SXW.js is a javascript library that is used to display console warnings against Self XSS attacks.

Status:

1. Install the npm package using

   npm i @sxwjs/sxwjs

2. Import sxwjs module
3. Call the required function inside sxwjs module

   import sxwjs from '@sxwjs/sxwjs';
   ...
   ...
   sxwjs.printWarning();

1. Include the sxw.js file in your website either directly or via CDN.
2. If you are using CDN try the following URL

   <script src="https://cdn.jsdelivr.net/npm/@sxwjs/[email protected]/src/sxw.min.js"></script>

3. The script will register built-in functions into window.sxwjs object.
4. At the end of the HTML document call the printWarning function in window.sxwjs as shown in the sample code.

   <script>
       window.sxwjs.printWarning();
   </script>

1. Install the nuget package
2. Include the sxw.js file from the content folder into your website.
3. At the end of the HTML document call the printWarning function in window.sxwjs similar to the one mentioned above.

The warning displayed in console contains three sections.

1. A huge STOP sign
2. A caution text in bold
3. A detailed message saying that this section is intented for developers only. It also warns aginst copy pasting content in the console.

SXW.js has a config object with the following variables,

Example js object:

var config = {
        stopColor: "red",
        stopFontWeight: "bold",
        cautionFontWeight: "bold",
        cautionFontSize: "15px",
    };

SXW.js has a predefined object with the following variables for defining the content to be displayed,

var content = {
        en: {
            stopText: "*********  *********  *********  *********\n***           ***     ***   ***  ***   ***\n***           ***     ***   ***  ***   ***\n*********     ***     ***   ***  *********\n      ***     ***     ***   ***  ***\n      ***     ***     ***   ***  ***\n*********     ***     *********  ***",
            cautionText: "Caution: DO NOT PROCEED.",
            warningText: "This section is intended for developers only. Don't copy paste anything in this area.\nIf someone told you to copy and paste something here, it is a scam and will give them access to your account. In that case, kindly report this to our support team."
        }
    };

You can define content in multiple languages as shown here. Just pass the appropriate language code to the printing function.

There are three functions in the library that will be available into the window.sxwjs object.

1. printStop - Prints just the huge stop sign.
2. printCautionNotice - Prints the caution notice.
3. printWarningText - Prints the the detailed error message.
4. printWarning - Prints all the three sections.
5. setConfig - Assigns the provided configuration.
6. getConfig - Retrives the configuration.
7. setContent - Can be used to modifiy the content such as warningText, cautionNotice, etc...
8. getContent - Retrives the content that will be displayed on the console.

None of these functions are called by default. You can choose to call them as you wish.

Example Usage:

window.sxwjs.setConfig(myConfig);
window.sxwjs.printWarning('en');
window.sxwjs.printStop('en');
window.sxwjs.printCautionNotice('en');

Kolappan Nathan 💻 🚧

yuvaraj 💻

This project follows the all-contributors specification. Contributions of any kind welcome!

1. Github - Provides free hosting for repos and website.
2. js.org - Provides subdomain for our website.
3. Shields.io - Provides those beatutiful status icons.
4. Azure Devops - Free CI/CD for open source projects.
5. ImgBot - Automatic compression of new images
6. Pull - Automatic update of forked repos
7. allcontributors - Helps maintaing list of contributors of the project
8. Adobe Spark - Used to create logo, banners, etc...