Skip to content

Handoff: M2b YouTube Ad Blocking

Date: 2026-07-11 Status: Implemented on rebuild, pending review

Scope

Added a pure recursive player-response pruner; Firefox MV2 response filtering for InnerTube player and next requests; a static allowlisted MAIN-world scriptlet baseline; a bundled-only rescue-config loader; best-effort blocker coexistence; an instant adBlockEnabled setting; popup/options controls; unit coverage; and packaged-extension bench assertions for enabled and disabled behavior.

Safety

The background retains the complete original response bytes before attempting UTF-8 decoding, parsing, pruning, or serialization. Every failure path writes the original bytes where the response channel remains available. The pure pruner returns malformed input unchanged. Scriptlet operations are compiled allowlist variants, run independently, and never accept remote source, arbitrary paths, URLs, or operation names.

Coexistence

MAIN-world scriptlets are skipped when JSON.parse or JSON.stringify appears already wrapped. This is deliberately documented as a best-effort heuristic, not reliable uBlock Origin detection: isolated extension internals are not observable, wrappers may be transparent, and unrelated page code can wrap the same functions. Network response pruning remains independent.

Rescue-config and AMO

loadRescueConfig returns only the frozen baseline shipped in the extension. There is no outbound rescue-config fetch and no remote code. Remote signed declarative rescue-config remains intentionally deferred until after the S5 AMO policy preflight.

Inline player-response bug fix

Normal video playback still consumed ad descriptors from the watch page's inline window.ytInitialPlayerResponse, which never passes through the background response filter. The MAIN-world bundled baseline now installs a reversible accessor for that global and a surgical JSON.parse wrapper. Both paths prune only parsed player responses that expose streamingData or playabilityStatus and contain a known ad key. Inspection and cleanup fail open, and the existing network response filter remains in place for SPA player requests.

Testing

Unit tests import the real string and parsed-value pruners and cover every target key, recursive objects and arrays, in-place mutation, playback-field preservation, malformed JSON, primitive JSON, and no-change identity. The integration bench uses the packaged Firefox extension and proves the fixture page receives no network or inline adPlacements/playerAds under defaults, while both remain present in no-extension and ad-block-disabled controls. Release gates cover strict types, zero-warning lint, the forbidden gate-weakener scan, real-source coverage, packaged Firefox integration, MV2 build, and production manifest scope.