https://wiki.greasespot.net/api.php?action=feedcontributions&user=Ldrhcp&feedformat=atomGreaseSpot Wiki - User contributions [en]2024-03-29T01:55:31ZUser contributionsMediaWiki 1.41.0https://wiki.greasespot.net/index.php?title=Talk:Cross-browser_userscripting&diff=2032Talk:Cross-browser userscripting2007-05-14T01:20:40Z<p>Ldrhcp: vote against</p>
<hr />
<div>I vote for renaming this page "User script engines". The existing name is a bit cumbersome. [[User:Arantius|Arantius]] 12:12, 13 May 2007 (EDT)<br />
<br />
: I was planning to give it a shorter name, but it was suggested I make it more explicit for googleability. I don't think "User script engines" works well, since the page is (intended to be) about issues/tips relating to porting scripts or making scripts work in several user script engines. A "user script engines" page would be a great addition, and could link to this one, but I don't feel they should be one and the same page. --[[User:Henrik|Henrik]] 14:23, 13 May 2007 (EDT)<br />
<br />
: -1 for rename. I think the current title better describes what the page is about. If anything, userscripting can be changed to scripting, but it's really fine as is, IMO. --[[User:Ldrhcp|Ldrhcp]] 21:20, 13 May 2007 (EDT)</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Main_Page&diff=1971Main Page2007-04-23T04:17:58Z<p>Ldrhcp: replaced link that was (accidentally?) deleted</p>
<hr />
<div>__NOTOC__<br />
'''GreaseSpot''' is community documentation for [[user script]]ing with [[Greasemonkey]]. Please [[GreaseSpot:Editor portal|contribute]].<br />
<br />
== Getting Started ==<br />
<br />
* [[Greasemonkey Manual]]<br />
* [[Tutorials]]<br />
* [[Mailing list]]<br />
<br />
== Scripting References ==<br />
<br />
* [[API reference]]<br />
* [[XPCNativeWrapper]]<br />
* [[Security]]<br />
** [[unsafeWindow]]<br />
* [[Sandbox]]<br />
* [[Metadata block]]<br />
* [[Global object]]<br />
<br />
== Authoring Tips ==<br />
<br />
* [[Troubleshooting]]<br />
* [[Recipes]]<br />
* [[Code snippets]]: useful staple functions.<br />
* [[Coding tips]]: things you might not have thought of.<br />
* [[:Category:Site-specific tips|Site-specific tips]]<br />
** [[:Category:Ajax site tips|Ajax site tips]]<br />
* [[Security tips]]<br />
* [[Etiquette]]<br />
* [[Useful Tools for Script Writers]]<br />
<br />
== Extension Development ==<br />
<br />
* [[Contributing to Greasemonkey]]<br />
<br />
== Also ==<br />
<br />
* [[FAQ]]<br />
* [[Links]]</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Gmail&diff=1931Talk:Gmail2007-04-13T21:06:28Z<p>Ldrhcp: </p>
<hr />
<div>We probably shouldn't be suggesting unsafeWindow. --[[User:Ldrhcp|Ldrhcp]] 17:06, 13 April 2007 (EDT)</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Gmail&diff=1930Talk:Gmail2007-04-13T21:05:54Z<p>Ldrhcp: </p>
<hr />
<div>We probably shouldn't be suggesting unsafeWindow.</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Main_Page&diff=1891Main Page2007-04-12T19:53:10Z<p>Ldrhcp: </p>
<hr />
<div>__NOTOC__<br />
<br />
'''GreaseSpot''' is community documentation for [[user script]]ing with [[Greasemonkey]].<br />
<br />
''This wiki is still in its infancy. Please [[GreaseSpot:Editor portal|contribute]] if you can.''<br />
<br />
== Getting Started ==<br />
<br />
* [[Tutorials]]<br />
* [[Mailing list]]<br />
<br />
== Scripting References ==<br />
<br />
* [[API reference]]<br />
* [[XPCNativeWrapper]]<br />
* [[Security]]<br />
** [[unsafeWindow]]<br />
* [[Sandbox]]<br />
* [[Metadata block]]<br />
<br />
== Authoring Tips ==<br />
<br />
* [[FAQ]]<br />
* [[Troubleshooting]]<br />
* [[Recipes]]<br />
* [[Code snippets]]<br />
* [[Security tips]]<br />
* [[@include recommendations]]<br />
* [[Etiquette]]<br />
* [[Useful Tools for Script Writers]]<br />
<br />
== Extension Development ==<br />
<br />
* [[Contributing to Greasemonkey]]<br />
<br />
== Also ==<br />
<br />
* [[Links]]</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Security&diff=1884Talk:Security2007-04-12T15:15:47Z<p>Ldrhcp: </p>
<hr />
<div>It's not obvious to me what the distinction is between this page and the [[Security tips]] page. Should the pages be merged? If not, could it be made more clear what they each are for? --[[User:195.67.240.29|195.67.240.29]] 03:25, 12 April 2007 (EDT)<br />
<br />
: From the top of the page: "This page is a description of [[Greasemonkey]]'s security model. For tips you can apply directly to your scripts, see '''[[Security tips]]'''." That's the distinction, though one could still argue that they should be merged. --[[User:Ldrhcp|Ldrhcp]] 11:15, 12 April 2007 (EDT)</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Recipes&diff=1865Recipes2007-04-10T20:00:53Z<p>Ldrhcp: See talk:recipes. Not moving any content over, since it's barely even a stub</p>
<hr />
<div>#REDIRECT [[Code snippets]]</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Recipes&diff=1864Talk:Recipes2007-04-10T19:58:18Z<p>Ldrhcp: </p>
<hr />
<div>Vote for removing this page, or merging it with [[Code Snippets]] -- [[User:Arantius|Arantius]] 17:50, 9 April 2007 (EDT)<br />
<br />
: '''Merge.''' [[Code snippets]] is fine while there are still few. If the page becomes sufficiently large, we'll probably want a category and index or portal of recipes. But yeah, they're essentially the same. --[[User:Ldrhcp|Ldrhcp]] 21:09, 9 April 2007 (EDT)<br />
<br />
: Yep, and at that, probably vote for renaming "Code Snippets" to "Code snippets" so that link error like you had above doesn't happen =) [[User:Arantius|Arantius]] 15:35, 10 April 2007 (EDT)<br />
<br />
:: Moved. Also, an [[GreaseSpot:editor portal|editor portal]] could be useful to plan things like eventually splitting up the [[code snippets]] page into a collection of recipes. Other documentation discussion, such as creation of a style guide, could probably also be useful.</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Code_Snippets&diff=1863Talk:Code Snippets2007-04-10T19:55:29Z<p>Ldrhcp: Talk:Code Snippets moved to Talk:Code snippets: Proper case</p>
<hr />
<div>#REDIRECT [[Talk:Code snippets]]</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Code_snippets&diff=1862Talk:Code snippets2007-04-10T19:55:29Z<p>Ldrhcp: Talk:Code Snippets moved to Talk:Code snippets: Proper case</p>
<hr />
<div>== array.forEach in XPath example ==<br />
<br />
Re: http://wiki.greasespot.net/index.php?title=Code_Snippets&diff=prev&oldid=1784<br />
<br />
Restored that example, it works fine (using Fx 2) without Prototype. See e.g. http://developer.mozilla.org/en/docs/Core_JavaScript_1.5_Reference:Objects:Array:forEach.<br />
<br />
Just try it:<br />
<br />
// ==UserScript==<br />
// @name Example<br />
// @namespace wiki<br />
// @include *<br />
// ==/UserScript==<br />
<br />
function $x(p, context) {<br />
if (!context) context = document;<br />
var i, arr = [], xpr = document.evaluate(p, context, null, XPathResult.UNORDERED_NODE_SNAPSHOT_TYPE, null);<br />
