facebook - remove people you may know - facebook

I'm just getting into facebook now. That "people you may know" section that pops up is driving me to distraction, and I'm just trying to get rid of it.
I have a greasemonkey script but its not working. None of numerous posted Greasemonkey scripts to remove it work either.
In the source for the facebook page , the "People You May know" (PYMK) section is in a script element that contains just one very long function call, i.e.
<script>big_pipe.onPageletArrive({"phase":1,"id":"pagelet_ego_pane","is_last":true,"css":["30YXW","MA+x5"],"js":["uBXoU","LNwoY","NavLF","ZtuLL"],"onload":["window.__UIControllerRegistry[\"c4dc09ff06275f0732488206\"] = new UIPagelet(\"c4dc09ff06275f0732488206\",
...
So I'm just trying to remove that script element and I tried this as a first pass:
function Remove_PYMK() {
var scripts = document.getElementsByTagName('script');
for (n=0; n<scripts.length; n++) {
if (scripts[n].innerHTML.indexOf("People You M") >=0) {
scripts[n].style.visibility="hidden";
alert ("found it");
}
}
}
Remove_PYMK();
//document.addEventListener("onload", Remove_PYMK, true);
It finds it, it just doesn't remove it.
This is something of a kludge, needless to say. Is there a proper way to disable PYMK, and ALSO, prevent my name from showing up in PYMK on other people's page.
EDIT:
Here's the entire script node up until the string "People You May Know" (FWIW):
<script>
big_pipe.onPageletArrive({
"phase": 1,
"id": "pagelet_ego_pane",
"is_last": true,
"css": ["30YXW", "MA+x5"],
"js": ["uBXoU", "LNwoY", "NavLF", "ZtuLL"],
"onload": ["window.__UIControllerRegistry[\"c4dc09ff06275f0732488206\"] = new UIPagelet(\"c4dc09ff06275f0732488206\", \"\\\/pagelet\\\/generic.php\\\/WebEgoPane\\\/\", {}, {});; ;", "new EmuController(\"6002939839588-id_4dc09ff0611f60c83869379\", \"AQBsgeDBRnJ4uiUuieZs681Fm3aqB5-626iHBbItdNfF5TWZZJ-9dZ60xyVaJr7JfimJpKgKNxXqF_DH_aHjru3RItUcHs2gI_ZLQNYdIENRSM5zh_pcjiDZyN7vv0trj5UDBOfXp6A6yDdVCZDLntgw1fU3cFSjPQkk9KQHnU3B61bkLQfoyQzysiefB82Ptf7tgkHDqlDwNpUT-HhYPOr8yGKxD6XavtgIfsW9hLPfGy6Eg7POsGHDyXrIDrl-Q3HM2CPoByeL43H0wIklCdbe8Oi3VnfKa-ysGjLB8YuAZHOJ1GH9feOxFphmcHE5C1R15rcPdnXSOaBI5bIJdJ24pIfAlNmGjXSMHU5LOiBm3FvCi_WzotJKxeRPjMBRmqQXw2CJ-xhFGGFqGRfJvoa9m8XKb1YpXzx-pqcpzDJ1z2xz3TT7gvObi5U-9ZaRtzNHY5g0UI3W-JeYjC-67Ir74mltDpXojdx-fWG5c-3OoX5bNJrCh1ifbQKFn3wLDAMdUHk4h8GO5eJdP_1xvJFal0SWZnwnMbty2AAd7EeFcSQNkjdK9BViqFo7OLLh8tT-j9k1fNnccza4M9jN94NEEjXRxU2KYhSGjdKL0fMJCfYA1y-3MMi7WbwEg7QiH-0AY_vQCu75j7vBtrwhjVpIK4kpBpNLYx5ucqLMe1RXt3PkE-xY0Jr5LRtwDq6MjeLrCjP0JaBL9o55o2DGPN-MNndM5YSCiZbri6ms7kJ0DADuZxiWkZDISrZlE_RZ4-8\", 4, 0)", "new EmuController(\"6003087448525-id_4dc09ff0612184c51197177\", \"AQAVDQezDWg8RCTH6EnPLCILHIX4upfP5v0NJ_-npYstbN0e4SWpCrfbYAQRM_9dVfozxS89XSxUt1jgEQpRbTHE3sfkcngkwyKIjKGhmIS8rKfDX_gP4ER0NnVJlJyX6FaGRul0h2UUYxnxj3uaIsq7LzcI36r4lBTXBg1THtRC2pZ1MuUzvkTlYlwh4B-c5lXwt-6nKTTMdoZsTRsUDG_JTAPHeTV0-FYMr-1roaJpR_j--aw_MxJ6NxFEbTvkyL4QVN-ZRpWfeovChdYk4j_cgxoxRE-qm-u_hYcVbbtVrQXq0kVtHHhX8ijyeLt-4kZcM6gfnHpfBkB06z69adcA9rzWLA6VEo4_OFthPtc2SydkBs6DyAx51mAG3mBgnXXBJciYrQzWM-vSvODcV1dKTb5tSxO81Uswl-3Uo9Jf_VzfUgoKdeHyQeem31WMUmYm9kxCOVvKy4p7sE09GQoAfPBoz4MOrAgs3MFBFzpwIvKyZGvE6cX8haiK4POdP1zrEnMLFDyF0HRAaxfl4gKYw9kpGOtkrwezzU_biPYxV26-sUjXvPGx87WAZszqlIosXOJVux33eJD3V5bDcFD06Faze9OE5Segl4Tdmd0VZs73lt4PGXfF90QLCqZeUuNUUCkhRRRsP99SdW99Ghx0JncIQDpfX3fByce58jmKSCFWjcHy5qTPlryVI3KVow-XMLiguVmdbicCBGq-7im00hCmjH2-5HCuQnhHafNHUSZzZiHTg4KaTqvIMTfQIXs\", 