启用复制并粘贴到HTML字段
[英]Enable copy and paste in to HTML fields
问题描述
I come across some extremely paranoid financial websites that are too stupid to think that disabling copy and paste on their login forms somehow makes them secure. 
我遇到了一些极其偏执的金融网站,这些网站太愚蠢了,以为在登录表单上禁用复制和粘贴会以某种方式使它们安全。 In my case, it is annoying beyond comprehension, since I almost never type in a password, and instead always copy and paste them from KeePass. 就我而言,这令人讨厌,因为我几乎从不输入密码,而是总是从KeePass复制并粘贴密码。 Since these are long generated password, it is very inconvenient to type them in. Over the years, I cooked up the below bookmarklet that worked very well: 由于这些都是长期生成的密码,因此键入它们非常不便。多年来,我精心编写了以下效果很好的书签:
javascript:it = document.evaluate('//input[string-length(@onpaste)!=0]' , document, null, XPathResult.ANY_TYPE , null ); t = it.iterateNext(); while (t) {t.onpaste=undefined; t.oncopy=undefined; t.onfocus=undefined; t.onblur=undefined; t.onkeydown=undefined; t.onkeypress=undefined; t.ondrag=undefined; t.ondrop=undefined; t.onclick=undefined; t.onkeydown = undefined; t.onkeyup = undefined; t.onmousemove = undefined; t.onmouseout = undefined; t.onmouseover = undefined; t.onchange = undefined; it = it.iterateNext(); }
Lately, I am hitting new and redesigned websites where this is no longer working. 最近,我访问了不再有效的新的和重新设计的网站。 I spent some time on one such website and confirmed that the script is in deed iterating through all the relevant input fields and setting the corresponding event handlers to undefined , but for some reason it doesn't take effect. 我在一个这样的网站上花费了一些时间,并确认该脚本确实在所有相关输入字段中进行了迭代,并将相应的事件处理程序设置为undefined ,但是由于某种原因,它没有生效。 After running the bookmarklet, if I inspect the element, I can still see the events that effectively disable the paste operations. 运行小书签后,如果检查元素,仍然可以看到有效禁用粘贴操作的事件。
To reproduce, please visit this website and click on "Continue Login" and try to use the above bookmarklet. 要复制,请访问此网站并单击“继续登录”,然后尝试使用上述书签。 You would notice that it enables copy and paste on the username field, but not on the password field. 您会注意到,它启用了在用户名字段而不是在密码字段上进行复制和粘贴的功能。 I don't know what sort of JS black magic they are using, but could someone help me figure it out? 我不知道他们使用的是哪种JS黑魔法,但是有人可以帮我弄清楚吗?
1 个解决方案
解决方案1
1 已采纳
After trying out the bookmarketlet on Firefox, I got a useful error message that helped me find a typo and get it working correctly. 在Firefox上尝试了书市之后,我收到了一条有用的错误消息,该错误消息帮助我找到了一个错字并使其正常工作。 I then noticed that Chrome was also giving me an error, but it wasn't descriptive enough, so it was misleading and I didn't pay attention to it. 然后,我注意到Chrome也给了我一个错误,但是它的描述性不够,因此具有误导性,我也没有注意。 The typo was the final statement in which the iterator is advanced, which should have been t = it.iterateNext() and instead it was written as it = it.iterateNext() . 错字是对迭代器进行高级处理的最终语句,应该是t = it.iterateNext() ,而应以it = it.iterateNext()编写。 Due to this typo, the loop bails out with an error after processing the very first text field. 由于这种错字,在处理了第一个文本字段后,循环会因出错而失败。 Though I have been using this bookmarketlet for a very long time, I didn't notice the typo because I didn't encounter sites that had more than one such fields. 尽管我使用该书店已经很长时间了,但我没有注意到错字,因为我没有遇到过包含多个此类字段的网站。 I am now maintaining an improved version of this bookmarklet in a gist . 我现在保持这个书签的一个改进版本一个要点 。
This bookmarklet does two things: 此小书签可以做两件事:
- Search for text and password fields with the event listener attributes that are commonly used to block pasting 使用通常用于阻止粘贴的事件侦听器属性搜索文本和密码字段
- Remove all these event listener attributes 删除所有这些事件侦听器属性
- Set a paste handler that sets the target value to what is in the clipboard. 设置粘贴处理程序,将目标值设置为剪贴板中的值。 This extra step helps on some stubborn websites that take additional steps (which I don't currently comprehend) for blocking the paste. 此额外步骤可帮助某些顽固的网站采取其他步骤(我目前不理解)来阻止粘贴。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.