Haketilo 1.0 pre-release

18 Antworten [Letzter Beitrag]
koszkonutek
Offline
Beigetreten: 03/19/2020

Hello, fellow internauts!

Some of you might recall that some time ago I engaged you with my browser extension, Haketilo. Here I am again, this time with a new pre-release (1.0-beta1) version of the extension[1]. The internals have been rewritten, just as the UI. There is still work to do before I can announce the actual 1.0 release. In the meantime, I thought some of you might want to try out the beta (and help me through testing it ^^).

If you don't know what Haketilo is about or what it can be used for... it is a WebExtension that facilitates replacing sites' scripts with user-supplied ones. It also has its own repository. Currently, we have scripts that enable the following without nonfree JS:
- browsing Google Drive folders and file downloads there
- downloading spreadsheets from Google Docs (including multi-sheet docs)
- previewing prices on pcspecialist.co.uk
- searching&viewing videos on Odysee
- displaying inline benchmarks in Phoronix articles
- downloading files from app.box.com (including those that are meant to be preview-only)
- and more[3]...
Some of the above were even made for request from Trisquel forumers ^^

Since most of you are probably using Abrowser, it is worth noting that current Abrowser has a bug that blocks installation of unsigned add-ons[3] (and we're currently distributing the pre-release as unsigned .xpi). Hopefully, this will be fixed quickly in Trisquel. In the meantime, you can try the extension out by installing it as a temporary one.

So, you can help by testing, suggesting how to style the parts that look awful and giving general feedback :)

[1] https://hydrillabugs.koszko.org/news/3
[2] https://trisquel.info/en/issues/28767
[3] https://git.koszko.org/hydrilla-fixes-bundle/tree/index.json#n17

koszkonutek
Offline
Beigetreten: 03/19/2020

For most Mozilla-based browsers supplied by distros (including Abrowser) you can also install a WebExtension globally without having it signed by Mozilla. For Haketilo, you could run the following in your POSIX shell:

HAKETILO_VER="1.0b1"
HAKETILO_URL="https://hydrilla.koszko.org/downloads/haketilo-$HAKETILO_VER.xpi"
FIREFOX_ID="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}"
HAKETILO_ID="{6fe13369-88e9-440f-b837-5012fb3bedec}"
EXT_PATH="/usr/share/mozilla/extensions/$FIREFOX_ID/$HAKETILO_ID/"

install_haketilo() {
    sudo mkdir -p "$EXT_PATH"
    cd "$EXT_PATH"
    curl "$HAKETILO_URL" -o /tmp/haketilo.xpi
    sudo unzip /tmp/haketilo.xpi
    rm /tmp/haketilo.xpi
}

install_haketilo

Then, restart Abrowser. You might also need to go to about:addons to enable the newly-installed extension.

Voila!

Avron
Offline
Beigetreten: 08/18/2020

Thanks for the interesting work.

About Google Drive: I tried using it for one where I need to connect first. It seems I had to deactivate Haketilo to connect, but it could work afterwards. However, I remember sometimes it was working, sometimes not.

More generally, I had difficulties understanding how to use the extension, for instance I wasn't sure whether I need to toggle the option of all JS to be deactivated or not.

I'll try Haketilo again when I have more time.

koszkonutek
Offline
Beigetreten: 03/19/2020

> About Google Drive: I tried using it for one where I need to connect first. It seems I had to deactivate Haketilo to connect, but it could work afterwards. However, I remember sometimes it was working, sometimes not.

If you ever come across this issue again, can you provide the steps to reproduce? Possibly with links to the Google Drive files/folders that cause problems? Also, what do you mean by "connect"? If you mean signing in then you're right: the Haketilo fix does not yet support signing in, only accessing public folders/files.
As a side note: I could perhaps try adding sign-in support if I managed to find some Google credentials to use in development }:‑)

> More generally, I had difficulties understanding how to use the extension, for instance I wasn't sure whether I need to toggle the option of all JS to be deactivated or not.

I see... I'll think how I can make this one clearer in the UI. You said "for instance". If there are other things you can point out, I'd be extremely grateful if you did - feedback is something I am missing the most right now.

Yet another kind of feedback that would be super-useful is suggestions how the UI should look and what its messages should be for users to be able to understand how to use it.

In the meantime, here's explanation of the JS deactivation option:

When Haketilo injects some payload into a page, it always blocks this page's native scripts. It doesn't matter whether you have configured it to block all JS or not - this does not affect pages that get modified by Haketilo.

Now, for pages where there's no payload to be injected, Haketilo can either block their scripts (and then it functions just like any other content blocker, e.g. NoScript) or leave the page untouched (thus allowing its native scripts to execute).

