Enforcing HTTPS connections on websites

TL;DR: I created a new extension called Enforce Encryption. See extension description for a simple explanation of how it works and why using encrypted connections is important.


I realized that Stack Overflow is one of the few websites that I use with authentication and yet over plain unencrypted HTTP connections. So, what if I just change http:// into https:// in the address bar? Surprisingly, this worked, even though Stack Overflow doesn’t support HTTPS officially (way too many links lead back to HTTP).

Crazy hacks: Changing Wine key mappings on Mac OS X

One of the biggest quirks of using a Mac is its keyboard — in addition to the usual Control (⌃) and Alt a.k.a. Option (⌥) keys you also have the Command (⌘) key. Unlike on Windows or Linux, the Control key is rarely used at all, the only really important shortcut key being Control-Tab. Instead, most shortcut keys use Command as modifier. So as a Mac user you quickly learn to press Command for pretty much any key combination.

This works well as long as you stick to native OS X applications. As soon as you run Windows applications via Wine however you get into trouble: in order to map Mac keys to Windows keys Wine associates the Control key with Control. Consequently, in Wine you have to for example press Control-C to copy text instead of Command-C. You also have to remember that all other shortcut keys use Control instead of Command which is very annoying.

Solution to a problem nobody has: Changing Total Commander application icon

Maybe you are like me and tend to drag along your favorite Windows applications even though you switched away to a different operating system a while ago. Well, maybe not… Still, I couldn’t find any file manager for Linux or OS X that would work as well as Total Commander. So I keep running it via Wine and it works surprisingly well.

Having the standard application icon display on OS X is somewhat awkward however: with 32×32 pixels it is simply too small, one would need a significantly larger icon for it to fit nicely into the OS X user interface. Wine doesn’t allow configuring the icon however, the source code shows that it will read the icon from the application resource unconditionally. Well, not really a problem — changing resources in Windows applications is fairly easy.

New blog

For a while, I have been occasionally misusing the Adblock Plus project blog for articles that had no relation to Adblock Plus whatsoever. I posted various articles on security, Mozilla and XULRunner there, general extension development advise, occasionally some private stuff. With the project growing and more people joining I am no longer the only person posting to the Adblock Plus blog, treating it as my private blog isn’t appropriate. So a while ago I decided to set up a separate private blog for myself and now I finally found the time to implement this. My off-topic blog posts have been migrated to the new location. Now you can read my blog if you are interested in the random stuff I post there, or you can keep reading the Adblock Plus blog if all you are interested in is Adblock Plus.

Modularization in a restartless extension

A simple restartless extension can probably keep all its code in the bootstrap.js file. However, it gets crowded there very soon. Plus there is some code that is really only boilerplate and should probably kept separate from your actual code.

This sounds like a job for JavaScript code modules. It is mostly a matter of taste (I prefer CommonJS module syntax) but there is one really big disadvantage of JavaScript code modules: they have to be unloaded explicitly when your extension is shut down. Which means that you either have to keep a list of modules to unload in your bootstrap.js file or add cleanup code each time you load a module. I find neither approach very compelling.

Why you should make your next add-on restartless

Note: This article is not about extensions based on the Add-on SDK (Jetpack). You don’t have to use the SDK to create a restartless extension. Just wanted to point this out explicitly to avoid confusion.

An extension that will install without requiring a Firefox restart? This was a nightmare to develop not too long ago. Fortunately, things changed and the last showstopper bug was fixed in Firefox 8. Effort to create a restartless (or bootstrapped as it is called officially) extension is acceptable now. In fact, I have converted all my extensions and removed support for classic non-restartless extensions from my build tools — I am certain that I am not going back.

Preventing background tabs from wasting your computer’s resources

Taras recently blogged on how websites manage to ruin Firefox performance by continuing to do something even though their tab is no longer active — they keep updating the view that you cannot see. He wondered whether it would be possible to suspend these tabs from an extension. I looked into this and there is a way to suspend all timeouts for a tab — something that an extension could use. Getting the details right wasn’t quite trivial but I think that my extension gets it right now: Suspend background tabs. Enjoy!

This doesn’t completely disable all activity in the background tabs of course. Network requests will continue, videos will also keep playing. So I might implement some improvements in future. However, please have understanding that this is a very low priority side-project for me. So it’s best if you bring your code. The current code is here.

Random thoughts on democracy and Russian presidential election

As some of you might know, Russia sort of elected a new old president a week ago. After taking a 4 years break as prime minister Putin now becomes Russian president for the third time. I’ve been following the Russian-language reactions to the election which I find quite interesting. While I like most readers of this blog have the luxury of living in a democracy, sometimes I need a reminder about what actually constitutes a democracy. Hint: elections in regular intervals are not sufficient.

When discussing whether an election was fair and democratic most people tend to focus on vote counting. This election shows however that distortions of election results start much earlier than that, e.g. when the candidates are registered — two candidates were excluded for bureaucratic reasons. Even more importantly, the equal opportunity rule was severely violated here. There is little to none independent press or television in Russia, so the news were as usually following Putin closely and uncritically. The opposition candidates on the other hand got far less attention and were presented in an unfavorable light.