Simon Willison’s Weblog

Seems like using extensions to fix sites is more trouble than it's worth, to me. It's irritating enough that extensions break across agent versions, never mind content versions....

J. King - 20th July 2004 07:48 - #

I think that the best way to handle this might not be specific extensions for each broken site. Instead, have one extension, and an online database of JS files, one per broken site. The extension watches which site you're on, and, if you're on a broken site, adds a <script src="http://example.com/MozillaFixJSDatabase/[name -of-this-site].js"></script> tag to the page, which fixes it. That way, people don't need to build extensions for each dud site, and nor do users need to download an extension for each broken site.

I don't know how you stop people uploading a script which "fixes" site1.com into forwarding all visitors to site1competitor.com, mind, but then I don't see how you stop people writing an extension which does the same thing.

It wouldn't be too difficult to set up, and I suspect that the problem above could be alleviated by some decent human review of fix scripts before they went into the database.

Of course, this idea (and indeed the whole idea of extensions to fix broken sites) is at odds with the Mozilla Project's general (but not clearly stated?) position of wanting to evangelise for standards.

sil - 20th July 2004 11:50 - #

Is it ethical? From a business perspective surely it is better appreciated than clicking close tab and moving on to a competitor's website

Marc - 20th July 2004 12:28 - #

I disagree with your assertation that these workarounds and their use should send a powerful message to the sites in question. lets face it these workarounds are likely to be a bit ubergeek for the average person don't you think? And if people workaround the site rather than contacting them and explaining why their site is unusable for them then they'll never hear about their problems! There won't be a message for them to hear.

Ben Meadowcroft - 20th July 2004 13:07 - #

Ben,
Personally, I agree with you, as does the Mozilla Project: if we workaround the problem then the world never gets any better. On the other hand, there's a law of diminishing returns here: how much effect is evangelising standards actually having on these sites and all the other IE/Win-only JavaScript-based sites out there? The Project have taken a pretty firm stance on the side of evangelism; Adrian's elegant hack takes up a position for workarounds. Where one falls in the debate dictates what one does, I suspect.

sil - 20th July 2004 13:33 - #

While I think this is very cool technology, I think it's mis-directed, as I commented over on Adrian's site. Why?

1. Few people will know about/use such extensions, especially if they are browser specific. Even if, however unlikely, the extensions were for IE.
2. If such a problem exists, the site should know about it and fix it. I think Jeffrey Veen's idea of "working around the damage" (paraphrased) is more a social phenomenon than a technical issue.
3. As a site publisher, I'm aware that publishing on the web turns some of the control over to the reader, but business reasons (and, occasionally, aesthetic reasons) require that I retain some control without getting into a war with my customers over display.

John Roberts - 20th July 2004 14:26 - #

sil and Ben: I disagree. While simply using these extensions does nothing to encourage sites to fix their crappy code, sharing and promoting them does. Imagine if the "stop Odeon.co.uk from sucking" extension turned up in the top ten results on Google for "Odeon" - you can bet the CEO would start asking questions when he noticed. If these things were built in to the browser when you first installed it they would be a disaster - you'd essentially be sending the message that creating sucky sites is fine. By making them available them as extensions which a user chooses to install you're making it abundantly clear that the site is broken (more so than just filing a bug in Bugzilla somewhere) but still allowing people to use them.

Have you tried the AllMusic plugin? It doesn't just fix the site, it actually improves it.

I'm extremely skeptical of solutions that include loading code from another site hosted on the web, because they're a breeding ground for cross-site scripting attacks. Distribute an extension for X bank which gets around their dodgy browser detection, then rewrite the script a few days later to steal people's passwords. For extensions to be safe, they need to be local.

Simon Willison - 20th July 2004 15:30 - #

Simon,
Darn. I hadn't thought of the cross-site-scripting issue. The flaw with local extensions is that, when you visit broken site X, you won't *know* that there's an extension for it, so you won't get the benefit of said extension. Moreover, extensions, being chrome rather than in-page JS, are more privileged, which is a whole different can of unsecure worms.

I am also, I have to say, not sure that the CEO would ask questions. It's not as if there are decent web developers out there who are completely unaware of other browsers -- or, if there are, then they're not decent web developers. Making sites and not even bothering to test them on, say, a Mac has to be some kind of policy decision these days to not bother with it rather than ignorance, surely? Or am I hopelessly naive?

sil - 20th July 2004 17:29 - #

I'm a data point that you're not naive.

Our ecommerce site requires JS to place an order and looks wonky in less common browsers.

Management made a policy decision that fixing this is not cost effective.

I think it's just a different form of ignorance.

