It watches the network of browser, if youtube.com is requested like a security guard. Blocks it before the request gets out of the browser to YouTube server and redirects to Invidious.
2 Likes
@ikelatomig Are you a developer for libredirect? If so it would be advisable for you to reach out to the team here so that your profile can properly reflect this.
2 Likes
I am one of the maintainers you can see it in Github repo. Not the lead developer. So, I didn’t request for it explicitly.
3 Likes
Fair, I was just a little confused 
. Thanks for clarifying.
1 Like
Understood, does Manifest V3 change the landscape for embeds or URL redirection?
Well, it does by a large degree.
With Mv3, Libredirect would not see any URL at all. Libredirect provides a set of rules to the browser. The browser handles it. Similar to how Predirect works which is built on Mv3.
Currently, it monitors requests and manually does everything as I said earlier.
The extensive permissions is mostly for convenient features. If you are user who values strict security and has trust on permissionless model. Go for predirect.
Libredirect is meant for convenience of the users. So, it will need some permissions that allows delivery of those features.
Essentially it is based on trust placed by the users on the developer despite being open-source.
When moving to Mv3, for embeds, a tooltip will be placed for explanation and additional permission granted by the user, (i.e. Optional) and not declared as required permission on install itself.
It will still require “Access your data for all websites” because the extension will need to inject a script that replace the embed URL. Nothing much. So, when user loads a website embeds are redirected automatically.
If the user don’t like that permission. You can invoke a shortcut key that initiates the extension to replace embeds on a per-site + per-input basis without permission at all via permissionless model.
Same goes for Copy Raw which uses all_urls permission, it could be disabled if permission is declared optional and enabled by the user itself
What could be done to improve is having a better on-boarding experience that explains what is what and make the user configure as per their needs along with a default option where it is configured optimally for the majority of the users.
After porting, I or other plan to extensively document permission system and use cases. So the user understands.
But it will take a long time, some years for sure. Both Mv2 and Mv3 will co-exist like uBO and uBO lite. That is all. If Mv2 and Mv3 gets feature parity. Maybe then Mv2 will be sunsetted.
So basically, it will be trustless/permissionless system and permissions are requested via controls that user understands and allows as needed.
From a user standpoint of view, Mv3 is good as it creates a balance of permissions and revokes access an extension could have and gives user privacy & security. But from a developer point of view, it would be either nightmare or difficult. But not impossible.
Mv2 was like painting in the flat ground with no boundaries. Mv3 is like painting a sheet of paper you are given.
The FAQ about Mv3 was written before Mv3 was fully adopted. So it could be errors or true based on how the Mv3 port of the extension turns out to be.
Forget to say this, the reason embeds are disabled by default is that. Certain sites have strict CORS which block the replaced embeds from loading at all. That is also one of the main reasons that embeds are disabled. We don’t want users to have a negative experience while browsing.
Only YouTube embeds works fine that too if the site allows it. If it blocks other domains via CORS. That’s it. Nothing else works. Nitter can be replaced but the instance disabled it or the project didn’t fix it after X rebrand. There aren’t much embeds at all apart from these. Imgur, I don’t even know. Need to test.
Sorry for the long message.
6 Likes
Thank you for the information, understanding the web extension landscape is useful, because I am pretty interested in formulating my own technical solution towards my situation. In particular, I understand that privacy front-ends and static filter rules are insufficient because upstream changes the rules and the development work required afterwards is unscalable against them.
It is a cat & mouse game.
This is the pain that frontend developers face mainly. If it is blocked by original service.
Many instances will shut down. It will trigger a chain of events and discourage public hosting.
Say Bibliogram one of the well know frontends for Instagram was blocked by meta from scraping since they can’t profile users and at the same they sent a cease and desist letter to the project too. Woth court battles. IIRC
Then they shutdown. Now there is one in Libredirect. Working as of now. It is also matter of time.
For Libredirect it is just a matter of domain change. But front-end devs and instance maintainers are the real saviors of privacy in digital space. Donate to them, if you can, than us. Many instances shut down due to increasing costs in VPS.
1 Like
You know what they say, cash is King.
1 Like
I stopped being a privacy front-end operator because I became tired of upstream breakage. I would rather achieve a more persistent solution that does not involve fragility.
In addition, my pull requests on Codeberg towards privacy front-ends and web extensions were being ignored over months, so I have stopped contributing to the commons entirely. I get more accomplished working alone and refusing external contributions instead.
Try Kagi and their “small web” initiative.
1 Like
Not interested, they are far from a good fit.
Hello,
Why did you hearten / “like” that reply though 
?
3 Likes
Farming points
5 Likes
It means I made the time and effort to read your post.
I’ve been thinking about switching to a linux phone for a while now, but ultimately I tend to gravitate towards a feature phone, the ones from the ‘old times’. No sensors, no cameras, nothing. Just the keys to make a call and send an SMS.
What I’d love to replace my smartphone with is a linux tablet. It has to be small enough to carry around with me at all times and preferably operate on Debian. However I haven’t been able to find such a device (yet).
1 Like
Linux tablets are easy to find, but the reality of using them as a daily driver may frustrate you if your background is coming from Big Tech devices.
1 Like
I’d love some recommendations, if you have any! It’s been a while since I divorced big tech. I won’t miss anything important by replacing my phone with a Linux tablet 
Thanks in advance!
1 Like
Okay, I have one recommendation:
1 Like
This is not how likes are meant to use…
2 Likes