[Greasemonkey] New GM_ function request.

Adam Judson adamsplugins at gmail.com
Tue Aug 23 17:50:27 EDT 2005

On 23/08/05, Nikolas Coukouma <lists at atrus.org> wrote:
> You'll get a security error if you use window.open . If you didn't you
> would have access to a chrome window and be able to twiddle it:
> var chromeWin = window.open("chrome://browser/content/pref/pref.xul",
> "Preferences", "");
> var chromeDoc = chromeWin.document;
> // Insert evil here

I'm not sure I understand this.  
I know I get a security error if I try to insert 
using GM, that's the problem I'm trying to solve.

I don't get a security error using the code I suggested.  Though I should note
that I'm not passing the "chrome" flag to openDialog.

> Your suggestion has two noticable features: it doesn't return a
> reference to the window and it lets you pass in parameters. I will note
> that GM_openInTab will let you open a chrome URL in a tab and you can
> use the usual query string mechanism (but not complete objects).

It's not clear if you are using "feature" in a positive way here...
I don't need a window handle, as I'd like to open the window modally,
though I supose
others might.  Which is the problem with using openInTab, I want modal
behaviour, and
I want my extension to modify values, so the script can use the modified
values when the window closes.

> The more general solution for "I want to use my extension from user
> scripts" is to allow extensions to export functions to Greasemonkey.
> I've filed a bug[1] about it, if you're interested.
> [1] http://mozdev.org/bugs/show_bug.cgi?id=10969

I took a look.  I'm not sure I understand what you are proposing.  How would my
extension see the export_to_GM function?  I don't want to introduce a
dependency on GM
in my extension.


More information about the Greasemonkey mailing list