> It's a lot easier to just accuse Google of acting in bad faith, and Mozilla of being their lapdogs, and ignore any possible evidence to the contrary.
There are two issues at play here.
Manifest V3 is, undeniably, a security improvement over Manifest V2. Providing full read/write access to all websites is a huge security risk, and the fact that we're willing to do it is really a testament to how bad the state of the web is without adblockers.
However, the final standardized version of Manifest V3 limited the size of content filters - essentially, limiting the number of ad sources that you could filter. This severely limits the utility of adblocking extensions.
Mozilla responded to this by promising not to implement the cap in their implemention of Manifest V3 - ie, ignoring that part of the spec and allowing extensions to filter an unlimited number of sources in Firefox. Chrome and other browsers are sticking to the spec, though, including the cap on sources.
I believe UBlock Origin Lite is a downgrade feature-wise from UBlock Origin, but that's because it's targeting both Firefox and non-Firefox browsers. In theory, a Manifest V3 version of UBlock Origin Lite designed for Firefox could provide the same functionality as the Manifest V2 UBlock Origin.
Honestly, I hope someone (whether gorhill or someone else) takes up the mantle and does that, because there's no reason that Firefox users should have to use an adblocker with a less secure design, just because other browsers don't support it.
It's not just the size of content filters. V2 had the ability to run code to block a web request before it was downloaded. V3 only gives you a (size-limited) set of declarative filters. If you want to block anything else, you'll have to do it after it has been downloaded already.
(all here is iiuc; I've never used any of these)
https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/Web...
Safari allows extensions to offer multiple block lists, each at the maximum size allowed (65k entries I think). Does manifest v3 not do the same?
> Providing full read/write access to all websites is a huge security risk, and the fact that we're willing to do it is really a testament to how bad the state of the web is without adblockers.
That seems to be completely ignoring that extensions aren't just independent self-contained programs. They're intended to extend and modify the capabilities of your user agent to better suit the needs of the user. Trusting the user agent with full read/write access to the data it's fetching is fundamental to the purpose of a user agent. Sure, it's nice when you can sandbox a helper, but it's irresponsible to suggest there's anything wrong or unusual about having the kind of powerful extensions that Google doesn't want you to have.