Automatic updates for scripts installed from UserScripts

322 views
Skip to first unread message

Nicholas

unread,
Mar 7, 2013, 12:10:19 AM3/7/13
to greasemon...@googlegroups.com
Hello,

I have authored about a dozen or so scripts currently hosted on Userscripts and am having trouble understanding how the automatic update process in Greasemonkey applies to scripts installed from that location.  I'm asking because what I'm currently seeing is that no scripts installed from Userscripts are, by default, automatically checked for updates.

By default Greasemonkey requires a secure connection to install script updates (which makes sense).  According to the documentation, if a script is installed without the @updateURL or @downloadURL headers, then the original install location will be used.  The problem with this system is that, by default, scripts are installed from a non-secure location on Userscripts.  Because of this, it seems like the only way to get automatic updates to work with UserScripts is to manually include the @update directives in the metablock of the script.

Is there a possibility that Greasemonkey might be changed so that it treats scripts installed from Userscripts as a special case such that if a script is installed from a non-secure location (say, http://userscripts.org/scripts/source/1.user.js) and it does NOT include any @update directives, then the corresponding secure location is used as a fall-back (in this case, https://userscripts.org/scripts/source/1.user.js).  Since Userscripts supports both HTTP and HTTPS connections, connectivity shouldn't be a problem.  The only issue would be whether Userscripts can be trusted to serve the same content from both locations -- but since the user is already trusting Userscripts, that doesn't seem like an issue.

If this change were put in place, it would allow all scripts installed from Userscripts to be automatically updatable by default without needing @update directives.  That seems to go along with the original goal of automatic script updates.

Thanks for reading.

Anthony Lieuallen

unread,
Mar 7, 2013, 10:15:28 AM3/7/13
to greasemon...@googlegroups.com
The best fix would be at userscripts.org, to make all links for user scripts to point at the HTTPS URL by default, for all users.

A workaround might be, as you suggested, to always choose to install scripts from userscripts.org via HTTPS, regardless of whether the original URL was.  But perhaps the owners of userscripts.org have a good reason not to do that?  Which again reinforces the idea that: if they can handle it, they should indicate as such by making the change on their end.


--
You received this message because you are subscribed to the Google Groups "greasemonkey-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to greasemonkey-us...@googlegroups.com.
To post to this group, send email to greasemon...@googlegroups.com.
Visit this group at http://groups.google.com/group/greasemonkey-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

Reply all
Reply to author
Forward
0 new messages