Decentraleyes for Firefox loads CDN resources locally - gHacks Tech News

Decentraleyes for Firefox loads CDN resources locally

You can learn a lot about a site when you monitor its network connections when you connect your browser to it.

You may see connections to third-party sites, ads, web analytics scripts and a lot more just from that.

A common practice is to use popular JavaScript libraries or frameworks like jQuery or Ember. Sites may load locally hosted versions of those, or versions hosted by public content deliver networks (CDN) such as those by Google, Microsoft or Cloudflare.

These resources are often essential for a site's functionality, and blocking them may break part or all of a site.

There are two concerns that Internet users may have when it comes to the use of these content delivery networks: privacy and speed.

Speed is easier to explain. While it is often faster to use a CDN for resources than a locally hosted version on the site's server itself, it still means having to make a connection to the CDN in first place. That's not as fast as making these resources available locally on the user's computer.

decentraleyes

Privacy, because connections to these sites are made, and these sites may drop cookies on your local system. They may also record your Internet activity since you connect to them using a web browser, and get information out of those connections such as your operating system, the web browser you are using, your IP address or location in the world.

Decentraleyes for Firefox takes care of both of those, at least for selected content delivery networks and resources.

  • Supported CDNs: Google Hosted Libraries, Microsoft Ajax CDN, CDNJS (Cloudflare), jQuery CDN (MaxCDN), jsDelivr (MaxCDN), Yandex CDN, Baidu CDN, Sina Public Resources and UpYun Libraries.
  • Resources that come bundled with the extension: AngularJS, Backbone.js, Dojo, Ember.js, Ext Core, jQuery, Modernizr, MooTools, Prototype, Scriptaculous, SWFObject, Underscore.js and Web Font Loader.

The extension blocks connections to these content delivery networks by replacing the requests with resources loaded locally.

This takes care of both issues. Locally loaded resources are always faster than remotely loaded resources, even if a powerful fast network makes them available on the Internet, and since connections are not made anymore to these networks, there is no privacy impact as well.

Decentraleyes is a new extension, and I wish it would do more than what it is offering right now. First, it is difficult to tell whether a resource was replaced or not. It would be great if this would be highlighted in form of a log or even an icon that highlights the number of resources replaced with local resources.

Second, it works only if supported resources are loaded. There are however a multitude more resources that may get loaded from content delivery networks. An option to add your own replacements would be useful.

Third, it should not necessary limit its functionality to CDNs. Sites may load these resources from their server, and while you won't get any privacy improvements blocking it and replacing it with a local one, you may get loading speed improvements.

Closing Words

Decentraleyes is a good extension that introduces something that nothing else offered before. It could become a great extension if its author would improve it further. (thanks Tom)

Summary
software image
Author Rating
1star1star1star1stargray
4.5 based on 15 votes
Software Name
Decentraleyes
Software Category
Browser
Landing Page

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. Tom Hawack said on November 23, 2015 at 5:18 pm
    Reply

    A most interesting add-on. For those who run the ‘uBlock Origin’ add-on as well, I’ve checked that Decentraleyes is “under the authority” so to say of uBlock : even calling data as it is locally, Decentraleyes will not do so if that data is blocked in any way by uBlock. It may be obvious for techies but not being one I had to check myself.

    Martin, thanks for reviewing this add-on. Also, you write, “it is difficult to tell whether a resource was replaced or not” : not that difficult. As the developer mentions it on his AOM page, “There’s a testing tool, but you can also use Firefox’s built-in network monitor to view all requests made in the course of loading a page. Lastly, by default, Decentraleyes marks locally fetched resources by prepending comments to them.” … and if you run uBlock, just have a look at its Logger and open the resource locally.

    I’m really fond of this add-on. Of course it can and will be improved but it’s already quite nice.

    1. Martin Brinkmann said on November 23, 2015 at 6:02 pm
      Reply

      Tom, what I meant by this is that I’d like a “on first glance” indicator that a resource was replaced by a local one.

      1. Tom Hawack said on November 23, 2015 at 8:34 pm
        Reply

        I agree, Martin. In the same way as adblockers for instance. That would be a welcomed enhancement.

  2. Marcin said on November 23, 2015 at 6:06 pm
    Reply

    I wasn’t aware of such an add-on and to me the concept looks very very interesting and promising.
    I’m gonna give this a try as soon as I can.
    Thank you very much, Martin, for providing us nice information, as always.

    Keep up the great work !

  3. g said on November 23, 2015 at 6:08 pm
    Reply

    Awesome, I’ve been wondering for a very long time why there’s no such addon. Thanks!

  4. trek100 said on November 23, 2015 at 6:15 pm
    Reply

    Martin,

    Thanks for this review.

    Q:
    is there any quantitative measurement
    ref the speedup of page loading?

    Any specific web page examples,
    ie: “with and without” this addon?

    (if the load speed is only a “fraction of a second”,
    that’s imperceptible to a human observer loading a web page,
    and this addon would not really make any difference).

    1. Martin Brinkmann said on November 23, 2015 at 8:28 pm
      Reply

      Well it depends but I would not say that you get a noticeable improvement out of it unless downloads from these CDN servers are slow, for instance if your Internet connection is maxed out or slow.

  5. Helios88 said on November 23, 2015 at 7:45 pm
    Reply

    This add-on is redundant if you already have uBlock Origin?

