I've recently been tasked w/ researching and possibly developing a solution that loads a destination web page, loads our script, and allows our script to perform a set of actions without running into cross browser security issues. For instance, our injected
script would need the ability to call other functions declared in the page, traverse the loaded DOM, and generally interact with the page as if the destination page mounted the script.
The last big goal is to automate all of this on the server. We'd need a windows service to potentially mount IE and feed it a url we want it to load along with our script we intend to inject.