Hacker News new | past | comments | ask | show | jobs | submit login

Or turn it into a one-line immediately executed function, and you can add it as a bookmark and run it on pages that are not yours:

    javascript:(function b(){function randInt() {return Math.round (Math.random() * 20 - 10)};for (const img of document.getElementsByTagName('img')) {img.src = `https://placekitten.com/g/${randInt() + img.width}/${randInt() + img.height}`}})();
Create a bookmark with that as the URL, go to some page, click the bookmark, kittens everywhere, profit!



Many sites will also have a CSP that blocks placekitten.com along with other 3rd party img tag origins. Daring users on Firefox can circumvent this protection by browsing to about:config and setting security.csp.enabled to false.


Aye, CORS settings will break it, as will any images that get dynamically updated our loaded as you scroll etc. Also it won't catch images used as backgrounds. There are a lot of ways to break bookmarklets, intentionally, by application of security settings for other reasons (like, erm, security!), or accidentally.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: