Google veut affaiblir les adblockers sur Chrome


Back in January, Google announced a proposed change to Chrome’s extensions system, called Manifest V3, that would stop current ad blockers from working efficiently. In a response to the overwhelming negative feedback, Google is standing firm on Chrome’s ad blocking changes, sharing that current ad blocking capabilities will be restricted to enterprise users.

With the Manifest V3 proposal, Google deprecates the webRequest API’s ability to block a particular request before it’s loaded. As you would expect, power users and extension developers alike criticized Google’s proposal for limiting the user’s ability to browse the web as they see fit.

Now, months later, Google has responded to some of the various issues raised by the community, sharing more details on the changes to permissions and more. The most notable aspect of their response, however, is a single sentence buried in the text, clarifying their changes to ad blocking and privacy blocking extensions.

“Chrome is deprecating the blocking capabilities of the webRequest API in Manifest V3, not the entire webRequest API (though blocking will still be available to enterprise deployments)”

Google is essentially saying that Chrome will still have the capability to block unwanted content, but this will be restricted to only paid, enterprise users of Chrome. This is likely to allow enterprise customers to develop in-house Chrome extensions, not for ad blocking usage.

For the rest of us, Google hasn’t budged on their changes to content blockers, meaning that ad blockers will need to switch to a less effective, rules-based system, called “declarativeNetRequest.”

In the wake of ongoing backlash to the proposal, Chrome software security engineer Chris Palmer took to Twitter this week to claim the move was intended to help improve the end-user browsing experience, and paid enterprise users would be exempt from the changes.

Chrome security leader Justin Schuh also said the changes were driven by privacy and security concerns.


En soit, le changement de l’API est clairement justifiable, certaines extensions (qui pourraient presque s’apparenter à un programme malveillant) en abusaient pour extraire certaines données sensibles.
Il faudrait voir maintenant si cela n’a pas un impact majeur sur les extensions qui ont une forte granularité sur le choix de qu’est-ce qui est bloqué et qu’est-ce qui ne l’est pas (je pense par exemple à umatrix)