{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreib4b5ximoerskm3sbsyvzkbblwyjyphpqakig2pwvg4w5aftytdnm",
"uri": "at://did:plc:haakkg7y3xdghcdmprxeexso/app.bsky.feed.post/3mn7aixnbnoe2"
},
"path": "/t/my-recent-changes-towards-more-privacy-friendlier-life/38166?page=2#post_26",
"publishedAt": "2026-06-01T03:53:54.000Z",
"site": "https://discuss.privacyguides.net",
"textContent": "Well, it does by a large degree.\n\nWith Mv3, Libredirect would not see any URL at all. Libredirect provides a set of rules to the browser. The browser handles it. Similar to how Predirect works which is built on Mv3.\n\nCurrently, it monitors requests and manually does everything as I said earlier.\n\nThe extensive permissions is mostly for **convenient** features. If you are user who values strict security and has trust on permissionless model. Go for predirect.\n\nLibredirect is meant for convenience of the users. So, it will need some permissions that allows delivery of those features.\n\nEssentially it is based on trust placed by the users on the developer despite being open-source.\n\nWhen moving to Mv3, for embeds, a tooltip will be placed for explanation and additional permission granted by the user, (i.e. Optional) and not declared as required permission on install itself.\n\nIt will still require “Access your data for all websites” because the extension will need to inject a script that replace the embed URL. Nothing much. So, when user loads a website embeds are redirected automatically.\n\nIf the user don’t like that permission. You can invoke a shortcut key that initiates the extension to replace embeds on a per-site + per-input basis without permission at all via permissionless model.\n\n* * *\n\nSame goes for Copy Raw which uses `all_urls` permission, it could be disabled if permission is declared optional and enabled by the user itself\n\n* * *\n\nWhat could be done to improve is having a better on-boarding experience that explains what is what and make the user configure as per their needs along with a default option where it is configured optimally for the majority of the users.\n\nAfter porting, I or other plan to extensively document permission system and use cases. So the user understands.\n\nBut it will take a long time, some years for sure. Both Mv2 and Mv3 will co-exist like uBO and uBO lite. That is all. If Mv2 and Mv3 gets feature parity. Maybe then Mv2 will be sunsetted.\n\nSo basically, it will be trustless/permissionless system and permissions are requested via controls that user understands and allows as needed.\n\n* * *\n\nFrom a user standpoint of view, Mv3 is good as it creates a balance of permissions and revokes access an extension could have and gives user privacy & security. But from a developer point of view, it would be either nightmare or difficult. But not impossible.\n\nMv2 was like painting in the flat ground with no boundaries. Mv3 is like painting a sheet of paper you are given.\n\nThe FAQ about Mv3 was written before Mv3 was fully adopted. So it could be errors or true based on how the Mv3 port of the extension turns out to be.\n\n* * *\n\nForget to say this, the reason embeds are disabled by default is that. Certain sites have strict CORS which block the replaced embeds from loading at all. That is also one of the main reasons that embeds are disabled. We don’t want users to have a negative experience while browsing.\n\nOnly YouTube embeds works fine that too if the site allows it. If it blocks other domains via CORS. That’s it. Nothing else works. Nitter can be replaced but the instance disabled it or the project didn’t fix it after X rebrand. There aren’t much embeds at all apart from these. Imgur, I don’t even know. Need to test.\n\n* * *\n\nSorry for the long message.",
"title": "My recent changes towards more privacy friendlier life"
}