logoalt Hacker News

kuhsaft10/11/20243 repliesview on HN

On the contrary, MV2 used onBeforeRequest which let extensions see what requests you were making. They could then take that data and use it for malicious purposes.

MV3 doesn’t allow extensions to know what requests are being made, so extensions can’t use your data maliciously.

Requests to ads that are blocked are blocked.

I think you’re thinking of Privacy-preserving ad measurement which is an option in Firefox and Safari. https://support.mozilla.org/en-US/kb/privacy-preserving-attr...


Replies

throwaway9834610/11/2024

> On the contrary, MV2 used onBeforeRequest which let extensions see what requests you were making. They could then take that data and use it for malicious purposes.

Which is something we know for a fact uBlock Origin doesn't do. It's open source, you can check the code yourself. MV3, on the other hand, doesn't do much to assure me that an addon isn't phoning home. Why not just give the user to ability to block network requests on a per-addon basis? Too difficult a task for the trillion dollar company? Or could it be that forcing users to switch to MV3 addons isn't about safety at all?

sunshowers10/11/2024

Doesn't onBeforeRequest still exist in Manifest v3? The thing that's been removed is the ability to block on it, not the ability to register handlers for requests.

show 1 reply
GeoAtreides10/11/2024

but op wasn't talking about what extensions are seeing, but what the ad servers do. You haven't address their point at all