-
Notifications
You must be signed in to change notification settings - Fork 175
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Block facebook.com when its a subresource #3
Comments
If this doesn't get into v1, we can do it as a followup. |
This will be quite a task. We will need to keep state of each tab's main frame's origin. I have a lot of code for this in |
Would it be easier to block facebook cookies? I'll file another issue for this - #9 |
This should be less so if you can guarantee only Facebook can load in the facebook container. |
Why would we do this? In the facebook container, we need this so that facebook works, and outside the facebook container, then you aren't logged in so you aren't being tracked (except for facebook's tracking of logged out users of course). So maybe i just answered my own question. If so, then might simpler approach to this just be to drop all the requests to known facebook domains, for all non "main_frame" requests which are NOT in the facebook container? |
@TanviHacks it's actually easier to just block the connections completely. The hardest part is what @pauljt describes as "just drop all non "main_frame" requests to known facebook domains which are not in the facebook container" ... But the logic for detecting and keeping track of all non- Like I said, there's a significant amount of code in the |
Would this cover the case where a user is on breitbart.com and the site loads Facebook Ads, a few tracker images, and loads some subdocument to facebook.com/connect/ping/? |
Note: this issue has been revived as a potential feature for "Facebook Container 2.0". @ShivangiKakkar will plan to explore this. |
2.0 blocks all FB-domain resources on any website outside of the container! |
If a webpage attempts to load facebook.com as a third party, intercept the request and block it. So if cnn.com tries to load an image or iframe to facebook.com, it will get blocked before a request is ever made.
Share buttons, likes, comments coming from facebook, signing in with facebook - will never work.
If this is too restrictive, we can consider having an option so that users can opt out of this restriction.
The text was updated successfully, but these errors were encountered: