One of the most powerful features of Greasemonkey scripts is the ability to integrate different sites in ways that neither site expected. This can be as simple as adding a form on one site that submits data to another site, or as complex as pulling data from disparate sites and combining them dynamically.

Most of the hacks in this chapter rely on a Greasemonkey API function called GM_xmlhttpRequest, which allows user scripts to get and post data to any site, anywhere, at any time. As you may recall from "Avoid Common Pitfalls" [Hack #12] , this function was the center of a number of security holes in previous versions of Greasemonkey. Those vulnerabilities have long since been resolved, but you should always be aware of the power that Greasemonkey provides. It's a wonderful thing, but like every sufficiently advanced technology, it can be used for evil as well as good.

All the scripts in this chapter are safe to use, which is to say that they only do what they claim to do. Where there are unavoidable privacy concerns, I call them out specifically in the text.