Laugh all you want, but console.log can be abused by some threat actors very easily. I mean, output of console.log is not escaped ( or otherwise secured ) in any way
I'm not laughing, but your comment was entirely irrelevant. The console.log I used was simply used to display the result of some sample code - in a similar way to the way the original poster used it. No-one is suggesting in any way that it should be used in production code.
How are web-enabled systems attacked? Of course there are many ways, but first and the most used one method of probing is through reverse engineering output of console.log.
Accessibility First DevRel. I focus on ensuring content created, events held and company assets are as accessible as possible, for as many people as possible.
The console.log is for demonstration purposes, you can just do:
let myNewVar = last
and then return it or use it or whatever, the only bit that is of significance is:
const {length, [length-1]: last} = str
Which I am still processing as Jon always blows my mind with some weird syntax I haven't seen before (or more precisely have seen but don't use so have to then go and do a load of unpacking of his solution 🤣)!
Hello, World! I'm jzombie, a passionate software developer with a knack for problem-solving and a love for open-source. I believe in the power of code to change the world and make our lives easier.
A somewhat unusual way:
Using
console.log
inprod
is discouragedNaked flames in firework factories are discouraged too
Laugh all you want, but
console.log
can be abused by some threat actors very easily. I mean, output ofconsole.log
is not escaped ( or otherwise secured ) in any wayI'm not laughing, but your comment was entirely irrelevant. The
console.log
I used was simply used to display the result of some sample code - in a similar way to the way the original poster used it. No-one is suggesting in any way that it should be used in production code.OK. So imagine this:
How are web-enabled systems attacked? Of course there are many ways, but first and the most used one method of probing is through reverse engineering output of
console.log
.The console.log is for demonstration purposes, you can just do:
let myNewVar = last
and then return it or use it or whatever, the only bit that is of significance is:
const {length, [length-1]: last} = str
Which I am still processing as Jon always blows my mind with some weird syntax I haven't seen before (or more precisely have seen but don't use so have to then go and do a load of unpacking of his solution 🤣)!
@labspl - I'm not disagreeing with you, but - again - this is entirely irrelevant to the post, or to my original comment
@inhuofficial I aim to please :)
This is awesome