Browser extension

Last updated

A browser extension is a software module for customizing a web browser. Browsers typically allow users to install a variety of extensions, including user interface modifications, cookie management, ad blocking, and the custom scripting and styling of web pages. [1]

Contents

Browser plug-ins are a different type of module and no longer supported by the major browsers. [2] [3] One difference is that extensions are distributed as source code, while plug-ins are executables (i.e. object code). [2] The most popular browser, Google Chrome, [4] has over 100,000 extensions available [5] but stopped supporting plug-ins in 2020. [6]

History

Internet Explorer was the first major browser to support extensions, with the release of version 4 in 1999. [7] Firefox has supported extensions since its launch in 2004. Opera and Chrome began supporting extensions in 2009, [8] and Safari did so the following year. Microsoft Edge added extension support in 2016. [9]

API conformity

In 2015, a community group formed under the W3C to create a single standard application programming interface (API) for browser extensions. [10] While this particular work did not reach fruition, [11] every major browser now has the same or very similar API due to the popularity of Google Chrome. [4]

Chrome was the first browser with an extension API based solely on HTML, CSS, and JavaScript. Beta testing for this capability began in 2009, [12] [13] and the following year Google opened the Chrome Web Store. As of June 2012, there were 750 million total installations of extensions and other content hosted on the store. [14] In the same year, Chrome overtook Internet Explorer as the world's most popular browser, [15] and its usage share reached 60% in 2018. [16]

Because of Chrome's success, Microsoft created a very similar extension API for its Edge browser, with the goal of making it easy for Chrome extension developers to port their work to Edge. [17] But after three years Edge still had a disappointingly small market share, so Microsoft rebuilt it as a Chromium-based browser. [18] [19] (Chromium is Google's open-source project that serves as the functional core of Chrome and many other browsers.) Now that Edge has the same API as Chrome, extensions can be installed directly from the Chrome Web Store. [20]

In 2015, Mozilla announced that the long-standing XUL and XPCOM extension capabilities of Firefox would be replaced with a less-permissive API very similar to Chrome's. [21] This change was enacted in 2017. [22] [23] Firefox extensions are now largely compatible with their Chrome counterparts. [24]

Apple was the last major exception to this trend, but support for extensions conforming to the Chrome API was added to Safari for macOS in 2020. [25] Extensions were later enabled in the iOS version for the first time. [26]

In 2021, these browser vendors formed a new W3C community group, called WebExtensions, to "specify a model, permissions, and a common core of APIs". [27] However, Google joined this during its overhaul of Chrome's extension API, known as Manifest V3, which greatly reduces the capability of ad blockers and privacy-related extensions. [28] [29] [30] Thus the WebExtensions group is viewed by some extension developers as nothing more than Google imposing its Manifest V3 design. [31] [32] [33]

Unwanted behavior

Browser extensions typically have access to sensitive data, such as browsing history, and they have the ability to alter some browser settings, add user interface items, or replace website content. [34] [35] As a result, there have been instances of malware, so users need to be cautious about what extensions they install. [36] [37] [38] [39]

There have also been cases of applications installing browser extensions without the user's knowledge, making it hard for the user to uninstall the unwanted extension. [40]

Some Google Chrome extension developers have sold their extensions to third-parties who then incorporated adware. [41] [42] In 2014, Google removed two such extensions from the Chrome Web Store after many users complained about unwanted pop-up ads. [43] The following year, Google acknowledged that about five percent of visits to its own websites had been altered by extensions with adware. [44] [45] [46]

Related Research Articles

<span class="mw-page-title-main">Firefox</span> Free and open-source web browser by Mozilla

Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements current and anticipated web standards. Firefox is available for Windows 10 or later versions, macOS, and Linux. Its unofficial ports are available for various Unix and Unix-like operating systems, including FreeBSD, OpenBSD, NetBSD, illumos, and Solaris Unix. It is also available for Android and iOS. However, as with all other iOS web browsers, the iOS version uses the WebKit layout engine instead of Gecko due to platform requirements. An optimized version is also available on the Amazon Fire TV as one of the two main browsers available with Amazon's Silk Browser.

