Hacking the Web with Greasemonkey

plasticmillion writes "Greasemonkey is a revolutionary Firefox extension that many feel has enormous implications for the future evolution of the web. By making it easy to write client-side scripts that modify webpages as you surf, it shifts the balance of power from content creators to content consumers. Since its inception, it has given rise to an impressive array of scripts for everything from enhancing Gmail with one-click delete functionality to preventing Hotmail from spawning new windows when you click on external links. In recent Greasemonkey news, Mark Pilgrim just published a comprehensive primer called 'Dive Into Greasemonkey', a must-read for those who want to try their hand at writing their own scripts. It should be noted that Greasemonkey is not without controversy, but this has done nothing to reduce its popularity among web programmers. Even Opera has jumped on the bandwagon with their own version of user scripts. To illustrate the principle to /.ers, I whipped up a handy little script called 'Slashdot Live Comment Tree', which lets you expand and collapse entire threads in an article's comments."

Disable Greasemonkey

[mfh]

By making it easy to write client-side scripts that modify webpages as you surf, it shifts the balance of power from content creators to content consumers.

Google has tried something similar before with their toolbar and ISBNs.

That said, I am going to use this guide to disable Greasemonkey [edwards.name]. I write websites so I can present ideas to people. I don't want them to see my site the way they want to see it. I want them to see it the way it was meant to be seen. That way I can provide content based on expectations of standards compliance.

If you want to display my content with your own formatting, use my RSS feed [scottleonard.ca].

It is invaluable.

[NoMoreNicksLeft]

For several months, I labored under IE. 20 windows open everywhere, because it has no tabs. Even though I had managed to install Firefox (don't you love apps that don't require registry keys?), it was no help, because the applications department writes javascript that looks like it was squeezed from between Ballmer's asscheeks.

It was difficult. Took me two months of working with greasemonkey, of 3 minutes stolen here, and 5 minutes borrowed there in between calls (did I mention I'm only a phone monkey for a DSL ISP?). But in the end, not only can I use our main webapp in Firefox, it has features that the standard one doesn't. It often helps to shave up to a minute off of calltimes.

Which may be why I'm in trouble for using Firefox at that job. Dunno.

Excellent Idea, but breaks Websites

[markus_baertschi]

While I like the features of Greasemonkey lot, I had to uninstall it because it is incompatible with some websites I use often. They jut plain don't work with Greasemonkey enabled.

Example: map.search.ch/etoy [search.ch] (The map does not display at all)

I've submitted a bug about it, but my submission has been completely ignored (as mozdev.org is slashdotted right now I don't have the reference handy).

Markus

Re:Disable Greasemonkey

[zoloto]

I don't believe that's what he meant. His concern was that he wants his information presented a certian way and to leave it that way preventing others from changing it into something he didn't intend or desire for his content.

Think of it this way. Many musicians don't have a problem when people do remixes of their stuff, some do. That's why the majority of those that do offer special deals (or lisensing /sp) to allow that creativity.

Those that do not, don't offer such. Though it's still possible to do so, generally you don't find them in the public too often.

Not that my analogy is perfect by any means or stretch of the imagination, but it's not the evil DRM example you seem to have pulled out of your ass.

It's his information to present. Let him do it in a way he wants. There are plenty of other sites you can go to to change how it's presented to you. Go there and don't bitch.

Greasemonkey is still in its infancy

[tezza]

I've been an active member of the Greasemonkey mailing list. Mark Pilgrim is a very regular contributer there.

One very interesting thread has been misuse of Greasemonkey(GM). GM allow script authors to use an XML_HTTPrequest() type functionality. This is often to look up information services, such as google, de.li.ci.ous, weather etc.

With a poorly coded script, there could be thousands of http connections spawned per page transition. A DDOS of sorts. This will be an interesting one to tackle.

Any ideas out there??

password power?

[MrLint]

Is this sting powerful enough to take back control of your passwords? The day that autocomplete became enforced users lost the power to manage their passwords. can GM be used to removed this directive?

Re:Disable Greasemonkey

[Darren Winsper]

"Remember, this like this never happened before this FF extension"
Bollocks. You could write bookmarklets, or user CSS files. Hell, you could disable CSS or Javascript, you could use a browser that displays things a certain way. You could write your own browser. You could use man-in-the-middle programs to rewrite code before it reaches the browser.

The web is about information. The presentation of that information is ultimately up to the user.

Having said all that, I should point out that I am somewhat uncomfortable with the blind adoption Greasemonkey is seeing. A lot of web sites use Javascript that makes assumptions about the structure of the page. By changing the structure of the page, you're going to potentially break pages that dynamically change themselves.

Re:Disable Greasemonkey

[sznupi]

Given the desing of your site (you completely forgot that somebody can use app background in the system other than white) I have no choice...

Re:Dangers of Greasemonkey

[SenFo]

Thanks for the post. I was trying to find a way around the $50 article, myself!

On to the topic, I have to say that I agree with the potential for problems. However, I have to wonder if Greasemonkey is perhaps "complex" enough that only a true geek would be interested in playing around with it. There aren't many computer geeks that I know of that are going to just go around installing every script they find without first reading nearly every line of the source code. We're geeks and we like to see how things work ;-).

Personally, I wouldn't be surprised if later releases include the ability to check for valid signatures on code. We'll see...

All-in-all, I think it's a great idea. I'll have to read through the documentation and see what kind of goodies I can come up with!

Re:Disable Greasemonkey

[Fëanáro]

This doesn't make any sense. How is the user capable, or how has the user been capable to display information on the Web (not the internet, just a part) with a web browser.

