Hacking the Web with Greasemonkey

plasticmillion writes "Greasemonkey is a revolutionary Firefox extension that many feel has enormous implications for the future evolution of the web. By making it easy to write client-side scripts that modify webpages as you surf, it shifts the balance of power from content creators to content consumers. Since its inception, it has given rise to an impressive array of scripts for everything from enhancing Gmail with one-click delete functionality to preventing Hotmail from spawning new windows when you click on external links. In recent Greasemonkey news, Mark Pilgrim just published a comprehensive primer called 'Dive Into Greasemonkey', a must-read for those who want to try their hand at writing their own scripts. It should be noted that Greasemonkey is not without controversy, but this has done nothing to reduce its popularity among web programmers. Even Opera has jumped on the bandwagon with their own version of user scripts. To illustrate the principle to /.ers, I whipped up a handy little script called 'Slashdot Live Comment Tree', which lets you expand and collapse entire threads in an article's comments."

Disable Greasemonkey

By making it easy to write client-side scripts that modify webpages as you surf, it shifts the balance of power from content creators to content consumers.

Google has tried something similar before with their toolbar and ISBNs.

That said, I am going to use this guide to disable Greasemonkey [edwards.name]. I write websites so I can present ideas to people. I don't want them to see my site the way they want to see it. I want them to see it the way it was meant to be seen. That way I can provide content based on expectations of standards compliance.

If you want to display my content with your own formatting, use my RSS feed [scottleonard.ca].

Re:Disable Greasemonkey

Achtung! You vill sit in ze CHAIR ven you read my book, NOT ON ZE COUCH!!!

Sieg heil!

Re:Disable Greasemonkey

That reminds me of a holiday cottage I once rented in Wales. There was a note on the dining room door which said: "Please wear long trousers, not shorts, in this room."

I've been slightly nervous of the Welsh ever since..

Re:Disable Greasemonkey

That said, I am going to use this guide to disable Greasemonkey.

Step 1. Slashdot my own site.

Re:Disable Greasemonkey

Ah, good morning Mr. Ballmer.

Re:Disable Greasemonkey

Your analogy is flawed. Artists have never had a right to prevent you from looking at their work in a certain way. Painters can't stop the colorblind or those wearing sunglasses to look at their paintings. Anyone can skip entire chapters when reading a book. I can play Beethoven and Britney Spears at the same time if I please.

What I do with those works in the privacy of my own home is my business. I might just prefer it that way, and there's nothing you can do about it.

Artists do have recourse against people redistributing altered ("raped") works, but that is also limited.

In the case of greasemonkey, it's just a tool you use to view the web; other people might use other tools, like lynx for example, which renders a page completely differently from firefox or internet explorer. It's personal use. So lay off of it.

Re:Disable Greasemonkey

I don't believe that's what he meant. His concern was that he wants his information presented a certian way and to leave it that way preventing others from changing it into something he didn't intend or desire for his content.

And it's not how it's supposed to work.
You can suggest, tell the visitor 'look, this is supposed to look like that', but ultimately the choice is the user's, just as in a book the reading order is merely a hint, if one wants to read the book backwards more power to him, and the author is not supposed to come at him with a big stick saying "no no, you're not supposed to read backwards, you can't skip pages either or i'll beat you to a bloody pulp you crackwhore", which is exactly what mfh intends to do...

Re:Disable Greasemonkey

And it's not how it's supposed to work.
You can suggest, tell the visitor 'look, this is supposed to look like that', but ultimately the choice is the user's,

yes it is (the user's choice).. hasn't user-defined colors (or stylesheets in newer versions) been in graphical web browsers since pretty much the beginning?

note to webmasters: if you DONT want people to alter your page on the client-side, code it strict, use css, and leave the annoying scripts, ads, popups, ani gifs and other crap out of it.

once a site is on MY computer, i will do with it as i please. so long as i dont republish it, you can't piss and moan about it.

Re:Disable Greasemonkey

When you go to an art museum to you rearrange how the art is displayed?

When I go to an art museum, nothing stops me from watching it though shades or a Kaleidoscope, or without my glasses. In fact, I can do whatever I want as long as I'm not bothering the other visitors (hint: I don't change the datas for any other visitor when I'm applying client side scripting or custom CSSs to a website)
On top of that

the point is that is he feels his web design is a work of art and he is trying to convey and spark certain feelings / emotions. artists can be fickle when it comes to their work.

The primary goal of a website is not to convey "art", it's to convey and publish information...
And as I (and other people) said, if I can't change the font colors, reorganize the page or whatever I want, how pissed the so called artist will be when I'll start using Links or Lynx to browse his website? or Netscape 2?

