Userscripts.org

The following is an archive of comments made before threaded discussions was implemented (November 16th, 2008)

FYI, since I don't permit clipboard access for javascript (see above), the version of this script that I use alters line 103 from this:

prompt("Here is your link.\nIf you would like this to be automatically copied in the future, visit 'about:config' the address bar. Search for 'signed.applets.codebase_principal_support' and set its value to true.", text);


to this:

alert(location.href+"\n\nhas been shortened to:\n\n"+text);


I found that Firefox now supports (at least on FF3 on Linux now supports) highlighting any text in an alert box; all I have to do is triple-click the shortened URL line (and on Windows, hit CTRL+C ... Linux does that bit automatically), which is why the tiny url is on its own line.

aaron158... until he fixes it... do this...
Replace line 109 with this...

if (!event.shiftKey || event.ctrlKey || event.metaKey || event.altKey || (event.target.type && (event.target.type.match(/text/) || event.target.type.match(/input/)))) {

I press Shift+T and nothing is happening
Need to improve the script

Hi Glendon!
Would you like to add another service? twirl.at is built by me and could be added by changing the first part of your script to:

var service = 1;

var tinyurlcom = 1;
var lnsnet = 2;
var metamarknet = 3;
var lnknu = 4;
var twirlat = 5;

// TODO: Add support for other services

var url, regexp;

switch(service) {
	case tinyurlcom:
		url = 'http://tinyurl.com/create.php?url='+location.href;
		regexp = '(http:\/\/tinyurl.com\/[a-z0-9]+)';
		break;
	case lnsnet:
		url = 'http://ln-s.net/home/api.jsp?url='+encodeURIComponent(location.href);
		regexp = '(http:\/\/ln-s.net\/[$+-:_A-Za-z0-9]+)';
		break;
	case metamarknet:
		url = 'http://metamark.net/api/rest/simple?long_url='+encodeURIComponent(location.href);
		regexp = '(http:\/\/xrl.us/.*)';
		break;
	case lnknu:
		url = 'http://minilink.org/?url='+encodeURIComponent(location.href)+'&xml=1';
		regexp = '<minilink>(http:\/\/.*?)<\/minilink>';
		break;
	case twirlat:
		url = 'http://twirl.at/api.php?url='+encodeURIComponent(location.href);
		regexp = '(http:\/\/twirl.at\/[A-Za-z0-9]+)';
		break;
}

Thank you very much!

Hi, this script is cool and very handy.

Unfortunately it always creates a URL when you type a T, also when writing emails or so.

False popups could be increased by changing T to a combo like T+U.
set a global var combo, document.addEventListener change to:
document.addEventListener('keypress', function(event) {
// Everything is a shift combo. Ignore the search field.
if (!event.shiftKey || event.ctrlKey || event.metaKey || event.altKey || (event.target.type && event.target.type.match(/text/))) {
combo = false;
return;
}

// Shift+T
if (event.charCode == 84) {
//getshortlink();
combo = true;
}
// Shift+U after Shift+T
if (combo && event.charCode == 85) {
getshortlink();
combo = false;
}
}, false);

Unfortunately it doesn't work, when "Search for text when I start typing" is enabled in the advanced settings of FF. So you would have to Type T, click anywhere into the web page and then type U.--Maybe someone knows a better solution.

I also see another problem. There are unique URLs to "private" stuff, not secured by login but by the URL itself. E.g.: http://www.xyz.com/content/476gdsjghf744hGH/You.... Nobody could guess this url but if you shorten it, it would be available in theirs service.
For this reason, I added a confirm dialog to the script in the getshortlink() function:
check=confirm("Shorten current URL?");
if (check) {
GM_xmlhttpRequest({
...
}


Maybe some fragments give you some inspiration for your next release.

Change line 105 so that it includes "event.ctrlKey" in the OR statements of that conditional; we don't want Ctrl+Shift+T to trigger this (I got fed up with the keyboard shortcut for 'undo closed tab' also popping up a shortened URL for the old page.

If you prefer a diff (get ready for UGLY!),

--- /tmp/urlshortener.user.js.orig      2008-04-24 18:27:19.635850562 -0400
+++ /tmp/urlshortener.user.js   2008-04-24 18:27:46.130500578 -0400
@@ -102,7 +102,7 @@

 document.addEventListener('keypress', function(event) {
        // Everything is a shift combo. Ignore the search field.
-       if (!event.shiftKey || event.metaKey || event.altKey || (event.target.type && event.target.type.match(/text/))) {
+       if (!event.shiftKey || event.ctrlKey || event.metaKey || event.altKey || (event.target.type && event.target.type.match(/text/))) {
                return;
        }

no_master: JavaScript shouldn't have access to your clipboard. This would allow malicious code to send your clipboard's content to a server online, which is problematic if your clipboard happens to contain your credit card number, password, or other sensitive data. It might also be a nasty surprise to find some very objectionable words inexplicably in your clipboard.

Also, codebase principal protects more than just your clipboard.

From Mozilla JavaScript Security's Signed Scripts article:

A codebase principal is a principal derived from the origin of the script rather than from verifying a digital signature of a certificate. Since codebase principals offer weaker security, they are disabled by default in Mozilla. Codebase principals do not offer as strong a proof of identity, thus end users are unable to make informed choices on whether to grant the script extended privileges.

More importantly, since Greasemonkey scripts affect the code on the sites you are visiting, this privilege is therefore tied to that URL rather than the Greasemonkey script. This opens a gaping security hole, empowering ALL of your Greasemonkey scripts plus whatever code that site runs, and it's tied to far more than just your clipboard. Be careful.

Very smart script...
In the source code, it says about the link prompt:

If you would like this to be automatically copied in the future, visit

'about:config'

'signed.applets.codebase_principal_support'

true

Any idea of why 'signed.applets.codebase_principal_support' isn't enablet/set to true by default by Firefox? Is it dangerous? does all extensions and stuff become able to do things behind your back? or why isn't it default?

whoops, nevermind. just had to wait a bit.

alrighty, now how do I actually activate this? lol. I press Shift+T and nothing is happening as far as I can tell.