How to view-source of a Chrome extension

how-to-view-source-of-chrome-extension.md

Option 1: Command-line download extension as zip and extract

extension_id=jifpbeccnghkjeaalbbjmodiffmgedin   # change this ID
curl -L -o "$extension_id.zip" "https://clients2.google.com/service/update2/crx?response=redirect&os=mac&arch=x86-64&nacl_arch=x86-64&prod=chromecrx&prodchannel=stable&prodversion=44.0.2403.130&x=id%3D$extension_id%26uc" 
unzip -d "$extension_id-source" "$extension_id.zip"

Thx to crxviewer for the magic download URL.

Option 2: Use the CRX Viewer website

https://robwu.nl/crxviewer/

Option 3: Use the CRX Viewer extension

The Chrome extension source viewer is open source (github repo) and makes this super easy.

Option 3: View source of locally installed extension

1. Find your Chrome local profile directory. Open chrome://version/ and find the "Profile Path:` field. Open that folder up.
2. Open the Extensions/ subfolder
3. All your extensions are here, with typically readable source.

Mapping between locally installed extension IDs and names

• On about:extensions, turn on Developer Mode and you'll see IDs under each entry
• Inside the Extensions/ folders, the manifest.json has a readable name field

Thanks Paul.

thanks!

Awesome, thanks.

Hi @paulirish, I was wondering where the surge of stars on my repository came from, and ended up at this gist :)

For the command-line URL, use prodchannel=stable instead of prodchannel=unknown, for the reason given in https://github.com/Rob--W/crxviewer/issues/20.

@Rob--W thx! updated to stable.

@paulirish I have found that some extensions does not download its contents (i.e. the background.js is a void file). Any idea?

the file i got seems to be a ".crx" file which couldnt be opened by 7-zip or windows explorer until i renamed the extension to ".crx" or ".tar"

Another easy way is getting the source code from your own hard disk. You need to first install the extension though.

Copy the ID of extension and navigate to the following path:

Windows: C - Users - [USER NAME] - AppData - Local - Google - Chrome - User Data - Default - Extensions
Mac: /Users/[USER NAME]/Library/Application Support/Google/Chrome/Default/Extensions

Here you will find a folder named with the ID of extension and it contains the complete source code.
Source: Geek Dashboard

I do not know how to code ;-;

Nice.

r434r34r4r

I can't download extensions from the Chrome Store. It seems to me that those who use this extension, some of them also cannot work with the Chrome Store. Please add a direct link in this repository to the CRX file. Upload this file here!

I can't download extensions from the Chrome Store. It seems to me that those who use this extension, some of them also cannot work with the Chrome Store. Please add a direct link in this repository to the CRX file. Upload this file here!

You don't need the browser extension.

You don't need the browser extension.

Why?. Of course me need to.

When using the above parameters for the request URL the API returns an empty response body along with an HTTP 204 status code.

$ extension_id=jifpbeccnghkjeaalbbjmodiffmgedin
$ curl --write-out '%{http_code}\n' "https://clients2.google.com/service/update2/crx?response=redirect&os=mac&arch=x86-64&nacl_arch=x86-64&prod=chromecrx&prodchannel=stable&prodversion=44.0.2403.130&x=id%3D$extension_id%26uc"
204

Adding acceptformat=crx3 to the request URL returns the extension.

$ curl --output "$extension_id.crx" --silent --location "https://clients2.google.com/service/update2/crx?response=redirect&os=mac&arch=x86-64&nacl_arch=x86-64&prod=chromecrx&prodchannel=stable&prodversion=44.0.2403.130&x=id%3D$extension_id%26uc&acceptformat=crx3"

$ file "$extension_id.crx"
jifpbeccnghkjeaalbbjmodiffmgedin.crx: Google Chrome extension, version 3

The SHA-256 checksum of the downloaded file matches the value returned by the API.

$ sha256sum "$extension_id.crx"
92c3ce80364f17e54dbc9332021d9368be025bffbbe0a788e055129af2fc6853  jifpbeccnghkjeaalbbjmodiffmgedin.crx

$ curl --silent --location --output "$extension_id.xml" "https://clients2.google.com/service/update2/crx?os=mac&arch=x86-64&nacl_arch=x86-64&prod=chromecrx&prodchannel=stable&prodversion=44.0.2403.130&x=id%3D$extension_id%26uc&acceptformat=crx3"

$ xml sel -N x="http://www.google.com/update2/response" -t -v "//x:updatecheck/@hash_sha256"  -n "$extension_id.xml"
92c3ce80364f17e54dbc9332021d9368be025bffbbe0a788e055129af2fc6853

Only response, prodversion, x and acceptformat seem to be mandatory parameters, at least a request with only those results in an identical file.

$ curl --output "$extension_id.crx" --silent --location "https://clients2.google.com/service/update2/crx?response=redirect&prodversion=44.0.2403.130&x=id%3D$extension_id%26uc&acceptformat=crx3"

$ sha256sum "$extension_id.crx"
92c3ce80364f17e54dbc9332021d9368be025bffbbe0a788e055129af2fc6853  jifpbeccnghkjeaalbbjmodiffmgedin.crx

It seems further that prodversion can be any value >= 32.

I ran into the same issue using the Swipe Well extension (ID: phoibianbflfapemikjhjjohoobljlgd) and the above from @stefanschmidt resolved the problem.

Please add a button to the direct link to the CRX file

Thanks! I used Option 4, it needs some work to find the correct folder, but if you just installed the plugin, just sort by folder modified date and pick the most recently modified one that is not Temp. By the way, Option 4 is incorrectly named "Option 3", so there are two "Option 3".

Thanks Paul!