Google engineers have put forward proposed changes to the open-source Chromium browser that would break content-blocking extensions.
In October last year, Chromium developers put forward Manifest V3, which would enable trustworthy Google Chrome extensions by default, but other proposed changes would also limit the ability of third-party ad blocking extensions.
The proposed modifications to Google Chrome would see users’ ability to control content – and how their browser presents and interacts with remote resources – greatly reduced.
Despite the changes, modified versions of Adblock Plus and similar plugins that use more basic filtering would continue to operate to an extent.
However, more rigorous ad blocking extensions, such as Ublock Origin, would see their capacity extremely limited or be unable to function at all.
By neutralising extensions, including Ublock Origin or uMatrix, which do not have to placate publishers by white-listing ads, users will be left with the more limited and controlled Adblock Plus.
Is Privacy Just a Pretext?
Previously, Google, Amazon, Microsoft and Taboola reportedly paid AdBlock Plus to allow their ads to pass through its filter software. This had led many to speculate that Google is using privacy as a pretext for putting the interests of its ad business over consumers.
Manifest V3 states that the proposed changes are intended to improve security, privacy and performance to enhance user control. But this increased security is dependant upon the belief that Google and its ecosystem is more trustworthy than third-party developers.
According to a bug report submitted by Raymond Hill, developer of uBlock Origin and uMatrix, to the Chromium bug tracker website, the changes put forward in Manifest V3 would significantly limit the ability of users to determine what content they see online.
Hill’s concerns centre on Google’s desire to prevent ad-blocking through the webRequest API and restrict blocking capabilities to a new DeclarativeNetRequest API. He goes on to say that not only will his extensions be ruined, it will also be impossible for other ad-blocker developers to build new and novel filtering-engine designs.
In an email to The Register, Hill commented: “I understand the point of a declarativeNetRequest API, and I am not against such API. However, I don’t understand why the blocking ability of the webRequest API – which has existed for over seven years – would be removed (as the design document proposes). I don’t see what is to be gained from doing this.”
Hill also notes that the new API means other capabilities will no longer be available, including blocking media elements larger than a specified size, disable JavaScript execution by injecting Content-Security-Policy directives, and removing the outgoing Cookie headers.
“Extensions act on behalf of users. They add capabilities to a ‘user agent’, and deprecating the blocking ability of the webRequest API will essentially decrease the level of user agency in Chromium, to the benefit of websites, which obviously would be happy to have the last word in what resources their pages can fetch/execute/render,” he said.
“With such a limited declarativeNetRequest API and the deprecation of blocking ability of the webRequest API, I am skeptical ‘user agent’ will still be a proper category to classify Chromium.”
Due to an online backlash and general animosity from both users and developers to the changes, Google has been quick to reiterate that the changes are not yet definite, and are subject to revision. Users have already taken social media platform Reddit to urge others to make the switch now to Firefox and to set DuckDuckGo as their default browser to avoid the impact of the proposed changes.