After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 732434 - Feature request : Userscript support.
Feature request : Userscript support.
Status: RESOLVED WONTFIX
Product: geary
Classification: Other
Component: composer
unspecified
Other Linux
: Normal enhancement
: ---
Assigned To: Geary Maintainers
Geary Maintainers
Depends on: 731532
Blocks:
 
 
Reported: 2014-06-29 16:40 UTC by Megh Parikh
Modified: 2019-09-07 09:25 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Megh Parikh 2014-06-29 16:40:49 UTC 
When I used GMail in Firefox I used it with userscript (GreaseMonkey) GMailTEX which support TEX in emails.

It would be great if somehow userscripts could be enabled in Geary.

This would also let us allow to add custom formatting options. (Other APIs like file sharing by uploading to cloud instead of attachment could be easily added by other developers)
Comment 1 Robert Schroll 2014-06-30 14:52:43 UTC 
One side effect of bug #731532 is that we could easily run user-supplied Javascript in the conversation viewer.  Add a few events for it to attach to, and I think we'd have a passable userscript option.
Comment 2 Jim Nelson 2014-06-30 20:45:14 UTC 
Yes, this request is essentially blocked by bug #731532.  I wouldn't feel comfortable enabling Javascript in the conversation viewer unless we had the emails "sandboxed", so to speak.

Megh, I noticed that you marked the component for this ticket as "composer".  So there's two halves to this: enabling user scripting for the conversation viewer and enabling user scripting for the composer.  It's two separate beasts.
Comment 3 Megh Parikh 2014-07-06 12:08:05 UTC 
Why not try to make a simple plugin infrastructure that allows javascript to be executed in different sections of geary.

I dont know much about the internal code of geary and dont know if this is too hard to implement but it is a really nice feature

For example, allow two javascript files per plugin.
- viewer.js - javascript code for modifying the email viewer
- composer.js - javascript code for modifying the email composer

Also you should yourself define some constants such as geary['email_from'], geary['email_to'], etc so that plugins can take advantage of this information and be more smarter. (eg. a plugin's viewer.js can make changes only to emails sent from some emails if it knows this information)

I think if it is like the GNOME Shell Extensions, we would have pretty good productive plugins within a short time.
Comment 4 Robert Schroll 2014-07-07 19:26:00 UTC 
The problem here is one of security.  We cannot trust that the contents of emails do not contain malicious javascript.  Rather than try to find and remove all javascript in the incoming HTML, we just turn javascript off completely.  To enable userscripts in javascript, we need a way to turn on javascript execution only for trusted content.  The one way I know to do that is to load the untrusted content in sandboxed iframes, while letting the userscripts run in the main frame.  That's why this is blocked by #731532.
Comment 5 Federico Bruni 2018-01-11 15:23:02 UTC 
This should be part of Geary core or rather be implemented as plugin (see bug 714833)?
Comment 6 Federico Bruni 2018-01-11 16:20:43 UTC 
sorry, the right ticket for plugins is bug 714883
Comment 7 Michael Gratton 2019-09-07 09:25:22 UTC 
Yup, agreed about TeX support wanting to be a plugin. I'd also be worried about user scripts interfering with core JS functions to, breaking things and making it look like a bug in Geary.

Having said that, if someone wants to work on it and come up with a way to ensure userscripts can't interfere with Geary's JS, then I'll happily review a merge request for it. I simply don't have time for this however, so closing for now.