jdunck at gmail.com
Thu Aug 18 18:01:28 EDT 2005
On 8/18/05, Nikolas Coukouma <lists at atrus.org> wrote:
> Mark Pilgrim wrote:
> >Following up on my earlier ramblings about "monkey-protected" pages,
> >it disturbs me greatly that this simple script is all you need to
> >counteract any Greasemonkey scripts on a page:
So, um, this is the arms race I was talking about. Aaron says there's
no arms race because the web is loosely coupled and we can do whatever
we want before rendering, and that's true in a theorhetical sense, but
it's outside GM's current capability.
Nik says override innerHTML, yeah, that works in this instance but
there's always n+1 to worry about.
Earlier injection (a la proxy) is the only way to win, AFAIK, but
we're not there. So GM can be broken. There are other ways, too.
More information about the Greasemonkey