About 14 years ago, I fell in love with programming because it made me feel like a magician. I'd type in some incantations, click "Run", and voila! My lightning-powered thinking rock would do exactly as I commanded — in my case, make a virtual robot named Karel move around the screen in my computer science lab.
Nowadays, casting spells requires a bit more work. Most of our work happens inside complex web apps that each have their own custom spell books (APIs) — assuming they even provide one at all.
Let's take a task like managing your social media accounts. Suppose you want to reset your Twitter account and start from scratch. First step: Unfollow everyone. The problem is that you have hundreds of accounts to unfollow, and you don't exactly want to sit there all day clicking buttons.
If you're not a programmer, your options are limited to what others have built. You can hand over your credentials to all kinds of third-party apps and extensions in the hopes of finding one that works. Good luck.
If you're a programmer, you have more options. You have the power to cast spells. What if we used the official API?
You can sign up for a developer account, get an API key, download a client library, read about how OAuth works for the hundredth time, and then start digging through the API to find out how to complete your task.
That sounds tedious and creating a developer account for a one-off task feels like overkill. What if we simulated user actions in the browser instead?
You can install Selenium/Puppeteer/Playwright, read through its documentation to learn how to navigate and click, open the web inspector to figure out the right CSS selectors, run into some race condition where the elements aren't loading in time, sprinkle in some waits, and puzzle over how to handle elements being added from the infinite scrolling list.
That doesn't sounds too great either. Maybe it'd be faster to manually click those buttons after all...
I built Browserflow to automate tasks like this where people end up wasting time doing what computers do better. I wanted a tool that makes it easy for anyone, regardless of their technical background, to automate any task on any website. It includes the convenience of features like automatically generating automation steps by recording your actions while having the flexibility of letting you tweak anything manually or write custom Javascript. (If you want to see how simple it is to automate the Twitter task above using Browserflow, here's the demo: https://www.youtube.com/watch?v=UnsGTpcA-98)
Building a browser automation tool from scratch and making it robust enough to handle all kinds of websites took much, much longer than I expected. After working on it as a solo developer for 1.5 years, I'm super excited to finally share this with you all. Whether you're a professional developer or a non-technical marketer, I hope Browserflow will make you feel like a magician on the Web.
This is a really excellent sales pitch, you answered all my “why not just” questions upfront. The video makes this look very smooth to use, excited to try it out next time I have a need.
Feedback: The on-boarding workflow is so, so good. So pleasant and well thought out. Hard to believe this is the launch... I'd expect folks to go through many iterations of it and not get to something like this. Really, really well done.
Whenever I see extensions like this, it does make me wonder something which I've never fully understood: Given that so much of it runs client-side, what's the state of the art nowadays in terms of preventing someone from essentially "stealing" your extension. I've come across some extensions in the past -- even ones that were paid for and part of a business -- where it was clear that it would've been trivial to simply copy the extension code and run it on my own. How do you prevent folks from doing that?
Oh, don't be fooled — many of my friends have had to go through much worse onboarding experiences to get to what it is right now. ;) Appreciate the kind words!
The two pieces that make it harder for someone to simply copy the extension code and run it themselves is (1) Javascript minification and (2) parts that talk to a server.
Someone can try to reverse engineer the calls to a server and run their own, but that's often more work than most people are willing to go through and it's made harder by the client code being minified.
I wish it were possible to open source extensions without running into this problem because I like sharing things I've built (https://github.com/dkthehuman/), but doing so effectively kills the possibility of building a business on top of it unless you maintain two code bases (one free and one paid) at which point it's more trouble than it's worth IMO.
Beautiful UI. Hope this takes off. Love the simplicity of the design and the ease of use. If it could make writing my Cypress UI tests easier, that might be another adjacent problem to look into, by logging the recorded elements as code.
Thanks! Right now you can use it for testing by throwing an error from the flow (using the Run Script command) if the result differs from what you're looking for (e.g. an element doesn't exist, some text doesn't match the expected output) and Browserflow will email you when the flow fails. It's currently not optimized for that use case though, so if it becomes popular, I'd probably look into adding more support for testing.
I've thought about adding support for generating a self-contained bundle of Javascript code from the flow that anyone can self-host and run, but that hasn't been a priority for the current use cases. Will keep it in mind — thanks for the suggestion.
