decentraleyes issueshttps://git.synz.io/Synzvato/decentraleyes/-/issues2019-04-02T12:51:38Zhttps://git.synz.io/Synzvato/decentraleyes/-/issues/351Consider including polyfill.io2019-04-02T12:51:38ZpavonConsider including polyfill.iopolyfill.io is a common javascript library service that by its nature is always hosted by a third party rather than bundled locally, and does track individual users if the developer (not the user) opts-in to this tracking.polyfill.io is a common javascript library service that by its nature is always hosted by a third party rather than bundled locally, and does track individual users if the developer (not the user) opts-in to this tracking.https://git.synz.io/Synzvato/decentraleyes/-/issues/308Possible FAQ or even feature relating to browser cache2018-12-25T03:53:03Zmartin ➬Possible FAQ or even feature relating to browser cacheHey there, and thanks for your awesome work on this extension.
I presented it tonight (https://twitter.com/martinkrafft/status/1031838014262063104 for context), and a question was brought up why we don't just use the browser cache. I th...Hey there, and thanks for your awesome work on this extension.
I presented it tonight (https://twitter.com/martinkrafft/status/1031838014262063104 for context), and a question was brought up why we don't just use the browser cache. I think it's worth exploring this, because it might be worth a FAQ entry for your project. On the other hand, maybe Decentraleyes could actually grow a new feature?
It's my understanding that even though my browser has cached a file, such as jquery-1.91.js, whenever the cache is hit, there'll still be an HTTP request to the originating source, to validate that nothing has changed. I may well be wrong, not claiming to have understood how caching works.
While Decentraleyes has a number of pre-defined resources it basically injects into intercepted requests, and even a mode to disallow requests it cannot field, wouldn't it be possible to extend it to "learn" additional, static resources, and serve them up while preventing the HTTP requests?
Basically, if I download a file `foobar.js` from `cdn.example.org`, then could we maybe use some heuristic to determine if we deem this resource to be immutable, such as "there is a version number in the path", or "it has a well-defined name", which would cause Decentraleyes to "adopt" the resource? Such that further requests to that resource will be intercepted, with Decentraleyes causing the browser to serve the cached content directly, without asking the server first for the timestamp of last modification?
I hope I am making sense. If not, please tell me and I'll attempt to clarify.https://git.synz.io/Synzvato/decentraleyes/-/issues/297Add support for the Brave browser2019-04-02T13:01:55ZMICHAEL GILBERTAdd support for the Brave browserNever used synz or github so not sure if posting feature request in correct way. Would like decentraleyes to be available for Brave browser.Never used synz or github so not sure if posting feature request in correct way. Would like decentraleyes to be available for Brave browser.https://git.synz.io/Synzvato/decentraleyes/-/issues/294Use a code search engine to detect tainted domains2018-10-10T23:23:49ZPhilipp JacekUse a code search engine to detect tainted domainsHi!
First of all thanks for all of your great work on this necessary addon and for moving it to your own self-hosted Gitlab instance instead of Github! :)
So my ticket is just an idea for discovering tainted domains which I don't know ...Hi!
First of all thanks for all of your great work on this necessary addon and for moving it to your own self-hosted Gitlab instance instead of Github! :)
So my ticket is just an idea for discovering tainted domains which I don't know if you're aware: basically would it be possible to use https://publicwww.com/ for such a task? (I'm not sure about that)
Anyway hope this helps and thanks again for your work!https://git.synz.io/Synzvato/decentraleyes/-/issues/284Is there a Safari compatible alternative?2018-06-29T11:50:04ZGhost UserIs there a Safari compatible alternative?*Created by: Yensan*
I am from China. As some reason, google is blocked. So CDN service like Decentraleyes is very useful. Thank you all developers.
I am a cross_platform user. I use macOS/Win/Ubuntu in different situation.
Maybe the...*Created by: Yensan*
I am from China. As some reason, google is blocked. So CDN service like Decentraleyes is very useful. Thank you all developers.
I am a cross_platform user. I use macOS/Win/Ubuntu in different situation.
Maybe the safari is better in macOS than other browsers, BUT I find it hasn't Decentraleyes plugin !!! What a pity !
Could anyone tell me what I can find as a Decentraleyes substitute in Safari ???
