Shilpa
5 Mar 2022
Javascript
I am wondering to do something meaningful. I am trying to add a script the URL, when user click on the URL, it should run the script and show them some results on their browser screen.
My purpose is to add some special effects to the browser. Users can bookmark my link with js code, so when they click on bookmark button, it should run code written with javascript.
Any possible solutions will be highly appreciated.
Rakshit
6 Mar 2022
Best Answer
Your purpose is not bad, but most of browsers follow privacy policies. If you do whatever you said above, it is an example of Cross Site Scripting (XSS) Attack.
Such XSS attacks are depending on the server's weakness and vulnerabilities to breach to your system and read data from your URL, they can also inject some malfunctioning script or viruses into a page in such a way that browser needs to forcefully execute that javascript or data.
Due to major security concerns, any giants of the browsers will not allow such things by default.
Let me explain a simple scenario about what I explained just now,
If you create a URL with javascript and when users hit that URL you will get some data from their form.
In real-time, browsers don't allow it.
What if they allow such a thing?
Browsers would open the door for all kinds of attacks, like stealing passwords of the user will type into login forms, etc. [It might destroy the internet!]
Shilpa
6 Mar 2022
Understood, your explanation is quite generous.
© 2024 Copyrights reserved for web-brackets.com