You have less worries
Yes, the sky is blue

A browser-agnostic plugin system?

13 March 2009, by Ben    16 comments

[Update: I've wrongly been calling extensions "plugins". So this post is actually talking about extensions, not plugins.]

Chrome: Where are my plugins?Lately I’ve been browsing with Google Chrome.
It looks and works great, and it’s quick. But it doesn’t have plugins.

One of the few plugins I can hardly do without is the Blank Canvas Gmail Signatures add-on. Gmail doesn’t allow a signature per email address, which is a pity, but this add-on handles that nicely. It also allows you to use HTML in your signatures.

Anyway, while cycling to work the other day I thought of an idea for a plugin system that would work in all browsers. My idea was a web proxy running on your local machine that injects HTML or JavaScript into pages from certain URLs, Greasemonkey-style. With some clever regex-matching and JavaScript injection you could do just about whatever you needed.

But of course – a deflated ego later – similar things have already been done. :-)

Privoxy

First, I searched for “browser-agnostic plugin manager” and discovered Privoxy. It’s geared for privacy and blocking ads, but it can do content replacement based on regexes. For instance, there’s a built-in filter called tiny-textforms that makes your <textarea>s bigger, a bit like this Firefox plugin.

Privoxy looks good and is pretty complete, but it’s not really geared for plugins (though one of the Privoxy developers mentioned you could probably do Greasemonkey-like stuff with it). Also, Privoxy’s got a pretty nerdy configuration interface that just wouldn’t cut it for normal plugin users.

Proxomitron, Proximodo and BFilter

Proxomitron, Proximodo and BFilter are three similar web proxy filters that might well do the job. Again, they’re mainly used for blocking ads, and their GUIs aren’t really set up as “plugin managers”, so I’m not sure they’d work for ordinary users.

Plugins in Chrome

Google is talking seriously about extension support in Chrome – perhaps it’ll happen in the next few months.

Stop press! Apparently Chromium already supports user scripts – again, Greasemonkey-style) – but only in the latest developer builds.

Greasemetal

In the meantime, there’s also Greasemetal, which is a Greasemonkey-compatible tool that uses Chrome’s inter-process AutomationProxy communications channel. So it’s not browser-agnostic, but good work Kazuho Oku! I’ll probably start using this if Chrome doesn’t hurry up with their extension interface.

But what about browser-agnostic?

But back to browser-agnostic. Imagine if all your favourite plugins or Greasemonkey scripts worked in IE, Firefox, Safari, Opera, Chrome, and Lynx.

I don’t think it would take too much hacking to package up Privoxy as a plugin manager with a decent UI, or perhaps turn it into a browser-agnostic version of Greasemonkey.

Any takers, hackers?

Or maybe I’ll get around to it someday. I’ve got a name for my plugin manager already: Proxymoron.

16 comments (oldest first)

Pierre-Yves Gérardy 13 Mar 2009, 21:21 link

Why’s Mousehole was designed to be a scriptable rewriting proxy allowing universal greasemonkey-like scripts. The interface to that end is really nice, but the implementation is (or used to be?) a bit lacking : v1 was based on blocking Ruby IO, and v2 never got enough polish to be usable AFAIK. Things may have changed since th elast time I looked at it.

http://github.com/why/mousehole/tree/master

Philip Reynolds 13 Mar 2009, 21:35 link

I realise this is only specifically addressing the very first point and that isn’t the crux of the post, but if you want multiple signatures with Chrome, it might be worth coming at it from another angle.

Have a look at Texter: http://lifehacker.com/software/texter/lifehacker-code-texter-windows-238306.php

Phil.

Jean Vincent 13 Mar 2009, 22:46 link

We definitely need this, I hope you can make it happen.

Steve Spencer 14 Mar 2009, 04:02 link

How about Yahoo’s BrowserPlus? Write a service (or plugin) for that and you have Windows IE 6/7/8, Firefox 2/3, Chrome and Safari 3/4 covered, plus Firefox 2/3 and Safari 3/4 on OS X. Services can be native or Ruby — so you can write a plugin once and target both OSs with Ruby. No Linux support yet, but that’s probably just a matter of time.

http://browserplus.yahoo.com/

Ben 14 Mar 2009, 06:09 link

Pierre, Mousehole looks neat. The fact that it’s Ruby-based puts me off slightly, as it seems to me like such a tool should definitely be programmable via JavaScript, if anything. But thanks for the link.

Philip, good point — I hadn’t thought of that route. I could use AutoHotkey, too.

Steve, I hadn’t seen BrowserPlus. Wow! I’ll look into it. At first glance, the question that comes to mind is, “Why isn’t this more popular?” (Oh, the forums were started in Oct 2008, so I guess it’s pretty new.)

