From cde29ea7e9ff1bf6751debf0e5cf1d11a9cb6aea Mon Sep 17 00:00:00 2001
From: Thorin-Oakenpants <Thorin-Oakenpants@users.noreply.github.com>
Date: Wed, 15 Mar 2017 06:16:37 +1300
Subject: [PATCH] Created 3.1 Greasemonkey (markdown)

---
 3.1-Greasemonkey.md | 79 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 79 insertions(+)
 create mode 100644 3.1-Greasemonkey.md

diff --git a/3.1-Greasemonkey.md b/3.1-Greasemonkey.md
new file mode 100644
index 0000000..382e69a
--- /dev/null
+++ b/3.1-Greasemonkey.md
@@ -0,0 +1,79 @@
+
+### Conceal History Length
+This does not break history in any way. It just lies to any JS asking about it. Your actual (max) history is controlled by `browser.sessionhistory.max_entries` which is a per tab setting. You can test it at [JoDonym](http://ip-check.info/?lang=en)
+
+```js
+// ==UserScript==
+// @name        Conceal history.length
+// @description Intercepts read access to "history.length property.
+// @namespace   localhost
+// @include     *
+// @run-at      document-start
+// @version     1.0.1
+// @grant       none
+// ==/UserScript==
+
+var _window={name:window.name};
+Object.defineProperty(history,'length',{
+	get:function()
+	{
+		return '2';
+	}
+});
+```
+
+### Conceal windows.name
+See [bugzilla 444222](https://bugzilla.mozilla.org/show_bug.cgi?id=444222). You can test it at [JoDonym](http://ip-check.info/?lang=en)
+
+```js
+// ==UserScript==
+// @name        Conceal window.name
+// @description Intercepts read access to window.name property.
+// @namespace   localhost
+// @include     *
+// @run-at      document-start
+// @version     1.0.1
+// @grant       none
+// ==/UserScript==
+
+var _window={name:window.name};
+Object.defineProperty(window,'name',{
+	get:function()
+	{
+		//No CAPTCHA reCAPTCHA
+		if(/^https:\/\/www\.google\.com\/recaptcha\/api2\/(?:anchor|frame)\?.+$/.test(window.location.href)&&/^I[0-1]_[1-9][0-9]+$/.test(_window.name))
+		{
+			return _window.name;
+		}
+		else
+		{
+			if(_window.name!='')
+			{
+				console.warn('Intercepted read access to window.name "'+_window.name+'" from '+window.location);
+			}
+			return '';
+		}
+	}
+});
+```
+
+### Clear window.opener
+See [this](https://www.ghacks.net/2017/01/24/web-security-add-relnoopener-to-external-links/) ghacks article about rel=noopener. You can test it at https://mathiasbynens.github.io/rel-noopener/
+
+```js
+/ ==UserScript==
+// @name        Clear window.opener
+// @description Prevents tampering with window.opener.
+// @namespace   localhost
+// @include     *
+// @run-at      document-start
+// @version     1.0
+// @grant       none
+// ==/UserScript==
+
+if (window.opener != null)
+{
+window.opener = null;
+console.warn('Cleared window.opener!');
+}
+```