[Solved-5 Solutions] How does facebook disable the browser’s integrated developer tools - javascript tutorial
Problem:
How does facebook disable in the browser’s by using an integrated developer tools ?
Solution 1:
Some users to see if it can slow down some attacks where users are tricked pasting JavaScript code into the browser console.
Block hackers to try in the client-side. This protect against a specific social engineering attack.
Chrome wraps all console code:
with ((console && console._commandLineAPI) || {}) {
<code goes here>
}
The site as redefines console._commandLineAPI to throw:
Object.defineProperty(console, '_commandLineAPI',
{
get : function()
{
throw 'Nooo!'
}
})
The console from user-side JS was a bug and fixed the issue.
Read Also
15 Best Safari Browser ExtensionsSolution 2:
In the script, Using Chrome developer tools.
Object.defineProperty(window, "console", {
value: console,
writable: false,
configurable: false
});
var i = 0;
function showWarningAndThrow() {
if (!i) {
setTimeout(function () {
console.log("%cWarning message", "font: 2em sans-serif; color: yellow; background-color: red;");
}, 1);
i = 1;
}
throw "Console is disabled";
}
var l, n = {
set: function (o) {
l = o;
},
get: function () {
showWarningAndThrow();
return l;
}
};
Object.defineProperty(console, "_commandLineAPI", n);
Object.defineProperty(console, "__commandLineAPI", n);
In the console auto-complete to be fails. While statements typed in console will fail to execute (the exception will be logged).
Solution 3:
Triggering couldn't be occur on any page.
window.console.log = function(){
console.error('The developer console is temp...');
window.console.log = function() {
return false;
}
}
console.log('test');
Read Also
Best Google Chrome ExtensionsSolution 4:
To implements a Netflix in this feature:
(function() {
try {
var $_console$$ = console;
Object.defineProperty(window, "console", {
get: function() {
if ($_console$$._commandLineAPI)
throw "Sorry, for security reasons, the script console is deactivated on netflix.com";
return $_console$$
},
set: function($val$$) {
$_console$$ = $val$$
}
})
} catch ($ignore$$) {
}
})();
An overriding the console._commandLineAPI to throw security error.
Solution 5:
This solution is very simple.
Object.getOwnPropertyNames(console).filter(function(property) {
return typeof console[property] == 'function';
}).forEach(function (verb) {
console[verb] =function(){return 'Sorry, for security reasons...';};
});