Providing Free and Editor Tested Software Downloads

MajorGeeks.com - We put the eek back in Geek.
MajorGeeks.Com » Overview» Editorials » Manifest V3, Ad Blockers, Extensions and What You Should Know

Manifest V3, Ad Blockers, Extensions and What You Should Know

By Corporal Punishment
Google Chrome and chromium-based browsers have been the browsers of choice for many years, thanks in no small part to their robust ecosystem of extensions. However, changes are on the horizon that could shake up how we interact with these handy tools. The culprit? Manifest V3 is a significant update to the Chrome extension platform that will phase out the existing Manifest V2, and it's something you should have on your radar. The Manifest V3 changes will affect all Chromium-based browsers, not just Google Chrome. Browsers like Microsoft Edge, Opera, Brave, and others that are built on the Chromium engine will also need to transition from Manifest V2 to V3.

What is Manifest V3?
Manifest V3 is the latest version of the API (Application Programming Interface) that governs how Chrome extensions operate. It's a big shift from Manifest V2, which has been around since 2012. The new version is designed with a focus on privacy, security, and performance, aiming to reduce the potential for abuse by malicious extensions. Sounds good, right? Well, yes and no.

Key Differences Between Manifest v2 and Manifest v3

Permissions and Security: Manifest V3 introduces stricter permission controls. Extensions now have to declare what they need access to, which reduces the chance of them abusing permissions to steal data or inject malicious scripts. This is great for security but can limit what some useful extensions can do.

Background Scripts: One of the biggest changes is the replacement of persistent background scripts with service workers. Service workers only run when needed, which reduces resource usage and enhances performance. However, this can limit the functionality of some extensions that rely on always being active in the background.

WebRequest API: Manifest V2's powerful webRequest API allowed extensions like uBlock Origin to block network requests before they reached the browser. The webRequest API can be abused by malicious extensions to intercept, modify, or block network requests. This capability allows attackers to inject malicious scripts, steal sensitive data, or redirect users to phishing sites. For example, an extension could alter the content of a webpage or silently block security updates, compromising the user's browsing experience and security. This potential for abuse is one of the reasons Manifest V3 replaces this with the declarativeNetRequest API, which is less flexible and more restrictive. This restriction will significantly impact the effectiveness of ad blockers and privacy extensions.

Remote Code: Manifest V3 prohibits the use of remotely hosted code, requiring all code to be packaged with the extension. This change prevents extensions from dynamically pulling in new code, a tactic sometimes used by malicious developers, but it also limits legitimate developers who want to update their extensions more fluidly.

Depreciated Features from Manifest V2

webRequest Blocking: The ability to block network requests in real-time is significantly limited. Extensions now must use the more restricted declarativeNetRequest API, which doesn't allow for the same level of dynamic control.

Persistent Background Pages: These are being replaced with service workers, which are less resource-intensive but can't perform ongoing tasks that some extensions need.

Remote Code Execution: Extensions can no longer load scripts from remote servers, which limits the flexibility of dynamically updating or modifying code.

Scriptable Content: Extensions that rely on dynamically altering web content through scripts will face restrictions, potentially reducing their effectiveness.

The Timeline for Deprecation of Manifest V2

The phasing out of Manifest 2 has been going on for some time, but people are just noticing because of recent warnings about how they manage their extensions. But really, no, those who can update their extension have updated it.

  • June 2022: Chrome Web Store stopped accepting new Manifest V2 extensions set to "Private."
  • January 2022: No new public/unlisted Manifest V2 extensions accepted; changing visibility from "Private" to "Public" or "Unlisted" was removed.
    January 2024: Gradual disabling of Manifest V2 extensions begins.
  • June 2024: Manifest V2 phase-out begins. Warning banners appear in Chrome Beta, Dev, and Canary channels. Extensions with the "Featured" badge lose it if still using V2.
  • June 2025: Enterprises using the ExtensionManifestV2Availability policy have until June 2025 to migrate to Manifest V3.

    Big Names Affected by Manifest V3 Changes

    Several popular extensions will be affected by this shift. Extensions like uBlock Origin, NoScript have all heavily relied on features available in Manifest V2. Even Google dictionary will be depreciate.



    While some, like uBlock Origin, are developing Ublock Origin 'Lite' versions that comply with V3, these often come with reduced functionality, particularly in the realm of ad-blocking and script management.

    But have no fear, the MajorGeeks yToggle YouTube ad blocker is 100% Manifest 3, so it still works great.

    Why is Google Doing This?
    Google's push for Manifest V3 is rooted in enhancing security and privacy for users. By tightening permissions and restricting the capabilities of extensions, Google aims to minimize the risk of malicious extensions that could steal data or hijack browsing sessions.

    There are tons of examples of abuse, but if I had to pick the worst of the worst --- The Hola VPN extension was found to be exploiting its users by turning their devices into exit nodes for a peer-to-peer network, which was then monetized through a service called Luminati. This practice effectively allowed Hola to sell users' bandwidth without their explicit consent, raising significant privacy and security concerns. The abuse was made possible due to the broad permissions allowed under Manifest V2, which allowed the exploit.

    However, this change reduces the power and flexibility of legitimate extensions, especially those designed to enhance privacy and block ads. This is where many people have an argument. EFF started sounding the alarms back in 2011.

    What Should You Do?
    Review your installed extensions and check if they've been updated to Manifest V3. If not, you will see a warning, and you may need to find an alternative if the author no longer supports or cannot support manifest 3.

    If certain extensions are critical to your workflow and don't perform well under Manifest V3, consider switching to browsers like Firefox or Tor, which may continue supporting similar functionalities.


    As mentioned above, the official drop dead date for enterprise is June 2025 -- so with a few registry tweaks you can extend the life of your manifest v2 extension. Fortunately for you, we made it easy and wrote the scripts for you without Enable Manifest Version 2 Policy scripts.

    Final Thoughts
    The transition from Manifest V2 to V3 in Chrome extensions will significantly impact functionality, especially for privacy tools, which will lose some of their capabilities. However, this shift will enhance security by limiting the permissions that extensions can request and preventing the execution of remote code -- which seems like a solid trade-off when you think of the entire ecosystem. Additionally, performance improvements are expected as V3 replaces persistent background processes with service workers, leading to better resource management and faster browsing experiences.

    comments powered by Disqus



    • © 2000-2025 MajorGeeks.com
    Powered by Contentteller® Business Edition