Fact is, if you want your website to be set in stone and consider it a crime for anyone to modify what he sees on his computer without any impact on whatever the other may be fed you shouldn't be creating a website in the first place.
You should be hacking rocks (even though sculptures can be broken or re-sculpted, you don't own them anymore as soon as they leave you) or painting (see above).

The feelings/emotions are supposed to be conveyed to the reader. If the reader doesn't understand/want them, what are you going to do, try to force your own sensibility on him? Nice way to make him leave forever...

Re:Disable Greasemonkey

A person or company has the right to display thier content however they please

But they're not displaying their content. The client web browsers are displaying the content and they have a right to display however they please. :)

Re:Disable Greasemonkey

Your serving the webpage to me.

As long as you do it in a standards compliant way, then isn't it a bit presumptious to decide how I decide to digest the information.

If I want to use Lynx to view your page, I will, if I want to apply my own java transforms on it I will.

Hell, if I want to print it out and use it as toilet paper, I will.

You seem to have the wrong way of thinking about this web lark.

Crap

Hell, if I want to print it out and use it as toilet paper, I will.

Now that you've said this, everyone is going to use my site as TP. Thanks, buddy.

Re:Disable Greasemonkey

I don't want them to see my site the way they want to see it. I want them to see it the way it was meant to be seen. That way I can provide content based on expectations of standards compliance.

But the web is about sending content to the user - it's up to the user how they want to display it. Unles you're supplying a locked down PC with your own browser configuration you have absolutely no control over what the end user does with the content you send, or how they interpret it.

Sure you can send CSS to the broser, but your visitor using links isn't going to see the result of you work. The visitor using a screen reader or mobile phone will be equally ignorant of your efforts.

These are user installed scripts, and this is the web not television. The folk visiting sites are not their passively, they're there to interact and if they want your site to function a little differently so it better fits with their expectations what rights do you have to stop them?

Re:Disable Greasemonkey

"Remember, this like this never happened before this FF extension"
Bollocks. You could write bookmarklets, or user CSS files. Hell, you could disable CSS or Javascript, you could use a browser that displays things a certain way. You could write your own browser. You could use man-in-the-middle programs to rewrite code before it reaches the browser.

The web is about information. The presentation of that information is ultimately up to the user.

Having said all that, I should point out that I am somewhat uncomfortable with the blind adoption Greasemonkey is seeing. A lot of web sites use Javascript that makes assumptions about the structure of the page. By changing the structure of the page, you're going to potentially break pages that dynamically change themselves.

NOT a derived art...

altering a webpage makes it derived art

Using Greasemonkey or ANY OTHER WEB CLIENT other than the one(s) the author is targetting does not make this a derived art. The original is still in its badly conceived format.

The problem here is that a large number of web "developers" believe that they can control the user's experience. The reality is that this is completely contrary to the HTML standard.

HTML is a method for giving structure to a document. CSS is a method of suggesting look-and-feel of the document. However, NOTHING prevents me from using an arbitrary web client (note: a "browser" is just one type of web client) that will display the structured document in some other way.

If you are designing a page/site in such a way that you try to force a given look-and-feel to everyone, you are limiting the usefulness of your site...not improving it.

Re:Disable Greasemonkey

It's not something everyone has to get all up in arms about. It's a presentation of information. If you don't like it, go somewhere else! If he chooses to display it and prevent this extension from running on his site, so be it! He's well within his rights to do such.

Of course he's within his rights. The real question is what's the benefit to him? People using greasemonkey tend to be people who know what they're doing, so if they break something on a site they'll likely be able to fix it. But just like the article, there seems to be this paranoia that greasmonkey will run rampant and ruin everyone's browsing experience.

Bah! When I go to the poster's website, you know what I see? Overlapping content because I don't run a 1024x768 window. I could fix it with greasemonkey, but that would be 'breaking' the designer's intentions.

I'm a web designer, and I truly believe that a good designer knows better than a user how things should look 95% of the time... but if a user wants to override my design choices that is fine with me. Of course my sites may end up looking up broken and discombobulated, but why should that matter to me? Anyone doing that should know why things are broken, and if not than it's not really worth my time to worry about it. I'd rather have a few idiots think I'm a shitty designer than have my fellow web hackers think I'm a control freak.

Re:Disable Greasemonkey

> I'm a web designer, and I truly believe that a good designer knows better
> than a user how things should look 95% of the time...

Yeah, maybe, but the *other* 97.384% of web designers *don't*. For starters, most of them are stuck in a brain-dammaged 1985-esque mindset wherein they pretend they're still working with an ink-on-paper medium. I've given up entirely on the idea of allowing websites to choose their own colors, and I've half a mind to take away their ability to choose their own layouts too, because most webmasters can't design a layout that works at different resolutions and with different text sizes if their lives depend on it.

