Strange chrome extension - config.json
-
Hello,
I just noticed, all web pages load XHR request - chrome-extension://jffbochibkahlbbmanpmndnhmeliecah/config.json
It cointains something like this:
[ { "host": "ceskatelevize.cz", "selector": "#ctPlayer1", "capture": true }, { "host": "netflix.com", "selector": "html", "capture": true }, { "host": "nicovideo.jp", "selector": ".PlayerContainer", "capture": true }, { "host": "kvs-demo.com", "selector": "#kt_player", "capture": true }, { "host": "periscope.tv", "selector": ".EventHandler-Layer", "capture": true }, { "host": "pluralsight.com", "selector": ".player-wrapper", "capture": false }, { "host": "primevideo.com", "selector": "#dv-web-player", "capture": true }, { "host": "rutube.ru", "selector": ".video-js", "capture": true }, { "host": "ruv.is", "selector": ".video-js", "capture": true }, { "host": "ted.com", "selector": "html", "capture": false }, { "host": "twitch.tv", "selector": ".persistent-player", "capture": false }, { "host": "vimeo.com", "zIndex": "300", "selector": ".player", "capture": false }, { "host": "yandex.ru", "selector": ".player-container", "capture": true }, { "host": "youtube.com", "zIndex": "10" } ]What is that? I have only 3 extensions, all deactivated and xhr is still here. In incognito window too.
I tried google it but no results.
Thanks
-
Thanks
-
@Gwen-Dragon said in Strange chrome extension - config.json:
@sokoliar That internally for the Picture-in-Picture feature (its config file) which is injected on webpages with video.
but why you have to make this extension hidden? user does not see it in the list, but is able to reveal its presence in dev toolbar.
also why it is working for all websites and pages? it already has a list of sites that should profits of its presence?
vv@griffin ~/Library/Application Support/Vivaldi/Default/Extensions/cjpalhdlnbpafiamejdnhcphjbkeiagm/1.29.2_0 $ grep matches manifest.json "matches": [ "http://*/*", "https://*/*" ], "matches": [ "http://*/*", "https://*/*" ], vv@griffin ~/Library/Application Support/Vivaldi/Default/Extensions/cjpalhdlnbpafiamejdnhcphjbkeiagm/1.29.2_0 $and finally it wants quite a lot of permissions. is it really requires all of that?
vv@griffin ~/Library/Application Support/Vivaldi/Default/Extensions/cjpalhdlnbpafiamejdnhcphjbkeiagm/1.29.2_0 $ grep perm manifest.json "permissions": [ "contextMenus", "privacy", "storage", "tabs", "unlimitedStorage", "webNavigation", "webRequest", "webRequestBlocking", "\u003Call_urls>" ], vv@griffin ~/Library/Application Support/Vivaldi/Default/Extensions/cjpalhdlnbpafiamejdnhcphjbkeiagm/1.29.2_0 $ vim . -
@Gwen-Dragon said in Strange chrome extension - config.json:
@sokoliar That internally for the Picture-in-Picture feature
thing is that subject (meta)extension does multiple features. and PiP is only one of them. another one is ad blocking.. thats why you so many perms...
-
Excusez-moi de relancer le sujet, mais je me demande quand même pourquoi vous avez mis pornhub dans la liste des sites en PiP, ****** ^^'.
English translate (sorry, i don't speak english very well) :
Excuse me to relaunch the subject, but i still wonder why you put pornhub into the PiP sites list, ****** ^^'. I hope i don't make too spelling mistake ^^.PS: periscope.tv n'existe plus, vous pouvez l'enlever
.
periscope.tv doesn't exist yet, so you can remove it .J'
vivaldi !
I vivaldi !
modedit language, stay polite and respectful!
-
I wonder if all these things injected into pages could identify Vivaldi users? I had always assumed that we looked like chrome users, and thus are not too fingerprint able.
-
Re-opening this as I can't find an explanation of what this is.
I'm getting the same, with the same content, on every page (including a blank Google page).What is it about and why is it there?
-
@cry0nics apparently it seems to be an internal extension for playing videos as picture-in-picture? But also it has a bunch of other functions. I'm also pretty confused and would certainly like to know more about it.
-
Seeing the same json request on all page.
-
If you want to get rid of this:
In your browser, go to
Settings... > Privacy > Do Not Track
And UNCHECK "Ask Websites Not to Track Me" -
@hegell said in Strange chrome extension - config.json:
If you want to get rid of this:
In your browser, go to
Settings... > Privacy > Do Not Track
And UNCHECK "Ask Websites Not to Track Me"This just raises even more questions, though. Why is a Do Not Track request handling picture-in-picture or ad blocking? What else is this thing doing?
-
This post is deleted! -
Ppafflick moved this topic from Vivaldi for macOS on -
A bit late to reply, but hopefully someone will find this useful;
This is a legitimate extension which is shipped as part of Vivaldi. This functionality is included as part of a few browsers, though some use a different approach to get the same result. Because it is bundled as part of the browser, it does not show up in the list of user-installed extensions. This is the case for a couple of other extensions too, such as the one that displays PDFs in the browser. However, you can disable it using Vivaldi menu - Settings - Webpages - Picture-in-Picture Button on Videos. (The PDF viewer can be controlled in the same part of the settings.)
The extension is used to display picture-in-picture; it allows a video to be displayed on top of the browser while you are browsing other websites. It is configured to work with a specific set of popular websites that make this possible. When a page loads, the extension injects some scripts. The scripts then fetch the extension's configuration file locally from the extension. This loads not via the network, but by a local file read. Presumably, this is what you are seeing in the developer tools.
Basically, it is harmless and expected behaviour, and it is not something malicious.
