Improvements for GreaseMonkey support

[The-Compiler]

Things which could be improved after #3040 is in:

• Maybe offer an install dialog when a .user.js file is opened, like Chromium
• Have some kind of updater for userscripts?
• Support @require (maybe without the downloading, but at least load those files if they exist?)
• Try stubbing exportFunction and maybe set a more correct scriptHandler and version then for GM_info?
• Support isPrivate in GM_info.
• Look into GreaseMonkey's sandboxing/security features
• Set up a QtWebChannel so we can give scripts elevated permissions
  • Use some kind of database for GM_getValue et al so it's isolated from the page's localStorage
  • Use a QNetworkAccessManager for GM_xmlhttpRequest so it can be cross-origin.
    • Looks like there's some WIP work
    • But apparently that sometimes hangs?
  • Maybe also something for GM_openInTab
• Support for the GreaseMonkey 4 API.
• Investigate why @noframes sometimes doesn't work with QtWebEngine / QWebEngineScript
• Support GM_registerMenuCommand somehow
• Can we disable the page's JavaScript exception handler while running the Greasemonkey script?
• Can we set the injection point correctly for a Qt 5.8+ QtWebEngine? (my bad, Qt already does this based on the userscript comment)
• Maybe a missing run-at shouldn't show an error?
• Regex for include/exclude
• Use UrlPattern from Implement URL match patterns #3369 for @match
• Support a custom metadata directive like @qute-js-world to request the script be ran in a non-default javascript "world"
• Alias/map qute-js-world to @inject-into https://violentmonkey.github.io/posts/inject-into-context/
• Implement GM_getResourceText (Wanikani Niai Similar Kanji called unimplemented GM_getResourceText #3975)
• Require @grant unsafeWindow to use unsafeWindow
• Somehow fix up line numbers, e.g. via source maps? (Correct line number for greasemonkey user script #5080)
• Accept relative @requires directives, without requiring the use of the file:// protocol (from Greasemonkey scripts: Local file improvements #6458)
• Load local files directly rather than needing to copy them (from Greasemonkey scripts: Local file improvements #6458)
• Support GM_setValue with non-primitive values (see Improve some Greasemonkey API stubs #6699)
• Update docs and commands to not seem so Greasemonkey (the extension) specific (from Violentmonkey support #7286)
• Add some Greasemonkey docs for qutebrowser, also e.g. @qute-js-world

cc @toofar

[jgkamat]

If anyone is thinking about using webchannels, I have a branch you can steal from where I started to work on this (to support follow_selected a while back) but I trashed it because it was not needed.

[toofar]

Also support regular expressions in @include and friends, we are currently only supporting globbing via fnmatch. zro in irc pointed out a good example script https://github.com/StylishThemes/GitHub-Dark-Script

[The-Compiler]

Known broken scripts:

• Rotten Tomatoes Link On IMDb - needs cross-origin GM_XHR
• OneeChan - seems to set window.$ to its own (non-jQuery) thing which conflicts with the window.$ of 4chan or 4chan-x (not sure which)
• Better Better Booru sometimes loses settings according to nonamethanks in IRC
• Wanikani Niai Similar Kanji needs GM_getResourceText (Wanikani Niai Similar Kanji called unimplemented GM_getResourceText #3975)

[The-Compiler]

OneeChan (and anything else defining global variables which collide with the page or other scripts) now works properly since #3793 - thanks @toofar!

[rnhmjoj]

I have found an issue with a script I made:

// ==UserScript==
// @name         Kill subreddit style
// @description  Unload all subreddits custom stylesheets
// @author       rnhmjoj
// @include      https://old.reddit.com/r/*
// @version      1.0.0
// @run-at       document-start
// @grant        none
// ==/UserScript==

for(var link of document.getElementsByTagName("link")) {
  if(link.title == "applied_subreddit_stylesheet")
    link.disabled = true;
}

The script doesn't work because document.getElementsByTagName("link") returns an empty array when running from greasemonkey, pasting the code into the console however works fine.

