{"id":15039994,"url":"https://github.com/automattic/adbusters","last_synced_at":"2025-07-24T00:04:26.567Z","repository":{"id":11482869,"uuid":"13954046","full_name":"Automattic/Adbusters","owner":"Automattic","description":"A WordPress plugin that loads a set of iframe busters for popular ad networks","archived":false,"fork":false,"pushed_at":"2023-08-27T16:14:14.000Z","size":140,"stargazers_count":29,"open_issues_count":11,"forks_count":22,"subscribers_count":115,"default_branch":"main","last_synced_at":"2025-07-22T02:06:15.434Z","etag":null,"topics":["wordpress","wordpress-plugin","wpvip-plugin"],"latest_commit_sha":null,"homepage":"http://wordpress.org/plugins/adbusters","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Automattic.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":"license.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2013-10-29T11:32:57.000Z","updated_at":"2023-07-31T20:45:45.000Z","dependencies_parsed_at":"2022-09-14T03:02:00.470Z","dependency_job_id":null,"html_url":"https://github.com/Automattic/Adbusters","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/Automattic/Adbusters","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Automattic%2FAdbusters","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Automattic%2FAdbusters/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Automattic%2FAdbusters/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Automattic%2FAdbusters/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Automattic","download_url":"https://codeload.github.com/Automattic/Adbusters/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Automattic%2FAdbusters/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266770246,"owners_count":23981528,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-23T02:00:09.312Z","response_time":66,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["wordpress","wordpress-plugin","wpvip-plugin"],"created_at":"2024-09-24T20:44:05.339Z","updated_at":"2025-07-24T00:04:26.183Z","avatar_url":"https://github.com/Automattic.png","language":"HTML","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Run PHPUnit and PHPCS](https://github.com/Automattic/Adbusters/actions/workflows/integrate.yml/badge.svg)](https://github.com/Automattic/Adbusters/actions/workflows/integrate.yml)\n\n# Adbusters for WordPress\nA WordPress plugin that loads a set of iframe busters for popular ad networks.\n \n* [Download the plugin from WordPress.org](http://wordpress.org/plugins/adbusters).\n\nHave you found a bug, or have a feature request? Github pull requests are warmly received. :)\n\n## Guidelines for iFrame Busters\n\nThe following are common XSS vulnerabilities found in iFrame busters.\n\n1. Unescaped URL parameter values\n2. Parameters that accept any domain\n\n## Unescaped URL parameter values\n\nSpecial characters should be removed or converted into their equivalent HTML/hex entity. The characters in the following table can be used to write malicious code on the page.\n\n`example.com/iframebuster.html?parameter=\"\u003e\u003c/script\u003e\u003cscript\u003ealert('XSS')\u003c/script\u003e`\n\n\tCharacter =\u003e HTML Entity\n\t    \u0026     =\u003e    \u0026amp;   \n\t    \u003c     =\u003e    \u0026lt;    \n\t    \u003e     =\u003e    \u0026gt;    \n\t    \"     =\u003e    \u0026quot;  \n\t    '     =\u003e    \u0026#x27;  \n\t    /     =\u003e    \u0026#x2F;  \n\n\n## Parameters that accept any domain\n\nWhen passing a domain as a parameter to write a script tag onto the page, it should be restricted to an approved domain(s). \n\n`example.com/iframebuster.html?server=evildomain.com`\n\n## Examples of Safe iFrame Busters\n\n* [DARTIframe.html](https://github.com/Automattic/Adbusters/blob/master/templates/doubleclick/DARTIframe.html)\n* [ifr_b.html](https://github.com/Automattic/Adbusters/blob/master/templates/adcentric/ifr_b.html)\n* [Pictela_iframeproxy.html](https://github.com/Automattic/Adbusters/blob/master/templates/pictela/Pictela_iframeproxy.html)\n\n## XSS Attack Prevention Guidelines\n\nFurther guidelines can be found at [ha.ckers.org/xss.html](http://ha.ckers.org/xss.html), which covers the above rules as well as many others.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fautomattic%2Fadbusters","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fautomattic%2Fadbusters","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fautomattic%2Fadbusters/lists"}