When you click the add button, the extension grabs the cookies for the specified domain from your desktop browser and attaches it to the flow to be used when running in the cloud.
The cookies are used for as long as the user keeps them in the cloud flow. (Browserflow doesn't try to be smart and automatically refresh the cookies on your behalf because there are scenarios like using multiple accounts in the same browser, etc.) Most major sites use quite long expiration dates for cookies (a year is fairly common) so there usually aren't issues with cookies becoming invalid for a while.
Are you aware of limitations around site support with this approach?
Several years ago I implemented a similar feature just reversed - A remote machine logs a user in, then passes the cookies that result from login to an extension running in the user's browser, which drops them into the browser's cookie jar.
Worked very nicely, right until you run it to log into a service like GMail.
Then Google correctly notes that you're using the same cookie in two different locations, assumes you've been session-jacked (and you have, really - you just did it willingly), and locks EVERYTHING. It took a notarized copy of my drivers license before they let me back in.
Might behoove the author to offer a proxy via the extension or whatever so that the cookie is generated and used on the same subnet.
I don't know how accurate Google can be, though, as I route Gmail traffic from the same cookie through three ISPs and a self hosted VPN, without refreshing.
I was skeptical at first, but your comment convinced me to take a look. It really is much easier and cleaner, and having it run in the cloud is amazing!
Really neat, that's the kind of stuff I always wanted someone to build.
I think a marketplace of workflows would be a great next step, so that you can have someone else maintaining the flows.
I build tons of scraper and things that pretend to be browser (handcoded, not recorded from the browser - but lighter than spinning up a real browser) and the harder bit is keeping the flows maintained. Some websites are particularly annoying to work with because of random captchas jumping in your face but it's something you can handle by coding support for the captcha in the flow and presenting a real user the captcha.
One problem of logging in the cloud is IP checks. You may be asked to confirm.
If you want to look into this issues I'd recommend scraping yandex for dealing with captchas being thrown in your face and authed google or facebook for IP restrictions, weird authentication requests.
Again, I think a marketplace could outsource these problems to a community of developers maintaining flows.
Security could be another concern, but you always have the option of running things locally.
For sure! I'll definitely be exploring the marketplace idea. Currently, you can share flows and import flows that others have shared, but there isn't (yet) a nice way to discover ones others have made or charge for flows you've made.
Maintaining flows as sites change is definitely a drawback for any scraping solution, so I built features like generating selectors by pointing and clicking to make it as easy as possible.
Browserflow Cloud has built-in support for rotating proxies and solving CAPTCHAs to get around the issues you mentioned. (They're currently in private beta.)
Just curious, why do you offer residential ips? My initial thoughts are reseller botting, but it honestly seems kinda slow for that, not to mention max rate of 1/min. So what else are residential ips good for?
Yeah, Browserflow definitely wouldn't be able to compete with specialized bots for reselling in terms of speed.
I added support for residential IPs to handle sites that employ aggressive bot detection, but it's in private beta and so far there hasn't been much of a demand for it. If it turns out that it's not really needed for the use cases people have, I might just remove the feature!
Chances are if you've thought of something you could scrape that would offer a broadly popular, real tangible benefit, they employ anti-bot measures that don't like non-residential ips.
It was a lot of work translating the extension code to work with headless browsers, but it means you can deploy your flows to the cloud and have it run automatically!
Yes, sure. Just that some use cases, like internal applications that aren't exposed to the internet, or dev instances of those that are, would be difficult.
I'm loving the nice comments about the UI because it's all good ol' Bootstrap. Tools in this category usually have pretty terrible design so I guess the bar is quite low. ;)
I'm a speech therapist who does teletherapy. I routinely fill out a lot of web forms. I've already created one automation that will save me time, and I have ideas for several more automations. Thank you so much for making this!
Oh man, this makes me super happy to hear. Enjoy, and feel free to reach out either by email (support@browserflow.app) or on the Discord if you need any help with your automations!
The main thing I want to do with this extension is to speed up my documentation process. For every therapy session, I have to fill out a web form that details what happened during the session, including subjective info and objective data regarding the therapy goals. I already record the data in a Google Sheet, and it would be great to have a one-click solution to transfer that into the web form!
Right now, I have an automation for updating Zoom meeting info, and one that fills out the web form with standard info I include for nearly every session.
