[Greasemonkey] GM_xmlhttpRequest and localhost

Jeremy Dunck jdunck at gmail.com
Tue Jul 19 10:55:41 EDT 2005


On 7/19/05, Godmar Back <godmar at gmail.com> wrote:
> My thinking was that there are default installations of various
> servers out there that would grant special privileges to clients
> connecting from the same machine.

Ugh.  You're right.  Dang, this security stuff is hard. :-/

> Maybe it could be an option a user has to explicitly enable (a
> checkbox in your "install script" box that says "grant access to
> intranet/localhost"?)

I think what you're talking about here is sort of like zones.  Rather
than have 10 different security settings on each script, what about
having some security profiles and assigning scripts to those profiles?
 You know, because IE's "Trusted Zone" has been so effective....

I personally would just like a GM-level "allow localhost requests"
switch.  I don't need the granularity per script, but maybe someone
else done.


More information about the Greasemonkey mailing list