Александра Лисица (Редактор отдела «Забота о себе»)
Mobile apps aren't free
,推荐阅读下载安装 谷歌浏览器 开启极速安全的 上网之旅。获取更多信息
Что думаешь? Оцени!
This is a well-known browser security technique. In JavaScript, calling .toString() on a native browser function returns "function appendBuffer() { [native code] }". Calling it on a JavaScript function returns the actual source code. So if your appendBuffer has been monkey-patched, .toString() will betray you; it’ll return the attacker’s JavaScript source instead of the expected native code string.
for await (const chunk of stream) { /* never runs */ }