Prerequisites

• I verified that this is not a filter issue
  • Filter issues MUST be reported at filter issue tracker
• This is not a support issue or a question
  • Support issues and questions are handled at /r/uBlockOrigin
• I performed a cursory search of the issue tracker to avoid opening a duplicate issue
  • Your issue may already be reported.
• I tried to reproduce the issue when...
  • uBlock Origin is the only extension
  • uBlock Origin with default lists/settings
  • using a new, unmodified browser profile
• I am running the latest version of uBlock Origin
• I checked the documentation to understand that the issue I report is not a normal behavior

Description

It is easily possible to detect the presence of uBlock Origin in chrome by sending requests to chrome-extension://cjpalhdlnbpafiamejdnhcphjbkeiagm/web_accessible_resources/noop.html and measuring how long the request takes.

I don't know what uBlock Origin uses web_accessible_resources for, but if possible, they should be removed.

A specific URL where the issue occurs

POC Source Repo: https://github.com/arxenix/chrome-ublock-detection

direct POC link: https://arxenix.github.io/chrome-ublock-detection/

Steps to Reproduce

see POC link

Expected behavior:

A website should not be able to determine that uBlock origin is installed.

Actual behavior:

A website is able to determine that uBlock origin is installed.

Your environment

• uBlock Origin version: 1.34.0 (latest)
• Browser Name and version: Chrome 90.0.4430.93
• Operating System and version: Windows 20H2 19402.928