4, 0)", "new EmuController(\"6003788660296-id_4dc09ff0612299683640305\", \"AQCvUWOfDiphu5NGe7r6dBna_IEvTbjrshIpxmOlMO3jwk650AHb_T03II0mnzLwpdy617kQMD8n8RIE_YqIE1hNxxoZL4M4ba8QiPz6h-u003c\/h4>\JW8WSPFBt1RSMeJQV7swF6HWeAm3Ew0fphxMwpdYDIu2fbEGLujVFCKwtMCzN6As6berB8z7iOoWdsAFulXLBLvHID0-Dn0_qCxF-AKl0b9s8cWBwF9fG1oI0r1TNQZGILLW8daCOkkjhpCUOHkXI6PFxyw5CXYLSmnVAxpvougwh7vt-NV3RWPuYnLN1QOvf07q2DRv-2wY1JUexmcWl6f5zquDJfEW3CxlluJ76eKZowfiGW-V-1M9K9whgfALkEjGDA-JM9P_lfXaukcmDDwAIHLFwG_7a9jNP4XmbLUyQEhUesxkImM5z7IAzt-HBIbtDfD8kHt50AG3nm3GEHv-yChqKMWqmcuzyYgmMGaXXKCd9Pb2a_pcF-QR_YIg2qgptFnn82D7Bb9Tedmce-FveNix9Ej7_fwr-IAncYwABNrs9zX34TkbLgvqhvH9RayLDXO7GnGWB_I4jorTbmNvpxf0rG8aXp3udXdNTEZAjmU3Yp1TOySAXY2Z5Ju6oYS51-tQ2SZIihYsa49TxQdSHet9vO4tjY_7rwT8Cou_TrmFWwZXuQTGwfUByP9Cl6wrUNhHeW3zbrB-BAxofxqcGQ44C7HPsvVTdkSOKhx60zaWaaBnDZ87QjEAgNJ-NjN8EqO_jMq3ig2Vn2CKzBhhQ\", 4, 0)", "new EmuController(\"6002985380734-id_4dc09ff06123a8641112115\", \"AQBkHx98vGQ8Bn2h8R42L-S1OQfGO1ksTR41Mds3V7wEwzKNgBG4H2o-EHRvRSd9SsIPGChah-NHU5Jt_wbtng06_Dw0U0WkxfBkFx374OINZj69o69sPYmoQZlY2xsClxS0T2t_h7zs9RzX4NpvYtSL6I3MALL0CsWS0KLv-CQHUF-IWpeNj6uGLG4efTFLBBMeQM0-Wr1IWYXU6oQZJRPwS7trOw4xW56wGBnhGPv1KRwr8ITU4NGUZlBKrUNRvx1SeyFn4MYNCrzXG0W_HxsWWv_ekTeDefvMF0gHZNDgcA07-FLEYxfCEzBL498OERPhoyBsmFE9fGbOY1EcO_LB_moqIncJF-TosooObw7f4BMZwHMxfGgju_UKndyeRq_l3pcTkSyjhbZY5-1sjojM8AI9VxCLdQms5QA7lvflmdPpwXS3b8UmCNfEtIy4iGED7yL7p1CKAKgJcO4jzmJ3Epk9tK38zy3Nv5yGB0-63dwjcvZMoTJMa545d2Vgs7J5_OiD6gA5fX4oB84m1dcI5e2G6AgzXAsWTUSuIGliPQr2oFjaz2mOzepyCvoatPjr1rtDkX_xNK9S27jXSuu9k0tiKCOkPsdccPO6235zCT0HeiPI0sHsUTpDmiFXHyFx0r_Kus5iCU5CjKjX1okSuKQL7WM5HTBvYRCAbPNthqa9oNDDNmwNG-Im7wNZHEw4ZZuXpqg4UolyUZAkY7dKBRvGmK0sSGSIjIISOq1e6zBdekf7OlZ5yLnCwhAI_5E\", 4, 0)"],
"onafterload": ["new EmuTracker(\"6002939839588-id_4dc09ff0611f60c83869379\", false)", "new EmuTracker(\"6003087448525-id_4dc09ff0612184c51197177\", false)", "new EmuTracker(\"6003788660296-id_4dc09ff0612299683640305\", false)", "new EmuTracker(\"6002985380734-id_4dc09ff06123a8641112115\", false)"],
"refresh_pagelets": ["c4dc09ff06275f0732488206"],
"content": {
"pagelet_ego_pane": "\u003cdiv id=\"c4dc09ff06275f0732488206\">\u003cdiv class=\"ego_column egoOrganicColumn\">\u003cdiv class=\"ego_section\">\u003cdiv class=\"uiHeader uiHeaderTopAndBottomBorder mbs uiSideHeader\">\u003cdiv class=\"clearfix uiHeaderTop\">\u003ca class=\"uiHeaderActions rfloat\" href=\"\/l.php?u=\u00252Ffind-friends\u00252Fbrowser\u00252F\u00253Fref\u00253Dpsa&h=1ef37&cb=3&p=AQCicK3gLdJTaaW2xZUw3DWp7N89P5QwZvSEfn3y2vOqjXyzr60nDcHEPY7Y9x7LpK9-J5evLB7_Dwm9F4d0k5i9sQ-CXiH_GXc-toIfka4dUSK_\">See All\u003c\/a>\u003cdiv>\u003ch4 class=\"uiHeaderTitle\">People You May Know\u003c\/div>

