0

thats what i got so far

function onReady(callback) {
    if (document.readyState === "complete") window.setTimeout(callback, 0);
    else window.addEventListener("load", callback, false);
}
onReady(function() {
    removeit("new");
});

function removeit() {
    el = document.querySelector("#toolbarCurtain");
    if (el) {
        el.style.setProperty("display", "", null);
    } * * EXEC COMMAND
    return;
}

the " **EXEC COMMAND" thing is where i want to call a function that is in the site itself. the function is called drawPlayer(), and when i type drawPlayer() in the chrome console it works. i can't make my script call the function, how do i do that?

Esailija
  • 134,577
  • 23
  • 263
  • 318
user1520830
  • 3
  • 1

1 Answers1

0

Taken from here.

All injected code runs in an isolated world, a javascript context isolated from the main website's JS context. This is a built-in security measure and cannot be disabled.

The solution is to append a script. If you need a lot of executions, you should normally setup a custom communication event, and only inject one script listening to that custom event and eval()ing the event data. Here is how Google recommends to do this.

Bear in mind this will only work if the target site doesn't have CSP (Content-Security-Policy).

var RunInThisContext = function(c){ 
    var code = document.createTextNode(c);
    var script = document.createElement('script');
    script.type='text/javascript';
    script.appendChild(code);
    document.body.appendChild(script);      
};

Use like this:

RunInThisContext('('+(function(){ 
     /////////////////////
     //
     //   RUN YOUR FUNCTIONS HERE
     //
     /////////////////////
}).toString()+'()); ');
Community
  • 1
  • 1
Silviu-Marian
  • 10,105
  • 5
  • 45
  • 71