Re:Disable Greasemonkey

No. Sorry. It's not your information. It doesn't belong to anyone. Those that chose to display information a certain way are in their right to do such and lame excuses to justify the bastardization of their attempts to come off a certain way are the rant of the uninformed zealot with a "screw you all" mentality. ...

It's not something everyone has to get all up in arms about. It's a presentation of information. If you don't like it, go somewhere else! If he chooses to display it and prevent this extension from running on his site, so be it! He's well within his rights to do such.


I suppose from the above statements that you're opposed to the level of control most browsers ALREADY give over the display of content? To wit, in Firefox I can go to Edit->Preferences->General, and in there override fonts and colors so that the page's fonts, font sizes, and colors aren't used. I can choose to force links to be displayed with underlines. Under Edit->Preferences->Web Features, I can override popups, javascript, image loading, etc, as well as provide exceptions to most of those... Under Edit->Preferences->Advanced, I can control the resizing of images, force links to open in new tabs, etc. Additionally, if I set up proxies, I can force all my connections to go through privoxy, blocking ads and the like. I can also choose to not install flash, making websites that use it extensively stand out pretty sorely.

All of these settings can be viewed as a bastardization of designers' attempts to display information in a certain way. And most of these settings have been around since the early 1.x days of Netscape Navigator. GreaseMonkey appears to be the logical extension of these settings to the CSS world.

All the HTML markup in the world serves a single purpose---to suggest how a browser should display something to approximate what the originator had in mind. Nothing has ever said that HTML is an imperative command to display something ONLY one way.

Re:Disable Greasemonkey

This doesn't make any sense. How is the user capable, or how has the user been capable to display information on the Web (not the internet, just a part) with a web browser.

Remember, this like this never happened before this FF extension, so where do you come off saying that?

I have been doing stuff like this with proxomitron [proxomitron.info] for years. There are other tools that can do the same. If you did not know about them then you probably did not bother to look.
But surely you do know that almost all browsers at least let the user change default colors and fonts.

One thing I did with proxomitron was changing slashdot's color cheme to bright text on dark background for a while.
other things were disabling animated gifs, turning flash animations into links, and so on.

It is my browser, and I decide how it displays stuff.

Re:Disable Greasemonkey

I write websites so I can present ideas to people. I don't want them to see my site the way they want to see it. I want them to see it the way it was meant to be seen...If you want to display my content with your own formatting, use my RSS feed.

And how is that? Because HTML was a protocol for transferring information, not for regidly defined formatting or layout. The graphical browsers came along and people started taking the attitude you are espousing "as it was meant to be seen" by you, the creator.

HTML itself however does not support that idea. Different agents (trad. browser, voice agents for the blind etc.), different and also overriding CSS stylessheet et. al. are explicitly catared for in its idea. If the user which to use your content in a manner other than that which you suggested, the intent of the spec is on their side here. HTML is not a fixed layout format. It is for the transmission of information, to be used according to the whims of the receiver.

Re:Disable Greasemonkey

I don't want them to see my site the way they want to see it. I want them to see it the way it was meant to be seen.

That's why GreaseMonkey exists. It allows firefox to do the work your eyes and hands must otherwise do - it gets you the information you're after, not what the designer fancies.

(I actually like your site design, and I think it is great you are releasing your work under the GPL and your content under a CC license)

Re:Disable Greasemonkey

But your site looks bad on my browser, it is making assumptions about my screen that are incorrect. Why would you want to prevent me from fixing that?

Your content is not displayed on your site, it is displayed on my computer, and you don't know my local parameters. What is there to gain, for anyone, by not allowing me to adjust for a mismatch there?

Re:Disable Greasemonkey

This seems to be another step in the battle that's as old as the web, over who gets final say as to how a web page is presented.

I feel the (Firefox) user should, and generally is going to have the edge, what with the uriid extension to apply site-specific CSS, greasemonkey, and other tools. But page producers always have wanted to dictate exactly how their pages appear to the user, however misguided that is, and I doubt the battle will ever be over.

Re:Disable Greasemonkey

I don't want them to see my site the way they want to see it. I want them to see it the way it was meant to be seen.

