Project: chromium Issues People Development process History Sign in
New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.
Starred by 2796 users
Status: Duplicate
Owner: ----
Closed: May 2011
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Feature

Blocking:
issue 61934

Restricted
  • Only users with Commit permission may comment.



Sign in to add a comment
Need some way to declaratively block external resources
Project Member Reported by aa@chromium.org, Feb 16 2010 Back to list
A common need of ad blocking, flash blocking, and privacy extensions is the 
desire to declaratively block external resources like images, plugins, and 
iframes.
 
Comment 1 by aa@chromium.org, Feb 16 2010
 Issue 30859  has been merged into this issue.
Labels: -Area-Feature Area-UI
Is this related to http://code.google.com/p/chromium/issues/detail?id=16932 in any 
way?
I think that in the end, this issue will boil down to implementing  issue 29314 ?

Extension access to the networking stack should allow them to block arbitrary content by not letting custom 
content to pass through the browser?
But sure, maybe this issue is more about the UI level, but in that case, I think 29314 could end up being a 
prerequisite. :)
Comment 6 by Deleted ...@, May 20 2010
Just wanted to say this is a big frustration for me. I use web sites that spend minutes 
waiting for ads to load, so the ability for extensions to block them would be most 
helpful.

Mike
Comment 7 Deleted
Comment 8 Deleted
Comment 9 Deleted
Comment 10 Deleted
Comment 11 Deleted
Comment 12 Deleted
Comment 13 Deleted
Comment 14 Deleted
Comment 15 Deleted
Comment 16 Deleted
330 people have starred this issue. Is there any possibility of having the priority
increased?

Also, does anyone have a link to a document that shows what the different priority
levels are and what they mean?
As much I would like to see this feature, it's probably not going to happen soon. Ads are after all Google's main 
source of revenue and making it easy to block them would just hurt their business.
"Ads are after all Google's main source of revenue and making it easy to block them 
would just hurt their business"

If it were, you wouldn't see any adblocking extensions on the official extensions 
website. What we have with Chrome right now is the poor's man version of full blown 
blocking. It "hides" ads away, so technically, users aren't seeing any ads. It could be 
argued that they're still downloaded, so, I guess it still counts as an impression, but 
still. 
Comment 20 by ojr...@gmail.com, May 22 2010
@david.lebel And early blocking is way more useful than that, too - for example, if
you think Facebook's new broad data-sharing is going to be a security nightmare for
the next 3-6 months, you can adblock all requests to facebook.com, fbcdn.net and
connect.net on URLs other than facebook.com.

It sounds like gaining ~300 technically savvy users isn't worth implementing a
feature of this size yet. The only thing we can do about this is get more stars, play
by the rules (seriously, +1s are annoying), and just maybe, get involved and
implement it for them.
Comment 21 by bushr...@gmail.com, May 22 2010
I switched to chrome because of the speed of the browser and that it finally had the extensions I used. In our area (30 miles N of Dallas), dial-up is still the only 
option for a large number of people, so getting a fast browser that doesn't load 
"junk" instead of the content you want is a pretty big deal. So not showing the ads 
is nice, but it's the bandwidth I need to save because it affects the entire browsing 
experience.

The little side note for the ad-block extension mentioned starring this topic, but 
theres nothing anywhere on the page that looks like a star when I got here. I 
stumbled across it when playing with the comments. And I'm not a newbie user either, 
so no wonder people aren't "star-ing" as much... it's not easy to do and find.
Comment 22 Deleted
Comment 23 Deleted
Comment 24 Deleted
I have done some more thinking about how this would be implemented and I think that
even if Chromium's renderer does not handle missing content gracefully, the existing
content hiding mechanisms that are currently employed by ad blocking extensions could
be used to fix that. It is not the most graceful implementation possible, but in
principle (without having seen any code yet), this would only cause an issue while
the page is still being rendered, in which case it does not have to look nice, so
implementing content-blocking in the manner I proposed above seems feasible.

I am a senior applied mathematics and statistics/computer science double major with
no familiarity with chromium's codebase or extensions architecture and I have little
to no experience working on projects of this magnitude. I also have summer classes
starting soon and some summer projects for a professor in my university's computer
science department to do on top of that. The only things that would probably help me
in this area if I were to take this upon myself are the facts that I use Gentoo
Linux, that I have completed the coursework that applies to this area and that I am
fairly fluent in C++.

