Enable a non-PlayStore UserScript with Chrome 35 and above

Question

Since the version 35 of Google Chrome, the execution of any extension installed outside of the Google\'s PlayStore is blocked and cannot be enabled from the ext

Answer 1

The only way there seems to be left, short of installing an extension like Tampermonkey or getting a different browser, is starting the Chrome browser with the --enable-easy-off-store-extension-install flag.

Edit: Unfortunately, Google removed this flag from Chromium in April.

However, if the user (or any program) starts Chrome without this flag even once, the scripts will be disabled automatically. You can't re-enable them, even with the correct flag; your only option is to uninstall them and re-install then in the easy off-store extension install mode.

So, your options are:

1. Start Chrome with the --enable-easy-off-store-extension-install flag every time. If you have pinned Chrome to the task bar in Windows 7, the way to change the command line arguments for this shortcut is described here.
   If you have set Chrome as the default protocol handler for the HTTP and HTTPS protocols (which is the case if you made Chrome your default browser), you can modify the registry so this flag is set every time a program tries to open an HTTP or HTTPS URL with the default program.
   Also make sure you set this argument for file extensions Chrome is configured to open, such as .xht, .htm and .xhtml. You can do this with the following .reg file:

   Windows Registry Editor Version 5.00
   
   [HKEY_CLASSES_ROOT\ChromeHTML\shell\open\command]
   @="\"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe\" --allow-easy-off-store-extension-install -- \"%1\""
   

   
   Make sure the path to Chrome is correct when you install this.

2. Install an extension such as Tampermonkey to manage your user scripts.
3. Install a different browser, either developer builds of Chrome or a completely different browser, such as Opera (which has native support for user scripts) or Firefox (with Scriptish).
4. Blocking Chrome updates before you receive version 35 and risk getting hacked.
5. Switching to a different operating system, as extensions are only blocked on Windows.
6. If your computer is part of a Windows domain, you can install extensions using Group Policy.
7. Turn your user scripts into bookmarklets.

I realize this is probably not what you want to hear, but as Google continues to restrict honest developers because of a few bad players there are no better options.

Edit: there is one more approach that I've found to be working, namely hijacking an installed extension with the correct permissions:

1. Find and install an extension that has permission to run a content script at the web page you want it to run at. For example, the Note Anywhere extension has permission to inject a user script when a document has loaded for any HTTP or HTTPS URI.
2. Go to the extensions page to find the ID of the extension.
3. Open the folder where Chrome stores the extensions. On Windows, this is %localappdata%\Google\Chrome\User Data\Default\Extensions.
4. In manifest.json, find the name and location of the injected script. Overwrite the contents of this file with your user script. (In the case of the extension chosen as an example, this is asset/stickies.js.
5. Remove any content of the extension not referenced in manifest.json. Replace any referenced scripts and HTML pages that you aren't using with emtpy files.
   For the extension mentioned above, I'd remove anything except for the icons, the content script, asset/stickies.css and background.html and replace the latter two with an empty file.
6. Go to the Chrome extensions page and disable and then re-enable the extension.
7. Make a back-up of your work in case the extension is updated.
8. Make a note somewhere that the extension in the extensions list has its contents replaced with your user script.