问题
Been hit with some nasty javascript malware on my site. I know that each offending code block starts with the following:
<script language=javascript><!--
(function()
and ends with
</script>
I'd like to remove the nasty bits via regex on windows, using some sort of freeware regex replacement tool. Any suggestions here? Thank You much.
回答1:
You might want to try UltraEdit, it has a built-in regular expression search/replace that works well. Also I believe the demo works for 30 days.
If you just want to remove all Javascript blocks from your pages, you would search for:
<script language=javascript><!--[\s\S\p]+</script>
(\s = whitespace, \S = non-whitespace, \p = newline characters)
Make sure you have the regular expressions box checked in the search/replace dialog.
Edit
Add to the regular expression that after <script> should follow <!-- (I altered the above example) and you'll get only those <script> sections that include a comment immediately following the opening tag.
回答2:
I think you should use configure Privoxy (http://privoxy.org). It uses the PCRE library and is available for Windows. In order to filter you should do the following:
In the Privoxy configuration directory add
FILTER: my-js-purger s@<script\s+language=javascript><!--\s+(function().*?</script>@@sto
user.filterfile,Add
{ +filter{my-js-purger} } /to
user.actionfile (replace/with the names of sites you want to apply filter to, or leave it as is if you want to apply it to all sites).Ensure that there are uncommented lines
listen-address 127.0.0.1:8118 actionsfile user.action filterfile user.filterin
configfile (I believe it is safe to just add them at the end ofconfigfile regardless whether they already exist).Start privoxy.
Configure your browser to use
127.0.0.1:8118as a http/https proxy server.
来源:https://stackoverflow.com/questions/2909030/regex-question-for-removal-of-javascript-malware