Revision as of 15:32, 30 November 2010
About User Scripts
The purpose of Greasemonkey is to manage user scripts.
User scripts allow the user to control the way they use the web, by customizing it with scripting.
The Greasemonkey extension won't do any good without any scripts installed.
The first thing an eager user should do is find and install (or write!) a useful script.
- A word on finding user scripts. They may be located anywhere on the internet or even offline. The Greasemonkey community typically uses the general purpose user script repository site created for it at http://userscripts.org.
Installation of a script is most often done by clicking a link on a web page. One may also drag-and-drop a local file into the browser window, or optionally use the menu bar File → Open File... dialog to open it.
- Any file that ends in
.user.js is a valid Greasemonkey user script.
When the URL of a link is clicked or otherwise navigated to ends with
.user.js, Greasemonkey will intercept the loading file by presenting the installation dialog.
The Installation Dialog
When navigating to a user script, Greasemonkey will open its installation dialog instead of loading the script like a normal page.
A thumbnail of this dialog is shown to the left.
It displays the name and description of the script, if available, as well as the include and exclude rules that apply.
This button will, of course, install the script in question.
Like the Firefox extension installation dialog, this button is disabled for a few seconds to avoid the same potential security vulnerability.
This button will cancel the installation of a script.
- The View Script Source button
This button will allow viewing of the source code contained in the script.
At this point, Greasemonkey has already downloaded the user script in question to display the name and other details.
When a user shows the script source, it displays the temporary file that Greasemonkey has already downloaded depicted in this screenshot. This is intentionally engineered to avoid a potential security problem. An evil server could deliver one innocent script for viewing, and on the second load an evil script for installing.
This approach ensures that the script is downloaded only once. Upon examination of the visible script source, this copy is the script that will be installed.
Finally, in this window there is an information bar at the top similar to the Firefox extension installation security warning. This bar includes another Install button much like the the prior dialog. Clicking this button will also install the script. Using the Manage Dialog is the next step.