Links

• Focus Control on Chrome Web Store - https://chromewebstore.google.com
• GitHub Repo - https://github.com/mykytaso/focus-control

About the project

By the end of the workday, it becomes harder to stay focused, and the brain starts looking for a hit of dopamine. To reduce distractions, I usually put my phone in another room, but it’s still easy to fall down an online rabbit hole in a browser.

To solve this, I built Focus Control - a simple Google Chrome extension that blocks distracting websites and adds just enough friction between me and quick dopamine hits, giving my brain a moment to pause and reconsider its decisions.

While there are many similar extensions available in the Chrome Web Store, they are either paid or require sensitive permissions, making them difficult to fully trust.

Key points

• Completely open-source project
• Does NOT collect or transmit any user data

  

Service Worker Bypass Problem (x.com and other sites that use Service Workers)

Context

My initial idea was to block sites using only Chrome's Declarative Net Request rules.

DNR rules operate at the network request level. Chrome checks each outgoing request against registered rules and applies redirect/block actions before the request reaches the server. 

However, some modern web apps, like x.com, register Service Workers in the browser.

A Service Worker is a script that sits between the web page and the network. Once installed, it can intercept navigation requests (via its fetch event handler) and serve responses directly from its cache - without making any network request at all.

This creates a blind spot for DNR.

When a user has previously visited x.com, the site's Service Worker gets installed and cached in the browser. On subsequent visits, the Service Worker handles the navigation internally, returning cached HTML/JS without triggering a network request. Since DNR only operates on network requests, the blocking rule never fires, and the site loads normally despite being on the blocklist.

Solution

When a domain is added to the blocklist, the extension clears the site's Service Workers using the chrome.browsingData API:

// Clear service workers for the blocked domain
await chrome.browsingData.remove(  
  { origins: [`https://${domain}`, `http://${domain}`] },  
  { serviceWorkers: true }  
);

Unfortunately, this requires the browsingData permission, but by removing the Service Worker at the moment the domain is blocked, the next navigation to that site must go through the network, where DNR intercepts it and redirects to the blocked page. The Service Worker can never re-register because the user never reaches the site again (every attempt is redirected by DNR).