This script lets its users submit their own mnemonics for kanji, vocabulary and radicals. They can then be viewed by everyone else, who is using this script. Users can also vote on other peoples mnemonics. In future versions the votes will determine the order, in which the mnemonics appear.
This is a complete from scratch reimplementation, of the old Community Mnemonics Userscript, by Samuel-H, because it was unmaintained. 【old thread】
All data of the old script are carried over. Though there was a bug in the old script, where the user was mistakenly set to “c”. Those are renamed to “Anonymous” now.
If you see a mnemonic, that was written by you and is by Anonymous now, drop a comment with the kanji/vocabulary, meaning or reading and ideally the mnemonic itself, so I can identify it quicker and I will change it to your username.
- Submitting of new mnemonics for Radicals, Vocabulary and Kanji (up to 5 per item)
- Voting on mnemonics
- Editing your own mnemonics
- Requesting a mnemonic, if none exists yet.
- Displays who requested a mnemonic.
- Fixed right arrow being toggled on with multiple requests
- Added GPL-3.0 License
- Fixed shortcuts being activated in textarea
- Mnemonics are displayed on the item pages.
- Visually looks much prettier. Text highlight color more vibrant. Width dynamic. All Buttons have sick effects on click and hover.
- Added ? insert button. Because ? toggles shortcut help menu.
- Focus textarea after Button press.
- Move Codebase to Typescript.
- In Lessons and Reviews, only display Reading- and Meaning-CM, whenever Reading or Meaning should be visible.
- Display an icon on list screens (level, kanji, voc. or rad. pages) if a mnemonic is available or requested.
- Users can delete their own mnemonics
- Removed all legacy requests just by “Anonymous” from the sheet.
- Make compatible with WaniKanis 03.2023 Turbo update
- Uses “WK Item Info Injector” now (thanks Sinyaven) WK Item Info Injector
- Thanks to Item Info Injector works now on Extra Study pages as well.
Differences compared to WKCM
- It works
- Completely new implementation in Typescript.
- Possibility to add Meaning mnemonics for Radicals.
- Each user can submit multiple mnemonics. (up to 5)
- Data in sheet is saved, making use of JSONs. Easier to work with & more robust.
- To protect from XSS attacks, instead of HTML tags a custom markup syntax is used for highlighting.
- All HTML tags will be removed during insert into the DB spreadsheet.
- Content will be displayed within Iframes to further narrow down the possibilities for XSS exploits.
- Caches data from spreadsheet to make the script more responsive.
- Old legacy Mnemonics that were by users “c” or “ript:void(0)” (caused by bug) are displayed as being by Anonymous.
- Scores/Votes are now properly recorded with the user who voted being saved in the sheet. Allowing for only one vote per person and changing of the vote.
Install Tampermonkey, if you haven’t already: 【General Script Installation instructions】
This script requires WaniKani Open Framework, so make sure it is installed correctly and set to position 1 in Tampermonkey: 【Open Framework Installation】
It should be self explanatory, really. Except, when writing mnemonics use the buttons to insert the kind of highlighting you want. Hover over the button to see what it will do. To wrap text in the tags, after you wrote it, simply highlight it and press the button. For newlines, use
If a mnemonic is too large to be displayed within the bounds of the iframe, simply hover over it and scroll down.
Detailed instructions, more info, future versions and planned features can be found on the GitHub page of the project: 【Dakes/WaniKaniCommunityMnemonics2】
Since the old one was vulnerable to XSS attacks, is it safe now?
I implemented multiple layers of security, to ensure, there will be no malicious code executed on the user side.
The only way for data to enter the spreadsheet is the API url. It deletes all HTML tags and escapes the signs, that might be used to attempt an XSS attack.
For highlighting this time, a custom Markup Syntax is used, so that no HTML tags need to reside in the spreadsheet.
On the user side any HTML tags or malicious signs will then be deleted, or escaped again, in case someone does manage, to sneak something into the spreadsheet.
After that the markup will be replaced by the whitelisted highlighting tags.
And finally the content will be put into sanboxed iframes, which are an isolated environment for HTML code. So if all of the above fails, the malicious code will be locked in.
The API also requires a WaniKani API token for write access. (Just to get the username). This way, users with malicious behavior could be blocked.
To ensure the safety of the data, that is already in the sheet, it is viewable by everybody: 【WKCM2 - Google Sheets】. But not writable.
All data in the sheet is accessible via the API url. This includes requesting, submitting and editing mnemonics. For details, take a look in the GitHub repository.
So theoretically if for some reason, you want to access the mnemonic data as well, this is entirely possible now. So you could create a different userscript, that uses the same data and stays in sync with WKCM2. neat
If you find any bugs, other issues or have improvement suggestions, please leave a comment, or open an issue on GitHub.
- CMs don’t show for Radicals during Lessons