Home > Uncategorized > Intercept #AJAX “open” statements in #JavaScript

Intercept #AJAX “open” statements in #JavaScript

September 27, 2021 Leave a comment Go to comments

If you want to change the default behaviour of AJAX across your website, perhaps you want to make sure that every AJAX called is logged before executing, or that it is somehow audited for security before being called, you can use interceptor scripts in Javascript that override the default functionality of the XMLHttpRequest object that is behind every AJAX call, even if a library like JQuery is used ontop of it.

So, for instance, if you wanted to catch the body of all POST requests sent via AJAX, you could do this;

(function(send) {
    XMLHttpRequest.prototype.send = function(body) {
        var info="send data\r\n"+body;
        alert(info);
        send.call(this, body);
    };
})(XMLHttpRequest.prototype.send);

Or, if you wanted to change the destination of all AJAX requests such that all communications are sent via a logging service first, then you could do this;

(function(open) {
    XMLHttpRequest.prototype.open = function(verb,url,async,user,password) {      
        open.call(this, verb,"https://somewhere.com/log",async,user,password);
	this.setRequestHeader("X-Original-URL", url);
    };
})(XMLHttpRequest.prototype.open);

Where somewhere.com/log is obviously fictitious.

Hope this is useful to somebody!

Advertisement
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: