What "requests" is uBlock Origin blocking?
 

I get that the Firefox add-on uBlock Origin is blocking ads and keeping me from websites with badware, but on the toolbar icon it is always indicating that it is blocking "requests." Anybody know what that refers to and how I might see who is making those requests? Thanks.

Here is how to see what is requested - and blocked - in a given page...

1. Go to the desired page...
2. Click the little uBlock icon at upper right in Firefox...
3. Find the line about the middle which says "on this page" and click the table icon, (tooltip is "Open the logger")...
4. Click the reload icon at top... see requests, those blocked hilighted in red.

As far as I know this must be done per page, there is no global logging option because the logs become too large too fast and most people never look at it anyway... could stand to be corrected on that though.

Okay. Cool. (And very interesting--a lot going on behind the scenes.) So some follow-up questions. (see screenshot) 1)What's the yellow highlighting mean? 2) On the left is a second-by-second account of what is running as the site opens?

Thanks!

I don't know much more than I put in my first post, so I can only direct you to the documentation on their github site.

I just looked at a few pages with similar rows and see that you can click on the leftmost wide column (the one with leading ##'s) and it will show additional info and a link to the site which triggered the row. I looked at mine and could not say really what it was telling me... ;)

*** UPDATE ***

After a little more looking, it appears to me that the yellow ones are also blocked, but they are in the third-party lists as opposed to the native uBlock origin lists.

You can see these lists by clicking the top little bar (which gives the uBlock origin version) after clicking the little icon. There you can enable or disable these lists.

Thanks astrogeek. So like in my screenshot. I'm wondering why these things are called "requests"? Like what might quantserve be requesting? (Or any of the requests that it uBlock blocks.) btw I think it's a pretty amazing app. I can't remember the last time I saw even the smallest ad.

Actually it is the other way around - it is your browser making an HTTP request of quantserve. In the example in your screenshot it is requesting a gif image due to some element or script in the page. That request will contain your IP address, browser footprint and possibly cause a separate cookie to be passed, which is all part of what they are after. The gif image filename may even be unique, and certainly is in this case, which gives them further identifying info to correlate your movements around the internet.

So just remember that in this context the requests being blocked are outgoing from your browser and result from page content delivered by the original page request.

And yes, I agree - uBlock Origin works GREAT with no hassles and no mercenary exceptions!

Thanks. Wow. I had no idea. But this kind of makes Firefox seem like the bad guy. Unless is Firefox forced by the site's server to make the request?

And so the privacy is breached when Firefox sends the request. But how does the site get a cookie? So uBlock Origin blocks Firefox's request, so no IP address or browser footprint will be sent to quantserve. (And somehow the cookie is not passed.)

Wow, that's pretty sinister.

Hey, should they 'automatic updates' on the uBlock be set to "default" or "on"? (see screenshot)

Thanks for all the great information!

Well, that is just the nature of the stateless client server model of the internet.

When you click a "page" your browser sends a request to the server at that address. The request includes several pieces of information including the browser identity, IP address, request method, referrer, etc., which together tell the server how to respond.

The server then returns whatever data it has been designed to return for that specific request...

If the returned data is an HTML document, then the browser knows to read through it and identify all separate resources defined in the HTML, images, scripts, stylesheets, more HTML, etc... It must then make a separate HTTP request for each of those before the page can be fully rendered...

With each request and response, the server "can" also include one or more cookies as part of its response. The browser will store the cookie and automatically send it along with any future requests to that server - with every single request for images, scripts, etc., etc...

So the tracking and data mining goons include all manner of things such as scripts, fonts, stylesheets, invisible images, anything that will result in a request and/or pass a cookie, that meets their ends...

That is how the web works, and it works exceedingly well for information interchange between intelligent beings who respect each other. The only sinister part is all the humans who have no respect for others and exploit that mechanism and the various parts such as your browser, in ways that serve their interests at your expense. "They" do not come with an off switch...

...maybe to put it more simply:
you load a web page - you request that web page from a particular domain (let's say linuxquestions.org).
this contains html code that ultimately renders your page.
inside that code can be requests to other resources - some on the same domain (linuxquestions.org), some on another (e.g. cloudflare.com).
the latter ones are the ones that are often suspicious (*) and merit a second look. that is where adblock (or µblock) comes in: it decides (based on a simple list of domains) whether it wants to block this request.
in other words: it assumes that all requests to, say, ads.google.com, are unwanted.

(*) this does not necessarily mean that all code from the same domain is harmless.
html code as such is very limited, but with e.g. the extremely common javascript it is possible to glean much more info from the client.

Thanks astrogeek.

I'm understanding it better.

Questions:

1) Can uBlock Origen block the very first request from Firefox? (The first time I go to a site.)
2) Why would the tracking and data mining goons send multiple things (the stylesheets, images, etc.) when all they really need to track is one cookie?
3) So clearing my browser of cookies is good, but uBlock Origen is better because it doesn't let the cookies onto my browser in the first place, right?
4) My question in post 7 about what to choose (the screenshot)

Thanks ondoho. So it's those subdomains to be really careful of. That's where if you've got NoScript you get a chance to investigate the subdomain before you allow it. Then if you goof up and allow a nasty subdomain, uBlock will block the request anyway, right?

no.
a subdomain is something else (*). what i was talking about are other domains.
apart from that, you are just jumbling things around atm.
i suggest you give it a while to settle, reduce your number of addons to a reasonable amount, and read some wikipedia articles or whatever online documentation you prefer.

(*) if e.g. linuxquestions.org is the domain, something like vip.linuxquestions.org would be a subdomain.

Thanks ondoho. You know, I actually meant other domains. But yeah, I have been reading about it on Wikipedia and elsewhere. I'm understanding it much better.