Right now, there are 354 people that have this issue starred. Are any of you C++
developers, students in fields that teach C++ or hobbyists that learned C++ on your
own to know how to attempt something like this? I have my own obligations so if we
are adopting a "upstream has abandoned us; lets do this ourselves" mentality and
everyone is waiting on me, they could be waiting a very long time, depending on how
much free time I have and how motivated I am to do this in the context of all of the
other things that I should be doing with my free time, so I want to know if I am the
only one or if there is someone else here that is capable of working on this either
before I try it or in some kind of collaboration, as I do care about having this
implemented.

By the way, while it is too late now, I would like to observe that this would have
made a great Google Summer of Code Project. As far as I can tell, this was not even
listed as a possible idea and sadly, it is not mentioned on Chromium's API wishlist.

http://code.google.com/p/chromium/wiki/GoogleSummerOfCode2010
http://dev.chromium.org/developers/design-documents/extensions/apiwishlist
Comment 26 Deleted
@25

This functionality would be included in a "network" API on the api wishlist you linked 
to.
I do not suppose there are any proposed API specifications available for the things
26 and 27 mentioned, are there?
Comment 29 Deleted
Comment 30 Deleted
guys, please just star the issue.. dont say why you want it.. no one cares..

staring it, automatically expresses your interest for the feature, and sends an email 
to everyone that starred the issue.. so you are all just spamming us.. and sooner or 
later, people will start un-starring the issue because they are tired of getting 
spammed by people that want to explain why they want it.
What is needed according to Giorgio Maone:

2 APIs:
 - Networking API
 - Settings API

Details

For general blocking:

1. A window-level property which enables/disables scripting for that window/frame

> this is possible for frames with iframe@sandbox (eg. frameElement.sandbox='allow-same-origin'), and this is already possible also 
for top windows, iff extensions get permission to modify settings.. so this should be part of the aforementioned Settings API.

2. A callback API to monitor and veto any load, with a reference to the DOM element that initiated the request.

> this should be part of the Networking API.. and if there is a redirection (3xx) we should get called each time.

For ABE, we need:

1. To be able to map a domain to an IP (or list of IPs), a DNS Listener.

> this should be part of the Networking API.

For ClearClick, we need:

1. The ability to take cross-site screenshots

Btw, this is now the #1 asked feature for chrome:
> http://code.google.com/p/chromium/issues/list?q=label:Type-Feature&sort=-stars

Greetings!!
Comment 33 Deleted
Comment 34 Deleted
Comment 35 by Deleted ...@, May 26 2010
if I were an advertiser I would want adblockers to stop the downloading of adverts 
rather than simply hide them, because I'd only want to pay for the numbers of adverts 
that were actually *shown* to the end user, not the number of times the web browser 
fetched them.
as google, however, I wouldn't care, provided that advertisers didn't realise they 
were paying for adverts automatically removed before ever a person had a chance to 
see them.


Comment 36 by Deleted ...@, May 26 2010
This is really a key issue. Instead of looking at this as a more efficient way of block 
ads, focus should be on how implementation of this would make the fatest browser 
around... even faster.
Paul, the advertisers pay per click, rather than per view, so it does not make much
of a difference to them whether the ads load or not when their ads are blocked.

Anyway, I asked above if anyone else replying here knew C++ or if I am the only one.
Since no one else posted otherwise, I assume that I am. I will see what I can do
about implementing this in my spare time, but I doubt Google's developers would
accept any changes I make into Chromium because they would be specifically targeted
to getting this to work and what they would want is a general-purpose API, which I
expect would take more time than I have to give because I have my own things to do.
Comment 38 Deleted
Comment 39 Deleted
Comment 40 by nuno...@gmail.com, May 26 2010
On Comment 37  by shiningarcanine:

I suppose even if you implement this in a less general way than the one google devs
want, your work could still be used as a basis for that. And if they don't I suppose
there's always room for third party patched builds!
i hope google chrome will have the adblock plus extension as in mozilla firefox. i'll 
definitely go for chrome if the real adblock plus is here.

there are some adblock feature likes but they could not block the ads perfectly as in 
firefox, they just hided it.
stop spamming for the love of god! it's annoying... STFU and listen what creators say. 
star the issue and don't spam!
Comment 43 by wei....@gmail.com, May 27 2010
Hi, the two of us started hacking this project: 
http://github.com/deinococcus/ChradBlock . It all started with this discussion 
thread: http://bbs.archlinux.org/viewtopic.php?pid=763874 . It's very usable 
now, and we'd like to bring more people to this project. The way it works now is 
simply URL-based: every time before a request is sent it's matched against a 
blacklist.

