3

I have made a following custom logs function to print all console log messages. Using this function I can control with a single flag variable to either print or not logs throughout the app.

var Utilities = {
    showLogs: true,
    printLog: function (msg) {
        if (this.showLogs) {
            console.log(msg);
        }
    }
};

and I call it as:

Utilities.printLog("a message to print on console");

It works fine as expected. But it has one limitation i.e. its not showing the correct line no# and file name where this was called to print the logs.

One solution is to provide extra parameters to print line no# & file name along with the message.

for instance:

Utilities.printLog("a message to print on console", "10","common.js");
Utilities.printLog("a message to print on console", "310","myLib.js");

I dont want these extra parameters and like to know if there is another option available.

Update:

I tried the V8's Stack Trace API http://code.google.com/p/v8/wiki/JavaScriptStackTraceApi but it only helps in cases when an exception is generated inside try catch block.

First override the Error.prepareStackTrace and create a tracing function like this:

Error.prepareStackTrace = function(error, stack) {
    return stack;
};

function getTrace(e) {
    var stack = e.stack;
    var trace = ""; 
    for (var i = 0; i < stack.length; i++) {                   
         trace += "\r" + stack[i];
     }
    return trace;
}

and created two sample js files.

libObj.js

var libObj = {
    getCube: function(x){
        return mathLib.cube( x ); 
    }
};

mathLib.js

var mathLib = {
    cube: function(x){
        return evilObj * x * x; //see the undefined evilObj --- lets catch trace here
    }
};

Now from a third js file (or in my case inside the HTML file) I call the function within the try catch block to see the precise trace of the vulnerable code. 

<script type="text/javascript">
      try {
            var results;
            results = libObj.getCube(2);
            console.log( results );

        } catch (e) {              
            console.log( getTrace(e));
        }
</script>

Now I get below trace of the vulnerable code:

enter image description here

Note:- If you do not override the Error.prepareStackTrace then it gives, I think pretty formatted trace...though both have same info.

Without overriding Error.prepareStackTrace: enter image description here

Now the question remains open, how I can capture similar trace for my custom logs function as defined above.

AAhad
  • 2,805
  • 1
  • 25
  • 42
  • You may want to look at the stack trace API: https://code.google.com/p/v8/wiki/JavaScriptStackTraceApi. –  Nov 17 '14 at 02:27
  • Let me check it out, thanks – AAhad Nov 17 '14 at 03:35
  • check this : http://stackoverflow.com/questions/1340872/how-to-get-javascript-caller-function-line-number-how-to-get-javascript-caller – OnlyMAJ Nov 17 '14 at 19:44
  • And what about this? https://stackoverflow.com/questions/13227489/how-can-one-get-the-file-path-of-the-caller-function-in-node-js and that https://stackoverflow.com/questions/11386492/accessing-line-number-in-v8-javascript-chrome-node-js – Vinz243 Nov 17 '14 at 19:53
  • Thanks for both links. I've just read both links but unfortunately they refer back to Try/catch/error handling things. I am trying for a normal logs without exception or use of try/catch... just normal logs statement. – AAhad Nov 17 '14 at 19:58
  • @Vinz243 , let me read the other one you shared.... – AAhad Nov 17 '14 at 19:59
  • @Vinz243 , thanks...It refers to NodeJS. Well, Later I will try it on node project. This time am looking for normal non-node based web apps logs. – AAhad Nov 17 '14 at 20:05

1 Answers1

1

You could do this:

var Utilities=
{
    showLogs:true,
    printLog:function(msg){
        if(!this.showLogs) return 0;
        var k=new Error().stack.split("\n").slice(2);
        k.unshift(msg);
        console.log(k.join("\n"));
    }
}
Sophiα2329
  • 1,601
  • 1
  • 13
  • 15