fix broken login forms with greasemonkey

16 February 2009 - 12:36am — abate

Not without pain, this evening I've learned how to write a small client side script with greasemonkey [1] . Even if conceptually very easy, I discovered (the hard way) that the firefox security model changed quite drastically with firefox 3.0 introducing XPCNativeWrappers. This page [2] explains the problem in details.

Anyway below it is a small js script to replace http with https in all forms on a page. It can be handy to force login using https on website that do not offer this option by default. And it was funny to learn.

// ==UserScript==

// @name              Fix broken forms

// @description    Forces known sites to use a secure connection

// @include        https://example.com/*

// @copyright      Pietro

// ==/UserScript==

//fix broken forms

var forms = document.getElementsByTagName('form');

for (var i = 0; i < forms.length; i++) {

    var form = forms[i].wrappedJSObject || forms[i];

    if (form.action) {

        form.action = form.action.replace(/^http:/, 'https:');

    }

}

[1] https://addons.mozilla.org/en-US/firefox/addon/748

[2] http://www.oreillynet.com/pub/a/network/2005/11/01/avoid-common-greasemonkey-pitfalls.html