What is CavalryLogger and do I need it?
I'm doing some optimisation on a site Ive recently taken over.开发者_StackOverflow中文版 I've found a script I don't recognise: http://static.ak.fbcdn.net/rsrc.php/zo/r/V95Lkt_uLNB.js
It could be a facebook thing, and there's some key logging going on (that Im not too keen on)
It is without a doubt the largest file being requested on a page load (87kb) so if I can do without it, it'll really speed up the page load.
Does anyone know:
A) What it is B) What it's for C) What it does D) Can I do without itOkay so I had a look over the beautified version of this minified code and have noted the following:
By itself these are a bunch of utility functions.
CavalryLogger doesn't do anything with this file by itself because it doesn't exist, nor is it defined.
The code in question regarding key binding:
function KeyEventController() {
copy_properties(this, {
handlers: {}
});
document.onkeyup = this.onkeyevent.bind(this, 'onkeyup');
document.onkeydown = this.onkeyevent.bind(this, 'onkeydown');
document.onkeypress = this.onkeyevent.bind(this, 'onkeypress');
}
copy_properties(KeyEventController, {
instance: null,
getInstance: function () {
return KeyEventController.instance || (KeyEventController.instance = new KeyEventController());
},
defaultFilter: function (event, a) {
event = $E(event);
return KeyEventController.filterEventTypes(event, a) && KeyEventController.filterEventTargets(event, a) && KeyEventController.filterEventModifiers(event, a);
},
filterEventTypes: function (event, a) {
if (a === 'onkeydown') return true;
return false;
},
filterEventTargets: function (event, b) {
var a = $E(event).getTarget();
if (DOM.isNode(a, ['input', 'select', 'textarea', 'object', 'embed'])) if (a.type != 'checkbox' && a.type != 'radio' && a.type != 'submit') return false;
return a.getAttribute('contentEditable') != 'true';
},
filterEventModifiers: function (event, a) {
if (event.ctrlKey || event.altKey || event.metaKey || event.repeat) return false;
return true;
},
registerKey: function (f, a, d, g) {
if (d === undefined) d = KeyEventController.defaultFilter;
var b = KeyEventController.getInstance();
var c = b.mapKey(f);
if (is_empty(b.handlers)) onleaveRegister(b.resetHandlers.bind(b));
for (var e = 0; e < c.length; e++) {
f = c[e];
if (!b.handlers[f] || g) b.handlers[f] = [];
b.handlers[f].push({
callback: a,
filter: d
});
}
},
keyCodeMap: {
'[': [219],
']': [221],
'`': [192],
LEFT: [KEYS.LEFT, 63234],
RIGHT: [KEYS.RIGHT, 63235],
RETURN: [KEYS.RETURN],
TAB: [KEYS.TAB],
DOWN: [KEYS.DOWN, 63233],
UP: [KEYS.UP, 63232],
ESCAPE: [KEYS.ESC],
BACKSPACE: [KEYS.BACKSPACE],
DELETE: [KEYS.DELETE]
}
});
copy_properties(KeyEventController.prototype, {
mapKey: function (a) {
if (typeof (a) == 'number') return [48 + a, 96 + a];
if (KeyEventController.keyCodeMap[a.toUpperCase()]) return KeyEventController.keyCodeMap[a.toUpperCase()];
var b = a.toUpperCase().charCodeAt(0);
return [b];
},
onkeyevent: function (i, c) {
c = $E(c);
var d = null;
var g = this.handlers[c.keyCode];
var b, f, a;
if (g) for (var h = 0; h < g.length; h++) {
b = g[h].callback;
f = g[h].filter;
try {
if (!f || f(c, i)) {
var node = null;
if (window.Parent && Parent.byTag && c.getTarget) node = Parent.byTag(c.getTarget(), 'a');
user_action(node, 'key', c);
a = b(c, i);
if (a === false) return Event.kill(c);
}
} catch (e) {}
}
return true;
},
resetHandlers: function () {
this.handlers = {};
}
});
This code lets you bind keys to callbacks, and includes more human readable names for common keys. Take for example the usage here:
KeyEventController.registerKey('ESCAPE', Dialog._handleEscapeKey, a);
The ESCAPE key is registered to make Dialogs go away. handlers
is also empty by default, so nothing is going to happen until you use registerKey
or append to it manually. Note that this is the only instance of registerKey
being called.