That GM script is not removing the script node, it is just "hiding" it -- which would never have an effect.
It is possible for GM to actually remove that script node but, alas, this will not happen before the node has run. Deleting it after that will not stop the operation, as the JS is already loaded into memory.
The easiest thing to do is to delete the container that is displaying the PYMK cruft.
I don't use Facebook, but from your code it appears that the container might have the id, "pagelet_ego_pane". In which case, you could delete it like:
var PYMK_Container = document.getElementById ('pagelet_ego_pane');
if (PYMK_Container) PYMK_Container.parentNode.removeChild (PYMK_Container);
You could also try to delete the annoying function, which may or may not be possible. The function appears to be set with that new UIPagelet(\"c4dc09ff06275f0732488206\" code. So, if you can find the corresponding function, you can try deleting it with:
unsafeWindow.OffendingFunctionName = function() { return; }
If that works, it may cut down on the JavaScript "churn" that might slow down that page.
As for stopping your name from showing up in other people's PYMK, that is something that is done by the Facebook servers, there may be a user setting that they have, otherwise you'll have to send Facebook a "sternly worded letter". ;)

A simpler way to do it would be to just add a user style sheet that hides the offending nodes, no javascript necessary.
However if you want a simple method that just works "out of the box" for hiding the "People You May Know" box, the FB Purity browser addon (also available as a greasemonkey script ) has an option for hiding the PYMK box, along with options for hiding most other boxes / links on the site.

