From a7106e7b178440faeda842833b824270181f10fd Mon Sep 17 00:00:00 2001 From: Zhu Chenrui Date: Tue, 19 Aug 2025 15:37:18 +0800 Subject: [PATCH 1/3] fix: avoid top-level await in credential helpers --- XMOJ.user.js | 55 ++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 43 insertions(+), 12 deletions(-) diff --git a/XMOJ.user.js b/XMOJ.user.js index 7b47f15e..f190186b 100644 --- a/XMOJ.user.js +++ b/XMOJ.user.js @@ -441,6 +441,35 @@ let UtilityEnabled = (Name) => { } } }; +let storeCredential = async (username, password) => { + if ('credentials' in navigator && window.PasswordCredential) { + try { + const credential = new PasswordCredential({ id: username, password: password }); + await navigator.credentials.store(credential); + } catch (e) { + console.error(e); + } + } +}; +let getCredential = async () => { + if ('credentials' in navigator && window.PasswordCredential) { + try { + return await navigator.credentials.get({ password: true, mediation: 'optional' }); + } catch (e) { + console.error(e); + } + } + return null; +}; +let clearCredential = async () => { + if ('credentials' in navigator && window.PasswordCredential) { + try { + await navigator.credentials.preventSilentAccess(); + } catch (e) { + console.error(e); + } + } +}; let RequestAPI = (Action, Data, CallBack) => { try { let Session = ""; @@ -962,8 +991,7 @@ async function main() { location.href = "https://www.xmoj.tech/modifypage.php?ByUserScript=1"; }); PopupUL.children[5].addEventListener("click", () => { - localStorage.removeItem("UserScript-Username"); - localStorage.removeItem("UserScript-Password"); + clearCredential(); document.cookie = "PHPSESSID=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/"; //This is how you remove a cookie? location.href = "https://www.xmoj.tech/logout.php"; }); @@ -3213,12 +3241,11 @@ async function main() { .then((Response) => { return Response.text(); }) - .then((Response) => { + .then(async (Response) => { if (UtilityEnabled("LoginFailed")) { if (Response.indexOf("history.go(-2);") != -1) { if (UtilityEnabled("SavePassword")) { - localStorage.setItem("UserScript-Username", Username); - localStorage.setItem("UserScript-Password", Password); + await storeCredential(Username, Password); } let NewPage = localStorage.getItem("UserScript-LastPage"); if (NewPage == null) { @@ -3227,8 +3254,7 @@ async function main() { location.href = NewPage; } else { if (UtilityEnabled("SavePassword")) { - localStorage.removeItem("UserScript-Username"); - localStorage.removeItem("UserScript-Password"); + clearCredential(); } Response = Response.substring(Response.indexOf("alert('") + 7); Response = Response.substring(0, Response.indexOf("');")); @@ -3244,10 +3270,15 @@ async function main() { }); } }); - if (UtilityEnabled("SavePassword") && localStorage.getItem("UserScript-Username") != null && localStorage.getItem("UserScript-Password") != null) { - document.querySelector("#login > div:nth-child(1) > div > input").value = localStorage.getItem("UserScript-Username"); - document.querySelector("#login > div:nth-child(2) > div > input").value = localStorage.getItem("UserScript-Password"); - LoginButton.click(); + if (UtilityEnabled("SavePassword")) { + (async () => { + let Credential = await getCredential(); + if (Credential) { + document.querySelector("#login > div:nth-child(1) > div > input").value = Credential.id; + document.querySelector("#login > div:nth-child(2) > div > input").value = Credential.password; + LoginButton.click(); + } + })(); } } else if (location.pathname == "/contest_video.php" || location.pathname == "/problem_video.php") { let ScriptData = document.querySelector("body > div > div.mt-3 > center > script").innerHTML; @@ -3814,7 +3845,7 @@ int main() AddUser.disabled = true; RequestAPI("SendMail", { "ToUser": String(UsernameData), - "Content": String("您好,我是" + localStorage.getItem("UserScript-Username")) + "Content": String("您好,我是" + CurrentUsername) }, (ResponseData) => { AddUser.children[0].style.display = "none"; AddUser.disabled = false; From 33a44f8d39dc10607ad8f896b5128f56890eec2e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 19 Aug 2025 07:37:42 +0000 Subject: [PATCH 2/3] 2.1.2 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 9e30be84..98b80f3f 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "xmoj-script", - "version": "2.1.1", + "version": "2.1.2", "description": "an improvement script for xmoj.tech", "main": "AddonScript.js", "scripts": { From 76260d17aa49e4b03dd926a0143d82556e9613da Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 19 Aug 2025 07:37:48 +0000 Subject: [PATCH 3/3] Update version info to 2.1.2 --- Update.json | 11 +++++++++++ XMOJ.user.js | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/Update.json b/Update.json index 5a0f68a6..b484fad7 100644 --- a/Update.json +++ b/Update.json @@ -2980,6 +2980,17 @@ } ], "Notes": "No release notes were provided for this release." + }, + "2.1.2": { + "UpdateDate": 1755589063111, + "Prerelease": true, + "UpdateContents": [ + { + "PR": 834, + "Description": "feat: use credential management api" + } + ], + "Notes": "No release notes were provided for this release." } } } \ No newline at end of file diff --git a/XMOJ.user.js b/XMOJ.user.js index f190186b..f373f997 100644 --- a/XMOJ.user.js +++ b/XMOJ.user.js @@ -1,6 +1,6 @@ // ==UserScript== // @name XMOJ -// @version 2.1.1 +// @version 2.1.2 // @description XMOJ增强脚本 // @author @XMOJ-Script-dev, @langningchen and the community // @namespace https://github/langningchen