-
Notifications
You must be signed in to change notification settings - Fork 83
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Chrome extension manifest v3 proposal #338
Comments
Yes this was announced back in October - https://blog.chromium.org/2018/10/trustworthy-chrome-extensions-by-default.html Not much for uBO to do though.. |
I'm not sure how are they planning to change the background process and origin access, it might cause some issues. Beside that, I don't see anything else that can cause problems. As for remotely-hosted code, it really should've been forbidden since the beginning. |
It appears that Google is phasing out the webRequest API in favor of their new declarativeNetRequest. The current Manifest V3 draft states:
Looking at the new API page, it's a rather different way of doing things. I would expect big changes needed to uBO and other blockers. (Plus there's the change from background page to ServiceWorker.) |
Another change would be dynamic Content Scripts similar to what Firefox has where extensions can inject contentScript and have it execute before page finishes loading. |
Basic ABP-like syntax, 30000 filters MAX... |
That was declarativeWebRequest, that was shelved. |
I don't see limits to the number of the rules in declarativeWebRequest. declarativeNetRequest have better syntax, but number of rules is limited. |
It is explicitly stated this is meant to phase out There is no way to transpose either either dynamic filtering, dynamic URL filtering, per-site/per-scope switch logic (let's refer to all these as "dynamic filtering"), into static filters. Dynamic filtering logic requires an arbitrary amount of block/allow rules overriding other block/allow rules based on specificity. There is no concept of specificity in static filtering -- and even more, there is no concept of dynamic filtering rules relinquishing filtering to static filters (dynamic filtering's
And there I was recently testing how uBO handled over half a million network filters with the 3rd-gen HNTrie... Issues of performance and privacy lie with web sites, not uBO -- so I don't feel concerned with the issues of privacy and efficiency being put forth as advantages of using declarativeNetRequest over webRequest. |
Read the paragraph that's titled DeclarativeNetRequest. They will keep webRequest API but it will not block, modify or redirect anymore, that will be handled by NetRequest API with v3. They do plan to discourage the use of webRequest API through with its new replacement - https://docs.google.com/document/d/1nPu6Wy4LWR66EFLeYInl3NzzhHzc-qnk4w4PX-0XMw8/edit#heading=h.xe5njuo7voeb |
30000 is mentioned in https://developer.chrome.com/extensions/declarativeNetRequest#property-MAX_NUMBER_OF_RULES, not sure what to make of this, can you shed some light there ? I don't think it is related to 30K ABP styled filters. |
Look at "Rule", it's clearly made to implement ABP-compatible filters:
|
This new API is even worse than being restricted to 30k ABP-style rules -- the rules must also be in a single, bundled json file. Thus any rule changes means a full extension update. (Blockers restricted to this API would be "static" in every way.) Thinking big picture, it's not that surprising. Last year Google started to bundle a lightweight ad blocker in Chrome, and I recall thinking that something like this would happen. On the bright side, perhaps this could be a boon to Mozilla, assuming they don't foolishly neuter their API in the same way. |
It is still a draft but is really a big downgrade if it stays this way. Looks to me like Google is doing this to reduce the amount of damage malicious extensions could do using this API by severely limiting the existing one and calling it a privacy and efficiency win....while of course giving more control to Google over what ads/trackers/requests can be blocked. This affects trusted and more advanced extensions like uBO the most. Hopefully Mozilla and other browser makers don't follow suit on this.. |
Since we will be able to dynamically modify content scripts, we can still implement scriptlets and cosmetic filtering properly. |
