GM.addElement support #627

UtterDonkey · 2024-02-14T10:23:23Z

Could the GM.addElement API be added which would allow elements such as script elements to be added into the page bypassing CSP?

ACTCD · 2024-02-14T16:14:48Z

Referring to #106, there currently seems to be no feasible way to bypass the severely restricted CSP in Safari.

UtterDonkey · 2024-02-14T17:06:50Z

Isn't it done in the iOS version of tampermonkey?

ACTCD · 2024-02-14T23:11:59Z

Have you actually tested this on your own?

We don't have access to the extension, and it's not open source, so we don't know in what way it bypasses CSP if it's implemented.

If you know, new knowledge is always welcome.

UtterDonkey · 2024-02-14T23:18:30Z

Would the way it bypasses CSP in safari be different from how it does it in other browsers?

ACTCD · 2024-02-14T23:28:14Z

Yes, it's not the same, the relevant APIs are lacking in Safari and have tighter restrictions.

ACTCD added the help wanted Extra attention is needed label Apr 17, 2024

ACTCD added the upstream This is an upstream issue label Jan 6, 2025

Provide feedback