tags:

views:

30

answers:

1
Q: 

Security Manager vetoes action in Greasemonkey Script!

I'm trying to prevent my Greasemonkey script from executing within IFRAMEs. I'm doing so by using if (window.top != window.self) return;. As soon as I insert that line right after the metadata header, the error console throws out a "Security Manager vetoed action" indicating this exact line of code. There's no additional information available.

I'm using Firefox 3.6.10 and the latest Greasemonkey extension. Oh, I'm new to user scripts but even after some time looking for an answer I didn't find anything at all.

+1  A: 

Greasemonkey has an own API, which allows persistent storage and cross-site HTTP requests. For this reason, scripts are executed in a sandbox and this API cannot abused.

To make your code work, use:

if(usnafeWindow.top != unsafeWindow.self) return;

Please note the unsafe part, you may want to review these pages:

Alternatively, wrap the code in a <script> tag:

(function(f){var d=document,s=d.createElement('script');s.setAttribute('type','application/javascript');s.textContent = '('+f.toString()+')()';(d.body||d.head||d.documentElement).appendChild(s);s.parentNode.removeChild(s)})(function(){
   /* code here */
}
Lekensteyn  2010-10-06 14:19:55
Alright, that explains a few things. Generally, it looks like it's a good idea to avoid unsafeWindow but in this case there's no alternative. Works like a charm now. Thank you.
JC2k8  2010-10-07 08:12:29
As an alternative, you can put your script in a script tag and append that to the document. In that way, you've no longer access to the GM API, and the script behaves as any script on the page. See example in my answer.
Lekensteyn  2010-10-07 12:33:31

related questions

Firefox vs. IE: innerHTML handling
Firefox add-ons
How do you make a post request into a new browser tab using JavaScript / XUL?
Checking if userinput is a valid URI in XUL
Ubiquity Hack
Printing DOM Changes
HTML Select Tag with black background - dropdown triangle is invisible in Firefox 3
What is your best tool or techniques for getting the same display on IE6/7 and Firefox?
SPAN Height in Firefox
Debugging asp.net with firefox and visual studio.net - very slow compared to IE
How do I write a Firefox Addon?
Is there a way to make Firefox ignore invalid ssl-certificates?
Convince Firefox to send an If-Modified-Since header over HTTPS
Firefox extension for website interaction recording and repetition
Browser Sync accross many machines
Firefox plugin - sockets
Printing Flex components in FireFox 3
Some kind of task manager for JavaScript in Firefox 3?
How to make a Flash movie with a transparent background
Why no favicon for my web site?
FF3 WinXP != FF3 Ubuntu - why?
Firebug won't display console feeds for some of my sites
Upload form does not work in Firefox 3 with Mac OS X
Http Auth in a Firefox 3 bookmarklet
How can I turn a string of HTML into a DOM object in a Firefox extension?