如何分析js代码的运行路径?
只是个最基础的想法了。具体的实践稍微复杂一些:
1 如果script是用src引入的,还要用xhr或者json方式来获得text,可能还需要搭个后台代理。
2 如果function是在命名空间的,可以直接递归for in命名空间去挖里面的public函数出来。
3 private的函数我看就算了,私有函数应该对自己负责,我们没有必要非去整人家的私货。
<HTML>
<BODY>
<SCRIPT LANGUAGE="JavaScript">
<!--
function a(x,y,z){return b(x,y)*c(z)};
function b(x,y){return c(x)*c(y)};
function c(x){return x+x};
setTimeout("alert(a(1,2,3))",0)
//-->
</SCRIPT>
<SCRIPT LANGUAGE="JavaScript">
<!--
(function (){
window._log=[];
function obj2str(o){
var r = [];
if(typeof o =="string") return "/""+o.replace(/([/'/"//])/g,"//$1").replace(/(/n)/g,"//n").replace(/(/r)/g,"//r").replace(/(/t)/g,"//t")+"/"";
if(typeof o =="undefined") return "undefined";
if(typeof o == "object"){
if(o===null) return "null";
else if(!o.length){
for(var i in o)
r.push(i+":"+obj2str(o[i]))
r="{"+r.join()+"}"
}else{
for(var i =0;i<o.length;i++)
r.push(obj2str(o[i]))
r="["+r.join()+"]"
}
return r;
}
return o.toString();
}
function log(s){
_log.push(s);
}
var s=document.getElementsByTagName("SCRIPT")[0].text;
var r=/function (/w+)/(/g;
var fns=s.match(r);
for(var i=0;i<fns.length;i++){
fn=fns[i].replace(r,"$1")
if (typeof window[fn]=="function"){
window[fn]=(function(org,fn){
return function(){
log("进入:"+fn+"/n调用参数:"+obj2str(arguments));
var r=org.apply(null,arguments);
log("退出:"+fn+"/n返回值"+obj2str(r));
return r
}
})(window[fn],fn)
}
}
})()
setTimeout("alert(window._log.join('//n//n'))",100)
//-->
</SCRIPT>
</BODY>
</HTML>
<BODY>
<SCRIPT LANGUAGE="JavaScript">
<!--
function a(x,y,z){return b(x,y)*c(z)};
function b(x,y){return c(x)*c(y)};
function c(x){return x+x};
setTimeout("alert(a(1,2,3))",0)
//-->
</SCRIPT>
<SCRIPT LANGUAGE="JavaScript">
<!--
(function (){
window._log=[];
function obj2str(o){
var r = [];
if(typeof o =="string") return "/""+o.replace(/([/'/"//])/g,"//$1").replace(/(/n)/g,"//n").replace(/(/r)/g,"//r").replace(/(/t)/g,"//t")+"/"";
if(typeof o =="undefined") return "undefined";
if(typeof o == "object"){
if(o===null) return "null";
else if(!o.length){
for(var i in o)
r.push(i+":"+obj2str(o[i]))
r="{"+r.join()+"}"
}else{
for(var i =0;i<o.length;i++)
r.push(obj2str(o[i]))
r="["+r.join()+"]"
}
return r;
}
return o.toString();
}
function log(s){
_log.push(s);
}
var s=document.getElementsByTagName("SCRIPT")[0].text;
var r=/function (/w+)/(/g;
var fns=s.match(r);
for(var i=0;i<fns.length;i++){
fn=fns[i].replace(r,"$1")
if (typeof window[fn]=="function"){
window[fn]=(function(org,fn){
return function(){
log("进入:"+fn+"/n调用参数:"+obj2str(arguments));
var r=org.apply(null,arguments);
log("退出:"+fn+"/n返回值"+obj2str(r));
return r
}
})(window[fn],fn)
}
}
})()
setTimeout("alert(window._log.join('//n//n'))",100)
//-->
</SCRIPT>
</BODY>
</HTML>