Where this code is being used? -http://xandernieuws.punt.nl/
Detected libraries:
jquery - 1.11.1 : -http://code.jquery.com/jquery-latest.min.js
No vulnerable libraries found
Scanner output:
Scanning -http://xandernieuws.punt.nl/ …
Script loaded: -http://code.jquery.com/jquery-latest.min.js *
Script loaded: -http://xandernieuws.punt.nl/javascript/punt-social
Script loaded: -http://xandernieuws.punt.nl/javascript/nl_NL.wsmpack.js
Script loaded: -http://xandernieuws.punt.nl/javascript/nl_NL.loaderbar.js
- see: Scripts 1 issues
Tag Result
Where shoud try to mitigate the threats found here by using SRI hash attributes:
Results from scanning URL: -http://code.jquery.com/jquery-latest.min.js
Number of sources found: 43
Number of sinks found: 19
See for that: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fcode.jquery.com%2Fjquery-latest.min.js
For the whole issue also consider this: https://stackoverflow.com/questions/20388242/is-using-jquery-latest-min-js-bad-practice and then also read on the use of the
if(b.innerHTML=
source: http://snook.ca/archives/javascript/whats_wrong_wit
Code comes via Cloudflare: http://toolbar.netcraft.com/site_report?url=https://code.jquery.com
Coding with security in mind, folks, is not that easy, but we learn all the way, ;D
polonus (volunteer website security analyst and website error-hunter)