addon hijacks .js file links

[rezad1393]

please stop changing .js url links to be opened with this addon.
maybe of them are user-script for other addons and hijacking and changing a url from
https://github.com/Purfview/IMDb-Scout-Mod/blob/master/IMDb_Scout_Mod.user.js to
moz-extension://ADDONID/html/install.html?i=https%3A%2F%2Fgithub.com%2FPurfview%2FIMDb-Scout-Mod%2Fblob%2Fmaster%2FIMDb_Scout_Mod.user.js&s=https%3A%2F%2Fgithub.com%2FPurfview%2FIMDb-Scout-Mod
is not nice.

[SanderRonde]

Is it hijacking just .user.s urls or all .js urls? If the former then I think that's expected, if the latter then I should indeed probably change it.

[rezad1393]

why would an addon change a url in-page.
what I mean is I cant even copy that url without disabling your addon first and refreshing the page..
other script manager like violentmonkey catch those urls too but dont change the page that user is browsing.

[SanderRonde]

The technical answer is that it's very hard to capture a someone-opens-a-page request. You'd need to use the webRequest API which (as you may have heard) is in the process of being made useless (it's the reason a lot of adblockers will break). That's the reason I went with this much more scalable solution. You'd think I could just intercept all non-right-click events but then right-click -> open-in-new-tab would stop working. That's why :)

It also tends to be the case that people either use my extension for userscripts, no extension at all (they just don't install userscripts) or they use something like tampermonkey/greasemonkey. The extension theoretically already disables this install behavior if tampermonkey or greasemonkey or something like stylish is installed (although I seem to have removed that in the great axing of the extension by Google) at least for chrome. The one you use just wasn't in the list since I didn't know it existed at the time (did it exist 3 years ago?).

Luckily disabling this install behavior is quite easy. Opening the options page, opening the console (press F12 and go to the console in the top-most bar) and running this should do the job: browser.storage.local.set({ useAsUserscriptInstaller: false }). Let me know if it doesn't or throws some error. This exact line may not work on all browsers so if it doesn't work please let me know what browser you are using so I can check.

[rezad1393]

thanks.
the workaround works in firefox.
maybe you can add an option for this in addon that is off by default?

[SanderRonde]

Awesome! It should indeed be an option on the options page, not sure if it should be off by default though. I just think the violentmonkey extension should probably just be on the list too.

But unfortunately I have stopped development on this extension, see why here.

[rezad1393]

in the new firefox 116 it seems that it got reset and I cant seem to set it again.

it just says

browser.storage.local.set({ useAsUserscriptInstaller: false })
08:40:54.393
Promise { <state>: "pending" }
​
<state>: "fulfilled"
​
<value>: undefined

[SanderRonde]

That is it setting succesfully. Can you run browser.storage.local.get().then(console.log)? That way it'll tell you what's currently stored. I also don't think the storage should be resetting on upgrading your browser. If settings would get cleared, that would mean all of your CRM items would also be cleared. What happens when you run that code?

[rezad1393]

09:25:44.865 InstallTrigger is deprecated and will be removed in the future. options.js:162:3121
09:25:46.119 Hey there, if you're interested in how this extension works check out the github repository over at https://github.com/SanderRonde/CustomRightClickMenu options.js:160:155065
09:25:46.119 To get information about how to edit settings from the console call the window.consoleInfo() function options.js:160:155269
09:26:54.010 browser.storage.local.set({ useAsUserscriptInstaller: false })
09:26:54.035
Promise { <state>: "pending" }

09:27:09.300 browser.storage.local.set({ useAsUserscriptInstaller: false })
browser.storage.local.get().then(console.log)
09:27:09.322
Promise { <state>: "pending" }

09:27:09.329

Object { CRMOnPage: false, authorName: "anonymous", catchErrors: true, editCRMInRM: true, editing: null, globalExcludes: (1) […], hideToolsRibbon: false, jsLintGlobals: (4) […], lastUpdatedAt: "2.2.8", libraries: [], … }
​
CRMOnPage: false
​
authorName: "anonymous"
​
catchErrors: true
​
editCRMInRM: true
​
editing: null
​
globalExcludes: Array [ "" ]
​
hideToolsRibbon: false
​
jsLintGlobals: Array(4) [ "window", "$", "jQuery", … ]
​
lastUpdatedAt: "2.2.8"
​
libraries: Array []
​
nodeStorage: Object {  }
​
notFirstTime: true
​
recoverUnsavedData: false
​
requestPermissions: Array []
​
resourceKeys: Array []
​
resources: Object {  }
​
selectedCrmType: Array(6) [ true, true, true, … ]
​
settings: Object { settingsLastUpdatedAt: 1691376227383, latestId: 6, rootName: "Custom Menu", … }
​
settingsVersionData: Object { current: {…}, latest: {…}, wasUpdated: false }
​
showOptions: true
​
shrinkTitleRibbon: false
​
updatedScripts: Array []
​
urlDataPairs: Object {  }
​
useAsUserscriptInstaller: false
​
useAsUserstylesInstaller: true
​
useStorageSync: false
​
<prototype>: Object { … }

[SanderRonde]

Looks like it's working, down at the bottom you can see they it's set to false. What exactly is not working now? Is it performing the same behavior still?

[rezad1393]

has gone back to the same behavoiir that would hijack the js links.

this happened after firefox 116 I think.

[SanderRonde]

I'm really not sure what could be causing it then... Apart from the obvious things like restarting your browser, re-enabling the extension or maybe even clearing its settings and re-installing I don't have a clue. Can you try those things? If those don't work I'm afraid I'm going to have to close the issue since I really don't know...