Decentraleyes for Firefox loads CDN resources locally

You can learn a lot about a site when you monitor its network connections when you connect your browser to it.

You may see connections to third-party sites, ads, web analytics scripts and a lot more just from that.

A common practice is to use popular JavaScript libraries or frameworks like jQuery or Ember. Sites may load locally hosted versions of those, or versions hosted by public content deliver networks (CDN) such as those by Google, Microsoft or Cloudflare.

These resources are often essential for a site's functionality, and blocking them may break part or all of a site.

There are two concerns that Internet users may have when it comes to the use of these content delivery networks: privacy and speed.

Speed is easier to explain. While it is often faster to use a CDN for resources than a locally hosted version on the site's server itself, it still means having to make a connection to the CDN in first place. That's not as fast as making these resources available locally on the user's computer.

decentraleyes

Privacy, because connections to these sites are made, and these sites may drop cookies on your local system. They may also record your Internet activity since you connect to them using a web browser, and get information out of those connections such as your operating system, the web browser you are using, your IP address or location in the world.



Decentraleyes for Firefox takes care of both of those, at least for selected content delivery networks and resources.

  • Supported CDNs: Google Hosted Libraries, Microsoft Ajax CDN, CDNJS (Cloudflare), jQuery CDN (MaxCDN), jsDelivr (MaxCDN), Yandex CDN, Baidu CDN, Sina Public Resources and UpYun Libraries.
  • Resources that come bundled with the extension: AngularJS, Backbone.js, Dojo, Ember.js, Ext Core, jQuery, Modernizr, MooTools, Prototype, Scriptaculous, SWFObject, Underscore.js and Web Font Loader.
Read also:  Classic Theme Restorer may be dead by the end of 2017

The extension blocks connections to these content delivery networks by replacing the requests with resources loaded locally.

This takes care of both issues. Locally loaded resources are always faster than remotely loaded resources, even if a powerful fast network makes them available on the Internet, and since connections are not made anymore to these networks, there is no privacy impact as well.

Decentraleyes is a new extension, and I wish it would do more than what it is offering right now. First, it is difficult to tell whether a resource was replaced or not. It would be great if this would be highlighted in form of a log or even an icon that highlights the number of resources replaced with local resources.

Second, it works only if supported resources are loaded. There are however a multitude more resources that may get loaded from content delivery networks. An option to add your own replacements would be useful.

Third, it should not necessary limit its functionality to CDNs. Sites may load these resources from their server, and while you won't get any privacy improvements blocking it and replacing it with a local one, you may get loading speed improvements.

Closing Words

Decentraleyes is a good extension that introduces something that nothing else offered before. It could become a great extension if its author would improve it further. (thanks Tom)

Summary
Author Rating
5 based on 12 votes
Software Name
Decentraleyes
Software Category
Browser
Landing Page

Please share this article

Facebooktwittergoogle_plusredditlinkedinmail


Filed under:


Responses to Decentraleyes for Firefox loads CDN resources locally

  1. Tom Hawack November 23, 2015 at 5:18 pm #

    A most interesting add-on. For those who run the 'uBlock Origin' add-on as well, I've checked that Decentraleyes is "under the authority" so to say of uBlock : even calling data as it is locally, Decentraleyes will not do so if that data is blocked in any way by uBlock. It may be obvious for techies but not being one I had to check myself.

    Martin, thanks for reviewing this add-on. Also, you write, "it is difficult to tell whether a resource was replaced or not" : not that difficult. As the developer mentions it on his AOM page, "There's a testing tool, but you can also use Firefox's built-in network monitor to view all requests made in the course of loading a page. Lastly, by default, Decentraleyes marks locally fetched resources by prepending comments to them." ... and if you run uBlock, just have a look at its Logger and open the resource locally.

    I'm really fond of this add-on. Of course it can and will be improved but it's already quite nice.

    • Martin Brinkmann November 23, 2015 at 6:02 pm #

      Tom, what I meant by this is that I'd like a "on first glance" indicator that a resource was replaced by a local one.

      • Tom Hawack November 23, 2015 at 8:34 pm #

        I agree, Martin. In the same way as adblockers for instance. That would be a welcomed enhancement.

  2. Marcin November 23, 2015 at 6:06 pm #

    I wasn't aware of such an add-on and to me the concept looks very very interesting and promising.
    I'm gonna give this a try as soon as I can.
    Thank you very much, Martin, for providing us nice information, as always.

    Keep up the great work !

  3. g November 23, 2015 at 6:08 pm #

    Awesome, I've been wondering for a very long time why there's no such addon. Thanks!

