An unofficial blog that watches Google's attempts to move your operating system online since 2005. Not affiliated with Google.

Send your tips to gostips@gmail.com.

July 19, 2012

Chrome Extensions Not in the Chrome Web Store, More Difficult to Install

Chrome 21, currently in beta, brings bad news to those who install extensions from third-party sites. Users will no longer be able to install extensions, apps and user scripts by simply downloading them and clicking "install" in a Chrome box.

Chrome 21 shows a message that's actually inaccurate: "Extensions, apps and user scripts can only be instlled from the Chrome Web Store." When you click the "learn more" link, you'll found there's actually a way to install .crx files: just download them, open their folder and drag them to Chrome's extensions page (Tools > Extensions).


"Previously, any website could prompt you to add an extension into your browser. In the latest version of Google Chrome, you must explicitly tell Chrome that you want to install these extensions by adding them through the Extensions page," explains Google. The reason for this change is that Google can only find and remove malicious extensions in the Chrome Web Store. "Online hackers may create websites that automatically trigger the installation of malicious extensions. Their extensions are often designed to secretly track the information you enter on the web, which the hackers can then reuse for other ill-intended purposes."

Most likely, this change won't affect too many users and it will encourage developers to submit their extensions to the Chrome Web Store. Power users will complain that it's more difficult to install user scripts from sites like userscripts.org and extensions from sites like chromeextensions.org. Maybe Google could add an option in the settings page that lets you disable this security feature.

Update: There's a command-line flag that disables this feature: --enable-easy-off-store-extension-install. Use the instructions from this page to add the flag. Please note that the feature is available starting with Chrome 21 (right now it's in the beta channel, but it will be in the stable channel next month).

{ Thanks, Sterling and Ruben. }

14 comments:

  1. Trick for install the extensions: http://tecno-net.blogspot.com/2012/06/instalar-extensiones-en-chrome-que-no.html

    ReplyDelete
  2. Thanks for the tip, Alax and Rubén! The one extension I was trying to install didn't have a folder, or whatever, and I couldn't install it.

    This flag helped!

    ReplyDelete
  3. Sorry, I meant Alex.

    ReplyDelete
  4. i didn't actually like the new chrome.. i can't use it unless i sign in.. :/

    ReplyDelete
  5. i had blogged for this recently

    https://www.facebook.com/webclassy

    www.webclassy.com

    ReplyDelete
  6. Lockpicking isn't a skill a fake can easily learn by introducing skill factors. They really have to go via a mission for obtain that ability. In the early days a great deal of rogues have no idea they must take the mission for achieve the talent. In fact, many of them do not be aware of that they can understand lockpicking.
      Questing the particular lockpicking skill is not easy in any respect. Rogues can easily open up trainer packing containers until finally a certain level and http://www.mmohome.com/gold/Guild-Wars-2-US.html then they must maintain locating higher level packing containers to train their particular skill even more. Higher level boxes are generally unusual and hard to locate. You will find guides that will explain to your rogues where to search to coach his or her ability about based entrance doors.

    ReplyDelete
  7. What's the point of supporting user scripts (.user.js files) if you can't install them from ad hoc sites?

    ReplyDelete
    Replies
    1. I totally agree, this 'security' excuse is just a cynical excuse for Google to control more content. I think users should have a choice and make their own judgement if a site is legitimate or not. Considering Google has traditionally had a very open attitude to information sharing, this is very disappointing. This is the only reason I still use Firefox instead of Chrome, I love Chrome but this is a deal breaker for me.

      Delete
    2. I totally agree, but this is not supporting user scripts, it's supporting Google app uploads. I love Chrome but I think this is a cynical attempt by Google to force users into their ecosystem. This is the only reason I still use Mozilla, although Chrome is clearly the better browser. Mozilla still has a more open attitude to user autonomy that seems to be increasingly lacking on the part of Google. If Google continues going down this path we will see the web turn into a giant piece of vendor locked Google software (something we are already starting to see). Most of Google's tools are great, but we need to give the user the freedom to make mistakes. If Google really cared about security they would provide a way for developers to not allow user scripts to run on their sites at all, as is intended for Firefox 4: http://www.heise.de/security/artikel/Abhilfe-gegen-Cross-Site-Scripting-und-Clickjacking-1214277.html

      Delete
  8. Nice ,It good version of Google chrome.

    ReplyDelete
  9. The Chrome Web Store opens up a range of new possibilities for creators of web apps and extensions alike. It provides a new way for users to explore web apps and brings extension functionality to the attention of a mainstream audience. Appreciating the difference between apps and extensions, and choosing the approach that makes sense for your own work, is key to building the best possible experience for your users.

    ReplyDelete
  10. It is possible to install the extension in Chrome 21+, it just involves a few more steps, as detailed at http://support.google.com/chrome_webstore/bin/answer.py?answer=2664769:
    1) Save the extension installer file to your machine
    2) Open the extensions page in Chrome by clicking the wrench icon and selecting Tools -> Extensions (or by opening a new tab and typing "chrome://extensions" as the URL)
    3) Drag the Bonfire installer into the extensions page to install.
    As Bonfire currently relies on a JIRA plugin of the same version, it's hard to publish to the Chrome Web Store without causing a lot of API compatibility issues on every update.
    Once the JIRA plugin API has stabilised, we can look at adding Bonfire to the web store.

    ReplyDelete
  11. I like this version too.Always try latest versions of Google chrome.

    ReplyDelete
  12. I think chrome should allow us to use third party extension and theme from sites like http://www.addonchrome.com etc...

    ReplyDelete

Note: Only a member of this blog may post a comment.