Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

HTTP::Proxy::GreaseMonkey

Journal written by AndyArmstrong (7200) and posted by brian_d_foy on 2007.12.17 2:52   Printer-friendly
Tools
Yesterday I posted a GreaseMonkey script to add a CPAN Dependencies link to search.cpan.org.

The only problem with that is that FireFox is not my main browser. I tend to use FireFox for web development (FireBug++) and Safari for general surfing. Theoretically you can use GreaseMonkey scripts in Safari using CreamMonkey - but I couldn't get that to play nicely with Leopard.

So I've released HTTP::Proxy::GreaseMonkey which builds on BooK's excellent HTTP::Proxy to provide a local proxy that functions like GreaseMonkey.

Version 0.01 of HTTP::Proxy::GreaseMonkey has no support for the GM_* utility functions that the real GreaseMonkey provides - but it works well enough to support my CPAN dependencies user script and probably quite a few other GM scripts. Suggestions are welcome. Suggestions with patches even more so.

Related Stories

CPANdeps + Greasemonkey 24 comments [+]

I've just written a quick and dirty Greasemonkey script that adds a link to David Cantrell's excellent CPAN dependencies to any CPAN distribution's page on search.cpan.org.

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

HTTP::Proxy::GreaseMonkey 5 Comments More | Login | Reply /

 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.

  • It also works with Yanick's RtSeverityOrdering [userscripts.org]. Anyone got any other Perl related GreaseMonkey scripts I can try it with?

  • As far as I can say, this approach can’t ever work really right, I’m afraid. Security is a big issue with Javascript, and the origin of code and content (in terms of DNS domain, mostly) plays a big role. There are tight limitations on what is permitted to code when things with different origins mix.

    Now Greasemonkey runs scripts in the context of the page; however, it gives them access to functions that run within the browser’s local security context. That’s what’s special abo

    • Yes, but I have a proxy... That means I can write a GM_xmlhttpRequest with a specially formed URL which appears to fetch from the current domain but which the proxy rewrites to fetch from the intended domain.

      http://this.domain.com/<some long string>/intended.com/something.xml -->

      http://intended.com/something.xml

      That's my theory anyway - I haven't implemented it yet. Can you see any problems with that? Obviously I'm opening up an XSS hole so I'd need to make sure that the GM_ functions weren'

      • Nice lateral thinking there!

        It almost sounds too easy to be right, but at first glance I can’t see anything wrong with that. I’d use HTTP Auth credentials rather than a long string in the URI, but that’s just a quibble.

        • I've just released 0.03 which supports GM_xmlhttpRequest to arbitrary sites. I'm afraid it uses a long arbitrary string in the URL to alert the proxy at the moment. I'll have a think about using auth credentials instead - it certainly sounds cleaner.
Stories, comments, journals, and other submissions on use Perl; are Copyright 1998-2006, their respective owners.