Interesting.. are you learning/using programming as part of your work or for your own interests? If not, I'm curious what value you feel you get from Hacker News; I know a lot of non-programming topics get discussed here, I just typically assume the audience here skews more towards people working in technology/software-related fields.
I tried teaching myself programming at one point, but it didn't really "click" for me. I browse HN for the non-programming topics. I steer around the "built with Rust" posts (and other programming motifs).
The value I get from Hacker News is the aggregation of interesting web content, good discussion, and learning about new apps like this one :)
On my twitter feed, I keep seeing tweets from something twitter calls "topics". Apparently they were automatically assigned to me based on previous tweets I had liked. Didn't want to see any tweets from people I don't follow. And instead of having to unclick 200 topics or so, I used this app to automate removing them from my profile.
I really wanted to make it run on Firefox as I do with all my other extensions (e.g. https://news.ycombinator.com/item?id=22936742), but Firefox lacks the APIs that Chrome has for automating the browser. :'(
If you run the flow in the cloud, it'll need some place to persist it so I've chosen Google Drive to start. If there's enough demand, I'd be open to storing it on Browserflow's servers and providing an API to access the files but I'd want to make sure that's something enough customers want before sinking my time into it.
I'm not (yet) a Browserflow user, but it's something that I'm going to either pitch or just skunk into my workflow. But when that time comes, I will absolutely need a first-party way to download screenshots. I'd be open to pulling them from an S3 bucket, but absolutely not from Google Drive.
That time is at least a few weeks off, though, probably after the new year.
You could also do most of this (except adding the screenshot to a folder, but you can get it via api if you need) and more with our free plan - https://www.rainforestqa.com/
Jon, what's the main pain or goal with capturing a screenshot for every page that you visit?
It's tricky to do on your machine, so that performance doesn't suffer. At the end of the day, all full-page PDF generators would have to scroll to the end of the page, which would make it really tough for you to browse around.
A solution to this would be to just capture the URLs that you visit, and then do the screenshot generation in the cloud. The limitation is that none of your websites with logins would get captured.
Local storage is another issue for Chrome Extensions. There is a limit to how much data that can be stored.
Whilst nice, how is this going to handle the changing nature of the web? It's nice that it detects "lists" and such, but a few changes to CSS is going to trash that automation right?
I'm also fairly sure you'll break (either directly, or on a user's behalf) a few EULA's that really specifically ban scraping.
This might be true in the USA, but the EU has a thing called database rights[0]. Essentially, any collection of data can under certain circumstances be protected under database rights, which prevents other parties from copying (parts of) it. This originally was created to protect such things as phone books and other directories, but when I was a student (I don't remember the context anymore), they specifically warned us that scraping certain websites would violate their database rights, and thus be illegal. So using scrapers in the EU is something you should be very careful with, especially if your business depends on it.
You pedantic piece of... nah I'm just kidding, Thank you. I actually learned English by watching Clint Eastwood, Charles Bronson and Sylvester Stallone movies, so my grammar might be slightly off from time to time, but google actually agrees with me when I say: irregardless == regardless.
Ah, so people've been making this mistake for over two hundred years but thanks to people like you, this misuse of language has been all but eradicated?
I tend to remind people who think that this is an error that, although I share their disliking...
- There is a case for the word and it predates us
- Languages are dynamic and today's "correct" spelling is yesterday's "erroneous" spelling.
I thought until recently that the spelling was "simply incorrect" until I found out there was more to it. It therefore is a reminder to myself as well.
215 comments
[ 3.6 ms ] story [ 230 ms ] threadAbout 14 years ago, I fell in love with programming because it made me feel like a magician. I'd type in some incantations, click "Run", and voila! My lightning-powered thinking rock would do exactly as I commanded — in my case, make a virtual robot named Karel move around the screen in my computer science lab.
Nowadays, casting spells requires a bit more work. Most of our work happens inside complex web apps that each have their own custom spell books (APIs) — assuming they even provide one at all.
Let's take a task like managing your social media accounts. Suppose you want to reset your Twitter account and start from scratch. First step: Unfollow everyone. The problem is that you have hundreds of accounts to unfollow, and you don't exactly want to sit there all day clicking buttons.
If you're not a programmer, your options are limited to what others have built. You can hand over your credentials to all kinds of third-party apps and extensions in the hopes of finding one that works. Good luck.
If you're a programmer, you have more options. You have the power to cast spells. What if we used the official API?
