Strange download
drar2011
Enthusiast - Level 2

Hi everyone, I just noticed something download onto my phone, it is called xdm_iframe.bin  Does anyone know what this is? It just downloaded on its own. Thanks.

Re: Strange download
deloused
Master - Level 3

Files like that come from visiting html websites on your browser that have another embedded html code (iFrame) such as a banner/ad/document/link containing a binary coded (.bin) additional embedded code using the Java Xquery data model (XDM).

0 Likes
Re: Strange download
Qowieury
Enthusiast - Level 1

Also happening on my note 4

0 Likes
Re: Strange download
deloused
Master - Level 3

It's very common, even on my iPhone.

0 Likes
Re: Strange download
CodeFarmer
Newbie

I got this too and deleted it.  But for those interested here are the contents:

<!DOCTYPE html>

<html>

    <head>

        <meta charset="utf-8" />

        <title>easyXDM cross-domain XMLHttpRequest provider</title>

        <script type="text/javascript" src="http://z.cdn.turner.com/xslo/cvp/easyxdm/js/easyXDM.ugly.js"></script>

        <script type="text/javascript">

            easyXDM.DomHelper.requiresJSON("http://z.cdn.turner.com/xslo/cvp/easyxdm/js/json2.ugly.js");

        </script>

        <script type="text/javascript">

/*

* This is a CORS (Cross-Origin Resource Sharing) and AJAX enabled endpoint for easyXDM.

* The ACL code is adapted from pmxdr (http://github.com/eligrey/pmxdr/) by Eli Grey (http://eligrey.com/)

*

*/

// From http://peter.michaux.ca/articles/feature-detection-state-of-the-art-browser-scripting

function isHostMethod(object, property) {

    var t = typeof object[property];

    return t === 'function' || (!!(t === 'object' && object[property])) || t === 'unknown';

}

/**

* Creates a cross-browser XMLHttpRequest object

* @return {XMLHttpRequest} A XMLHttpRequest object.

*/

var getXhr = (function () {

    var item;

    if (isHostMethod(window, "XMLHttpRequest")) {

        return function () {

            return new XMLHttpRequest();

        };

    }

    item = (function () {

        var list = ["Microsoft", "Msxml2", "Msxml3"],

            i = list.length,

            obj;

        while (i--) {

            try {

                item = list[i] + ".XMLHTTP";

                obj = new ActiveXObject(item);

                return item;

            } catch (e) {

            }

        }

    }());

    return function () {

        return new ActiveXObject(item);

    };

}());

// this file is by default set up to use Access Control - this means that it will use the headers set by the server to decide whether or not to allow the call to return

var useAccessControl = false;

// always trusted origins, can be exact strings or regular expressions

var alwaysTrustedOrigins = [(/\.?turner\.com(:\d+)?$/)];

// instantiate a new easyXDM object which will handle the request

var remote = new easyXDM.Rpc({

    // local: "/name.html",

    swf: "http://i.cdn.turner.com/xslo/cvp/easyxdm/swf/easyxdm.swf"

}, {

    local: {

        // define the exposed method

        request: function (config, success, error) {

            var isPOST = config.method === "POST",

                pairs = [],

                key = '',

                data = '',

                req,

                prop = '',

                timeout,

                alwaysTrusted = true,

                i = alwaysTrustedOrigins.length;

            // apply default values if not set

            easyXDM.apply(config, {

                method: "POST",

                headers: {

                    "Content-Type": "application/x-www-form-urlencoded",

                    "X-Requested-With": "XMLHttpRequest"

                },

                success: Function.prototype,

                error: function (msg) {

                    throw new Error(msg);

                },

                data: {},

                timeout: 10 * 1000

            }, true);

            // set the CORS request header

            // only if there is no XHR2 features

            if (!window.XMLHttpRequest || !('withCredentials' in (new XMLHttpRequest))) {

                config.headers.Origin = remote.origin;

            }

            // convert the data into a format we can send to the server

            for (key in config.data) {

                if (config.data.hasOwnProperty(key)) {

                    pairs.push(encodeURIComponent(key) + "=" + encodeURIComponent(config.data[key]));

                }

            }

            data = pairs.join("&");

            // create the XMLHttpRequest object

            req = getXhr();

            url = !isPOST && data

                ? config.url + (~config.url.indexOf('?') ? '&' : '?') + data

                : config.url;

            req.open(config.method, url, true);

            // apply the request headers

            for (prop in config.headers) {

                if (config.headers.hasOwnProperty(prop) && config.headers[prop]) {

                    req.setRequestHeader(prop, config.headers[prop]);

                }

            }

            // set a timeout

            timeout = setTimeout(function () {

                // reset the handler

                req.onreadystatechange = Function.prototype;

                req.abort();

                req = null;

                error({

                    message: "timeout after " + config.timeout + " second",

                    status: 0,

                    data: null,

                    toString: function () {

                        return this.message + " Status: " + this.status;

                    }

                }, null);

            }, config.timeout);

            // check if this origin should always be trusted

            while (i-- && !alwaysTrusted) {

                if (alwaysTrustedOrigins[i] instanceof RegExp) {

                    alwaysTrusted = alwaysTrustedOrigins[i].test(remote.origin);

                } else if (typeof alwaysTrustedOrigins[i] === "string") {

                    alwaysTrusted = (remote.origin === alwaysTrustedOrigins[i]);

                }

            }

            // define the onreadystate handler

            req.onreadystatechange = function () {

                var rawHeaders,

                    headers,

                    headers_lowercase,

                    reHeader,

                    m,

                    errorMessage,

                    aclAllowedOrigin,

                    aclAllowedMethods;

                if (req.readyState === 4) {

                    clearTimeout(timeout);

                    // parse the response headers

                    rawHeaders = req.getAllResponseHeaders();

                    headers = {};

                    headers_lowercase = {};

                    reHeader = /([\w-_]+):\s+(.*)$/gm;

                    while ((m = reHeader.exec(rawHeaders))) {

                        headers_lowercase[m[1].toLowerCase()] = headers[m[1]] = m[2];

                    }

                    if (req.status < 200 || req.status >= 300) {

                        if (useAccessControl) {

                            error("INVALID_STATUS_CODE");

                        } else {

                            error("INVALID_STATUS_CODE", {

                                status: req.status,

                                data: req.responseText

                            });

                        }

                    } else {

                        if (useAccessControl) {

                            // normalize the valuse access controls

                            aclAllowedOrigin = (headers_lowercase["access-control-allow-origin"] || "").replace(/\s/g, "");

                            aclAllowedMethods = (headers_lowercase["access-control-allow-methods"] || "").replace(/\s/g, "");

                            // determine if origin is trusted

                            if (alwaysTrusted || aclAllowedOrigin === "*" || aclAllowedOrigin.indexOf(remote.origin) !== -1) {

                                // determine if the request method was allowed

                                if (aclAllowedMethods && aclAllowedMethods !== "*" && aclAllowedMethods.indexOf(config.method) === -1) {

                                    errorMessage = "DISALLOWED_REQUEST_METHOD";

                                }

                            } else {

                                errorMessage = "DISALLOWED_ORIGIN";

                            }

                        }

                        if (errorMessage) {

                            error(errorMessage);

                        } else {

                            success({

                                data: req.responseText,

                                status: req.status,

                                headers: headers

                            });

                        }

                    }

                    // reset the handler

                    req.onreadystatechange = Function.prototype;

                    req = null;

                }

            };

            // issue the request

            req.send(isPOST ? data : "");

        }

    }

});

        </script>

    </head>

    <body>

    </body>

</html>

0 Likes
Re: Strange download
Portlandia
Enthusiast - Level 2

Same thing happened to me tonight.  Is there a way to remove it? If so, how?

0 Likes
Re: Strange download
maryalene
Enthusiast - Level 1

It's downloaded itself 3 times to my Galaxy S4 since last night. Not sure if that's something to be concerned about or if it's just a harmless file. I tried clearing my history and downloads but that didn't seem to help.

0 Likes
Re: Strange download
DanielQDC
Enthusiast - Level 1

This just started happening to me but only when I'm on CNN.  I've had my phone for over a year and never had an xdm_iframe.bin file automatically download before.

Re: Strange download
deloused
Master - Level 3

Yeah they're more and more popular it seems as more websites and browsers adopt html5. I notice it also with my local news app, because they embed ads when you scroll thru the articles and launch video ads before watching a news story.

0 Likes
Re: Strange download
Chrisandra18
Enthusiast - Level 1

Just automatically downloaded on my phone too and won't allow me to delete.  What should I do?

0 Likes