Thanks very much! https://git.synz.io/Synzvato/decentraleyes/-/issues/265Improve the user interface of the whitelist editor2018-06-28T22:20:28ZGhost UserImprove the user interface of the whitelist editor*Created by: WPFilmmaker*
Right now if you add more than one site it gets cut, making the bar longer wouldn't solve the problem, furthermore at the moment there is no way to remove one site without having to look through the bar and rem...*Created by: WPFilmmaker*
Right now if you add more than one site it gets cut, making the bar longer wouldn't solve the problem, furthermore at the moment there is no way to remove one site without having to look through the bar and remove it by selecting and deleting.
I think the style of adblock plus is way better as it shows a lst of exceptions and allows to delete them with a click:
https://s31.postimg.org/74ywpmdrv/dec.pnghttps://git.synz.io/Synzvato/decentraleyes/-/issues/69Start supporting other types of resources2018-06-07T13:20:56ZGhost UserStart supporting other types of resources*Created by: ivysrono*
https://fonts.googleapis.com/css?family=Open+Sans
http://fonts.googleapis.com/css?family=Open+Sans
http://platform.twitter.com/widgets.js
https://platform.twitter.com/widgets.js
*Created by: ivysrono*
https://fonts.googleapis.com/css?family=Open+Sans
http://fonts.googleapis.com/css?family=Open+Sans
http://platform.twitter.com/widgets.js
https://platform.twitter.com/widgets.js
https://git.synz.io/Synzvato/decentraleyes/-/issues/473[request] Flutter2024-01-31T11:18:34ZGabriel[request] FlutterFlutter web is yet another leak point into google.
here is a sample application using flutter web renderer: https://flutter.github.io/samples/web/material_3_demo/
which loads files such as https://www.gstatic.com/flutter-canvaskit/f40e...Flutter web is yet another leak point into google.
here is a sample application using flutter web renderer: https://flutter.github.io/samples/web/material_3_demo/
which loads files such as https://www.gstatic.com/flutter-canvaskit/f40e976bedff57e69e1b3d89a7c2a3c617a03dad/canvaskit.wasmhttps://git.synz.io/Synzvato/decentraleyes/-/issues/468Shouldn't the ressources be updated?2023-08-16T08:30:30ZVictor Grousset/tuxayoShouldn't the ressources be updated?https://git.synz.io/Synzvato/decentraleyes/-/tree/master/resources
I read that the versions included are based on usage count on the most popular websites by market share, but surely that changed in 4 years, right? That might change qui...https://git.synz.io/Synzvato/decentraleyes/-/tree/master/resources
I read that the versions included are based on usage count on the most popular websites by market share, but surely that changed in 4 years, right? That might change quite fast only due to the number of website that link to the latest version of a given lib instead of pinning one.
That must mean the miss rate must be much more high than 4 years ago.https://git.synz.io/Synzvato/decentraleyes/-/issues/458Allow wildcard "subdomain" in domain-exclusions2022-08-17T09:55:37ZimmeëmosolAllow wildcard "subdomain" in domain-exclusionsAllow to "Exclude domains" with a wildcard prefix "*."
Around line 36 in request-analyzer
Synzvato/decentraleyes/-/blob/master/core/request-analyzer.js#L36
Dunno..something like this:
```js
isWhitelisted = requestAnalyzer.whitelis...Allow to "Exclude domains" with a wildcard prefix "*."
Around line 36 in request-analyzer
Synzvato/decentraleyes/-/blob/master/core/request-analyzer.js#L36
Dunno..something like this:
```js
isWhitelisted = requestAnalyzer.whitelistedDomains[initiatorDomain];
if (! isWhitelisted) {
dotPosition = initiatorDomain.indexOf('.');
isWhitelisted = requestAnalyzer.whitelistedDomains['*.' + initiatorDomain.substring(dotPosition)];
}
if (isWhitelisted) {
return false;
}
```https://git.synz.io/Synzvato/decentraleyes/-/issues/428Resources blocked by uBlock Origin are injected locally in 2.0.152022-07-19T07:46:06ZzsrfrrfamResources blocked by uBlock Origin are injected locally in 2.0.15I have configured uBlock Origin to block all 3rd-party scripts globally and only noop them on the fly when necessary. According to the [FAQ](https://git.synz.io/Synzvato/decentraleyes/-/wikis/Frequently-Asked-Questions#why-doesnt-it-deli...I have configured uBlock Origin to block all 3rd-party scripts globally and only noop them on the fly when necessary. According to the [FAQ](https://git.synz.io/Synzvato/decentraleyes/-/wikis/Frequently-Asked-Questions#why-doesnt-it-deliver-resources-from-cdns-i-block-using-a-different-add-on), Decentraleyes respect content blockers and does not serve blocked resources. This does not seem to be true after the recent 2.0.15 update.