You can sign up for a developer account, get an API key, download a client library, read about how OAuth works for the hundredth time, and then start digging through the API to find out how to complete your task.
That sounds tedious and creating a developer account for a one-off task feels like overkill. What if we simulated user actions in the browser instead?
You can install Selenium/Puppeteer/Playwright, read through its documentation to learn how to navigate and click, open the web inspector to figure out the right CSS selectors, run into some race condition where the elements aren't loading in time, sprinkle in some waits, and puzzle over how to handle elements being added from the infinite scrolling list.
That doesn't sounds too great either. Maybe it'd be faster to manually click those buttons after all...
I built Browserflow to automate tasks like this where people end up wasting time doing what computers do better. I wanted a tool that makes it easy for anyone, regardless of their technical background, to automate any task on any website. It includes the convenience of features like automatically generating automation steps by recording your actions while having the flexibility of letting you tweak anything manually or write custom Javascript. (If you want to see how simple it is to automate the Twitter task above using Browserflow, here's the demo: https://www.youtube.com/watch?v=UnsGTpcA-98)
Building a browser automation tool from scratch and making it robust enough to handle all kinds of websites took much, much longer than I expected. After working on it as a solo developer for 1.5 years, I'm super excited to finally share this with you all. Whether you're a professional developer or a non-technical marketer, I hope Browserflow will make you feel like a magician on the Web.
Would love to get your feedback!
Whenever I see extensions like this, it does make me wonder something which I've never fully understood: Given that so much of it runs client-side, what's the state of the art nowadays in terms of preventing someone from essentially "stealing" your extension. I've come across some extensions in the past -- even ones that were paid for and part of a business -- where it was clear that it would've been trivial to simply copy the extension code and run it on my own. How do you prevent folks from doing that?
The two pieces that make it harder for someone to simply copy the extension code and run it themselves is (1) Javascript minification and (2) parts that talk to a server.
Someone can try to reverse engineer the calls to a server and run their own, but that's often more work than most people are willing to go through and it's made harder by the client code being minified.
I wish it were possible to open source extensions without running into this problem because I like sharing things I've built (https://github.com/dkthehuman/), but doing so effectively kills the possibility of building a business on top of it unless you maintain two code bases (one free and one paid) at which point it's more trouble than it's worth IMO.
I've thought about adding support for generating a self-contained bundle of Javascript code from the flow that anyone can self-host and run, but that hasn't been a priority for the current use cases. Will keep it in mind — thanks for the suggestion.
Could you elaborate on cloud runs and cookies? E.g.:
- How are the cookies obtained? I saw that in the video you clicked the "add" button at 1:36, how does this work and what happens behind the scenes?
- How long do the cookies remain in use? Does the user have to refresh cookies manually at some point?
The cookies are used for as long as the user keeps them in the cloud flow. (Browserflow doesn't try to be smart and automatically refresh the cookies on your behalf because there are scenarios like using multiple accounts in the same browser, etc.) Most major sites use quite long expiration dates for cookies (a year is fairly common) so there usually aren't issues with cookies becoming invalid for a while.
Several years ago I implemented a similar feature just reversed - A remote machine logs a user in, then passes the cookies that result from login to an extension running in the user's browser, which drops them into the browser's cookie jar.
Worked very nicely, right until you run it to log into a service like GMail.
Then Google correctly notes that you're using the same cookie in two different locations, assumes you've been session-jacked (and you have, really - you just did it willingly), and locks EVERYTHING. It took a notarized copy of my drivers license before they let me back in.
I don't know how accurate Google can be, though, as I route Gmail traffic from the same cookie through three ISPs and a self hosted VPN, without refreshing.
These extensions are some well-known browser automation tools, each with > 100K users.
Did you look at them and decided to do something different?
- Ease of use: Most existing tools have pretty clunky UX and are hard to get started on
- Reliability: I've had issues with many tools simply not working, especially when it comes to more complex sites
- Cloud: Browserflow lets you deploy your flows to the cloud to run them on a schedule whereas many tools are local-only
Hope that helps!
Nice job!
I build tons of scraper and things that pretend to be browser (handcoded, not recorded from the browser - but lighter than spinning up a real browser) and the harder bit is keeping the flows maintained. Some websites are particularly annoying to work with because of random captchas jumping in your face but it's something you can handle by coding support for the captcha in the flow and presenting a real user the captcha.
