一直用着Firefox的No Script扩展且默认阻止加载脚本,近期浏览网页的时候No Script提示一直存在,且浏览所有网页都有一个来自superfish.com的脚本被拦截。实在是奇怪,像网页被挂马了一样,但想想像百度、谷歌这样的站被挂马可能性还是微乎其微的;加上也不可能有所网站都被黑了,这更不现实。
上superfish.com看了一圈,是个商品图片搜索的网站(以图搜图),在FAQ里看到有个Superfish Window Shopper火狐扩展,在浏览器里找了一圈没找到。
搜了一番发现了罪魁祸首IE Tab Plus插件,该文中的解决方法是用IE Tab2替换IE Tab Plus。
又想IE Tab Plus扩展的作者该没那么绝吧?这么优秀的扩展做的像木马一样乱挂脚本不是自寻死路吗?看了一下IE Tab Plus扩展的选项,果然在功能设置里找到了“支持价格比较 **新功能**”的复选框,去掉前面的勾,重启Firefox。正常了,浏览网页不再提示加载来自superfish.com的脚本。
以下是点了支持价格比较旁边的链接所给出的提示:
What is IE Tab Price Compare?
IE Tab Price Compare is an enhanced price comparison feature that automatically shows you the lowest price when you shop online. Powered by Superfish, Price Compare marks product images with a See Similar icon on hundreds of U.S. online stores. When clicked on, Price Compare opens up, showing identical or similar products offers.
Currently works for U.S. stores only.
To disable this feature, simply right click on the IE Tab Plus icon (it’s a small Firefox logo) on the bottom right corner of your Firefox browser tray and select Settings. From there, select the Basic mode or deselect the Price Comparison checkbox and restart Firefox.
Price Compare is completely free to use and is 100% clean: no spyware, adware, or viruses. For more information about Superfish, click here.
看到中间那个“目前只对美国商铺有效”,果断无视这个价格比较功能。