GM 4.0 does not install scripts from GitHub (CSP/sandbox issue) #2631
Comments
|
There might be an issue with host permissions in this case. Content script aren't injected into top frames that are "about:blank" according to the moz docs. |
|
I think it's a Firefox CSP issue. Apparently, you cannot inject content scripts into pages with CSP sandbox directive. Turn off the CSP (set "security.csp.enable" to false) and try to install it. Do not forget to activate the CSP after installing. |
|
Hm, currently at work and only have access to Firefox 52 ESR. Cannot reproduce, |
|
Happens to me on 56 (stable) and 57 (nightly). |
|
Also reproduces: https://gist.github.com/arantius/f6fd80b1efad368a45ca35567bc31b18 (click "raw") 54 works |
|
55 also works, 56+ is broken |
arantius
changed the title
|
User script installation from GitHub does work in ViolentMonkey (2.8.18) in Firefox 57. What are they doing differently? Edit: apparently they wrote a blog post about it, which references some of these same Firefox bugs. Would that Blob URL method be feasible in GreaseMonkey? |
|
Not really, no. Violentmonkey directly injects scripts by creating Kinda unrelated, but this does bring up something I'm curious about. How does Violentmonkey provide for elevated API calls, like cross site XHR. As far as I know |
Tampermonkey and Violentmonkey use |
Hm. I've got a branch that does that. Although doesn't work on 52 ESR due to the use of |
|
Somehow this started working for me with Firefox nightly within the past few days. I'm not sure if Firefox fixed the issue on their end or a change to Greasemonkey did it, but everything does appear to be working as I'd expect. I visit the raw version of a script on github and the greasemonkey install window opens immediately. |
Greasemonkey changed the way that scripts are detected. #2719 |
|
Works fine for me! Congratulations... |
|
Not working for me. I go to https://raw.githubusercontent.com/devunt/make-gis-great-again/master/gis-vib.user.js and it does not ask me to install a userscript. Using GM 4.2 and FF 58.0.2 |
Just use the newest GM 4.3 version (currently GM 4.3beta4). |
|
@Eselce it keep show |
|
@bluelovers Hmm, that link just works for me (GM 4.3beta7, FF 59.0b13). |
|
Opening the original report link, then the "Install from github.com" link works as expected in latest (4.3) beta. |
|
With GM 4.3beta7/FF 58.0.2 Mac, it does not work for me. For both the original test and for one of my gists, the installation popup does appear, but after clicking Install, it says "User script download failed". Furthermore, on our organization's GitHub Enterprise instance, the installation popup never even appears when I browse to a user script raw view. Perhaps it isn't using my authenticated session? (Anonymous access is disabled on our GH instance.) |
Links please.
Pretty sure there's already an issue tracking this but don't have it handy. |
|
By "original test" I think he means the one in OP, https://github.com/reek/anti-adblock-killer/blob/master/anti-adblock-killer.user.js I have the same problem here as well:
(Needless to say, the result is same if I use "Install from github.com" link in readme.md, since it's the same link.) |
|
why not just use like Tampermonkey what they do for install, i think it is better than wait firefox fix |
|
This is already fixed; users above are confused. If the install window opens, this bug is fixed. If something else happens, that's a separate issue and should be reported as such. (I think the particular things reported above are also already fixed but there's no newer easy build to test with.) |
GM doesn't install scripts from raw.github.com for some reasons
https://github.com/reek/anti-adblock-killer#anti-adblock-killer--reek
Here on "Step 3: UserScript" you can test 4 mirrors of one script. only github mirror doesn't open install dialog.
The text was updated successfully, but these errors were encountered: