Known limitations¶

We list surprising, non-obvious issues and possible privacy shortcomings in version 0.1 of Hachette.

• Hachette currently uses short-lived cookies tp smuggle settings to its content scripts. Although partially worked around using outgoing response filtering and unlikely to happen in practice, cookies might leak and a website owner could use them to learn that a user's browser has Hachette running in it. We are investigating possible solutions.
• Currently, user scripts can only be injected to HTML pages.
• Currently, user scripts under Mozilla-based browsers may fail to run on pages loaded from file:// schema.
• On some (Mozilla-based) browsers Hachette might disrupt XML preview.
• Hachette doesn't have additional features one could expect from a content blocker:
  • There is currently no option to disable Service Workers while allowing normal scripts to execute.
  • There is currently no option to disable loading of external/third-party fonts, tracking pixels, or other strategies that are used by Google and similar companies for snooping on internet users.
• There is currently no facility to anonymize queries Hachette makes to its script repositories. This means a bad admin of a Hydrilla instance could see the sites for which a Hachette user tried to find custom scripts.
• Hachette is still missing:
  • UI Translations
  • Accessiblity features
  • Mobile support
• There are almost certainly bugs.