[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

comp.lang.javascript

Catching http request with JavaScript

mireero

1/7/2016 9:36:00 AM

Hi,

Some addons like adblocks, ghostery... are using some browser specific
functionalities to "regular expression block" some specific http requests.

Is there any cross-browser way of achieving something similar using
regular JavaScript?

For example I'd like to block some <img> tag or to modify on the fly
involved request headers.

I know you cannot act on the DOM before it is loaded and after it looks
too late but I'm still asking as my knowledge isn't 100% wide.

Thanks in advance.
3 Answers

Tim Streater

1/7/2016 9:44:00 AM

0

In article <568e31ca$0$19736$426a74cc@news.free.fr>, mireero
<mireero@free.fr> wrote:

>Hi,
>
>Some addons like adblocks, ghostery... are using some browser specific
>functionalities to "regular expression block" some specific http requests.
>
>Is there any cross-browser way of achieving something similar using
>regular JavaScript?
>
>For example I'd like to block some <img> tag or to modify on the fly
>involved request headers.
>
>I know you cannot act on the DOM before it is loaded and after it looks
>too late but I'm still asking as my knowledge isn't 100% wide.

What I do is create a new DOM element, load the html into that, then
modify *that* DOM to remove <img> or other tags I don't trust, and then
load that modified DOM into an <iframe> for display.

This also prevents the browser from doing speculative downloading of
(e.g.) images while your javascript is still running. What I had done
originally was load the HTML into the live DOM, and then modify it, on
the basis that I could do that before rendering started because
javascript is supposed to be single-threaded. But I still saw network
activity of images being downloaded and then guessed that the browser
was doing stuff behind my back.

--
"If you're not able to ask questions and deal with the answers without feeling
that someone has called your intelligence or competence into question, don't
ask questions on Usenet where the answers won't be carefully tailored to avoid
tripping your hair-trigger insecurities." - D M Procida, UCSM

Stefan Weiss

1/7/2016 12:50:00 PM

0

On 01/07/2016 10:36, mireero wrote:
> Some addons like adblocks, ghostery... are using some browser specific
> functionalities to "regular expression block" some specific http requests.
>
> Is there any cross-browser way of achieving something similar using
> regular JavaScript?

Not directly; the API required for that is not available in regular
documents. But you can always write a simple extension yourself, or add
custom user scripts with GreaseMonkey (on Firefox) or TamperMonkey (on
Chrome).

> For example I'd like to block some <img> tag or to modify on the fly
> involved request headers.

If you know the source location, you can just block an image with an ad
blocker. Other than that (depending on your requirements), a local
filtering proxy may be useful. Some desktop firewalls also have the
ability to filter/modify requests.

- stefan

JJ

1/8/2016 6:08:00 AM

0

On Thu, 7 Jan 2016 10:36:10 +0100, mireero wrote:
> Hi,
>
> Some addons like adblocks, ghostery... are using some browser specific
> functionalities to "regular expression block" some specific http requests.
>
> Is there any cross-browser way of achieving something similar using
> regular JavaScript?
>
> For example I'd like to block some <img> tag or to modify on the fly
> involved request headers.
>
> I know you cannot act on the DOM before it is loaded and after it looks
> too late but I'm still asking as my knowledge isn't 100% wide.
>
> Thanks in advance.

Yes by using event listeners for events such as "click" and "submit",
checking for any "source" property of elements when they're about to be
added into the document, as well as hooking object methods (e.g.
XMLHTTPRequest.send(), Document.appendChild(), Document.write(), etc.). But
these don't cover everything.

For examples: any server-side created HTML elements on web pages that use
and has an assigned external source (e.g. IFRAME, STYLE, IMG, SCRIPT,
OBJECT, etc.); and any URL that was opened from outside of any opened
document (e.g. address bar, bookmark, applications other than the current
web browser).

Most of these are beyond reach without browser specific API whether the
script is a script in the document or as a GreaseMonkey/UserScript. The last
example (applications other than the current web browser; that opens an URL)
is beyond the scope of a web browser. Although it's possible that the web
browser application be added with that feature, this one is more like a
system rather than web browser feature. Moreover, it will require
programming language other than JavaScript. e.g. C++

Monitoring/intercepting HTTP request/response headers will require browser
specific API, assuming they expose the HTTP headers rather than just the
URL.

As an alternative, you might want to use a Node.js based local HTTP/S proxy
server instead. Node.js is like the Java Runtime Environment except it uses
JavaScript instead of Java. It'll run as a separate application and be cross
browser as well as cross platform (actually it doesn't matter what the
HTTP/S client is). Moreover, you can filter web contents before they arrive
into the web browsers.