Doesn't the fact that it's plain and simply impossible kinda suck?
Greasemonkey is nothing but "the easy way", but client side modification of a website has been live for years:

• Proximitron allows advanced filtering
• Specific Firefox extensions do, too (think about Slashfix)
• Bookmarklets are fairly powerful, check MODI [slayeroffice.com] for example
• For god's sake, there are so much differences from one browser to another one that one can tweak what he seens by changing browser
• Custom/client side CSS, Opera has had them for a very long time, Firefox has that too, and you can more than likely find bookmarklets allowing you to load custom CSS in your browser

The fact is that you seem not to know an important rule of web design: the way you indent your website to be displayed is nothing but a mere suggestion, and the surfer is 100% free to fully ignore your hints if he doesn't want it [evpc.biz]
Don't want that? don't create websites. Your websites are not here for you and if they are they shouldn't be online, websites are for the visitor and he can do whatever he wants with the data he receives (including sending the whole content of your website to /dev/null if he finds it funny)

Paid articles?

If other articles are drawing notice to free registration for articles such as the NYT, why is this one linking to an article trying to charge $34?

"Not without controversy"

It should be noted that Greasemonkey is not without controversy, but this has done nothing to reduce its popularity among web programmers.

It should also be noted that the person claiming controvesy is also charging $49.00 for the "research" he has written. Do people buy these things?

Any, the summary of it reads as basically "users might install extensions that don't work with your own corporate pages". Personally, if an end user is installing applications without understanding the implications, you should ask whether that user should be allowed to install applications. The "researcher" claims that this risk should delay Firefox roll-outs in the enterprise.

Re:"Not without controversy"

The real problem is blanket deployments of firefox as is.

You wouldn't deploy IE without locking it down so why not firefox?

We have a deployment of about 2000 workstations with a highly customized build of firefox out there. I say customized but what I mean is that it's had various GUI elements stripped, keyboard shortcuts stripped and implements locked preferences. One of those preferences is software install. The only site that can install software is our internal update site.

Somebody paid him to write this, possibly as part of an internal migration plan but he failed to notice that in a corporate environment, a well thought-out mozilla implementation would implement things like locked preferences and other customization. Combine this with workstation security and his point is probably moot. I'm not going to spend 50 bucks to find out.

Re:"Not without controversy"

It should also be noted that the person claiming controvesy is also charging $49.00 for the "research" he has written. Do people buy these things?

Well, if a small fraction of people actually buy things that are advertised by spam, then maybe a small fraction of people are willing to pay $49 for a web article.

I have to admit that I'm tempted to throw up a site with a couple essays just to see if anybody would actually pay me $49 to read them.

Let's use this to our advantage

Who's going to write the "Hide Roland Pipe" stories from Slashdot.

Re:Let's use this to our advantage

already been done [daishar.com]

see how much people dislike that geeza ? if this was a pub he would of been slapped up and kicked out a long time ago

It is invaluable.

For several months, I labored under IE. 20 windows open everywhere, because it has no tabs. Even though I had managed to install Firefox (don't you love apps that don't require registry keys?), it was no help, because the applications department writes javascript that looks like it was squeezed from between Ballmer's asscheeks.

It was difficult. Took me two months of working with greasemonkey, of 3 minutes stolen here, and 5 minutes borrowed there in between calls (did I mention I'm only a phone monkey for a DSL ISP?). But in the end, not only can I use our main webapp in Firefox, it has features that the standard one doesn't. It often helps to shave up to a minute off of calltimes.

Which may be why I'm in trouble for using Firefox at that job. Dunno.

Were you trying to be ridiculously jerky??

"It is nothing personal, it is just business and honestly, my paycheck, not my morals, dictate my work environment."

The second worst thing about that statement is that you sound as if you mean it.

The worst thing is that you sound as if you're proud of it.

This attitude causes most of the suffering and evil in the world. The relatively few people who actually have the goal of harming others wouldn't get very far without lots of wimps with this attitude.

(I may just be troll feeding here, but I still had to call it.)

Excellent Idea, but breaks Websites

While I like the features of Greasemonkey lot, I had to uninstall it because it is incompatible with some websites I use often. They jut plain don't work with Greasemonkey enabled.

Example: map.search.ch/etoy [search.ch] (The map does not display at all)

I've submitted a bug about it, but my submission has been completely ignored (as mozdev.org is slashdotted right now I don't have the reference handy).

Markus

Re:Excellent Idea, but breaks Websites

You know you need to disable those default scripts that come with the extension, right?

Or at least set them so they don't execute on that particular site...

Choice quote from 'Dive Into Greasemonkey'

You can fix rendering bugs that the site owner can't be bothered to fix themselves.

Could be useful for Slashdot then :)

I'm worried that greasemonkey has security flaws

Despite how useful it is, I have some concern with GreaseMonkey and your browsers security.

The basic problem I see is that user scripts are plug-ins to to a plug-in. User scripts could do things that would be bad for security such as:

• Grab user entered information such as user names, passwords, or emails.
• Be part of a DDOS attack by contacting some server repeatedly
• Insert unwanted content such as ads or tracking into every page visited

GreaseMonkey does not use the white list of sites allowed to install plugins and allows user scripts to be installed from just about anywhere.