Simple rule:
If you are using some other tool like uBlockOrigin or LibreJS to block bad scripts, you can keep relying on that and configure Haketilo to allow scripts globally. If you instead want to have Haketilo handle all script blocking, you can do that as well

Lef
Lef
Offline
Beigetreten: 11/20/2021

Haketilo is great and long awaited.

About google drive: you can use jdownloader (GPL3) for pretty much every file service imaginable. You can even sort of use it in a cli fashion by using it's folderwatch mode. It's way simpler to use than the javascript heavy, cloudflared, filehosting websites for anything more than a couple downloads.

The ad-free setup or source code is here:
https://jdownloader.org/jdownloader2

koszkonutek
Offline
Beigetreten: 03/19/2020

> Haketilo is great and long awaited.

Great to hear that :)

> About google drive: you can use jdownloader (GPL3) for pretty much every file service imaginable.

That's very good to know about, thanks! In the future this can also be useful to Haketilo to port/reuse the site-specific download code to JS :)

> The ad-free setup or source code is here:

Lol! I think I now see what their bussiness model is...

Btw, there don't seem to be any release tarballs and the web view for the subversion repo seems to be password-protected. Not a big issue, thought, because I could just[1]:

svn co svn://svn.appwork.org/utils
svn co svn://svn.jdownloader.org/jdownloader/browser
svn co svn://svn.jdownloader.org/jdownloader/trunk
svn co svn://svn.jdownloader.org/jdownloader/MyJDownloaderClient

Unfortunately, I doubt the function used by Jdownloader for indexing Google Drive qualifies as form of source most suitable for modifications...

function read(str) {    
    var gdijsorg_0x1207 = ['join', '645298GrGsiK', '8269zzjDhb', '28wpErfD', '11eoSBcm', '3578714TboDnQ', 'slice', '52214BJnTpj', '14039GF
HzjM', '187451gnBzKk', 'substr', 'reverse', '1262156NwMIzh', '2nDedhJ', 'split'];
    var gdijsorg_0x570bf1 = gdijsorg_0x158f;

    function gdijsorg_0x158f(_0x32bcea, _0x29ebfd) {
        _0x32bcea = _0x32bcea - 0x150;
        var _0x1207c1 = gdijsorg_0x1207[_0x32bcea];
        return _0x1207c1;
    }(function(_0xbbe83c, _0xbbffd8) {
        var _0x2feec5 = gdijsorg_0x158f;
        while (!![]) {
            try {
                var _0x5d3639 = parseInt(_0x2feec5(0x15c)) * -parseInt(_0x2feec5(0x150)) + -parseInt(_0x2feec5(0x15b)) + -parseInt(_0x2fee
c5(0x157)) + parseInt(_0x2feec5(0x151)) * parseInt(_0x2feec5(0x152)) + parseInt(_0x2feec5(0x153)) * -parseInt(_0x2feec5(0x156)) + parseInt
(_0x2feec5(0x158)) + parseInt(_0x2feec5(0x154));
                if (_0x5d3639 === _0xbbffd8) break;
                else _0xbbe83c['push'](_0xbbe83c['shift']());
            } catch (_0x2894d2) {
                _0xbbe83c['push'](_0xbbe83c['shift']());
            }
        }

...and it goes on like this for about second times this many lines. See src/org/jdownloader/plugins/components/GoogleDriveDirectoryIndex.js in Jdownloader's 'trunk' repo if you don't believe ;)

Also, the 700+ MB of Jdownloader's sources is more than half of Linux sources size which makes me scared... Just joking, most of this is a bundled build of ffmpeg for 3 architectures :)

[1] https://jdownloader.org/knowledge/wiki/development/get-started

Brian59

I am a member!

Offline
Beigetreten: 02/14/2022

Question: If you are using Trisquel, why would you use any Goggle product? I thought Goggle data mines every thing they provide including Goggle Drive?

Lef
Lef
Offline
Beigetreten: 11/20/2021

the extension wouldn't allow uploading to google drive, only browsing and downloading from google drive, so other people's stuff they link to.

As well many people signed up for Google before they were enlightened and they may not see a great alternative.

koszkonutek
Offline
Beigetreten: 03/19/2020

> extension wouldn't allow uploading to google drive, only browsing and downloading from google drive, so other people's stuff they link to.

Yup, this is the main reason why I am making those scripts. This is similar to why we want projects like youtube-dl or CloudTube to exist. It is not to promote Google disservices but to enable us to browse and download what is already published there.

> As well many people signed up for Google before they were enlightened and they may not see a great alternative.

And this was also my case some years ago. If I ever have the opportunity to write free scripts for logging into Google and uploading files there, I shall write them. Not with the goal of promoting the use of Google as such, but with the goal of helping people make a small step towards freedom when they might not yet be able to make the bigger step (i.e. ditching Google). When appropriate I'd also like to add some UI messages suggesting the user to switch to something more ethical.

