tie
commented
6 years ago Also, there is a dedicated page for user scripts in CSS-club.
Closed tie closed 6 years ago
tie
commented
6 years ago Also, there is a dedicated page for user scripts in CSS-club.
morr
commented
6 years ago @tie I implemented the customisation of styles so that other users could see customised profiles/clubs too. As you mentioned in this proposal, user scripts are not safe to make them available for all users, they are safe for their owners only. But users who want customised scripts (and who have enough skills to write their own scripts) can already use them with browser extensions like greasemonkey.
In summary: I don't want to implement a feature which will have effect for only "current" user, especially if there are alternatives in browser extensions.
maxkatz6
commented
6 years ago @morr Mobile browsers mostly don't support user scripts. But I agree, that it isn't really needed. Better to implement some scripts from club as optional site functionality (for example, real shiki rating).
tie
commented
6 years ago @morr
a feature which will have effect for only "current" user
That's how custom styles are working right now on the whole website if the owner/user is logged in. Or is just an extra feature because style customization was worth implementing in the first place?
Scripts could be embedded into the page DOM by the browser extension but as @Tirraon mention above mobile browsers mostly don't support user scripts.
While I agree that user-defined scripts are not really needed, there is definitely a high demand for such feature from script developers. One of the possible applications is passing the responsibility for copyright infringement to the third-party. That is, to the script developer.
For example, the developer of IHeardYouLikeLicense is running an API that implements the functionality for mimicking a regular play.shikimori.org page — that's how his extension works. Of course, in that particular case, the scripts must not be stored on the shikimori server but rather referenced by the src attribute of the script tag to comply with the copyright laws on the shikimori's side.
tie
commented
6 years ago @Tirraon
Better to implement some scripts as optional site functionality (for example, real shiki rating)
Yeah, the real shikimori rating is a long-awaited feature.
Introduction: User-Scripts
Mature desktop browsers support extensions. At least Chrome, Safari, and Firefox have the so-called user-script extensions. Those allow execution of locally-stored JavaScript code on the websites. The same goes for the CSS user styles. However, shikimori supports and hosts user-defined styles. Beyond the obvious user page personalization, it enables the consistent experience among all the user's devices and browsers. Moreover, mobile versions of the former browsers are not extensible.
Proposal
Shikimori's interface can be personalized using the custom stylesheets. I propose adding the support for user-defined JavaScript scenarios to extend and enhance the functionality of the service.
Brief Design
Privacy Concerns
Serving custom script implies that the server will send an arbitrary code to the user's browser. The script should only be served for the script owner to protect innocent users from a potential attack surface. I'd also warn users in the preferences to use third-party scripts only if they trust the source.
Beneficiaries
There are numerous extensions for shikimori implemented as browser extensions or user-scripts, e.g. IHeardYouLikeLicense (written by @SebyakinAndrei), shikimori-userscripts (by @Seryiza) and shiki extender by SThorn.
JavaScript in the Wild