创建插件来检测可疑 ajax

create plugins to detect suspicious ajax

我想为 Firefox 制作浏览器扩展,检测加载隐藏页面并重定向到新页面的网站的 ajax 代码,例如用户访问 index.php 其中 ajax 加载两个页面,一个是 hiddenpage.php 并重定向到 new.php 。是否有任何其他解决方案可以在客户端检测到此 ajax。

if (xmlhttp.readyState==4 && xmlhttp.status==200)
                {
                    //document.getElementById("myDiv").innerHTML="";
                }
            }
            xmlhttp.open("GET","hidden.php",true);
            xmlhttp.send();
        }

HTML

<a href="new.php" onclick="function();">click here</a>

您可以在用户脚本中修改XMLHttpRequest的原型。

/* Save the old method somewhere, it may be useful if you want to allow some AJAX */
XMLHttpRequest.prototype._send = XMLHttpRequest.prototype.send;

/* Override the previous method to define yours */
XMLHttpRequest.prototype.send  = function () {

    /* Do stuff here */
    alert(1);

    /* Use this line if you want to continue the AJAX request */
    XMLHttpRequest.prototype._send.apply(this, arguments);
}
document.addEventListener('DOMContentLoaded', function() {
    getCurrentTabUrl(function(url) {
        fetchData(url);
    });
});

function fetchData(url)
{
    var xhr = new XMLHttpRequest();
    xhr.open("GET", url, true);
    xhr.onreadystatechange=function()
    {
        if (xhr.readyState==4 && xhr.status==200)
        {
            var data = xhr.responseText;
            var  index = data.indexOf('XMLHttpRequest');
            if(index != -1){
                document.getElementById("status").innerHTML = "The page contains AJAX requests";
            }else{
                document.getElementById("status").innerHTML = "Page doesn't contains AJAX";
            }
            //document.getElementById("status").innerHTML = data;
        }
    }
    //xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
    //xhr.setRequestHeader("Access-Control-Allow-Origin", "*");
    //xhr.setRequestHeader("Access-Control-Request-Method", "POST");
    xhr.send();
}

function getCurrentTabUrl(callback) {
    var queryInfo = {
    active: true,
    currentWindow: true
    };
    chrome.tabs.query(queryInfo, function(tabs) {
        var tab = tabs[0];
        var url = tab.url;
        console.assert(typeof url == 'string', 'tab.url should be a string');
        callback(url);
    });
}
just go through this code you will get the better help