Going through a bunch of JavaScript I do not trust and it has a ton of web address comments like citations but likely some bad stuff in there too. What could be swapped with the address to instead act as a local tripwire or trap?

Just a mild curiosity for scripting stuff.

  • sin_free_for_00_days@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    3 months ago

    I must be missing something here, because sed should be able to do it. Something like:

    echo '"http://foo.bar/"' | sed 's|"http[^"]*|"http:injection|'
    "http:injection"
    
    • 𞋴𝛂𝛋𝛆@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      Yeah, I could do it. The question is how to redirect a web address to do something useful locally. Like maybe setup an Apache server or something to capture and log any such attempts regardless of how the address is called.

      • sin_free_for_00_days@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        If it’s a link to an external site, redirecting to local won’t really do anything useful. I still feel like I’m missing something. I’ll give it a last try.

        If I start a local super basic webserver:

        python3 -m http.server 8000 2>&1 | tee -a logfile.txt
        

        so that I’m running a server on localhost, port 8000 creating logfile.txt, I can do something like this on the file:

        sed 's|"http://\([^/]*\)|"http://0.0.0.0:8000//1|'
        

        which should rewrite a url from:

        http://foo.bar/testing/link
        

        to

        http://0.0.0.0:8000/foo.bar/testing/link
        

        Now if you click on that link, it won’t do anything except give you an error, but:

        $ cat logfile.txt
        127.0.0.1 - - [27/Mar/2026 00:12:49] code 404, message File not found
        127.0.0.1 - - [27/Mar/2026 00:12:49] "GET /foo.bar/testing/link HTTP/1.1" 404 -
        

        so you’d now have a log of all attempts which would be easy to clean up.