Closed Bug 1585081 Opened 6 years ago Closed 6 years ago

Devtools detection based on function.toString()

Categories

(DevTools :: General, defect)

Product:
DevTools
Component:
General
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: tjr, Unassigned)

References

Details

(Keywords: sec-other)

While investigating some bad content; I discovered that if you have devtools open you'll see the following:

var a = function() { 'return foo'; };
// a.toString() prints:
// function() {
//   return 'dev';
//  }
// That is, the string is broken up onto multiple lines.

If however you don't have devtools open the following happens:

var a = function() { 'return foo'; };
// a.toString() prints:
// function(){return'dev'};
// That is, the string is minimized and has no spaces/line breaks.

We found bad content that was using this difference to tell if devtools was open, and to take different behavior if that was the case.

Group: core-security → firefox-core-security
Keywords: sec-other

I'm having trouble constructing a reproducible test case for this.

I tried with a data url like this: data:text/html,<script>var a = function() { return 'dev'; };</script>
but opening the console and then executing a.toString() in it returns the function on one line as expected.

Also, I'm confused, the function is defined as var a = function() { 'return foo'; }; but then a.toString() prints function(){return'dev'}; (dev instead of foo). What am I missing?

Flags: needinfo?(tom)

Sorry, I conflated two things. The bad content wasn't detecting if devtools was open. It was detecting if you had pretty-printed the source.

Status: NEW → RESOLVED
Closed: 6 years ago
Flags: needinfo?(tom)
Resolution: --- → INVALID
Group: firefox-core-security
You need to log in before you can comment on or make changes to this bug.