我正在尝试向所有本地存储键添加一个“选项卡名称空间”,以便在多个选项卡之间实现站点本地存储的唯一性。
在一个简单的HTML5页面中,假设一个网页有以下脚本:
Storage.prototype._setItem = Storage.prototype.setItem;
Storage.prototype.setItem = function(key, value) {
console.log("intercepted set local storage " + key + " = " + value);
this._setItem(key, value);
}
Storage.prototype._getItem = Storage.prototype.getItem;
Storage.prototype.getItem = function(key) {
console.log("intercepted get local storage " + key);
return this._getItem(key);
}
这样用户就有机会截获本地存储的所有get/set。
现在假设有一个扩展做同样的事情:
var actualCode = `Storage.prototype._setItem = Storage.prototype.setItem;
Storage.prototype.setItem = function(key, value) {
console.log("intercepted set local storage " + key + " = " + value);
this._setItem(key, value);
}
Storage.prototype._getItem = Storage.prototype.getItem;
Storage.prototype.getItem = function(key) {
console.log("intercepted get local storage " + key);
return this._getItem(key);
}
console.log("local storage get/set injector completed");
`;
var script = document.createElement('script');
script.textContent = actualCode;
(document.head||document.documentElement).appendChild(script);
script.remove();
在使用上面的脚本加载页面时启用此扩展时,将出现堆栈溢出:
Uncaught RangeError: Maximum call stack size exceeded
at Storage.getItem [as _getItem] (<anonymous>:48:37)
at Storage.getItem [as _getItem] (<anonymous>:50:17)
at Storage.getItem [as _getItem] (<anonymous>:50:17)
at Storage.getItem [as _getItem] (<anonymous>:50:17)
at Storage.getItem [as _getItem] (<anonymous>:50:17)
at Storage.getItem [as _getItem] (<anonymous>:50:17)
at Storage.getItem [as _getItem] (<anonymous>:50:17)
at Storage.getItem [as _getItem] (<anonymous>:50:17)
at Storage.getItem [as _getItem] (<anonymous>:50:17)
at Storage.getItem [as _getItem] (<anonymous>:50:17)
是否有某种方法可以检测到有人已经执行了拦截的本地存储并防止该问题?
