Hi there this is Bryan, CTO at you.com This post is not true: the you.com extension does not inject tracking beacons across the web or locally.<p>I went back and looked at the open source code, and I can see how someone might misunderstand what is happening so I will clarify here with pointers to the open source code as well. The Firefox extension should be unminified too, so anyone who has it installed can check that the code I'm referring to is represented in that open source repository I will link to below.<p>Let's walk through the extension code, starting with the relevant part of the manifest.json:<p>"content_scripts": [
{
"matches": ["<i>://localhost/</i>", "<i>://you.com/</i>", "<i>://</i>.you.com/<i>"],
"js": ["content-script.js"]
}<p>This says that on domains that match ["</i>://localhost/<i>", "</i>://you.com/<i>", "</i>://<i>.you.com/</i>"], we run content-script.js.<p>source: <a href="https://github.com/You-OpenSource/You-Firefox-Extension/blob/19bbf1f8c3d2bda34b7c62c2efddc54a67edbca0/manifest.json#L25">https://github.com/You-OpenSource/You-Firefox-Extension/blob...</a><p>In content-script.js we have:<p>```
let beacon = document.createElement("div");
beacon.className = "you-firefox-addons-beacon"
document.body.appendChild(beacon);
```
<a href="https://github.com/You-OpenSource/You-Firefox-Extension/blob/19bbf1f8c3d2bda34b7c62c2efddc54a67edbca0/content-script.js">https://github.com/You-OpenSource/You-Firefox-Extension/blob...</a><p>So if you are on localhost or a you.com owned domain (certainly not "across the web"), we add a div to the page that does nothing by itself. We do this so that our client side code can detect whether you have the extension when you are on you.com and other you.com subdomains. We had the localhost in there for convenience while developing and should have removed it before publishing, but to be clear, even with that localhost match in the code, there is still no tracking, not across the web and not locally. We'll take the localhost match out out though to avoid any confusion.<p>We unfortunately named that div "you-firefox-addons-beacon", which I think misled the original poster to think we were doing something with the Beacon API (<a href="https://developer.mozilla.org/en-US/docs/Web/API/Beacon_API" rel="nofollow">https://developer.mozilla.org/en-US/docs/Web/API/Beacon_API</a>). But we are not. It is just an empty div that our client side code checks for when it loads the page for you.com domains and subdomains so you don't see the "Install extension" buttons and things like that once you have the extension. We will change the name so that it does not create this misperception moving forward.<p>And to address the downstream concerns in the other comments, we don't track users around the web. We don't use tracking to provide personalized search results -- we use the App Preferences feature that is available after someone signs up.<p>I'm glad that it is newsworthy that our search engine and browser plug-ins don't spy on our users! Please check the source code if you'd like: <a href="https://github.com/You-OpenSource/You-Firefox-Extension">https://github.com/You-OpenSource/You-Firefox-Extension</a> and spread the good word!