Hack the Web
Hack the web!
Jeff Griffiths & Matteo Ferretti
FOSDEM, February 4th, 2012
Part 1: it's not hacking, it's 'Personalization'
...although hacking sounds cooler.
Personalizing web sites has a long and glorious history!
- native support for userscripts in Chrome
- content script capabilities are a top-level feature in the Opera, Safari and Chrome extension apis
Simple, powerful hacking, er 'personalization' is a key feature of the Add-on SDK
Content Scripts are the key
- content scripts are attached to an html document and are able to interact with the Document's DOM via a proxy
- proxy is a key security feature to protect the add-on ( & the browser ) from the web page
- otherwise, the content script runs with the same security level as the page itself, with the same set of limitations
Two key modules:
Distinctly different uses cases.
- control over which page your script is attached to: a specific page, glob or url pattern
- control over *when* the script is attached: start, ready, end ( default )
- caveat: page-mod injects into *any* matching documents, including frames
- simplest possible example: Open in C9
- targeted, improves usability(?)
- can enumerate, iterate over all open tabs, open tabs, close them
- get a handle on the current active tab!
- react to tab events: open, ready, activate, deactivate
- attach content scripts
- caveat is, *only* top level documents are injected, no frames, etc
- more complex example: twitter search form selection
( this will probably fail... )
But wait, there's more!
- Integrate with the Firefox UI: panels, widgets, preferences, context-menu
- Make crossdomain requests, notifications, access to the clipboard
- access to the entire Mozilla Platform through XPCOM & jsm.
- command-line tool for testing, running, packaging
- test framework
- modular development via CommonJS
- a growing collection of community-contributed modules
we're on the twitters:launch