2

As per the question title.

Although not required; I would like to stop people from executing functions on my page via the console... Is this even possible?

I've tried a few things, this is the closest I've come - but this doesn't work :(

    window.onresize = function(){
        if((window.outerHeight - window.innerHeight) > 100) {
            //stop commands here?
        }
    }
    window.onload = function() {
        if (typeof console !== "undefined" || typeof console.log !== "undefined") {
            if (window.console && (window.console.firebug || window.console.exception)) {
                    //stop commands here?
            }
        }
    }

EDIT:
I don't have to disable the console, just function calls made within it - either solution would be fine though ;)

EDIT2:
So, to get this right... There is now no way of detecting the console crossbrowser at all?

EDIT3:
I've sort of got around it by doing the following, although the JS functions are still in place - the elements that they relate to are not... Not a great fix, but I guess it'll do... :( 

        setInterval(function() {
            if (!$.browser.mozilla) {
                if((window.outerHeight - window.innerHeight) > 100) {
                    alert("DISABLED!");
                    $('body').remove();
                    return false;
                }
            }
            if (window.console && (window.console.firebug || window.console.exception)) {
                alert("DISABLED!");
                $('body').remove();
                return false;
            }
        }, 750);
Improve this question
1
  • The height check is an especially bad idea. It'll fire for users with too much toolbar space, and won't fire for users running a console in a separate window. Commented Oct 23, 2012 at 14:59

1 Answer 1

Reset to default
2

It is not good to try detecting console via window width. This may cause some issues on other Browsers, too. If you just want protect your functions:

As you have e.g a button:

<button onclick="someFunction()"></button>

The someFunction is of course accessable via the console. But if you do not let the user know about your function name, he can not call the function, can he? See here:

<script type="text/javascript">
//obsfuscate this code
$(function() {
$("#theButton").on("click", someFunction);
})
</script>
<button id="theButton"></button>

This is just a possible solution. But rembember, no javascript solution can be 100% secure, because the User knows all of your code, obsfuscated or not.

Improve this answer
Sign up to request clarification or add additional context in comments.

11 Comments

(420!) I understand, there used to be a way of detecting the console. But this has been removed also - so is there no work around any more? :(
As far as I know, not, but why do you need this? maybee there is another way, depends on what you are specially looking for ..
I have a load of variables being set up in the JS and I don't want the user to be able to change the values using the console.
JavaScript is client side, so the client can change what he wants. The only way is if you move as much as your code/logic to a server - side script ..
So, to get this right... There is now no way of detecting the console crossbrowser at all?
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.