The best fix would be at userscripts.org, to make all links for user scripts to point at the HTTPS URL by default, for all users.
A workaround might be, as you suggested, to always choose to install scripts from userscripts.org via HTTPS, regardless of whether the original URL was. But perhaps the owners of userscripts.org have a good reason not to do that? Which again reinforces the idea that: if they can handle it, they should indicate as such by making the change on their end. On Thu, Mar 7, 2013 at 12:10 AM, Nicholas <[email protected]> wrote: > Hello, > > I have authored about a dozen or so scripts currently hosted on > Userscripts and am having trouble understanding how the automatic update > process in Greasemonkey applies to scripts installed from that location. > I'm asking because what I'm currently seeing is that no scripts installed > from Userscripts are, by default, automatically checked for updates. > > By default Greasemonkey requires a secure connection to install script > updates (which makes sense). According to the documentation, if a script > is installed without the @updateURL or @downloadURL headers, then the > original install location will be used. The problem with this system is > that, by default, scripts are installed from a non-secure location on > Userscripts. Because of this, it seems like the only way to get automatic > updates to work with UserScripts is to manually include the @update > directives in the metablock of the script. > > Is there a possibility that Greasemonkey might be changed so that it > treats scripts installed from Userscripts as a special case such that if a > script is installed from a non-secure location (say, > http://userscripts.org/scripts/source/1.user.js) and it does NOT include > any @update directives, then the corresponding secure location is used as a > fall-back (in this case, https://userscripts.org/scripts/source/1.user.js). > Since Userscripts supports both HTTP and HTTPS connections, connectivity > shouldn't be a problem. The only issue would be whether Userscripts can be > trusted to serve the same content from both locations -- but since the user > is already trusting Userscripts, that doesn't seem like an issue. > > If this change were put in place, it would allow all scripts installed > from Userscripts to be automatically updatable by default without needing > @update directives. That seems to go along with the original goal of > automatic script updates. > > Thanks for reading. > > -- > You received this message because you are subscribed to the Google Groups > "greasemonkey-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at > http://groups.google.com/group/greasemonkey-users?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > > > -- You received this message because you are subscribed to the Google Groups "greasemonkey-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/greasemonkey-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