I'm worried that somebody could set up a repository of user scripts that appear to do useful things but have spyware embedded in them. Users would install GreaseMonkey user scripts from the site thinking they were getting useful functionality but not realizing they were getting additional "goodies".

I don't install user scripts without knowing how they work and looking over the source myself. Preferably, I write my own. I don't see most users being able to do that sort of analysis. Hence the danger.

--
Currency Calculator to Calculate Rates of Exchange for Foreign Currencies [ostermiller.org]

Re:I'm worried that greasemonkey has security flaw

Greasemonkey scripts are bound by the same restrictions as any other javascript.

No, they aren't. They are inserted into the code of another site's pages, therefore they get local access priveleges over those pages.

I'm a dev on GM, and I'd like to shed some light.

First, yes, GM is in the same security sandbox as the page script. It does not run as local script.

The threat model of a user script is the very same as a bookmarklet, except that user scripts get injected without clicks, meaning that the user could forget about some installed script.

If someone installs an Evil(tm) script, it can run on pages that the evil person doesn't control, and provide data back to the evil person.

Note that such evil can be delivered in other ways (bookmarklets, toolbars, etc) which are trojans. You should consider every user script as a possible trojan. So yeah, don't install scripts that do evil things, and if you're not sure, don't install.

We're working on a community-policed user script directory which can confer some level of trust. It's not ready yet. We were slashdotted a little too early. ;) The wiki page (when it's back up) was something I put up when I first saw GM, because it clearly needed some sort of directory to get some momentum. It's now a stopgap until something more structured is completed. You might try delicious [del.icio.us] as another directory.

Also, Greasemonkey supplies some interesting functions to the user script context, including GM_xmlhttpRequest, which allows cross-domain page requests. Couple this with GM_setValue and GM_getValue, and a user script can indeed very effectively share data between different web apps. Before you wail in terror, note that information could be sent to evil third-party domain already by using scripted image tags, iframes, and form posts. GM only opens up an easier way to share data; it does not allow anything that's truly new in this respect.

content debate

Websites are a strange medium. Things like greasemonkey and adblock and google toolbar have been spurring these debates about content control.

I would not be suprised if this debate grew bigger as the popularity of client side controll apps gets bigger.

Alot of people want their webpage to look the way they intended it to look, but I think the truth is that you can not count on that. Different browsers, different computers, different monitors...

I am in favor of client side tools, I think that a user getting the best use possible out of a site is a good thing, in fact that is my goal when designing a website. If they think they can do it better, be my guest.

Re:content debate

The solution is obvious. Render the page as a jpeg, and then just have a directory full of jpegs! You can even use server-side image maps for hyperlinks!

Safari

This is not specific to Firefox and Opera. One can use Applescript to make Safari to run Javascript on webpages. From http://www.apple.com/applescript/safari/ [apple.com] we have

Safari now includes a do JavaScript command that enables AppleScript to communicate with the browser via JavaScript!

Buy The Research?

So I run off in hopes of reading the controversy [forrester.com] and it says I need to pay $49.00 to "By the Research"? What gives? Anybody have any worthwhile information to spare us broke college kids a little cash? Or, is my exam fragmented brain missing something that should be obvious?

Preventing all new-window creation in Firefox.

To get more Opera-like behaviour is easy and can be done by the extensible options in Firefox like SO [blogspot.com].

Thus all those hotmail and gmail open link in new window pains will just go away!

Greasemonkey is still in its infancy

I've been an active member of the Greasemonkey mailing list. Mark Pilgrim is a very regular contributer there.

One very interesting thread has been misuse of Greasemonkey(GM). GM allow script authors to use an XML_HTTPrequest() type functionality. This is often to look up information services, such as google, de.li.ci.ous, weather etc.

With a poorly coded script, there could be thousands of http connections spawned per page transition. A DDOS of sorts. This will be an interesting one to tackle.

Any ideas out there??

Greasemonkey needs to inject scripts sooner

I recently started playing around with Greasemonkey. I love it, but there is one issue that I have with it. It injects its scripts at the end of the web page.

I have a web page that runs a little javascript at the end, where it pops up an alert window, then redirects to another page. I would like to write a greasemonkey script to remove this redirection. Unfortunately, the page's javascript gets run before greasemonkeys. Any ideas about how get my greasemonkey script to run sooner?

Re:Greasemonkey needs to inject scripts sooner

I use Proxomitron. It is much like greasemonkey, but it uses regular expressions.

I've used proxomitron too. It doesn't have this problem because it runs as an HTTP proxy, so it changes the web page before the browser ever sees it.

