Better GReader Smart Subscribe

11 views
Skip to first unread message

Sylvain Comte

unread,
Aug 18, 2009, 6:12:56 AM8/18/09
to Better Webapps Firefox Extensions
Hi,

I see that better GReader is still using the good old 2006 version of
"smart subscribe" hosted by persistent.info.

You should take a look at the fork (and enhanced) version of the
script : smart google subscriber (http://userscripts.org/scripts/show/
33600).

best regards,

Sylvain

Gina Trapani

unread,
Aug 18, 2009, 3:16:27 PM8/18/09
to better-gmail-2-f...@googlegroups.com
On Tue, Aug 18, 2009 at 3:12 AM, Sylvain Comte<sylvai...@gmail.com> wrote:
> You should take a look at the fork (and enhanced) version of the
> script : smart google subscriber (http://userscripts.org/scripts/show/
> 33600).

Thanks Sylvain, I'll check it out.

--
http://ginatrapani.org
http://twitter.com/ginatrapani

Heribert Slama

unread,
Sep 25, 2009, 4:07:03 PM9/25/09
to Better Webapps Firefox Extensions
Here, this version spoils the security status of https-pages. E.g. the
login page for online banking is downgraded to "partially encrypted".
The icon for Smart Subscriber is injected as "data:image/
png;base64..." into the page; this counts as unencrypted data! I can't
test a newer version of this script since Sylvain's homepage is
unavailable, today. I switched to Parparita's version which doesn't
have this side-effect. (It uses the chrome: protocol to inject the
icon rather than the data: protocol).

On Aug 18, 9:16 pm, Gina Trapani <ginatrap...@gmail.com> wrote:

Gina Trapani

unread,
Sep 25, 2009, 5:14:25 PM9/25/09
to better-gmail-2-f...@googlegroups.com
On Fri, Sep 25, 2009 at 1:07 PM, Heribert Slama <hsl...@gmail.com> wrote:
> The icon for Smart Subscriber is injected as "data:image/
> png;base64..." into the page; this counts as unencrypted data! I can't
> test a newer version of this script since Sylvain's homepage is
> unavailable, today. I switched to Parparita's version which doesn't
> have this side-effect. (It uses the chrome: protocol to inject the
> icon rather than the data: protocol).

Parparita's version uses the chrome: protocol to inject the orange RSS
icon, ie this:

chrome://browser/skin/page-livemarks.png

But not the image when you're subscribed--I think it's a giant checkmark.

Parparita is able to use that chrome: protocol because that orange RSS
icon ships with Firefox and is already available in your browser. The
other's aren't.

In theory, I could start shipping separate images with the extension,
and use the chrome: call to stop breaking SSL, but I haven't tested
this so I'm not sure it will work in practice. It's worth checking
into, and I will. Thanks for bringing it to my attention.

Heribert Slama

unread,
Sep 25, 2009, 5:33:05 PM9/25/09
to Better Webapps Firefox Extensions
On Sep 25, 10:07 pm, I wrote:
> Here, this version spoils the security status of https-pages. E.g. the
> login page for online banking is downgraded to "partially encrypted".
> The icon for Smart Subscriber is injected as "data:image/
> png;base64..." into the page; this counts as unencrypted data! [......]

Hi Gina,
The Better _Gmail_ extension is also affected: the script "Attachment
Icons" uses the data: protocol to inject the icons (can be seen on
Page Info | Media) changing the security status of Gmail to "partially
encrypted"; of course, all other secure pages are _not_ affected. (I
was too lazy to open a new thread for this;-)

Gina Trapani

unread,
Sep 25, 2009, 5:36:03 PM9/25/09
to better-gmail-2-f...@googlegroups.com
On Fri, Sep 25, 2009 at 2:33 PM, Heribert Slama <hsl...@gmail.com> wrote:
> The Better _Gmail_ extension is also affected: the script "Attachment
> Icons" uses the data: protocol to inject the icons

Yep, that I was aware of--it's on the Known Issues list. If I do
modify the extension structure to support local image files, I'll be
able to fix that, too. It would be a worthwhile change. Thanks.

Sylvain Comte

unread,
Sep 28, 2009, 10:12:22 AM9/28/09
to Better Webapps Firefox Extensions
Sorry that you can't access to my homepage, but it's a free hosting so
it may happend.

By the way, you will not find any newer version of the script there
since last one is always on userscripts.org

Also seen that Gina is taking a look at including the icons into the
chrome of the extension. So, can't suggest anything better. Maybe if
this doesn't work.

Reply all
Reply to author
Forward
0 new messages