Hi @ll
In the german discord channel, there comes the issue/info, that youtube videos won't play any longer, when the function "Remove HTTP Referrer Header"/ "HTTP Referrer Header entfernen" is enabled!
I've checked that in my environment and I have the exact same issue.
Network tools from the browser tells the following:
Access to XMLHttpRequest at ' https://controlbar.eblocker.org:3443/dashboard/#!/redirect/268223f3-1399-47ca-9b21-34fd1ac49852/youtube.com/youtube.com ' (redirected from ' https://www.youtube.com/api/stats/qoe?fmt=247&afmt=251&cpn=EMbfLY_DfNeSugj6&el=detailpage&ns=yt&fexp=23983296%2C23986032%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219381%2C24255163%2C24289309%2C24292881%2C24292955%2C24396645%2C24407200%2C24415865%2C24416439%2C24416786%2C24426865&cl=492859431&seq=6&docid=tVEdXTaFEdQ&ei=V3WQY-DwF5fM1gKxw4OoCQ&event=streamingstats&feature=g-high-rec&plid=AAXvOwJ9nhG6p4vk&referrer=https%3A%2F%2Fwww.youtube.com%2F&sdetail=p%3A%2F&sourceid=y&cbr=Chrome&cbrver=107.0.0.0&c=WEB&cver=2.20221206.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&bwe=79.416:46833,80.007:46833&bat=79.416:0.97:0,80.007:0.97:0&cmt=79.416:0.000,80.007:0.000&bh=79.416:0.000,80.007:0.000&vps=80.007:B%27 ) from origin ' https://www.youtube.com/ ' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
It was also mentioned, that it is still possible for him to clean the referrer with using a proxy ( eBlocker--->Squid--->Privoxy--->Client) and the videos will play there.
Regards
@calimero There are many websites which stop working properly when Referrers are stripped from the header.
The solution here is simple: do not enable Referrer blocking if you want ad free videos - or live with the ads if one has a strong need for removing the Referrer. Easy 👍
THX!
But that is not a solution.
If you can enable / disable this option for devices and websites, this would higher the privacy a lot 🙂
Because disabling means disabling it for all devices and websites.
And it worked before yesterday.
Regards
But that is not a solution.
Well, there are many problems in the world where there is no solution with eBlocker. World peace, for instance. 😉
If you can enable / disable this option for devices and websites, this would higher the privacy a lot 🙂
Stopping using YouTube will increase privacy a lot - but blocking the referrer will not. It‘s just a nice to have option that makes sense to enable in very rare and specific cases (I am not even aware about).
To quote the documentation ( https://eblocker.org/en/docs/blocker/#15-toc-title ):
Blocking the referrer headers can therefore result in some pages no longer being displayed correctly.
Accept this or don‘t.
THX!
So just for documentation, when others ran into this issue.
-> Disabling "remove http referrer" for the time using youtube and enable it afterwards 🙂
You can mark this as solved
For your background: The referrer removal feature was implemented more than 7 years ago as a proof of concept "what can be done with SSL bumping". At this time eBlocker's advanced (pattern matching) blocking technology was still in development. For the time being it made totally sense to mitigate any obsolete data transfer to trackers - like referrers.
Today, I fully agree with @random that we should rather deprecate this silly feature (same as WebRTC blocking) as it does not make sense any longer. eBlocker blocks 3rd party as well as 1st party trackers very well and there is absolutely no harm / privacy infringement caused by the referrer (as it's not recorded by any tracker anyhow).
So blocking the referrer often only prevents the first party website to work properly - but it's no gain for privacy as eBlocker does it's job very well. I therefore vote to eliminate this feature as it only causes tin foil hat protection but causes a lot of trouble with many websites. Same with WebRTC blocking BTW.
Hope this helps to discuss this issue based on facts - rather than on tin foil hat belief. 😉