I want to know if i write a Google Chrome extension, will anyone be able to use my code?
It looks like people will be able to see your code. If they can see your code, they can potentially use it.
Windows: C:\Documents and Settings\%USERNAME%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions
Linux and Mac:
~/Library/Application Support/Google/Chrome/Default/Extensions/ or
~/.config/google-chrome/Default/Extensions/
The source code is available for inspection/debugging/experimenting & whatever people might want to do. You may try to use a JavaScript obfuscator.
Since Chrome Extensions are written in JavaScript, and everyone can open the Inspector and see the resources for every extension then, yes, everyone can see the source of your extension.
This doesn't mean they'll be able to use it.
If you obfuscate the code or use similar techniques to make the code less readable then you can avoid that others look into how your extension works. But as said, they can still use the Inspector to analyze the extension.
If you must hide the secret algorithm in your extension, then you could use a server back-end to handle the secret stuff, completely avoiding anyone can look at your code.
Although the question has been posted long time ago, and received some answers (none accepted), I am adding my answer to complete previous answers.
Open-source, referring to software, refers to a «source code made available with a license in which the copyright holder provides the rights to study, change and distribute the software to anyone and for any purpose.» (source: Wikipedia)
Unless explicitly stated, software is copyrighted by the author. Even if you have access to sources, without an explicit permission, you can't read it. It's as if you find opened the door of a house; you have the ability to look into it and even walk in. But you don't have any rights to do it, and doing it is likely to put you in trouble.
Everybody can view source code of your extension because it's written in javascript. Nobody has the right to reuse, change and/or distribute your code without your explicit permission.
Moral of the story: never put any sensitive data in your extensions, because it's extremely insecure.
About Open Source, I suggest to read also the Open Source Definition by OSI
Even though Chrome extensions' source code are accessible by the public, it doesn't mean all Chrome extensions are open source. Actually, you don't have the right to copy/reuse/modify their source code either partially or completely, without their authors' permission, except when he/she has announced that it's open source.
Every Chrome Extension gives the user the following rights by default:
5.2 You grant to the user a non-exclusive, worldwide, and perpetual license to perform, display, and use the Products and any content
contained in, accessed by, or transmitted through the Products in
connection with Google Chrome. If you choose, you may include a
separate end user license agreement (EULA) in your Product that will
govern the user’s rights to the Products in lieu of the previous
sentence.
Read the whole agreement here: http://developer.chrome.com/webstore/terms
That doesn't mean that the user has the right to alter and/or distribute your code, but as others have pointed out, they will be able to see your JavaScript if they want to.
I am not sure whether they are open-source or not, but you can easily see the code of any chrome extension.
It is also up to the developers how their code are structured so that whether other can use it by just copy paste or by analyzing the script code.
However, you can also use the Console to analyze the javascript code and use it.
Also, there is a easy and simple in tool in Google Chrome store to view any chrome extension code.
You can download it here (CRX Viewer)
https://chrome.google.com/webstore/detail/chrome-extension-source-v/jifpbeccnghkjeaalbbjmodiffmgedin
Steps to see code using CRX Viewer :
1) Now after installing the Extension, open it and paste the link of the other extension(which you want to see the code).
ScreenShot of the step
2) Now click "Open in this Viewer" and Here we go ....
Generated source code of extension
3) Now you can easily download the code,or view one by one.
Yes they will, it's mandatory open source !
Related
I am wanting to deploy a series of MobaXterm connections (SSH connections) to our users and would like to look at creating a webpage where the users can simply invoke a chosen session by clicking on a link.
I can see that MobaXterm supports this by installing (installed by default) the URL Protocol Handler but I do not know and cannot find anywhere any syntax for the HTML links to invoke the named sessions.
Can anyone help or point me in the right direction to look please?
I found that this :
ssh localhost
allowed me to open a session, but il also created a new 'saved session' and saturated my quota so I am not sure it is the real solution.
But a least it looks like 'mobaxterm' is the protocol, if it can help anybody ending up here. This feature sure lacks documentation :)
I e-mailed Mobatek with the same question. It turns out if you right-click the "User Sessions" node and pick "Generate HTML web page", it will make a web page containing mobaxterm: protocol links to all your existing sessions. It looks like it's designed for exactly your use case, making a webpage to share with other users, so you may be able to just use that generated page as-is.
If you do want to generate your own links, it's a little trickier. I haven't really tried to understand the encoding yet; it's definitely not designed to be particularly user-readable, but since you can make any session you want and export it to a link it shouldn't be too hard to reverse-engineer the fields you care about.
I've been experimenting with using Chrome DevTools as my primary authoring tool, and am now mostly using them.
As I continue to increase my usage, I'm running into some pain points.
Usually, when I begin working on a project, I now create a dedicated Chrome profile for it. I do this automatically by invoking Chrome with the --user-data-dir flag and storing the browser profile right within the project.
Then I go into the tools, set up my workspace, map my local directories, and so forth. This works great.
What doesn't work so great is that this is a very repetitive process. I'd love to be able to specify the workspace mappings within the project somehow, and then generate the appropriate profile. I'd also love to be able to set other preferences (like indentation, and various other settings on the DevTools "General" page) in a standard way.