Jeremy Dunck - 20th July 2004 20:05 - #

The flaw with local extensions is that, when you visit broken site X, you won't *know* that there's an extension for it

Well of course, one could have an extension that checked a remote list for the existence of an extension desgned to improve a particular URL.

jgraham - 20th July 2004 22:42 - #

Imagine if the "stop Odeon.co.uk from sucking" extension turned up in the top ten results on Google for "Odeon" - you can bet the CEO would start asking questions when he noticed.

Yes. And the first question the CEO would ask his staff would be "Whats the number of our lawyer?". Then they would sue the developer of the extension and try to take his site down. And there's a good chance that they would suceed.

This is not (only) about Odeon. Companies like that have already employed illogical thinking and ignorance in the first place when creating their sites. How likely do you think is it that they will change when they encounter a site in the Google Top10 that says (for the CEO) "Your company sucks!"?

Gerrit - 21st July 2004 05:12 - #

A pity all sites don't carry CSS Signatures. That way we could restyle them at will. Even so, a browser like Opera can already do a lot to radically change a page. Designers need to realise that their precious pixel-precise layout can easily be altered. (Colours removed, images removed, Flash removed, font size changed, etc). The web has always been a dynamic thing, not a piece of paper or a block of stone.

Chris Hester - 21st July 2004 11:57 - #

Adrian has some thoughts on the legality of per-site extensions. He thinks the idea of legal challenges to them is ridiculous: I'm inclined to agree. The legal reason given for opposition to the accessible Odeon site was that it was confused by visitors with the real thing. Since an extension has to be deliberately installed, I don't see this as the same kind of issue. I guess a hefty whack of "this extension is not officially endorsed by site X and if you think it is you're clearly idiot" might be required though.

Simon Willison - 21st July 2004 15:51 - #

As much as I support the recent growth in non-IE browsers, and while I am a Foxfire user, do have to admit that this presents some troubling problems for "ameature" website designers like me. At my open source music weblog, I can't get the header centered in Foxfire! I'm also having problems with text and table colors. It was designed in Dreamweaver. I guess I'll have to do some research, but this is an un-needed frustration.

Another Dreamer - 22nd July 2004 23:00 - #

Dreamer (I looked for your name on your site, but didn't find it; you should add it to your About Me page),

I took a bit of time to fix your home page; the problem wasn't really Firefox. Each browser handles non-standard markup differently, and I assure you that there are non-standard pages which display great in Firefox but fail in IE. It goes both ways.

The <body> and <div id="container"> parts weren't where you probably intended them to be.

I've hosted your unchanged home page, and the corrected home page. You can compare the two to see exactly what I changed.

There are additional issues with the page, but at least now it displays better. For more predictable display of your pages, you may wish to make them valid according to web standards.

If you're interested in improving your home page, you should take a look at the Web Developer extension for Firefox, specifically the Validation menu.

If you're interested in improving your web development skills, you should check out webdesign-l and css-discuss.

Jeremy Dunck - 23rd July 2004 17:31 - #

Jeremy...what an absolutely thoughtful and kind gesture you've made! I can't believe you took the time to do that! You're right about using my real name...while part of me wants to remain anonymous to avoid embarrassing Google searches from employers and such, I'm finding that it isn't really possible. I need to just stand tall and put it out there. Anyway, you're also right that I need to improve my Dev skills...perhaps someday I'll find some time. Thank you again for you kindness and now I'll get busy fixing my site:)

Chad Manney (Dreamer) - 23rd July 2004 17:56 - #

I for one thing this is a rad idea :)

And I totally understand the legal questions - it was the first thing that popped into my head when I read the blog post - but after some thought, I don't think it has a leg to stand on. It might get brought up in court, but I don't think that it will win in the end.

Note that there are already such things as User Stylesheets, and before that there has been "change font color" for as old as time. In addition, users are freely allowed to download HTML, CSS, and Javascript source. This has been true on the web since forever. In short, Your Honor, there's no precedence for a company thinking that they own the physical manefestation of the content on their website. They only own the content itself. I rest my case.

Anyway -- I think this would be an absolutely delicious side project.

Ideas:

• You could build a plugin for IE and a firefox (not sure about other browsers) that looks up available extensions when a site first loads in a browser. It could then present the user with toast or an icon that says some extensions are available. The plugins would be installed - hence trusted - so no x-site-scripting issues.
• You could have some extension author configurability over which sites get your extension. All sub domains under a certain root? All under a certain IP range? you wouldn't want to let people go crazy ... maybe you let the users decide which extensions are appropriate for which sites ("use xyz extension... request this extension be associated with such and such domain....").
• You could register popularity.
• You could make available a library of javascript (and server-side scraping/posting) helper code which makes it easier to develop said extensions.

On top of the usefulness, I think this raises important legal and philisophical issues about the web which *should be raised*. The sooner, the better.

Maybe if a few people are interested, we could hack something together...

