Create an Account
username: password:
 
  MemeStreams Logo

Facebook monitors your alert() usage
search
Home Agent Weblogs Social Network Post Help About

Acidus
Picture of Acidus
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Acidus's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Facebook monitors your alert() usage
Topic: Miscellaneous 12:18 pm EDT, Jul 20, 2009

If you use a bookmarklet on Facebook and it calls window.alert(), it doesn't quite do what you expect. They've re-defined the entire alert() method - it will pop up a box, but it will also behind the scenes send what you tried to pop up to the server!?! Look at Facebook's alert code (shown in an appropriate setting, of course):

More non-malicious use of function clobbering, though not sure why this is in production code.

This example amuses me. In our book Ajax Security we clobber the alert() function as an example and show it in Opera to prove it works on the strictest of browsers.

good stuff.

Facebook monitors your alert() usage

Thread [1]


  
 
Powered By Industrial Memetics		RSS2.0