Security Information Vulnerability Research Security Blog

Google debug

December 25th, 2006 by , Filed under: Commentary, Google, Web

I love Google’s web applications. They are cool and actually set a new standard for the Web we know today. It’s fun and educating to check out their JavaScript code. And as usual, when you dig into somebody’s code, you find surprises. For example Google use a concept of pushing JavaScript errors and debug info to the server.

Typical code section looking like:

try {
 /* bla bla */
} catch(e) {
 re(e);
}

function re(e) {
 var t = gather_client_data();
 t += get_stack_info(e);
 postASYNC(t);
}

Any error/bug in the web application will be silently pushed to the server, without you even knowing it happened :)
It’s a nice approach to track the bugs, though I feel a bit uncomfortable when somebody is trying to hide something from me.
I understand that Google owns you anyways, having all the information on their servers. Still I want to know that something unusual is happening in the application I use.

Share
  • http://gfdsa.gfdsa.org gfdsa

    Man, since I’ve started to discover this kind of shit in their js (mostly by looking at FF JS console and wondering why something is not working) I am trying to get away from it…
    Google owns you – said enough..

  • blerg

    I think it’s a neat trick.

  • XenoMuta

    Still it can be a headache for them if ppl just start faking JS errors to confuse their staff.

  • http://www.alhome.net AL

    I’d love to know how they go through all the reported errors and make some intelligence out of them.

  • http://www.BeyondSecurity.com Lev

    AL:
    I think something like that – 10% or more clients get same error, it’s worth to take a look into.

    XenoMuta:
    You need a reaaaaal huge botnet to be able to confuse em.

  • Pingback: Alessandro "jekil" Tanasi blog

  • http://nah..astalavistahex debug

    n0thing much just b00st up the google server..

  • Share







  • Categories


Security RSS Subscribe