Violentmonkey: Load local file:// resources in supported browsers

Created on 19 Jul 2018  路  3Comments  路  Source: violentmonkey/violentmonkey

What is the problem?

In Tampermonkey, I can include a line like:

// @require       file:///tmp/my-test-file.user.js

This can then load and I can verify using rapid development test code before deploying to the user-base.
I thought this feature _used_ to work with ViolentMonkey, but now the console (in Icecat) yields:

"Error fetching: http://tmp/my-test-file.user.js" Object { url: "http://tmp/my-test-file.user.js", data: "", xhr: XMLHttpRequest, status: -1 }  app.js:8:9631
    i/</i< moz-extension://ca9d7a96-dd2a-4df1-9022-3ed806ca660b/background/app.js:8:9631

Now, is this a failure on Icecat or ViolentMonkey for translating the file:// scheme into a http:// one?

I noticed that the documentation says

Local files are not allowed to be required due to security concern.

This is permitted in other setups, and is a blocker for me to use ViolentMonkey successfully.

Environment

  • Browser: Icecat
  • Browser version: v52.8.1 (64-bit)
  • Violentmonkey version: v2.9.5
  • OS: Fedora 28
enhancement

Most helpful comment

You could simply run a minimal webserver on your machine serving said files and access them over localhost.

All 3 comments

I have my little library I could use in several userscripts.

So, I would like to know how I can include my own scripts from my computer?

It looks like // @require file:///path/to/my/local/script.js does not work?
Why?

If this is because only remote (not local) scripts can be preloaded, then explain where and how I can upload my scripts.

You could simply run a minimal webserver on your machine serving said files and access them over localhost.

Tampermonkey checks those included files every time, Violentmonkey doesn't. We need to investigate if automatic checking will be fast enough to allow in getScriptsByURL() when it's invoked in preinject().

Firefox stopped allowing file:// access in WebExtensions intentionally so now solving this issue will make sense only in Chrome where the users can explicitly allow file access on chrome://extensions details page for Violentmonkey.

Was this page helpful?
0 / 5 - 0 ratings