for (i = 0; item = xpr.snapshotItem(i); i++) arr.push(item);<br />
return arr;<br />
}<br />
<br />
var i, paragraphs = $x("//p"); <br />
paragraphs.forEach(function(paragraph) { // Loop over every paragraph <br />
paragraph.innerHTML = "Halloa!"; <br />
});<br />
<br />
--[[User:81.225.78.185|81.225.78.185]] 18:18, 25 March 2007 (EDT)</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Code_Snippets&diff=1861Code Snippets2007-04-10T19:55:29Z<p>Ldrhcp: Code Snippets moved to Code snippets: Proper case</p>
<hr />
<div>#REDIRECT [[Code snippets]]</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Code_snippets&diff=1860Code snippets2007-04-10T19:55:29Z<p>Ldrhcp: Code Snippets moved to Code snippets: Proper case</p>
<hr />
<div>__TOC__<br />
<br />
= Shortcut to document.getElementById =<br />
<br />
function $(id) {<br />
return document.getElementById(id);<br />
}<br />
<br />
Example usage:<br />
<br />
$("header").innerHTML = "Halloa!";<br />
<br />
= Shortcut to document.createElement with attributes =<br />
<br />
Creates a new element with the given attribute list<br />
<br />
function createElement(type, attributes) {<br />
var element = document.createElement(type);<br />
if(attributes != null) {<br />
for(var i = 0, l = attributes.length; i < l; i++) {<br />
element.setAttribute(attributes[i][0], attributes[i][1]);<br />
}<br />
}<br />
return element;<br />
}<br />
<br />
Example usage:<br />
<br />
var link = createElement('link', [['rel', 'stylesheet'], ['type', 'text/css'], ['href', basedir + 'style.css']]);<br />
<br />
= XPath helper =<br />
<br />
Run a particular [[XPath]] expression <code>p</code> against the context node <code>context</code> (or the document, if not provided).<br />
<br />
Returns the results as an array.<br />
<br />
function $x(p, context) {<br />
if (!context) context = document;<br />
var i, arr = [], xpr = document.evaluate(p, context, null, XPathResult.UNORDERED_NODE_SNAPSHOT_TYPE, null);<br />
for (i = 0; item = xpr.snapshotItem(i); i++) arr.push(item);<br />
return arr;<br />
}<br />
<br />
Example usage (with [http://developer.mozilla.org/en/docs/Core_JavaScript_1.5_Reference:Objects:Array:forEach Array.forEach]):<br />
<br />
var i, paragraphs = $x("//p");<br />
paragraphs.forEach(function(paragraph) { // Loop over every paragraph<br />
paragraph.innerHTML = "Halloa!";<br />
});<br />
<br />
= Serialize/deserialize for GM_getValue =<br />
<br />
Used to store and retrieve multiple values (typically as a serialized hash) in a single [[GM_getValue]] slot.<br />
<br />
function deserialize(name, def) {<br />
return eval(GM_getValue(name, (def || '({})')));<br />
}<br />
<br />
function serialize(name, val) {<br />
GM_setValue(name, uneval(val));<br />
}<br />
<br />
Example usage:<br />
<br />
var settings = {a: 1, b: 2, c: 3};<br />
serialize('test', settings);<br />
var _settings = deserialize('test');<br />
// now "settings == _settings" should be true<br />
<br />
= DOM node juggling =<br />
<br />
== Remove DOM node ==<br />
<br />
function remove(element) {<br />
if (element) <br />
element.parentNode.removeChild(element);<br />
}<br />
<br />
== Insert node after node ==<br />
<br />
function insertAfter(newNode, node) {<br />
return node.parentNode.insertBefore(newNode, node.nextSibling);<br />
}<br />
<br />
This works because even if <code>node</code> is the last node, <code>nextSibling</code> returns <code>null</code> so <code>insertBefore</code> puts the new node at the end.<br />
<br />
Example usage:<br />
<br />
var link = document.getElementById("the_link");<br />
var icon = document.createElement("img");<br />
icon.src = "…";<br />
insertAfter(icon, link);<br />
<br />
= GET an URL with callback function =<br />
<br />
Retrieves <code>url</code> using HTTP GET, then calls the function <code>cb</code> with the response text as its single argument.<br />
<br />
function get(url, cb) {<br />
GM_xmlhttpRequest({<br />
method: "GET",<br />
url: url,<br />
onload: function(xhr) { cb(xhr.responseText); }<br />
});<br />
}<br />
<br />
Example usage:<br />
<br />
function inform(text) {<br />
alert("The HTML of the page: " + text);<br />
}<br />
<br />
get("&#104;ttp://www.google.com", inform);<br />
<br />
= Advanced createElement for creating hierarchies of elements =<br />
Creates an element with attributes as well as child elements with their own attributes and children. Function should be called with arguments in the form of the following hash (note that "child1", "child2" should be hashes of the same structure):<br />
createEl({n: nodename, a: {attr1: val, attr2: val}, c: [child1, child2], evl: {type: eventlistener_type, f: eventlistener_function, bubble: bool}}, appendTo)<br />
<br />
<br />
function createEl(elObj, parent) {<br />
var el;<br />
if (typeof elObj == 'string') {<br />
el = document.createTextNode(elObj);<br />
}<br />
else {<br />
el = document.createElement(elObj.n);<br />
if (elObj.a) {<br />
attributes = elObj.a;<br />
for (var key in attributes) {<br />
if (key.charAt(0) == '@')<br />
el.setAttribute(key.substring(1), attributes[key]);<br />
else <br />
el[key] = attributes[key];<br />
}<br />
}<br />
if (elObj.evl) {<br />
el.addEventListener(elObj.evl.type, elObj.evl.f, elObj.evl.bubble);<br />
}<br />
if (elObj.c) {<br />
elObj.c.forEach(function (v, i, a) { createEl(v, el); });<br />
}<br />
}<br />
if (parent)<br />
parent.appendChild(el);<br />
return el;<br />
}<br />
<br />
<br />
Example usage:<br />
<br />
createEl({n: 'ol', a: {'@class': 'some_list', '@id': 'my_list'}, c: [<br />
{n: 'li', a: {textContent: 'first point'}, evl: {type: 'click', f: function() {alert('first point');}, bubble: true}},<br />
{n: 'li', a: {textContent: 'second point'}},<br />
{n: 'li', a: {textContent: 'third point'}}<br />
]}, document.body);</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Recipes&diff=1855Talk:Recipes2007-04-10T01:09:28Z<p>Ldrhcp: voted merge</p>
<hr />
<div>Vote for removing this page, or merging it with [[Code Snippets]] -- [[User:Arantius|Arantius]] 17:50, 9 April 2007 (EDT)<br />
<br />
: '''Merge.''' [[Code snippets]] is fine while there are still few. If the page becomes sufficiently large, we'll probably want a category and index or portal of recipes. But yeah, they're essentially the same. --[[User:Ldrhcp|Ldrhcp]] 21:09, 9 April 2007 (EDT)</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Tutorials&diff=1830Talk:Tutorials2007-03-31T04:58:31Z<p>Ldrhcp: signed</p>
<hr />
<div>Perhaps we could add some "recipes", like in Dive into Greasemonkey. Stuff like "Doing something with every X". Or should we have a separate "recipes" page?<br />
--[[User:81.230.12.10|81.230.12.10]] 08:49, 28 March 2007 (EDT)<br />
<br />
IMO there should be a dedicated page, if not an entire section of the site for that. [[User:Arantius|Arantius]] 21:59, 29 March 2007 (EDT)<br />
