stackoom
  简体   繁体   中英

JavaScript HTTP Request Not in Incognito Mode

 原文  2020-05-20 02:58:30       javascript/ http/ request/ instagram

Question

I'm new to web development and am trying to build a small webpage that'll attempt to detect if anyone's currently logged into Instagram on that browser. If I run my code command-by-command in Chrome's console and manually copy-paste the HTML, it works perfectly. But when I try to run my code separately, it seems to run as if it was in Incognito mode.

How would one get around this? If the user needs to grant my page permission to access Instagram, how would I do that?

Here's the JS part of my code:

const USERNAME_REGEX = /"viewer"\:{.*"full_name"\:"([^"]+)"/gm;
  const FULLNAME = 'full_name\":\"';

  document.addEventListener('DOMContentLoaded', () => {
    const request = new XMLHttpRequest();
    request.open('GET', 'https://instagram.com');
    request.send();
    request.onload = () => {
      const data = request.responseText;
      var u = data.match(USERNAME_REGEX);
      if (u != null) {
        u = u[0];
        u = u.substring(u.indexOf(FULLNAME) + FULLNAME.length).slice(0, -1);
        document.querySelector('#info').innerHTML = u;
      }
      else {
        document.querySelector('#info').innerHTML = 'no one is logged in!';
      }
    }
  });

Thank you:) have a wonderful day!

1 answers

solution1
 3 ACCPTED  2020-05-20 03:06:01

I'm new to web development and am trying to build a small webpage that'll attempt to detect if anyone's currently logged into Instagram on that browser.

That sounds like a security and privacy nightmare, which fortunately for everyone (you included) isn't possible. (Or at least, it shouldn't be...)

If I run my code command-by-command in Chrome's console and manually copy-paste the HTML, it works perfectly.

Totally different context. You'll find, in fact, that if you run this code in a console that isn't on Instagram.com, it won't work.

Same-origin policy will prevent you from accessing another domain. What you're attempting is a classic cross-origin attack that isn't going to work. CORS would get around this, but Instagram surely isn't going to enable you access.

How would one get around this?

You don't.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Making a get request as if the browser is in incognito mode? Javascript effect works in "Incognito mode" only (Chrome) Javascript to delete all cookies and cache, like incognito-mode Javascript For Cross Browser Detection of Incognito Mode (Private Browsing) Is JavaScript Source Mapping affected when running Chrome in Incognito Mode? Is there any way to check browser works with incognito mode or not by using javascript? HTTP GET request working on normal session but not in 'incognito' session LocalStorage in chrome Incognito Mode Social login is not working with incognito mode How to regconize incognito mode and open new tab in an existing incognito window?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM