Https-everywhere: Add support for PaleMoon in HTTPS Everywhere v5.0+

My diff is just a quick hack though, it's not polished and it's probably not the best way to detect if the feature is available or not. Regardless, it does show that the extension can be made compatible with Pale Moon with minor tweaks, so unless there are other dependencies I missed, there's no reason to drop support for it.

It also does mean that HSTS requests will be blocked like before, but I don't know how Pale Moon handles that in the first place; in any case, it's still better to have one small missing feature than a completely unusable extension.

Worst case scenario, a fork will have to be made just for the extension, and that would be a bigger waste of time for everyone involved, users and developers alike.

Hi @nelegalno, @Tailszefox,

I appreciate your dedication to using HTTPS Everywhere on Pale Moon. However, as I said in #1220, our developer resources are very limited and we can't afford the time to support a small browser like Pale Moon. We are way behind on important fixes and features that we need to make, solely on the Firefox and Chromium ports. I definitely support your right to use a fork of Firefox - that is what free software is all about, and I think it's very important. But that doesn't necessarily mean we can spare the time to support it.

Thanks,
Jacob

Hello @jsha . I appreciate you taking the time to reconsider this, and I do understand your point; however, I'm under the impression you skimmed over what would be necessary to add back support for Pale Moon. There's only a few minor tweaks that would be required to do so; the number of changed lines isn't even in the dozen.

However, I understand that the devs don't have the time to go out of their way to make those edits; as such, if you prefer, I can make a pull request of the necessary changes that can be readily merged. Considered the little amount of changes, I highly doubt this would break anything, and thus wouldn't require any kind of testing.

Considering that Pale Moon and HTTPS Everywhere have been working flawlessly together up until that one commit, I think it is highly unlikely that it will break again in the foreseeable future. So this single change should be the last you'll hear about Pale Moon for a long time - unless you plan on dropping support for non-Australis browsers, but I don't see why that would happen.

However, _if_ such an issue arises again in the near future, I will concede that supporting Pale Moon would require a seizable amount of work. At that point, it will be obvious that a fork will be needed.

In any case, this should be the last you'll hear of Pale Moon: either this change fixes it for a while and you won't be bothered with it again, or it breaks again and in that case, a fork will be created that won't interfere with your work. I think it's a win-win situation for everyone.

Otherwise, as I said, a fork will have to be created _now_ in order to allow Pale Moon's users to benefit from this extension. But making a whole fork over such a small fix seems highly overkill to me; not even considering the fact that this will be bothering both for users (who will have to switch to a different extension, if they're even aware it exists) and for devs (who will have to deal with more "Pale Moon isn't supported" issues, and will have to redirect users to the fork).

I hope that's an acceptable compromise. As I said, I do not want to add to your workload, so the proposed merge would be the only thing you'll have to do.

HTTPS Everywhere v5.0.1 is displayed as update, installs without warnings but after the required restart it reports that it is incompatible with PaleMoon v25.3.1 and is disabled.

@Tailszefox: If you're willing to be the long-term maintainer of HTTPS Everywhere for Pale Moon, I'd be happy to accept a pull request. Keep in mind that means testing your changes on Firefox and Firefox for Android as well as on Pale Moon, and making future fixes as necessary.

Thanks,
Jacob

@jsha Thanks, it's encouraging to see you're staying open to the idea of maintaining compatibility for Pale Moon. I don't have much knowledge in extension programming (as evidenced by that hastily put-together fix), but there seems to be people on the Pale Moon's forum who could do the trick and be willing to maintain the extension and do the appropriate tests; I'm sure you'll hear from them soon enough.

Hopefully that means we can avoid a fork and keep an identical version for all browsers.

I'd just like to add a little "me too!" to this bug.

I am a somewhat security-conscious user running Pale Moon 25.3.1 on Linux and it's extremely regrettable to have to drop this Add-On.

I would also like to see this. I'm exploring browser alternatives to firefox now that mozilla is inserting antiprivacy adware directly into the browser itself. Chrome is a nonstarter, chromium is loaded with all of the nonconfigurable UI annoyances you expect from chrome, obviously. PaleMoon seems to be the best libre source alternative at this point.

Unfortunately it seems EFF is only interested in the minestream browsers, so the people behind PaleMoon had to create a fork for there users: https://addons.palemoon.org/extensions/privacy-and-security/encrypted-web/

It seems HTTPS Everywhere 5.0.5 is somehow functioning on Pale Moon 25.5.0.

I have no idea how this happened.. especially since trying to install https://www.eff.org/files/https-everywhere-latest.xpi or https://www.eff.org/files/https-everywhere-5.0.5.xpi both give the "extension could not be installed because it is incompatible" error.

If 5.0.6 still works we can close this, right?

@J0WI 5.0.6 confirmed NOT working. Please re-open.

As I said above, if there is a Pale Moon user or developer who would like to take on long-term maintenance of Pale Moon changes in HTTPS Everywhere, we can do it. In the meantime, Pale Moon is not officially supported. I'm somewhat surprised it worked in one version and then stopped working!

Why support "Mozilla Firefox"? It's not an open-source. I mean, if EFF support open source software why not switch a side?
And "Pale Moon" is not a small browser.

https://github.com/MoonchildProductions/Pale-Moon/issues/179

@espress0 I think you're confused about what "open source" means. If Firefox wasn't an open source project Palemoon wouldn't exist. Just because something is open source doesn't mean it is going to work the way _you_ want it to. Design choices may be made that you don't like and you are powerless to change them for the parent project, but that doesn't make something not open source. But because FF _is_ open source people that like it but want it to be different are able freely and legally fork the project and build on it's source code to make something that they do like. This kind of interdependency is impossible in the closed source world. You can't fork Internet Explorer and build a browser to your own tastes built on it. You're allowed to prefer Palemoon over Firefox. That's fine. But ranting about how FF is not open source when the fact that it _is_ open source is the very thing enabling the software project you do like is just silly. Stop it.

@espress0

Why support "Mozilla Firefox"? It's not an open-source.

Why would you try to say that Firefox isn't open-source while at the same time asking the EFF to support a fork of the project? One with a nearly identical licensing situation, even!

And "Pale Moon" is not a small browser.

It's not about the size of the codebase - it's about the size of the userbase. And Pale Moon currently has a much smaller userbase than Mozilla Firefox.

Palemoon has been updated to 27 recently.
Team behind HTTPS Everywhere, common!

@sergeevabc You're barking up the wrong tree. As noted in the discussion above the HTTPS Everywhere team has noted that they don't support Palemoon (and given their reasoning for not doing so). They _have_ offered to accept contributions if somebody wants to make this happen, but you need to talk to the Palemoon developer community, not this one. When you do, remember almost everybody involved in these projects is volunteering their time and effort to release open source code that you get to use for free.

@alerque, one of PM core developers said: “ask the developers [of HTTPS Everywhere] to support us”.

@sergeevabc That's a fairly naive response. It's technically correct in that the work that needs to be done needs to be done on the plugin not on the browser source tree, but somebody still has to do the work. This involves making the necessary changes, testing to be sure Palemoon works, then testing to make sure those changes don't break the extension on FF. It was noted above that the HTTPS-Everywhere crew will accept submissions if somebody is willing to do that work. But it is work and they don't plan on doing it. My response above was to suggest that the place you're most likely to find interest in making this happen in the PM developer community. Open Source projects are frequently driven on by the need to scratch one's own itch. The people with this itch are going to be PM people, not HTTPS-Everywhere people that have the functionality already. Maybe you could politely probe for people that worked on Encrypted Web and see if they are interested in contributing PM compatibility upstream instead of running it as a fork.

The EFF can make its own choices about how to spend its resources, and I'm fine with that. I would like, however, to comment more generally on the source and compulsion and sensation of near-futility--that in a way seems antagonistically or symbiotically existential to an organization like EFF--that drives me to not only support and defend EFF but also use palemoon.

While there are a few decisions and policies over which I disagree with the palemoon devs, in my dispiriting searches over the greater intarwebs, I must conclude it is the most viable browser available that does not actively violate user discretion or privacy with hard-wired phone-home telemetry, bundled advertising streams, proprietary plugins, etc. So forgive my incredulity at EFF for not responding to Mozilla's breach of user faith and goodwill in the same way that I did by opting for the best alternative which doesn't sellout the very integrity I install EFF plugins to protect. At best I find this paradoxical and at worst, I refrain from judging the reasons, despite the responses given here, for I am unable to process the apparent contradiction in faith and motives that to me, and I presume to some of the other commentors, is so plain.

If nobody else is able to step in here to maintain compatibility between EFF plugins (I'm thinking this and privacybadger) and palemoon, then I may be compelled to get involved. That may not necessarily be a bad thing, either literally or proverbially: pick your favorite epigram.

@jfindlay

While there are a few decisions and policies over which I disagree with the palemoon devs, in my dispiriting searches over the greater intarwebs, I must conclude it is the most viable browser available that does not actively violate user discretion or privacy with hard-wired phone-home telemetry, bundled advertising streams, proprietary plugins, etc.
So forgive my incredulity at EFF for not responding to Mozilla's breach of user faith and goodwill in the same way that I did by opting for the best alternative which doesn't sellout the very integrity I install EFF plugins to protect. At best I find this paradoxical

I agree with this 100%. Firefox is no longer "the privacy conscious choice"—it's arguably comparable to Chrome. (Which, interestingly, _is_ supported by the EFF's "privacy" plugins). And while Pale Moon admittedly has its share of development quirks and questionable design goals, overall at least the devs do in fact have privacy as one of the project goals, which they are actively and provably working in conjunction with. The same can no longer be said of Firefox, and it was never _even_ one of Chrome's goals.

at worst, I refrain from judging the reasons, despite the responses given here, for I am unable to process the apparent contradiction in faith and motives that to me, and I presume to some of the other commentors, is so plain.

I do kind of wonder whether the true end of these plugins is not to complement privacy-conscious users' safety, but rather merely a PR campaign, something to raise awareness and interest in privacy (even if only nominal/superficial/symbolic).

Hey @wolfbeast & @mattatobin, it seems providence sends us a saviour by the name of Justin Findlay.

Does anyone know what the status on this is? @jfindlay

The Firefox Add-On version is deprecated in favor of the WebExtension API.
I don't know about PaleMoon's roadmap, but if still use most of the current Firefox' code any WebExtension should work out of the box or at least it should be very easy to migrate.

@hook54321a Currently, HTTPS Everwhere does not support Pale Moon at all; however, Moonchild(?) has rolled his own branch/fork of HTTPS Everywhere for Pale Moon, called Encrypted Web.

@JamesTheAwesomeDude I saw that, however it's not being updated and the github repo for it seems to have been deleted.

@J0WI Pale Moon isn't going to implement support for WebExtensions. I think they have views on it that are similar to the DownThemAll developer's views. http://www.downthemall.net/re-downthemall-and-webextensions-or-why-why-i-am-done-with-mozilla/

If nobody else is able to step in here to maintain compatibility between EFF plugins (I'm thinking this and privacybadger) and palemoon, then I may be compelled to get involved.

What’s happened to @jfindlay, who had expressed a desire to get involved?

Well for the record. HTTPS Everywhere would be welcomed by a good chunk of Pale Moon users since the fork of it, Encrypted Web's developer disappeared off the face of the planet.

If anyone does indeed continue HTTPS Everywhere either here or on their own.. Do make sure you get in touch with the Pale Moon Add-ons Team (not me) and see: http://developer.palemoon.org/Add-ons:Site on submitting it to our Add-ons Site.

I should have more free time when things begin to settle down in a month or two, but I'll see what I can do.

@sergeevabc
Sorry, apparently I got confused about which tab I was posting in. I'll delete this post if I figure out how.

@Lew-Rockwell-Fan, fork of NoScript, why here? This issue is about HTTPS Everywhere.