My questions are:

  • Does the DuckDuckGo Firefox extension “Privacy Essentials” add a local css file to every visited site?
  • Can others reproduce this?
  • Is this harmfull or not?

Background:

I have a simple static one page site with just one html and css file. It’s completely tracker free. Debugging it a bit with developer mode (F12) on I discovered a second css file. This file isnt on my webserver but added local. To pinpoint what caused this I removed every add-on / extension in my browser one by one, reloading and checking my website every time. Took me a while because didnt expect this one causing it.

To reproduce:

  • Install the extension from the link.
  • Open a random site
  • Check in developer mode the tab Style editor.
  • Scroll and look for a file named %3Ais(%5Bid*%3D’google_ads_iframe’%5D%.css or something like that.
  • Remove the extension and refresh.
  • Check if the file disappears.

Content of the css file: :is([id*=‘google_ads_iframe’], [id*=‘taboola-’], .taboolaHeight, .taboola-placeholder, #credential_picker_container, #credentials-picker-container, #credential_picker_iframe, [id*=‘google-one-tap-iframe’], #google-one-tap-popup-container, .google-one-tap-modal-div, #amp_floatingAdDiv, #ez-content-blocker-container) { display:none!important; min-height:0!important; height:0!important; }

Edit 25-03-2024: Changed title to not give the wrong impression. See comments below.