How to Apply greasemonkey scripts to local files

Source: Internet
Author: User

Today, I wrote a GM script to use it in a local HTML file. I found that both the left and right sides of the script are invalid. I remember it was okay. Later, it may be caused by version updates. Google found the following article:

Reference from: http://www.firefox.net.cn/forum/viewtopic.php? T = 31181


In recent updates, greasemonkey scripts can no longer be used in local files, that is, GM scripts for text linking, automatic highlighting, word translation, and so on, it is ineffective for other locally stored web pages, HTML pages of e-books, and even the online extraction stored in scrapbook.

After a roundCool", I finally found the almost only post discussing this issue:

Reference:
On wed, Dec 30,200 9 at AM, Matt Sargent <matt.sarg...@earthlink.net wrote:

Until a recent release, greasemonkey cocould run on locally stored HTML pages. this was very handy, especially when combined with the scrapbook add-on. does anyone know of a way to restore this behavior to a script?
>>>
On 12/29/2009 7:06 pm, esquifit wrote:
Since a couple of releases there are two new 'den den 'preferences:

Greasemonkey. aboutisgreaseable
Greasemonkey. fileisgreaseable

The default value is "false". If you want greasemonkey to run on
File: // URLs, you have to set the second one to "true" (In about: config ).
>>>
On Fri, Jan 1, 2010 at AM, Matt Sargent <matt.sarg...@earthlink.net wrote:
Thank you !! This was exactly what I was looking for. It works perfectly.


In other words, change the value of "greasemonkey. fileisgreaseable" in "about: config" to "true" to make the GM script take effect for the local file.
However:

Reference:
Esquifit
Fri, 01 Jan 2010 02:39:49-0800

Gglad to know. keep in mind, however, that this implies a security risk. A malicious userscript cocould open a tab or a frame, load a "file:" URL from your local drive into it, read the contents and send them to any server. even binary files cocould be stolen in
This way, including files stored in your Firefox profile containing sensitive information (passwords, cookies, history, etc ). in order to know the exact location of the profile folder the attacker cocould either do a recursive scan of your hard disk (directory
Contents can also be listed via file: URLs) until it reached the profile. INI file in which all profile directories are listed, or it cocould open the about: cache page and read the profile from there, provided access to about: URLs is granted via the "greasemonkey. aboutisgreaseable"
Preference. This security risk was in fact the motivation for the new preferences, as far as I can remember. This was handled in bug #1000:

Http://github.com/greasemonkey/greasemonkey/issues/closed#issue/1000


That is to say, this is risky. for malicious GM scripts, It is a door to steal your privacy.
In fact, this cannot be solved. The method is to enable the above key value. For the GM script that is secure and needs to take effect for the local file, use the greasemonkey script to manage the "file: /// * "is added to its allow rules. For untrusted scripts, the same rules are added to the excluded rules. When installing the script, note that if the script takes effect for all webpages (The rule is "*"), you must immediately modify the rule (for example, change it to "http: //) or add "file: // *" to the exclusion rule for prevention.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.