-
Notifications
You must be signed in to change notification settings - Fork 96
Frequently Asked Questions
You can use this testing utility, Firefox's built-in network monitor CTRL+SHIFT+Q to see what's leaving your device, and the debugger CTRL+SHIFT+S to find and open injected files. By default, locally delivered files are marked with comments, and there's a counter (in preferences).
Most content blockers do not block delivery networks by default, as doing so breaks pages. This extension works out of the box, unless it's asked to operate under strict blocking rules. Any policies set by other extensions are respected. As such, blocked resources will not be served locally.
Open up the extension dashboard and navigate to the My rules page. Click Edit under the temporary rules section, and paste the list of rules below into the text area. Save the changes, and then click Commit to make them permanent. Any supported requests will now be delegated.
* ajax.googleapis.com * noop
* ajax.aspnetcdn.com * noop
* ajax.microsoft.com * noop
* cdnjs.cloudflare.com * noop
* code.jquery.com * noop
* cdn.jsdelivr.net * noop
* yastatic.net * noop
* yandex.st * noop
* libs.baidu.com * noop
* lib.sinaapp.com * noop
* upcdn.b0.upaiyun.com * noop
Important: Enable the block requests for missing resources setting inside the Decentraleyes extension
Optionsscreen, in order to preserve your strict CDN-blocking policies.
Add the domains ajax.googleapis.com, ajax.aspnetcdn.com, ajax.microsoft.com, cdnjs.cloudflare.com, code.jquery.com, cdn.jsdelivr.net, yandex.st, yastatic.net, libs.baidu.com, lib.sinaapp.com, and upcdn.b0.upaiyun.com to your whitelist.
Important: Enable the block requests for missing resources setting inside the Decentraleyes extension
Optionsscreen, in order to preserve your strict CDN-blocking policies.
Absolutely. Requests to Content Delivery Networks contain the "Referer" HTTP header (originally a misspelling of referrer) that reveals what page you're visiting. Techniques like IP address tracking and browser fingerprinting can then be used to associate the aggregated data with your identity.
Sadly, no. Even if the file in question is stored inside of your cache, your browser might still contact the referenced Content Delivery Network to check if the resource has been modified.
Even if a resource is not locally available, Decentraleyes offers improved protection by stripping optional headers from intercepted CDN-requests. This keeps specific data, such as what page you are on, from reaching delivery networks. Whitelisting a domain does not affect this measure.
They show up when both extensions are attempting to redirect a specific request. The race is always won by the most recently installed extension. This is why recent versions of Decentraleyes automatically set up secure connections when forced to let intercepted requests through.
This means that it's safe to disable HTTPS Everywhere for supported CDNs, as long as you're using Decentraleyes v1.3.7.1 (or higher). Doing so should prevent any further related conflicts and warnings. Just follow this short guide to configure your installation of HTTPS Everywhere.
Decentraleyes was designed to complement all kinds of other privacy-enhancing extensions including, but definitely not limited to: BetterPrivacy, HTTPS Everywhere, NoScript Security Suite, Privacy Badger, RequestPolicy, Self-Destructing Cookies, uBlock Origin, and uMatrix.
Are you having trouble using Decentraleyes alongside any of your other content blockers? Please read this related answer, as it's very likely to contain the exact information you need.