  4. trek100 November 23, 2015 at 6:15 pm #

    Martin,

    Thanks for this review.

    Q:
    is there any quantitative measurement
    ref the speedup of page loading?

    Any specific web page examples,
    ie: "with and without" this addon?

    (if the load speed is only a "fraction of a second",
    that's imperceptible to a human observer loading a web page,
    and this addon would not really make any difference).

    • Martin Brinkmann November 23, 2015 at 8:28 pm #

      Well it depends but I would not say that you get a noticeable improvement out of it unless downloads from these CDN servers are slow, for instance if your Internet connection is maxed out or slow.

  5. Helios88 November 23, 2015 at 7:45 pm #

    This add-on is redundant if you already have uBlock Origin?

    • Martin Brinkmann November 23, 2015 at 8:34 pm #

      uBlock Origin blocks requests to those servers, but that works only if this is not needed for core functionality.

    • Tom Hawack November 23, 2015 at 8:40 pm #

      Not at all redundant, Helios88 : uBlock Origin and Decentraleyes don't perform the same thing.
      uBlock Origin blocks/allows traffic, Decentraleyes redirects CDN resources to your Firefox profile for the resources it handles, included in the add-on (approx. 8MB).

  6. Dougle November 23, 2015 at 11:55 pm #

    Whilst not as simple as this, NoScript surrogates can be used to access local versions of some libraries. https://forums.informaction.com/viewtopic.php?f=10&t=19598

  7. JP November 24, 2015 at 5:03 am #

    Thank Martin for this, I used a local proxy to redirect some jqueries to local versions. But I don't have time to maintain that myself, so I hope the author of this keep up to date with new versions.

    I also have a suggest for the author if he's still reading this page. Maybe you could implement a heuristic method to automatically cache common assets. This would eliminate of having to do the caching yourself.

  8. Boris November 24, 2015 at 10:56 am #

    I tried similar addon few years ago, but it had a constant problems. Since different websites use different or specifically modified versions of the same script, some websites did not worked properly.

    • Thomas November 27, 2015 at 2:54 am #

      Decentraleyes only replaces resources from supported delivery networks. So the add-on effectively ensures that the behavior of an injected local copy is identical to that of the script that was originally requested.

  9. Ben November 24, 2015 at 11:14 am #

    Good and useful idea.
    1) How does it handle different version of libraries?
    2) How does it get (and update) the local libraries in the first place?

    • John November 24, 2015 at 2:06 pm #

      It probably has them included within the plugin, and updating will be by the plugin updating probably.

      As for different versions... I take it that versions are distinct via the CDN links provided in pages, that it can select a local version.

      • Tom Hawack November 24, 2015 at 3:47 pm #

        True on both remarks, John. The database included in the add-on is very specific as for the version of each and every resources it includes. No messing up possible.

  10. kari November 25, 2015 at 7:49 am #

    > "Decentraleyes is a good extension that introduces something that nothing else offered before."
    I'm not certain how this addon works but it sounds very similar to what Local Load does:
    https://addons.mozilla.org/addon/local-load/

    • Thomas November 27, 2015 at 12:02 am #

      Local Load is quite different in the sense that it looks for specific "data-replacement" attributes in on a given page. So, when installed, it does allow you to load local resources, but only for pages that you (or someone else) prepared specifically. It does not prevent arbitrary websites from referring you to Content Delivery Networks.

      So basically, Decentraleyes is a completely different tool altogether. Also, it seems that Local Load is no longer under active development which means no new library versions were added since early 2013.

  11. Tom Hawack November 25, 2015 at 6:06 pm #

    I knew I had seen the concept before, but couldn't remember the add-on's name... thanks. Looks like this 'Local Load' is a bit forgotten.

  12. Steph May 25, 2016 at 3:08 am #

    Is there a Chrome extension that does the same thing? I run this in Firefox but would really like to have the same functionality in Chrome as well.

  13. Charlane March 9, 2017 at 12:28 pm #

    For the Privoxy users a version is available at: https://www.prxbx.com/forums/showthread.php?tid=2287

  14. bob April 4, 2017 at 9:30 am #

    I use Decentraleyes with Noscript. I think it's a good idea, though I'm uncertain of the recommended blanket whitelist to all these CDNs globally even though they are stored locally. Wouldn't malicious code from certain websites utilise these libraries as well?

    I'm used to selectively choosing which CDN websites in Noscript to allow access to depending on the the website I am on. Personally I feel more comfortable blocking all CDNs by default and letting them through on a case to case basis for decentraleyes to deal with when they are actually needed for your website viewing requirements.

Leave a Reply