Going through a bunch of JavaScript I do not trust and it has a ton of web address comments like citations but likely some bad stuff in there too. What could be swapped with the address to instead act as a local tripwire or trap?

Just a mild curiosity for scripting stuff.

  • 𞋴𝛂𝛋𝛆@lemmy.worldOPEnglish
    0·
    3 months ago

    Yeah, I could do it. The question is how to redirect a web address to do something useful locally. Like maybe setup an Apache server or something to capture and log any such attempts regardless of how the address is called.

    • sin_free_for_00_days@sopuli.xyzEnglish
      0·
      3 months ago

      If it’s a link to an external site, redirecting to local won’t really do anything useful. I still feel like I’m missing something. I’ll give it a last try.

      If I start a local super basic webserver:

      python3 -m http.server 8000 2>&1 | tee -a logfile.txt

      so that I’m running a server on localhost, port 8000 creating logfile.txt, I can do something like this on the file:

      sed 's|"http://\([^/]*\)|"http://0.0.0.0:8000//1|'

      which should rewrite a url from:

      http://foo.bar/testing/link

      to

      http://0.0.0.0:8000/foo.bar/testing/link

      Now if you click on that link, it won’t do anything except give you an error, but:

      $ cat logfile.txt
127.0.0.1 - - [27/Mar/2026 00:12:49] code 404, message File not found
127.0.0.1 - - [27/Mar/2026 00:12:49] "GET /foo.bar/testing/link HTTP/1.1" 404 -

      so you’d now have a log of all attempts which would be easy to clean up.