Remember, this like this never happened before this FF extension, so where do you come off saying that?

I have been doing stuff like this with proxomitron [proxomitron.info] for years. There are other tools that can do the same. If you did not know about them then you probably did not bother to look.
But surely you do know that almost all browsers at least let the user change default colors and fonts.

One thing I did with proxomitron was changing slashdot's color cheme to bright text on dark background for a while.
other things were disabling animated gifs, turning flash animations into links, and so on.

It is my browser, and I decide how it displays stuff.

Re:Greasemonkey is still in its infancy

[schon]

Limit the number of outgoing HTTP requests? Throttle the rate of HTTP requests?

I'm thinking that either of these would cause the author to blame Firefox or GreaseMonkey for being 'slow'. If someone is clueless enough to not understand the technology, it's likely that they'd be so clueless as to blame Firefox (or possible GreaseMonkey) for any problems they encounter.

I'm thinking it would be better to throw up an error message (explaining what's going on, and providing a link to a page explaining why it's a bad idea.)

Greasemonkey Is Not Without Controversy

[Junior Samples]

Buy this research Price: US$49.00 Report Length: 3 pages Buy This Document You will have immediate access to this research upon purchase. Already a Forrester client? Log in. Our Money-Back Guarantee If you are not completely satisfied with your research document for any reason, you can return it for a full refund within three weeks of your online purchase.

I won't pay $49 to find out what the controversy is all about, but Greasemonkey sounds good enough to download and try out.

Re:Disable Greasemonkey

[drew]

A lot of web sites use Javascript that makes assumptions about the structure of the page. By changing the structure of the page, you're going to potentially break pages that dynamically change themselves.

then blame the person who wrote poor javascript code, rather than the people who have found this to be a useful extension.

this is why...

[hachete]

...I love FireFox and it's programmers. If only some companies displayed half the amount of ingenuity.

Re:Disable Greasemonkey

[mwood]

That reminds me: we need a blacklist plugin so we can avoid ever, ever linking to sites run by people who think our browsers belong to them.

I Love the Sound of Breaking Business Models

[Johnny Fiction]

The costly security report is just a money-making troll but there is one issue raised by greasemonkey that may worry a lot of content providers.

Blocking adverts is old hat but greasemonkey lets you do so much more. It offers you the potential to inject links to products from a rival vendor when browsing an online store or rewrite affiliate link ids on a page, to give two examples.

This is going to break a few business models.

Personally I'm not going to shed any tears. Many businesses have completely misunderstood the nature of the web and just seen hyperspace as somewhere else to stick up billboards. Those that can't evolve will die. But when you consider how upset certain people get if you want to just view their site in a manner they hadn't planned on, then we can definitely expect fireworks in the near future.

There's a very heated discussion between Cory Doctorow and Robert Scoble that touches on these issues at http://www.itconversations.com/shows/detail438.htm l [itconversations.com] about these issues, albeit in the context of Google's Autolink rather than greasemonkey.

MOD PARENT UP!!!

[ultranova]

If a website can freeze your browser, maybe your browser isn't the praise-jeebus-it's-here-gift-from-god the fanboys make it out to be.

You are absolutely correct. A web browser is a tool for displaying data from an unknown - and therefore untrusted - source, namely the Web. It should never freeze, crash or overflow, no matter what garbage is fed to it.

If Firefox indeed does crash when attempting to view this web page, then this issue needs to be fixed immediately, since not fixing it makes Firefox untrustworthy and thereby completely useless.

Naturally, the same goes to any Net facing app. If the input comes from untrusted source, then it must be considered potentially malicious, and treated with appropriate paranoia.

Re:Fucking Moron

[masklinn]

Possible, yes, probably, easily I doubt it, GM is heavy Javascript/DOM tuning. You can find Greasemonkey on The Extensions Mirror [extensionsmirror.nl] BTW, and you may want to check Platypus [extensionsmirror.nl], which is basically an "interface" to Greasemonkey (allows you to modify a website, and if you need it you can save your modifications as a GM script)

Script Request: IMDB & Netflix Partnership

[ClioCJS]

When on Netflix, I want a link that takes me to the IMDB summary for that movie.

When on IMDB, I want a button that lets me queue the movie I am currently viewing in Netflix.

This might exceed the scope of what's possible with GreaseMonkey. Any movie-maniac/programmer-maniac takers?

Re:Platypus

[jbarr]

Thanks for the tip on this! This is a VERY cool extension!

One thing I REALLY like it for is printing pages that typically contain a ton of crap. Just invoke Platypus, highlight the containing section you want to print, press the "i" key, and voila! all surrounding content is removed! Click print, and you get a nice clean page of content. Talk about printer-friendly!

Want to see the original? Just hit refresh and everything's back to normal.

Re:Screenshot?

[jayloden]

On a more serious note, the site does have some problems when viewed by links/lynx - the navigation is totally invisible to a text based browser, or a screen reader used by a disabled person.

see http://jayloden.com/scottleonard.png [jayloden.com] for a screenshot of what you'd get in a text based browser.

This is the problem with jscript DHTML menus, they're no good if you intend compatibility with accessibility standards or text browsing.

-Jay

GMail greasemonkey scripts causing gmail lockout?

[sushi]

... so yesterday I installed greasemonkey with the gmail delete script.

Today I'm locked out of gmail for a suspected breach of T&C. (yep, a 'lockdown in sector 4!')

I contacted gmail and they have unlocked me, but I wonder if it's related?