[Greasemonkey] I want persistent data

Julien Couvreur julien.couvreur at gmail.com
Sun Apr 10 01:19:46 EDT 2005


I wrote a script to do form auto-save a couple of weeks back, we
discussed the same problem on the mailinglist then.
I don't think this feature should be GreaseMonkey-specific, as it can
be useful in other scripting contexts. It should really be part of the
browser.

Anyways, I'm still in favor of cookies that don't get sent to the
server, rather than some new XML datastore/API. The advantage of
"client-only cookies" is that the same security restriction would
apply for these special cookies as for regular cookies, rather than
come up with a new set of rules.

I gave this some more thought and it might be possible to implement it
by hacking the current cookie behavior, the same way the
XmlHTTPRequest was hacked for GreaseMonkey's GM_XmlHTTPRequest.

Quick specification:
- Existing API "document.cookie": provides the script access (read and
write) to the cookies in the current domain and path. Cookies that
were set in a different domain are not visible. Cookies set outside of
that path are not visible.
- New API "document.GM_cookie": provide the script access (read and
write) to the cookies in the current domain for a specific path (maybe
/greasemonkey/ or maybe some random GUID). These cookies "live" in the
same browser cookie jar as regular cookies, but because they are set
in a specific path, they are never sent to the server.

I imagine that GreaseMonkey, as a browser extension, may have a
privileged access to the cookie jar, and may be able to provide access
to cookies in a different path. That's the key to implementing the
"client-only cookies" this way.

Cheers,
Julien


More information about the Greasemonkey mailing list