Tiny Google Chrome extension demonstrating how to bypass paywalls implementing the Google's First Click Free Program for Web Search.
This extension is meant for educational and research purposes ONLY. Do NOT attempt to violate the law with it. Using this extension, you accept that you are going to use it for educational and research purposes ONLY.
-
Download & unpack the extension files somewhere in your computer.
-
Replace occurrences of
example.cominmanifest.jsonandbackground.jsfiles by the domain name of the paywalled site implementing Google's FCF policy (e.g.ft.com,nytimes.com, etc.). -
Visit chrome://extensions in your browser.
-
Ensure that the Developer mode checkbox in the top right-hand corner is checked.
-
Click Load unpacked extension... to pop up a file-selection dialog.
-
Navigate to the directory where the extension files live, and select it.
-
Start browsing the paywalled site.
Alternatively, you can simply drag and drop the directory where the extension files live onto chrome://extensions in your browser to load it.
The extension simply (1) intercepts every outgoing HTTP request to ft.com; (2) removes Referrer and Cookie HTTP headers; and (3) sets a fake HTTP referrer that will bypass the access control layer at ft.com thanks to the Google's First Click Free Program for Web Search.
Please, check the source code for extra information and alternative implementations.
This extension is a trivial PoC of how any paywalling logic based on client side state (including slightly more sophisticated anonymous access control solutions based on browser fingerprinting or persistent cookies) are easily breakable with a browser extension intercepting HTTP requests.
Want to know more about high performance paywalls? Please, contact Allenta Consulting, the Varnish Software integration partner for Spain and Portugal.