A planned Google Chrome API update will not only affect adblockers. Also browser extensions for antivirus products, parental controls and various privacy-related services will no longer work. That’s what ZDNet writes.
Raymond Hill, author of the adblockers uBlock Origin and uMatrix, reported the problem to the Chrome developers on Wednesday. Google’s decision to limit Chrome’s script blocking capabilities to the new DeclarativeNetRequest API, instead of the old webRequest API, limits the ability of its adblockers to block certain scripts.
More than adblockers
It soon became clear that the impact of the API update would go beyond adblockers. Several developers of privacy and security extensions claim that the adaptation of the API will also break their extensions.
In addition to adblocking, the API also seems to affect security software, which depends on an extension’s ability to dynamically block https traffic that has been assessed as malicious or otherwise harmful to the user. This includes pages that spread mal/spy/whateverware, but also, for example, parental control functions, says Jouni Korte, senior software engineer at Finnish antivirus manufacturer F-Secure. He was supported by Claudio Guarnieri, Senior Tehnologist at Amnesty International.
Brandon Dixon, author of the Blockade.io extension, is also of the opinion that the update affects almost all security related Chrome extensions. His solution focuses on blocking drive-by attacks and preventing users from visiting phishing sites. If these changes are published, my solution will no longer work. Proposed changes to the manifesto will remove our ability to support vulnerable communities on a large scale, says Dixon. The author therefore asks the Chrome developers to review the changes to WebRequest’s blocking capabilities.
Not definite
Finally, Giorgio Maone, author fan of the Firefox-addon NoScript, also came along. Maone has been working on a Chrome version of NoScript for quite some time, but fears that he will never be able to publish it if the changes are made. NoScript is so good at blocking JavaScript code that it is one of the extensions that comes with the privacy friendly Tor Browser by default.
The criticism comes at a good time. The Chrome developers are currently deliberately looking for outside feedback before deciding to proceed with the proposed API update in the Chromium code. This change is not intended to break adblockers, but is designed to make them faster and safer. (Yes, even despite the limitations that can affect uBlock.), says Andrew Meyer, one of the Chromium engineers. The new proposed API for content blocking is not final and can/will be changed.
Related: Google is working on Chrome update that breaks adblockers
This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.
14 hours ago
