Frequently Asked Questions

Thomas edited this page Apr 12, 2016 · 22 revisions
Where can I see its status, or in what way it impacts network activity?

You can use this testing utility, Firefox's built-in network monitor CTRL+SHIFT+Q to see what's leaving your device, and the debugger CTRL+SHIFT+S to find and open injected files. By default, locally delivered files are marked with comments, and there's a counter (in preferences).

Why doesn't it deliver resources from CDNs I block using a different add-on?

Once a different add-on cancels a request, there's nothing left for Decentraleyes to intercept. You can solve this by whitelisting the domains in question, and making Decentraleyes block requests for missing resources. This will all block traffic to supported CDNs.

Be sure to whitelist ajax.googleapis.com, ajax.aspnetcdn.com, ajax.microsoft.com, cdnjs.cloudflare.com, code.jquery.com, cdn.jsdelivr.net, yandex.st, yastatic.net, libs.baidu.com, lib.sinaapp.com, and upcdn.b0.upaiyun.com.

If you're using uMatrix, Edit in and Commit these lines to My rules in the Dashboard:

* ajax.aspnetcdn.com script allow
* ajax.googleapis.com script allow
* ajax.microsoft.com script allow
* cdn.jsdelivr.net script allow
* cdnjs.cloudflare.com script allow
* code.jquery.com script allow
* lib.sinaapp.com script allow
* libs.baidu.com script allow
* upcdn.b0.upaiyun.com script allow
* yandex.st script allow
* yastatic.net script allow

Note: Decentraleyes currently only bundles scripts, and if you want other resources to load you need to change script in the above rules to * and disable "Block requests for missing resources" in the Decentraleyes preferences. This will however result in network requests to these CDNs.

If you use uBlock0 it shouldn't normally block these resources, but if you enable Advanced mode you might have a rule to block third-party scripts by default. Unlike with uMatrix we can't whitelist only scripts for individual hosts, but you can still control whether other resources are loaded with "Block requests for missing resources" in the Decentraleyes preferences. We also have the ability to let normal filtering take place as opposed to completely whitelisting everything from these domains:

* ajax.aspnetcdn.com * noop
* ajax.googleapis.com * noop
* ajax.microsoft.com * noop
* cdn.jsdelivr.net * noop
* cdnjs.cloudflare.com * noop
* code.jquery.com * noop
* lib.sinaapp.com * noop
* libs.baidu.com * noop
* upcdn.b0.upaiyun.com * noop
* yandex.st * noop
* yastatic.net * noop

With these rules, uBlock0 in Advanced mode will behave as in "normal" mode for these particular CDNs, which is usually what you want, but if you prefer you can change noop above to allow to ensure nothing from Decentraleyes is blocked.

Can CDNs track me even though they do not place tracking cookies?

Absolutely. Requests to content delivery networks contain a "Referer" HTTP header (originally a misspelling of referrer) that reveals what page you're visiting. Techniques like IP address tracking and browser fingerprinting can then be used to determine your identity.

My browser caches downloaded CDN libraries, doesn't that protect my privacy?

Sadly, no. Even if the file in question is stored inside your cache, your browser will still contact the delivery network to see if the resource has been modified. Decentraleyes solves this issue.

What does it do to protect me when it has no choice but to allow a request?

If a resource cannot be fetched locally and Decentraleyes is instructed to allow requests for any missing resources (default behaviour), it will at least clear out the request's "Referer" HTTP header before sending it off to the Content Delivery Network in question.

Will it work well in combination with other privacy enhancing add-ons?

Decentraleyes was designed to complement all sorts of other privacy enhancements including, but surely not limited to: BetterPrivacy, HTTPS Everywhere, NoScript Security Suite, Privacy Badger, RequestPolicy, Self-Destructing Cookies, uBlock Origin, and uMatrix.

Are you having trouble using Decentraleyes alongside any of your other content blockers? Please read this related answer, as it's very likely to contain the exact information you need.