Blocking malicious JS via jsdIDebuggerService
let's say i open a document that has many subdocuments (iframes).
Some of the documents contain JS that i want to block from running.
I tried listening for JS executions via hooks in the jsds, but the
only way i have found to "stop" the execution of scripts is via
This is obviously a stupid way to achieve what i want, because jsds is
shared among all documents and if i pause the execution in one, other
will not run their JS further, either.
The JS code might be obfuscated(eval, hex code, ...) so i must use the
jsds to listen to the executions and read the "pretty code" and look
for bad code from there.
This means i can't listen for files being downloaded in firefox and
then altering their content.
Is there a way i can block certain jsdIScript elements - those which
contain bad JS - from executing perhaps?
Or is it possible to skip certain lines of JS from being executed?
i have no problem with blocking the entire document's JS if it
contains bad JS somewhere. The only thing is that parents must
continue their JS flow.
Re: Blocking malicious JS via jsdIDebuggerService
> The 'jsds'?[/color]
> > i have no problem with blocking the entire document's JS if it
> > contains bad JS somewhere. The only thing is that parents must
> > continue their JS flow.[/color]
there's a hierarchy of documents in my case. contained within each
other with the use of HTML iframes. if i stop JS in one document, the
parents (actually siblings also) - other frames - should not be
by the stopping of JS in one document.
thanks for the RETURN_CONTINUE hint, i'll take a look at those ret
values :). seems to be what i am looking for