Adblock For Youtube
🔍 Security Report Available View on Chrome Web StoreChrome will indicate if you already have this installed.
Overview
✓ Permissions: like common ad-blocking extensions we do need default permissions on every website to remove ads or popups for example on embedded videos and Youtube itself.
ⓘ About
Adblock for Youtube™ is a content filtering and ad blocking browser extension which blocks all ads on Youtube™.
It allows users to prevent page elements, such as advertisements, from being displayed.
Banner, Ad-Clips or even preroll ads you usually see before the actual video on Youtube are blocked by this extension.
Features:
+ blocks ads, banner and popups
+ blocking of ads on external sites which loads Youtube.com
+ prevent preroll ads from loading on Youtube.com
+ you can also remove annotations from videos and musics (see options page).
+ loads videos and YouTube.com website faster.
The technology is simply based on adblocking filterlists which blocks external ad urls on Youtube. We do not change anything on the website itself.
Adblock for Youtube boosts the performance to load websites (without ads and tracking)
It is free to download and use!
Tags
Privacy Practices
Security Analysis — Adblock For Youtube
Permissions
Code Patterns Detected
External Connections
Package Contents 96 files · 762KB
What This Extension Does
Adblock For Youtube is a browser extension that removes ads from YouTube, allowing users to prevent page elements such as advertisements from being displayed. It blocks banner, ad-clips, and preroll ads on YouTube and external sites loading YouTube content. The extension also loads videos and YouTube.com websites faster.
Permissions Explained
- tabsexpected: Allows the extension to access and interact with web pages in the browser's tabs.
Technical: Grants access to Chrome's tab management API, enabling the extension to monitor and manipulate tab content. - storageexpected: Allows the extension to store data locally on the user's device.
Technical: Grants access to Chrome's storage API, enabling the extension to store and retrieve data such as settings and filter lists. - unlimitedStoragecheck this: Allows the extension to store an unlimited amount of data locally on the user's device.
Technical: Grants access to Chrome's storage API with no storage quota restrictions, potentially allowing the extension to store large amounts of data. ⚠ 1 - scriptingcheck this: Allows the extension to execute scripts in the browser context.
Technical: Grants access to Chrome's scripting API, enabling the extension to inject and execute scripts in web pages. ⚠ 1 - alarmscheck this: Allows the extension to schedule periodic tasks or events.
Technical: Grants access to Chrome's alarms API, enabling the extension to schedule and execute background tasks. ⚠ 1 - declarativeNetRequestexpected: Allows the extension to block or modify network requests.
Technical: Grants access to Chrome's declarative net request API, enabling the extension to block or modify network requests based on predefined rules. - webNavigationcheck this: Allows the extension to monitor and manipulate web page navigation events.
Technical: Grants access to Chrome's web navigation API, enabling the extension to monitor and manipulate web page navigation events. ⚠ 1 - webRequestcheck this: Allows the extension to block or modify network requests.
Technical: Grants access to Chrome's web request API, enabling the extension to block or modify network requests based on predefined rules. ⚠ 1 - <all_urls>check this: Allows the extension to access and manipulate all URLs visited by the user.
Technical: Grants access to Chrome's URL handling API, enabling the extension to access and manipulate all URLs visited by the user. ⚠ 1
Your Data
The extension accesses data on the user's device through storage and scripting permissions. It sends data to get.adblock-for-youtube.com, www.w3.org, fonts.googleapis.com, and api.adblock-for-youtube.com.
Technical Details
Code Findings
The extension assigns innerHTML to an element, which can potentially lead to cross-site scripting (XSS) attacks.
Technical: The code pattern is located in the content script and involves assigning innerHTML to an element without proper sanitization. This can allow attackers to inject malicious scripts into web pages.
💡 This pattern is commonly used in legitimate extensions for rendering HTML content.
The extension monitors form inputs, which can potentially lead to data exposure or manipulation.
Technical: The code pattern is located in the content script and involves monitoring form input events. This can allow attackers to intercept sensitive user data.
💡 This pattern is commonly used in legitimate extensions for form validation and submission.
The extension can block or modify network requests, which can potentially lead to data exposure or manipulation.
Technical: The code pattern is located in the content script and involves using webRequest API to block or modify network requests. This can allow attackers to intercept sensitive user data or manipulate network traffic.
💡 This pattern is commonly used in legitimate extensions for ad blocking and content filtering.
The Adblock For Youtube extension has several security concerns, including excessive permissions, potential XSS vulnerabilities, and data exposure. While the extension's stated purpose is legitimate, its implementation raises significant security risks. Users are advised to exercise caution when installing this extension and consider alternative ad-blocking solutions.