But the problem I have with proxomitron is that it's a bunch of regexp matches instead of a scripting language. I've yet to figure out how to get a regexp match that spans more than one line as well. But yes, proxo works well for my particular complaint about greasemonkey.

Dangers of Greasemonkey

In order to avoid $50 articles, I found this [com.com] article which did talk about some potential security problems with greasemonkey. It seems hackers could make scripts that behave maliciously. According to the article, even the original greasemonkey developer has expressed concerns along those lines.

password power?

Is this sting powerful enough to take back control of your passwords? The day that autocomplete became enforced users lost the power to manage their passwords. can GM be used to removed this directive?

Opera and user scripts

"Even Opera has jumped on the bandwagon with their own version of user scripts." Well, considering that Opera previewed a similar technology back in early 2003 [opera.com], I'm not so sure you could call that "jumping the bandwagon". But still, it's a nice edition, both to Firefox and Opera.

Greasemonkey script to de-Xeni boingboing.net

Here's handy script [uky.edu] to parse out Xeni Jardin's content on boingboing. Now if only I had one to parse out Doctorow's fucking Disney fetish, I'd be all set.

Platypus

Platypus (http://platypus.mozdev.org/ [mozdev.org]) is an extension for visually editing web pages to your liking and then creating a Greasemonkey script that will repeat those changes the next time you load the page. It's Greasemonkey without the programming, if you will.

"One of the most jaw dropping extensions that I have seen to date." --Anders Conbere

Check it out.

-- Scott Turner

Gmail delete script not working

can anyone get this to work? i installed it, the delete button shows up and enables when i check a message, but clicking does nothing.

Solution for you

Make every single page one colossal image with an image map for links! That way there's not much the user can do, and you are victorious in your subjugation! Or: relax.

"Not without controversy"

"Greasemonkey will cause you nothing but headaches, and may even be a good reason to delay that Firefox pilot you're planning"

It's funny how these so called "researches" are always expressing them like "you better not", "this will happen to you if you use this", they're so anxious to influence the reader that they can't even keep it in.

When more trustworthy reviews always state things like "this piece of sw is buggy/crap/has-poor-design/incompatible-with/usele ss/etc". Without the fragrance of attempted influence.

To me these imperative "researches" only say that some one has paid for those results and hence the opposite _might_ be worth while.

Defacement

... but of course the best use of Greasemonkey is "defacement" of some your not-so-favorite sites. When having to work full time with something like .NET makes you really angry, it pleases to see something like this [sinp.msu.ru] just to imagine what you would want to do with their site ;-)

just monkeying

by the way, anyone has some grease for slashdot?

Infinite developer headache

If you're writing static webpages, so what? It won't affect you.

If you're writing server-side scripting, you should already be paranoid-checking for bad user submissions. Time to double-check everything is in place.

If you're writing client-side scripts, welcome to hell. You can no longer assume anything will be where you put it, or, in fact, still exist.

What's more, you can't test your site "with greasemonkey" to see if it's OK. You have no idea what the user is going to do to your page with it.

This leaves a handful of options:

1) Make your scripts disable Greasemonkey (which will work until too many sites do it, and it's updated to allow users the final say)

2) Switch productive time fixing bugs and adding features to adding and subsequently wading through checks on every possible error condition that user scripts might make possible.

3) Ignore Greasemonkey and when the users complain your site is broken, inform them it's their own stupid fault.

My personal leaning is towards (3).

customizing sites

hey, a community database with scripts for various sites would be useful. Whenever scripts are available for a certain link, you could get a drop-down near your address bar to choose the way you like that page displayed though I hate the number the security issues this raises

Greasemonkey Is Not Without Controversy

Buy this research Price: US$49.00 Report Length: 3 pages Buy This Document You will have immediate access to this research upon purchase. Already a Forrester client? Log in. Our Money-Back Guarantee If you are not completely satisfied with your research document for any reason, you can return it for a full refund within three weeks of your online purchase.

I won't pay $49 to find out what the controversy is all about, but Greasemonkey sounds good enough to download and try out.

MBTA extension for Google Maps

My favorite use of Greasemonkey is the mojoDNA extension of Google Maps to include Boston's public transportation, the MBTA. It's completely seamless!

Dev. website:
http://mojodna.net/2005/04/19/mbta-maps/ [mojodna.net]
Direct link to the Greasemonkey script:
http://maps.mojodna.net/mbta/mbta_google_maps.user .js [mojodna.net]

Why better than bookmarklets?

Why is this better than plain old bookmarklets? Discuss, discuss....

this is why...

...I love FireFox and it's programmers. If only some companies displayed half the amount of ingenuity.

Re:this is why...