Related

Detecting if browser extension popup is running on a tab that has content script

There a few similar questions, but none of them have really gotten at what I'm asking.
I have a browser action popup. In the popup, I want to display settings if you're on a page where the content script has been injected (i.e., any page that matches the matches key within the content_scripts in the `manifest).
If I'm on a page that doesn't match the content_scripts matches pattern (and so wasn't injected), I just want to display a generic message "this plugin activates when you're on so-and-so sites".
What is the cleanest way to do it, without adding any unnecessary permissions?
It seems like one option is sending a message to a content script in the active tab, and seeing if I get a reply, but that seems really.. hacky. I should be able to know just based on a regex if I'm on one of the domains that matches my content script.
I'm looking for something that works in both manifest v2 and v3, btw.
TL;DR;
What's the simplest way to display a "you're on a page that matches your content_script" or "you're not on a page that matches your content_script" in a browser_action popup?
I build chrome extensions full time for an agency and have had projects where I needed to do exactly what you're asking.
The solution can be implemented w/o any permissions whatsoever. I built mine locally with an empty array for permissions. (for mv3)
for popup.html just create 2 divs and have them default to display none.
<div id="unsupported" style="display: none;">Ooops! This is not a supported site.</div>
<div id="supported" style="display: none;">Wohoo! This is a supported site!!!!!</div>
for your script.js, wait till the popup loads then query the active tab in the current window and get that tab's ID to send a message directly to it. If the tab is supported with a content script, it will send a true response (see last code snippet). If it wasn't supported, it will be an 'undefined' response.
async function setUI() {
let tabData = await chrome.tabs.query({ active: true, currentWindow: true })
let tabId = tabData[0].id // tabs.query returns an array, but we filtered to active tab within current window which yields only 1 object in the array
chrome.tabs.sendMessage(tabId, {
'message': 'isSupported'
}, (response) => {
console.log(response)
// response will be true if the message was successfuly sent to the tab and "undefined" if the message was never received (i.e. not supported w/ your content script)
if (response) return showSupportedHTML()
// else
showUnsupportedHTML()
})
}
function showSupportedHTML() {
document.querySelector('#supported').style['display'] = ''
}
function showUnsupportedHTML() {
document.querySelector('#unsupported').style['display'] = ''
}
window.addEventListener('DOMContentLoaded', () => {
setUI()
})
Lastly, in your content script, add a message listener to receive the message 'isSupported' that comes in from your content script. If the content script receives that message, have it send a response back with 'true'.
chrome.runtime.onMessage.addListener(function (request, sender, sendResponse) {
if (request.message == 'isSupported') {
console.log('run')
sendResponse(true)
}
})
Now, this of course only works for manifest v3 because as far as I know you can't use chrome.tabs.query for mv2. However, I recommend this solution as I've implemented pretty much this exact same code in other projects for clients and it's never had any issues.
I could look into a solution for mv2, though using the "activeTab" permission would be the right way to do it, I believe. Now, if you really don't want to go that route then you could implement a rather hacky solution. For example, you could use window 'focus' and window 'blur' events to see when a user has entered or left a tab. Then set a local storage variable every time a user enters / leaves a supported page. The order of operations for blur and focus is always blur => focus. So, when the blur event occurs you set a local storage variable to false. However, if you leave a supported tab for another supported tab then the 'focus' event will trigger immediately afterwards so you can set that same storage variable back to true.
Now, your content script will load after the tab has been focused so you'll need to add a function for when the page loads. You can run something like document.hidden and if that returns true, do nothing because the user already left this tab. If it returns false, then the user is still on the tab and you can set your local storage variable to true.
When the user opens the popup, you'll check that local storage variable and if its true or false, you can set the UI accordingly.
Let me know if the mv2 solution made sense or sounds too hacky. Happy to look into it more! :)
edit: Here is the code for mv2, I tested it and it does work and without any permissions, other than storage which is not an invasive permission.
Script.js for the mv2 popup:
async function setUI() {
chrome.storage.local.get(['isSupported'], function (response) {
console.log(response['isSupported'])
// response will be true if the message was successfuly sent to the tab and "undefined" if the message was never received (i.e. not supported w/ your content script)
if (response['isSupported']) return showSupportedHTML()
// else
showUnsupportedHTML()
})
}
function showSupportedHTML() {
document.querySelector('#supported').style['display'] = ''
}
function showUnsupportedHTML() {
document.querySelector('#unsupported').style['display'] = ''
}
window.addEventListener('DOMContentLoaded', () => {
setUI()
})
code for the content script in mv2:
if (!document.hidden) chrome.storage.local.set({'isSupported': true})
window.addEventListener('blur', () => {
console.log('left site')
chrome.storage.local.set({'isSupported': false})
})
window.addEventListener('focus', () => {
console.log('entered site')
chrome.storage.local.set({'isSupported': true})
})
Let me know if you have any additional questions.
Disclaimer: I have no prior browser extension development experience and am just going by the docs. I might be spouting nonsense or giving an answer that is plainly against your requirements, but that would be out of ignorance and not malicious intent. If you find my answer problematic, comment, or cast a vote and move on.
According to MDN, the activeTab permission allows to read the active tab's Tab.url property. One solution could be to request that permission, and then use that API to get the active tab's URL, and then use the same regex from the manifest.json's matches property to test for a match, and then use that information to modify your extension's browser_action UI.
You should be able to read the matches property from the manifest file via the .runtime.getManifest() API. MDN docs, chrome docs.
Snippet to get active tab in a background script: tabs.query({active: true}). (link to MDN docs). A content script should instead use tabs.getCurrent and the Tab.active property of the resolved result.
If you don't want to request the activeTab permission, what you're suggesting with the message-passing between the browser_action scripts and the content scripts might be the right way to go, but I don't know for a fact. The tabs.onActivated event would probably be useful with this approach. Note that to send a message from a background script to a content script, you need to use tabs.sendMessage (MDN docs, chrome docs) instead of runtime.sendMessage.
Another possible (maybe?) approach would be to listen for the tab change in the content script and then send the notification message from the content script to the extension's background scripts via the onfocus event (or similar events), and runtime.sendMessage.
If you go with a messaging-related approach, you might want to put a condition in the content script to only do messaging if the content script is in the top frame of the tab (Ie. iframes don't do messaging), since only one frame of the tab really needs to do this kind of messaging when the active tab changes, and content scripts can be applied to all frames in a browsing context.
Of these possible solutions I can think of, I don't know which is best for you, since you want both minimal permission requirements and a simple/clean approach, and each seems to be a tradeoff.

