Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Scripts do not run when a username/password is in the url #1631

Closed
janekptacijarabaci opened this Issue · 9 comments

2 participants

@janekptacijarabaci

Example:
Page ("PAGE1"): http://example.com/page.cgi
A iframe on page ("PAGE2"): http://username:password@example.com/page.cgi?param

I have a script ("SCRIPT") with: @include http://*example.com/page.cgi*

Greasemonkey version 0.9.8-
PAGE1 - SCRIPT runs ok
PAGE2 - SCRIPT runs ok

Greasemonkey version 0.9.9+
PAGE1 - SCRIPT runs ok
PAGE2 - SCRIPT not runs

Probably associated with:
Greasemonkey version 0.9.9

  • Pressing 'back' could rarely cause a script to run twice on the same page. (#1083) #1083

Thank you very much for the correction (please for Firefox 13-, i.e. Greasemonkey 0.9.23?).

@arantius
Collaborator

Does this happen in Greasemonkey 1.x on a current version of Firefox? Development on older versions of either is extremely unlikely to happen.

@janekptacijarabaci

I try tomorrow. Thank you.

@janekptacijarabaci

Firefox 15.0.1, Greasemonkey 1.1: The error persists
(Opera 12.02, userscripts: OK)

But I'm sorry, associated with the username/password in url (example: test.php):
https://gist.github.com/3748949

Thank you very much for the correction (at least until the new version - Greasemonkey 1.2?).

@arantius
Collaborator

At this point I'm almost definitely going to need the exact script and the real URLs. Or a good reason why they're not accessible. All my experience with executing in frames works as expected.

@janekptacijarabaci

It's a mystery. test.php does not work (Windows XP SP3/Windows 7 SP1/Windows 8 CZ/EN, Firefox 3.6 - 15.0.1 CZ/EN, Greasemonkey 0.9.9 - 0.9.22, 1.0, 1.1) - the domain can be any (even though the domain is not written there anywhere - all is relative in the javascript):
onclick - button - title: "appendIFRAME_script_runs_ok" = alert(location.href); (1st IFRAME - script runs OK)
onclick - button - title: "appendIFRAME_script_not_runs" ≠ alert(location.href); (2nd IFRAME - script not runs)

Opera 12.02, Firefox 3.6 - 15.0.1/Greasemonkey 0.9.8 - works OK:
onclick - button - title: "appendIFRAME_script_runs_ok" = alert(location.href); (1st IFRAME - script runs OK)
onclick - button - title: "appendIFRAME_script_not_runs" = alert(location.href); (2nd IFRAME - script runs OK)

Windows XP SP3/Windows 7 SP1/Windows 8 - Firefox 15.0.1 and Greasemonkey version 0.9.8 (2nd IFRAME - script runs OK) and then version 0.9.9/1.1 (2nd IFRAME - script not runs) I tested right now (the local hosting).

So i will wait than it will be confirmed...

@arantius
Collaborator

If I can't see this happen, I can't figure out what is going on and I can't fix anything. Reopen if you can provide (a link to) the exact script behaving this way, as requested above.

@arantius arantius closed this
@arantius
Collaborator

Mistakenly put in new issue #1635:

Reopened greasemonkey/greasemonkey#1631

I thought that you can try test.php, I'm sorry.

OK, here it is:
http://gm.php5.cz/test.php

And OP: Sorry I misunderstood that the gist you linked was indeed the page requested.

@arantius arantius reopened this
@arantius
Collaborator

Now that I've reproduced, it seems to be a problem with the user:pass@ in the URL at all, the frame is not related.

@arantius
Collaborator

Git bisect has confirmed that 35b23bd is the offending commit. It compares the location.href of the window to the documentURI of the load event, as a fix for #1083. The latter has the credentials in the URL whereas the former does not. Fragment parts have been handled that comparison, since then, as it's another bit that doesn't match.

@arantius arantius closed this in 01cb1d4
@arantius arantius referenced this issue from a commit in arantius/greasemonkey
@arantius arantius Ignore history.replacestate() when choosing to run scripts.
Fixes #1970

Refs #1083
Refs #1445
Refs #1631
0590560
@arantius arantius referenced this issue from a commit in arantius/greasemonkey
@arantius arantius Ignore user/pass in URLs again.
Fixes #2001

Refs #1970
Refs #1631
f323c9f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.