I thought that "unsafe" means that the script can do something unsavory by using unsafeWindow to access variables in the page, getting information from these variables, sending them somewhere...
OK, Forget about the safety things. Sorry, "without @grant and GM_xx" actually should be "without @grant or GM_xx", where I meant a script that does not specify any @grant line, yet does NOT call GM_* functions. For such a script, Greasemonkey 1.0 acts as if it specifies "@grant none", a lot of scripts are affected. I'm just wondering if it may cause compatiblity problems and conflicts for some scripts. Example: test.user.js: =================CODE================== // ==UserScript== // @name test // @include http://localhost/test/test.html // ==/UserScript== (function () { window.addEventListener("load", function () { window.myVar = "modified"; }, false); })(); =================END=================== localhost/test/test.html: =================CODE================== <!DOCTYPE html> <html lang="en-US"> <head> <title>test</title> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> <script> var myVar = "original"; window.addEventListener("load", function () { window.setTimeout(function() { alert(myVar); }, 1000); }, false); </script> </head> <body> </body> </html> =================END=================== It shows "modified" in Greasemonkey v1.0, but shows "original" before v1.0. On Sunday, August 26, 2012 7:22:44 AM UTC+8, Anthony Lieuallen wrote: > > The "unsafe" in "unsafeWindow" is that it exposes the privileged GM_* > functions to the content page: and that page could in theory do something > unsavory with them. > > If you "@grant none" then there are no privileged GM_* functions (that's > the whole point!), so that vector of unsafe-ness does not exist, so you > don't need to worry about it. There's nothing to put in a sandbox. > > You also use the ambiguous phrase "without @grant and GM_xx". I take that > to mean: a legacy script that does not specify any @grant line, yet _does_ > call GM_* functions. In such a case, Greasemonkey detects and acts as if > there was a @grant line (with all the same legacy sandboxing). > > If your script gets privileged access, it lives in the sandbox that makes > that safe. If it doesn't, then it doesn't. > > On Sat, Aug 25, 2012 at 6:46 PM, tomchen <[email protected] <javascript:> > > wrote: > >> Thank you. >> >> "less safe" I mean, those script without @grant and GM_xx, may use >> window.xx without any intention of modifying the variables in the page, >> because they know it runs in sandbox, if they want to modify the variables >> in the page, they will use unsafeWindow.xx rather than window.xx. But now, >> window suddenly becomes able to access unsafeWindow, may it cause problems >> and conflicts? >> >> It'd be better if, when no @grant is specified, and no API method is >> detected, the script will run in sandbox. >> > > -- You received this message because you are subscribed to the Google Groups "greasemonkey-users" group. To view this discussion on the web visit https://groups.google.com/d/msg/greasemonkey-users/-/kHC0udlyyUYJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/greasemonkey-users?hl=en.