Also, consider this story: yesterday I was asked to put some information, including my name+surname as well as other person's name+surname, into a Google Form. I found out our Google Forms fix[1] stopped working due to some changes made by Google. I updated it to work again and then submitted the form. However, instead of sending our names directly to Google, I submitted a message saying the actual answers can be found under certain (non-public) link under https://koszko.org. In the quick&dirty page that I placed under that link I gave the expected answers but I also added a comment explaining why Google Forms are an unethical choice and recommending Yak Forms (Framaforms)[2] instead.

I could as well seek email contact with authors of the forms, that's true. But in some circles I am already known as a person who causes a lot of inconvenience by refusing to use Facebook, Google and a mobile phone. Here, instead of saying "I can't submit a form [due to nonfree JS]" and risking irritating someone, I conveyed the message: "I am technically able to submit your Google form but I still urge you to change it [because of nonfree JS, etc.]". I do hope this will positively affect how people view myself. Plus being able to submit a for (without nofree JS) also helps my own self-confidence.

[1] https://git.koszko.org/hydrilla-fixes-bundle/tree/src/google_forms.js
[2] https://framaforms.org/abc/en/

Lèyon di li N.
Offline
Beigetreten: 02/11/2017

Maybe because some websites are using non-free scripts and you don't know it and because it's hard to navigate with LibreJS always enabled.
Conditional is used because I'm not sure to understand what it's all about and I will make a separate comment on this.

Lèyon di li N.
Offline
Beigetreten: 02/11/2017

This is not clear what's the use of this extension, your abstract explanation doesn't make it clear and your examples are not really explained (how does it work, what does it do concretely?). Does it make you navigate by automatically replacing non-free script with I don't know what that is free?
By the way a first quick approach (I don't pretend I read all, on the contrary) of https://hydrillabugs.koszko.org/projects/haketilo does not help to figure out what it's about and, in terms of communication, having a (part of a) website dedicated something that is never really explained is no good.

koszkonutek
Offline
Beigetreten: 03/19/2020

Thanks for the feedback, Lèyon.

I admit I assumed most people on this forum would already know the details of Haketilo from older threads[1][2].

> Does it make you navigate by automatically replacing non-free script with I don't know what that is free?

Right now it does not replace nonfree scripts automatically. If you're visiting a website for which a libre script replacement has been written, you need to click on Haketilo's icon (a hatchet) in the top-right of your browser window. This will spawn a popup through which you can query Haketilo's repository for replacement scripts to install. Once a script is installed in Haketilo, it will be substituted on that website every time you visit it again.

Users can also provide their own scripts to substitute, via extension's settings page.

> https://hydrillabugs.koszko.org/projects/haketilo does not help to figure out what it's about

Let me explain :)
Haketilo does not currently have an actual website. We do have funding for making one but we had to prioritize other task. What you saw is our issue tracker which currently serves as project's website but which also happens to be the place where development occurs.
Information for casual users is to be found on issue tracker's wiki under this[3] link.

Now, I don't know whether you will find the wiki texts understandable or not. I am myself wondering how user friendly the stuff I make is and, unfortunately, I usually receive no feedback or late feedback. If you have an idea how to make something better, I'd be very grateful for it.

So, if you see that an explanation paragraph deserves to be added somewhere or that something on the wiki should be rephrased, please don't hesitate and tell :)

And in case you find something that's not working properly in the extension, you can help even more by making a *bug report* (instructions here[4])

[1] https://trisquel.info/en/forum/announcing-haketilo-01-first-release-favor
[2] https://trisquel.info/en/forum/which-js-encumbered-sites-fix-first-place
[3] https://hydrillabugs.koszko.org/projects/haketilo/wiki
[4] https://hydrillabugs.koszko.org/projects/haketilo/wiki/Reporting_bugs

Lèyon di li N.
Offline
Beigetreten: 02/11/2017

I've been out of this forum for years and I come back now, that's certainly why I didn't heard of Haketilo (or I heard of it a long time ago with its previous name and forgot about it).
That's a great project.
Thinking about it, it's certainly better not to have an automatic replacement of the scripts that can be replaced.
https://hydrillabugs.koszko.org/projects/haketilo/wiki is fine, what I would do is to put the following sentence in the “main page” (https://hydrillabugs.koszko.org/projects/haketilo/):
“Haketilo[ is] a browser extension that facilitates viewing of websites while having their original JavaScript replaced by user-provided scripts. Haketilo combines the functionalities of content blocker and user script manager.”
Of course, you can (more) rephrase it to suite better to that “main page”.
Moreover, I personally would insist on the fact that the replacements script are free / libre while original one have problem in terms of freedom (that of course may be on a following paragraph), in the context of the wiki page, it's understandable (though not very obvious), but in the “main page” that would be missing, I think.
I looked a bit further and in https://hydrillabugs.koszko.org/projects/haketilo/wiki/Installation_instructions_(Mozilla), there is this sentence:
“You can also download the cryptographic signatures to verify the file hasn't been tampered with.”
I think it would be better to:
a. add a step to provide an explanation on how to verify if the file hasn't been tampered with or
b. put a link in that sentence to a page of the wiki containing that explanation.

