(Bug): Privacy concern/question
Closed this issue ยท 4 comments
Browser
Firefox
Browser Version
latest
Extension or Userscript?
Extension
Extension/Userscript Version
latest
Video link where you see the problem
https://www.youtube.com/watch?v=GpMP6Nh3FvU
What happened?
I noticed that the extension issues a POST to the backend with an array of video ids, taken from the suggested videos that youtube generates for every video we click.
Why does the extension do this?
Those videos suggestions are very private data, as they could very easily be used to create strong viewing profiles, assuming the backend could be able to identify/cohort users - which is perhaps not impossible with some fingerprinting.
I also read the FAQs and could not find any mentioning of this behaviour? It seems to imply only the ID of the video's we watch are sent.
Code:
Im gonna assume it was useful before 13th december so the server could archive as many videos as possible.
I guess it just got left behind and forgotten, lets wait for Anarios' response.
The backend is replying to these calls with 200s, at the time of writting.
lets wait for Anarios' response
๐
Hi @rjmarques, as @DARKDRAGON532 correctly assumed - it's a rudiment from the time when dislike data was still available from youtube and we were trying to crawl and save as many videos as possible. It serves no purpose anymore and can be removed with next update.
It was never paired with your random user id.
If you're worried - this request can be safely blocked in your firewall and it will not affect how the extension works.
Thanks for your quick reply @Anarios!
Yeah it would be great if the extensions itself would stop issuing that request. Unfortunately, my router's firewall doesn't allow me to write rules that target the application layer. And it seems the http METHOD would be the best way to distinguisth between this call and the main one, as they share the endpoint.
I'll keep an eye out for the next updates ๐