Sign Up
All SecurityCyber-crimePatchesResearchCSO
All Off-PremEdge + IoTChannelPaaS + IaaSSaaS
All On-PremSystemsStorageNetworksHPCPersonal TechCxOPublic Sector
All SoftwareAI + MLApplicationsDatabasesDevOpsOSesVirtualization
All OffbeatDebatesColumnistsScienceGeek's GuideBOFHLegalBootnotesSite NewsAbout Us

Software

Applications

Google to push ahead with Chrome's ad-blocker extension overhaul in earnest

Starting Monday, users will gradually be warned the end is near

Thomas Claburn Fri 31 May 2024  //  11:15 UTC

On Monday, some people using Beta, Dev, and Canary builds of Google Chrome will be presented with a warning when they access their browser's extension management page – located at chrome://extensions.

The banner will say that legacy Manifest V2 browser extensions will stop working soon.

Those extensions include ad-blockers and other content filters that rely on the Manifest V2 API. And though leading ad-blocking extensions more or less support Manifest V2's successor, conveniently named Manifest V3, there is still some argument that these filters will be disadvantaged under version 3 when they are no longer allowed to use version 2.

In any case, users are going to be warned that V2 is on the way out.

"This will be followed gradually in the coming months by the disabling of those extensions," said David Li, product manager for Chrome Extensions, in a blog post published Thursday.

"Users will be directed to the Chrome Web Store, where they will be recommended Manifest V3 alternatives for their disabled extension. For a short time after the extensions are disabled, users will still be able to turn their Manifest V2 extensions back on, but over time, this toggle will go away as well."

The manifest file for a browser extension is where developers declare its capabilities via the Chrome Extension APIs.

The transition from Manifest V2 to Manifest V3 has been underway for at least five years. It makes new APIs available to browser extensions and removes old ones. The most salient of these is the blocking version of the webRequest API, which is used to intercept and alter network traffic prior to display. Under Manifest V2, it's what extension developers use to stop adverts, trackers, and other content appearing on pages, and prevent certain scripts from running.

The new MV3 architecture reflects Google's avowed desire to make browser extensions more performant, private, and secure. But the internet giant's attempt to do so has been bitterly contested by makers of privacy-protecting and content-blocking extensions, who have argued that the Chocolate Factory's new software architecture will lead to less effective privacy and content-filtering extensions.

As a result of this multi-year tussle and concessions Google has made to frustrated extension developers, the current version of MV3 is generally perceived to be better than initially proposed, but hasn't entirely addressed developer concerns or provided functionality that's equivalent to what's being removed.

Li acknowledged the issue by noting the ways in which Google has been responsive, by adding support for user scripts, for offscreen documents that have access to the DOM API, and by increasing the number of rulesets in the declarativeNetRequest API (the replacement for webRequest) to 330,000 static rules and 30,000 dynamics ones. Those rules can be used by ad-blockers to weed out adverts and other stuff for users.

Manifest V3 is now supported to varying degrees by other browsers, such as Edge, Firefox, and Safari. And by the beginning of 2025, when the API changes have been available for some time in the Chrome Stable channel, Manifest V2 extensions will stop working.

Enterprises using the ExtensionManifestV2Availability policy will be spared until June 2025.

According to Li, more than 85 percent of actively maintained extensions in the Chrome Web Store support Manifest V3, "and the top content filtering extensions all have Manifest V3 versions available – with options for users of AdBlock, Adblock Plus, uBlock Origin and AdGuard."

For users of uBlock Origin, which runs on Manifest V2, "options" means using the less capable uBlock Origin Lite, which supports Manifest V3. ®
Send us news
77 Comments

Google can totally explain why Chromium browsers quietly tell only its websites about your CPU, GPU usage

OK, now tell us why this isn't an EU DMA violation – asking for a friend in Brussels

Risk of installing dodgy extensions from Chrome store way worse than Google's letting on, study suggests

All depends on how you count it – Chocolate Factory claims 1% fail rate

Google festoons Chrome Enterprise browser with more controls

Because if there's one thing it really needed more of...

Google reportedly in talks to buy infosec outfit Wiz for $23 billion

The security industry has never had a clear leader – could it be the Chocolate Factory?

Google cuts ties with Entrust in Chrome over trust issues

Move comes weeks after Mozilla blasted certificate authority for failings

Google begs court for relief from Epic Games' Play Store demands

$137M needed to overhaul Play Store too great to bear, Google argues. Oh, and user security is important, too

Google's Privacy Sandbox more like a privacy mirage, campaigners claim

Chocolate Factory accused of misleading Chrome browser users

Apple, Google, ease cross-cloud data transfers, perhaps with costly catch

The joy of cloudy interoperability may be dampened by differently-sized free storage tiers

China's APT41 crew adds a stealthy malware loader and fresh backdoor to its toolbox

Meet DodgeBox, son of StealthVector

Big Tech's eventual response to my LLM-crasher bug report was dire

Fixes have been made, it appears, but disclosure or discussion is invisible

Privacy expert put away for 9 years after 'grotesque' cyberstalking campaign

Scumbag targeted many victims – and those who tried to help them

Critical Windows licensing bugs – plus two others under attack – top Patch Tuesday

Citrix, SAP also deserve your attention – because miscreants are already thinking about Exploit Wednesday