// ==UserScript==
// @name           Alert Watcher
// @namespace      alertwatcher
// @description    Watch for possible malicious alert/confirm/prompt loops and allow the user to break out.
// @include        *
// ==/UserScript==

/*

This was originally a userscript, but now it can be loaded into any web page.
Useful if there might be dangerous scripts around!

TODO CONSIDER TEST: If there is a frameset, do we need to traverse the frames
in the frameset?

CONSIDER: Should we advise callers to source us at the beginning or end of the
parent document?  If there is an alert during the first document parse, loading
later would be bad.  But if the document was like powerbar, empty but creating
its own frames by javascript, then wouldn't it be better to load alert_watcher
at the end?

I suspect neither of these problems really exist.  Well maybe it IS a problem
is a script re-writes the page.

*/

var unsafeWindow = window;

var init = function()
{
	var lasttime = 0;
	var nexttime = 0;
	var oldconfirm = unsafeWindow.confirm;

	var remap = function(func) {
		var oldfunc = unsafeWindow[func];
		unsafeWindow[func] = function() {
			var d = new Date();
			var now = d.valueOf();
			if (nexttime <= now) {
				if (!oldconfirm.apply(this,arguments)) {
					nexttime = now + 10000;
				}
			}
		}
	}

	remap('alert');
	remap('prompt');
	remap('confirm');
}();