The War on Browser Extensions

Jason Snell, over at Six Colors, asks “Safari 14 added WebExtensions support. So where are the extensions?” To which the answer appears to be ‘road-blocked’. Or, as Dan Moren puts it:

Apple’s approaching this in an unsurprisingly Apple-like fashion. If you want to distribute a web extension, it’s got to be wrapped in a native Mac application designed in Xcode. Installing the app from the app store will also install the web extension.

That is one big road-block! While I can sorta-kinda see Apple’s rationale for this — they can vet browser extensions using the review systems they already have in place — it falls apart when you consider a) the cost of becoming an Apple developer, particularly if you don’t already own a Mac, and b) the App Store’s spotty record on both developer relations and weeding out malicious apps.

On the other hand, at least the pros and cons of Apple’s App Store are known, and they are somewhat responsive to criticism. And when it comes to letting dodgy apps slip through the nets, Apple’s failings pale in comparison to those of Google.

And, while Google Chrome may be the market leader, its relationship with browser extension developers is contingent, it seems, on how big a threat said extension poses to Google’s advertising business.

Of the other browsers, the vast majority are based on Chromium and most use the Chrome Web Store to install extensions. The one exception is Mozilla Firefox, which I’m currently using as my default browser on the Mac. (I also use the iOS version of Firefox, but that runs on the Safari browser engine.) But given Mozilla’s tiny market share plus their reliance on Google for most of their funding, I’m not confident of their ability to withstand pushes to restrict browser extensions in the name of security, or their long-term survival for that matter. 🙁

Browser extensions have always been a double-edged sword, from the very beginnings. They have traditionally been able to manipulate the browser in all kinds of ways, but that power can (and has) been abused, as well as causing performance and stability issues.

Perhaps, rather than trying to fight for a seat inside the browser, developers should focus their energy on placing their apps where they can do the most good. For simple tasks, or temporary fixes, smaller extensions or even bookmarklets would be more appropriate, while for control at the network level, utility apps operating outside the browser could intercept traffic and scrub data as required. And if the operating system makers won’t allow that, then it’s time to move to the local network itself, either as hardware appliances or replacement routers.