Stop mobile network proxy from injecting JavaScript

javascript proxy

You can use this on your pages. It still compresses and put everything inline but it wont break scripts like jquery because it will escape everything based on W3C Standards

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

On your server you can set the cahce control

"Cache-Control: no-transform"

This will stop ALL modifications and present your site as it is!

Reference docs here

http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.5

http://stuartroebuck.blogspot.com/2010/08/official-way-to-bypassing-data.html

Web site exhibits JavaScript error on iPad / iPhone under 3G but not under WiFi


You're certainly not the first. Unfortunately many wireless ISPs have been using this crass and unwelcome approach to compression. It comes from Bytemobile.

What it does is to have a proxy recompress all images you fetch smaller by default (making image quality significantly worse). Then it crudely injects a script into your document that adds an option to load the proper image for each recompressed image. Unfortunately, since the script is a horribly-written 1990s-style JS, it craps all over your namespace, hijacks your event handlers and stands a high chance of messing up your own scripts.

I don't know of a way to stop the injection itself, short of using HTTPS. But what you could do is detect or sabotage the script. For example, if you add a script near the end of the document (between the 1.2.3.4 script inclusion and the inline script trigger) to neuter the onload hook it uses:

<script type="text/javascript">
    bmi_SafeAddOnload= function() {};
</script>

then the script wouldn't run, so your events and DOM would be left alone. On the other hand the initial script would still have littered your namespace with junk, and any markup problems it causes will still be there. Also, the user will be stuck with the recompressed images, unable to get the originals.

You could try just letting the user know:

<script type="text/javascript">
    if ('bmi_SafeAddOnload' in window) {
        var el= document.createElement('div');
        el.style.border= 'dashed red 2px';
        el.appendChild(document.createTextNode(
            'Warning. Your wireless ISP is using an image recompression system '+
            'that will make pictures look worse and which may stop this site '+
            'from working. There may be a way for you to disable this feature. '+
            'Please see your internet provider account settings, or try '+
            'using the HTTPS version of this site.'
        ));
        document.body.insertBefore(el, document.body.firstChild);
    }
</script>

Related

Android - Wake Up and Unlock Device
PIL - draw multiline text on image
Can I call Java from Node.js via JNI and how?
Double vs float on the iPhone
How to expose a RESTful Web Service using Meteor
Change expandable indicator in ExpandableListView
Filling PDF Forms with PHP [closed]
get unique machine id
Configure Eclipse to use signed keystore
How to make a sunburst plot in R or Python?
Atom Electron - Close the window with javascript
DLL References in Visual C++