Domの Hijacking

Write the front

For the hijacking of the operator which has

Put the original page into the IFRAME and then a peer ad. The solution to this problem is to detect if it is embedded in an IFRAME and then the href jumps out! But it doesn't work!

If there is a solution, please share ~

---------------------------------------------------------

Monitoring of the DOM is something mutation does, but that thing is asynchronous, which means it can't be manipulated before rendering.

In low-version ie, it's a dream to hijack Dom because those ' antiques ' have no concept of prototype chain!

An example of a appendchild hijacking exists in node.

As follows

{        Const ACD = Node.prototype.appendChild;        Node.prototype.appendChild = function (... a) {            if (/script/i.test (a[0].nodename) &&                !/([\s\s]+) (?: \. Miku\.js)/.test (A[0].SRC)            ) {                return Console.warn (' ... ');            }            Acd.apply (this, a);        };     }

Next, if append a script tag to make it src A.js then it won't succeed.

Only the src of the script tag will not be hijacked until the end of the. Miku.js

Of course, you can hijack the get set for innerHTML as follows

{            const ET = element.prototype;             CONST FN = object.getownpropertydescriptor (Et, ' InnerHTML ');            Object.defineproperties (Et, {                InnerHTML: {                     get () {                             return fn.get.apply (this,arguments);                       }                     , Set (s) {                         fn.set.apply (this,[new Array (1e1). Join (s)]);}}            );        } Const D = document.createelement (' div ');        d.innerhtml = ' Meng Meng Meng ';

The whole DOM is in control!

But not all property methods can be hijacked. You can try it yourself.

The norm is too messy or too dependent on this thing.

Domの Hijacking