Unable to write into new window #1534

Synchro opened this Issue Apr 11, 2012 · 2 comments


None yet

3 participants


This appears to be the same problem as #1352, however I'm running Firefox 11.0 with GM 0.9.18. Here a minimal test case:

// ==UserScript==
// @name           Open Window
// @namespace      MarcusB
// ==/UserScript==

GM_registerMenuCommand('Open Window', openWindow);

function openWindow(e) {
    w = window.open('', 'My Window', 'height=400,width=500');

Initially this gets intercepted by the FF popup blocker, but if it's then allowed and the page refreshed, the window opens, but its contents is blank, showing 'about:blank' in the address bar.

Because it's run from a GM_registerMenuCommand entry, it's happening long after the page has loaded, and it's not writing anything back to the page or doing big DOM ops.

If I run the same code from the firebug console (on the same host page, but not in a GM context), it works:

w = window.open('', 'CSV', 'height=400,width=500');w.document.open('text/plain');w.document.write('hello');w.document.close();

I've tried other MIME types, writing into the window on other ways, but it stays blank. The same code works fine in FF outside of GM, so I can only conclude it's a GM problem - or have I missed something?


I don't think we can directly fix this. http://wiki.greasespot.net/Location_hack should help you work around it though.

@arantius arantius closed this May 22, 2012

@Arantius, the location hack can't really fix this problem: It's too insecure.

A gearmonkey script needs the ability to create a dynamic page (for example for storing settings particular to that GM script) that can't be interfered with or read by (potentially hostile) page scripts.

(For example, consider a GM script that maintains a list of "blacklisted" users who's posts are automatically hidden on a blogging or messaging site; you'd need a secure page to manage that list).

I'm going to start a new issue about this.

@arantius arantius added this to the Pony milestone Sep 8, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment