simpleoptout icon indicating copy to clipboard operation
simpleoptout copied to clipboard
verified publisher icon troy

Browser extension

Open Johennes opened this issue 5 years ago • 4 comments

It'd be nice if the data in this repo would be available through a browser extension so that when I'm using a specific site, the extension would let me know that / how I can easily opt out of sharing on that site.

I suppose the data would have to be stored in a different format for this to be possible.

Curious what you think of this idea in general.

Johennes avatar Oct 03 '20 08:10 Johennes

I think that's a great idea and one I'd been thinking about as well. I think the data format changes are doable, but I'm left with 3 open items. I'd welcome any opinions:

  1. Should the extension use local data or a remote API? The problem with a remote API (even assuming it's completely anonymized, which it would be) is that it would still reveal the domain name of the site you're browsing. I assume that this would be a dealbreaker for a lot of the target audience. On the other hand, shipping with entirely local data packaged into the extension would mean that the data would only be as current as the extension is (or would need a separate way to update its data file). That seems tolerable, so I lean towards local data.
  2. How would it surface the site's status in a way that is helpful yet not obnoxious? Simple Opt Out doesn't track a "Good" state (no opt-out needed), both because it would be a lot of effort and because I'm mostly interested in the most egregious practices (and not opting out of an email list or arbitration or something). Given that, the extension would present 2 states for a given domain: there's something you should do for this site (probably a text date or a color to indicate how recently Simple Opt Out's information about the site changed), and nothing.
  3. Which browser(s) should be supported? It seems like people who care about data privacy would be more likely to use Firefox, yet Chrome's market share is massive and includes less-savvy people who might benefit the most from better awareness of data sharing practices. To me, supporting both seems like the only reasonable choice.

Feedback and opinions are welcome!

troy avatar Oct 03 '20 12:10 troy

Re 1: That's a good point. I hadn't foreseen that an API would expose the URLs a user visits. A middle ground could maybe be to ship the extension with a local file and let it re-fetch that file periodically (e.g. from this repository). I suppose that must be how e.g. ad-blocking extensions work.

Re 2: Maybe the extension could use a page action. Those can be shown and hidden dynamically and also support popups. You could signal the state via the page action icon and then present more details / offer actions in the popup. When a site isn't tracked in Simple Opt Out, the page action would simply be hidden.

Re 3: I'm a Firefox user, too, and I faced the same question with some of my own extensions. Mozilla has a pretty helpful page about cross-browser extensions. I've only went through this for one single extension so far but it did feel surprisingly simple. I think the only real drawback is that you'll have to test any changes twice to make sure they work in both browsers.

Johennes avatar Oct 03 '20 13:10 Johennes

@Johennes Thank you! Your comments make sense to me.

A page action sounds reasonable. One possible challenge is that the page action would be related to all pages on the domain name (not just to a single URL). I think the best case would be for the extension to show a popup for the first visit to that domain name, then let the user hide all subsequent popups for that domain (or not), so the extension icon lights up but no popup is shown. For that to work, the browser would need to support a "Hide this page action forever" choice on a popup. I don't see that option in other screenshots of Firefox's page action popups, so it may not be possible. In that case, I think the extension would need to not use popups at all (and only light up the icon).

Chrome's docs actually say this:

Don't use page actions for features that make sense for most pages. Use browser actions instead.

.. but I'm not sure a browser action is actually as good a fit. One advantage of a browser action is that it would be easier for a brand new extension user to know that they have the extension installed and working, since they'd see the icon immediately regardless of the page they were on. An inexperienced user (one who would benefit a lot from this extension) might think it's not doing anything.

Anyway, great ideas :-)

I last made a browser extension 3-4 years ago (a simple Chrome new tab page) and wasn't aware of cross-browser extensions. I'll explore the link you gave and see where I end up.

If you would like to collaborate with me on an extension (in GitHub and/or email), please let me know.

troy avatar Oct 04 '20 14:10 troy

A page action sounds reasonable. One possible challenge is that the page action would be related to all pages on the domain name (not just to a single URL). I think the best case would be for the extension to show a popup for the first visit to that domain name, then let the user hide all subsequent popups for that domain (or not), so the extension icon lights up but no popup is shown. For that to work, the browser would need to support a "Hide this page action forever" choice on a popup. I don't see that option in other screenshots of Firefox's page action popups, so it may not be possible. In that case, I think the extension would need to not use popups at all (and only light up the icon).

I believe a page action's pop-up can only be shown programmatically upon user interaction with anything defined by the extension (like the page action itself or a context menu item defined by the extension). There is some explanation for this here. I think with either a page action or a browser action, you'd have to encode the state as part of the icon itself since you'll only be able to show details if the user clicks in.

.. but I'm not sure a browser action is actually as good a fit. One advantage of a browser action is that it would be easier for a brand new extension user to know that they have the extension installed and working, since they'd see the icon immediately regardless of the page they were on. An inexperienced user (one who would benefit a lot from this extension) might think it's not doing anything.

That's a very good point indeed. One quick thought: It is possible to open a packaged webpage after extension installation / update so you could try to explain how the extension works and what the user should expect there.

If you would like to collaborate with me on an extension (in GitHub and/or email), please let me know.

I wouldn't mind helping out where it's needed. :)

Johennes avatar Oct 04 '20 15:10 Johennes