
Loading…
Extension Content Verification flag in Chrome dev breaks uBlock #128
gorhill
commented
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment

Loading…
[Oiriginal entry on gorhill/httpswitchboard#390]
uBlock is marked as "potentially corrupted by malware".
Edit (currently most likely explanation I see): I see a new bug has been opened yesterday re. Extension Content Verification: Content verification handles 0-length files incorrectly... Both uBlock and HTTPSB ship with an empty file in
assets/user/, so maybe this is what is causing a false positive for uBlock and HTTPSB?[What follow is what I thought was best explanation before I found the issue above.]
Originally I thought it was caused by the use of
window.webkitRequestFileSystem(issue #89), but the problem still persist after moving away from this API. (It was a good change anyway,chrome.storage.localis way simpler to use).Associated Chromium issue: http://code.google.com/p/chromium/issues/detail?id=389879.
The best explanation so far is comment #8:
If so, that would mean many extensions dedicated to privacy and/or security would no longer work if installed from the Chrome store (and other stores I believe since this is a Chromium "feature").
Reportedly ABP, HTTP Everywhere are also affected by this, and I guess whatever extension which happens to use download and save locally lists which may contain occurrences of whatever string is causing Chrome to mark the extension as "potentially corrupted" and to disable it.
To make matter worst, to actually confirm that this is what breaks uBlock in the dev version, I would need to publish a new version without these lists, since the "verification" is done only for extensions installed from the store -- this does not happen when I install manually.