javascript - Improving the Bookmarklet Experience - Though Hacking? -


so have site specific bookmarklet create page toolbar (using localstorage set/get variables) , creates iframe destination site, www.example.com. [idea heavily borrowed wonderful rwd bookmarklet (http://responsive.victorcoulon.fr/) ]. works great, wanted provide clickable link bookmarklet (because pain add bookmarklet in ipad) unfortunately results in obvious xss cross-site problems since link not reside within www.example.com.

to improve experience wondering if possible have popup (like twitter's) exploit existing generic loadscript function present on www.example.com. within javascript console on www.example.com can invoke supervar.loadscript("http://dl.dropboxusercontent.com/s/blah/thefile.js") , works. means not need append or cross load js iframe need iframe invoke supervar.loadscript call.

it possible invoke supervar.loadscript on window.onload/document.ready type scenario or context of popup code pointing about:blank/notexample.com in case supervar not exist. window.postmessage of use?

update: clarification

i trying have button contain javascript code in turn open new window/tab site able invoke command on variable present when dom ready. again, i'm quite new xss i'm not sure if security problem on site. i'm not trying access variables 1 site next, means load userscript on site without having use bookmarklet.

for real test:

visit: firsttaste.kraftcanada.com. open javascript console , enter: nitrowidget.loadscript("https://dl.dropboxusercontent.com/s/fcfbpfdmzrxywh9/mwolfe_alert.js") execute mwolfe_alert.js merely contains alert message.

is there way create clickable link on site outside of *.kraftcanada.com create popup/new tab upon {document,window,$}.onload/read invoke nitrowidget.loadscript?


Comments

Post a Comment

Popular posts from this blog

linux - xterm copying to CLIPBOARD using copy-selection causes automatic updating of CLIPBOARD upon mouse selection -

i've tried various ways coerce xterm (versions 285 , 292) copy selection clipboard clipboard whenever press ctrl-shift-c. promising way far has been, in ~/.xresources, put this: xterm*vt100.translations: #override \ ctrl shift <keypress> c: copy-selection(clipboard) \n\ ctrl shift <keypress> v: insert-selection(clipboard) ctrl-shift-v works perfectly, copying has nuance... if restart xterm, highlighting text puts things in primary clipboard; expected, proper, default behavior. if hit ctrl-shift-c, copies current selection clipboard clipboard. the bug, however, if highlight text after first time pressed ctrl-shift-c, you'll see highlighting copies both primary and clipboard. cannot figure out how stop xterm updating clipboard upon selection... , doesn't make sense me in first place. i said, @ specific point in time, copy selection clipboard... yet starts updating automatically upon selection after doing once... anyone have workaround...
Read more

c++ - qgraphicsview horizontal scrolling always has a vertical delta -

Image
i've subclassed qgraphicsview custom canvas used in cad application. i've reimplemented qgraphicsview::wheelevent check keyboard modifiers control key and, if control key pressed, zoom. i'm trying implement horizontal scroll when user holds shift , uses wheel. the problem i'm having horizontal scrolling always scrolls 0.279. not huge problem, hugely annoying , points else being wrong. so, here questions: is right way implement horizontal scrolling? if not, is? how eliminate delta of 0.279? thanks in advance. code , sample output below void myview::zoom(int delta) { double factor = pow(1.2, delta/abs(delta)); this->scale(factor, factor); } void myview::scrollhorizontal(int level) { qpointf center = maptoscene(viewport()->rect().center()); qdebug() << "center: " << center.x() << ", " << center.y(); centeron(qpointf(center.x() - level, center.y())); } void myview::wheelevent(qwheeleve...
Read more