Slashdot Mirror
Hacking the Web with Greasemonkey
plasticmillion writes "Greasemonkey is a revolutionary Firefox extension that many feel has enormous implications for the future evolution of the web. By making it easy to write client-side scripts that modify webpages as you surf, it shifts the balance of power from content creators to content consumers. Since its inception, it has given rise to an impressive array of scripts for everything from enhancing Gmail with one-click delete functionality to preventing Hotmail from spawning new windows when you click on external links. In recent Greasemonkey news, Mark Pilgrim just published a comprehensive primer called 'Dive Into Greasemonkey', a must-read for those who want to try their hand at writing their own scripts. It should be noted that Greasemonkey is not without controversy, but this has done nothing to reduce its popularity among web programmers. Even Opera has jumped on the bandwagon with their own version of user scripts. To illustrate the principle to /.ers, I whipped up a handy little script called 'Slashdot Live Comment Tree', which lets you expand and collapse entire threads in an article's comments."
I don't want them to see my site the way they want to see it. I want them to see it the way it was meant to be seen.
That's why GreaseMonkey exists. It allows firefox to do the work your eyes and hands must otherwise do - it gets you the information you're after, not what the designer fancies.
(I actually like your site design, and I think it is great you are releasing your work under the GPL and your content under a CC license)
"Those who cast the votes decide nothing; those who count the votes decide everything." (attrib. Joseph Stalin)
You know you need to disable those default scripts that come with the extension, right?
Or at least set them so they don't execute on that particular site...
already been done
see how much people dislike that geeza ? if this was a pub he would of been slapped up and kicked out a long time ago
Greasemonkey is nothing but "the easy way", but client side modification of a website has been live for years:
- Proximitron allows advanced filtering
- Specific Firefox extensions do, too (think about Slashfix)
- Bookmarklets are fairly powerful, check MODI for example
- For god's sake, there are so much differences from one browser to another one that one can tweak what he seens by changing browser
- Custom/client side CSS, Opera has had them for a very long time, Firefox has that too, and you can more than likely find bookmarklets allowing you to load custom CSS in your browser
The fact is that you seem not to know an important rule of web design: the way you indent your website to be displayed is nothing but a mere suggestion, and the surfer is 100% free to fully ignore your hints if he doesn't want itDon't want that? don't create websites. Your websites are not here for you and if they are they shouldn't be online, websites are for the visitor and he can do whatever he wants with the data he receives (including sending the whole content of your website to
"The way we can tell it's C# instead of Haskell is because it's nine lines instead of two." -- wadler
In order to avoid $50 articles, I found this article which did talk about some potential security problems with greasemonkey. It seems hackers could make scripts that behave maliciously. According to the article, even the original greasemonkey developer has expressed concerns along those lines.
Did you check out his site? He releases his stuff work under the GPL and his content CC.
He even provides an XML feed for you to format to your hearts content.
Yeah, big supporter of the MPAA/RIAA there!
But the problem I have with proxomitron is that it's a bunch of regexp matches instead of a scripting language. I've yet to figure out how to get a regexp match that spans more than one line as well. But yes, proxo works well for my particular complaint about greasemonkey.
I'm a leaf on the wind. Watch how I soar.
"One of the most jaw dropping extensions that I have seen to date." --Anders Conbere
Check it out.
-- Scott Turner
No. Sorry. It's not your information. It doesn't belong to anyone. Those that chose to display information a certain way are in their right to do such and lame excuses to justify the bastardization of their attempts to come off a certain way are the rant of the uninformed zealot with a "screw you all" mentality. ...
It's not something everyone has to get all up in arms about. It's a presentation of information. If you don't like it, go somewhere else! If he chooses to display it and prevent this extension from running on his site, so be it! He's well within his rights to do such.
I suppose from the above statements that you're opposed to the level of control most browsers ALREADY give over the display of content? To wit, in Firefox I can go to Edit->Preferences->General, and in there override fonts and colors so that the page's fonts, font sizes, and colors aren't used. I can choose to force links to be displayed with underlines. Under Edit->Preferences->Web Features, I can override popups, javascript, image loading, etc, as well as provide exceptions to most of those... Under Edit->Preferences->Advanced, I can control the resizing of images, force links to open in new tabs, etc. Additionally, if I set up proxies, I can force all my connections to go through privoxy, blocking ads and the like. I can also choose to not install flash, making websites that use it extensively stand out pretty sorely.
All of these settings can be viewed as a bastardization of designers' attempts to display information in a certain way. And most of these settings have been around since the early 1.x days of Netscape Navigator. GreaseMonkey appears to be the logical extension of these settings to the CSS world.
All the HTML markup in the world serves a single purpose---to suggest how a browser should display something to approximate what the originator had in mind. Nothing has ever said that HTML is an imperative command to display something ONLY one way.
"The urge to save humanity is almost always a false front for the urge to rule." --H.L. Mencken
Dev. website:r .js
http://mojodna.net/2005/04/19/mbta-maps/
Direct link to the Greasemonkey script:
http://maps.mojodna.net/mbta/mbta_google_maps.use
It should be pointed out that the people who created Greasemonkey are in no way connected to Firefox. The really brilliant thing that the Mozilla folks did was not to think of ideas like Greasemonkey, it was to deploy an architecture open enough to let other people extend the browser in unexpected directions. In my view this is by far the most revolutionary thing about Firefox, and what we see today is only the tip of the iceberg. Once more programmers become familiar with the Firefox model and better IDEs become available, we're going to see some really incredible stuff.
Peer Pressure
Greasemonkey scripts are bound by the same restrictions as any other javascript.
;) The wiki page (when it's back up) was something I put up when I first saw GM, because it clearly needed some sort of directory to get some momentum. It's now a stopgap until something more structured is completed. You might try delicious as another directory.
No, they aren't. They are inserted into the code of another site's pages, therefore they get local access priveleges over those pages.
I'm a dev on GM, and I'd like to shed some light.
First, yes, GM is in the same security sandbox as the page script. It does not run as local script.
The threat model of a user script is the very same as a bookmarklet, except that user scripts get injected without clicks, meaning that the user could forget about some installed script.
If someone installs an Evil(tm) script, it can run on pages that the evil person doesn't control, and provide data back to the evil person.
Note that such evil can be delivered in other ways (bookmarklets, toolbars, etc) which are trojans. You should consider every user script as a possible trojan. So yeah, don't install scripts that do evil things, and if you're not sure, don't install.
We're working on a community-policed user script directory which can confer some level of trust. It's not ready yet. We were slashdotted a little too early.
Also, Greasemonkey supplies some interesting functions to the user script context, including GM_xmlhttpRequest, which allows cross-domain page requests. Couple this with GM_setValue and GM_getValue, and a user script can indeed very effectively share data between different web apps. Before you wail in terror, note that information could be sent to evil third-party domain already by using scripted image tags, iframes, and form posts. GM only opens up an easier way to share data; it does not allow anything that's truly new in this respect.