<br />
So you (Arantius) propose this page (Tutorials) should be strictly for linking to tutorials elsewhere, with any Recipes in another section? --[[User:81.230.12.10|81.230.12.10]] 04:50, 30 March 2007 (EDT)<br />
<br />
: Tutorial != Recipe. I'd love to have a tutorial on the wiki, and also recipes, but the two things are different. --[[User:Ldrhcp|Ldrhcp]] 10:54, 30 March 2007 (EDT)<br />
<br />
:: Could you explain the difference? --[[User:81.230.12.10|81.230.12.10]] 12:07, 30 March 2007 (EDT)<br />
<br />
::: A tutorial teaches how to write user scripts. Recipes show how to accomplish specific tasks. By this definition, I'd say the "common patterns" section of Dive Into Greasemonkey is pretty much a collection of recipes. It's a matter of general vs. specific, and the two things have different pedagogic purposes. --[[User:Ldrhcp|Ldrhcp]] 00:58, 31 March 2007 (EDT)</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Tutorials&diff=1829Talk:Tutorials2007-03-31T04:58:11Z<p>Ldrhcp: </p>
<hr />
<div>Perhaps we could add some "recipes", like in Dive into Greasemonkey. Stuff like "Doing something with every X". Or should we have a separate "recipes" page?<br />
--[[User:81.230.12.10|81.230.12.10]] 08:49, 28 March 2007 (EDT)<br />
<br />
IMO there should be a dedicated page, if not an entire section of the site for that. [[User:Arantius|Arantius]] 21:59, 29 March 2007 (EDT)<br />
<br />
So you (Arantius) propose this page (Tutorials) should be strictly for linking to tutorials elsewhere, with any Recipes in another section? --[[User:81.230.12.10|81.230.12.10]] 04:50, 30 March 2007 (EDT)<br />
<br />
: Tutorial != Recipe. I'd love to have a tutorial on the wiki, and also recipes, but the two things are different. --[[User:Ldrhcp|Ldrhcp]] 10:54, 30 March 2007 (EDT)<br />
<br />
:: Could you explain the difference? --[[User:81.230.12.10|81.230.12.10]] 12:07, 30 March 2007 (EDT)<br />
<br />
::: A tutorial teaches how to write user scripts. Recipes show how to accomplish specific tasks. By this definition, I'd say the "common patterns" section of Dive Into Greasemonkey is pretty much a collection of recipes. It's a matter of general vs. specific, and the two things have different pedagogic purposes.</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Tutorials&diff=1825Talk:Tutorials2007-03-30T14:54:57Z<p>Ldrhcp: </p>
<hr />
<div>Perhaps we could add some "recipes", like in Dive into Greasemonkey. Stuff like "Doing something with every X". Or should we have a separate "recipes" page?<br />
--[[User:81.230.12.10|81.230.12.10]] 08:49, 28 March 2007 (EDT)<br />
<br />
IMO there should be a dedicated page, if not an entire section of the site for that. [[User:Arantius|Arantius]] 21:59, 29 March 2007 (EDT)<br />
<br />
So you (Arantius) propose this page (Tutorials) should be strictly for linking to tutorials elsewhere, with any Recipes in another section? --[[User:81.230.12.10|81.230.12.10]] 04:50, 30 March 2007 (EDT)<br />
<br />
: Tutorial != Recipe. I'd love to have a tutorial on the wiki, and also recipes, but the two things are different. --[[User:Ldrhcp|Ldrhcp]] 10:54, 30 March 2007 (EDT)</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Security_tips&diff=1770Talk:Security tips2007-03-20T19:49:27Z<p>Ldrhcp: </p>
<hr />
<div>I propose un-doing [http://wiki.greasespot.net/index.php?title=Security_tips&curid=1532&diff=1752&oldid=1751&rcid=254 this revision]. GreaseMonkey scripts always have a wrapper function. See [http://greasemonkey.devjavu.com/projects/greasemonkey/browser/trunk/src/components/greasemonkey.js greasemonkey.js] line 250.<br />
[[User:Arantius|Arantius]] 15:26, 15 March 2007 (EDT)<br />
<br />
: -1. The fact that Greasemonkey wraps scripts in an anonymous function is an irrelevant arcanum. <code>return</code> outside a function, even though it eventually ends up inside a function, is unclear. --[[User:Ldrhcp|Ldrhcp]] 18:16, 15 March 2007 (EDT)<br />
<br />
: +-0. I made that change (the one that was undone in the linked revision). While I think that bailing early is good and needless nesting is bad, I also think perhaps the nesting way is more clear, as an example. It also fits better with the fact that you might well have additional "else if" branches. We ''could'' give two examples, but that'd probably hurt more than it'd help. --[[User:81.225.78.42|81.225.78.42]] 07:27, 20 March 2007 (EDT)<br />
<br />
:: It's a matter of aesthetics whether nesting code is "needless" or "bad". Do it as you please in scripts, but for pedagogical purpose, especially when the nested "code" is just a one line comment, I think nesting is better. Also, there is no reason to have an "else if" block, since the purpose of the example is to narrow down the include rule, not do arbitrary logic. --[[User:Ldrhcp|Ldrhcp]] 15:49, 20 March 2007 (EDT)</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Security_tips&diff=1761Talk:Security tips2007-03-15T22:16:22Z<p>Ldrhcp: voted -1</p>
<hr />
<div>I propose un-doing [http://wiki.greasespot.net/index.php?title=Security_tips&curid=1532&diff=1752&oldid=1751&rcid=254 this revision]. GreaseMonkey scripts always have a wrapper function. See [http://greasemonkey.devjavu.com/projects/greasemonkey/browser/trunk/src/components/greasemonkey.js greasemonkey.js] line 250.<br />
[[User:Arantius|Arantius]] 15:26, 15 March 2007 (EDT)<br />
<br />
: -1. The fact that Greasemonkey wraps scripts in an anonymous function is an irrelevant arcanum. <code>return</code> outside a function, even though it eventually ends up inside a function, is unclear. --[[User:Ldrhcp|Ldrhcp]] 18:16, 15 March 2007 (EDT)</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Location_hack&diff=1757Location hack2007-03-15T19:02:18Z<p>Ldrhcp: filled in undone sections. destubbed</p>
<hr />
<div>The '''location hack''' is an ugly but useful way to interact with the content scope of the page being [[user script]]ed.<br />
<br />
== Background ==<br />
<br />
For [[security]] reasons, [[Greasemonkey]] uses [[XPCNativeWrapper]]s and [[sandbox]] to isolate it from the web page. Under this system, the user script can access and manipulate the page using event listeners, the DOM API, and [[API reference|GM_* functions]].<br />
<br />
Sometimes the sandbox is too limiting, in which case the user script can access other parts of the page using [[unsafeWindow]]. As the name ''unsafe''Window implies, this can often be unsafe, and expose security holes.<br />
<br />
In December 2005, Jesse Ruderman [http://www.squarefree.com/2005/12/01/updated-greasemonkey-scripts/ came up with the location hack], to be an alternative to unsafeWindow in many cases.<br />
<br />
== Basic usage: page functions ==<br />
<br />
Suppose the page contains a function called <code>pageFunc</code>, or <code>window.pageFunc</code>. The user script knows this function as <code>unsafeWindow.pageFunc</code>.<br />
<br />
