[Greasemonkey] Re: unsafeWindow.XmlHttpRequest in Greasemonkey 0.6.4

Aaron Boodman zboogs at gmail.com
Thu Jan 12 17:08:44 EST 2006

Previous message: [Greasemonkey] Re: unsafeWindow.XmlHttpRequest in Greasemonkey 0.6.4
Next message: [Greasemonkey] unsafeWindow.XmlHttpRequest in Greasemonkey 0.6.4
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/12/06, Julien Couvreur <julien.couvreur at gmail.com> wrote:
> I actually found a way to get my XMLHttpRequest Debugging script
> working again (but without the help of the GM_getValue, GM_setValue or
> GM_registerMenuCommand functions), but eval'ing it in the page.
> More details at http://blog.monstuff.com/archives/000274.html
>
> My other two related scripts: "Tracing" and "Security Bypass" do need
> the ability to leak GM_ functions (GM_log for the first and
> GM_XMLHttpRequest for the second).
> But then again the "Debugging" script is kind of a replacement for
> "Tracing", which leaves "Security Bypass" the only remaining problem.

This is exactly what I was proposing by using window.location.href =
"javascript:" + script.toString() except that I would feel more
comfortable using this method than unsafeWindow.eval()

I'm glad it looks like it will work for you for some scripts!

> Not random pages, only the pages that I configure my "leaking" script for ;-)

As long as one of your users doesnt configure it for * for convenience. :-)

- a

Previous message: [Greasemonkey] Re: unsafeWindow.XmlHttpRequest in Greasemonkey 0.6.4
Next message: [Greasemonkey] unsafeWindow.XmlHttpRequest in Greasemonkey 0.6.4
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Greasemonkey mailing list