STR:
1. Add `* * 3p-script block` in My rules tab in uBlock Origin
2. Visit https://decentraleyes.org/test/
Expected Behavior:
No local resources were injected because _ajax.googleapis.com_ is blocked by uBlock Origin as 3rd-party script
Actual Behavior:
Injection counts on extension icon and popup panel suggest that resources were injected locally for _ajax.googleapis.com_, and no request to _ajax.googleapis.com_ can be seen on Firefox's Network panel. If I add _decentraleyes.org_ to the whitelist, Network panel shows that requests to _ajax.googleapis.com_ were blocked by uBlock Origin.https://git.synz.io/Synzvato/decentraleyes/-/issues/411Sync option2020-04-14T20:09:30ZTiamatiSync optionI use a lot of PC/Notebook and sometimes i have to resintall decentraleyes and loose all configs injected DNS.
So i wonder if there is any way to add a sync option (using the sync account from Edge,Chrome or Firefox) to add this option....I use a lot of PC/Notebook and sometimes i have to resintall decentraleyes and loose all configs injected DNS.
So i wonder if there is any way to add a sync option (using the sync account from Edge,Chrome or Firefox) to add this option. Ublock origin has a similar features that allows it.https://git.synz.io/Synzvato/decentraleyes/-/issues/408Decentraleyes freezes the browser on certain pages if Dark Reader is enabled2022-08-01T10:07:17ZMPeti1Decentraleyes freezes the browser on certain pages if Dark Reader is enabledIf the both Decentraleyes and Dark Reader are enabled, and while certain pages are open - one such being [Protonmail](decentraleyes@protonmail.com) - the browser freezes, it takes more time to respond to user input (mouse interaction, ke...If the both Decentraleyes and Dark Reader are enabled, and while certain pages are open - one such being [Protonmail](decentraleyes@protonmail.com) - the browser freezes, it takes more time to respond to user input (mouse interaction, keypresses and keycombinations including Ctrl+W), and if you don't close the problematic tab in about 30-60 seconds then the browser will respond so slow that you'll need to kill it's processes to fix it.
After testing in a new profile without any kind of settings and only the 2 plugins installed it seems it depends on one more thing. I'll try to find it now, and write about my findings in a following comment
Settings are unaltered of both plugins in both the test and main profiles, so plugin configuration can't be the problem.https://git.synz.io/Synzvato/decentraleyes/-/issues/377jsDelivr is now using the new endpoint2022-02-05T03:44:43ZSukkajsDelivr is now using the new endpointjsDelivr has already support load files from npm & GitHub
https://git.synz.io/Synzvato/decentraleyes/blob/master/core/mappings.js#L134
For example:
```
https://cdn.jsdelivr.net/jquery/3.2.1/jquery.min.js
```
can also be
```
https://...jsDelivr has already support load files from npm & GitHub
https://git.synz.io/Synzvato/decentraleyes/blob/master/core/mappings.js#L134
For example:
```
https://cdn.jsdelivr.net/jquery/3.2.1/jquery.min.js
```
can also be
```
https://cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js
```https://git.synz.io/Synzvato/decentraleyes/-/issues/374compatibility with Binary AST in FF?2019-08-11T15:42:14Zn8v8Rcompatibility with Binary AST in FF?upon having accidently stumbled in FF Nightly over
`dom.script_loader.binast_encoding.domain.restrict.list *.facebook.com,static.xx.fbcdn.net,*.cloudflare.com,*.cloudflarestream.com,unpkg.com`
I looked it up
* https://blog.cloudflare...upon having accidently stumbled in FF Nightly over
`dom.script_loader.binast_encoding.domain.restrict.list *.facebook.com,static.xx.fbcdn.net,*.cloudflare.com,*.cloudflarestream.com,unpkg.com`
I looked it up
* https://blog.cloudflare.com/binary-ast/
* https://tc39.es/proposal-binary-ast/
I am not sure whether at all and if so to which extent this would potentially impact this FF WX (due to the AST encoded into a binary file) I thought to poise the question here.https://git.synz.io/Synzvato/decentraleyes/-/issues/371Page broken2019-07-21T21:10:01ZcrssiPage brokenThe page `https://www.racunalniske-novice.com/novice/sporocila-za-javnost/comtrade-in-ibm-showcase-event.html` does not load if not whitelisted.
