代码,发现有不少zl_字样的东东,哈哈,原来是ZoneAlarm在捣鬼,抓住真凶!

  下面是js.cgi返回的代码范例,实际上我们也可以用这个代码来做一些有用的事情:)

var blockedReferrer = 'blockedReferrer';
NS_ActualWrite=document.write;
// Popup Blocker -->
RanPostamble=0;
NS_ActualOpen=window.open;
function NS_NullWindow(){this.window;}
function nullDoc() {
  
this.open = NS_NullWindow;
  
this.write = NS_NullWindow;
  
this.close = NS_NullWindow;
}
function NS_NewOpen(url,nam,atr){
if((nam!='' && nam==window.name) || nam=='_top'){
  
return(NS_ActualOpen(url,nam,atr));}
obj=new NS_NullWindow();
obj.focus = NS_NullWindow;
obj.blur = NS_NullWindow;
obj.opener = this.window;
obj.document = new nullDoc();
return(obj);
}
function NS_NullWindow2(){this.window;}
function NS_NewOpen2(url,nam,atr){
if((nam!='' && nam==window.name) || nam=='_top'){
  
return(NS_ActualOpen(url,nam,atr));}
    
return(new NS_NullWindow2());
}
function op_stop() { NS_ActualOpen2=window.open; window.open=NS_NewOpen2; }
function op_start() { window.open=NS_ActualOpen2; }
function noopen_load() { 
    
op_stop(); if(zl_orig_onload) zl_orig_onload(); op_start();
}
function noopen_unload() { op_stop(); if(zl_orig_onunload) zl_orig_onunload(); op_start(); }
function postamble() {
 
 
if(!RanPostamble) {
    
RanPostamble=1;
zl_orig_onload = window.onload;
zl_orig_onunload = window.onunload;
window.open=NS_ActualOpen;
 
}
}
window.open=NS_NewOpen;

  访问ZA的官方论坛,得到官方的回答如下:
This is the script that ZAP inserts into every page to allow your Privacy settings to function properly. It provides the means to control cookies, ads, and active script. To remove it, turn off all your Main Privacy blocking.
Bill
Atlanta, Georgia

  于是关掉ZoneAlarm中“Privacy”中Cookie和Ad的控制选项,问题得到解决:)

官方论坛地址:http://forum.zonelabs.org/zonelabs/board/message?board.id=security&message.id=14155

Category: PHP / Zend
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Your email address will not be published. Required fields are marked *

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Anti-spam image