I understand the code in its current form will never be accepted. But it's a good 
starting point and I don't mind maintaining my own fork even if the patch isn't 
accepted upstream. If you're intrested, please check out the code!
Comment 44 by wei....@gmail.com, May 27 2010
And I forgot to mention: this is only supposed to work on Linux. You're very 
welcome to submit Windows or Mac patches.
Comment 45 by Deleted ...@, May 27 2010
I'll get started on the windows port, ill post back once i have it working at a satisfactory level if anyone wants to help me just send me a email and we will see what 
we can do to get this show on the road.
Comment 46 by hpwil...@gmail.com, May 29 2010
I truly believe this should be a P1 and not P3. Look at the number of people asking for 
it.. This will allow to truly block unwanted content and make the browser even faster.
This should REALLY be implemented!
This issue is really the only thing keeping me from making Chrome my go-to browser. 
It's my secondary browser, but I can't use it for daily things if I'm constantly 
wasting my time and bandwidth downloading ads...
Comment 49 by al3...@gmail.com, May 30 2010
I think google just does not want google ads to be blocked, that's why they are not 
implementing this functionality...
But without this - I will not use Chrome as my default browser...
Comment 50 by dbro...@gmail.com, May 30 2010
unstarring this one as well.  I want ad blocking but people here seem to think that a 
bug tracker is their soapbox.
Please stop whining about people talking about why this would help them. You are only 
adding more pollution to the comments when you do that and when you have 598 people 
with this starred, you are bound to get a few comments along those lines. It is 
inevitable and some opinions on why this would help people might sway the Google 
Chromium team to make this a higher priority.
Comment 52 by euroc...@gmail.com, May 30 2010
Please stop complaining about people whining about people talking about why this would help them! You are 
only 
adding more pollution to the comments when you do that and when you have 595 people (and going down) with 
this starred, you are bound to get a few comments along those lines. It is 
inevitable and some opinions on why this would help people might sway the Google 
Chromium team to make this a higher priority.
Comment 53 by Deleted ...@, May 30 2010
"Please stop whining about people talking about why this would help them. You are only 
adding more pollution to the comments when you do that and when you have 598 people 
with this starred, you are bound to get a few comments along those lines. It is 
inevitable and some opinions on why this would help people might sway the Google 
Chromium team to make this a higher priority."

Well said, it's normal people that makes things rise or flop. More people speeking up for this change the 
better it means google knows that normal users not just devs would like this change and the reasons 
behind why. If your not interested them why not just setup a filter in or mail box or delete the messages. 
The more information and debate about the issue the better unstar if you want your comment will be still 
there for google to view in the end there will be more people that are staring this issue than unstarring it 
won't harm the chances of this being fixed and you won't be missed chances were you didn't put anything 
useful forward anyway other than a gripe and more "unhelpful" comments that you claim to be unstaring 
for anyway.

PhD in computer science. 

Nicholas Derrett

Comment 54 Deleted
Comment 55 by mxx...@gmail.com, May 30 2010
Shouldn't "Area" be changed from UI to Internals?
Comment 56 by nuno...@gmail.com, May 30 2010
In response to comment 55,
"Shouldn't "Area" be changed from UI to Internals?"

The way this request is described (as a "common need of ad blocking, flash blocking,
and privacy extensions"), it looks like a request for the blocking functionality, and
not for its UI (as that would be provided by those extensions).

Also,  issue 16932  splits this into UI and the piece which makes it work under the
wood (I suppose this is what Internals is about).