It's still not set in stone, so lets see where it goes. |
The fact that they are planning to remove a proper blocking webRequest API with no word of an equivalent replacement is a sign of intent, that is, reducing the level of user agency in their user agent (aka Google Chrome). How to do this? Use privacy/performance as Trojan arguments to rationalize reducing user agency over what all bloated web sites throw at people's user agents. That new declarativeNetRequest API seriously reduces what blockers can do, to the point they will become distinguishable only by their UI, not their capabilities. As a user, I personally wouldn't accept browsing the world wild web without the advanced features in uBO, I find this unthinkable. There are no issue of privacy/performance with uBO, rather the opposite by giving back to users the power of clamping down on what web sites throw at them, so that argument is just plain fallacious as far as uBO is concerned. Chromium got its webRequest API at a time it was trying to gain market share against Firefox (Sep 2011), where Adblock Plus, Ghostery, Disconnect, NoScript, and other such extensions were the most or among the most popular extensions on Firefox. I don't expect Firefox to follow suit and also deprecate its own webRequest API.[1] I am confident uBO will still exist on Firefox.[2] [1] Actually Firefox's own webRequest API is better designed as it's possible to return a Promise, which makes it possible to defer returning an answer to some point in the future. [2] Which is already better equipped than Chromium's version of uBO -- example, example -- (and also better equipped than the Firefox legacy version). |
Yes, but they're not doing this specifically targeting uBO, other blockers will be affected by this too, won't they ? So I still think it won't end up like this. Like you said, it will be the death of these two extensions, why would they bother doing that after all this time ? If they wanted to kill uBO, they could have done this years ago by deprecating APIs or limiting them. |
I'm not saying they are targeting uBO specifically, more that they are targeting the capabilities expressed in uBO/uMatrix. What is being said now is that the maximum capabilities content blockers will be allowed come down to a maximum of 30,000 ABP-compatible filters. Even without dynamic filtering and per-site switches, etc., uBO already enforces over 90,000 filters (which themselves go beyond ABP filter syntax) with just the default filter lists, not counting the regional one which may be activated automatically at first install, and other commonly used ones such as Fanboy Social. When I select only EasyList, uBO reports 42,000 network filters, so even EasyList alone won't be enforceable with the declarativeNetRequest API. Beside the low maximum of 30,000, ABP-compatible filters have no sense of specificity, hence why dynamic filtering can't be implemented with such approach (and if they did it would be a pain to have to recompile the whole filtering profile when merely adding/removing a rule/switch through a click). Also, this makes it impossible to implement
My comments are made with what is being said now with regard to manifest v3. |
This comment has been minimized.
This comment has been minimized.
At this juncture, assuming it will get implemented, can you do something about it like not updating to v3 ? or should Chromium users be ready to abandon ship for good ? |
I won't tell people what to do. I am pointing out that removing the blocking ability of the webRequest API means the death of uBO, I won't work to make uBO less than what it is now. I quote the document (my emphasis):
Currently uBO uses blocking listeners on both With this information on hands, everybody is free to decide for themselves. [1] There are four listeners in the webRequest API which can be used in blocking mode: onBeforeRequest(uBO, uMatrix), onBeforeSendHeaders(uMatrix), onAuthRequired, onHeadersReceived(uBO, uMatrix). uBO uses two of them, uMatrix uses three of them. |
This comment has been minimized.
This comment has been minimized.
