Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News Breach: Hackable Browser Built on Chromium and Node.js

Breach: Hackable Browser Built on Chromium and Node.js

This item in japanese

Stanislas Polu recently announced the first public Alpha release of Breach, a modular browser built on Chromium and Node.js.

Polu first outlined the experimental project that was to lead to Breach in the article "The Experimentation Platform to Build a Next Generation Web Browser", saying that the "legacy approach to web-browsing" had gone unchallenged, and didn't cut it for a Web where the browser is "always on, always connected."

Polu said:

The ExoBrowser aims at embedding Node.js on top of a web rendering engine. The main goal is to move the vast majority of the Browser code from C++ to JavaScript (leveraging in particular JavaScript closures and syntax as well as Node.js native capabilities such as Networking).

The basic motivation behind the ExoBrowser is the realization that, building a browser, we have at our disposal a JavaScript Engine as well as an HTML Rendering engine. So why should we go through the trouble of building the browser itself using C++? Why not "bootstrap" it and built it out of its own available technologies? That's exactly what the ExoBrowser wants to enable.

Less than a year later, Breach runs on top of ExoBrowser. Talking to InfoQ, Polu said that Breach gives developers the ability to create a new browsing experience using only web technologies. 

In the release announcement Polu says that although it is still very young, he believes that Breach will empower its users to hack and modify its behaviour and come up with new and interesting ways to browse the web.

He said:

We have designed and entirely coded the Breach API exposed to modules to realize the vision of a fully modular browser where all functionalities are provided by simple and isolated web apps. We merged at least 4 major releases of the Chromium Content API, keeping Breach core engine up to date with HTML5 standards. We also fixed a gazillion bugs, making Breach stable enough to use it as our main browser every day.

Notable in Breach are some features with mod_strip (the default module installed at onboarding), including

  • Tabs are FIFO
  • Tabs sniff the color of the page
  • Typing in the URL bar lets you interactively filter tabs

Polu says these experimental features provide an enjoyable browsing experience, but that Breach gives developers "the freedom to entirely modify its aspect and behaviour and, more importantly, extend it." 

Reactions to Breach have been mixed, with some members of the developer and JavaScript community expressing concerns over the name. On Hacker News, in the discussion Show HN: Breach – A modular browser built on Chromium and Node.js, Christopher Elwell -- CTO of  -- commented that Breach was "Not the most reassuring name for an application I send nearly all my personal data through."

In the Reddit discussion Breach, Hackable Browser Written in JavaScript user 640x480 said:

With a name like Breach, I interpreted "hackable" in the negative way. 

It sounds like a cool idea, but how is it different than, say, Firefox? There are plenty of FF extensions that will completely change how it works.

Others in the community were also unclear on what Breach was offering that was new. User shawnz asked "What about this doesn't also apply to Firefox? It, too, is open source and modular, and also written in JavaScript (though combined with XUL rather than HTML, and using Gecko instead of Webkit)."

 Polu replied:

We went one step further and didn't provide any functionality to the browser to make it entirely built out of modules, and we did it on top of Chromium Content Module. The basic motivations are the same. I also believe that it's probably simpler to rewrite an entire web browsing experience on top of Breach.

Aside from concerns about the name, and some confusion over what Breach was offering, feedback is positive from users who have tried the browser. On Hacker News, user Paul Sawaya said:

This is a great idea. I've wanted to build something like this for a while, but never got around to it. I think people here are missing the point. Firefox and XUL is also a JS-scriptable UI over a browser, but it's a terrible environment to work in.

The UI is the main thing that differentiates web browsers. Our tabbed browsers have looked the same for years now. This is going to enable all kinds of awesome experimentation and customization. I'm super excited to see where this project goes.

Polu says for Breach there is still a lot of work to be done on the technology stack, and the API exposed to module, in the months to come. The aim, he says, is to make it solid enough to be a strong basis for other developers to build upon. Polu says he believes that Breach could also play a role in the convergence of native apps and HTML5 web apps, and he is not satisfied with the Google chome apps model.

Breach is released under an MIT licence. InfoQ readers can contribute to the project by building new modules or participating in the current efforts. Polu says he has been overwhelmed by the recent contributions and feedback, and plans to create a community around the project to move Breach forwards.

Rate this Article