The user script could simply call <code>unsafeWindow.pageFunc()</code>, but this can leak the sandbox. Instead, the user script can take advantage of javascript: URLs, which always run in the content scope. Just entering this URL into the browser's location bar does not leak a Greasemonkey sandbox:<br />
<br />
javascript:void(pageFunc())<br />
<br />
Similarly, a user script can set location.href to this URL to safely call the function:<br />
<br />
location.href = "javascript:void(pageFunc())";<br />
<br />
== Modifying the page ==<br />
<br />
The location hack can do anything a page script or bookmarklet can do, so it can modify content variables and such as easily as it can access them. For example:<br />
<br />
location.href = "javascript:void(window.someVariable = 'someValue')";<br />
<br />
== Executing large blocks of code ==<br />
<br />
Executing more than one statement can become unreadable very easily. Luckily, Javascript can convert functions to strings, so you can use:<br />
<br />
location.href = "javascript:(" + function() {<br />
// do something<br />
} + ")()";<br />
<br />
Even though the function is defined in the sandbox, it is not a closure of the sandbox scope. It is converted to a string and then back to a function in page scope. It cannot access anything in the sandbox scope, which is a limitation, but is also essential to making this technique secure.<br />
<br />
== Returning values ==<br />
<br />
Functions called through the location hack cannot return data directly to the user script scope. To communicate between location hack code and regular user script code, data must be placed where the user script can see it, for example, by writing it into the DOM, or by triggering an event. A simple example:<br />
<br />
var oldBodyTitle = document.body.title;<br />
location.href = "javascript:void(document.body.title = pageFunc())";<br />
var fauxReturnValue = document.body.title;<br />
document.body.title = oldBodyTitle;</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Location_hack&diff=1756Location hack2007-03-15T17:03:14Z<p>Ldrhcp: wrote initial text. will fill in remaining sections later</p>
<hr />
<div>The '''location hack''' is an ugly but useful way to interact with the content scope of the page being [[user script]]ed.<br />
<br />
== Background ==<br />
<br />
For [[security]] reasons, [[Greasemonkey]] uses [[XPCNativeWrapper]]s and [[sandbox]] to isolate it from the web page. Under this system, the user script can access and manipulate the page using event listeners, the DOM API, and [[API reference|GM_* functions]].<br />
<br />
Sometimes the sandbox is too limiting, in which case the user script can access other parts of the page using [[unsafeWindow]]. As the name ''unsafe''Window implies, this can often be unsafe, and expose security holes.<br />
<br />
In December 2005, Jesse Ruderman [http://www.squarefree.com/2005/12/01/updated-greasemonkey-scripts/ came up with the location hack], to be an alternative to unsafeWindow in many cases.<br />
<br />
== Basic usage: page functions ==<br />
<br />
Suppose the page contains a function called <code>pageFunc</code>, or <code>window.pageFunc</code>. The user script knows this function as <code>unsafeWindow.pageFunc</code>.<br />
<br />
The user script could simply call <code>unsafeWindow.pageFunc()</code>, but this can leak the sandbox. Instead, the user script can take advantage of javascript: URLs, which always run in the content scope. Just entering this URL into the browser's location bar does not leak a Greasemonkey sandbox:<br />
<br />
javascript:void(pageFunc())<br />
<br />
Similarly, a user script can set location.href to this URL to safely call the function:<br />
<br />
location.href = "javascript:void(pageFunc())";<br />
<br />
== Modifying the page ==<br />
<br />
The location hack can do anything a page script or bookmarklet can do, so it can modify content variables and such as easily as it can access them. For example:<br />
<br />
location.href = "javascript:void(window.someVariable = 'someValue')";<br />
<br />
== Executing large blocks of code ==<br />
<br />
== Returning values ==<br />
<br />
{{stub}}</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=UnsafeWindow&diff=1755UnsafeWindow2007-03-15T16:38:21Z<p>Ldrhcp: linked to location hack, which I will now start</p>
<hr />
<div>{{lowercase}}<br />
<br />
{{security}}<br />
<br />
= Syntax =<br />
<br />
'''unsafeWindow'''<br />
<br />
= Description =<br />
<br />
[[User script]]s can use this object to access "custom" properties--variable and functions defined in the page--set by the web page.<br />
This is done by bypassing [[Greasemonkey]]'s [[XPCNativeWrapper]]-based [[security]] model.<br />
The unsafeWindow object is shorthand for window.wrappedJSObject; it is the raw window object inside the XPCNativeWrapper provided by the Greasemonkey [[sandbox]].<br />
<br />
Use of unsafeWindow is insecure, and it should be avoided whenever possible.<br />
User scripts absolutely should not use unsafeWindow if they are executed for arbitrary web pages, such as those with <code>@[[Include and exclude rules|include]] *</code>.<br />
[[User script]] authors are '''strongly''' encouraged to learn how [[XPCNativeWrapper]]s work, and how to perform the desired function within their security context, instead of using unsafeWindow to break out.<br />
<br />
= Examples =<br />
<br />
unsafeWindow.document.title="Testing"<br />
<br />
unsafeWindow.TestVarCreatedByDocument="Testing"<br />
<br />
unsafeWindow.document.TestFunction("Test")<br />
<br />
= Alternatives to unsafeWindow =<br />
<br />
== Events ==<br />
<br />
Event listeners never need to be created on unsafeWindow. Rather than using <code>unsafeWindow.onclick = function(event) { ... }</code>, use:<br />
<br />
window.addEventListener('click', function(event) {<br />
...<br />
}, false);<br />
<br />
[http://developer.mozilla.org/en/docs/DOM:element.addEventListener addEventListener at MDC]<br />
<br />
== Functions defined in the page ==<br />
<br />
If a user script must execute a page function, it can use the '''[[location hack]]''' to call it safely. This involves setting location.href to a <code>javascript:</code> URL, which is like using a bookmarklet. For example:<br />
<br />
location.href = 'javascript:void(pageFunc(123));';<br />
<br />
Larger blocks of code can also be executed this way:<br />
<br />
location.href = 'javascript:(' + encodeURI(uneval(function() {<br />
// some code<br />
})) + ')();';<br />
<br />
This code will run in the page context without leaking the [[sandbox]]. This code is completely separate from the rest of the script scope, sometimes limiting its usefulness. For example, data cannot be returned by the function.<br />
<br />
Another drawback is that this technique is rather ugly. Still, it is preferred over unsafeWindow.<br />
<br />
<br />
