On Tuesday, Mozilla said he does not plan to change Firefox’s ad blocking and content capabilities to match what Google is doing in Chrome.
Google’s plan to review its browser extension APIs, known as Manifest v3, follows the recognition of the web giant that many of its products and services can be abused by unscrupulous developers. The king of the search refers to the security and privacy audit of your product as Project Strobe, "a root and branch review of external developer access to your Google account and Android device data."
In a Chrome extension, the manifest file (manifest.json) tells the browser what files and capabilities (API) will be used. Manifest v3, proposed last year and still in process, will alter and limit the capabilities available for extensions.
Developers who created extensions under Manifest v2 may have to check their code to keep it running with future versions of Chrome. However, that may not be practical or possible in all cases. The developer of uBlock Origin, Raymond Hill, has said that its extension of ad blocking and web content will be broken under Manifest v3. It is still unclear if uBlock Origin can or will adapt to the revised API.
The most significant change in Manifest v3 is the disapproval of the
webRequest blocking API (except for business users), which allows extensions to intercept incoming and outgoing browser data, so that traffic can be modified, redirected or blocked.
Firefox does not follow
"Instead, Google has proposed an API called
declarativeNetRequest ," explains Caitlin Neiman, manager of the Mozilla plugins community (extensions), in a blog post .
"This API affects the capabilities of content blocking extensions by limiting the number of rules, as well as the filters and actions available. These limitations negatively impact content blockers because modern content blockers are very sophisticated and they use algorithm layers to not only detect and block ads, but also to hide from ad networks. "
Mozilla offers the development of Firefox controls the Web Extensions API, which is mainly compatible with the Chrome extension platform and is compatible with Chromium Brave, Opera and Vivaldi based browsers. Those three other browser manufacturers have said that they intend to avoid Google changes in the API
webRequest blocking . Now, Mozilla says that.
"We have no immediate plans to remove
that blocks webRequest and we are working with add-on developers to gain a better understanding of how they use the APIs in question to help determine how to support them better," Neiman said.
Why are fervent Googlers making changes that break the ad block in Chrome? Because they created a monster, and are struggling to secure it
However, Mozilla is more receptive to other planned Google changes. Changes in Manifesto v3 require that content scripts have the same permissions as the pages where they will be injected. And revisions of background service workers, more granular runtime host permissions and broader limitations on remotely hosted code remain under consideration.
Google has said that Manifest v3 is "motivated by the desire to keep users safe and give them more visibility and control over the data they share with the extensions."
There is a clear need to improve the security of browser extensions and not only in the Chrome ecosystem. Last week, for example, Mozilla removed an extension called Ad-Blocker because it was executing remote code in violation of the rules.
The question is whether content and ad blocking should get worse for security to improve. Google says: "We are not preventing the development of ad blockers or preventing users from blocking ads," although it acknowledges that "these changes will require developers to update the way their extensions operate."
However, Google-related web technology Two weeks ago, the proposal to build a "privacy litter box", through a series of new technical specifications that would hinder anti-tracking mechanisms, was rejected as a false "privacy gas lighting".
On Friday, EFF staff technologist Bennett Cyphers criticized the commercial for its self-service specifications. "Google not only doubled its commitment to targeted advertising, but also made the ridiculous claim that blocking third-party cookies, by far the most common tracking technology on the Web and the tracking method chosen by Google, will damage privacy of the user ". He wrote in a blog post.
So, when Google, the world's largest online advertising company, says it's fine with ad blocking, even though its financial documents have cited ad blocking as a revenue risk, there is some reason To be skeptical. 19659002] The Google Chrome team is still working on a preview for Manifest v3 developers. ®