I think it's that experience revealed there were certain threats that needed to be included in the threat model. I'm not on the team, but I think an example is, "extension pretends to be an ad blocker, but actually sells your browsing history."
-
-
Replying to @jyasskin @slightlylate
I think there are alternative ways of addressing that risk that don't handicap good extensions. For example, in the JS context (worker, whatever) in the extension that has more access to view/change requests/responses, limit API surface area to block storage, networking, etc.
2 replies 0 retweets 1 like -
Replying to @BRIAN_____ @jyasskin
These are APIs that *do networking*. Do you have a concrete proposal?
1 reply 0 retweets 0 likes -
-
Replying to @BRIAN_____ @jyasskin
True! At the same time, the offered suggestion is facially unworkable. I'm asking for a detailed set of suggestions because that's how we improve APIs; and I want to stress, we're *absolutely listening* and I'm happy to advocate for anything good to the team.
2 replies 0 retweets 1 like -
Replying to @slightlylate @jyasskin
My main suggestion is to ask
@gorhill and other extension developers what they need. I don't agree with the speculation about bad motives on the Chrome team's part, but I do think@gorhill and other devs know what's necessary now and what's likely to be necessary in the future.1 reply 0 retweets 0 likes -
The list I've gleaned from a few days of close-reading (ignoring the invective and innuendo to the extent possible) yields 3 concrete suggestions: 1.) bigger lists (in progress) 2.) redirect w/ substitution 3.) header addition (e.g., for CSP) If there are others, bring 'em on!
1 reply 0 retweets 0 likes -
Replying to @slightlylate @BRIAN_____ and
Allow uBlock Origin to continue using the existing API until the time when all existing needs are covered by other APIs.
1 reply 0 retweets 0 likes -
Replying to @matthewcp @BRIAN_____ and
At the risk of repeating myself, *nothing has shipped*. The furthest any changes have gotten is Canary as an *opt-in*.
1 reply 0 retweets 0 likes -
Replying to @slightlylate @BRIAN_____ and
What is this in response to? My tweet was in response to: > If there are others, bring 'em on! My suggestion is to whitelist uBlock Origin to continue using the existing API for the time being.
1 reply 0 retweets 0 likes
Apologies; I was imprecise. If you have *API suggestions* or can help provide test cases for scenarios you'd like to enable, all ears.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.