[[Category:API Reference|U]]</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=User:Ldrhcp&diff=1730User:Ldrhcp2007-02-26T22:22:47Z<p>Ldrhcp: </p>
<hr />
<div>I'm [http://domnit.org Lenny Domnitser]. [http://userscripts.org/users/236;scripts My user scripts].</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Contributing_to_Greasemonkey&diff=1693Talk:Contributing to Greasemonkey2007-02-17T00:41:57Z<p>Ldrhcp: </p>
<hr />
<div>This has to be updated for DevJavu.</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Current_Memory/CPU_leaks_to_watch_out_for&diff=1680Talk:Current Memory/CPU leaks to watch out for2007-01-01T08:35:48Z<p>Ldrhcp: </p>
<hr />
<div>+1 for removing this page and the link from the main page, unless somebody can come up with some actual content for it.<br />
<br />
in that case, a better name. special characters (like the slash) aren't always a good idea.<br />
<br />
[[User:Arantius|Arantius]] 19:15, 31 December 2006 (EST)<br />
<br />
: +1 for prompt removal. Happy New Year. --[[User:Ldrhcp|Ldrhcp]] 03:35, 1 January 2007 (EST)<br />
<br />
----</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Include_and_exclude_rules&diff=1662Talk:Include and exclude rules2006-12-15T04:09:32Z<p>Ldrhcp: </p>
<hr />
<div>== Pseudo-code ==<br />
<br />
It's huge and unhelpful. +1 for removal. Replace with a link to the list of TLDs and mention that two-level "TLDs" are included. --[[User:Ldrhcp|Ldrhcp]] 23:09, 14 December 2006 (EST)</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Include_and_exclude_rules&diff=1661Talk:Include and exclude rules2006-12-15T04:08:55Z<p>Ldrhcp: Pseudo-code</p>
<hr />
<div>== Pseudo-code ==<br />
<br />
It's huge and unhelpful. +1 for removal. Replace with a link to the list of TLDs and mention that two-level "TLDs" are included.</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Links&diff=1655Talk:Links2006-12-13T01:01:03Z<p>Ldrhcp: </p>
<hr />
<div>Seems like a bad idea to link to http://www.letitblog.com/greasemonkey-compiler/<br />
given that it won't work for virtually any browser in use today; relies on the old insecure injection method; doesn't support any GM_ apis.<br />
<br />
Any votes against removing it?<br />
<br />
: Go ahead. Firefox 1.0 is obsolete. If anything, [[compiled script]]s can get their own wiki page, with a historical mention of the original compiler. --[[User:Ldrhcp|Ldrhcp]] 20:01, 12 December 2006 (EST)</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Main_Page&diff=1629Main Page2006-11-22T01:37:26Z<p>Ldrhcp: organize by section</p>
<hr />
<div>__NOTOC__<br />
<br />
'''GreaseSpot''' is community documentation for [[user script]]ing with [[Greasemonkey]].<br />
<br />
''This wiki is still in its infancy. Please contribute if you can.''<br />
<br />
== Getting Started ==<br />
<br />
* [[Gentle introduction]]<br />
* [[Tutorials]]<br />
<br />
== Scripting References ==<br />
<br />
* [[API reference]]<br />
* [[Security]]<br />
* [[Sandbox]]<br />
* [[Metadata block]]<br />
<br />
== Authoring Tips ==<br />
<br />
* [[FAQ]]<br />
* [[Troubleshooting]]<br />
* [[Security tips]]<br />
* [[Useful Tools for Script Writers]]<br />
<br />
== Extension Development ==<br />
<br />
* [[Contributing to Greasemonkey]]<br />
<br />
== Also ==<br />
<br />
* [[Links]]</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=User:Ldrhcp&diff=1626User:Ldrhcp2006-11-20T02:26:32Z<p>Ldrhcp: </p>
<hr />
<div>I'm [http://domnit.org Lenny Domnitser]. [http://userscripts.org/people/236 My user scripts].</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Metadata_Block&diff=1625Metadata Block2006-11-20T02:18:01Z<p>Ldrhcp: </p>
<hr />
<div>The '''metadata block''' is a section of a [[user script]] that does not execute any code, but describes the script. It contains the script name, namespace, description, and [[include and exclude rules]].<br />
<br />
The metadata block appears in Javascript comments. It begins with the line<br />
<br />
// == UserScript==<br />
<br />
and ends with<br />
<br />
// == /UserScript==<br />
<br />
Everything between those lines is in the format<br />
<br />
// @<var>key</var> <var>value</var><br />
<br />
If the metadata block includes a key that Greasemonkey does not understand, it will simply be ignored.<br />
<br />
== Metadata keys ==<br />
<br />
=== @name ===<br />
<br />
The name of the script. This appears in the [[script manager]] and [[monkey menu]], and is also used to determine whether to overwrite an old version of a script or to install it separately. If no name is provided, it will be inferred from the file name.<br />
<br />
=== @namespace ===<br />
<br />
The namespace, along with the name, is used to determine whether to overwrite an old version of a script or to install it separately. A script author will usually put all of their scripts under one common namespace, and then assign each script a unique name. If two scripts have the same name, but a different namespace, they can co-exist. However, two scripts of the same name in the same namespace are assumed to be replacements for one another. While the namespace is non-semantic, it should be a URI. If no namespace is provided, it is assumed to be the domain from which the script is installed. Since a script can live on various servers or on a local file system, authors should specify this.<br />
<br />
=== @description ===<br />
<br />
Just a description.<br />
<br />
=== @include and @exclude ===<br />
<br />
Refer to ''[[Include and exclude rules]]''. There can be any number of @include and @exclude rules in a script.<br />
<br />
== Example ==<br />
<br />
// ==UserScript==<br />
// @name My Script<br />
// @namespace http://www.example.com/gmscripts/<br />
// @description Scripting is fun<br />
// @include http://www.example.com/*<br />
// @include http://www.example.org/*<br />
// @exclude http://www.example.org/foo<br />
// ==/UserScript==</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Main_Page&diff=1624Main Page2006-11-20T01:59:25Z<p>Ldrhcp: </p>
<hr />
<div>'''GreaseSpot''' is community documentation for [[user script]]ing with [[Greasemonkey]].<br />
<br />
For now, consult [http://diveintogreasemonkey.org/ Dive into Greasemonkey].<br />
<br />
Some handy portal type pages:<br />
<br />
* [[API reference]]<br />
* [[Troubleshooting]]<br />
* [[Tutorials]]<br />
* [[Contributing to Greasemonkey]]<br />
* [[Useful Tools for Script Writers]]<br />
<br />
Until this site develops some natural organization, some pages can be listed here:<br />
<br />
* [[FAQ]]<br />
* [[Sandbox]]<br />
* [[Links]]<br />
* [[Security tips]]<br />
* [[Include and exclude rules]]<br />
* [[Metadata block]]</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Include_and_exclude_rules&diff=1623Include and exclude rules2006-11-20T01:58:23Z<p>Ldrhcp: </p>
<hr />
