Currently, a webpage can detect what a scriptlet filter in AdGuard CoreLib app 1 tries to mock XMLHttpRequest API. AdGuard Browser Extension MV2 2 (maybe MV3 too) is not affected.
Step to reproduce:
- Add
example.org#%#//scriptlet('prevent-xhr', 'example.org/call method:OPTIONS')
- Open https://example.org/
- Open the web browser's dev tool and nagivate to the console tab.
- Execute:
(() => {
function reqListener() {
alert(this.responseText);
}
const xhr = new XMLHttpRequest();
xhr.open("OPTIONS", "https://example.org/call");
console.log(xhr.shouldBePrevented)
xhr.send();
})();
Related to #386
Currently, a webpage can detect what a scriptlet filter in AdGuard CoreLib app 1 tries to mock
XMLHttpRequestAPI. AdGuard Browser Extension MV2 2 (maybe MV3 too) is not affected.Step to reproduce:
example.org#%#//scriptlet('prevent-xhr', 'example.org/call method:OPTIONS')Related to #386
Footnotes
I tested with AdGuard for Windows 7.22.9. ↩
5.4.3.1 on Firefox Developer Edition 153.0b6. ↩