Known limitations¶

We list surprising, non-obvious issues and possible privacy shortcomings in version 1.0 of Haketilo.

• Currently, user scripts can only be injected to HTML pages.
• Currently, user scripts under Mozilla-based browsers may fail to run on pages loaded from file:// schema if a CSP rule is embedded in a <meta> tag early in page's HTML.
• On some (Mozilla-based) browsers Haketilo might disrupt XML preview.
• Haketilo doesn't have additional features one could expect from a content blocker:
  • There is currently no option to disable Service Workers while allowing normal scripts to execute.
  • There is currently no option to disable loading of external/third-party fonts, tracking pixels, or other strategies that are used by Google and similar companies to snoop on internet users.
• There is currently no facility to anonymize queries Haketilo makes to its script repositories. This means admin of a Hydrilla instance could theoretically see the sites for which a Haketilo user tried to find custom scripts.
• Haketilo is still missing:
  • UI Translations
  • Accessiblity features
  • Mobile support
• Pages that were open during Haketilo's installation/enabling might break in weird ways (under Mozilla browsers) and Haketilo will not function there properly (all browsers). Reloading each browser tab is the simplest solution to this issue.
• There are almost certainly other bugs.