This page lists surprising, non-obvious issues and possible privacy shortcomings of Hydrilla & Haketilo proxy as of version 3.0-beta1. You can read about the limitations of Haketilo browser extension (now in maintenance mode) here.
- The proxy only works with HTTP(s) pages and not for example FTP ones.
- Haketilo doesn't have additional features one could expect from a content blocker, e.g.
- there is currently no option to disable Service Workers while allowing normal scripts to execute and
- there is currently no option to disable loading of external/third-party fonts, tracking pixels or other strategies that are used by Google and similar companies to snoop on internet users.
- There is currently no facility to anonymize queries Haketilo makes to its script repositories. This means admin of a Hydrilla instance could theoretically see the sites for which a Haketilo user downloaded custom scripts.
- Haketilo might still be missing:
- UI Translations
- Accessiblity features
- Mobile support
- Haketilo currently tries to prevent the browser from caching HTTP responses. This is needed to make it function properly on some sites. Unfortunately, this behavior may cause a big performance hit.
- If user's browser gets to cache a page in spite of Haketilo's anti-caching measures, it might later be unable to "pick up" changes in Haketilo configuration that affect the cached page.
- If a user temporarily disables the proxy and continues to use the browser on a page that was modified by Haketilo, page's website might learn a Haketilo-generated token that ought to remain private.
- There are almost certainly other bugs.