Login

Data Submission

How to submit URLs for JavaScript change monitoring

WatchJs offers two primary methods for submitting URLs for analysis, catering to different monitoring scenarios and website configurations.

1. Auto-URLs: Continuous Monitoring

Auto-URLs are designed for websites that don't require authentication to access their JavaScript files. This method enables ongoing, automated surveillance of your target sites.

Auto-URLs Submission Interface

The Auto-URL Process

  1. Initial Scan: Upon first submission, WatchJs thoroughly analyzes the website, extracting all strings contained within the JavaScript files and storing them in our secure database.

  2. Periodic Rescanning: Every 72 hours, WatchJs automatically rescans the submitted URL.

  3. Change Detection: If new strings are detected in any JavaScript files during these periodic scans, WatchJs generates a new watch record.

2. Manual URL: One-Time Scan

The Manual URL option is ideal for websites that require authentication to access certain JavaScript files or for situations where you need to perform a one-time, on-demand scan.

Manual-URL Submission Interface

Using the Manual URL Feature

  1. Authentication: Log in to the target website using your credentials.

  2. URL Collection: Utilize the WatchJs browser plugin to compile a list of authenticated JavaScript URLs.

    WatchJs Browser Plugin Interface

  3. Submission: Submit these URLs to WatchJs for analysis.

The Manual URL Scanning Process

  1. Initial Scan: The first scan captures the current state of the submitted URL, storing the data in our database without generating a watch record.

  2. Cooldown Period: A 24-hour interval is enforced between scans to allow for meaningful data changes in the target website. This cooldown allows sufficient time for developers to push updates or new features

  3. Subsequent Scans: After the cooldown period, you can initiate another scan of the same URL.

  4. Change Detection: If new strings are discovered during a subsequent scan, WatchJs generates a new watch record for this specific URL.

3. Blacklist Word Feature: Filtering Irrelevant JavaScript URLs

To enhance the efficiency and relevance of your scans, WatchJs provides a blacklist word feature. This allows you to filter out JavaScript URLs that are likely to be of little value for security analysis.

Blacklist Word Feature Interface

How the Blacklist Feature Works

  1. Adding Blacklist Words: You can add specific words or phrases to the blacklist. These are typically associated with common, low-value JavaScript resources.

  2. Automatic Filtering: During the scanning process, any JavaScript URL containing a blacklisted word will be automatically excluded from analysis.

Common Use Cases for Blacklisting

  • Excluding third-party libraries (e.g., "jquery", "bootstrap")
  • Filtering out analytics scripts (e.g., "google-analytics", "hotjar")
  • Ignoring content delivery networks (e.g., "cdn", "cloudfront")

By offering both Auto-URLs and Manual URL options, along with the Blacklist Word feature, WatchJs provides the flexibility to meet various monitoring needs. Whether you require continuous surveillance of public-facing websites or need to perform authenticated scans of secure web applications, WatchJs has you covered.