Geek Answers Handbook

Do not allow javascript function call from address bar

I have been working with an online gaming website. There is some kind of event that calls the javascript function, and the function has some callback actions.

something like that,

 <input type="button" onclick="changeSomething"/>


 function changeSomething() {
         /// some call back, which changes something 
 }

Now anyone who knows this can cause this change. Something from the address bar of the browser that I don’t want.

It is very unlikely that anyone will do this, but I want to allow it.

Is there a way to prevent such a situation?

Thanks.

PS I tried, but still not sure if I explained this enough. Please let me know if you do not receive something.

+3
source share
5 answers

100% . .

, - onclick (.. "changeSomething" ) javascript:

HTML:

<input id="foo" type="button" />

JS:

addEvent(document.getElementById("foo"), 'click', function() {
    /// some call back, which changes something
})

(, "changeSomething" ). , !

, , :)

(BTW addEvent - . , . .)

+4

, . , , . , , . -. , , .

+3

, . , doSomething() , , , ( - ).

JavaScript ( ), , . , , ... doSomething ing, .

, , , , .

+1

"" , -... , Opera!

If you disable this, you can get around Firebug, Greasemonkey, or even some proxy server that changes HTML on the fly, not to mention using a local copy of the page, etc.

0
source

You can check the source of the click by passing an identifier:

<input id="good' type="button" onclick="changeSomething(this.id)"/>

 function changeSomething(myId) {
   if(myId!='good') {
    return;
  }

 //......code
}

Revised to:

<input id="good' type="button" onclick="changeSomething(this)"/>

     function changeSomething(myId) {
       if(myId.id!='good') {
        return;
      }

     //......code
    }
-2
source

More articles:


All Articles