Skip to content Skip to sidebar Skip to footer
Home / Dom / Javascript

Replace Window Or Document Objects With Javascript Object

Post a Comment
Is there a way to replace 'window' or 'document' objects? What I basically want is to provide some kind of JavaScript Proxy, I want to prevent user from getting 'SOME' (only some!

Solution 1:

You can do the following, but you would have to eval the external script within your function's scope:

functiona(window, document){
  /// in here window and document should be numericsalert(window);
  alert(document);
}

a(123,456);

Or if you had a server-side proxy you could rewrite their code with a wrappered anon function that then called in your proxy document and window object.

;(function(window, document){

  /// the unknown external code here.

})(windowProxy, documentProxy);

There would still be ways around this however, as they might be able to use the following depending on the JS environment:

var win = (function(){returnthis;})();

You may also have to include the other collections to make sure they are not accessible:

;(function(window, document, all, images, ...){ ... }

But, they would also be able to access the original document through any dom elements you allowed them access to as well...

With regards to UPD6

Just in case it's useful you may also want to plug the following holes:

  • setTimeout
  • setInterval

Both the above can be used to evaluate code.

setTimeout('(function(){alert('+'th'+'is'+');})()');

Plus as you are exposing document.write this would also be feasible:

document.write(
  '<img src="data:image/gif;base64,ERROR" '+
     'onerror="alert(th'+'is.ownerDocument);" />'
);

And you should block access to SafeThis and rewrite any mention of it in the target code, otherwise it can be overriden:

SafeThis = function(that){return that;}

Other than that though it seems quite secure. I'm sure there will be other ways round it—if you try hard enough—but it really depends on how determined you think your possible attackers might be ;)

Solution 2:

The "document" global property is non-writable, and non-configurable, so no, you cannot.

// try this in global codeObject.getOwnPropertyDescriptor( this, 'document' ).writable// false

Solution 3:

You can only reassign writable properties, so document and window are off the table.

Post a Comment for "Replace Window Or Document Objects With Javascript Object"