Skip to main content
Accessibility Resource Center Skip to main content
Get up to $500 when you bring your phone. Plus, get the incredible iPhone 13 Pro on us. Online only. With select 5G Unlimited plans. Ends 12.5. Buy now
end of navigation menu
cancel
Showing results for 
Search instead for 
Did you mean: 
***Announcement: Early next week, we’ll be merging the current Fios and Wireless Communities into the all new Verizon Community! Beginning the evening of Sunday 12/4, both Communities will be placed in read-only mode. You’ll still be able to visit the Communities and browse content, but login will be disabled. On the afternoon of Monday 12/5, all users will be able to log into the new Verizon Community. We expect the new Community to be fully functional the morning of Friday 12/9. Additional details can be found in the Announcements board and under Featured Topics!
Strange download
drar2011
Member

Hi everyone, I just noticed something download onto my phone, it is called xdm_iframe.bin  Does anyone know what this is? It just downloaded on its own. Thanks.

Labels (1)
Re: Strange download
deloused
Sr. Member

Files like that come from visiting html websites on your browser that have another embedded html code (iFrame) such as a banner/ad/document/link containing a binary coded (.bin) additional embedded code using the Java Xquery data model (XDM).

0 Likes
Re: Strange download
Qowieury
Member

Also happening on my note 4

0 Likes
Re: Strange download
deloused
Sr. Member

It's very common, even on my iPhone.

0 Likes
Re: Strange download
CodeFarmer
Member

I got this too and deleted it.  But for those interested here are the contents:

<!DOCTYPE html>

<html>

    <head>

        <meta charset="utf-8" />

        <title>easyXDM cross-domain XMLHttpRequest provider</title>

        <script type="text/javascript" src="http://z.cdn.turner.com/xslo/cvp/easyxdm/js/easyXDM.ugly.js"></script>

        <script type="text/javascript">

            easyXDM.DomHelper.requiresJSON("http://z.cdn.turner.com/xslo/cvp/easyxdm/js/json2.ugly.js");

        </script>

        <script type="text/javascript">

/*

* This is a CORS (Cross-Origin Resource Sharing) and AJAX enabled endpoint for easyXDM.

* The ACL code is adapted from pmxdr (http://github.com/eligrey/pmxdr/) by Eli Grey (http://eligrey.com/)

*

*/

// From http://peter.michaux.ca/articles/feature-detection-state-of-the-art-browser-scripting

function isHostMethod(object, property) {

    var t = typeof object[property];

    return t === 'function' || (!!(t === 'object' && object[property])) || t === 'unknown';

}

/**

* Creates a cross-browser XMLHttpRequest object

* @return {XMLHttpRequest} A XMLHttpRequest object.

*/

var getXhr = (function () {

    var item;

    if (isHostMethod(window, "XMLHttpRequest")) {

        return function () {

            return new XMLHttpRequest();

        };

    }

    item = (function () {

        var list = ["Microsoft", "Msxml2", "Msxml3"],

            i = list.length,

            obj;

        while (i--) {

            try {

                item = list[i] + ".XMLHTTP";

                obj = new ActiveXObject(item);

                return item;

            } catch (e) {

            }

        }

    }());

    return function () {

        return new ActiveXObject(item);

    };

}());

// this file is by default set up to use Access Control - this means that it will use the headers set by the server to decide whether or not to allow the call to return

var useAccessControl = false;

// always trusted origins, can be exact strings or regular expressions

var alwaysTrustedOrigins = [(/\.?turner\.com(:\d+)?$/)];

// instantiate a new easyXDM object which will handle the request

var remote = new easyXDM.Rpc({

    // local: "/name.html",

    swf: "http://i.cdn.turner.com/xslo/cvp/easyxdm/swf/easyxdm.swf"

}, {

    local: {

        // define the exposed method

        request: function (config, success, error) {

            var isPOST = config.method === "POST",

                pairs = [],

                key = '',

                data = '',

                req,

                prop = '',

                timeout,

                alwaysTrusted = true,

                i = alwaysTrustedOrigins.length;

            // apply default values if not set

            easyXDM.apply(config, {

                method: "POST",

                headers: {

                    "Content-Type": "application/x-www-form-urlencoded",

                    "X-Requested-With": "XMLHttpRequest"

                },

                success: Function.prototype,

                error: function (msg) {

                    throw new Error(msg);

                },

                data: {},

                timeout: 10 * 1000

            }, true);

            // set the CORS request header

            // only if there is no XHR2 features

            if (!window.XMLHttpRequest || !('withCredentials' in (new XMLHttpRequest))) {

                config.headers.Origin = remote.origin;