<span class="mw-page-title-main">Browser wars</span> Competition between web browsing applications for share of worldwide usage

A browser war is a competition for dominance in the usage share of web browsers. The "first browser war," (1995–2001) consisted of Internet Explorer and Netscape Navigator. Browser wars continued with the decline of Internet Explorer's market share and the popularity of other browsers, including Firefox, Google Chrome, Safari, Microsoft Edge and Opera.

This is a comparison of both historical and current web browsers based on developer, engine, platform(s), releases, license, and cost.

Mozilla Firefox has features which distinguish it from other web browsers, such as Google Chrome, Safari, and Microsoft Edge.

Netscape Plugin Application Programming Interface (NPAPI) is a deprecated application programming interface (API) for web browser plugins, initially developed for Netscape Navigator 2.0 in 1995 and subsequently adopted by other browsers.

Add-on is the Mozilla term for software modules that can be added to the Firefox web browser and related applications. Mozilla hosts them on its official add-on website.

<span class="mw-page-title-main">Web development tools</span> Software used to test the UI of a website or web application

Web development tools allow web developers to test, modify and debug their websites. They are different from website builders and integrated development environments (IDEs) in that they do not assist in the direct creation of a webpage, rather they are tools used for testing the user interface of a website or web application.

<span class="mw-page-title-main">Google Chrome</span> Web browser developed by Google

Google Chrome is a web browser developed by Google. It was first released in 2008 for Microsoft Windows, built with free software components from Apple WebKit and Mozilla Firefox. Versions were later released for Linux, macOS, iOS, and also for Android, where it is the default browser. The browser is also the main component of ChromeOS, where it serves as the platform for web applications.

Google Native Client (NaCl) is a discontinued sandboxing technology for running either a subset of Intel x86, ARM, or MIPS native code, or a portable executable, in a sandbox. It allows safely running native code from a web browser, independent of the user operating system, allowing web apps to run at near-native speeds, which aligns with Google's plans for ChromeOS. It may also be used for securing browser plugins, and parts of other applications or full applications such as ZeroVM.

<span class="mw-page-title-main">WebGL</span> JavaScript bindings for OpenGL in web browsers

WebGL is a JavaScript API for rendering interactive 2D and 3D graphics within any compatible web browser without the use of plug-ins. WebGL is fully integrated with other web standards, allowing GPU-accelerated usage of physics, image processing, and effects in the HTML canvas. WebGL elements can be mixed with other HTML elements and composited with other parts of the page or page background.

The HTML5 specification introduced the video element for the purpose of playing videos, partially replacing the object element. HTML5 video is intended by its creators to become the new standard way to show video on the web, instead of the previous de facto standard of using the proprietary Adobe Flash plugin, though early adoption was hampered by lack of agreement as to which video coding formats and audio coding formats should be supported in web browsers. As of 2020, HTML5 video is the only widely supported video playback technology in modern browsers, with the Flash plugin being phased out.

<span class="mw-page-title-main">Chrome Web Store</span> Googles online store for its Chrome web browser

Chrome Web Store is Google's online store for its Chrome web browser. As of 2022, Chrome Web Store hosts about 123,000 extensions and 29,000 themes.

Content Security Policy (CSP) is a computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context. It is a Candidate Recommendation of the W3C working group on Web Application Security, widely supported by modern web browsers. CSP provides a standard method for website owners to declare approved origins of content that browsers should be allowed to load on that website—covered types are JavaScript, CSS, HTML frames, web workers, fonts, images, embeddable objects such as Java applets, ActiveX, audio and video files, and other HTML5 features.

HTML5 Audio is a subject of the HTML5 specification, incorporating audio input, playback, and synthesis, as well as in the browser. iOS

Browser security is the application of Internet security to web browsers in order to protect networked data and computer systems from breaches of privacy or malware. Security exploits of browsers often use JavaScript, sometimes with cross-site scripting (XSS) with a secondary payload using Adobe Flash. Security exploits can also take advantage of vulnerabilities that are commonly exploited in all browsers.

