False-positives in “Malicious Code” checking block of tables.php

  • Resolved Xhynk

    (@alexdemchak)


    3 years, 5 months ago

    Version 1.8.7

    In /modules/tables/views/tables.php between lines 117-140 in your renderTable method, you have a custom “check for corrupted table” block which is too aggressive.

    It looks for a case-insensitive word 'script' and then any of those other strings, like 'pastebin', 'createElement', etc. and even includes 'window'.

    We got a call from a client who said their tables were corrupted. I looked and they have a string similar to the following in it:

    “Description: Remember smelling a freshly baked apple pie on a nearby window-sill?”

    This was triggering the malicious code warning because of “description” and “nearby window-sill”. For the time being, I changed it to “Details” instead of “Description” directly in the database, so they’re working. But thought you should know so you can revise that corruption checking code.

    • This topic was modified 3 years, 5 months ago by Xhynk.
    • This topic was modified 3 years, 5 months ago by Xhynk.
Viewing 1 replies (of 1 total)
  • Plugin Support Support Ole

    (@trsupsys)

    3 years, 5 months ago

    Hello, @alexdemchak
    Thank you for contacting us regarding your question!

    Your request was redirected to our developer. He will review your request and respond to you anytime soon.

    Best regards,
    Ole

Viewing 1 replies (of 1 total)
  • The topic ‘False-positives in “Malicious Code” checking block of tables.php’ is closed to new replies.