-
Notifications
You must be signed in to change notification settings - Fork 96
Frequently Asked Questions
You can use the testing utility to ensure that the extension is working as intended. Contextual information on local injections can be found inside of the popup user interface. To analyze actual network traffic, use your browser's built-in network monitor, or a dedicated packet sniffer.
Most content blockers do not block delivery networks by default, as doing so breaks pages. This extension works out of the box, unless it's asked to operate under strict blocking rules. Any policies set by other extensions are respected. As such, blocked resources will not be served locally.
Note: Easy mode is uBlock Origin's default mode. Unless you've manually applied a more strict blocking mode (e.g. medium), you do not need to follow the steps below. By proceeding, you accept that you'll need to manually un-break pages. In doubt? Ignore this guide.
Open up the extension dashboard, and navigate to the My rules
tab. Revert any unwanted non-permanent changes, click Edit
under the temporary rules section, and paste the list of rules below into the text area. Save and commit your changes. Supported requests will now be delegated.
* ajax.googleapis.com * noop
* ajax.aspnetcdn.com * noop
* ajax.microsoft.com * noop
* cdnjs.cloudflare.com * noop
* code.jquery.com * noop
* cdn.jsdelivr.net * noop
* yastatic.net * noop
* yandex.st * noop
* libs.baidu.com * noop
* lib.sinaapp.com * noop
* upcdn.b0.upaiyun.com * noop
* sdn.geekzu.org * noop
* ajax.proxy.ustclug.org * noop
Important: Enable the block requests for missing resources setting inside the Decentraleyes extension
Options
screen, in order to reinstate your strict CDN-blocking policies.
The list of dynamic filtering rules above was last changed on 29-May-2018
.
Note: You should not follow the steps below, unless you block CDN requests. By proceeding, you accept that you'll need to manually un-break pages. In doubt? Ignore this guide.
Add the domains ajax.googleapis.com
, ajax.aspnetcdn.com
, ajax.microsoft.com
, cdnjs.cloudflare.com
, code.jquery.com
, cdn.jsdelivr.net
, yandex.st
, yastatic.net
, libs.baidu.com
, lib.sinaapp.com
, upcdn.b0.upaiyun.com
, sdn.geekzu.org
, and ajax.proxy.ustclug.org
to the whitelist(s) of the strictly configured blocker(s).
Important: Enable the block requests for missing resources setting inside the Decentraleyes extension
Options
screen, in order to reinstate your strict CDN-blocking policies.
The hostname enumeration above was last changed on 29-May-2018
.
Absolutely. Requests to Content Delivery Networks contain the "Referer" HTTP header (originally a misspelling of referrer) that reveals what page you're visiting. Techniques like IP address tracking and browser fingerprinting can then be used to associate the aggregated data with your identity.
Sadly, no. Even if the file in question is stored inside of your cache, your browser might still contact the referenced Content Delivery Network to check if the resource has been modified.
Even if a resource is not locally available, Decentraleyes offers improved protection by stripping optional headers from intercepted CDN-requests. This keeps specific data, such as what page you are on, from reaching delivery networks. Whitelisting a domain does not affect this measure.
They show up when both extensions are attempting to redirect a specific request. The race is always won by the most recently installed extension. This is why recent versions of Decentraleyes automatically set up secure connections when forced to let intercepted requests through.
This means that it's safe to disable HTTPS Everywhere for supported CDNs, as long as you're using Decentraleyes v1.3.7.1 (or higher). Doing so should prevent any further related conflicts and warnings. Just follow this short guide to configure your installation of HTTPS Everywhere.
Decentraleyes was designed to complement all kinds of other privacy-enhancing extensions including, but surely not limited to: Cookie AutoDelete, Disconnect, HTTPS Everywhere, NoScript Security Suite, Privacy Badger, RequestPolicy Continued, uBlock Origin, and uMatrix.
Are you having trouble using Decentraleyes alongside any of your other content blockers? Please read this related answer, as it's very likely to contain the exact information you need.