Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

All disabled sites include a wildcard in MV3 #3061

Open
ghostwords opened this issue Feb 18, 2025 · 4 comments · May be fixed by #3078
Open

All disabled sites include a wildcard in MV3 #3061

ghostwords opened this issue Feb 18, 2025 · 4 comments · May be fixed by #3078
Labels
MV2 Manifest V2-specific issue MV3 Manifest V3-specific issue

Comments

@ghostwords
Copy link
Member

ghostwords commented Feb 18, 2025
edited
Loading

Because we use requestDomains in DNR "allowAllRequests" rules, disabled site domains always include subdomains.

Is it important to be able to disable Privacy Badger on site without disabling it on subdomains of that site?

If the answer is no, we should update MV2 Privacy Badger to work the same way, and remove the leading wildcard from the disabled sites domain input placeholder and any documentation. We should also update the validation for the disabled sites input, and remove wildcards from any existing disabled sites.

DNR "allowAllRequests" rules:

privacybadger/src/lib/dnr/utils.js

Lines 445 to 467 in 7d8d051

// remove leading wildcards
// domains now always match subdomains
disabledSites = disabledSites.map(site => {
if (site.startsWith('*')) {
site = site.slice(1);
if (site.startsWith('.')) {
site = site.slice(1);
}
}
return site;
});
if (disabledSites.length) {
opts.addRules.push({
id: badger.getDynamicRuleId(),
priority: constants.DNR_SITE_ALLOW_ALL,
action: { type: 'allowAllRequests' },
condition: {
requestDomains: disabledSites,
resourceTypes: ['main_frame']
}
});
}

Content script matching logic that we made to work the same way:

privacybadger/src/lib/dnr/utils.js

Lines 36 to 46 in 7d8d051

function convertSiteDomainsToMatchPatterns(disabledSites) {
return disabledSites.map(site => {
if (site.startsWith("*")) {
site = site.slice(1);
if (site.startsWith(".")) {
site = site.slice(1);
}
}
return `*://*.${site}/*`;
});
}

@ghostwords ghostwords added Chrome low priority MV3 Manifest V3-specific issue labels Feb 18, 2025
@ghostwords
Copy link
Member Author

ghostwords commented Feb 18, 2025
edited
Loading

To be exact, when you disable Privacy Badger on example.com in MV3, this is equivalent to the following disabled sites entries in MV2:

example.com
*.example.com

MV2 technically also supports *example.com, but MV3 does not, and I don't think we should support this either.

Relevant MV2 disabled site domain matching logic:

privacybadger/src/js/background.js

Line 996 in cbd036a

if (pattern.startsWith("*") && host.endsWith(pattern.slice(1))) {

@Mikaela

This comment has been minimized.

Sign in to view
@ghostwords

This comment has been minimized.

Sign in to view
@Mikaela
Copy link

Mikaela commented Feb 19, 2025

Reading better, I think consistency is the way to go and thus my answer would be no, disabling a site without disabling subdomains is not important.

Otherwise I would imagine there to be confusion with mismatching behaviour of tracking sites, if anyone noticed it, and I try to keep my policies in sync between Firefox and Chromium, which I understand to be MV2 and MV3 in that order.

@Mikaela Mikaela mentioned this issue Feb 19, 2025
Closed
@ghostwords ghostwords added MV2 Manifest V2-specific issue and removed low priority Chrome labels Feb 20, 2025
@ghostwords ghostwords mentioned this issue Feb 26, 2025
Closed
@ghostwords ghostwords linked a pull request Mar 17, 2025 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
MV2 Manifest V2-specific issue MV3 Manifest V3-specific issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Make disabled sites always match subdomains EFForg/privacybadger
2 participants
@ghostwords @Mikaela