search

Tampermonkey / tampermonkey

Tampermonkey is the most popular userscript manager, with over 10 million users. It's available for Chrome, Microsoft Edge, Safari, Opera Next, and Firefox.
GNU General Public License v3.0
4.3k stars 424 forks source link

The cookie value is invaild with GM_xmlhttpRequest after upgrade to v5.2.0 #2112

Closed Tinyfatboy closed 3 months ago

Tinyfatboy commented 4 months ago

Actual Behavior

Hello, after upgrading to Tampermonkey 5.2.0, the original script failed when sending requests using GM_xmlhttpRequest. We compared all the API information of version 5.1.1 and found that after the upgrade, if the cookie value contains quotation marks ", the GM_xmlhttpRequest method will encode the quotation marks to %22, causing the original script to fail.

eg. original cookie (v5.1.1) idtt.certInfo="W7I356...

with v5.2.0 idtt.certInfo=22%W7I356...

This affect our script and makes GM_xmlhttpRequest failed. Cloud you help to check.

Specifications

Script

// ==UserScript==
// @name         myScript
// @namespace    http://tampermonkey.net/
// @author       myName
// @match        https://example.com
// @run-at       document-start
// @grant        GM_xmlhttpRequest
// @connect      target.example.com
// ==/UserScript==

(function() {
    GM_xmlhttpRequest({
        url: 'https://target.example.com,
    });
})();
derjanb commented 4 months ago

Can you please test Tampermonkey BETA. Thanks.

Tinyfatboy commented 4 months ago

Can you please test Tampermonkey BETA. Thanks.

Hello, thanks for your advice. I tested with Tampermonkey BETA, but the error still occurs.

derjanb commented 4 months ago

Thanks a lot. Please use Tampermonkey Legacy as long as I'm working on a fix...

derjanb commented 4 months ago

Should be at 5.3.6203 (crx)

Please download the crx file linked above and drag and drop it to the extensions page chrome://extensions (after you've enabled 'Developer Mode').