Menu
I'm just fiddling around with user scripts in chrome right now, so please bear with my potential ignorance/idiocy.
In the page I'm writing a script for, there is a <script> element that declares a variable x.
Does this mean that, in my user script, I can just access x from the global namespace?
For example, if the only line in my userscript is alert(x);, should that work as expected (assuming x is a String)? I understand chrome doesn't support unsafewindow, but for some reason I'm finding it impossible to figure out how to mimic the functionality. Is it even possible?
784
It enables users to install scripts that make on-the-fly changes to web page content after or before the page is loaded in the browser (also known as augmented browsing). The changes made to the web pages are executed every time the page is viewed, making them effectively permanent for the user running the script.
Tampermonkey is a donationware userscript manager that is available as a browser extension. This software enables the user to add and use userscripts, which are JavaScript programs that can be used to modify web pages.
This will give you a reference to the window object (as p):
var p = unsafeWindow;
if(window.navigator.vendor.match(/Google/)) {
var div = document.createElement("div");
div.setAttribute("onclick", "return window;");
p = div.onclick();
};
Update:
The onclick exploit no longer works in the latest Chrome releases.
To get unsafeWindow functionality in Chrome, your best bet is to install and use Tampermonkey -- which you would be smart to do, regardless. Tampermonkey has full support for the Greasemonkey API and much easier script management.
Greasemonkey scripts and Tampermonkey scripts are almost always fully compatible, something that's not true for plain Chrome userscripts.
Forgoing Tampermonkey, the only alternative that still works is to use some form of script injection.
The following is now obsolete:
Chrome now defines unsafeWindow for userscripts / content-scripts, but Chrome's unsafeWindow still does not allow access to JS objects created by the target page.
Here's how to provide a properly unsafe, unsafeWindow -- in a cross-browser way that uses Feature Detection (good) versus Browser Sniffing (Bad):
/*--- Create a proper unsafeWindow object on browsers where it doesn't exist
(Chrome, mainly).
Chrome now defines unsafeWindow, but does not give it the same access to
a page's javascript that a properly unsafe, unsafeWindow has.
This code remedies that.
*/
var bGreasemonkeyServiceDefined = false;
try {
if (typeof Components.interfaces.gmIGreasemonkeyService === "object") {
bGreasemonkeyServiceDefined = true;
}
}
catch (err) {
//Ignore.
}
if ( typeof unsafeWindow === "undefined" || ! bGreasemonkeyServiceDefined) {
unsafeWindow = ( function () {
var dummyElem = document.createElement('p');
dummyElem.setAttribute ('onclick', 'return window;');
return dummyElem.onclick ();
} ) ();
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
