I would like to write a google chrome extension to intercept http traffic and to create graphs similar to how network tab does it. Is there API available to do this? I found there's WebRequest API: http://code.google.com/chrome/extensions/trunk/experimental.webRequest.html but it says it is still in experimental stage, I wonder how stable it is at this point and if there're any good samples that use it. Thanks!
Experimental is just that. Experimental. It could have breaking changes in an release of chrome. The other downsides of experimental is only being available in the dev channel of Chrome (or more unstable such as canary), extensions using experimental can not be uploaded to the Web Store, and user have to have the enable experimental extensions flag.
If you still want to use the experimental webRequest API I wrote a simple example in another answer.
Related
I'm currently developing a Chrome extension and planning to publish it on Chrome market. I'm aware of open-source community benefits, however, do not want to share the source code and a bit worried about copyrights. Currently, the plan is to minify and obfuscate the source code before publishing. So the questions is:
Does Chrome Market accept extensions with minified and/or obfuscated source code?
Thanks in advance! :)
Any existing answers above have been rendered obsolete by the terms change on January 1st, 2019. This change was announced on October 1st, 2018.
In summary:
Google Allows minified code.
Google disallows obfuscated code.
The specific policy, available at https://developer.chrome.com/webstore/program_policies, is as follows:
Developers must not obfuscate code or conceal functionality of their
extension. This also applies to any external code or resource fetched
by the extension package. Minification is allowed, including the
following forms:
Removal of whitespace, newlines, code comments, and block delimiters
Shortening of variable and function names
Collapsing files together
2019 Update:
Google allows minified code, but not obfuscated one. See Brian's answer
Original answer:
Yes, you can use obfuscation tools (like jscrambler) before publishing your extension. I don't know if that may delay the publishing time, but I know for sure that are some published Chrome extensions with obfuscated/minified source code.
I, for instance, minify the code of my extension (LBTimer) with Google's Closure before publishing it.
It looks like they don't approve minified and obfuscated code. You can check thread on the Chromium Google Group, from April '16.
https://groups.google.com/a/chromium.org/forum/#!topic/chromium-extensions/1Jsoo9BPWuM
No, you cann't. This is email I received from Google Chrome Team: All
of the files and code are included in the item’s package.
All code inside the package is human readable (no obfuscated or minified code).
Avoid requesting or executing remotely hosted code (including by referencing remote javascript files or executing code obtained by XHR requests).
You can get a more specific answer if you contact the Google Chrome team.
Update with own experience:
I wasn't able to submit a build obfuscated with this javascript-obfuscator (more specifically, gulp version in my case) They were complaining about "your code is suspicious" so I guess something triggered an alert in their system.
However uglyfy worked for that - I still had to figure out a way to rename all the prototype functions as uglify doesn't seem to do that (or at least I wasn't able to find a way to do that)
Original answer:
To sum up, it seems like chrome extensions are allowed to be minified and obfuscated.
For more details, keep reading.
First of all, there are two different terms - chrome extension and chrome app and different rules applies based on that. Chrome app has more strict requirements and it seems like mcastilloy2k's answer is suitable for chrome app (at least it looks like it is based on the available policies for both).
And regarding the below google's answer:
Avoid requesting or executing remotely hosted code (including by
referencing remote javascript files or executing code obtained by XHR
requests).
If it's for chrome extension and not for chrome app that seems strange as per the extension FAQ from google which explicitly states that extension is allowed to make external requests to execute custom API aka 'remotely hosted code':
Capabilities
Can extensions make cross-domain Ajax requests?
Yes. Extensions can make cross-domain requests. See this page for more
information.
Can extensions use 3rd party web services?
Yes. Extensions are capable of making cross-domain Ajax requests, so
they can call remote APIs directly. APIs that provide data in JSON
format are particularly easy to use.
Can extensions use OAuth?
Yes, there are extensions that use OAuth to access remote data APIs.
Most developers find it convenient to use a JavaScript OAuth library
in order to simplify the process of signing OAuth requests.
Another discussion in this google groups thread shows that rejection might not be connected with obfuscation at all:
Eventually, these are the things I needed to do to get my extension
passed (but I keep my fingers crossed in case some other validation
test still has to be performed):
I created a privacy policy and added a link to it on the Google Chrome developer dashboard.
I explained in more detail what my extension is doing. It seems that Google needs this to have a better understanding of the extension.
In the description I explicitly stated how the extension handles personal or sensitive user data.