<div>[[User script]]s specify include and exclude rules in the [[metadata block]]. The script will execute if it matches any include rule, as long as it does not match an exclude rule. The rules are URLs, which can have a "wildcard" asterisk (*), which matches any string. For example: http://www.example.com/foo/* will match http://www.example.com/foo/bar and http://www.example.com/foo/, but not http://www.example.com/baz/. A rule can have several wildcards or none, in which case the rule must match the entire URL exactly. Exclude rules look the same, and prevent the script from being executed. An example:<br />
<br />
// ==UserScript==<br />
// @include http://www.example.com/foo/*<br />
// @include http://www.example.org/*.bar<br />
// @exclude http://www.example.com/foo/baz<br />
// ==/UserScript==<br />
<br />
If no include rule is provided, @include * is assumed. That is, every URL will be matched.<br />
<br />
== Magic TLD ==<br />
<br />
The only special syntax besides the wildcard is .tld. An include such as http://www.example.tld/* will match any top level domain, such as www.example.com, www.example.org, www.example.net, and so on. One must be careful with this, to not accidentally leak data to a site that they did not mean to match.</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Main_Page&diff=1616Main Page2006-11-18T17:34:35Z<p>Ldrhcp: </p>
<hr />
<div>'''GreaseSpot''' is community documentation for [[user script]]ing with [[Greasemonkey]].<br />
<br />
For now, consult [http://diveintogreasemonkey.org/ Dive into Greasemonkey].<br />
<br />
Some handy portal type pages:<br />
<br />
* [[API reference]]<br />
* [[Troubleshooting]]<br />
* [[Tutorials]]<br />
* [[Contributing to Greasemonkey]]<br />
* [[Useful Tools for Script Writers]]<br />
<br />
Until this site develops some natural organization, some pages can be listed here:<br />
<br />
* [[FAQ]]<br />
* [[Sandbox]]<br />
* [[Links]]<br />
* [[Security tips]]</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Main_Page&diff=1607Main Page2006-11-08T02:54:29Z<p>Ldrhcp: linked Security tips</p>
<hr />
<div>'''GreaseSpot''' is community documentation for [[user script]]ing with [[Greasemonkey]].<br />
<br />
For now, consult [http://diveintogreasemonkey.org/ Dive into Greasemonkey].<br />
<br />
Some handy portal type pages:<br />
<br />
* [[API reference]]<br />
* [[Troubleshooting]]<br />
* [[Tutorials]]<br />
* [[Contributing to Greasemonkey]]<br />
<br />
Until this site develops some natural organization, some pages can be listed here:<br />
<br />
* [[FAQ]]<br />
* [[Sandbox]]<br />
* [[Links]]<br />
* [[Security tips]]</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Security&diff=1605Security2006-11-07T02:27:32Z<p>Ldrhcp: Link to Security tips, which I will start</p>
<hr />
<div>This page is a description of [[Greasemonkey]]'s security model. For tips you can apply directly to your scripts, see '''[[Security tips]]'''.<br />
<br />
= Overview =<br />
<br />
[[Version history|Historically]], [[Greasemonkey]] would inject a [[user script]] into a page by creating a <code><script></code> tag with the [[user script]] contents inline, and appending it to the content page's DOM.<br />
<br />
Mark Pilgrim originally [http://mozdev.org/pipermail/greasemonkey/2005-July/004022.html described a security flaw] with this design, on July 19th 2005, while [[Greasemonkey]] was at [[version]] 0.3.4.<br />
[[Greasemonkey]] [[version]] 0.3.5 was immediately released, with all [[API reference|GM_* functions]] disabled, to plug the security hole.<br />
''(Needed: more description of what the holes/problems were.)''<br />
<br />
To fix the security flaw, [[XPCNativeWrapper]]s, a new feature of the then-in-development Firefox 1.5, were used to isolate privileged [[user script]] code from insecure content pages.<br />
Certain other changes were made, including restrictions on the [[GM_xmlhttpRequest]] method, to disallow access to local files.<br />
<br />
= unsafeWindow =<br />
<br />
Wrapping the [[user script]] environment this way creates a [[sandbox]].<br />
This sandbox introduces many side effects and limitations.<br />
To allow maximum flexibility for [[user script]] authors, the <code>[[unsafeWindow]]</code> property was added in to the sandbox.<br />
<br />
The <code>window</code> object functions as the global scope in javascript.<br />
For [[user script]]s, this global window option is in fact a "deep wrapper" of the content window.<br />
The content window can be accessed by [[user script]]s, but only indirectly through the wrapper.<br />
The <code>unsafeWindow</code> property is a direct line to the actual content window.<br />
<br />
Use of the <code>unsafeWindow</code> property should be avoided whenever possible.<br />
Its use has the potential to open up all the original security holes that introducing the [[XPCNativeWrapper]]s fixed.<br />
When a [[user script]] relies on the <code>unsafeWindow</code> property, it should be included only on trusted pages, and even then is not guaranteed to be safe.<br />
<br />
= See Also =<br />
<br />
* [http://it.slashdot.org/article.pl?sid=05/07/19/143241 Slashdot: Firefox Greasemonkey Extension Security Problem]<br />
<br />
{{stub}}</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Security&diff=1604Security2006-11-07T02:24:28Z<p>Ldrhcp: linked</p>
<hr />
<div>= Overview =<br />
<br />
Historically, [[Greasemonkey]] would inject a [[user script]] into a page by creating a <code><script></code> tag with the [[user script]] contents inline, and appending it to the content page's DOM.<br />
<br />
Mark Pilgrim originally [http://mozdev.org/pipermail/greasemonkey/2005-July/004022.html described a security flaw] with this design, on July 19th 2005, while [[Greasemonkey]] was at [[version]] 0.3.4.<br />
[[Greasemonkey]] [[version]] 0.3.5 was immediately released, with all [[API reference|GM_* functions]] disabled, to plug the security hole.<br />
''(Needed: more description of what the holes/problems were.)''<br />
<br />
To fix the security flaw, [[XPCNativeWrapper]]s, a new feature of the then-in-development Firefox 1.5, were used to isolate privileged [[user script]] code from insecure content pages.<br />
Certain other changes were made, including restrictions on the [[GM_xmlhttpRequest]] method, to disallow access to local files.<br />
<br />
= unsafeWindow =<br />
<br />
Wrapping the [[user script]] environment this way creates a [[sandbox]].<br />
This sandbox introduces many side effects and limitations.<br />
To allow maximum flexibility for [[user script]] authors, the <code>[[unsafeWindow]]</code> property was added in to the sandbox.<br />
<br />
The <code>window</code> object functions as the global scope in javascript.<br />
For [[user script]]s, this global window option is in fact a "deep wrapper" of the content window.<br />
The content window can be accessed by [[user script]]s, but only indirectly through the wrapper.<br />
