[Greasemonkey] Re: unsafeWindow.XmlHttpRequest in Greasemonkey
0.6.4
Julien Couvreur
julien.couvreur at gmail.com
Thu Jan 12 16:40:29 EST 2006
I wrote:
>> But alert(unsafeWindow.XMLHttpRequest) is null. Is that expected? If so, why?
Aaron replied:
> I can't explain this, it should work.
Aaron, I'll try this again on different machines.
If that works, I'm still unclear why couldn't I do the following
(leaking GM_log into code that gets run by the page):
var xhr = unsafeWindow.XMLHttpRequest;
xhr.prototype.oldSend = xhr.prototype.send;
xhr.prototype.send = function() { GM_log("sending"); this.oldSend(); }
Aaron wrote:
> I have checked out the scripts. Have you considered writing to a popup
> window or some such? If you didn't need GM_log, then you could add the
> entire script to the page's context using something like:
> window.location.href = "javascript:" + bigChunkOfJS;
I actually found a way to get my XMLHttpRequest Debugging script
working again (but without the help of the GM_getValue, GM_setValue or
GM_registerMenuCommand functions), but eval'ing it in the page.
More details at http://blog.monstuff.com/archives/000274.html
My other two related scripts: "Tracing" and "Security Bypass" do need
the ability to leak GM_ functions (GM_log for the first and
GM_XMLHttpRequest for the second).
But then again the "Debugging" script is kind of a replacement for
"Tracing", which leaves "Security Bypass" the only remaining problem.
Aaron wrote:
> We do not want to give random webpages increased privs.
Not random pages, only the pages that I configure my "leaking" script for ;-)
Randy Ray wrote:
> You could put the calls in closures, attached via addEventListener().
Randy, in that case the following should work to leak GM_log into the
page context (I'll try it at home tonight):
unsafeWindow.addEventListener("onload", function() { window.GM_log = GM_log; });
Thanks both for your help,
Julien
More information about the Greasemonkey
mailing list