Decentraleyes

A web browser extension that emulates Content Delivery Networks to improve your online privacy. It intercepts traffic, finds supported resources locally, and injects them into the environment. All of this happens automatically, so no prior configuration is required. Make Microsoft Edge your own with extensions that help you personalize the browser and be more productive. Decentraleyes for Chrome helps protect against tracking through 'free', centralized, content delivery, and prevents numerous requests from reaching networks like Google Hosted Libraries and more. Decentraleyes for Chrome also serves local files preventing sites from breaking and it is capable of running alongside regular content blockers as well.

  • Other Addons: Quick Javascript Switcher, Cookie AutoDelete, Decentraleyes, WebRTC Leak Protection Bitcoin Wallet: Blockchain.com Reddt Client: old.reddit.com or Apollo on iOS.
  • Decentraleyes protects you against tracking through 'free', centralized, content delivery. It prevents a lot of requests from reaching networks like Google Hosted Libraries, and serves local files to.


Decentraleyes[edit]

Decentraleyes

https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/
Protects you against tracking through 'free', centralized, content delivery. It prevents a lot of requests from reaching networks like Google Hosted Libraries, and serves local files to keep sites from breaking. Complements regular content blockers.

Protects you against tracking through 'free', centralized, content delivery. It prevents a lot of requests from reaching networks like Google Hosted Libraries, and serves local files to keep sites from breaking. Complements regular content blockers.

Technical Information

Decentraleyes Github

- Supported Networks: Google Hosted Libraries, Microsoft Ajax CDN, CDNJS (Cloudflare), jQuery CDN (MaxCDN), jsDelivr (MaxCDN), Yandex CDN, Baidu CDN, Sina Public Resources, and UpYun Libraries.

- Bundled Resources: AngularJS, Backbone.js, Dojo, Ember.js, Ext Core, jQuery, jQuery UI, Modernizr, MooTools, Prototype, Scriptaculous, SWFObject, Underscore.js, and Web Font Loader.

Cdn

If you're using uMatrix, Edit in and Commit these lines to My rules in the Dashboard:(Please note that each line must also START with a '*' character but this Wiki is broken and does not allow to render this properly!)

  • ajax.aspnetcdn.com script allow
  • ajax.googleapis.com script allow
  • ajax.microsoft.com script allow
  • cdn.jsdelivr.net script allow
  • cdnjs.cloudflare.com script allow
  • code.jquery.com script allow
  • lib.sinaapp.com script allow
  • libs.baidu.com script allow
  • upcdn.b0.upaiyun.com script allow
  • yandex.st script allow
  • yastatic.net script allow

Note: Decentraleyes currently only bundles scripts, and if you want other resources to load you need to change script in the above rules to * and disable 'Block requests for missing resources' in the Decentraleyes preferences. This will however result in network requests to these CDNs.

If you use uBlock0 it shouldn't normally block these resources, but if you enable Advanced mode you might have a rule to block third-party scripts by default. Unlike with uMatrix we can't whitelist only scripts for individual hosts, but you can still control whether other resources are loaded with 'Block requests for missing resources' in the Decentraleyes preferences. We also have the ability to let normal filtering take place as opposed to completely whitelisting everything from these domains:

(Please note that each line must also START with a '*' character but this Wiki is broken and does not allow to render this properly!)

  • ajax.aspnetcdn.com * noop
  • ajax.googleapis.com * noop
  • ajax.microsoft.com * noop
  • cdn.jsdelivr.net * noop
  • cdnjs.cloudflare.com * noop
  • code.jquery.com * noop
  • lib.sinaapp.com * noop
  • libs.baidu.com * noop
  • upcdn.b0.upaiyun.com * noop
  • yandex.st * noop
  • yastatic.net * noop

With these rules, uBlock0 in Advanced mode will behave as in 'normal' mode for these particular CDNs, which is usually what you want, but if you prefer you can change noop above to allow to ensure nothing from Decentraleyes is blocked.


This is a high priority project

Download




Categories




Decentraleyes


Licensing

Verified by

Notes

Decentraleyes Wiki

David Hedlund




Leaders and contributors

Resources and communication

Software prerequisites






Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.

The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.

Retrieved from 'https://directory.fsf.org/wiki?title=Decentraleyes&oldid=74999'

Decentraleyes is a Firefox add-on and Chrome extension that automatically intercepts Internet traffic’s content delivery networks (CDNs) and replaces their resources with equivalents available locally. According to creator Synzvato, it can be configured to block requests for any CDN resources that do not have local equivalents.

This functionality only is available as an add-on or extension, not natively within any browser and not as a userscript. This means any browser that is not Firefox, Chrome, or a fork or derivative of either currently cannot block CDN requests.

CDN providers include Google and Cloudflare. When Decentraleyes intercepts them, it prevents the CDNs from making your browser send requests that include the Referer and Do Not Track (DNT) which, when combined with IP address logging and browser fingerprinting, can be used to identify users.

Decentraleyes

Aside from Decentraleyes’ testing utility, you can test this by examining the Network developer tool. Using the testing utility page as an example, you can see that Decentraleyes has intercepted a request to Google Hosted Libraries that uses jQuery v2.1.4. Filter for jQuery in Network, and take a look at the calls.

The first, jquery.min.js, was internally redirected as the Status Code indicates. The Response Headers show that the request was sent to Decentraleyes, using its Chrome-extension location, where resource jquery.min.js.dec was gathered. The only information the request URL receives (if at all because it was redirected internally) is the user agent.

JQuery.min.js.dec does reveal that this resource was collected locally as the Request URL of the Chrome-extension location and the Status Code, specifying that it was done so from the disk cache, indicate. Once more, the only relevant Request Header is the user agent and that was sent to Decentraleyes, not Google Hosted Libraries.

Deactivate Decentraleyes on the page, and the CDN is able to connect to the browser and request more information. You can see the encoding, the language, the DNT status, ad the user agent, of course. This is not particularly awful unless IP address logging and browser fingerprinting are used to try to identify the user.

With fingerprinting, the more individualistic the browser is, the easier it can be to identify the user. Look at it this way: changing the user agent to a less commonly used one actually is counterintuitive because this can stand out to advertisers. You basically want to hide in plain site to keep your data as private as possible.

You do not have to worry about this with Decentraleyes because the CDNs’ servers are not able to receive requests, meaning any information needed for identification is blocked or redirected. The necessary resources are retrieved locally rather remotely, which equates to an increase in page load times.