Project

General

Profile

Actions

Installation instructions (browser extension Mozilla) » History » Revision 17

« Previous | Revision 17/20 (diff) | Next »
koszko, 03/12/2022 09:58 AM
encourage PGP and Signify signature verification


Installation instructions (Mozilla)

Browser compatibility

Haketilo is currently compatible with browsers based on Mozilla Firefox 60 and upwards.

Although this makes little difference to Haketilo, please consider using a Firefox derivative that isn't malware respects your freedom and privacy (i.e. does not snoop on you). Valid options are browsers in some of the "ethical" GNU/Linux distros like Parabola and Trisquel, the Tor Browser and LibreWolf.

Single-user install

Here we'll describe how to install Haketilo from a .xpi file served by our servers. Extensions in Firefox and its derivatives are often installed from the Mozilla Add-ons website (AMO) but this approach has serious privacy and freedom problems.

Right now we only provide an unsigned .xpi extension file. This means it hasn't been cryptographically signed by Mozilla (this is nohow related to the signatures we provide on the Releases page) and therefore some of Mozilla browsers and even derivatives will refuse to install it. While we're going to provide a signed version of the extension soon, you are strongly encouraged to use a Firefox derivative that allows you to manage your software and install unsigned add-ons as well.

Note: even if your browser refuses to install unsigned extensions, you can still 1) try it out by installing it as a "temporary" add-on on about:debugging page or 2) try installing it globally

Steps

Note: depending on the versions of your web browser and Haketilo some UI elements and text messages might be slightly different on your machine than on the screenshots below

First, download the extension's .xpi file from the Releases. You can also download the PGP and Signify cryptographic signatures made by us to verify the file hasn't been tampered with. The verification procedure is described here. After downloading, go to the about:addons URL. In the extensions management page that shows up, click on the gear icon and select "Install Add-on From File...".

extensions page

Now, navigate to the downloaded .xpi file and select it.

navigating to the extension file

Note: if, at this point, your browser shows you an error message about extension file being invalid but you're sure the browser supports installation of unsigned extensions, go to the about:config URL, confirm the warning prompt that appears, search for the xpinstall.signatures.required preference and double-click it to toggle its value to "false"

You should be presented with a dialog asking whether to add Haketilo to your browser. Once you click "Add", the add-on will install.

adding Haketilo

The browser might ask whether you want to allow Haketilo to run in private windows. If you installed Haketilo for its script-blocking capabilities, you most likely also want to utilize them in Private Browsing mode and you can check this option. However, there might be some issues involved and it's recommended that you read the related note.

Haketilo installed, allowing extension to run in private windows

Global install (GNU/Linux distributions)

Most Firefox-based browsers from GNU/Linux distros' package managers (including firefox-esr from Debian and abrowser from Trisquel) are configured to automatically pick up extensions placed under

/usr/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

where {ec8030f7-c20a-464f-9b0e-13a3a9e97384} is the ID of Mozilla Firefox. This is what enables commands like apt install webext-ublock-origin to work on distros (in this case, Debian and Trisquel).

Here, we'll leverage this to install Haketilo system-wide and have it appear in the browser of every user account.

Note: you need access to root account via sudo command for the instructions below to work

Note: it is assumed you have wget and unzip commands installed

Steps

Note: depending on the versions of your web browser and Haketilo some UI elements and text messages might be slightly different on your machine than on the screenshots below

Run the following in your POSIX shell to download the .xpi file and its PGP and Signify signatures made by us:

HAKETILO_VER="1.0b1" # replace with the version you want to have installed
HAKETILO_URL="https://hydrilla.koszko.org/downloads/haketilo-$HAKETILO_VER.xpi"
HAKETILO_DIR="/tmp/haketilo-${HAKETILO_VER}_release_files"
rm -rf $HAKETILO_DIR && mkdir -p $HAKETILO_DIR && cd $HAKETILO_DIR
wget "$HAKETILO_URL" "$HAKETILO_URL.sig" "$HAKETILO_URL.asc"

The files have been placed in a new directory under /tmp. You are now encouraged to verify our signatures as described here. Once done, run the snippet below in the same shell and type your user password when prompted:

FIREFOX_ID="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}"
HAKETILO_ID="{6fe13369-88e9-440f-b837-5012fb3bedec}"
# You may need to use a different path for other browsers and distros.
EXT_PATH="/usr/share/mozilla/extensions/$FIREFOX_ID/$HAKETILO_ID/"

install_haketilo() {
    sudo rm -rf "$EXT_PATH" && sudo mkdir -p "$EXT_PATH" && cd "$EXT_PATH"
    sudo unzip $HAKETILO_DIR/haketilo-$HAKETILO_VER.xpi
    rm -rf $HAKETILO_DIR
}

install_haketilo

Once you have performed the installation, you might (or might not) want to give Haketilo access to private browser windows. You can do it from the about:addons page. There might be some issues involved, so it's recommended that you read the related note.

Haketio manage

Haketio allow in private tabs

Post-installation notes

Using Haketilo in private windows

Note: after this section was written bug #115 was discovered which makes some of the workarounds described here ineffective; work is ongoing to fix the bug inside Haketilo

If you're using the Private Browsing mode, you probably care about security and privacy. Those are basically unachievable with JavaScript globally allowed in the browser. Because of that, you likely want to give Haketilo permission to run in private windows as well.

Note: it is a perfectly valid approach to aim for a purely script-less experience in private browsing windows and use an add-on like NoScript or uBlock Origin there instead of Haketilo

Haketilo 1.0 uses IndexedDB in-browser database to store all its settings and data. Unfortunately, the ability to use IndexedDB in Private Browsing mode is disabled by default in many Mozilla-based browsers. This causes Haketilo's settings page to be inoperable even when Haketilo itself is allowed to run in private windows.

The following solutions exist.

1. Don't use Private Browsing mode

This is probably not what you are interested in, so let's move ahead.

2. Enable IndexedDB access in private windows

The relevant setting is controlled by "dom.indexedDB.privateBrowsing.enabled" preference. You need to navigate to about:config URL, click through the warning that appears, find the preference and set it to "true".

toggling the "dom.indexedDB.privateBrowsing.enabled" preference

Warning

This will also give pages browsed in Private Browsing mode the ability to use IndexedDB. In practice, pages that are going have their scripts blocked will not be able to access the IndexedDB database anyway. This means you have to carefully consider what remote JavaScript (if any) you're going to allow to execute. Only you can decide whether it is the right choice to toggle this preference.

3. Access Haketilo's settings page from non-private windows

Other parts of Haketilo work properly regardless of IndexedDB settings for private windows. If you open Haketilo's settings page in a non-private window, configuration you make there will affect script blocking and injection in both private and non-private windows.

Gratulations

That's it. You can now play a bit with the extension and learn how it works. Also, make sure you realize its limitations.

Updated by koszko over 1 year ago · 17 revisions

Also available in: PDF HTML TXT