Why did they decide to host it on a random Russian git service lol
this post was submitted on 02 Aug 2025
114 points (91.9% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
63199 readers
209 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
🏴☠️ Other communities
FUCK ADOBE!
Torrenting/P2P:
- !seedboxes@lemmy.dbzer0.com
- !trackers@lemmy.dbzer0.com
- !qbittorrent@lemmy.dbzer0.com
- !libretorrent@lemmy.dbzer0.com
- !soulseek@lemmy.dbzer0.com
Gaming:
- !steamdeckpirates@lemmy.dbzer0.com
- !newyuzupiracy@lemmy.dbzer0.com
- !switchpirates@lemmy.dbzer0.com
- !3dspiracy@lemmy.dbzer0.com
- !retropirates@lemmy.dbzer0.com
💰 Please help cover server costs.
 |
 |
|---|---|
| Ko-fi | Liberapay |
founded 2 years ago
MODERATORS
The repo was on GitHub and mirrored on Gitlab for years. Then it got DCMA’d and went to codeberg and got DCMA’d again. Now it’s on gitflic because the Russians dgaf about American copyright law or IP law in general.
tor mirror when?
That should be first sentance in README so people know it works.
their repo got deleted from github and codeberg iirc
So it must work!
I've been using it for years. It works quite well. Sometimes it will break on a website until it gets an update. It gets updated fairly frequently though.
Because they've had takedown requests sent to Firefox, then Gitlab, then Github.
Give me a minute to find my post about this from before with sources to prove this as well as links to the internet archive to show it's true. It continues to surprise me this is questioned in a piracy forum when the whole reason it got taken down was due to copyright related takedown requests.
EDIT: here it is: https://lemmy.blahaj.zone/post/26853791/14683087
Reproduced comment follows:
Magnolia's Twitter Account: https://x.com/Magnolia1234B
Nitter Link: https://nitter.tiekoetter.com/Magnolia1234B
Wikipedia: https://en.wikipedia.org/wiki/Bypass_Paywalls_Clean
It used to be on the official Firefox Extensions repository until DMCA takedown notices made them take it down.
It used to be on gitlab until DMCA takedown notices made them take it down.
It used to be on github until DMCA takedown notices made them take it down.
It moved to gitflic.ru not because it's sketchy, but because of copyright enforcement.
It's kind of like sci-hub, in a way, it can only actually survive in a country that doesn't respect the US copyright cabal.
That being said, I've never audited the code, but it's open source (MIT-license) and signed by Mozilla as noted on its gitflic page:
PS although the add-on was removed from Mozilla’s add-on store (AMO) (because of DMCA Takedown Notice) it’s still signed and manually checked for security by Mozilla (hence the delay in signing).
Because why not.
Maybe the developers are Russian + Github as a default from the "war crimes™"-country isn't good either
I was doing some investigating of various browser telemetry using android pcap log. I noticed that on any browser I install bypass paywall plus there is a call to gitflic.ru when viewing a page even when it's not on the list of processed websites in the extension. I can't tell the contents as it's https. Considering this extension and developer have been around for a long time I've no reason to suspect the extension but I'm wondering why the connection? I doubt it's checking for updates as it does it often when viewing any page. Any thoughts from anyone? I'm not trying to run down the app at all, I think it's really good, just wondering why the connection.
I took a cursory glance through the source code (for the Firefox version, at least), and I'm not seeing any calls to the gitflic.ru URL outside of the update functions (there appear to be two different places where these might be triggered) and one function for importing custom sites:
// Import custom sites from local/online
function import_url_options(e, online) {
let url = '/custom/sites_custom.json';
if (online)
url = 'https://gitflic.ru/project/magnolia1234/bpc_updates/blob/raw?file=sites_custom.json' + '&rel=' + randomInt(100000);
try {
fetch(url)
.then(response => {
if (response.ok) {
response.text().then(result => {
import_json(result);
})
}
});
} catch (err) {
console.log(err);
}
}
I noticed in the manifest.json, there is the optional permissions array:
"optional_permissions": [ "*://*/*" ],
Which seems to grant the extension access to all URLs, so maybe that's why the HTTP request is able to fire on any given website rather than just the ones explicitly defined in the regular permissions array. Though this is speculation on my part; I've only ever written one or two complex Firefox extensions. I'm not sure if the "optional permissions" array can be declined upon installation (or configured in the extension settings after installation); perhaps access to the wildcard URL can be revoked so that this update call isn't occurring constantly.
All looks okay to me, but this was a very quick audit.
Ok, it does look like it's checking for list updates, just more often.l than I expected. I went into the settings and disabled as below and the calls stop. So all good!
"check update opt-in Check for update of version (on startup and when opening options): check update enabled: NO"
Many thanks for checking this. When I used the following setting in the extension I didn't see any further calls.
"check update opt-in Check for update of version (on startup and when opening options): check update enabled: NO"
Shady Russian link? Can’t get it to load
Switch ISP bro.
In case if u have reading disability - they got kicked out from all western platforms by shady capitalist lobbyists.
Have fun funding those pricks.
Can I fork this in Microsoft’s GitHub without getting into trouble?
It was in GitHub, then got dmca taken down. Then it was in gitlab and gotten taken down as well.
Thanks for clarifying
Yes. Until you do. Then no.