【发布时间】:2016-07-20 01:38:16
【问题描述】:
我想使用 chrome 中的用户脚本/tampermonkey 提交一个自动填充的密码表单。但是它不起作用 - 字段 密码字段保持为空(服务器响应甚至带有警报消息),直到窗口实际由用户控制(任何实际的键盘按或鼠标单击)。 如果您希望用户脚本自动登录而不将密码硬编码到用户脚本中,这似乎很重要。
有人对此有解释和/或解决方法吗?
我尝试了所有我知道的提交表单的方法:.submit() 或调度实际的鼠标点击事件等
自己尝试一下:此处自动保存密码/名称:http://www.htmlcodetutorial.com/forms/_INPUT_TYPE_PASSWORD.html
附加信息:Tampermonkey 版本 3.12.58,chrome 版本 49.0.2623.110 m,Windows 10 64x。我还尝试停用 chrome 中的所有扩展。
该页面附带的用户脚本:
// ==UserScript==
// @name New Userscript
// @namespace http://tampermonkey.net/
// @version 0.1
// @description try to take over the world!
// @author You
// @match http://www.htmlcodetutorial.com/forms/_INPUT_TYPE_PASSWORD.html
// @grant none
// ==/UserScript==
//wait 5s to assert that chrome autofill had enough time to do its thing
setTimeout(function(){document.forms[0].submit()},5000)
编辑:从不提交的循环代码。
loopme()
function loopme() {
setTimeout(function(){
//check every second if 'password field' is empty, if not, submit the form
if(document.forms[0].elements[1].value != ''){
document.forms[0].submit()
} else {
//make count visible
document.title = "|" + document.title
//edit: adding an virtual 'click' makes no difference:
//var mouseClick = new MouseEvent("click");
//document.body.dispatchEvent(mouseClick);
loopme()
}
},1000)
}
由于 this suggestion 基于 chrome 错误,密码字段的屏幕截图。
左:提交前的表单,右:服务器响应。
(详细)运行循环脚本时 chrome 的日志文件:
Navigated to http://www.htmlcodetutorial.com/forms/_INPUT_TYPE_PASSWORD.html
content: Started (5edc5230-099a-412a-bca4-48c97edb3113, http://www.htmlcodetutorial.com/forms/_INPUT_TYPE_PASSWORD.html)
content: start event processing for 5edc5230-099a-412a-bca4-48c97edb3113 (1 to run)
env: initialized (content, id:5edc5230-099a-412a-bca4-48c97edb3113, http://www.htmlcodetutorial.com/forms/_INPUT_TYPE_PASSWORD.html)
env: schedule 'New Userscript' for document-idle
env: schedule for later events!
env: first DOMNodeInserted Event!
content: Started (d2f1e833-ce3f-48e8-a81c-cf4a93475a98, nullblank)
content: disable event processing for d2f1e833-ce3f-48e8-a81c-cf4a93475a98
content: Started (6b10cff5-a3a1-4eab-9286-f7e49aaa5952, http://www.htmlcodetutorial.com/forms/_INPUT_TYPE_PASSWORD.html)
content: disable event processing for 6b10cff5-a3a1-4eab-9286-f7e49aaa5952
content: Started (dc4a5836-69a6-4194-a631-ad2354cc6a33, nullblank)
content: disable event processing for dc4a5836-69a6-4194-a631-ad2354cc6a33
env: DOMContentLoaded Event!
content: detected DOMContentLoaded 5edc5230-099a-412a-bca4-48c97edb3113
content: Started (df53f06c-55ba-4398-8a4d-0b41d2fb3f93, nullblank)
content: disable event processing for df53f06c-55ba-4398-8a4d-0b41d2fb3f93
env: execute script New Userscript @ the safe context now!
content: Started (069446ea-3b29-42c4-8c13-9f4f112f6a01, https://googleads.g.doubleclick.net/pagead/html/r20160331/r20151006/zrt_lookup.html)
content: disable event processing for 069446ea-3b29-42c4-8c13-9f4f112f6a01
content: Started (127600e6-61f8-4e15-862a-fe0aaa6e4683, http://s7.addthis.com/static/sh.953eb77977227bfd253ee158.html)
content: disable event processing for 127600e6-61f8-4e15-862a-fe0aaa6e4683
content: Started (b50036dc-266a-4328-92b9-6937c09419e3, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for b50036dc-266a-4328-92b9-6937c09419e3
content: Started (5df2993f-2fc5-4f40-8fa9-aa37c7ffd987, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for 5df2993f-2fc5-4f40-8fa9-aa37c7ffd987
content: Started (8f6c166e-6e61-4776-ba28-8caf786704f4, http://tpc.googlesyndication.com/safeframe/1-0-2/html/container.html)
content: disable event processing for 8f6c166e-6e61-4776-ba28-8caf786704f4
content: Started (c9082438-936d-4ba3-b76e-bf7cc9f48bae, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for c9082438-936d-4ba3-b76e-bf7cc9f48bae
content: Started (2439efaa-3ea5-461b-a8a1-25b2be866f1a, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for 2439efaa-3ea5-461b-a8a1-25b2be866f1a
content: Started (fdd7347c-3bf8-4e05-a9bb-97e0e26d543e, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for fdd7347c-3bf8-4e05-a9bb-97e0e26d543e
content: Started (5e2a844c-fe1e-4c8d-af07-09b3b1ab272c, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for 5e2a844c-fe1e-4c8d-af07-09b3b1ab272c
content: Started (0cef6828-3752-4b05-a8de-68cb90f6b29b, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for 0cef6828-3752-4b05-a8de-68cb90f6b29b
content: detected load 5edc5230-099a-412a-bca4-48c97edb3113
content: Started (65ce238d-9bd8-45cd-8d52-8d215ae3fe62, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for 65ce238d-9bd8-45cd-8d52-8d215ae3fe62
content: Started (c3747272-9bf6-4a6b-baf3-d38b7fbb8134, nullblank)
content: disable event processing for c3747272-9bf6-4a6b-baf3-d38b7fbb8134
【问题讨论】:
-
请添加有关您的问题的更多信息,例如您的示例代码。
-
已添加,请记住,我实际上并不想读取/拦截密码值。相反,我不想阅读它们,而是提交它们。但是,就我的测试而言,如果用户脚本自动提交表单(即使在 setTimeout 等之后),服务器不会收到 chrome 自动填充的名称/密码 - 除非您提供某种“真实”用户操作(例如单击、按下键) )。我怀疑这是 chrome 方面的一项安全措施,但是......我不知道,我真的希望我的脚本能够工作 =)
-
抱歉,您的问题仍然不清楚...您想模拟提交操作,但您提供的代码什么也没做?
-
让我指定:我想通过用户脚本自动提交表单,该表单由 chrome 使用用户名/密码自动填充。然而,提交的表单只包含空字段,除非与页面有实际的用户交互。该脚本仅显示在用户交互之前您无法通过警报消息阅读它(因为我无法提供服务器端答案)编辑:对不起,该页面甚至列出了服务器端答案 - 我更改为代码
-
我在页面上的 Tampermonkey 中遇到了同样的问题。密码字段中有一个显示/隐藏图标。当我用鼠标单击它或在输入字段内单击时,tampermonkey 脚本会继续,但是在脚本内模拟单击时,密码值保持为空。
标签: google-chrome google-chrome-extension greasemonkey userscripts tampermonkey