get_js_value
InactiveTool of sncro
Read a JavaScript value from the browser by property path. Walks a strict property path — NO expression evaluation, NO function calls, NO arbitrary code. Accepts identifiers, integer indices in brackets, and double-quoted string keys in brackets. Use this to read runtime state that isn't visible in the DOM: - Framework hydration: window.__NEXT_DATA__.props.pageProps - Redux/Zustand/etc stores (if exposed on window): window.__STORE__._currentState - Feature flags stashed on globals: window.APP.flags - Nested config: window["site-config"].features[0] EXPLORATION MODE: pass mode="keys" to get Object.keys() at the path instead of the value. Start with path="window" to discover globals, then drill in. This is how to find exposed state without guessing: get_js_value(path="window", mode="keys") -> ["document", "__NEXT_DATA__", "store", ...] get_js_value(path="window.store", mode="keys") -> ["_currentState", "subscribe", "dispatch", ...] get_js_value(path="window.store._currentState") -> the actual state object LIMITATIONS (intentional — security): - Cannot call functions. "store.getState()" fails. Expose the value as a readable property instead, e.g. window.__STORE__.state. - No arithmetic, comparisons, or expressions. - Path must start with an identifier and walk down via dots/brackets. Responses are cycle-safe, depth-capped, and size-capped. DOM nodes and React fiber trees are summarized rather than traversed. Args: key: Session key secret: Session secret from create_session path: Property path, e.g. "window.__NEXT_DATA__.props.pageProps" or 'window["site-config"].features[0]' or 'window.arr[0].name' mode: "value" (default) returns the serialized value; "keys" returns Object.keys() at the path max_depth: Max traversal depth when serializing (default 6, capped at 10) max_bytes: Max serialized size in bytes (default 20000, capped at 100000) Returns: {path, type, value, truncated, size_bytes} in value mode {path, mode, type, keys} in keys mode {error: "..."} on bad path / function / failure Requires a connected browser session and middleware v0.9.6+ (older middleware works — the relay doesn't care; the browser needs agent.js from relay.sncro.net which auto-updates).
Parameters schema
{
"type": "object",
"title": "get_js_valueArguments",
"required": [
"key",
"secret",
"path"
],
"properties": {
"key": {
"type": "string",
"title": "Key"
},
"mode": {
"type": "string",
"title": "Mode",
"default": "value"
},
"path": {
"type": "string",
"title": "Path"
},
"secret": {
"type": "string",
"title": "Secret"
},
"max_bytes": {
"type": "integer",
"title": "Max Bytes",
"default": 20000
},
"max_depth": {
"type": "integer",
"title": "Max Depth",
"default": 6
}
}
}No endpoints wrapped at confidence ≥ 0.70.
Parent server
sncro
https://github.com/scottconfusedgorilla/sncro-relay
2/7 registries