From 7b8b5a8490d1f2927cb55b9dbd522d4d06c06cca Mon Sep 17 00:00:00 2001 From: Shivam Mishra Date: Thu, 16 Apr 2020 15:46:05 +0530 Subject: [PATCH 1/2] feat: show self xss warning in console --- frappe/public/js/frappe/desk.js | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/frappe/public/js/frappe/desk.js b/frappe/public/js/frappe/desk.js index a1418f9149..902f382879 100644 --- a/frappe/public/js/frappe/desk.js +++ b/frappe/public/js/frappe/desk.js @@ -86,6 +86,14 @@ frappe.Application = Class.extend({ this.show_update_available(); } + if (!frappe.boot.developer_mode) { + let console_security_message = __("Using this console may allow attackers to impersonate you and steal your information. Do not enter or paste code that you do not understand.") + console.log( + `%c${console_security_message}`, + "font-size: large" + ); + } + this.show_notes(); if (frappe.boot.is_first_startup) { From d93a04aa1691718e7dbf3c2b52aa51f5b7d23377 Mon Sep 17 00:00:00 2001 From: Shivam Mishra Date: Fri, 17 Apr 2020 11:48:59 +0530 Subject: [PATCH 2/2] fix: linting fixes --- frappe/public/js/frappe/desk.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frappe/public/js/frappe/desk.js b/frappe/public/js/frappe/desk.js index 902f382879..b5046d4b12 100644 --- a/frappe/public/js/frappe/desk.js +++ b/frappe/public/js/frappe/desk.js @@ -87,7 +87,7 @@ frappe.Application = Class.extend({ } if (!frappe.boot.developer_mode) { - let console_security_message = __("Using this console may allow attackers to impersonate you and steal your information. Do not enter or paste code that you do not understand.") + let console_security_message = __("Using this console may allow attackers to impersonate you and steal your information. Do not enter or paste code that you do not understand."); console.log( `%c${console_security_message}`, "font-size: large"