[Greasemonkey] Alternative script injection technique proof of
concept
John Plsek
gm at plsek.id.au
Thu Jul 21 19:37:55 EDT 2005
Aaron Boodman wrote:
>Oh, and wrt to your idea about unwatch. Content can just do:
>
>window.unwatch = function(){}
>
>So yeah. Hard :-).
>
>
>
Ok, thanks, you've always said there are "other ways" but never showed
how it could be done ... sandbox is definitely the ONLY safe option in
that case.
as far as the unwatch ...
if content does the above, greasemonkey doing "delete
this.contentWindow.unwatch;" just before creating GM_apis, will actually
restore the "native" unwatch function ... I know, I've tested it, I've
even tested with content that does a window.watch("(un)watch" ... ) and
try to re-redefine watch/unwatch when it's restored by the delete ...
but if it succeeds (sometimes gets an error) it's only ever succeeded
too late to watch for GM_apis
anyway, that discussion is a moot point, as you showed, there are other
ways of getting to the good bits ;-)
John
More information about the Greasemonkey
mailing list