WebKit
cname-trackers
Our great sponsors
| WebKit | cname-trackers | |
|---|---|---|
| 150 | 25 | |
| 7,416 | 369 | |
| 2.5% | 1.1% | |
| 10.0 | 8.2 | |
| 1 day ago | 10 days ago | |
| JavaScript | ||
| - | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
WebKit
-
HTML Streaming and DOM Diffing Algorithm
Since 2023 Chrome announced the View Transition API, and it looks like Safari is also going to support it soon.
-
Towards memory safety with ownership checks for C
One heap per type.
Here’s an allocator optimized for that use case.
https://github.com/WebKit/WebKit/blob/main/Source/bmalloc/li...
-
Bun, JavaScript, and TCO
To use this in Bun, you’d have to start Bun with the environment variable “BUN_JSC_useDollarVM=1” and then $vm.createBuiltin(mySourceCodeString)
When using this intrinsic, if any of the arguments are incorrect or it cannot otherwise enable it, the entire process will probably crash. In debug builds of JSC it will have a nicer assertion failure but that is not enabled in release builds
Example code: https://github.com/WebKit/WebKit/blob/17351231b4dedb62d81721...
also happy to answer any questions about Bun
-
Show HN: Rem: Remember Everything (open source)
Ah, good, let me introduce you to the wonderful world of the Chrome Devtools Protocol! (fka Chrome Remote Debugging Protocol)
I love this API for almost everything browser related. I built my RBI product atop this (BrowserBox: https://dosyago.com), and I think it's a drastically underrated API.
Also, it works out of the box in Edge, Brave, Chromium, and many parts of CRDP are supported by Firefox and Safari^1
1: See for example: https://github.com/WebKit/webkit/tree/main/Source/JavaScript...
- WebGPU now available for testing in Safari Technology Preview
-
Disabling iOS Personalized Ads tells kernel to kill daemon every 3 seconds
No, it's unrelated.
https://github.com/WebKit/WebKit/commit/064df1a9f395f8c6e32c...
- Apple's Safari browser is still vulnerable to Spectre attacks
-
Replacing WebRTC: real-time latency with WebTransport and WebCodecs
It's being worked on now: https://github.com/WebKit/WebKit/pull/17320
-
iLeakage: Browser-Based Timerless Speculative Execution Attacks on Apple Devices
It is different. The cross-site navigation flag is a couple of years old. It was enabled by default for iOS in November 2018 for example https://github.com/WebKit/WebKit/commit/e191fc8c412850cb9fd0...
-
Show HN: Firefox add-on to open YouTube videos in alternative front ends
> That's excessive scope creep. Adding site-specific workarounds for some sites feels uncomfortable.
Not to Google and its fellow corporations apparently.
https://news.ycombinator.com/item?id=29707078
https://github.com/WebKit/WebKit/blob/main/Source/WebCore/pa...
They have site-specific fixes for their own sites. Why can obviously apply the exact same strategy to dealing with every single website out there. If a website is broken or generally annoying to use, just fix it by providing a site specific version of the browser.
> Who decides what websites get "fixed", and how?
Whoever develops the browser or its extensions. Arguably the whole of uBlock Origin and its filter lists is just a database of site specific fixes. If people can maintain an extremely huge list of advertisers and blockers for every website out there, surely they can maintain something like this too.
> Also, remember how Mozilla is funded.
I remember Mozilla has about a billion dollars in the bank. Who cares about their Google funding? I doubt they're gonna drop them anyway. I bet they pay them just to ward off risk of antitrust lawsuits.
cname-trackers
-
uBlock Origin Lite now available on Firefox
Note that CNAMEs is literally caused by GDPR, and the pathway every single ad or tracking company seems to go sooner or later.
For people not understanding how it works: you can set a CNAME entry on your tracker.domain.tld to bypass all Browser's third-party tracking preventions, and make it look like it's a normal subdomain of your website.
You need to make a CNAME tracker database manually by resolving the reverse entries for known IPs. Usually there is hundreds or thousands of CNAME entries pointing to the same IP address.
The AdGuard team also made a database for this, in case anyone needs it for UBOL [1]
-
Disguised trackers are blocked regardless of toggle (which is a good thing)
So nextdns’s third party disguised trackers is actually really tiny of a list, like 30 domains. (Im trying to add more so it has the same amount of cname’s blocked as adguard). Anyways, the reason why the list is so tiny is because it uses wildcard logic so all subdomains get blocked. It already uses some of the cname companies that adguards cname-tracker list uses but not all. Hopefully my pull request can get merge eventually because then the setting will be a little bit more effective
-
How to block fathom tracking
I see fathom on Adguard CNAME tracker. Example:
- Privacy doesn't exist
- Does the Adguard Tracking Protection List protect Chrome and Safari from CNAME trackers?
- fastmailusercontent.com added to AdGuard Tracking Protection filters
-
YouTube ads in Safari: you see them now, will you see them in the future?
> uBlock Origin already performs CNAME decloaking and blocks this approach, it’s pretty cool.
... which in return is a static list of domains which needs to be regularly updated, and therefore is not really failsafe. uBlock0 uses Adguard's scraped dataset [1] as a source to do this, as Chrome Extensions cannot make DNS requests without a DNS-via-HTTPS endpoint.
-
Marvel.com CNAME Tracker not in list
Not sure where I should report this, but I seem to have found a CNAME cloaking tracker which i don't find in either the original or disguised tracker lists here https://github.com/AdguardTeam/cname-trackers Is there a mechanism for reporting these? I saw someone posted a list on github, but no response there. Maybe this example is just ordinary tracking though?
-
Magic Lasso Adblock - free ad blocker updated with support for Apple Silicon and Big Sur
Are you able to block trackers/ads using this new CNAME cloaking technique? https://github.com/AdguardTeam/cname-trackers
What are some alternatives?
chromium - The official GitHub mirror of the Chromium source
cname-cloaking-blocklist - A list of domains used by tracking companies as CNAME destination when disguising third-party trackers as first-party trackers.
otter-browser - Otter Browser aims to recreate the best aspects of the classic Opera (12.x) UI using Qt5
stealth - :rocket: Stealth - Secure, Peer-to-Peer, Private and Automateable Web Browser/Scraper/Proxy
fingerprintjs - Browser fingerprinting library. Accuracy of this version is 40-60%, accuracy of the commercial Fingerprint Identification is 99.5%. V4 of this library is BSL licensed.
wirehole - WireHole is a combination of WireGuard, Pi-hole, and Unbound in a docker-compose project with the intent of enabling users to quickly and easily create a personally managed full or split-tunnel WireGuard VPN with ad blocking capabilities thanks to Pi-hole, and DNS caching, additional privacy options, and upstream providers via Unbound.
gecko-dev - Read-only Git mirror of the Mercurial gecko repositories at https://hg.mozilla.org. How to contribute: https://firefox-source-docs.mozilla.org/contributing/contribution_quickref.html
pihole-regex - Custom regex filter list for use with Pi-hole.
uBlock-Safari - uBlock Origin - An efficient blocker for Chromium, Firefox, and Safari. Fast and lean.
AdguardFilters - AdGuard Content Blocking Filters
firefox-ios - Firefox for iOS
AdGuardDNS - Public DNS resolver that protects you from ad trackers