I think the best thing people can really do for now is to get the word out to extension developers and browser developers (especially Google) that the proposed APIs and manifest should not be restricted to such an extent and that users should retain enough freedom and capabilities to easily control what to do with extensions and requests within their browser. Once the requests API in the manifest v3 proposal is set in stone and implemented it will be too late of a surprise for the majority of unaware extension users who will notice a shifting of how and what ads/trackers/requests get blocked and it will be near impossible to rollback the changes as the browser market leader has a low incentive to do so. I don't want to sound too dramatic but the implementation of the requests API in the manifest v3 proposal as it is right now could be the beginning of something that will have wider implications on the web and users' ability to decide how they can browse it. Due to Google's position of power on the web and influence on websites it will almost certainly affect more than just Chromium/Chrome users. |
I looked more into this priority property. It does now allow to support the However, it's still not possible to implement noop rules, which purpose is to ignore inherited block/allow rules and fall back strictly on static filters, and which is a key concept to dynamic filtering. Summary, latest version of declarativeNetRequest, as per documentation, still breaks dynamic filtering in uBO, due to the inability to implement the noop concept. Suggestions welcome if somebody can think of a way to implement noop rules which I am not seeing. There is also the issue of Also, still no way to implement blocking according to response header content, so preventing the no-large-media-elements per-site switch, or the new experimental [1] confirmed with a mini extension locally -- a higher priority block could take precedence over a lower priority allow filter |
It might be possible to maybe implement noop rules through complicated negative lookahead regex-based filters. For example:
Maybe could be achieved with:
This is only for medium mode with configuration for one single site. I wonder how this would look like for my current ruleset of 391 rules. Again, as per declarativeNetRequest documentation, regex-based filters are limited to 1000 (and also as per declarativeNetRequest, a regex-based filter can be rejected). And each time one would click to create/remove a temporary rule as is typically often done when working in medium or hard mode, uBO would have to recompile, remove and reinstall all the dynamic rules. On the other hand, uMatrix does not require the concept of noop, and the priority property should allow the implementation of its matching algorithm. In the end, only an actual prototype will be required to sort out for sure what is possible or not. |
Given how the deprecation of a blocking webRequest API put a lid on innovations (and regressions in capabilities in the case of uBO) regarding content blocking, it does seem the move could be the "Not-Owned-But-Operated" strategy applied to content blocking -- the declarativeNetRequest API means the capabilities of (not-owned) content blockers are ultimately operated by Google through the limitations of the API the content blockers must use. |
Google plan is to completely block MV2 extensions in 2023 https://developer.chrome.com/docs/extensions/mv3/mv2-sunset/ https://www.eff.org/deeplinks/2021/12/googles-manifest-v3-still-hurts-privacy-security-innovation |
An example that the declarativeNetRequest ("DNR") API is an obstacle to innovation in content blockers. In discussion with filter list maintainers, last year I implemented a new feature, the ability to use "entity" in I can count over 420 filters currently in the default filterset which uses this feature, clearly a benefit to filter list maintainers. These filters would cease to exist in a DNR-based blocker. The core issue is the lid on innovation, which is key for content blocker to stay reliable. If the DNR API had been designed in 2014 according to the requirements of the time, content blockers would be awfully equipped to deal properly with the current landscape. The DNR API as designed now not only set back content blockers, but condemn content blockers to stagnate innovation-wise. [1] https://github.com/gorhill/uBlock/wiki/Static-filter-syntax#domain [2] #1008 (comment) |
There has been changes in the DNR API, and new conditions have been added which I think will allow to implement
One thing I should have mentioned is that the new |
Following AdGuard's publication of an experimental mv3-based version of their extension, I commented on Hacker News about the fact that the extension still required broad permission which leads to the warning "Read and change all your data on all websites" at install time. This defeats Google's widely advertised (and repeated by many) statement that
At the time of my comment, my understanding was that the broad permission required by AdGuard.MV3 was due to the fact that it still is required to implement cosmetic filtering and scriptlet injection. However I found out that even if sticking to solely deal with network requests (no cosmetic filtering, etc.), broad permission to "read and change all your data on all websites" is still required still when supporting redirection or header modification, i.e. the The only way to avoid broad permission requirement is to use |
