Skip to content

0.9.8.2

Compare
Choose a tag to compare
@gorhill gorhill released this 30 May 18:20
· 9996 commits to master since this release

Notes:

It's kind of fast for a new release but I want to keep the review process going.

Closed as fixed:

Chromium:
  • [Chrom*] connections not being blocked after reload (from uMatrix)
    • uBlock now requires a new permission, "Change your privacy-related settings": for uBlock to be able to disable the setting "Prefetch resources to load pages more quickly".
    • This will ensure no connection is opened at all for blocked requests: It's for your own protection privacy-wise.
    • Prefetching is under Privacy for good reasons: using prefetching has negative implications privacy-wise.
    • For pages with lots for blocked requests, this will actually remove overhead from page load (if you did not have the setting already disabled).
    • When uBlock blocks a network request, the expectation is that it blocks completely the connection, hence the new permission is necessary for uBlock to do truthfully what it says it does.

uBlock's primary purpose is to block network connections, not just data transfer. Not blocking the connection while just blocking the data transfer would mean uBlock is lying to users. So this permission will stay, and sorry for those who do not understand that it actually allows uBlock to do its intended job more thoroughly. A blocker which does not thoroughly prevent connections is not a real blocker.

Privacy Badger also requires exactly the same permissions. I want uBlock to also serve privacy-minded users first.

If prefetching had been disabled by default, this new permission would not be needed, but prefetching is unfortunately enabled by default, and under Privacy heading, which is itself hidden by default under "advanced settings".

c

Google on prefetching:

If you turn this setting on in Chrome, websites (and any of their embedded resources) that are prerendered or prefetched may set and read their own cookies as if you had visited them before -- even if you don’t visit the prerendered or prefetched pages after all.

Also, the benefits of prefetching are probably marginal, and in the context of a blocker, the benefits could be negative, since a lot of useless connections would be made, just to be discarded after the browser find out the requests won't be made anyway. So do not fall for the "lost of major performance boost" claim I read elsewhere, this is just a silly and baseless claim.

Edit: next release there will be a setting allowing you to re-enable prefetching. At least you will now use prefetching with an understanding of the negative consequences and in an informed consent manner.

More about the required permissions

Firefox:
Core: