A solution to 4 bypasses I thought of
donno2048 opened this issue · comments
Here are some bypasses:
- You can paste this to the search bar:
javascript:document.body.replaceChildren(document.createTextNode(document.body.innerHTML))
while on the page. - Or simply go to:
view-source:https://theajack.github.io/disable-devtool/
- Also, I'm pretty sure (but haven't tested) you could just use an extension to inject script to the page.
- Also, you can just
curl
orwget
the page.
you should introduce some delay in the content loading (like a blank screen for a while and then load the actual content), it'll fix problems 2 and 4 and make 1 and 3 more complicated to abuse.
Getting the source code is easy,
And you can do it in so many ways even without the browser
You won't load any code of this project, how can this project work if it doesn't load at the first time.
But Debugging the website with devtools, is the thing that this project should prevent.
view-source
, curl
can be prevent with some WAF(Cloudflare) with JavaScript challenge enabled
It forces the user to use a browser to load the website with JavaScript enabled,
but it is quite annoying, and it can be bypassed too.
Though you could get code of the page with 1,
but you can't access any API before you pass JavaScript challenge. For static site, well, no API, JavaScript challenge only works for the first time.
Of course you can inject JavaScript code with UserScript Manager such as Tampermonkey
For example, with UserScript, you can bypass even remove the detector
https://gist.github.com/CyanChanges/d680fe30b2b2c1361d94651117447e5e
👍