Proxy Chrome extensions are not going to be usable in MV3

I keep seeing sentences like &quot;MV3 is approaching&quot;, &quot;when MV3 drops in x months&quot;, but the reality is that MV3 is already here and affecting extensions!<p>New extensions that use MV2 have been prevented from being added to the store since last January [1] and this has already affected some extensions which, as a result, have to be installed manually [2][3]<p>The time to switch to Firefox is right now.<p>[1] <a href="https:&#x2F;&#x2F;developer.chrome.com&#x2F;docs&#x2F;extensions&#x2F;mv2&#x2F;" rel="nofollow">https:&#x2F;&#x2F;developer.chrome.com&#x2F;docs&#x2F;extensions&#x2F;mv2&#x2F;</a><p>[2] <a href="https:&#x2F;&#x2F;github.com&#x2F;libredirect&#x2F;libredirect&#x2F;issues&#x2F;45#issuecomment-1059010144" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;libredirect&#x2F;libredirect&#x2F;issues&#x2F;45#issueco...</a><p>[3] <a href="https:&#x2F;&#x2F;libredirect.github.io&#x2F;faq.html#chrome_web_store" rel="nofollow">https:&#x2F;&#x2F;libredirect.github.io&#x2F;faq.html#chrome_web_store</a>

Manifest V2 deprecation is likely going to break extensions that inject userscripts, like Tampermonkey [0] and SurfingKeys [1]. The Chrome team has been rather unhelpful. They&#x27;ve promised to add support for power-user tools like these in MV3:<p>dotproto from the Chrome team commented on May 27 [2]:<p>&gt; @mon-jai, the short answer is no, I don&#x27;t have any updates to share. That said, I&#x27;ll reaffirm that we plan to support userscript managers in Maniest V3 before the Manifest V2 deprecation.<p>But the deprecation is approaching and the Chrome team hasn&#x27;t released any more information about this AFAIK. These extensions are going to require large refactors to support MV3 and they can&#x27;t meaningfully start until the Chrome team elucidates how script injection will work. With MV2 deprecation coming so soon, I worry there won&#x27;t be enough time.<p>[0]: Manifest V3: examine the effects · Issue #644 · Tampermonkey&#x2F;tampermonkey: <a href="https:&#x2F;&#x2F;github.com&#x2F;Tampermonkey&#x2F;tampermonkey&#x2F;issues&#x2F;644" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;Tampermonkey&#x2F;tampermonkey&#x2F;issues&#x2F;644</a><p>[1]: Migrate to Manifest V3 · Issue #1821 · brookhong&#x2F;Surfingkeys - <a href="https:&#x2F;&#x2F;github.com&#x2F;brookhong&#x2F;Surfingkeys&#x2F;issues&#x2F;1821" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;brookhong&#x2F;Surfingkeys&#x2F;issues&#x2F;1821</a><p>[2]: <a href="https:&#x2F;&#x2F;github.com&#x2F;Tampermonkey&#x2F;tampermonkey&#x2F;issues&#x2F;644#issuecomment-1140110430" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;Tampermonkey&#x2F;tampermonkey&#x2F;issues&#x2F;644#issu...</a>

As a proxy extension developer, this is absolutely maddening. We&#x27;re forced to choose between auth-less open proxies (bad), or baking in a wacky authentication scheme through a side channel (also bad). MV3 drops in 2.5 months, and will leave tens of millions of proxy extension users unable to use products they paid money for.<p>This is all on top of the many other issues with MV3 that Google is pushing under the guise of &quot;improving performance&quot;.

Looks like we caught someone&#x27;s attention:<p>&gt; I&#x27;m temporarily restricting comments to keep comments from turning into +1s while this is trending on Hacker News. If you have additional thoughts that you&#x27;d like to share with the Chromium team regarding this issue, please return in a few days to leave a comment (and apologies for the inconvenience).<p>&gt; As a Chromium contributor that shares information about our progress on extensions issues, I sincerely apologize to extensions developers affected by this issue and the broader community for not sharing an update until now. I&#x27;m currently working on a &quot;known issues&quot; document for Manifest V3 that touches on several outstanding issues (including this one), but given the attention on this issue now, I&#x27;ll quickly share our current thinking on this issue.<p>&gt; We have always intended to provide support for this functionality in Manifest V3 (for both user-installed and force-installed extensions), and have been iterating on different possible approaches. Our tentative plan (which is not yet finalized) is that the Manifest V3 version of this capability will require extensions to request a new permission scoped to intercepting authentication requests, but will otherwise allow extensions to handle these requests in a similar manner to how they do in Manifest V2.<p>&gt; The permission string and end user facing warning string have not been finalized yet. Also, we have not yet finalized how this new permission will interact with other permission grants, but extensions that currently have the webRequest permission and broad host permissions will likely not require an additional grant for this permission.<p>&gt; Finally, I want to note that before we can pursue this capability, we first need to resolve issue 1024211 (now formally marked as a blocker). We are actively working on 1024211 and aim to resolve both that issue and this one before January 2023.<p><a href="https:&#x2F;&#x2F;bugs.chromium.org&#x2F;p&#x2F;chromium&#x2F;issues&#x2F;detail?id=1135492#c92" rel="nofollow">https:&#x2F;&#x2F;bugs.chromium.org&#x2F;p&#x2F;chromium&#x2F;issues&#x2F;detail?id=113549...</a>

Chromium team has not commented on this bug with 650+ stars (within top 10 <a href="https:&#x2F;&#x2F;bugs.chromium.org&#x2F;p&#x2F;chromium&#x2F;issues&#x2F;list?sort=-stars&amp;colspec=ID%20Pri%20Type%20Component%20Status%20Summary%20Owner%20Target%20M%20Reporter%20Modified%20Opened%20Stars&amp;q=&amp;can=2" rel="nofollow">https:&#x2F;&#x2F;bugs.chromium.org&#x2F;p&#x2F;chromium&#x2F;issues&#x2F;list?sort=-stars...</a> issues) in months

Once upon a time many years ago, Chrome was marginally better than Firefox.<p>That time has long since passed.<p>I know, I switched from Firefox to Chrome and used it for a couple of years, but Firefox got better and Chrome got worse, so I&#x27;ve been back on Firefox for many years again now.<p>If Chrome doesn&#x27;t do what you want or what you like, use Firefox. It does everything Chrome does, and more.

