This is a well-known browser security technique. In JavaScript, calling .toString() on a native browser function returns "function appendBuffer() { [native code] }". Calling it on a JavaScript function returns the actual source code. So if your appendBuffer has been monkey-patched, .toString() will betray you; it’ll return the attacker’s JavaScript source instead of the expected native code string.
Что думаешь? Оцени!
,这一点在heLLoword翻译官方下载中也有详细论述
IBM 回应 AI 冲击:现代化远不止改代码
Avoiding false alarms has been one goal for Nick Rutter at FireAngel