<span class="mw-page-title-main">Microsoft Edge</span> Web browser developed by Microsoft

Microsoft Edge is a proprietary cross-platform web browser created by Microsoft. Released in 2015 as part of Windows 10 and Xbox One, it was initially built with Microsoft's own proprietary browser engine, EdgeHTML, and their Chakra JavaScript engine. Later on, it was ported to Android and iOS as a fork of Google's Chromium open-source project. In late 2018, Microsoft announced it would completely rebuild Edge as a Chromium-based browser with Blink and V8 engines, which allowed the browser to be ported to macOS. The new Edge was publicly released in January 2020, and on Xbox platforms in 2021. Microsoft has since terminated security support for the original browser. Edge is also available on older Windows versions, as well as Linux.

<span class="mw-page-title-main">Vivaldi (web browser)</span> Web browser with built-in email client

Vivaldi is a freeware, cross-platform web browser with a built-in email client developed by Vivaldi Technologies, a company founded by Tatsuki Tomita and Jon Stephenson von Tetzchner, who was the co-founder and CEO of Opera Software. Vivaldi was initially released on 27 January 2015.

uBlock Origin Web browser extension

uBlock Origin is a free and open-source browser extension for content filtering, including ad blocking. The extension is available for Chrome, Chromium, Edge, Firefox, Brave, Opera, Pale Moon, as well as versions of Safari prior to 13. uBlock Origin has received praise from technology websites and is reported to be much less memory-intensive than other extensions with similar functionality. uBlock Origin's stated purpose is to give users the means to enforce their own (content-filtering) choices.

WebXR Device API is a Web application programming interface (API) that describes support for accessing augmented reality and virtual reality devices, such as the HTC Vive, Oculus Rift, Oculus Quest, Google Cardboard, HoloLens, Apple Vision Pro, Magic Leap or Open Source Virtual Reality (OSVR), in a web browser. The WebXR Device API and related APIs are standards defined by W3C groups, the Immersive Web Community Group and Immersive Web Working Group. While the Community Group works on the proposals in the incubation period, the Working Group defines the final web specifications to be implemented by the browsers.

