[Greasemonkey] Question: what would happen if Greasemonkey sent the ID of every applicable user script with each request?

a.list.address at gmail.com a.list.address at gmail.com
Fri Apr 29 00:42:47 EDT 2005


On 4/28/05, Aaron Boodman <zboogs at gmail.com> wrote:
> 
> GM-like applications are proveably not disableable. How? Write an
> application which instances a web browser, tells it to download a
> particular URL to disk, and then changes it programatically on disk
> and redisplays it. Voila! Slow perhaps, but totally undetectable.

That would be doing it the hard way.  Haven't you heard of
Proxomitron?  It's a client-side HTTP proxy that modifies pages before
they are sent to the browser.  It even does some script-injecting
itself, with the default configuration.  I used it for years on
Windows with IE, but once Adblock came along for Firefox, I didn't
really need it anymore, though it still does many things that Adblock
can't do.  It even runs in Linux in WINE, but still, I can do without
it as long as I have Adblock.  Anyway, it was the original
popup-blocker/cookie-controller/ad-remover/header-changer (well,
Junkbuster may have been the first ad-blocker...), and it's still the
most powerful client-side filter there is (unless maybe you use
something like Squid, which is another bag of marbles).

As long as you are running your code in an environment that the page
itself is a part of, you will always give up some control.  The only
way to stop it is to remove external scripts by either a) removing
external scripts, or b) using a different environment to filter the
pages, by using something like Proxomitron.  Neither is ideal, but
Proxomitron is pretty nice.  :)

BTW, IIRC there is an open-source client-side proxy similar to
Proxomitron that lacks some of its features and power, but I can't
remember the name of it.


More information about the Greasemonkey mailing list