This project is not covered by Drupal’s security advisory policy.

The a-hole module is a devious module which breaks JavaScript that doesn't use dependency injection or isolate itself from unexpected elements that could show up through object inheritance. Since there is quite a bit in Drupal that doesn't do this installing this module causes core JavaScript to break and thus break you site.

Install this module at your own risk. If you want to break your site go for it.

Different browsers will break in different ways. In my personal experience IE breaks the worst while Chrome breaks the least. None the less, stuff breaks (though jQuery core handles everything well and doesn't break).

This module is designed to exploit bad development practices. If you're code uses dependency injection and properly isolates itself from the outside scripts
this module won't make a difference. Unfortunately there is a lot of JavaScript in Drupal core that doesn't do this so stuff will break in some browsers just by enabling this module.

The dependency injection part can be solved by wrapping your code in something like:

(function($, window, document, undefined) {
  ...
})(jQuery, this, this.document)

This wrapper is a self executing function which passes in jQuery, the global object (window and this are the same here), and the document. You'll notice undefined has nothing passed in for it. This makes sure the value is undefined.

This isn't the only want to solve the scoping problem but it is a successful way.

Another thing we often do is iterate over the properties in an object. If we don't check that the property is one for our current object you may end up with properties defined up the object inheritance chain popping up in our loops. For example:

Object.prototype.foo = 'bar';

var hot = {
  e: 'ieio',
  boom: 'stick'
};

for (var burn in hot) {
  if (hot.hasOwnProperty(burn)) {
    alert(hot[burn]);
  }
}

'bar' would be one of the items alerted to us if we didn't have the wrapper of:

if (hot.hasOwnProperty(burn)) {
  ...
}

This is because it is up the inheritance chain for objects.

Project information

  • caution Minimally maintained
    Maintainers monitor issues, but fast responses are not guaranteed.
  • caution Maintenance fixes only
    Considered feature-complete by its maintainers.
  • Module categories: Developer Tools
  • By mfer on , updated
  • shield alertThis project is not covered by the security advisory policy.
    Use at your own risk! It may have publicly disclosed vulnerabilities.

Releases

8.x-1.0-alpha1 released 27 April 2011
✓ Recommended by the project’s maintainer.
Install:
7.x-1.0-alpha1 released 27 April 2011
Works with Drupal: 7.x
✓ Recommended by the project’s maintainer.

Using Composer to manage Drupal site dependencies