Instantly share code, notes, and snippets.

Embed
What would you like to do?
responseURLに対応していないライブラリを使っているときにクロスドメイン通信を無理やり止める
// responseURLに対応していないライブラリを使っているときにクロスドメイン通信を無理やり止める
// https://github.com/jquery/jquery/pull/1615
// responseURL
// https://bugzilla.mozilla.org/show_bug.cgi?id=998076
// https://bugs.chromium.org/p/chromium/issues/detail?id=377583
// https://bugs.webkit.org/show_bug.cgi?id=136938
new function(){
var base = location.origin;
var orig = XMLHttpRequest.prototype;
["response","responseText","responseXML"].forEach(function(prop){
var orig_getter = Object.getOwnPropertyDescriptor(orig, prop).get;
Object.defineProperty(orig, prop, {
get: function(){
var val = orig_getter.call(this);
if (base !== new URL(this.responseURL).origin) {
console.log("cross origin request detected!!!");
throw "cross origin request detected";
}
return val;
}
});
});
};
/*
OR
function MyXMLHttpRequest(){
var xhr = new XMLHttpRequest;
var base = location.origin;
var orig = XMLHttpRequest.prototype;
["response","responseText","responseXML"].forEach(function(prop){
var orig_getter = Object.getOwnPropertyDescriptor(orig, prop).get;
Object.defineProperty(xhr, prop, {
get: function(){
var val = orig_getter.call(this);
if (base !== new URL(this.responseURL).origin) {
console.log("cross origin request detected!!!");
throw "cross origin request detected";
}
return val;
}
});
});
return xhr;
}
var xhr = new MyXMLHttpRequest;
...
*/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment