Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Why do i get sha256.js when using jquery ajax to a php script

Tags:

javascript

jquery

ajax

google-chrome

sha256

I am running a script, where it saves changes to a PHP script in background with jquery-ajax and made a function that throws an error if the script posts something to the site. When it throws an error I use console.log for chrome debugging.

It worked well until now. Now like 1 out of 5 times, I get this in the console.

<script src="/____proof-of-work/sha256.js"></script>
<script>
    challengeString = "fc1bc435f0be5062b3420hc4970e8f77d8359904b50356959054180e014c24211a";
    nonce = 0;
    hash = sha256(challengeString + nonce);
    while(1) {
        hash = sha256(challengeString + nonce);
        if (hash.substr(0, 4) === '0000')
            break;
        nonce += 1;
    }
    window.location.replace("/____proof-of-work/validate/" + nonce + "/" + window.location.href);
</script>

I can't really figure out where this comes from. I have never seen this code before, and I have tried to google it, but not a real solution on this.

What can it be, and how to get rid of this?

like image 354
Nicolai Svenningsen Avatar asked Feb 28 '26 07:02

Nicolai Svenningsen

1 Answers

I have the same problem with one.com.

Here is the response from the one.com support:

Sehr geehrter Herr Heidingsfelder,

vielen Dank für Ihre Anfrage.

Bei proof-of-work handelt es sich um sogenannte JavaScript challenges, die von unserem Server abgesetzt werden, wenn viele Anfragen an dieselbe URL erfolgen. Hierdurch soll eine missbräuchliche Nutzung, etwa durch Malware- oder Spambots, bestmöglich eingeschränkt werden.

Eine Umgehung von proof-of-work ist im Sinne von Abs. 1.2 der Allgemeinen Geschäftsbedingungen unzulässig.

Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen

Sascha one.com

english:

Dear Mr. Heidingsfelder,

Thank you for your request.

Proof-of-Work is a JavaScript challenge that is dropped by our server when many requests are made to the same URL. This should be the best possible restriction of improper use, such as malware or spam bots.

A circumvention of proof of work is inadmissible within the meaning of paragraph 1.2 of the General Terms and Conditions.

For further questions please do not hesitate to contact us.

With best regards

Sascha one.com

I will terminate my contract with one.com.

Regards

Marc

like image 106
Marc Heidingsfelder Avatar answered Mar 01 '26 21:03

Marc Heidingsfelder

Sign in to Comment

Related questions

append comma seperated values to url as search params [duplicate]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!