Saturday, April 10, 2010

ClickOnce Bookmarklets...maybe click twice

I have a set of bookmarklets that go to my website, and actually use the current version of the bookmarklet. So the bookmarklet on the bar is just a pointer to a script out on my site. So I can update the bookmarklets to my heart's content without the end user having to do anything at all. Unless I move where the bookmarklets live on my site. So if your bookmarklet living space can be more permanent here's the cross domain bookmarklet injection code:

var e=document.createElement('script');

'language', 'javascript');

'token', '@testToken');

'src', '');


Notice the token code. That makes it so that in the child script I can pull in which user it is, and make posts to that user's account directly.


  1. We're exchanging private emails on this technique, I thought I'd keep that conversation going... as you say, you can update the script functions without users like me doing anything or even being aware there's a change. This might be a great thing in a trusted environment but -- what's a similar technique where I would have the option (perhaps the requirement) to make a change on my machine in order to accept/adopt changes on your server?

  2. I'm not sure such a thing exists. There's a multitude of websites are at the mercy of google's jQuery api hosting with the same trust vulnerability.