

Facebook monitors your alert() usage - robin_reala
http://my.opera.com/hallvors/blog/show.dml/4151978

======
cschneid
I don't know if this is why they have that, but that would make a pretty
decent approach to restricting and slowing down XSS type attacks, if you can
override and protect all the native built-in functions.

It should be easy using log analysis to then notice spikes in usage of
something, and investigate.

I'm sure there are flaws in my idea, but I think it might work as part of a
defense in depth approach.

~~~
mustpax
The fact that they're passing the data back with an image tag instead of an
XHR request also suggests the same to me.

If this was some leftover debug code, I wouldn't expect it to be that sneaky.

------
ashleyw
Speaking of which, I wonder how much time developers worldwide waste by having
to manually click OK on alert windows to continue execution? I much prefer
console.log();

~~~
litewulf
(You don't necessarily always have access to console.log though...)

~~~
ahoyhere
There's no reason not to - Safari / WebKit's Inspector is API-compatible with
Firebug's console object, and there's always Firebug Lite for other browsers.

