Avatar for Username

搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

Learn More

此討論串已被封存。 如果您有需要幫助,請新增一個新問題

How can I block a website from spamming the browser's web dev console?

Flannery_Moore
Flannery_Moore
more options

I've noticed that some websites will endlessly spam the console (in developer tools) with rubbish, and I would like to be able to block that from happening. I'm ignorant about this sort of stuff in general, and it confuses me how a website can even access my browser's console to begin with.

The latest example I came across which caused me to finally ask about it, was some strange JavaScript spam with some kind of < div > (had to edit this with spaces to show it in the post) structure containing over a thousand characters. This entire thing gets spammed in the console at a rate of a few every second. I recorded a short gif of it, which imgur seems to have converted into a video: https://i.imgur.com/dosMZjo.mp4

I've noticed that some websites will endlessly spam the console (in developer tools) with rubbish, and I would like to be able to block that from happening. I'm ignorant about this sort of stuff in general, and it confuses me how a website can even access my browser's console to begin with. The latest example I came across which caused me to finally ask about it, was some strange JavaScript spam with some kind of < div > ''(had to edit this with spaces to show it in the post)'' structure containing over a thousand characters. This entire thing gets spammed in the console at a rate of a few every second. I recorded a short gif of it, which imgur seems to have converted into a video: https://i.imgur.com/dosMZjo.mp4

由 Flannery_Moore 於 修改

被選擇的解決方法

Any script can output to the console log using

console.log('Whatever I want to put here...');

but it's difficult to think of what they might have been trying to achieve in that case when you aren't generating any events (for example, mousing around over the page, scrolling, expanding/closing elements, etc.).

I'm not aware of any built-in defense against this, but one possibility is to inject a script into the page that makes the console.log() function do nothing on that page. For example:

console.log=function(){}

Of course, you can run that in the console, but for more convenience, you can save the script as a "bookmarklet" (bookmark whose url starts with javascript:) on your toolbar or menu to quickly run the script in the context of the currently displayed page.

I posted one here as an example: https://www.jeffersonscher.com/res/sumomarklets.html#nolog

從原來的回覆中察看解決方案 👍 1

所有回覆 (2)

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

選擇的解決方法

Any script can output to the console log using

console.log('Whatever I want to put here...');

but it's difficult to think of what they might have been trying to achieve in that case when you aren't generating any events (for example, mousing around over the page, scrolling, expanding/closing elements, etc.).

I'm not aware of any built-in defense against this, but one possibility is to inject a script into the page that makes the console.log() function do nothing on that page. For example:

console.log=function(){}

Of course, you can run that in the console, but for more convenience, you can save the script as a "bookmarklet" (bookmark whose url starts with javascript:) on your toolbar or menu to quickly run the script in the context of the currently displayed page.

I posted one here as an example: https://www.jeffersonscher.com/res/sumomarklets.html#nolog

Flannery_Moore
Flannery_Moore 提出問題者
more options

jscher2000 - Support Volunteer said
Any script can output to the console log using console.log('Whatever I want to put here...'); but it's difficult to think of what they might have been trying to achieve in that case when you aren't generating any events (for example, mousing around over the page, scrolling, expanding/closing elements, etc.). I'm not aware of any built-in defense against this, but one possibility is to inject a script into the page that makes the console.log() function do nothing on that page. For example: console.log=function(){} Of course, you can run that in the console, but for more convenience, you can save the script as a "bookmarklet" (bookmark whose url starts with javascript:) on your toolbar or menu to quickly run the script in the context of the currently displayed page. I posted one here as an example: https://www.jeffersonscher.com/res/sumomarklets.html#nolog

Thank you for this. Just entering `console.log=function(){}` into the console whilst on the page stopped the spam entirely. In doing so, I also discovered what the purpose of that spam might be; at the top of the log is a large message which claims they are logging every action taken on the page. They claim that they're doing so to try and catch people who would copy the content of their site. Screenshot: https://i.imgur.com/scBsIUi.png

Regarding adding a bookmark, I believe I correctly did what you instructed and added `javascript:console.log=function(){}`. However clicking the bookmark causes the entire page to go blank with the raw text `function(){}` displayed. I assume this isn't intended, because it stops me from using the website lol. Did I misunderstand? Edit: It seems I did misunderstand. After adding `javascript:void(console.log=function(){})` instead, it worked as intended via bookmark.

Either way, you sucessfully answered my query and my issue is resolved. So again, thank you.

由 Flannery_Moore 於 修改