Community Mnemonics is back!
This script lets its users submit their own mnemonics for kanji, vocabulary and radicals. They can then be viewed by everyone else, who is using this script. Users can also vote on other peoples mnemonics. In future versions the votes will determine the order, in which the mnemonics appear.
This is a complete from scratch reimplementation, of the old Community Mnemonics Userscript, by Samuel-H. The original was unmaintained for a long time, had bugs and was plagued by security concerns. But due to its unmaintainable nature, I decided to program it from scratch my way. Now it is much more robust, maintainable and secure. 【old thread】
Though, this is still not the full version (1.0). A few features, that were in the original are still missing, like showing the mnemonics on the item list pages. All data of the old script are carried over. Though there was a bug in the old script, where the user was mistakenly set to “c”. Those are renamed to “Anonymous” now.
If you see a mnemonic, that was written by you and is by Anonymous now, drop a comment with the kanji/vocabulary, meaning or reading and ideally the mnemonic itself, so I can identify it quicker and I will change it to your username.
- Submitting of new mnemonics for Radicals, Vocabulary and Kanji (up to 5 per item)
- Voting on mnemonics
- Editing your own mnemonics
- Requesting a mnemonic, if none exists yet.
- Displays who requested a mnemonic.
- Fixed right arrow being toggled on with multiple requests
- Added GPL-3.0 License
- Fixed shortcuts being activated in textarea
- Mnemonics are displayed on the item pages.
- Visually looks much prettier. Text highlight color more vibrant. Width dynamic. All Buttons have sick effects on click and hover.
- Added ? insert button. Because ? toggles shortcut help menu.
- Focus textarea after Button press.
Differences compared to WKCM
- It works
- Completely new implementation; Maintainable
- Possibility to add Meaning mnemonics for Radicals.
- Each user can submit multiple mnemonics. (up to 5)
- Both Reading and Meaning Mnemonics now always get displayed next to each other, no matter what tab is activated. (Hopefully reducing mnemonics landing in the wrong category)
- Data in sheet is saved, making use of JSONs. Easier to work with & more robust.
- To protect from XSS attacks, instead of HTML tags a custom markup syntax is used for highlighting.
- All HTML tags will be removed during insert into the DB spreadsheet.
- Content will be displayed within Iframes to further narrow down the possibilities for XSS exploits.
- Caches data from spreadsheet to make the script more responsive.
- Old legacy Mnemonics that were by users “c” or “ript:void(0)” (caused by bug) are displayed as being by Anonymous.
- Scores/Votes are now properly recorded with the user who voted being saved in the sheet. Allowing for only one vote per person and changing of the vote.
Install Tampermonkey, if you haven’t already: 【General Script Installation instructions】
This script requires WaniKani Open Framework, so make sure it is installed correctly and set to position 1 in Tampermonkey: 【Open Framework Installation】
Then open this URL to the script hosted on GitHub, the Tampermonkey install page should open automatically:【WKCM2.user.js】
It should be self explanatory, really. Except, when writing mnemonics use the buttons to insert the kind of highlighting you want. Hover over the button to see what it will do. To wrap text in the tags, after you wrote it, simply highlight it and press the button. For newlines, use
If a mnemonic is too large to be displayed within the bounds of the iframe, simply hover over it and scroll down.
Detailed instructions, more info, future versions and planned features can be found on the GitHub page of the project: 【Dakes/WaniKaniCommunityMnemonics2】
Since the old one was vulnerable to XSS attacks, is it safe now?
I implemented multiple layers of security, to ensure, there will be no malicious code executed for the user.
The only way for data to enter the spreadsheet is the API url. It deletes all HTML tags and escapes the signs, that might be used to attempt an XSS attack.
For highlighting this time, a custom Markup Syntax is used, so that no HTML tags need to reside in the spreadsheet.
On the user side any HTML tags or malicious signs will then be deleted, or escaped again, in case someone does manage, to sneak something into the spreadsheet.
After that the markup will be replaced by the whitelisted highlighting tags.
And finally the content will be put into sanboxed iframes, which are an isolated environment for HTML code. So if all of the above fails, the malicious code will be locked in.
To ensure the safety of the data, that is already in the sheet, it is viewable by everybody: 【WKCM2 - Google Sheets】. But not writable.
All data in the sheet is accessible via the API url. This includes requesting, submitting and editing mnemonics. For details, take a look in the GitHub repository.
So theoretically if for some reason, you want to access the mnemonic data as well, this is entirely possible now. So it would for example be possible, to create an addon script for WKCM2. Or the data could be used completely independently from WaniKani. Or if you think you can do a better job than me with a userscript like this, you can create a competing script, that uses the same data and stays in sync with WKCM2. neat
As long as version 1.0 isn’t out, I still consider this a beta. So if you find any bugs, other issues or have improvement suggestions, please leave a comment, or open an issue on GitHub.
Requests of multiple people cause next button to get switched on. Will be fixed in next minor version.fixed with 0.2.1