Follow up regarding my above comment concerning The experimental uBO Minus MV3 version confirms the Overall, what is counted as ~82K distinct in uBO with default lists, is converted to ~21K DNR rules, thanks to the And as for the Additionally, the experimental version also confirms that the One of the biggest issue at this point is the inability to implement the overview pane in the popup panel, thus also preventing the implementation of the advanced-user mode and the ability to point-and-click to set dynamic rules. There also can be no information about what is not blocked, i.e. the Domains connected figure in the popup panel. I have often argued that this is a more important piece of information than the number of blocked network requests. The no-large-media-elements feature can't be implemented as this requires to inspect response headers on the fly. The There is no concept of exception modifier filters in DNR, i.e. Side note about the experimental uBO Minus MV3 extension: I did not pick the Minus part out of spite, it's to make clear that this is not uBO proper and I want to be sure there is no expectation that this will be the case. I picked Minus for the same reason that the Plus in Adblock Plus was to highlight that this was an improvement over the previous Adblock version. Now the fact that uBO Minus does not require broad read/modify data on all websites can be seen as an improvement over uBO proper by many people who are uncomfortable with granting such broad permissions to an extension. In that case, if you have a better qualifier than Minus, I welcome suggestions. |
Observation: One of the touted benefits of MV3 was faster review process when submitting to the Chrome Web Store. Well so far that is not the case, it's rather slow and the dev build of uBO proper even cleared review while the MV3 version is still pending review despite having no broad host permissions. Hopefully things will get better, but now this is a pain point. |
Technical notes following a ~2 weeks marathon to get something onto MV3, uBO Lite. When AdGuard AdBlocker MV3 Experimental was announced earlier this month, I examined the extension behavior. The key points that stood out for me upon examination:
This motivated me to work on an MV3 version of a content blocker, hence came out uBO Lite (uBOL), i.e. a lite version of uBO to avoid the above issues. Does not require "Read and change all your data on all websites" at install timeThe only warning at install time is "Block content on any page", because of uBOL requests the This constraint means some filtering capabilities are not enabled out of the box, for instances cosmetic filtering and scriptlet-based filtering. This is in line with the stated benefits of MV3. For instance, you may want to avoid giving extended permissions to uBOL while browsing your bank website, though you will still benefit from network filtering to block ads, trackers, etc. However uBOL supports optional permissions, which let the user explicitly grant extended permissions on a given site. Once extended permissions are granted on a given site, uBOL will apply cosmetic and/or scriptlet-based filtering if any of these are present for that given site. (More details) The extended permissions can be revoked at any time, through either uBOL's own user interface, or through the browser user interface. This takes care of point 1. above. No service worker required for network and extended filteringuBOL is wholly declarative, meaning there is no need for its service worker to be running. uBOL's service worker exists when the user is interacting with its user interface, i.e. popup panel or option pages. When you do not interact with uBOL, its service worker is likely to be evicted by the browser at some point, while network and content filtering is still applied by the browser. Network filtering occurs through the The I have observed with the dev tools that the injection takes place very reliably, as documented. This sort of reliability was not possible with MV2 -- there is no race condition issues with MV3 with regard to uBOL's injected code versus a page's own code. This takes care of point 2. above. Coalescing as many distinct network filters into as few DNR rulesThe
For instance, uBOL's default filter lists is that of uBO (minus "Online Malicious URL Blocklist", so blocks ads, trackers, and more out of the box), and as a result of the improvements above, it only uses ~20K DNR rules which correspond to ~76K network filters in uBO. This should allow to enable one or two regional lists without busting the API-imposed soft limit of 30K DNR rules per extension. This takes care of point 3. above. Issues encountered when working on uBOL. The DNR's matching algorithm differs from uBO's matching algorithm regarding modifier filters ( Generic cosmetic filters are another issue to investigate and decide whether these will be supported or not. Given that cosmetic filtering is declarative, it's not possible to have an element picker to create cosmetic filters. This could be accomplish only through a service worker