Disable any items from our DOM tree using MutationObserver

Recently sitting on the couch, I decided to play around with MutationObserver . This is a fairly notable feature, with which you can listen to the DOM tree. Now quite common.

Also, with the help of MutationObserver, you can not only listen but also in fact prevent changes to the DOM tree. Thinking about it, I made a library that can block unnecessary tags and attributes that you still did not use.

It looks like this :

{ "tagsType": "blacklist", "tags": [ "script" ], "attributesType": "blacklist", "attributes": { "*": ["onerror"] } } 

Using the manifest, for example, we cut off all script tags and all onerror attributes that should not be added after running strict_dom. Those. in fact, it is possible to cut out many potential XSS vulnerabilities on the site (in this variant, not really), or to wean yourself and your team from using any obsolete HTML tags and attributes.
')
The manifest can have the following parameters:

• outdatedUrl - the link to which will be redirected if the browser is old (disabled by default)
• tagsType - choose the principle of blacklist or whitelist to remove tags
• tags - list of unnecessary tags
• attributesType - choose the principle of blacklist or whitelist to remove attributes to tags
• attributes - list of unnecessary attributes

Actually, all this works through MutationObserver, and the code can peep here