I've thought of three ways this might be possible:
There might be an API for this, but I doubt it, as programmatic manipulation of browser preferences obviously is disfavored (but would someone have carved out an exception for DevTools?),
There might be a way to import/export DevTools preferences, and I might be able to generate the import format,
I might be able to figure out where they're stored in the user directory, and manipulate them myself (so far I haven't, though).
There's also one partial solution I've considered:
I might be able to copy a "template" browser profile to get some of the shared settings above. Then I'd still have to do the workspace mapping each time, but I might be able to get away with not doing the rest.
One really elaborate strategy I could try would be to use browser automation, as suggested in Google Chrome - how can i programmatically enable chrome://flags some of the modules from disable mode to enabled mode? ... but that seems like overkill even as I start using the stuff more heavily; I don't think I'm quite ready to invest that kind of up-front effort in it.
Is anyone familiar enough with how the Chrome DevTools preferences work to judge which strategies might be most promising?
There is no way easily sync DevTools settings. They are stored in localstorage scoped to the DevTools. Which means they are in a special sqlite DB which isn't easy to transfer between machines (plus you'd bring all the other stuff with it.)
Sadly, you are left porting this all around by-hand with each new machine.
I am looking for a way to integrate my app in the Sharepicker. I already found the regarding example here and the Manifest documentation.
My Problem is, that I do not want to receive Pictures, but links or other things. Is there any place (that I did not find) where the possible extensions are listed?
No. You can only act as a share provider for pictures. For everything else, you can give developers an URI scheme that they can associate with your app, therefore being able to call it later on if they decide to share something with you. This, however, will not be a system-wide sharing extension.
I would like to provide an installation of Chrome (or probably Chromium?) that comes pre-installed with my extension, installed to a separate folder and has the --enable-experimental-extension-apis turned-on by default. Would also be cool to be able to customize the looks and feels to be more suitable for my brand.
Does anyone know if its allowed by Google's TOS? Is it possible? Was it done before? Is there any easy way to do that, without hacking around on Chromium source code?
If you know enough C to modify some code, mini_installer is a good place to start. This is what people would be downloading anyway, so tweaking some of the code there to suit your needs would be the best bet. Install it where you like, make whatever changes before/after the install, etc.
Otherwise, you could write some kind of script that downloads and runs the installer, and then changes settings. For compatibility with your apparent target audience, a simple batch script would be the best bet.
Another option is Chromium Portable. You make any changes you like, and upload a zip file. All they have to do is download and unzip it. Most users can manage that, but pictures on the download page don't hurt. You could also write a small program or script to download the zip file, unzip it, and run anything that needs to be run (or Chromium it self).
It's technically possible and allowed. Indeed, there are a number of forks of Chromium, such as Iron and Comodo Dragon.
Whether it's a good idea is another question entirely. Unless you're prepared to maintain your fork on a long-term basis (and in particular, to provide software updates to your users on a frequent basis), it's probably not a good idea. You'd probably do better to instruct your users to install Google Chrome normally, then give them a link to install your extension.
As far as experimental extension APIs go, I'd avoid them. They may be removed or changed significantly in future versions of Chrome. If you must use them, just instruct the user on how to enable them.
I have what seems like a typical usage scenario for users downloading, editing and uploading a document from a web page.
User clicks a link to download a document
User edits downloaded file
User saves the file
User goes back to the web page and uploads the new file with the changes
The problem is that downloaded files are typically saved in a temporary directory, so it can be difficult to find the file after it is saved. The application is for very non-technical users, and I can already imagine the problems with saved files being lost or the wrong versions being uploaded.
Is there a better way? Things I've thought about:
Using Google Docs or something similar.
Problems: forcing users to use new
application with less features,
importing legacy content, setting up
accounts for everyone to edit a
file.
Using WebDAV to serve the files. Not sure how this would work exactly, but seems like it should be possible
Some kind of Flash or Java app that manages downloads and uploads. Not sure if these even exist.
User education :)
If it matters, the files will be mostly Word and Powerpoint documents.
Actually, despite the fact that you have more flexibility with AJAX in developing application, the problem of uploading multiple files is not solved yet.
To the thoughts you've mentioned in your question:
Google Docs:
Online apps like Google docs are certainly appealing for certain use cases. However, if you'd like to upload Word and Powerpoint slides, you don't want the content to be changed once you've uploaded the document. The problem is that Google Docs uses its own data format and therefore changes some of the formats. If you go for an online app, I'd go for a Document Management Solution. I'm sure there are plenty (even free ones) out there; however, I didn't use any on them yet.
WebDAV It is possible and seems to me like the best solution. You can embed WebDav like any directory. Documents are locked until a user releases the document. Unfortunately, you don't have a web front end to manage the files or administer access restrictions.
It
Flash or Java app They do exist, for sure. I'd prefer Flash over Java since Flash Apps still run smoother within a browser. I would definitely not use a rich application, even if it is a Java Web Start app that can be downloaded and opens in a separate window. More and more, users seem to accept browser based web applications. Which brings me to point 4:
User education You can educate them, sure. But in the end you want them to want to use the system. Most often, users get easily used to a tool. However, if they don't like the tool, they're not going to use it.
Clear instructions to save to their desktop is a start. Then clear instructions to go to the desktop to re-up it. I've not run across an online MSWord viewer/editor or whatever format the file is, but I'm sure they exist, now that Google Docs and a few other online versions of MSOffice exist.
I would make sure that there are easy to follow instructions, plus a tutorial somewhere else (perhaps with a video too) to guide users through the process.