On 03/09/2010 11:44 PM, Dave Land wrote:
On Mar 9, 2010, at 9:18 PM, Aleksandr Rainchik wrote:
Hello!
I've seen some scripts at userscripts.org that start and end in this
way:
// ==UserScript==
// blah..
// blah..
// ==/UserScript==
(function() {
blah...
blah...
})();
Why would someone want to enclose the code with this (function(){...})
(); ?
What does it actually do?
The "anonymous function wrapper" ensures that the script's identifiers
don't collide with identifiers in JavaScript in the page itself. All
of the script's identifiers exist only within the anonymous function,
so they can't "leak out" into the page, or vice versa — the script's
identifiers are all local to the script.
This not only ensures that scripts work, it also addresses serious
security issues with earlier versions of GM. It seems that half of the
history of Greasemonkey is a security story (and one with a happy
ending, as far as I can tell).
If I'm mistaken in how I've explained this, the bright people on this
list will no doubt jump in to correct me.
Dave
If that's the case, then GM should wrap the script automatically and not
leave it to the script writer, IMO.
--
You received this message because you are subscribed to the Google Groups
"greasemonkey-users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/greasemonkey-users?hl=en.