Aaron - 27th July 2004 03:50 - #

In response to Chris Hester, the Mozilla/Firefox extension URIid will add CSS signatures (either as a body id or class). This will allow you to restyle pages at your will.

In terms of this extension, and making it more applicable to other sites, something similar to the MyOwnCSS extension, but for moderated Javascript/CSS fixes, would be lovely. For extensions to be safe, they need to be trusted, and I think a moderated site would quell fears of cross site scripting attacks, while keeping the system flexible and collaborative.

Mark James - 27th July 2004 13:17 - #

Oh wow, yeah MyOwnCSS is precisely what I was thinking :)

Aaron - 28th July 2004 05:44 - #

A vulnerability has been reported in Mozilla and Mozilla Firefox, allowing malicious websites to spoof the user interface.

The problem is that Mozilla and Mozilla Firefox don't restrict websites from including arbitrary, remote XUL (XML User Interface Language) files. This can be exploited to "hijack" most of the user interface (including tool bars, SSL certificate dialogs, address bar and more), thereby controlling almost anything the user sees.

The Mozilla user interface is built using XUL files.

http://secunia.com/advisories/12188/

I'm not surprised a disproportionate number of bugs emerging as Mozilla's market share increases. However, I AM shocked to see that the critical flaw described above has not been fixed (even in the latest Firefox) despite being known by Mozilla for 5 years

I have written more on security issues and the Firefox browser in my Technical Journal

Chris Beach - 11th August 2004 23:11 - #

I'm not sure the issue regarding the ethics of changing how a site looks in one's browser is limited just to the use of style sheets and modifying how existing content looks.

Now before I begin, let me say that I realize that the current crop of extensions/fixes aim to improve a site's layout, increase accessibility/ease-of-use and generally don't change the content of a page.

However, there are issues to be discussed, and they are regarding just how much a site can be changed by a UI before it becomes something that the author never intended. For example, most user style sheets don't have any properties in their selectors that'll do a display: none; on anything; however, site-specific extensions may elect to do this when an element is deemed useless, for example, Flash navigation. (Don't get me wrong, I despise using Flash just for the "cool" effect.)

However, this can be taken too far, and I believe there are grounds for a site's author to object to this sort of modification on the user-end. Make no mistake: I do not wish in any way to equivocate these per-site fixes with anything malevolent, but the Microsoft Smart Tags fiasco is what happens when this is taken too far.

PS: Sorry for the extremely late comment.

Peter Chng - 19th August 2004 17:52 - #

I would like to clarify my comment somewhat and perhaps recant on it a bit. I'd like to make it clear that MS Smart Tags amounted to a forced change in how users would view websites, while obviously these per-site extensions are voluntary. Additionally, they don't create any sort of monetary incentive for the extension's authors, unlike what Smart Tags would do for MS.

The point I was trying to make, and this is somewhat of a Straw Man, was that if these site extensions were to become wide-spread, and if they radically changed how a site looked, would it be fair to the author, whose name is attached to the site, to be associated with something that never looked like they may have wanted it to look like?

PS: (again) My site doesn't work, I know :(

Peter Chng - 19th August 2004 18:04 - #

I don't know how one of my comments on another thread ("A vulnerability has been reported in Mozilla and Mozilla Firefox...") found it's way into this thread.. (I didn't put it here)

Anyway, site-specific extensions sound like a fair idea. Seems almost "rude" though. It's like going round to someone's house and insisting the furniture is rearranged and the walls are re-painted for the duration of your visit :-)

If users have special browsing requirements (ie high-contrast colour schemes etc) it would be great to have a browser extension that facilitated this, by analysing and adapting the html and the css of each site being visited. To me it seems rather hacky to manually create a separate stylesheet for each page, no?

I know some sites are badly designed but really this is a problem that the webmasters should be addressing with the help of the dev community. There seems no place for a campaign to "patch over" their design flaws in order to satisfy the privileged proportion of the browsing community who have access to these "patches"

Chris Beach - 19th August 2004 18:33 - #

You could create a bookmarklet like this:

cssLink = document.createElement('link');
cssLink.rel = 'stylesheet';
cssLink.href = 'http://example.com/fixThings.css?'+new Date();
document.getElementsByTagName('head')[0].appendChi ld(cssLink); 
void(0);

Throw in some Javascript magic to make it site-specific. Use GreaseMonkey to automatically run it on specific pages.

Matthias Bauer - 22nd January 2005 20:48 - #

Hi all expertise, i have a website subscribed which allow my friend can contact me via web interface to my MSN, Yahoo or AIM, however my friend told me yesterday he wasn't able to press the button because he set incorrect font size on Firefox, but on IE it is restricted to change its size by CCS. Can anyone teach me how to use CCS to restrict font size be changed. my site or contact is http://www.imunitive.net/dannychan.html thanks.

danny - 15th June 2005 14:54 - #