It also has a lot of AJAX utility functions. Can't really send anything to Facebook from your domain anyways because of same origin policy (unless you modified security permissions, but then that's your fault). Same thing with the cookies set.
There's also a history manger, but it uses an iFrame so it won't be able to read it from your domain anyways.
Finally the like button code I found is an iFrame, so it wouldn't need JS includes unless you were using javascript to create the iFrame or something.
With that in mind I don't see the need for you to include all this.
It looks like this is directly connected to having the "Like this" functionality on a page. The iframe you use to include the 'Like' button seems to come with a couple of 'bonus' scripts.
If you ask me, this is another good reason to NOT have Facebook integrated, it appears to be logging keypresses, and that is not cool.
A quick google search doesn't provide alot of answers - it's some sort of event tracking script for Facebook, and I saw a tweet and a couple of forum posts where people mentioned disabling it and gaining a speed boost - I think you can safely get rid of it, atleast it's worth giving it a try.
This is definitely from Facebook - one of many supporting files for FBML / API / etc.
If you are not using any FB features in your project, simply remove this file.
If you are using any FB features (like 'Like' button), you shouldn't use this file (or any other files with cryptic names) directly either. You should instead
1) create empty <div id="fb-root"></div>
somewhere at the end f your page
2) include http://connect.facebook.net/en_US/all.js script in your page
3) follow further instructions from http://developers.facebook.com/
When the IFRAME is loaded it calls the following URI:
https://www.facebook.com/plugins/like.php?api_key=[your_api_key]&channel_url=http%3A%2F%2Fstatic.ak.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D27%23cb%3Df39f390d40f7332%26domain%3D[your_TLD]%26origin%3Dhttp%253A%252F%252F[your_TLD]%252Ff72f1f9bea899e%26relation%3Dparent.parent&colorscheme=light&extended_social_context=false&href=[your_share_URI]&layout=button_count&locale=en_US&node_type=link&sdk=joey&send=false&show_faces=false&width=100
Within the script tags of this page are the following calls.
PluginAsyncLoader.load("**https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yq\/r\/CNRdIwfy3yI.js**");
PluginAsyncLoader.ondemandjs = "**https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yH\/r\/muz85bheueJ.js**";
I found "calverly logger" in a file that I did not download but I saw it download right in front of me when I closed Thunderbird (was running Firefox behind it and it showed up there as a file downloading) so went to check what it was.
The file was called: "See All.html" which I found odd and worrying.
the head of the file contains the following code indicating it is a Facebook function... The Calvery Logger is mentioned near the bottom of the file (not shown here). I have stripped out the html < near the head of the file so that you can see the code... Not sure it will help but look forward to any insights...
// !DOCTYPE html
html lang="en" id="facebook" class="no_js"
head
meta charset="utf-8" />
meta name="referrer" content="origin-when-crossorigin" id="meta_referrer" />
script> window._cstart=+new Date();</script><script>function envFlush(a) {function b(c){for(var d in a)c[d]=a[d];}if(window.requireLazy){window.requireLazy(['Env'],b);}else{window.Env=window.Env||{};b(window.Env);}}envFlush({"ajaxpipe_token":"AXiYOZarFarwOff3","lhsh":"AAQFK_mp-","khsh":"0`sj`e`rm`s-0fdu^gshdoer-0gc^eurf-3gc^eurf;1;enbtldou;fduDmdldourCxO`ld-2YLMIuuqSdptdru;qsnunuxqd;rdoe-0unjdojnx-0unjdojnx0-0gdubi^rdbsduOdv-0`sj`e`r-0q`xm`r-0StoRbs`qhof-0mhoj^q`xm`r","timeslice_heartbeat_config":{"pollIntervalMs":33,"idleGapThresholdMs":60,"ignoredTimesliceNames":{"requestAnimationFrame":true,"Event listenHandler mousemove":true,"Event listenHandler mouseover":true,"Event listenHandler mouseout":true,"Event listenHandler scroll":true},"enableOnRequire":true},"shouldLogCounters":false,"timeslice_categories":{"react_render":true,"reflow":true}}); script> style> style>
It's linked to a virus hacker on Facebook, sending videos to all the friends of the person who's been hacked. If you open such a video, you too become hacked and all your friends get the video too. Do not open any suspect videos or messages, particularly in Messenger.
精彩评论