Eventually that was enough to get the extension
pass the checks even with minified & obfuscated code (but remember I
keep my fingers crossed).
Moreover one can always go and check existing extensions out there, like Grammarly for example, who has obfuscated code (to some extent at least) and who uses external API.
I want to detect whether a browser supports the Ember.js library. If not, I will show users a message to let them download the latest version of their browser. How can I do that?
There is an answer to a similar question contributed by an Ember.js core team member.
In it, he states that the majority of the browsers on browserstack.com are supported, meaning they do thorough testing.
Rather than show the message based on a functionality test of the user's browser each time they load your application, I suggest you instead build a list of known incompatible browsers (anything older than what is on BrowserStack would be a good start) and expand it based on monitoring your access logs or reported issues from the likely minority users on unsupported browsers.
That "blacklist" approach would serve most efficient, as Ember.Js and other libraries like jQuery are usually designed to continually support all new browsers.
Does anybody knows if there's a browser whith Web MIDI support? ... I've tried the samples on http://webaudio.github.io/web-midi-api/ but they throw me an error that my navigator has not such properties. Im working on google-chrome and firefox. If, there's no browsers that support MIDI, when do u estimate we will have one, maybe in the next 2 years?
According to this posting (dated June 28th 2013), "initial experimental support" for Web MIDI is now available in Chrome Canary.
As of now, there are no browsers that support the Web MIDI API yet. First off, the spec isn't finalized yet and there were a couple of changes made from the original spec (function names and procedures could change anytime).
You can, however, enable your browser to support the API by installing the Jazz plugin and using Chris Wilson's Web MIDI API shim. I have personally tried it and it really works! :)
As of writing this, Web Midi is now available in regular Chrome (not just canary), though it is still an experimental feature, so it must be enabled manually at chrome://flags/#enable-web-midi
try this one, jasmid to play midi files directly on chrome/ff, no plugin needed
One of the authors of the Web MIDI API has created this shim, which enables you to work with the Web MIDI API in today’s browsers:
WebMIDIAPIShim
https://github.com/cwilso/WebMIDIAPIShim
I'd like to start developing Google Chrome extension using node.js (since I've already written a "text-to-song" script in node.js, and I'd like to turn it into a Chrome extension.) What would be the most straightforward way of approaching this problem?
Actually it is. Look at this Developers Live-cast. This is something I've been looking for as well, and this would help you.
This brings your node applications bundled to your browser.
Here is the repo!
EDIT:
I've noticed that this old answer of mine keeps getting upvotes now and then (thank you all).
But nowadays I'm more an advocate of using web apps instead of bundling your application into many platforms like the chrome store or whatever.
You can check the google's post here and here indicating some directions.
In practice I advise for you to start building a progressive web app (PWA) with offline capabilities using service worker and progressive stuff.
There are plenty of resources around the web nowadays and you can offer a much richer application that may achieve a much broader audience if you do it the right way.
Thanks again, and good coding.
Simple answer is NO, unless you can find a way to install node.js with an extension using NPAPI.
Nodejs and a Google Chrome Extension do have a couple things in common i.e they both understand javascript and they both use the v8 javascript engine.
Google Chrome Extension
"Google Chrome Extensions are small software programs that can modify and enhance the functionality of the Chrome browser".
To develop a Google Chrome Extension you should write some javascript and or html/css.
Then you can run the extension in your browser.
If you wish for others to download your extension you will have to provide config.json file that describes you extension sets permissions etc.
Nodejs
"Node.js is a platform built on Google Chrome's JavaScript runtime for easily building fast, scalable network applications".
To develop applications in nodejs you write some javascript and or html/css for web applications.
If wish for others to use you application you start you nodejs server and listen for incoming requests.
Summary
Despite some of the similarities a Google Chrome Extension and Nodejs have nothing to with each other. You cannot use them together in some special way outside of the normal client/server communication.
You can use a WebPack (GitHub) or Browserify (see handbook) to build web-browser extension based on the node.js code.
With Browserify, to convert your code, you can simply run:
browserify node-code.js -o node-code-out.js
Read more:
Browserify vs Webpack.
Build a Chrome Extension with Preact and Webpack (see: Preact Chrome Extension Starter).
I am playing with the Chrome Experimental API and having a little hard time making it work. Do I need to have the devtools open for the chrome.experimental.webRequest to work?
No, you need to enable experimental API on chrome://flags page and declare experimental permission in your manifest. It's all described here.