[webkit-help] Content blocker vs filtering
signup_mail2002 at yahoo.com
signup_mail2002 at yahoo.com
Mon Jul 6 11:46:52 PDT 2015
Hi,
I am wondering is webkit's content blocking extension framework different then the network content filtering announced for ios9?
I am wondering if this can't be combined in functionality somewhat.
First of all all browsers on iOS has to use WebKit (as far as I know) so an extension would or could apply to all iOS browsers right?
Secondly a simpler content blocking is via URL/IP matching using local or remote blacklist (no way this can be created via JSON rules - too big, and how can these be updated efficiently) So WOT, SiteAdvisor, LinkChecker, Safe Web, etc.
What these plug-in do in general
1)URL/IP scanning (i.e.: category base blocking, parental control)
2)content scanning (AV and Ad scan usually)
3)link annotation (same as #1 but ads info beside the link as a visual annotation). This require a way to modify content (iOS is the only platform where this is not possible without resorting to VPN/Proxy which is costly and slow)
Basically we need the following entry points:
1) configuration for block page, whitelist/blacklist (exception list that are mutually exclusive I imagine). If you define RESTful protocol for filtering on URL/API and you do the caching (remember this can be used for parental control because it contents site categories and dangerous info) then we can simply provide a URL and define authentication mechanism (ex: access token). This makes things simple for page blocking.
2) before page load get event to decide if page can be loaded. URL/IP info is needed. If WebKit uses REST model then we just configure the back end info and WebKit will handle everything else.
3) before page is shown after page is ready, give event for opportunity to inspect the page or modify the content ( we are all sandboxed apps/extension there should be no restriction on what we can do). Having DOM obj of the page would make things easy or allow injection of JavaScript. If this is done at network level MITM attack would be used to decrypt HTTPS traffic (used by most if not all Enterprise grade filtering proxies) and not something I like particularly.
4) if a page is blocked but is allowed to load there must be mechanism to allow the page to load without going into an infinite loop (I.e.: temporary unblock)
I think JSON format is good for simple static logic but not necessarily flexible enough for all cases. In my opinion it is not very future proof (let 3rd party worry about the filtering/block logic).
Let me know if there is another mailing list for content filtering that I am talking about or I am missing something about this new feature.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-help/attachments/20150706/355f06d6/attachment.html>
More information about the webkit-help
mailing list