用户控制台可以读取本地javascript变量吗?
[英]Can local javascript variables be read by user console?
问题描述
I am trying to create an online lottery system in which user has to guess a number between 1 to 10. If the number matches with the javascript generate random number he will win the lottery. 
我正在尝试创建一个在线彩票系统,其中用户必须猜测一个介于1到10之间的数字。如果该数字与javascript生成随机数匹配,那么他将赢得彩票。 The method I used is: 我使用的方法是:
!function(){ var x = Math.floor((Math.random() * 10)); var btn = document.getElementById("btn"); btn.addEventListener("click", function(){ var user_input = document.getElementById("text").value; if( user_input == x) { alert("Won Lottery", user_input, x); } else { alert(user_input + x + "sorry"); } }); }();
<h2>Guess a number between 1 and 10 </h2> <input id="text" type="text"> <button id="btn" type="submit">Submit</button>
My question is, can a hacker open the js console and somehow find the value of local x variable? 我的问题是,黑客可以打开js控制台并以某种方式找到本地x变量的值吗?
1 个解决方案
解决方案1
2 2017-05-08 16:09:30
At this point in the code execution, x is within scope. 在代码执行的这一点上,x在范围内。 You can see in the right column that x = 0 so it's just a case of changing user_input to 0 and then finishing the execution. 您可以在右列中看到x = 0,这只是将user_input更改为0,然后完成执行的一种情况。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.