On 2/28/2010 3:57 AM, esquifit wrote:
The exploit shown in this thread has been fixed since then. This means that the page doesn't have access to the privileged GM_* api anymore, at least in this way. I still don't know whether this makes unsafeWindow actually safe..
Well said. The unsafeWindow is unsafe specifically because Javascript is so powerful and flexible. A blessing and a curse. In short, there are plenty of good ways to interact with the content page, if that's really what you want to do:
http://wiki.greasespot.net/Category:Coding_Tips:Interacting_With_The_Page -- You received this message because you are subscribed to the Google Groups "greasemonkey-users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/greasemonkey-users?hl=en.