The <code>unsafeWindow</code> property is a direct line to the actual content window.<br />
<br />
Use of the <code>unsafeWindow</code> property should be avoided whenever possible.<br />
Its use has the potential to open up all the original security holes that introducing the [[XPCNativeWrapper]]s fixed.<br />
When a [[user script]] relies on the <code>unsafeWindow</code> property, it should be included only on trusted pages, and even then is not guaranteed to be safe.<br />
<br />
= See Also =<br />
<br />
* [http://it.slashdot.org/article.pl?sid=05/07/19/143241 Slashdot: Firefox Greasemonkey Extension Security Problem]<br />
<br />
{{stub}}</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=UnsafeWindow&diff=1603UnsafeWindow2006-11-07T02:22:13Z<p>Ldrhcp: New section: Alternatives to unsafeWindow</p>
<hr />
<div>{{lowercase}}<br />
<br />
{{security}}<br />
<br />
= Syntax =<br />
<br />
'''unsafeWindow'''<br />
<br />
= Description =<br />
<br />
[[User script]]s can use this object to access "custom" properties--variable and functions defined in the page--set by the web page. This is done by bypassing [[Greasemonkey]]'s [[XPCNativeWrapper]]-based [[security]] model. unsafeWindow is shorthand for window.wrappedJSObject; it is the raw window object inside the XPCNativeWrapper provided by the Greasemonkey [[sandbox]].<br />
<br />
unsafeWindow is insecure, and should be avoided when possible. User scripts absolutely should not use unsafeWindow if they are executed for arbitrary web pages, such as those with <code>@[[include]] *</code>.<br />
<br />
= Examples =<br />
<br />
unsafeWindow.document.title="Testing"<br />
<br />
unsafeWindow.TestVarCreatedByDocument="Testing"<br />
<br />
unsafeWindow.document.TestFunction("Test")<br />
<br />
= Alternatives to unsafeWindow =<br />
<br />
If a user script must execute a page function, it can use the '''location hack''' to call it safely. This involves setting location.href to a <code>javascript:</code> URL, which is like using a bookmarklet. For example:<br />
<br />
location.href = 'javascript:void(pageFunc(123));';<br />
<br />
Larger blocks of code can also be executed this way:<br />
<br />
location.href = 'javascript:(' + encodeURI(uneval(function() {<br />
// some code<br />
})) + ')();';<br />
<br />
This code will run in the page context without leaking the [[sandbox]]. This code is completely separate from the rest of the script scope, sometimes limiting its usefulness. For example, data cannot be returned by the function.<br />
<br />
Another drawback is that this technique is rather ugly. Still, it is preferred over unsafeWindow.</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=UnsafeWindow&diff=1602UnsafeWindow2006-11-07T02:13:00Z<p>Ldrhcp: /* Description */ Reworded, clarified, expanded</p>
<hr />
<div>{{lowercase}}<br />
<br />
{{security}}<br />
<br />
= Syntax =<br />
<br />
'''unsafeWindow'''<br />
<br />
= Description =<br />
<br />
[[User script]]s can use this object to access "custom" properties--variable and functions defined in the page--set by the web page. This is done by bypassing [[Greasemonkey]]'s [[XPCNativeWrapper]]-based [[security]] model. unsafeWindow is shorthand for window.wrappedJSObject; it is the raw window object inside the XPCNativeWrapper provided by the Greasemonkey [[sandbox]].<br />
<br />
unsafeWindow is insecure, and should be avoided when possible. User scripts absolutely should not use unsafeWindow if they are executed for arbitrary web pages, such as those with <code>@[[include]] *</code>.<br />
<br />
= Examples =<br />
<br />
unsafeWindow.document.title="Testing"<br />
<br />
unsafeWindow.TestVarCreatedByDocument="Testing"<br />
<br />
unsafeWindow.document.TestFunction("Test")</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Version&diff=1586Version2006-11-05T17:13:02Z<p>Ldrhcp: Version moved to Version history: "Version history" better explains what the page is</p>
<hr />
<div>#REDIRECT [[Version history]]</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Version_history&diff=1585Version history2006-11-05T17:13:01Z<p>Ldrhcp: Version moved to Version history: "Version history" better explains what the page is</p>
<hr />
<div>''(What was the earliest version? I know it's lower than 0.2.5.)''<br />
<br />
''(Details needed especially for versions 0.4.x and 0.5.x.)''<br />
<br />
= 0.2.5 =<br />
<br />
March 28th, 2005<br />
[http://greaseblog.blogspot.com/2005/03/greasemonkey-025-xmlhttp-across.html]<br />
[http://greasemonkey.mozdev.org/changes/0.2.5.html]<br />
<br />
Introduced:<br />
* [[GM_xmlhttpRequest]]<br />
* [[GM_registerMenuCommand]]<br />
<br />
Also, the default user scripts that were bundled with [[Greasemonkey]] by default until this point were removed.<br />
<br />
= 0.2.6 =<br />
<br />
March 30th, 2005<br />
[http://greaseblog.blogspot.com/2005/03/greasemonkey-026-now-with-less-fatal.html]<br />
[http://greasemonkey.mozdev.org/changes/0.2.6.html]<br />
<br />
Bugfix release.<br />
<br />
= 0.3 beta =<br />
<br />
April 23rd, 2005<br />
[http://greaseblog.blogspot.com/2005/04/greasemonkey-03b-beta.html]<br />
[http://greasemonkey.mozdev.org/changes/0.3b.html]<br />
<br />
Introduced:<br />
* Edit button in the manage dialog.<br />
* Monkey icon in the status bar, click to enable/disable.<br />
* [[GM_getValue]], [[GM_setValue]]<br />
<br />
= 0.3.3 =<br />
<br />
May 10th, 2005<br />
[http://greaseblog.blogspot.com/2005/05/greasemonkey-033-beta.html]<br />
[http://greasemonkey.mozdev.org/changes/0.3.3.html]<br />
<br />
Primarily bugfix release.<br />
<br />
= 0.3.4 =<br />
<br />
May 12th, 2005<br />
[http://greasemonkey.mozdev.org/changes/0.3.4.html]<br />
<br />
Introduced:<br />
* ".tld" support in @include/@exclude, allowing things like <code>@include http://www.google.tld/</code> for all international permutations.<br />
* Log level option for [[GM_log]]<br />
* Minor enhancements and bugfixes.<br />
<br />
= 0.3.5 =<br />
<br />
July 19th, 2005<br />
[http://greaseblog.blogspot.com/2005/07/mandatory-greasemonkey-update.html]<br />
[http://greasemonkey.mozdev.org/changes/0.3.5.html]<br />
<br />
[[Security]] flaw release.<br />
Contained no fixes, rather removed all vulnerable features.<br />
Intended for (limited) continued use while fixes were being performed.<br />
<br />
= 0.4.x =<br />
<br />
''Details needed.''<br />
<br />
The 0.4 branch was an internal development version, where experimentation for security fixes happened.<br />
<br />
= 0.5 beta =<br />
<br />
July 30th, 2005<br />
[http://greaseblog.blogspot.com/2005/07/greasemonkey-05-beta.html]<br />
[http://greasemonkey.mozdev.org/changes/0.5.html]<br />
<br />
The first release containing [[security]] fixes over 0.3.5 intended for public consumption.<br />
"Greasemonkey 0.5 is actually the combination of a massive security audit and all the new code which was planned for 0.4."<br />
<br />
Introduced:<br />