            }

            // convert the data into a format we can send to the server

            for (key in config.data) {

                if (config.data.hasOwnProperty(key)) {

                    pairs.push(encodeURIComponent(key) + "=" + encodeURIComponent(config.data[key]));

                }

            }

            data = pairs.join("&");

            // create the XMLHttpRequest object

            req = getXhr();

            url = !isPOST && data

                ? config.url + (~config.url.indexOf('?') ? '&' : '?') + data

                : config.url;

            req.open(config.method, url, true);

            // apply the request headers

            for (prop in config.headers) {

                if (config.headers.hasOwnProperty(prop) && config.headers[prop]) {

                    req.setRequestHeader(prop, config.headers[prop]);

                }

            }

            // set a timeout

            timeout = setTimeout(function () {

                // reset the handler

                req.onreadystatechange = Function.prototype;

                req.abort();

                req = null;

                error({

                    message: "timeout after " + config.timeout + " second",

                    status: 0,

                    data: null,

                    toString: function () {

                        return this.message + " Status: " + this.status;

                    }

                }, null);

            }, config.timeout);

            // check if this origin should always be trusted

            while (i-- && !alwaysTrusted) {

                if (alwaysTrustedOrigins[i] instanceof RegExp) {

                    alwaysTrusted = alwaysTrustedOrigins[i].test(remote.origin);

                } else if (typeof alwaysTrustedOrigins[i] === "string") {

                    alwaysTrusted = (remote.origin === alwaysTrustedOrigins[i]);

                }

            }

            // define the onreadystate handler

            req.onreadystatechange = function () {

                var rawHeaders,

                    headers,

                    headers_lowercase,

                    reHeader,

                    m,

                    errorMessage,

                    aclAllowedOrigin,

                    aclAllowedMethods;

                if (req.readyState === 4) {

                    clearTimeout(timeout);

                    // parse the response headers

                    rawHeaders = req.getAllResponseHeaders();

                    headers = {};

                    headers_lowercase = {};

                    reHeader = /([\w-_]+):\s+(.*)$/gm;

                    while ((m = reHeader.exec(rawHeaders))) {

                        headers_lowercase[m[1].toLowerCase()] = headers[m[1]] = m[2];

                    }

                    if (req.status < 200 || req.status >= 300) {

                        if (useAccessControl) {

                            error("INVALID_STATUS_CODE");

                        } else {

                            error("INVALID_STATUS_CODE", {

                                status: req.status,

                                data: req.responseText

                            });

                        }

                    } else {

                        if (useAccessControl) {

                            // normalize the valuse access controls

                            aclAllowedOrigin = (headers_lowercase["access-control-allow-origin"] || "").replace(/\s/g, "");

                            aclAllowedMethods = (headers_lowercase["access-control-allow-methods"] || "").replace(/\s/g, "");

                            // determine if origin is trusted

                            if (alwaysTrusted || aclAllowedOrigin === "*" || aclAllowedOrigin.indexOf(remote.origin) !== -1) {

                                // determine if the request method was allowed

                                if (aclAllowedMethods && aclAllowedMethods !== "*" && aclAllowedMethods.indexOf(config.method) === -1) {

                                    errorMessage = "DISALLOWED_REQUEST_METHOD";

                                }

                            } else {

                                errorMessage = "DISALLOWED_ORIGIN";

                            }

                        }

                        if (errorMessage) {

                            error(errorMessage);

                        } else {

                            success({

                                data: req.responseText,

                                status: req.status,

                                headers: headers

                            });

                        }

                    }

                    // reset the handler

                    req.onreadystatechange = Function.prototype;

                    req = null;

                }

            };

            // issue the request

            req.send(isPOST ? data : "");

        }

    }

});

        </script>

    </head>

    <body>

    </body>

</html>

0 Likes
Re: Strange download
Portlandia
Member

Same thing happened to me tonight.  Is there a way to remove it? If so, how?

0 Likes
Re: Strange download
maryalene
Member

It's downloaded itself 3 times to my Galaxy S4 since last night. Not sure if that's something to be concerned about or if it's just a harmless file. I tried clearing my history and downloads but that didn't seem to help.

0 Likes
Re: Strange download
DanielQDC
Member

This just started happening to me but only when I'm on CNN.  I've had my phone for over a year and never had an xdm_iframe.bin file automatically download before.

Re: Strange download
deloused
Sr. Member

Yeah they're more and more popular it seems as more websites and browsers adopt html5. I notice it also with my local news app, because they embed ads when you scroll thru the articles and launch video ads before watching a news story.

0 Likes
Re: Strange download
Chrisandra18
Member

Just automatically downloaded on my phone too and won't allow me to delete.  What should I do?

0 Likes