-2

Is it possible to inject JavaScript into a web-page with the help of a browser extension and guarantee that the page cannot override it? If this is not possible can the extension somehow check if its injected JavaScript is not used or something?

I want to deliver a JavaScript library over a safe channel, but I don't want it on a webserver.

K..
  • 4,044
  • 6
  • 40
  • 85
  • 2
    Who are you trying to protect against? What would be overridden how by whom? What is the purpose of the library? – Bergi Mar 07 '16 at 22:16
  • No, it's not practically possible for you to make an extension that's entirely resistant to detection, if it's doing anything useful. – Jeremy Mar 07 '16 at 23:18

1 Answers1

0

Sounds like a job for chrome extensions. There you'll have a way called "Content Scripts". I hope thats that what youre looking for!

xetra11
  • 7,671
  • 14
  • 84
  • 159
  • Do they get a special namespace or something so they can't be overriden? – K.. Mar 07 '16 at 22:35
  • 1
    Content Scripts will be injected to the page youre on. What do you mean with namespace here? – xetra11 Mar 07 '16 at 22:36
  • I want to let webpages write "plugins" that use features of the browser extension. But I want to prevent webpages to override the core functionality. – K.. Mar 07 '16 at 22:38
  • 1
    Hm I cannot follow your mission exactly. But I recommend you to check out some chrome extension tutorials. Mybe the content scripts used there may be exactly what ur looking for. – xetra11 Mar 07 '16 at 22:41
  • Thank you. I will look into it :) I found `exportFunction()` to make extension function available for page scripts (like: `window.myFunction()`), but I don't know if they could simply be overridden (like: `window.myFunction = doEvil`) – K.. Mar 07 '16 at 22:44