ChromeXt

Add UserScript and DevTools supports to Chromium based and WebView based browsers using Xposed framework.

How does it work?

We hook the onUpdateUrl function in UserScript.kt, add URL comparison there and evaluate JavaScript using the javascript: scheme (or DevTools Protocol when possible).

Chromium based browsers, such as Egde, Bromite, Samsung Internet, and Brave, are fully supported.

Most WebView based browsers are also supported, if not, please report it. Note for WebView based browsers users: you only need to enable this module for the browser application you wish to use, not for any possible WebView applications, neither for the Android system.

Usage

ChromeXt requires Xposed framework.

For root users, install LSPosed first, pick up the latest built APK from my repo's GitHub Actions and install it.

For non-root users, I modify a bit LSPatch to support ChromeXt; here is how to use it:

1. Download the latest lspatch-release from my GitHub Actions.
2. Download the latest ChromeXt.apk from my GitHub Actions.
3. Extract previously downloaded files to get files lspatch.jar (with some suffix) and ChromeXt-signed.apk.
4. Patch your APK (taking arm64_ChromePublic.apk as example) using the following command: java -jar lspatch.jar arm64_ChromePublic.apk -d -v -m ChromeXt-signed.apk --force. If java environment is not available, please consider using the provided manager APK.
5. Install the patched APK, which might require you to first uninstall the one on your devices.

Notes: currently to download files from GitHub Actions, one needs to log in GitHub.

The author uploads releases to Xposed-Modules-Repo when needed, but not that frequently.

You can then install UserScripts from popular sources: URLs that ends with .user.js.

Supported API

Currently, ChromeXt supports almost all Tampermonkey APIs:

1. @name (colons not allowed), @namespace, @description and so on
2. @match (conform to the Chrome Standard, supports regular expressions)
3. @include = @match, @exclude
4. @run-at: document-start, document-end, document-idle (the default and fallback value)
5. @grant: GM_addStyle, GM_addElement, GM_xmlhttpRequest, GM_openInTab, GM_registerMenuCommand (shown in the Resources panel of eruda), GM_unregisterMenuCommand, GM_download, unsafeWindow (= window)
6. @grant: GM_setValue, GM_getValue (less powerful than GM.getValue), GM_listValues, GM_addValueChangeListener, GM_removeValueChangeListener, GM_setClipboard, GM_cookie, GM_notification, window.close
7. @require, @resource (without Subresource Integrity)

These APIs are implemented differently from the official ones, please refer to the source files Local.kt and GM.js if you have doubts or questions.

Moreover, there is the powerful (also dangerous) GM.ChromeXt API, which must be declared by @grant GM.ChromeXt to unlock its usage. It is locked by default so that the users are protected from malicious UserScripts exploiting ChromeXt. This API allows scripts to use the JavaScript method ChromeXt.dispatch(action, payload), which is fundamental to implement other APIs. (Hence, one can find usage examples in GM.js). Dispatched action and payload are handled by Listener.kt.

UserScripts manager front end

To manage scripts installed by ChromeXt, here are a simple front end hosted on github.io and two mirrors of it (in case that you have connection issues): onrender.com, netlify.app.

Edit scripts before installing them

If you cancel the prompt of installing a new UserScript, then you can edit it directly in Chrome. Use the Install UserScript page menu to install your modified UserScript.

DevTools for developers

From the three dots page menu, ChromeXt offers you the

1. Developer tools menu for the UserScript manager front end,
2. Eruda console menu for other pages.

For Edge browser, these menus are moved to the page info menu, which locates at the left corner inside the URL input bar.

For WebView based browsers and Samsung Internet, these menu items are presented in the context menu.

Bonus

Since WebView based browsers have no unified designs, the following first four features are not supported for them. (By the same reason, they are neither supported for Samsung Internet.)

Open in Chrome

The application ChromeXt is able to

1. received shared texts to search them using Google,
2. open JavaScript files to install them as UserScripts.

The reversed priority order of opening which Chromium based browsers is given in AndroidManifest.xml.

Solution of system gesture conflicts

By default, the history forward gesture of Chrome is available near the vertical center of screen. On other areas, only the system gesture is available. One can disable this behavior through the Developer options menu. (Tap seven times on the Chrome version from the Chrome settings, you will see the Developer options menu.) (In Vivaldi browsers, Developer options menu is removed by its developers.)

Enable reader mode manually

ChromeXt adds a book icon in the page menu to enable reader (distiller) mode manually.

Export browser bookmarks

Bookmarks can be exported in HTML format through the Developer options menu.

AD Blocker solution

For blocking network requests, I recommend to use AdAway or any proxy AD Blocker such as clash.

A content cosmetic blocker is embedded into ChromeXt with the help of eruda. To use it, first open the Eruda console. In the Elements panel, one can use the pointer icon to select elements on the page. After clicking the delete icon for a selected element, a corresponding filter will be saved to the Resources panel, where one can manage previous added filters. These filters are saved in the browser even after clearing the site's data.

Another way to block ADs is using the Content-Security-Policy to block some scripts from loading.

User-Agent spoofing

One can edit the User-Agent from the Info panel of Eruda console. A valid User-Agent should contain only ASCII characters. Currently, ChromeXt only changes the User-Agent HTTP header, which works well but is deprecated.

For Chromium based browsers, when the User-Agent spoofing is not taking effects, refresh the page using the reload button in the page menu. (By contrast, a swipe refresh might be insufficient.)

Note that the DevTools can also change User-Agent.

Contribute to this project

Before you submit your pull-requests, please ensure that the command ./gradlew build or gradlew.bat build produces no warnings and no errors.

Here are corresponding files you might want / need to change:

1. Front end: manager.vue
2. Tampermonkey API: Local.kt and GM.js
3. Eruda configuration: eruda.js
4. Support more WebView based browsers: WebView.kt

Development plans

• Make it possible to pass intents to Chrome with file scheme
• Fix encoding problem for Chrome downloaded JavaScript files
• Inject module resource into Chrome
• Implement developer tools
• Use local versions of eruda
• Improve eruda incorporation with Chrome
• Add more information in the preference screen
• Support more Tampermonkey APIs
• Find elegant way to support DevTools for Android 11-
• Add cosmetic AdBlocker using eruda
• Find way to get current interactive tab
• Remove AndroidX Room dependency to reduce app size
• Support non-split version of Android Chrome
• Solve the menu hook problem for non-split versions
• Handle multiple Tab Model
• Forward DevTools server socket
• A mobile friendly DevTools front end
• Allow user to trigger reader mode
• Support @resource API
• Make GestureNav Fix optional
• Add an open source License
• Support mocking User-Agent
• Support urlFilter syntax
• Improve Open in Chrome function
• Implement fully GM_info
• Eruda fails due to Injection Sinks
• Hide page_info panel automatically
• Fix page menu injection position
• Use Chrome DevTools Protocol as UserScript engine
• Use adb forward to support non-root users
• Fully support WebView based browsers
• Fix LSPatch for isolated process issue
• Implement UserScript storage
• Re-implement GM_xmlhttpRequest
• Convert exported bookmarks to HTML format
• Show executed scripts on current page
• Make a YouTube presentation video
• Support Samsung Internet browser
• Implement GM_cookie
• Improve valid UserScripts Url detection
• Save and present script errors and GM_log logs
• Use iframe and local server to run general WebExtensions
• Bypass style-src rule for eruda, such as Mastodon
• Support importing UserScripts from Tampermonkey exports
• Support backup and restore
• Add recommended UserScripts to the front end manager
• Add chrome devtools front-end for Edge, see devtools_http_handler.cc as reference.
• Hide inserted menu for non-page