Ticket #137: gm_unsafe_hack.fixed.diff

File gm_unsafe_hack.fixed.diff, 5.6 kB (added by jtra..@dragoncat.net, 5 months ago)

  • components/greasemonkey.js

    old new  
    258258 
    259259      console = firebugConsole ? firebugConsole : new GM_console(script); 
    260260 
    261       storage = new GM_ScriptStorage(script); 
     261      storage = new GM_ScriptStorage(script, script.unsafe); 
    262262      xmlhttpRequester = new GM_xmlhttpRequester(unsafeContentWin, 
    263                                                  appSvc.hiddenDOMWindow); 
    264       resources = new GM_Resources(script); 
     263                                                 appSvc.hiddenDOMWindow, 
     264                                                 script.unsafe); 
     265      resources = new GM_Resources(script, script.unsafe); 
    265266 
    266267      sandbox.window = safeWin; 
    267268      sandbox.document = sandbox.window.document; 

  • chrome/chromeFiles/content/config.js

    old new  
    8787          scriptResource._charset = childNode.getAttribute("charset"); 
    8888          script._resources.push(scriptResource); 
    8989          break; 
     90        case "Unsafe": 
     91          script.unsafe = parseInt(childNode.firstChild.nodeValue); 
     92          break; 
    9093        } 
    9194      } 
    9295 
     
    109112    for (var i = 0, scriptObj; scriptObj = this._scripts[i]; i++) { 
    110113      var scriptNode = doc.createElement("Script"); 
    111114 
     115      var unsafeNode = doc.createElement("Unsafe"); 
     116      unsafeNode.appendChild(doc.createTextNode(scriptObj.unsafe)); 
     117      scriptNode.appendChild(unsafeNode); 
     118 
    112119      for (var j = 0; j < scriptObj._includes.length; j++) { 
    113120        var includeNode = doc.createElement("Include"); 
    114121        includeNode.appendChild(doc.createTextNode(scriptObj._includes[j])); 
     
    215222            case "exclude": 
    216223              script._excludes.push(match[2]); 
    217224              break; 
     225            case "unsafe": 
     226              // Allow a script to mark itself as 'unsafe'.  This mark causes 
     227              // the apiLeakCheck functionality to be avoided thus preventing 
     228              // some scripts from breaking under the combination of FF3.0 
     229              // and GM 0.8.   This should very likely be avoided and there 
     230              // there should be some extra warning on install and in the 
     231              // script list if there is a script marked unsafe installed. 
     232              // Unfortunately, for any script which relies on pulling code 
     233              // from a trusted source and evaluating it via eval, this is 
     234              // the only way I could come up with which would allow that code 
     235              // to correctly call GM_* functions which otherwise got blocked. 
     236              script.unsafe = parseInt(match[2]); 
     237              break; 
    218238            case "require": 
    219239              var reqUri = ioservice.newURI(match[2], null, uri); 
    220240              var scriptRequire = new ScriptRequire(script); 
     
    415435  this._excludes = []; 
    416436  this._requires = []; 
    417437  this._resources = []; 
     438  this.unsafe = 0; 
    418439} 
    419440 
    420441Script.prototype = { 

  • chrome/chromeFiles/content/miscapis.js

    old new  
    1 function GM_ScriptStorage(script) { 
     1function GM_ScriptStorage(script, unsafe) { 
    22  this.prefMan = new GM_PrefManager(["scriptvals.", 
    33                                     script.namespace, 
    44                                     "/", 
    55                                     script.name, 
    66                                     "."].join("")); 
     7  this.unsafe = unsafe; 
    78} 
    89 
    910GM_ScriptStorage.prototype.setValue = function(name, val) { 
    10   if (!GM_apiLeakCheck("GM_setValue")) { 
     11  if (!this.unsafe && !GM_apiLeakCheck("GM_setValue")) { 
    1112    return; 
    1213  } 
    1314 
     
    1516}; 
    1617 
    1718GM_ScriptStorage.prototype.getValue = function(name, defVal) { 
    18   if (!GM_apiLeakCheck("GM_getValue")) { 
     19  if (!this.unsafe && !GM_apiLeakCheck("GM_getValue")) { 
    1920    return; 
    2021  } 
    2122 
    2223  return this.prefMan.getValue(name, defVal); 
    2324}; 
    2425 
    25 function GM_Resources(script){ 
     26function GM_Resources(script, unsafe){ 
    2627  this.script = script; 
     28  this.unsafe = unsafe; 
    2729} 
    2830 
    2931GM_Resources.prototype.getResourceURL = function(name) { 
    30   if (!GM_apiLeakCheck("GM_getResourceURL")) { 
     32  if (!this.unsafe && !GM_apiLeakCheck("GM_getResourceURL")) { 
    3133    return; 
    3234  } 
    3335 
     
    3537}; 
    3638 
    3739GM_Resources.prototype.getResourceText = function(name) { 
    38   if (!GM_apiLeakCheck("GM_getResourceText")) { 
     40  if (!this.unsafe && !GM_apiLeakCheck("GM_getResourceText")) { 
    3941    return; 
    4042  } 
    4143 

  • chrome/chromeFiles/content/xmlhttprequester.js

    old new  
    1 function GM_xmlhttpRequester(unsafeContentWin, chromeWindow) { 
     1function GM_xmlhttpRequester(unsafeContentWin, chromeWindow, unsafe) { 
    22  this.unsafeContentWin = unsafeContentWin; 
    33  this.chromeWindow = chromeWindow; 
     4  this.unsafe = unsafe; 
    45} 
    56 
    67// this function gets called by user scripts in content security scope to 
     
    1213// can't support mimetype because i think it's only used for forcing 
    1314// text/xml and we can't support that 
    1415GM_xmlhttpRequester.prototype.contentStartRequest = function(details) { 
    15   if (!GM_apiLeakCheck("GM_xmlhttpRequest")) { 
     16  if (!this.unsafe && !GM_apiLeakCheck("GM_xmlhttpRequest")) { 
    1617    return; 
    1718  } 
    1819