How can I block a website from spamming the browser's web dev console?
I've noticed that some websites will endlessly spam the console (in developer tools) with rubbish, and I would like to be able to block that from happening. I'm ignorant about this sort of stuff in general, and it confuses me how a website can even access my browser's console to begin with.
The latest example I came across which caused me to finally ask about it, was some strange JavaScript spam with some kind of < div > (had to edit this with spaces to show it in the post) structure containing over a thousand characters. This entire thing gets spammed in the console at a rate of a few every second. I recorded a short gif of it, which imgur seems to have converted into a video: https://i.imgur.com/dosMZjo.mp4
Променено на от Flannery_Moore
Избрано решение
Any script can output to the console log using
console.log('Whatever I want to put here...');
but it's difficult to think of what they might have been trying to achieve in that case when you aren't generating any events (for example, mousing around over the page, scrolling, expanding/closing elements, etc.).
I'm not aware of any built-in defense against this, but one possibility is to inject a script into the page that makes the console.log() function do nothing on that page. For example:
console.log=function(){}
Of course, you can run that in the console, but for more convenience, you can save the script as a "bookmarklet" (bookmark whose url starts with javascript:) on your toolbar or menu to quickly run the script in the context of the currently displayed page.
I posted one here as an example: https://www.jeffersonscher.com/res/sumomarklets.html#nolog
Прочетете този отговор в контекста 👍 1Всички отговори (2)
Избрано решение
Any script can output to the console log using
console.log('Whatever I want to put here...');
but it's difficult to think of what they might have been trying to achieve in that case when you aren't generating any events (for example, mousing around over the page, scrolling, expanding/closing elements, etc.).
I'm not aware of any built-in defense against this, but one possibility is to inject a script into the page that makes the console.log() function do nothing on that page. For example:
console.log=function(){}
Of course, you can run that in the console, but for more convenience, you can save the script as a "bookmarklet" (bookmark whose url starts with javascript:) on your toolbar or menu to quickly run the script in the context of the currently displayed page.
I posted one here as an example: https://www.jeffersonscher.com/res/sumomarklets.html#nolog
jscher2000 - Support Volunteer said
Any script can output to the console log using console.log('Whatever I want to put here...'); but it's difficult to think of what they might have been trying to achieve in that case when you aren't generating any events (for example, mousing around over the page, scrolling, expanding/closing elements, etc.). I'm not aware of any built-in defense against this, but one possibility is to inject a script into the page that makes the console.log() function do nothing on that page. For example: console.log=function(){} Of course, you can run that in the console, but for more convenience, you can save the script as a "bookmarklet" (bookmark whose url starts with javascript:) on your toolbar or menu to quickly run the script in the context of the currently displayed page. I posted one here as an example: https://www.jeffersonscher.com/res/sumomarklets.html#nolog
Thank you for this. Just entering `console.log=function(){}` into the console whilst on the page stopped the spam entirely. In doing so, I also discovered what the purpose of that spam might be; at the top of the log is a large message which claims they are logging every action taken on the page. They claim that they're doing so to try and catch people who would copy the content of their site. Screenshot: https://i.imgur.com/scBsIUi.png
Regarding adding a bookmark, I believe I correctly did what you instructed and added `javascript:console.log=function(){}`. However clicking the bookmark causes the entire page to go blank with the raw text `function(){}` displayed. I assume this isn't intended, because it stops me from using the website lol. Did I misunderstand?
Edit: It seems I did misunderstand. After adding `javascript:void(console.log=function(){})` instead, it worked as intended via bookmark.
Either way, you sucessfully answered my query and my issue is resolved. So again, thank you.
Променено на от Flannery_Moore