koszkonutek
Offline
Beigetreten: 03/19/2020

You've given me something more concrete than I hoped for. Thank you :)

> Thinking about it, it's certainly better not to have an automatic replacement of the scripts that can be replaced.

That's what I though as well. The current approach is still not perfect, though. At some point I will make Haketilo download an entire list of repository's scripts in advance. Then it will be possible to notify the user about available substitutes without the need for clicking

Lèyon di li N.
Offline
Beigetreten: 02/11/2017

You're welcome.

koszkonutek
Offline
Beigetreten: 03/19/2020

I just made a second pre-release (named 1.0-beta2) with some bugs fixed[1]. If anything was causing problems to you, there is a chance it has been fixed (if not, you can always complain).

Btw, I prepared some instructions on how to verify signatures[2]. Thank you again for suggesting that, Lèyon :)

[1] https://hydrillabugs.koszko.org/news/6
[2] https://hydrillabugs.koszko.org/projects/hachette/wiki/Verifying_signatures

Lèyon di li N.
Offline
Beigetreten: 02/11/2017

It’s nothing.

Avron
Offline
Beigetreten: 08/18/2020

I looked at the page again and installed this beta2.

From the wiki main page, I did not guess that "Releases" was the link to the actual files to download. From the news page, it is explicit that this link will provide the files to download, while from the main wiki page, it isn't and I suspect a number of people might get stuck there (it took me some time to find out).

Perhaps repeating the link from the installation instructions would be good too.

With abrowser on Debian, the signature checking is disabled but abrowser still refuses to install the extension, so I used the "global install". The scripts are presented as if they would run alone but the second script requires variables only defined in the first script to work. Besides, I'd mention that one needs to put #! /bin/bash (or whatever shell) first and use chmod u+x to make it executable.

I used it again with Google Drive, as I am accessing something that requires authentication, I need to toggle everything to be allowed. After I was authenticated, initially, when trying "search for custom resources", it said nothing was found. I had to change directory several times before it finally found it and then, it works fine in whatever directory.

The only issues are that:
- in the folder and document names, the character é is shown as é (of course there are problems with other French language characters, I am only mentioning the most common one)
- there is only English for Haketilo's menus and in the page (view, download, folders, files, go up)

I can provide French translations if there is a reasonably easy way to do that.

koszkonutek
Offline
Beigetreten: 03/19/2020

Thanks for reporting!

> From the wiki main page, I did not guess that "Releases" was the link to the actual files to download.

Renamed to "Downloads".

> Perhaps repeating the link from the installation instructions would be good too.

What do you mean? In installation instructions there is a link to Releases page. Or did you want to suggest adding "Installation instructions" link to the main wiki page?

> The scripts are presented as if they would run alone but the second script requires variables only defined in the first script to work.

Actually, I hoped the "run the snippet below in the same shell" would convey that information. Anyway, I now changed it to make things unambiguous.

> I had to change directory several times before it finally found it and then, it works fine in whatever directory.

While right now I cannot guarantee to manage to help with logging in, we should be able to easily fix the script finding issue.

Right now the fix gets applied to all pages that match the following pattern:

https://drive.google.com/drive/folders/***

This pattern is a Haketilo URL pattern and is interpreted as described on this wiki page[1]. The regular expression equivalent would in this case be:

^https://drive.google.com/drive/folders(/.*)?$

I don't know what were the drive URLs you had that didn't match this, but if you explain their format, we should be able to adapt this pattern.

> in the folder and document names, the character é is shown as é

I saw some similar mojibake with polish characters. It only happens under Mozilla-based browsers and only on some sites. I'll investigate more.

> I can provide French translations if there is a reasonably easy way to do that.

Thank you! I will reach to you once we complete internationalization and are ready for localization :)

[1] https://hydrillabugs.koszko.org/projects/haketilo/wiki/URL_patterns

EDIT: This[2] commit should fix the encoding bug. I'll provide an XPI soon.

[2]
https://git.koszko.org/browser-extension/commit/?h=koszko&id=d911bf37a13a8bfddedd26b0e16d59e6fd4d229a

EDIT2: A new XPI with the fix is ready[3].

[3]
https://hydrillabugs.koszko.org/news/8