It should be pointed out that the people who created Greasemonkey are in no way connected to Firefox. The really brilliant thing that the Mozilla folks did was not to think of ideas like Greasemonkey, it was to deploy an architecture open enough to let other people extend the browser in unexpected directions. In my view this is by far the most revolutionary thing about Firefox, and what we see today is only the tip of the iceberg. Once more programmers become familiar with the Firefox model and better IDEs become available, we're going to see some really incredible stuff.

Security

All this noise about Microsoft adding unnecessary hooks to their software with horrible security implications... the shoe's on the other foot again!

More work for me!

Great. Now when client call with complaints that data is either being corrupted via contact form or I can honestly look them in the eye and say, "It's the users fault!"

Conspiracy

We now know that All Peers are infected with the 12 Grease monkeys.

James Cole

I Love the Sound of Breaking Business Models

The costly security report is just a money-making troll but there is one issue raised by greasemonkey that may worry a lot of content providers.

Blocking adverts is old hat but greasemonkey lets you do so much more. It offers you the potential to inject links to products from a rival vendor when browsing an online store or rewrite affiliate link ids on a page, to give two examples.

This is going to break a few business models.

Personally I'm not going to shed any tears. Many businesses have completely misunderstood the nature of the web and just seen hyperspace as somewhere else to stick up billboards. Those that can't evolve will die. But when you consider how upset certain people get if you want to just view their site in a manner they hadn't planned on, then we can definitely expect fireworks in the near future.

There's a very heated discussion between Cory Doctorow and Robert Scoble that touches on these issues at http://www.itconversations.com/shows/detail438.htm l [itconversations.com] about these issues, albeit in the context of Google's Autolink rather than greasemonkey.

You Might Also Like..

Userscript [gratisdei.com], it allows you to load your own javascript code on every page.
Doing nice things like Yahoo Groups Ad Skipping [www.code.cx].

It should be noted that Greasemonkey can do this Yahoo trick too. [mkgray.com]

Back in my day...

"...it shifts the balance of power from content creators to content consumers."

Shouldn't that be back to content consumers? Am I mis-remembering, or wasn't there once a time when Web browsers had built-in functionality to actually let users customize how certain tags got rendered in the browser window (fonts, colors, etc.)?

Obligitory Mirror post...

As GreaseMonkey.MozDev.Org is slashdotted, here's the obligitory link to get Greasemonkey:
Install/Download GreaseMonkey [mozdev.org]

Enjoy!

Script Request: IMDB & Netflix Partnership

When on Netflix, I want a link that takes me to the IMDB summary for that movie.

When on IMDB, I want a button that lets me queue the movie I am currently viewing in Netflix.

This might exceed the scope of what's possible with GreaseMonkey. Any movie-maniac/programmer-maniac takers?

DUPE

It's a shame this article is a dupe. When I saw it here on /. ages ago, I put Greasemonkey on my computer. Come on. This is getting rediculous.

Revolutionary?

Greasemonkey is a revolutionary Firefox extension that many feel has enormous implications for the future evolution of the web.

How is this revolutionary? Things like the Proxomitron [proxomitron.info] have let you filter content and add user-scripts for years. Sure, Greasemonkey saves you starting up another app, but I wouldn't call it revolutionary.

privoxy already can do that

privoxy [privoxy.org] main objective is to filter ads and anoying things, but we can easilly setup a filter for one site that change its behavior, look and layaout...

check the slashdot theme changer [dessent.net]

i already use it for a long time to correct some bad html code from some pages (mostly for dillo, a very small and fast web browser)

as it use regexp and we can setup to only apply to some urls, the possiblities are endless

The need a different name than "grease monkey"

in addition to the other problems the comments so far have pointed out, there is a possible copyright/service mark infringement:
Grease monkey [franchiseworks.com] has been a quick oil change serice franchise since 1978.

Combining Stumble with Greasemonkey

Now what someone needs to do is combine Stumbleto with Greasemonkey, so sites I visit are optionally modified by people with similar tastes to me...

Bad Monkey!

Well thats it I quit. This is one web developer who has serious issues with the greasemonkey idea. You want to build your own tools for my web sites, fine, but seriously don't start sharing them with people who can't figure out whats genuine and whats a plug-in (which is a lot of people by the looks of the greasemonkey demos) , cause next thing you know I've got my boss coming in the door wondering why our client's sites are providing lists of products from their competitors or are breaking on the latest update, etc. I think the web dev community has it tough enough just trying to support multiple browsers. I love Firefox, but I (and I think I speak for a lot of developers out there) am not enthused about greasemonkey.

elinks did this long back.

Elinks [the mighty text browser] provided this feature long long back, using Lua scripting to rewrite the pages on the fly
see here [elinks.or.cz] on howto do it in elinks.