References

  1. "What are extensions?". MDN Web Docs. Retrieved 5 August 2019.
  2. 1 2 "Plugin". developer.mozilla.org. 9 September 2022. Retrieved 7 December 2022.
  3. "Why Browser Plug-Ins Are Going Away and What's Replacing Them". howtogeek.com. 8 January 2014. Retrieved 6 June 2023.
  4. 1 2 "StatCounter Global Stats". StatCounter. Retrieved 11 November 2020.
  5. Cimpanu, Catalin. "Half of all Google Chrome extensions have fewer than 16 installs". ZDNet. Retrieved 19 February 2021.
  6. "Google Chrome 88 released: RIP Flash Player" . Retrieved 29 January 2021.
  7. "Browser Extensions". 15 August 2017. Retrieved 29 September 2020.
  8. Edwards, Lin; Phys.org. "Google Chrome extensions to be officially released". phys.org. Retrieved 27 April 2023.
  9. Bright, Peter (18 March 2016). "Edge browser now has extensions in the latest Windows 10 preview". Ars Technica . Condé Nast.
  10. "Browser Extension Community Group Charter — Browser Extension Community Group". browserext.github.io. Retrieved 14 December 2018.
  11. "Re: One question from Florian Rivoal on 2017-07-29 (public-browserext@w3.org from July 2017)". lists.w3.org. Retrieved 14 December 2018.
  12. "Extensions Status: On the Runway, Getting Ready for Take-Off". Chromium Blog. Retrieved 14 December 2018.
  13. "Extensions beta launched, with over 300 extensions!". Chromium Blog. Retrieved 14 December 2018.
  14. Vikas SN (29 June 2012). "The Lowdown: Google I/O 2012 Day 2 – 310M Chrome Users, 425M Gmail & More". MediaNama. Retrieved 14 June 2013.
  15. "Internet Explorer usage to plummet below 50 percent by mid-2012". 3 September 2011. Archived from the original on 20 November 2011. Retrieved 4 September 2011.
  16. Statcounter. "Browser Market Share Worldwide | StatCounter Global Stats". gs.statcounter.com. Retrieved 20 October 2018.
  17. "Porting an extension from Chrome to Microsoft Edge". Microsoft. Retrieved 30 December 2018.
  18. "Microsoft Edge: Making the web better through more open source collaboration". Windows Experience Blog. 6 December 2018. Retrieved 14 December 2018.
  19. Keizer, Gregg (8 December 2018). "With move to rebuild Edge atop Google's Chromium, Microsoft raises white flag in browser war". Computerworld. Retrieved 14 December 2018.
  20. "Add or remove extensions in Microsoft Edge". Microsoft. Retrieved 8 June 2020.
  21. "The Future of Developing Firefox Add-ons". Mozilla Add-ons Blog. 21 August 2015. Retrieved 15 December 2018.
  22. "Upcoming Changes in Compatibility Features". Mozilla Add-ons Blog. 10 August 2017. Retrieved 15 December 2018.
  23. "How to enable legacy extensions in Firefox 57 - gHacks Tech News". www.ghacks.net. 12 August 2017. Retrieved 14 December 2018.
  24. "Porting a Google Chrome extension". Mozilla. Retrieved 30 December 2018.
  25. "Safari 14 Release Notes". 2020. Archived from the original on 23 March 2022. Retrieved 4 April 2022.
  26. Ortolani, Parker (21 September 2021). "Here are the best new Safari extensions to download for iOS 15 and iPadOS 15 (Updated)". 9to5Mac. Retrieved 5 April 2022.
  27. "WebExtensions Community Group". w3.org. Retrieved 24 March 2024.
  28. Barnett, Daly (9 December 2021). "Chrome Users Beware: Manifest V3 is Deceitful and Threatening". Electronic Frontier Foundation . Retrieved 22 November 2023.
  29. Amadeo, Ron (1 December 2023). "Chrome's next weapon in the War on Ad Blockers: Slower extension updates". Ars Technica. Retrieved 2 December 2023.
  30. "Inside the 'arms race' between YouTube and ad blockers". Engadget. 1 December 2023. Retrieved 2 December 2023.
  31. Stuwe, Cuyler (29 December 2021). "Re: Do not outlaw dynamic code". GitHub . Nobody outside of Google really has any meaningful sway, since Chrome currently owns nearly all of the market share; Google sets the rules, other people nitpick minor details, and everyone pretends that everyone had a meaningful say.
  32. "Re: Do not outlaw dynamic code". GitHub . 2 January 2022. Google has shown no interest whatsoever in deviating from their original plans. So, it's quite clear what's happening here. MV3 is a business decision, not an engineering decision.
  33. "Re: Manifest v3 background scripts should not be killed when there are active listeners". GitHub . 7 January 2024.
  34. "Protect User Privacy". Google Chrome Docs. 18 March 2018. Retrieved 15 December 2018.
  35. "Add-on Policies". MDN Web Docs. Retrieved 15 December 2018.
  36. "Security firm ICEBRG uncovers 4 malicious Chrome extensions - gHacks Tech News". www.ghacks.net. 16 January 2018. Retrieved 15 December 2018.
  37. "Google's bad track record of malicious Chrome extensions continues - gHacks Tech News". www.ghacks.net. 11 May 2018. Retrieved 15 December 2018.
  38. "Chrome Extension Devs Use Sneaky Landing Pages after Google Bans Inline Installs". BleepingComputer. Retrieved 15 December 2018.
  39. "Google Chrome extensions with 500,000 downloads found to be malicious". Ars Technica. 17 January 2018. Retrieved 30 December 2018.
  40. "PUP Criteria". Malwarebytes. Retrieved 13 February 2015.
  41. "Adware vendors buy Chrome Extensions to send ad- and malware-filled updates". Ars Technica. 17 January 2014. Retrieved 20 January 2014.
  42. Bruce Schneier (21 January 2014). "Adware Vendors Buy and Abuse Chrome Extensions".
  43. Winkler, Rolfe (19 January 2014). "Google Removes Two Chrome Extensions Amid Ad Uproar". blogs.wsj.com. Wall Street Journal. Retrieved 17 March 2014.
  44. "Ad Injection at Scale: Assessing Deceptive Advertisement Modifications" (PDF). Archived from the original (PDF) on 5 June 2015.
  45. "Superfish injects ads into 5 percent of all Google page views". PC World . IDG.
  46. "Superfish injects ads in one in 25 Google page views". CIO. IDG. Archived from the original on 11 December 2019. Retrieved 16 June 2015.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.