[Greasemonkey] gmdetect.js

Nikolas Coukouma lists at atrus.org
Tue Jul 19 13:16:05 EDT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Nikolas Coukouma wrote:

> Mark Pilgrim wrote:
>
>> I've written a Greasemonkey vulnerability detection script and
>> installed it on diveintogreasemonkey.org and diveintomark.org. If
>> it detects leaking APIs, it displays a warning message telling
>> the visitor that the version of Greasemonkey they are using has
>> critical security flaws, and points them to the Greasemonkey home
>> page for download, or the specific mailing list message that
>> gives details on the vulnerability. Has no ill effects in IE,
>> Opera, Safari, Firefox without Greasemonkey, or Firefox with GM
>> 0.35.
>
>> Available here:
>> http://diveintogreasemonkey.org/download/gmdetect.js
>
>> Open source, MIT-licensed. Just drop it into any page, no
>> initialization required:
>
>> <script type="text/javascript"
>> src="/path/to/gmdetect.js"></script>
>
> I've made a little page that people can point to, if they like.
> It's a minimal page that includes your gmdetect.js, has a paragraph
> explaining how to run the test, and a minimal script to install so
> the test will actually work.
>
> http://atrus.org/hosted/vuln_test.html
>
> -Nikolas Coukouma

Of course, in the time it takes to link that, you could (and should)
just link version 0.3.5 . Meh.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFC3SdFs2zR4YuWmeERAv0iAKCHdHl228+yaykPtDmA97im/6hBcgCfYwfk
Qj3X8NaYfHBe1BhHLQLe3wM=
=6zy8
-----END PGP SIGNATURE-----



More information about the Greasemonkey mailing list