Same goes for `https://account.godaddy.com`.
Is there anything generally that can be improv...The page `https://www.racunalniske-novice.com/novice/sporocila-za-javnost/comtrade-in-ibm-showcase-event.html` does not load if not whitelisted.
Same goes for `https://account.godaddy.com`.
Is there anything generally that can be improved inside Decetraleyes code or whitelisting is the only solution?
Thank you and cheershttps://git.synz.io/Synzvato/decentraleyes/-/issues/370Can't detect some CDNs?2019-12-22T12:37:44ZElmar2001Can't detect some CDNs?The test page shows that the extension works as intended, however there are some CDNs that decentraleyes can't detect and replace. For example, on https://getuikit.com/ I can see that cdnjs.cloudflare.com is "noop"ed in ublock origin but...The test page shows that the extension works as intended, however there are some CDNs that decentraleyes can't detect and replace. For example, on https://getuikit.com/ I can see that cdnjs.cloudflare.com is "noop"ed in ublock origin but decentraleyes doesn't indicate that it's been replaced with the local one.
Using latest version of brave.https://git.synz.io/Synzvato/decentraleyes/-/issues/367add alicdn?2019-08-09T01:35:53Zvirufukiwiadd alicdn?I couldn't find a way to check if it is already added, and given the popularity I would be surprised if it wasn't, but could alicdn be added? AFAIK it is js and used a lot in China and on Chinese platforms.
Reference:
https://www.alibab...I couldn't find a way to check if it is already added, and given the popularity I would be surprised if it wasn't, but could alicdn be added? AFAIK it is js and used a lot in China and on Chinese platforms.
Reference:
https://www.alibabacloud.com/product/cdnhttps://git.synz.io/Synzvato/decentraleyes/-/issues/353Allow disabling "Block requests for missing resources" option per domain2019-04-06T20:26:51ZlhindirAllow disabling "Block requests for missing resources" option per domainWhen I enable "Block requests for missing resources", Decentraleyes blocks MathJax (e.g. at https://math.stackexchange.com). This means the option is working as intended, but I trust this resource, so I want to allow it. However, all I c...When I enable "Block requests for missing resources", Decentraleyes blocks MathJax (e.g. at https://math.stackexchange.com). This means the option is working as intended, but I trust this resource, so I want to allow it. However, all I can do is fully whitelist the domain, which also allows Google-hosted jQuery.
Would it be difficult to implement a per-domain override for this setting so that Decentraleyes would still serve jQuery without blocking missing resources? As more resources are added to Decentraleyes, such an override would be used less and less, but in the meantime it seems like the best compromise between decentralization and functioning pages. Or should I just be asking for MathJax support? The fact that the option is working means that Decentraleyes is already intercepting it; shouldn't it be able to handle all resources it intercepts?
Maybe I'm getting ahead of myself. Is Decentraleyes intended to one day support many resources? Or will it just have the small list it does now (according to the FAQ for uMatrix users)? If it were to support many, allowing users to selectively enable the resources for the sites they visit (something like how different filter lists for ad blockers work) would be useful to combat bloat.
I'll readily admit I'm not particularly well-versed in any of this; I'm just making suggestions off of intuition. Thanks for any info you can provide.
PS: How can I get rid of the whopping three bars at the top of this pane about Microsoft acquiring GitHub, a request to register or sign in (even though I'm signed in) and info about migrating from GitHub? They don't seem to have close buttons.https://git.synz.io/Synzvato/decentraleyes/-/issues/335Could there be a panel to manage ressources2019-01-12T12:26:20ZDormannCould there be a panel to manage ressourcesHello,
I really like the idea to have locally resources that are used on so many websites.
But just to be able to know what can be provided by Decentraleyes, could there be a panel to list every javascrit libraries or font that are avai...Hello,
I really like the idea to have locally resources that are used on so many websites.
But just to be able to know what can be provided by Decentraleyes, could there be a panel to list every javascrit libraries or font that are available, with some data like the version number (and possibly indicator that such file is too much out of date to be secure) ?
And maybe, a way to get some more of them dynamically ?
Thus, a subsidiary question : would it be secure to get those libraries or font by any CDN at a given time and then reuse it with Decentraleyes ? Or would it be a source of tracking ?
Best regards.