Several giant companies, namely Facebook and Netflix, decided to prohibit users from executing JavaScript commands in the console.
This was originally started by Facebook to prevent malicious users from spreading messages (sending a large amount of spam to all Facebook users) by executing specific commands through the JavaScript console.
Of course this gets a lot of flak, but before I got involved, the code they used looked like this:
Copy the code code as follows:
// It seems like Netflix is following Facebook’s lead [https://news.ycombinator.com/item?id=7222129].
(function() {
try {
var $_console$$ = console;
Object.defineProperty(window, "console", {
get: function() {
if ($_console$$._commandLineAPI)
throw "Sorry, for user safety, the console script function has been disabled on this website";
return $_console$$
},
set: function($val$$) {
$_console$$ = $val$$
}
})
} catch ($ignore$$) {
}
})();
Although I'm a soft-spoken person, I actually think this practice is legal. From their perspective, if temporarily disabling the console helps prevent a problem, then it has to be done.
But in the long run, this is really not a good idea; the goal may simply be to block users who rely on them.
Anyway, if you want to prevent the console from executing a script, this code looks good, and it is.