How to get all-contributers github app to render table of contributors and badge?

I'm using https://github.com/all-contributors/all-contributors, and I've gone through every detail I can on their documentation https://allcontributors.org/ as well. And been trying different things for the past 2 hours but I can't get this app to render the table of contributors. Their documentation is incredibly poor.
I have:
{
"files": [
"readme.md",
"docs/authors.md",
"docs/contributors.md"
],
"imageSize": 100,
"contributorsPerLine": 7,
"contributorsSortAlphabetically": false,
"badgeTemplate": "[![All Contributors](https://img.shields.io/badge/all_contributors-<%= contributors.length %>-pink.svg)](#contributors)",
"contributorTemplate": "<img src=\"<%= contributor.avatar_url %>\" width=\"<%= options.imageSize %>px;\" alt=\"\"/><br /><sub><b><%= contributor.name %></b></sub>",
"types": {
"contributor": {
"symbol": "❤️",
"description": "Contributor ❤️",
"link": "[<%= symbol %>](<%= url %> \"<%= description %>\"),"
}
},
"skipCi": true,
"contributors": [],
"projectName": ".github",
"projectOwner": "owner",
"repoType": "github",
"repoHost": "https://github.com"
}
I then use #all-contributors add #somename to code and it does correctly add it to the .all-contributersrc file, however it doesn't render the table in the readme.md.
I've also tried to hardcode the list in readme using:
<!-- ALL-CONTRIBUTORS-LIST:START -->
<!-- ALL-CONTRIBUTORS-LIST:END -->
But no luck, nothing happens.
I also can not get the badge working. I can hardcode the badge and display "a" badge, but it never uses the above template badge with dynamic contributor length. So it's also not injecting the badge or using that template badge at all.
How can I get this bot to correctly show the badge and show the contributor list and generate the table in readme.md?
Note: I'm not interested in using node or running some generate command manually locally, then it defeats the point of using that app at all, then I can just as well do it myself. According to their documentation it should be generating the table automatically on first contributor, but it does not.
Also when I go to https://raw.githubusercontent.com/all-contributors/all-contributors/master/README.md in raw view, I can see:
Which tells me it has to be generating that table somehow, but it doesn't seem to work.
You can try and emulate other repositories using the same bot, like:
AtlasFoundation/AvatarCreator with this commit.
mrz1836/go-nownodes and its own .all-contributorsrc file
As an alternative, the estruyf/vscode-front-matter does include its own contributor list, using this commit which calls contrib.rocks.

