- From: Subhan Ahmed <notifications@github.com>
- Date: Sun, 03 Nov 2024 17:12:16 -0800
- To: whatwg/dom <dom@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <whatwg/dom/issues/412/2453671805@github.com>
> Sorry if this has been mentioned already, but re:security and encapsulation concerns: but developers can already intercept `addEventListener` by doing something like
>
> ```js
> let addEventListener = EventTarget.prototype.addEventListener;
> let removeEventListener = EventTarget.prototype.removeEventListener;
>
> EventTarget.prototype.addEventListener = function(type, callback, options) {
> /* store args and then… */
> addEventListener.call(this, type, callback, options);
> };
>
> EventTarget.prototype.removeEventListener = function(type, callback, options) {
> /* remove from stored args and then… */
> removeEventListener.call(this, type, callback, options);
> };
> ```
>
> The problem is just that a) it's flimsy, since listeners may have been attached before the code was run and b) it's suboptimal to be overwriting built-ins like that.
I don't think the `/* remove from stored args and then… */` part works when you are using the abort controller to remove an event listener. i.e.
```
const controller = new AbortController();
document.addEventListener('clicl', () => {}, { signal: controller.signal });
controller.abort();
```
--
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/dom/issues/412#issuecomment-2453671805
You are receiving this because you are subscribed to this thread.
Message ID: <whatwg/dom/issues/412/2453671805@github.com>
Received on Monday, 4 November 2024 01:12:20 UTC