One problem of logging in the cloud is IP checks. You may be asked to confirm.
If you want to look into this issues I'd recommend scraping yandex for dealing with captchas being thrown in your face and authed google or facebook for IP restrictions, weird authentication requests.
Again, I think a marketplace could outsource these problems to a community of developers maintaining flows.
Security could be another concern, but you always have the option of running things locally.
Maintaining flows as sites change is definitely a drawback for any scraping solution, so I built features like generating selectors by pointing and clicking to make it as easy as possible.
Browserflow Cloud has built-in support for rotating proxies and solving CAPTCHAs to get around the issues you mentioned. (They're currently in private beta.)
I added support for residential IPs to handle sites that employ aggressive bot detection, but it's in private beta and so far there hasn't been much of a demand for it. If it turns out that it's not really needed for the use cases people have, I might just remove the feature!
Chances are if you've thought of something you could scrape that would offer a broadly popular, real tangible benefit, they employ anti-bot measures that don't like non-residential ips.
https://bugs.chromium.org/p/chromium/issues/detail?id=706008
Otherwise, you could make a pretty neat self-hosted "cloud" of this nice looking scraper extension.
It was a lot of work translating the extension code to work with headless browsers, but it means you can deploy your flows to the cloud and have it run automatically!
EDIT: --headless is under kHeadless https://sourcegraph.com/search?q=context:global+repo:chromiu...
I'm using React for the Javascript!
And DK: I didn't see it immediately - does an affiliate program for solution architects sound right / in the roadmap?
Right now, I have an automation for updating Zoom meeting info, and one that fills out the web form with standard info I include for nearly every session.
The value I get from Hacker News is the aggregation of interesting web content, good discussion, and learning about new apps like this one :)
Do you have any plans to port it to also run on Firefox?
Probably "Chrome" and "stealing data" I guess.
I think your business plans are underpriced. You're saving human hours with increased accuracy, which probably is worth more than $25/month.
edit: nevermind. Your annual pricing shows per-month pricing which is $299/month.
Although maybe he is aiming for people who are zero technical competence. I admit I would not have invested in Dropbox because I grew up with ftp.
Here is my need (and I've had this need my whole working career": What does production look like?
If a tool could automate loggin in, browsing specific flows, take screenshots of every page, and add them to a folder of the day, it would invaluable.
Take a look at the "Take Screenshot" command and feel free to message me on the Browserflow Discord if you need help.
No, thank you. Please offer a local save option.
https://ui.vision/rpa/docs/selenium-ide/capturescreenshot
If you run the flow in the cloud, it'll need some place to persist it so I've chosen Google Drive to start. If there's enough demand, I'd be open to storing it on Browserflow's servers and providing an API to access the files but I'd want to make sure that's something enough customers want before sinking my time into it.
Of course don’t spend the cycles building until demand presents itself.
[1] https://developers.cloudflare.com/logs/get-started/enable-de...
That time is at least a few weeks off, though, probably after the new year.
It's tricky to do on your machine, so that performance doesn't suffer. At the end of the day, all full-page PDF generators would have to scroll to the end of the page, which would make it really tough for you to browse around.
A solution to this would be to just capture the URLs that you visit, and then do the screenshot generation in the cloud. The limitation is that none of your websites with logins would get captured.
Local storage is another issue for Chrome Extensions. There is a limit to how much data that can be stored.
Logged in states are a must have.
https://www.lambdatest.com/automation-testing
I'm also fairly sure you'll break (either directly, or on a user's behalf) a few EULA's that really specifically ban scraping.
[0] https://en.wikipedia.org/wiki/HiQ_Labs_v._LinkedIn
If the user is logged in, that data may not be publicly available, and the EULA would still apply.
[0] https://en.wikipedia.org/wiki/Database_right
https://www.merriam-webster.com/dictionary/irregardless
I dislike that word more than I dislike "nucular". Like diarrhea, anyone can let it slip.
Radicated?
;)
I tend to remind people who think that this is an error that, although I share their disliking...
- There is a case for the word and it predates us
- Languages are dynamic and today's "correct" spelling is yesterday's "erroneous" spelling.
I thought until recently that the spelling was "simply incorrect" until I found out there was more to it. It therefore is a reminder to myself as well.
hence why it's nice to have that extension to click through the UI rather than figure out how to parse things no?