dynamically injecting those content filters, which as stated above would lead to point 2. -- something I want to avoid otherwise this would defeat the Lite in uBO Lite. Since all filtering is done declaratively, this means there is no way to force an update of filters when something is fixed in filter lists, the fix will have to be published in the next version of the extension uploaded to the CWS. Many users of uBO will dislike the limitations of uBOL when compared to uBO. There is no point complaining about it, it's just not for you, it's meant for another kind of users -- you do not have to use it. For the record, it's not for me either (I want/need the full control uBO allows me), but I want to offer an option for those who use uBO as an install-and-forget blocker without ever interacting with it. |
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
Notes regarding The findings are that this filter list can't really be ported on a permission-less content blocker based on declarativeNetRequest API because host permissions must be granted for both the initiator domain and the request domain -- as per API documentation:
A majority of filters in that list looks as follow (excerpt):
The fact that they are meant to remove the query parameters of any outgoing network request means that for these to work in an a priori permission-less extension would require the extension to request the At which point it becomes pointless to be permission-less, and at which point we are back to defeating one of the stated benefits of MV3 regarding privacy. In fact, the scary warning does not make sense at all with what is actually happening. The whole purpose here is to remove query parameters used for tracking, and these query parameters are not data owned by the user as implied by the warning, these are data only useful to some undisclosed entities which are 3rd-party to the users and possibly to even the visited websites, and wanting to remove these should not be presented with a questionable warning that the extension is asking for read/write access to your data. |
The official announcement doesn't make it clear whether we still can push updates to MV2 extensions after January 2023. The previous announcement said that as of January 2023:
Side note regarding performance in MV3: although uBO Lite does everything declaratively, we must not assume that MV3 extensions will automatically be measurably more performant than their MV2 counterparts. The only way to make the case of enhanced performance is actual benchmarks which measure real world scenarios, and whether the differences if any are meaningful to end users. I see too many comments presuming content blockers in MV3 will be more performant, but the only way to make such statements is objective performance measurements of real world scenarios (example). At the moment, content blockers which require a up and running service workers appear to be doing worse than their MV2 counterpart, and for those not requiring an up and running service worker (as in uBOL), only benchmarking will tell whether they perform better, and if so by which amount. For instance, months ago I measured that uBO's network filtering matching algorithm was more performant than another well-known one compiled to native, so we should not presume one way or another regarding performance, sometimes the results are contrary to expectations. |
@gorhill does this look relevant: w3c/webextensions#162 (comment) ? |
I saw these results a few days ago but I don't think we can draw conclusions about the DNR's performance, except maybe that matching does not take more time than what is reported on these graphs. The timing measurements require that a Promise be fulfilled so it's not just the matching itself involved. Currently the built-in benchmark in uBO measures 7-8µs/request on average for uBO's default filter lists, so I really doubt the DNR would be above 1ms/request for just 20K rules. |
At this point, this is what I observed:
Addendum:
|
ok, I've notified @dotproto on slack |
No support for $header too ? |
|
uBlock Lite vs. uBlock Origin uBO Lite:
https://www.reddit.com/r/uBlockOrigin/comments/1067als/eli5_ublock_lite_vs_ublock_origin/ |
https://developer.chrome.com/en/blog/resuming-the-transition-to-mv3/
|
So now they are bringing back the ability to execute remote code: https://github.com/w3c/webextensions/blob/main/proposals/user-scripts-execute-api.md, contradicting the prominent No more remotely hosted code:
|
I'm leaving a link for easy access for whoever might need it: https://github.com/uBlockOrigin/uBOL-home |
Description
This issue is a heads-up on the proposed Chrome extension manifest version 3, which will have a significant impact on ad-blockers.
There is a tracking bug at: https://bugs.chromium.org/p/chromium/issues/detail?id=896897
In-progress design doc: https://docs.google.com/document/d/1nPu6Wy4LWR66EFLeYInl3NzzhHzc-qnk4w4PX-0XMw8/edit#
Might be worth a review, and giving feedback via the tracking bug.
regarding all dev. on dnr - https://bugs.chromium.org/p/chromium/issues/list?can=2&q=declarative+net+request
"Migrating to Manifest V3" (timeline) - https://developer.chrome.com/extensions/migrating_to_manifest_v3
The text was updated successfully, but these errors were encountered: