I'm supposed to port something to webExtensions. It is an add-on that involves the analysis of Javascript.
I know that since webdevs can't code for toffee, they often use JQuery and whatnot. This confuses me, it's hard to tell what is a library and what isn't.
Where is the official specification for the "syscalls" of Javascript? If I wanted to prevent Javascript from sending information from a browser to the internet, what would I have to block?
Disgusting freckle monster. Hitler should have gassed gingers.
Eli Morgan
tell me about the javascript
Justin Cox
Freckles are hot af actually.
Asher Jackson
scut!
Jackson Brooks
who's this owo
Josiah Gomez
tell me about the javascript
Joshua Evans
It's for gay faggots (lol)
David Reed
Perhaps
I'm making this thread because a certain person who made a certain compiler is asking me difficult questions which I need to know these things about Javascript to answer.
Henry Bennett
since you aren't going away and are too retarded to google it >Where is the official specification for the "syscalls" of Javascript? idk wtf this means javascript doesn't make any kernal level calls, at least not directly. it is a scripting language, it is interpreted and executed by it's runtime environment and that will vary between platforms >If I wanted to prevent Javascript from sending information from a browser to the internet, what would I have to block? post or get of any kind
Christian Hughes
Yes the browser is the kernel in this situation
Javascript is obviously sandboxed. There is an API that allows it to perform IO. I want to allow Javascript to not have any API features that allow it to do any type of AJAX.
Nolan Garcia
You could disable it, or run a script blocker.
James Williams
look for this string new XMLHttpRequest() in the source and kill it
Tyler Gomez
How do you know that's the only way a script can do AJAX
I am the script blocker
Ayden Martin
You have a nice sister.
Chase Gray
developer.mozilla.org will probably tell you everything you need to know.
Jose Carter
Yeah I've used MDN once or twice in my time you insolent cuck
It doesn't answer my questions
Nolan Turner
That's a cute boy.
Noah Sanchez
fetch and XMLHttpRequest, but that's only for customizable requests. There's also some CORS compatible IE only shit.
Also don't forget that if the user really wants to make a "post" or "get" request and get the return value, they could create a form and submit that, with the target being an iFrame that the result could then be read from.
So basically, forget it, OP. If someone wants to sidestep your system, they can. Stopping XHR and fetch will be enough to stop most people, but everyone who is not a retard will still be able to send as much as they want and there's nothing you can do.
Michael Brooks
Block: XMLHttpRequest Fetch Axios Request Json* Get Post Put Any and all http verbs
Brandon Ward
Yes we can, by blocking all traffic from outside domains
Connor Brown
This would require the page to refresh, no?
Chase Russell
No, if you post to the iframe (via the target attribute on the form), then only the iframe's contents get refreshed.
Angel Moore
So we can check to see if forms have iframes as targets
This is the kind of info I needed
Aaron Sanders
Do you want to be stupid rich? Let me marry this girl
Julian Reed
post pic of her feet
Zachary Fisher
What have you done to it's eyes!?
Nathaniel Price
Why would he do that? Varg says gingers are descendants of ancient Egyptian royalty, and Hitler admired ancient Egyptians.
Christian Gonzalez
look at mdn web apis then also look at webextension apis to see if there's something to mitm network requests since that seems to be what you're trying to do