Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

Learn More

话题已存档。 如果需要帮助请提出新问题。

How can I block a website from spamming the browser's web dev console?

Flannery_Moore
Flannery_Moore
more options

I've noticed that some websites will endlessly spam the console (in developer tools) with rubbish, and I would like to be able to block that from happening. I'm ignorant about this sort of stuff in general, and it confuses me how a website can even access my browser's console to begin with.

The latest example I came across which caused me to finally ask about it, was some strange JavaScript spam with some kind of < div > (had to edit this with spaces to show it in the post) structure containing over a thousand characters. This entire thing gets spammed in the console at a rate of a few every second. I recorded a short gif of it, which imgur seems to have converted into a video: https://i.imgur.com/dosMZjo.mp4

I've noticed that some websites will endlessly spam the console (in developer tools) with rubbish, and I would like to be able to block that from happening. I'm ignorant about this sort of stuff in general, and it confuses me how a website can even access my browser's console to begin with. The latest example I came across which caused me to finally ask about it, was some strange JavaScript spam with some kind of < div > ''(had to edit this with spaces to show it in the post)'' structure containing over a thousand characters. This entire thing gets spammed in the console at a rate of a few every second. I recorded a short gif of it, which imgur seems to have converted into a video: https://i.imgur.com/dosMZjo.mp4

由Flannery_Moore于修改

被采纳的解决方案

Any script can output to the console log using

console.log('Whatever I want to put here...');

but it's difficult to think of what they might have been trying to achieve in that case when you aren't generating any events (for example, mousing around over the page, scrolling, expanding/closing elements, etc.).

I'm not aware of any built-in defense against this, but one possibility is to inject a script into the page that makes the console.log() function do nothing on that page. For example:

console.log=function(){}

Of course, you can run that in the console, but for more convenience, you can save the script as a "bookmarklet" (bookmark whose url starts with javascript:) on your toolbar or menu to quickly run the script in the context of the currently displayed page.

I posted one here as an example: https://www.jeffersonscher.com/res/sumomarklets.html#nolog

定位到答案原位置 👍 1

所有回复 (2)

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

选择的解决方案

Any script can output to the console log using

console.log('Whatever I want to put here...');

but it's difficult to think of what they might have been trying to achieve in that case when you aren't generating any events (for example, mousing around over the page, scrolling, expanding/closing elements, etc.).

I'm not aware of any built-in defense against this, but one possibility is to inject a script into the page that makes the console.log() function do nothing on that page. For example:

console.log=function(){}

Of course, you can run that in the console, but for more convenience, you can save the script as a "bookmarklet" (bookmark whose url starts with javascript:) on your toolbar or menu to quickly run the script in the context of the currently displayed page.

I posted one here as an example: https://www.jeffersonscher.com/res/sumomarklets.html#nolog

Flannery_Moore
Flannery_Moore 提问者
more options

jscher2000 - Support Volunteer said
Any script can output to the console log using console.log('Whatever I want to put here...'); but it's difficult to think of what they might have been trying to achieve in that case when you aren't generating any events (for example, mousing around over the page, scrolling, expanding/closing elements, etc.). I'm not aware of any built-in defense against this, but one possibility is to inject a script into the page that makes the console.log() function do nothing on that page. For example: console.log=function(){} Of course, you can run that in the console, but for more convenience, you can save the script as a "bookmarklet" (bookmark whose url starts with javascript:) on your toolbar or menu to quickly run the script in the context of the currently displayed page. I posted one here as an example: https://www.jeffersonscher.com/res/sumomarklets.html#nolog

Thank you for this. Just entering `console.log=function(){}` into the console whilst on the page stopped the spam entirely. In doing so, I also discovered what the purpose of that spam might be; at the top of the log is a large message which claims they are logging every action taken on the page. They claim that they're doing so to try and catch people who would copy the content of their site. Screenshot: https://i.imgur.com/scBsIUi.png

Regarding adding a bookmark, I believe I correctly did what you instructed and added `javascript:console.log=function(){}`. However clicking the bookmark causes the entire page to go blank with the raw text `function(){}` displayed. I assume this isn't intended, because it stops me from using the website lol. Did I misunderstand? Edit: It seems I did misunderstand. After adding `javascript:void(console.log=function(){})` instead, it worked as intended via bookmark.

Either way, you sucessfully answered my query and my issue is resolved. So again, thank you.

由Flannery_Moore于修改