Does anyone know why things like:
<a href="#" onClick="javascript_foo_function(1,'foo',34); return false;">
Cause most antivirus (such as McAfee mcshield.exe) to go haywire? What is the exploit that they are looking to protect against? Many programs (mcafee and norton) do some insane calculations that seem to exponentially increase with the number of links, a few hundred links like that one a page can result in 2 minutes before the page is useable. I wonder what they are doing?
Once I changed them to <A href="javascript:javascript_foo_function(1,'foo',34);"> antivirus had no problem and didn't cause excessive CPU usage.
I have no idea why a virus scanner would react in this way, but to offer an approach for a possible workaround: Try not using onclick directly, but define the events in an external JS file. Maybe that'll pass without triggering whatever "guard" mechanism seems to think this is suspicious.
HTML:
<a href="#" id="link_1">
In a separate JS file that you embed at the end of the document:
document.getElementById("link_1").onclick = function() {
javascript_foo_function(1,'foo',34);
return false;
}
now if the virus scanners think they're fighting a real problem here, and if they are smart, they won't be fooled by this. But I'm having trouble using "Norton" and "Smart" in one sentence, and there clearly is no security problem in the first place, so it may as well work. Try it out.