« Formatted Input Masks for Textboxes
MSBuild and Solution Files »

fun with the Firebug Extension

09Nov06

The other day I came across an article called Hacking Web 2.0 Applications with Firefox. This is a fantastic article for two reasons:

  1. It emphasizes just how little you should be trusting any client-side validation for ensuring the security of your web application. In other words, don’t be trusting anything that is submitted to your server-side just because you are doing it in a hidden ajax method or something.
  2. It highlights what I consider to be pretty much the most important tool in my web application toolbox: the Firebug Extension for Firefox.

This tool is not only a debugger for javascript; it also allows you to completely dissect a page’s html structure, css and javascript in seconds.  No more combing through View Source in order to figure out how a page is laid out, or trying to find what css is acting on what. Just hit F12 in firefox to open the Firebug panel and click the Inspect button. 

There’s a tonne of things you can do with this extension, but go install it and come back here and I’ll show you a fun little trick.

Are you back?  Ok, try this: click F12 to open the firebug panel and hit the inspect button.  With this you can see the shape of all the DOM elements on this page. Actually click on an element and you can do things like browse through the html tree, view any css styles acting on it etc etc.

using firebug inspector

Now you know what the html structure of the page looks like. Note the id for the top header of this page is called ‘header’.  Now we’ll take advantage of the fact that this blog uses the scriptaculous library in order to make the header on this page disappear right in front of you.  Click the Console tab in Firebug.  At the bottom, you can enter in arbitrary javascript and it will run in the context of your page. This is very useful for testing out javascript you are working on.  Enter new Effect.BlindUp(”header”); here.  You’ll see the whole header on the page slide up into nonexistence. 

using firebug console

 In order to get it back, you can enter new Effect.BlindDown(”header”);. 

This command wouldn’t work for other pages, because it relies on the scriptaculous library being linked on the page you are viewing.  However you can easily do something like document.getElementById(”dom-id-of-irritating-flashing-gif”).style.display= “none” on any page as a way to nuke any irritating ads.

1 Response to “fun with the Firebug Extension”

Feed for this Entry Trackback Address
  1. 1 twe4ked Posted November 29th, 2006 - 3:52 pm Quote

    I was playing around with the firebug ext. just the otherday, i cant remember how i came accross it, its an awsome ext. tho! good work.

Leave a Reply


Comment guidelines: No spamming, no profanity, and no flaming. Inappropriate comments will be deleted outright.

Quote selected text

« Formatted Input Masks for Textboxes
MSBuild and Solution Files »
 

Recent entries

About

My name is Dylan Marks. I'm a programmer and tech consultant focused on web application development, typically using ASP.NET, javascript and web standards-based technologies. I hope to share some of the useful tips and tricks I've discovered while making things work. I live in Edmonton, Alberta, Canada, working remotely for clients across North America. Email Me.