15 pointsby aragonite4 days ago4 comments

userbinatora day ago
Be it for malicious intent
"malicious" according to who? Somehow this article makes me think those trying to do things like this are on the pro-DRM side, which I absolutely abhor. The slow and forceful insertion of JS where it's not needed means users will increasingly need to inject and modify JS to retain control of their experience.
- sneakerblacka day ago
  I think this was posted because the of the recent Npm malware fiasco. The malware monkey-patched native JS functions to replace strings that matched crypto addresses in certain the fetch, and XMLHttpRequest functions:
  https://www.aikido.dev/blog/npm-debug-and-chalk-packages-com...
  Considering there's no way to check whether a function is monkey-patched, this just tells me the JavaScript ecosystem was not designed with malicious actors in mind
  - pwdisswordfishz18 hours ago
    It wasn't, but that is not why.
sgammon8 hours ago
of course one can simply monkey patch `toString`, or provide a symbol such that an object stringifies to that value, but sure
rasza day ago
>// Store a reference of the original "clean" native function before any >// other script has a chance to modify it.
joke is on you, adblock loads first and there is no way you will grab unmodified functions to detect it
1718627440a day ago
What is this even good for? When someone decides you now run in a JS emulator, why should you care and try to break out?