user_work_history with Flex and the ActionScript SDK

I'm working on a sample app for Facebook, using Flash Builder and Flex.
Now, I've got everything up and running - but there's one problem, specifically with the work history part.
When I try to display the user's work history..here's the code for logging in:
protected function login():void
{
FacebookDesktop.login(loginHandler, ["user_birthday", "user_work_history"]);
}
Here, loginHandler's a callback function, that then goes ahead and displays data about the user:
protected function loginHandler(success:Object,fail:Object):void
{
if (success){
currentState = "LoggedIn";
fname.text = success.user.name;
userImg.source=FacebookDesktop.getImageUrl(success.uid,"small");
birthdayLbl.text=success.user.birthday;
workLbl.text=success.user.work;
}
}
Now, the problem occurs with success.user.work - it ends up printing the following:
[object,Object],[object,Object],[object,Object],[object,Object]
Obviously, I'm doing something wrong..but I can't figure out what exactly it is. Would be grateful for some pointers!
Thanks!
Rudi.
The object contained in success.user.work is most likely an array of objects, each item representing a work period, so you'll have to treat it as such. Either use a list and a custom renderer for each item, or create a string by iterating over the array, and appending the fields that you're interested in.
To see what the individual objects contain, either use a breakpoint during debug and inspect them, or check to see if they're documented in the facebook development documentation.

CKEditor: how to remove a plugin that has been added?

I'm just beginning to use CKEditor, but have a hard time understanding the plugins system.
I was able to add a simple button that says 'Test' when you click on it with :
var myplugin_function = function () {
alert('Test');
}
var plugin_name='myplugin';
CKEDITOR.plugins.add(plugin_name,
{
init:function(c) {
c.addCommand(plugin_name,myplugin_function);
c.ui.addButton(plugin_name,
{
label:'This is my plugin',
command:plugin_name,
icon:this.path+'myplugin.png'
});
}
});
I know this code should be executed only once, for example in a plugin.js, but that's not how I use it. The CKEditor instance, including my plugin code is executed each time the Ajax-page is loaded.
That's why I use this to remove the instance, if it exists :
if (CKEDITOR.instances['mytextarea']) {
CKEDITOR.remove(CKEDITOR.instances['mytextarea']);
}
Then I use the jquery way to create the ckeditor from a textarea:
$('#mytextarea').ckeditor();
But the 2nd time the ajax-page loads, I get an error about the plugin already being registered. So I need a way to remove the plugin and be able to add it again.
Is this even possible?
UPDATE
This seems to work :
I now check if the plugin is already registered with :
if (!CKEDITOR.plugins.registered[plugin_name]) {
}
around the CKEDITOR.plugins.add(b, ... part
You are not showing how you are adding the plugin, so it's hard to tell what's your exact problem; but from the code that you have provided I can suggest that you use variable names better than "a", "b" and "c". It's quite harder to understand the code this way.
Also, CKEDITOR.remove just removes the instance from the instances array, but it doesn't really clear the used resources, you should use CKEDITOR.instances['mytextarea'].destroy( true ) instead

Is it possible to only post fxml comments without letting a user enter a comment by themself?

Im want to let the user to see the comments done to a topic without giving him the opportunity to enter a comment by his one! Is this possible with fxml? canpost="false" doesn't work for any reason...
Is this possible at all?
Thanks
Markus
Well lets take a look at sources. If we open http://connect.facebook.net/en_US/all.js it has the following piece of code:
FB.subclass('XFBML.Comments', 'XFBML.IframeWidget', null, {
_visibleAfter: 'resize',
_refreshOnAuthChange: true,
setupAndValidate: function () {
var a = {
channel_url: this.getChannelUrl(),
css: this.getAttribute('css'),
notify: this.getAttribute('notify'),
numposts: this.getAttribute('num-posts', 10),
quiet: this.getAttribute('quiet'),
reverse: this.getAttribute('reverse'),
simple: this.getAttribute('simple'),
title: this.getAttribute('title', document.title),
url: this.getAttribute('url', document.URL),
width: this._getPxAttribute('width', 550),
xid: this.getAttribute('xid')
};
...
It is a list of parameters that are getting passed to actual widget iframe.
Bad news is that there is no such parameter as canpost anymore even though it is still listed in their docs (anyone surprised?), so it just getting ignored.
Good news is that css parameter could be still supported. In good old days they allowed you to pass custom css (in a form of absolute url, http://mysite.com/style.css), but I doubt it still works. Try to create your custom css style with comment box hidden (check comments iframe for required class name) and pass it. If that doesn't work then there is nothing else you can do I'm afraid.