    1. Martin Brinkmann said on November 23, 2015 at 8:34 pm
      Reply

      uBlock Origin blocks requests to those servers, but that works only if this is not needed for core functionality.

    2. Tom Hawack said on November 23, 2015 at 8:40 pm
      Reply

      Not at all redundant, Helios88 : uBlock Origin and Decentraleyes don’t perform the same thing.
      uBlock Origin blocks/allows traffic, Decentraleyes redirects CDN resources to your Firefox profile for the resources it handles, included in the add-on (approx. 8MB).

  6. Dougle said on November 23, 2015 at 11:55 pm
    Reply

    Whilst not as simple as this, NoScript surrogates can be used to access local versions of some libraries. https://forums.informaction.com/viewtopic.php?f=10&t=19598

  7. JP said on November 24, 2015 at 5:03 am
    Reply

    Thank Martin for this, I used a local proxy to redirect some jqueries to local versions. But I don’t have time to maintain that myself, so I hope the author of this keep up to date with new versions.

    I also have a suggest for the author if he’s still reading this page. Maybe you could implement a heuristic method to automatically cache common assets. This would eliminate of having to do the caching yourself.

  8. Boris said on November 24, 2015 at 10:56 am
    Reply

    I tried similar addon few years ago, but it had a constant problems. Since different websites use different or specifically modified versions of the same script, some websites did not worked properly.

    1. Thomas said on November 27, 2015 at 2:54 am
      Reply

      Decentraleyes only replaces resources from supported delivery networks. So the add-on effectively ensures that the behavior of an injected local copy is identical to that of the script that was originally requested.

  9. Ben said on November 24, 2015 at 11:14 am
    Reply

    Good and useful idea.
    1) How does it handle different version of libraries?
    2) How does it get (and update) the local libraries in the first place?

    1. John said on November 24, 2015 at 2:06 pm
      Reply

      It probably has them included within the plugin, and updating will be by the plugin updating probably.

      As for different versions… I take it that versions are distinct via the CDN links provided in pages, that it can select a local version.

      1. Tom Hawack said on November 24, 2015 at 3:47 pm
        Reply

        True on both remarks, John. The database included in the add-on is very specific as for the version of each and every resources it includes. No messing up possible.

  10. kari said on November 25, 2015 at 7:49 am
    Reply

    > “Decentraleyes is a good extension that introduces something that nothing else offered before.”
    I’m not certain how this addon works but it sounds very similar to what Local Load does:
    https://addons.mozilla.org/addon/local-load/

    1. Thomas said on November 27, 2015 at 12:02 am
      Reply

      Local Load is quite different in the sense that it looks for specific “data-replacement” attributes in on a given page. So, when installed, it does allow you to load local resources, but only for pages that you (or someone else) prepared specifically. It does not prevent arbitrary websites from referring you to Content Delivery Networks.

      So basically, Decentraleyes is a completely different tool altogether. Also, it seems that Local Load is no longer under active development which means no new library versions were added since early 2013.

  11. Tom Hawack said on November 25, 2015 at 6:06 pm
    Reply

    I knew I had seen the concept before, but couldn’t remember the add-on’s name… thanks. Looks like this ‘Local Load’ is a bit forgotten.

  12. Steph said on May 25, 2016 at 3:08 am
    Reply

    Is there a Chrome extension that does the same thing? I run this in Firefox but would really like to have the same functionality in Chrome as well.

  13. Charlane said on March 9, 2017 at 12:28 pm
    Reply

    For the Privoxy users a version is available at: https://www.prxbx.com/forums/showthread.php?tid=2287

  14. bob said on April 4, 2017 at 9:30 am
    Reply

    I use Decentraleyes with Noscript. I think it’s a good idea, though I’m uncertain of the recommended blanket whitelist to all these CDNs globally even though they are stored locally. Wouldn’t malicious code from certain websites utilise these libraries as well?

    I’m used to selectively choosing which CDN websites in Noscript to allow access to depending on the the website I am on. Personally I feel more comfortable blocking all CDNs by default and letting them through on a case to case basis for decentraleyes to deal with when they are actually needed for your website viewing requirements.

  15. user4759 said on May 8, 2018 at 1:36 pm
    Reply

    Hello.

    Thanks for the article. I would like to ask about “Decentraleyes” using with “uBlock Origin” and “NoScript v10”. On the github/faq website (see 1.) there is an information for “uBlock Origin” (non-easy mode) users about adding some rules with ‘noop’ option etc.

    However, there is also: “In doubt? Ignore this guide.” And I’m a little confused: should I add mentioned rules or it’s okay to not do it – add anything and leave it as-is?

    Test on ‘decentraleyes.org/test’ website only works when:

    a) “No Script” is disabled (or website is ‘Temp. TRUSTED”?)
    b) above rules are added to the “uBlock Origin”

    With above points, there is an information/number – let say 6. – of locally delivered CDN etc. Normally, above number is not changing at all, on any websites, that I visit.

    What should I do?

    Thanks.
    _________
    1. https://github.com/Synzvato/decentraleyes/wiki/Frequently-Asked-Questions

  16. Franck said on May 11, 2018 at 2:35 am
    Reply

    Fantastic tool, which has already been ported to WebExtensions!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.