So it might need to be changed - at least AFAICT this is not about UI.
(And BTW, what are the differences against 16932? It seems to contain this one, not?)
as a note I don't want ad blocking. I have seen noscript block hacks on websites and 
malicious content. I want to block that. If google made it so google ads wasn't 
blocked by default or that google itself couldn't be blocked... it'd seem slightly 
evil. but it would be better than the current content blocker which will allow either 
all resources good or bad... or none.
Comment 58 by Deleted ...@, May 31 2010
Unstarred get a iPhone you bunch of tits
Another important usage for this feature: block all images (not only ads necessarilly). 
There are a lot of websites where you are only looking to read the texts (forums, for 
instance) and the loading of images makes navigating it several times as slower. There 
is an extention about this, but it only hides the images (which is pointless from a 
performance perspective). Opera has it very easily accessible, and this is really 
missing in Chrome.
Comment 60 by mkte...@gmail.com, May 31 2010
@ Comment 59: Chrome can already block all images on a given site.  What it can't do 
is block all images *from* a given source.  (e.g., if you want to block images 
hotlinked from Imageshack for every site you visit, you can't.)

(The site black/whitelist for image-blocking can be found in Options -> Under the Hood 
-> Content Settings -> Images)
imo the major real case for me here is I don't mind 'allowing youtube' for example on 
every site 'cause I trust the source to not contain malware. but there might be 10 
other source sites on a site that I don't trust.
Comment 62 by mal@google.com, May 31 2010
Marking this read only until implementation is ready to begin... a lot of people have 
this starred, and the comments aren't adding any useful information.
Comment 63 by aa@chromium.org, Jun 15 2010
A partial solution to this problem is now available. Chrome now contains an event accessible to content scripts called "beforeload". For example:

document.addEventListener("beforeload", function(event) { 
  console.log("Caught resource load"); 
}, true); 

This would fire for every resource load in the document. event.preventDefault() should block the resource from loading.
Nice, thanks for the info. Hope the plugin devs will soon implement this.
Comment 65 by pki...@gmail.com, Jun 16 2010
Really? It's a surprise for me.
I hope one day this  issue 35897  will be added into chrome ,
and when this become true ,i can use Chrome as my only browser.
But now sadly,in the area of blocking Ads,Chrome is less powerful than
Firefox.
I'm looking forward this can be changed!
Comment 66 by gundl...@gmail.com, Jun 16 2010
AdBlock 2.0.0 has incorporated this feature.  It now blocks ads from even being downloaded!

You can get it at http://chromeadblock.com, or update via Wrench -> Extensions -> Developer Mode -> Update Extensions Now.

Do me a favor, and if you like it, drop me a donation at http://chromeadblock.com/paypal_donate/donation.php .  Hardly anybody does for some reason, but hopefully you'll help out :)

Enjoy!
Michael
Comment 67 by gundl...@gmail.com, Jun 16 2010
FYI, you'll need to get Chrome 6 or later via the dev channel (http://www.chromium.org/getting-involved/dev-channel) in order to see this feature work.
Comment 68 by aa@chromium.org, Jun 16 2010
Actually, @gundlach, I did a quick check and "beforeload" works in Chrome 5 too. So you should be able to update the code to work in all Chrome channels.
But just to confirm. The "beforeload" event only occurs on elements loading inside a page and not the top level document that you type in the address bar to get, right? Is there a way to get that yet?

And @gundlach/@aa@chromium.org, yes turning on the "experimental" blocking in adblock works in Chrome 5 for me.
Out of curiosity, does beforeload fire for plugin connections (ie, Flash)? That would make it very useful. Though I can't complain, having this around at all is awesome.
Comment 71 by aa@chromium.org, Jun 16 2010
@kbjorgensen2000: You are right. That is why we aren't closing this bug yet. The "beforeload" feature is considered a good workaround but not a complete solution.

@jacobmp92: I'm not sure. Try it! (and thank Apple -- they added it to WebKit, we just inherited it).
Gundlach: Great, thank you for the info.
Comment 73 by gundl...@gmail.com, Jun 16 2010
Updated AdBlock to 2.0.1, which turns on this feature for Chrome Stable.  How did I miss that this worked in Stable?? :)
N.B. AdThwart has also implemented preliminary support for this event.
Does beforeload work on iframes as well or are iframes considered top level documents? I ask because I just filed an issue with AdBlock for Chrome involving content blocking when iframes are used for advertisements:

