Calling most APIs in a loop will eventually cause the browser to struggle or eventually crash. What is novel here? Repo looks to be entirely AI generated spam
I can’t think of the wording right now but generally JS trying to crash the browser would say something like this page is taking a long time, do you want to wait. Something like that.
In this case the browser just crashes.
It does seem like it’s full of AI. The Attack Scenarios are very suspicious.
No, when you run something like <script> while(true) {} </script>, it will only freeze the tab where you ran it, the browser UI and other tabs will still be responsible and usable. When you run this DoS, it makes the entire browser unusable, and exhausts your system memory, eventually crashing the entire browser.
I remember back in the day you could just use the alert function in a while(true) loop and that would be enough to render Internet Explorer unusable :)
Calling most APIs in a loop will eventually cause the browser to struggle or eventually crash. What is novel here? Repo looks to be entirely AI generated spam
I can’t think of the wording right now but generally JS trying to crash the browser would say something like this page is taking a long time, do you want to wait. Something like that. In this case the browser just crashes.
It does seem like it’s full of AI. The Attack Scenarios are very suspicious.
Think you might be right, while reading through the README, I noticed some common LLM pattern words.
Also, some sections of the README completely read as generated by an LLM.
Well, Firefox and webkit browsers (Safari and friends) are all apparently not affected so it does appear there's something here.
This screams AI generated and you can do this in thousands of ways.
This is as much of a DoS as an unterminated while loop is a DoS, is it not?
No, when you run something like <script> while(true) {} </script>, it will only freeze the tab where you ran it, the browser UI and other tabs will still be responsible and usable. When you run this DoS, it makes the entire browser unusable, and exhausts your system memory, eventually crashing the entire browser.
Is it some sort of "hacker" thing to use hexadecimal numbers even in small for loops?
> for (let i = 0x0; i < 0x3; i++) { document.title = t + i; // Each burst performs 3 sequential updates } this.counter += 0x3;
I suppose the thing is AI generated anyways. Oh well
I remember back in the day you could just use the alert function in a while(true) loop and that would be enough to render Internet Explorer unusable :)
Ha, back then they were native OS dialogs. And one would block the whole window, even when IE6 gained tabs.