Search code examples
javascriptgeolocationfirebuggoogle-chrome-devtoolsbreakpoints

Making my browser debugger break on geolocation

I am visiting a website that is asking me to share my location. I want to know what they are doing with this information and where it is being sent. I tried looking at the JavaScript code for the page, hoping to find something involving geolocation, but there is a lot of code, and it is obfuscated.

Is it possible to put a breakpoint inside my browser's built-in navigator.geolocation.getCurrentPosition or navigator.geolocation.watchPosition function so that when any of those functions are called, I can look at the call stack, see what is calling those functions, and maybe find the callback functions so I can examine those?

I would prefer something that works in Firebug, but I would be happy with something that works with the developer tools built into Firefox, Chrome, or Safari.

Solution

  • I couldn't find any way to put break on geolocation API's in Chrome, but you could use a technique of shimming the functions you want to debug with another function that does some custom code before continuing to call the intended function.

    Here is an example of shimming the getCurrentPosition function.

    var getCurrentPosition = navigator.geolocation.getCurrentPosition;
navigator.geolocation.getCurrentPosition = function(){
    debugger;
    getCurrentPosition.apply(navigator.geolocation, arguments);
}

    In this example, I copy the real API to a local variable, call the debugger statement (effectively setting a breakpoint), then call the real function as it was intended. Now when the obfuscated code calls navigator.geolocation.getCurrentPosition(...) the Chrome debugger will open on the debugger line and you can view the call stack.

    Alternatively, you could do console.trace or any number of other things.

    var getCurrentPosition = navigator.geolocation.getCurrentPosition;
navigator.geolocation.getCurrentPosition = function(){
    console.trace();
    getCurrentPosition.apply(navigator.geolocation, arguments);
}

    Note, you will need to set a breakpoint somewhere before navigator.geolocation.getCurrentPosition is called or assigned to a variable. The first line of the code should be fine.