* [[GM_openInTab]]<br />
* Enhancements to [[GM_registerMenuCommand]]: keyboard shortcuts, stability.<br />
* Memory leak fixes.<br />
* "New User Script" menu item, shortcut to a new blank template for [[user script]] authors.<br />
* Restricted [[GM_xmlhttpRequest]] from accessing local <code>file://</code> URLs.<br />
<br />
= 0.5.1 =<br />
<br />
August 25, 2005<br />
[http://greaseblog.blogspot.com/2005/08/greasemonkey-051-final.html]<br />
[http://greasemonkey.mozdev.org/changes/0.5.1.html]<br />
<br />
Introduced:<br />
* Security fix wherein a [[user script]] could elevate itself to chrome privileges.<br />
* User can select the editor to use for "Edit" in manage, and "New User Script".<br />
* Unicode support for non-english characters.<br />
<br />
= 0.5.2 =<br />
<br />
September 1st, 2005<br />
[http://greaseblog.blogspot.com/2005/09/035-051-migration-madness.html]<br />
<br />
Released to the [[Greasemonkey]] [[mailing list]], fixed bugs in the automatic migration system for the changes between the 0.3 and 0.5 branches.<br />
<br />
= 0.5.3 =<br />
<br />
September 3rd, 2005<br />
[http://greaseblog.blogspot.com/2005/09/053-available.html]<br />
[http://greasemonkey.mozdev.org/changes/0.5.3.html]<br />
<br />
= 0.6.2 =<br />
<br />
September 12th, 2005<br />
[http://greaseblog.blogspot.com/2005/09/firefox-15-compatible-greasemonkey.html]<br />
<br />
Introduced:<br />
* Compatibility with Firefox 1.5.<br />
* The [[Monkey Menu]], a context menu for the status bar item added in 0.3 beta.<br />
* Simplified script installation dialogs.<br />
<br />
= 0.6.4 =<br />
<br />
November 30th, 2005<br />
[http://greaseblog.blogspot.com/2005/11/greasemonkey-064_30.html]<br />
[http://greasemonkey.mozdev.org/changes/0.6.4.html]<br />
<br />
Introduced:<br />
??<br />
<br />
= 0.6.5 =<br />
<br />
July 28th, 2006<br />
[http://greasemonkey.mozdev.org/changes/0.6.5.20060727.html]<br />
<br />
Multiple versions released in separate places; largely to the [[Greasemonkey]] [[mailing list]].<br />
Introduced:<br />
* Compatibility with Firefox 2.0.<br />
* Foreign language support for Czech, Dutch, and German.<br />
<br />
= 0.6.6 =<br />
<br />
October 16th, 2006<br />
[http://greaseblog.blogspot.com/2006/10/greasemonkey-066-firefox-2-support-and.html]<br />
<br />
Introduced:<br />
* Spiffy new installation dialog which more closely resembles the extension installation dialog, and presents more details in a user-friendly way.<br />
* Spanish language support.</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=User:Ldrhcp&diff=1559User:Ldrhcp2006-11-04T05:39:01Z<p>Ldrhcp: </p>
<hr />
<div>[http://userscripts.org/people/236 My user scripts]</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Talk:Sandbox&diff=1554Talk:Sandbox2006-11-04T05:26:21Z<p>Ldrhcp: </p>
<hr />
<div>== Greasemonkey sandbox vs. just plain old Sandbox ==<br />
<br />
I named this article [[The Greasemonkey sandbox]] because there is also such a thing as a wiki sandbox, where people can play with the wiki syntax without damaging real pages. I think it's better to keep the title explicit to avoid confusion. Motion to move the article back to its original title. --[[User:Ldrhcp|Ldrhcp]] 00:26, 4 November 2006 (EST)</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Links&diff=1553Links2006-11-04T05:21:24Z<p>Ldrhcp: clarified link text</p>
<hr />
<div>* [http://greasemonkey.mozdev.org/ Home Page]<br />
* [http://greaseblog.blogspot.com/ Blog]<br />
* [http://groups.google.com/group/greasemonkey-users Mailing List (users, scripters)]<br />
* [http://groups.google.com/group/greasemonkey-dev Mailing List (extension developers)]<br />
* [https://addons.mozilla.org/firefox/748/ Mozilla Addons page]</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Tutorials&diff=1503Tutorials2006-11-03T02:44:08Z<p>Ldrhcp: </p>
<hr />
<div>== Greasemonkey tutorials ==<br />
<br />
* [http://diveintogreasemonkey.org/ Dive into Greasemonkey]<br />
<br />
== Javascript tutorials ==<br />
<br />
{{stub}}</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=API_reference&diff=1502API reference2006-11-03T02:39:37Z<p>Ldrhcp: linkdump to function pages</p>
<hr />
<div>* [[GM_addStyle]]<br />
* [[GM_getValue]]<br />
* [[GM_log]]<br />
* [[GM_openInTab]]<br />
* [[GM_registerMenuCommand]]<br />
* [[GM_setValue]]<br />
* [[GM_xmlhttpRequest]]</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Troubleshooting_(Script_Authors)&diff=1501Troubleshooting (Script Authors)2006-11-03T02:34:50Z<p>Ldrhcp: </p>
<hr />
<div>The article [http://www.oreillynet.com/pub/a/network/2005/11/01/avoid-common-greasemonkey-pitfalls.html Avoid Common Pitfalls in Greasemonkey] covers some of the most common problems people come across when writing [[user script]]s.<br />
<br />
If your problem is not listed, please ask on the [http://groups.google.com/group/greasemonkey-users greasemonkey-users] mailing list.<br />
<br />
{{stub}}</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Template:Stub&diff=1500Template:Stub2006-11-03T02:26:57Z<p>Ldrhcp: copied stub template from Wikipedia</p>
<hr />
<div><div class="notice metadata" id="stub">''This article is a [[GreaseSpot:Stub|stub]]. You can help GreaseSpot by <span class="plainlinks">[{{fullurl:{{FULLPAGENAME}}|action=edit}} expanding it]</span>. ''</div><includeonly>[[Category:Stubs]]</includeonly><br />
<noinclude>''This template will categorize articles that include it into [[:Category:Stubs]].''</noinclude></div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Sandbox&diff=1499Sandbox2006-11-03T02:24:42Z<p>Ldrhcp: </p>
<hr />
<div>For [[security]] reasons, modern [[Greasemonkey#History|versions]] of [[Greasemonkey]] executes each script in a "sandbox", which isolates trusted [[user script]] code from potentially malicious web page code.<br />
<br />
{{stub}}</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Main_Page&diff=1498Main Page2006-11-03T02:21:41Z<p>Ldrhcp: minor temporary organization. link to The Greasemonkey sandbox, which I will now write</p>
<hr />
<div>'''GreaseSpot''' is community documentation for [[user script]]ing with [[Greasemonkey]].<br />
<br />
For now, consult [http://diveintogreasemonkey.org/ Dive into Greasemonkey].<br />
<br />
Some handy portal type pages:<br />
<br />
* [[API reference]]<br />
* [[Troubleshooting]]<br />
* [[Tutorials]]<br />
<br />
Until this site develops some natural organization, some pages can be listed here:<br />
<br />
* [[The Greasemonkey sandbox]]</div>Ldrhcphttps://wiki.greasespot.net/index.php?title=Main_Page&diff=1497Main Page2006-11-03T02:16:50Z<p>Ldrhcp: initial content</p>
<hr />
<div>'''GreaseSpot''' is community documentation for [[user script]]ing with [[Greasemonkey]].<br />
<br />
For now, consult [http://diveintogreasemonkey.org/ Dive into Greasemonkey].<br />
<br />
* [[API reference]]<br />
* [[Troubleshooting]]<br />
* [[Tutorials]]</div>Ldrhcp