http://code.google.com/p/adblockforchrome/issues/detail?id=3603

Also, I would like to mention that because flash content is not sandboxed, any security issues in flash become security issues in Chrome and until this issue is resolved, there is no way for extensions to provide a last line of defense against that. While I know that Google's effort to keep flash up-to-date by bundling flash with Chrome has been fairly successful, it does nothing to protect people from security issues that are exploited before even Adobe is aware of them, which makes giving extensions the ability to serve as a last line of defense important. This was recently demonstrated to some extent by a critical security issue in flash:

http://www.adobe.com/support/security/advisories/apsa10-01.html

At the time of its publication, the most recent stable version of flash was vulnerable and the only invulnerable version of flash was a beta release. The next time an issue like this is found, there is no guarantee that even a beta solution will be available and the only way people will be able to protect themselves would be by using Firefox with flashblock. Less fortunate people running Google Chrome OS would not even able to do that. Resolving this issue would fix that.
nilsatwlonk: Which one should one use? I never looked them up too much and I only know ABP as an adblocker (+urlfilter.ini in Opera).
Comment 77 by mxx...@gmail.com, Jun 16 2010
shiki.biomernok, this is not the right place to discuss this.
please take it to some other forum on the internet to discuss which one you should use.
Comment 78 by gundl...@gmail.com, Jun 16 2010
@shiningarcanine: beforeload works on iframes as well.  for example, searches on thepiratebay.org have their iframes blocked from downloading.

@shiki.biomernok, I'm biased, but in short, AdBlock takes a more thorough and robust blocking approach than does AdThwart.

AdBlock 2.0 blocks resources that match your several thousand subscribed filter rules and any of your custom filter rules; basically, doing what it's always done but now preventing the download.  A downside to this is that occasionally I've seen a resource sneak by before the rules were loaded.  AdThwart's preliminary support just blocks a couple dozen hard-coded ad servers, so you're still downloading ads for your thousands of other rules.  An upside to this approach is that those couple dozen ad servers will never download ads.

Also, if you care about privacy, AdBlock lets you subscribe to EasyPrivacy and block the download of web trackers; if you subscribe to EasyPrivacy in AdThwart you won't get that benefit.

That said, Tom's surely working on improving AdThwart, so it may at some point be able to do a lot of what AdBlock currently does; AdThwart's also been translated into 5 languages.

Hope this helps :)
Is there any way that an extension can signal webkit to wait for an okay signal before downloading anything to give AdBlock time to load its rules?
Comment 80 by gundl...@gmail.com, Jun 16 2010
@shiningarcanine: Nope, that's one example of an API that would solve this problem.  If you'd like to offer more suggestions, drop me an email so the list doesn't keep getting spammed.
Comment 81 Deleted
Comment 82 Deleted
Comment 83 Deleted
Could you please block Gmail ads to? I don't like the ads that display on the top of your emails gets kinda annoying. Thanks once again!
very important feature. Please implement this asap!
devanchesolanki, this is not the place to be asking for <insert ad here> to be blocked. That should be done at the ad block for chrome bug tracker:

http://code.google.com/p/adblockforchrome/issues/list
Comment 87 Deleted
 Issue 47166  has been merged into this issue.
 Issue 49768  has been merged into this issue.
 Issue 41336  has been merged into this issue.
Comment 91 by aa@chromium.org, Nov 4 2010
 Issue 30673  has been merged into this issue.
Labels: -DesignDocNeeded bulkmove Action-DesignDocNeeded
A common need of ad blocking, flash blocking, and privacy extensions is the 
desire to declaratively block external resources like images, plugins, and 
iframes.
Labels: Restrict-AddIssueComment-Commit
Cc: mpcomplete@chromium.org jochen@chromium.org
Matt and Jochen: should this be kept open and separate from the webRequest API work?
Mergedinto: 60101
Status: Duplicate
Let's dupe this against the webrequest API for now. We can revisit this if we decide not to include this feature in webrequest.
Comment 96 by fam....@live.nl, Dec 18 2011
Blocking: -adblockforchrome:1142
Project Member Comment 97 by bugdroid1@chromium.org, Mar 9 2013
Blocking: -chromium:61934 chromium:61934
Labels: -Action-DesignDocNeeded Needs-DesignDoc
Project Member Comment 98 by bugdroid1@chromium.org, Mar 11 2013
Labels: -Feature-Extensions -Area-UI Cr-Platform-Extensions Cr-UI
Sign in to add a comment