It&#x27;s telling that the last action from a google employee on the list was ... removing themselves from the notification list.

I thought they were pushing it when they announced MV3, which would purposely can ad blockers. But this would finally put the nail to this coffin.<p>Now I&#x27;m even more curious to see how badly Chromium bangles this migration to V3.<p>I&#x27;m also curious as to why big internet advocacy organizations such as the EFF [0] have been quiet on this move.<p>--<p>Edit: It appears the EFF has spoken out about this a couple of times.<p>[0] <a href="https:&#x2F;&#x2F;www.eff.org&#x2F;deeplinks&#x2F;2021&#x2F;12&#x2F;googles-manifest-v3-still-hurts-privacy-security-innovation" rel="nofollow">https:&#x2F;&#x2F;www.eff.org&#x2F;deeplinks&#x2F;2021&#x2F;12&#x2F;googles-manifest-v3-st...</a>

MV3 sucks and all, but why do you need an extension to set up proxy settings? Is this in lieu of a whole-device VPN?

I don&#x27;t know the full scope of consequences and Google&#x27;s reasoning for this, but I&#x27;m going to guess it&#x27;s either done under the false pretenses of improving performance, or improving security. Could there possibly be a positive outlook for improving ad revenue as well?<p>Time to settle with Firefox.

2 years without a reply, maybe it&#x27;s a feature.<p>Could they be afraid of a surge in proxy Adblock extensions since they are trying to cripple the local ones?

Are proxy extensions just a hook to set the http_proxy?<p>I always have a hard time with chrome. because where firefox has a config area to set the proxy chrome wants to use an environment variable. so do these proxy extensions fill this missing config gap?

It looks like they did this on purpose, otherwise they won&#x27;t ignore such an important issue.

Can someone ELI5 what are proxy extensions? What are they supposed to do?

It&#x27;s extremely frustrating how Google is ignoring this issue. So much for developer relations.

Last time I tried to use onAuthRequired in Chrome I found that it was already broken in some contexts. I think it&#x27;s pretty clear that Google is on track to phase out extensions completely within the next decade.

Not trying to throw ML at the wall, but could it be used for this problem (considering all other options seem to be failing)?<p>As far as I understand, after MV3, ad blockers won&#x27;t be able to use a long list of ads to remove them.<p>How about using a simple ML algorithm to detect whether the request is a genuine one or an advertisement? I am sure that getting training data wouldn&#x27;t be too hard (all the ad lists that will get useless after MV3 are good data).<p>I don&#x27;t make chrome extensions so I don&#x27;t completely know how MV3 will cripple ad blockers.<p>Any feedback would be appreciated!

btw just like there were enterprise-hacks for Windows v7 to keep it going, manifest v2 will still work if users can be taught to turn on &quot;managed mode&quot; in their Chrome<p>extends v2 from January 2023 EOL until June 2023<p><pre><code> January 2023 Chrome stops running Manifest V2 extensions Enterprise policy can let Manifest V2 extensions run on Chrome deployments within the organization. June 2023 Manifest V2 extensions no longer function in Chrome even with the use of enterprise policy</code></pre>

The issue seems to be specifically about authentication of proxies. Something I could never find a good extension for in the past.<p>What I ended up doing and found to be better is to connect to the proxy over a wireguard IP. I can recommend this solution to individuals and people who don&#x27;t need granular authentication.

So.. Chrome is too big to fork. Then why don&#x27;t we make a bare-bones OSS no-DRM browser with only a subset of JS and CSS and promote at the same time an old-school webring of &#x27;virtous&#x27; websites.<p>If it catches on (and it could since it&#x27;d be free and <i>fast</i>), maybe some big sites would evolve to advertise themselves as &#x27;virtous&#x27;.

<a href="https:&#x2F;&#x2F;github.com&#x2F;w3c&#x2F;webextensions&#x2F;issues&#x2F;264" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;w3c&#x2F;webextensions&#x2F;issues&#x2F;264</a>

Does anyone know when MV3 will be released, or when this will start to impact a large # of users?

Finally, chromium people have spoken <a href="https:&#x2F;&#x2F;bugs.chromium.org&#x2F;p&#x2F;chromium&#x2F;issues&#x2F;detail?id=1135492#c92" rel="nofollow">https:&#x2F;&#x2F;bugs.chromium.org&#x2F;p&#x2F;chromium&#x2F;issues&#x2F;detail?id=113549...</a>

Does this mean that (non-open-proxy) VPNs will no longer be usable on a per-Chrome-profile basis? So one would need to either route all traffic through a VPN at the OS level, or none at all?

Does this impact VPN extensions like Hola VPN ?

Has someone tried to fix this themselves yet?

may aggressive antitrust legislation compromise their core business and collapse their stock price

I don&#x27;t want to pile on here but everyone who used Chromium while pretending they weren&#x27;t supporting google&#x27;s Chrome monopoly, pretending Chromium was something else, are getting the only outcome that was possible. It was entirely predictable from the start and if you play stupid games you win stupid prizes.