Hello! So basically, what I am trying to achieve is making an executor on a website where I would type in JavaScript on one page, click execute, and it would send and execute that JavaScript into a different tab on Chrome.
I know this might pose a security risk, but I am trying to find a way to do it. Is there a way I can do “cross-site scripting”?
As a reminder bypassing isn’t allowed. But you cannot arbitrarily execute JS across domains.
Try using a bookmark instead, if your intent is to use javascript:
They can’t, it’s blocked by their school.
Doens’t the Developer Tools allow you to do that?
Or you can create a browser extension too. Extensions have more privileges than regular web pages and can interact with multiple tabs. You can create an extension where a user can input JavaScript, and the extension can then run this script on a different tab.
Neither of those would work on a school device, which is what I’m assuming they’re using here.
Hmmm, considering that they are allowed to create and open local HTML files on the device, they can write HTML files with embedded JavaScript and open them in the browser…
I really don’t know how US school system works and their restrictions.
I think that would work, considering that I could do that in my Google drive and it work somehow (Chromebooks mount your Google drive kinda like an actual drive)
Not necessarily. DevTools is blocked on my school computers, but bookmarklets weren’t, meaning I could inject Eruda into the page and use it as a mini DevTools.
They’re two different policy settings.
What is your intent exactly @DaxCodes1?
While that may be true, @DaxCodes1 has already posted a topic about getting around not being able to use bookmarklets.
So you’re all here discussing how to get around school restrictions? Don’t you think you shouldn’t do that?
Sorry for the extremely late replies but my intent is I’m making a javascript executor called “aluminum”, and you type code in the executor and it will execute it into your chrome tab. If I could figure out how to do “cross-tab scripting” or whatever you call it, it could very much work out.
That’s not really how that works, most sites have security against that because it could compromise login credentials and stuff if they didn’t.
Ohh okay, I guess i’ll stick to my original method of creating a new about:blank then 
Edit: holy moly I was not expecting to see 10 new replies in my inbox the next day.
For what purpose though?
I want to make a developer tool so I can test out coding easier at my school.
I think you should just do school at school.
Oh, I know, don’t worry; I only do programming once I have some free time. I get all my work done
and my teachers know lol
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.