Menu
I have a Chrome extension that needs to produce human-like mouse and keyboard behavior (specifically, generate events that have a isTrusted value of true). I can do everything I need except for scrolling with the chrome.debugger APIs.
But it seems that the Window.scroll() method is sufficient for this purpose up to Chrome 52 and Firefox 48.0a1. This can be observed by attaching an event listener to the page as follows:
document.addEventListener("scroll", function (event) {
console.log("event trusted? " + event.isTrusted);
});
and then running something like window.scroll(0, 10); in the developer console. This will log event trusted? true to the developer console.
My question is: why is this the case? Shouldn't the isTrusted property be false in this case since the scroll event was clearly generated by a script?
908
The scroll event fires when the document view has been scrolled. For element scrolling, see Element: scroll event .
The onscroll event occurs when an element's scrollbar is being scrolled. Tip: use the CSS overflow style property to create a scrollbar for an element.
This is by specification, per the DOM Living Standard:
NOTE:
isTrustedis a convenience that indicates whether an event is dispatched by the user agent (as opposed to usingdispatchEvent()). The sole legacy exception isclick(), which causes the user agent to dispatch an event whoseisTrustedattribute is initialized to false.
Also, in the DOM Level 3 Events Specification:
3.4. Trusted events
Events that are generated by the user agent, either as a result of user interaction, or as a direct result of changes to the DOM, are trusted by the user agent with privileges that are not afforded to events generated by script through the
createEvent()method, modified using theinitEvent()method, or dispatched via thedispatchEvent()method. TheisTrustedattribute of trusted events has a value oftrue, while untrusted events have aisTrustedattribute value offalse.
Thus, isTrusted only reflects if the event has been dispatched or created artificially using createEvent, initEvent, or dispatchEvent. Now, look at the definition of Window.scroll per the CSSOM View Module Editor's Draft:
When the
scroll()method is invoked these steps must be run:[...]
- If invoked with two arguments, follow these substeps:
[...]
12. Perform a scroll of the viewport to position, document’s root element as the associated element, if there is one, or null otherwise, and the scroll behavior being the value of the
behaviordictionary member of options.
Nowhere in the method is an artificial event created with createEvent, initEvent, or dispatchEvent, thus the value of isTrusted is true. Note that using Window.scroll still triggers the event handler because it integrates with the event loop, and a scroll event is emitted when a viewport or element is scrolled. This does not, however, use createEvent, initEvent, or dispatchEvent.
Using the isTrusted event isn't a sure-fire way of detecting whether a script generated an event. It only detects if an event has been created and dispatched with createEvent, initEvent, or dispatchEvent.
164
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