[toofar]

That's just because it is running too early before those elements have been added. Try changing the // @run-at document-start to // @run-at document-end. (document-idle is even later but doesn't appear to be necessary here.)

[rnhmjoj]

Ah, thank you! it's working. This used to work with violentmonkey... is it just slower to load the scripts then?

[toofar]

Oh that's interesting, and annoying. QtWebEngine handles the events for us so maybe that gets access to earlier triggers than extensions do.

[The-Compiler]

The Greasemonkey wiki says that only document-end works in Greasemonkey 4.x (the WebExtensions port) - maybe something similar is true for Violentmonkey as well.

FWIW the document.readyState docs say "We can now access the DOM elements." for the interactive state, which implies we can't for the loading state, which document-start corresponds to.

In other words, I think this is fine, and your script should use document-end 😉

edit: Oh, just found the Violentmonkey docs which say:

Note: in Greasemonkey v3, the script may be ensured to execute even before HTML is loaded, but this is impossible for Violentmonkey as a web extension.

[slashome]

Don't know if I should be this here , but I made a script for Trello's plugin that add cost to task that display the total cost for a list. It works fine on Chrome but it seems to have a conflict with newrelic.js in qutebroser :

Uncaught TypeError: Illegal invocation
    at Proxy.s (newrelic.js:664)
    at userscript:GM-Trello Cost Counter:245
    at userscript:GM-Trello Cost Counter:248
    at userscript:GM-Trello Cost Counter:253

The rewrelic.js line :

            try {
              return s = t.apply(a, r)
            } catch (d) {
              throw u(e + "err", [r, a, d], c), d         <----
            } finally {
              u(e + "end", [r, a, s], c)
            }

My script link is :
https://github.com/slashome/userscripts

Don't know if there is anything I can try to fix it :/

Thx again for this awesome browser !

[toofar]

Yeah that looks like they are shadowing the browser's `Proxy` implementation. Since you are only modifying the DOM (as opposed to talking to and trello JS API object) you should be able to run it in a different JS world to isolate it from that. Add this line to the metadata (see #4017 for more info): ``` // @qute-js-world jseval ```

[user202729]

• @match https://stuff.com/* also matches view-source:https://stuff.com/.
• Perhaps the script name should be edited so clicking the script name (in console.log messages in the inspector tools for example) opens it? When there are spaces or - in the name it doesn't work. (This might be a chromium bug fixed in some recent version. I'm not sure)

[amacfie]

Does GM_openInTab currently require content.javascript.can_open_tabs_automatically = True?

[The-Compiler]

@amacfie I think so - why are you asking?

[LiteracyFanatic]

It would be nice if there was a setting to enable/disable the loading of GreaseMonkey scripts. Sometimes I will encounter odd behavior on a page which I suspect may be related to one of my scripts and would like to quickly check if the page functions correctly without them. Right now I append .disabled to the end of each script and then run :greasemonkey-reload and reload as a workaround.

[The-Compiler]

Similarly to what @LiteracyFanatic already mentioned, I think it'd be great to have :greasemonkey-{dis,en}able commands which either disable/enable all scripts, or the script given to it (with completion of currently disabled/enabled scripts).

[Ninlives]

Any good news for cross-origin GM_xmlhttpRequest?

[toofar]

@Ninlives no good news sorry. None on the horizon either.
I think it came up last year but I don't even remember how the discussion went. "It" being how we could or couldn't provide a privileged (compared to the normal JS APIs) bridge between python and javascript that we were comfortable inflicting on all of the qutebrowser users. The risk being that javascript coming from places other than greasemonkey scripts could make use of the same channel. It looks like a tough problem still and we have plenty of other things that require more urgent attention.

[cortsf]

Just leaving this comment to upvote implementing GM_getResourceText. It was mentioned that nobody else asked for it on #3975 so I'm just raising one more hand.

Do you think there is any workaround in the meantime? For example, reading a local file in config.py, and setting a variable which could be read from the greasemonkey script?

Thanks

[The-Compiler]

The obvious workaround is to include your resource in your JS file. Other than that, no. There's no way for Greasemonkey to access Python stuff, see the comment just above yours.