A slightly off-topic question...

I looked at Greasemonkey a few days ago, but after considering its capabilities I found out that it's not for me - or I miss something. What I need is to create a script or something that would remove certain (not all, not many, just two defined ones) cookies from my Firefox either at a touch of a button (easy version) or every two (or defined) times I visit a defined web page.

Is it possible? And what's the best way to do this?

Greasemonkey on OS X crashing experiences

Just my $0.02, as I haven't seen any other posts along these lines... I installed Greasemonkey on my OS X box a couple of weeks ago for some experementing and it caused Firefox to crash a LOT! Fortunately, uninstalling it fixed the problem, and I was able to get my wife to stop using IE again (nothing like sitting down to use the comp and having to close a gazillion pop-up windows!

Balance Of Power

By making it easy to write client-side scripts that modify webpages as you surf, it shifts the balance of power from content creators to content consumers.

No Greasemonkey? Web = Cathedral
Greasemonkey? Web = Bazaar

Flexibility and user control are good. To get the maximum utility out of a tool (like the Internet), we must seek to maximize the number of ways it can be used. Greasemonkey helps us do that. Just imagine if computers themselves were very closed and we could only use them in the ways companies originally intended us to -- they'd be single-purpose fancy calculators, and I for one wouldn't waste money on one. Instead, the openness and untapped potential of these things is amazing, and accounts for many of the advancements we've made in the last 50 years.

Go Greasemonkey!

Yes, but does it really work?

Ok I'm adding this to the discussion kinda late so probably no one will read it, but here goes anyway.

Everybody's arguing left and right about whether or not it's right or fair to use such a thing, but nobody seems to have made what seems to be a very important point to me: frankly, GreaseMonkey just doesn't work very well. Furthermore, I don't think this it will ever evolve into a truly reliable tool, because A) the web is too dynamic and B) scripts don't actually _understand_ the content they are modifying.

At some level the script needs to understand the semantics of the web page, and that's just a hard problem. Basically what the scripts can do currently is simple pattern matching, like "find the container named foo, and insert something before it", but that sort of thing breaks as soon as the web page author decides to change the container name.

Two examples of real-life failure of grease-monkey scripts:

I tried the slashdot nested comment script, and when it works it works pretty well, but for some reason it doesn't work on every slashdot comment page. Whatever pattern it's using doesn't quite cover all the bases.

I tried the gmail delete button thing. The button appeared, but it wouldn't actually delete any mail, and furthermore at one point it seems to have caused gmail to go into an infinite refresh loop that resulted in me getting locked out of account for a while due to "suspicious activity".

Even assuming that Joe Regexpert has really awesome skillz in writing pattern matching code, Joe only sees the version of web pages that get served up to _him_. Any site that uses cookies can potentially serve up very different pages to different users. Many web sites (like slashdot) allow users to configure the appearance of the page. So in order to exhaustively debug his script, Joe Regexpert is going to need to try out all those different combinations of options on the web site. It's possible that for some combination of options, the web site may just serve up a completely different page. Maybe it's a popular configuration, so they've hand-coded a lightweight static version of the page, for instance. Anyway, it's just impossible for Joe to see every version of the page, and so he can't possibly write a script works 100% of the time.

It's just an impossible task in general. And it will be fairly trivial for web designers to make greasemonkey useless by just changing things around, renaming containers, and obfuscating the page with javascript code. It wouldn't be hard to write an automatic obfuscater to generate a different obfuscated page for every user. Then greasemonkey just becomes useless.

I don't deny that it may be useful in some situations, but overall I think if it is adopted widely it will not only annoy web site designers, but also be pretty dangerous for users. a la the gmail lockout above -- a bug in a user script can still cause some pretty serious damage. Deleting all your web mail willy nilly or changing information that is critical to you. It wouldn't be hard to sneak some insidious stuff into one of these scripts.

Re:Does it something like Bookmarklet ?

It does, basically user scripts (Greasemonkey or Opera) are bookmarklets automatically executing when you browse a specific site (pattern matching allows the browser to execute the userscript that should be upon entering the website).

Oh, and there is no limit in a user script size, which isn't the case of a bookmarklet (even though you can execute external scripts from a bookmarklet)

Re:Fucking Moron

Yeah, our site is not prepared for this kind of abuse (the slashdotting, that is, not your charming comment). Check back later... the script is worth it!

Re:Free books

Yes!

Simply set up a script that grabs the title and author of the book, looks it up at a selection of free e-book sites (e.g. project gutenberg, baen.com, etc.) and adds a link if it finds it. Et voila!

Re:Great

You can do that with javascript...

How about this pattern [diveintogreasemonkey.org], which is included in the book linked from this article?