Home/ Questions/Q 6019821
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T03:28:36+00:00

I’m pulling in a 3rd party JavaScript file which makes use of document.write ,

  • 0

I’m pulling in a 3rd party JavaScript file which makes use of document.write, but what’s being written needs to be manipulated – preferably before it hits the page. What I’ve come up with is the following:

// Hijack document.write to buffer all output...
var dwrite = document.write;
var hijacked = '';
document.write = function(content) {
  hijacked += content;
};
// Call the script...
dwrite("<script type='text/javascript' src='http://www.example.com/file.js'></script>");
// Manipulate the output...
hijacked
  .replace(/a/gi, '4')
  .replace(/e/gi, '3')
  .replace(/i/gi, '1')
  .replace(/o/gi, '0');
// Write the output into the page...
dwrite(hijacked);
// Restore document.write and free our buffer...
document.write = dwrite;
hijacked = null;

With this, I’m getting NS_ERROR_XPC_BAD_CONVERT_JS wherever I attempt to call dwrite. Can anyone offer a suggestion on why this is happening? I don’t see why calling document.write through a different name would blow up.

UPDATE I’m seeing this in Firefox 4.0.1.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I tried this and it worked. Basically I replaced document.write after using it.

    document.write(""
  + "<script>"
  + "var hijacked = '';"
  + "var dw = document.write;"
  + "document.write = function(content) { hijacked += content; }"
  + "<" + "/script>"

  + "<script type='text/javascript' src='test.js'><" + "/script>"

  + "<script>"
  + "document.write = dw;"
  + "dw = null;"
  + "document.write(hijacked.replace(/e/gi, '4'));"
  + "<" + "/script>");
    • 0