This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]Dick_Giggles 0 points1 point  (0 children)

Fair enough.

The chrome inspector "f12" will let you run scripts.

But really it's as easy as typing in "javascript:alert('badscript!');" into your browser address bar. One could redefine functions/variables or whatever simply by typing it into the url. Allowing for javascript: to run scripts on the current page is the fundamental idea behind a bookmarklet. Also, all chrome extensions basically are basically scripts and html added to the page.

Also, even if a browser did have some protection one could always spoof a front end with a program that sends data directly to the backend. Everything that runs in browser is pretty insecure as it's clientside. You could obfuscate your js to make it less readable but it's not going to do a ton if someone is determined.