Denilson 14 Mar 2009, 06:11 link

Just as a note: Opera already supports user-javascript (greasemonkey-like).

David Vogt 14 Mar 2009, 06:29 link

Over the last year my team and I built a cross-browser and cross-operating system browser plugin framework. We’ve built a number of plugins using this framework and the plugins themselves run virtually unchanged on mac, linux, and windows using ie and firefox (haven’t done the other browsers at this point).

The hardest part of doing this is the huge disparity between functionality available firefox and ie… particularly if you want the ability to run native code as well. We ended up using a pretty unique approach that gives us 100% compatibility across all platforms and browsers but it was a real challenge. The nice part is that I now write my plugins on linux+ff and the same code runs completely unmodified on windows+ie.

greyfade 14 Mar 2009, 06:55 link

I guess not everyone is aware that the Netscape Plugin API for “windowless” plugins does the vast majority of this already, and it’s supported by all but one browser.

I”ll let you guess which.

Ben 14 Mar 2009, 08:18 link

Any links there, David, or is your team’s work all proprietary? Sounds interesting.

You’re right, greyfade — I wasn’t aware. I’ll look into it.

Francois 14 Mar 2009, 08:27 link

How would you do security?

Have you seen Google’s Caja project, it’s a java implementation for taking foreign javascript and ensuring that it doesn’t do anything it’s not supposed to(Basically Contract/Capabilities based programming)

Bhasker V Kode 14 Mar 2009, 08:55 link

Nice to stumble upon this post . All though i had’nt tried solving all the problems with a browser-agnostic plugin system – i came up with the The Returnable Project, where the URI of links infact decide the behaviour, the content type ,and then the delivery & other params.

Webpages / Browsers or even jsLibraries could then search/xpath for links that start with events (onhover, onload ) and then perform those fairly straight forward syntax as suggested in the project.

hover.in (the startup i’ve co-founded) as a matter of fact lets publishers push events to the cloud, and saves this metadata for them,and make interesting applications come alive. ( demo on http://hoverlet.com )

Keep Clicking, Bhasker V Kode

David Vogt 14 Mar 2009, 09:10 link

Unfortunately the implementation is not available because we developed it for a customer. It’s fairly extensive beyond just typical DOM manipulation stuff… For example, if you write to the framework interface then you can package up your plugins and deploy them centrally from a server (like AMO) but across all browsers and platforms. Also, plugins are decomposed into smaller units called filters which allow a single plugin to really be constructed from a collection of independent or cooperative components but managed as a single entity. The package manager does automatic dependency resolution and dynamically downloads and installs the dependent components, etc..

There is threading and IPC which makes background processing quite simple, preference management interfaces, high speed keyword and substring/phrase matching engine, platform independent virtual filesystem for unified local storage and remote content access, localization resource management, native code interfaces, etc… It’s actually an interesting bit of code.

We can do some rather interesting stuff with this. For example, since we provide access to raw sockets we have a plugin that maintains a persistent connection to a remote service that provides real-time data feeds without the tricks normally required for ajax style polling, etc…

Dan Kegel 15 Mar 2009, 04:41 link

David Vogt, that sounds interesting. What’s your company?

Lloyd Hilaiel 15 Mar 2009, 12:39 link

Ben, “why isn’t BrowserPlus more popular”. Damn good question. We’ve been running around the conference circuit, talking to people, and spreading the word, but it’ll take a few high visibility applications of the tech before people will hear/care about it.

We have specifically talked more and more about extending the thing to support what you propose, cross browser greasemonkey scripts. Basically formalized bookmarklets. Or “greasemonkey for end users”. Make it trivial to install the things, and develop a solid trust model.

At the last addoncon most major browser vendors were challenged to answer these questions (why not more cross browser standards?), you can watch the video here: http://developer.yahoo.net/blog/archives/2008/12/addon-con1.html

My hope is that when we get the platform open sourced, we’ll see more update, collaboration, and platform support. Maybe explorations into this idea of cross browser greasemonkey.

Parting shot, a catalog of open source services for browserplus http://hackthebrowser.org/

lloyd

David Vogt 16 Mar 2009, 06:09 link

The company is Kondra (http://www.kondra.com : disappointingly generic site with no real information other than directions to our office as we wait for the new site to get finished… ;)

Adam Hepton 19 Mar 2009, 23:27 link

Call it whatever you like: you ain’t having my domain or twitter name :)

Add a comment

We reserve the right to edit or remove your comment if it’s spammy, offensive, unintelligible, or if you don’t give a valid email address. :-)

We’ll never share your email address.