Readit News> Maybe you could also test the Qwant extension?
I did: https://news.ycombinator.com/item?id=43175181
There's really no magic or mystery here. The extension is simply using this API: <https://developer.apple.com/documentation/safariservices/sfs...>
I don't know why it's different for you and me then. I tested Qwant once again and saw not one call to duckduckgo (my default search engine) - now I'm over 100 searches while analysing with proxyman without one leak.
The kagi extension on the other hand leaked all my first 3 searches.
Something must be different.
I have Proxyman and Wireshark. IIRC I used Proxyman also when writing my blog post.
In any case, Little Snitch is not lying and inventing packets. I don't know why you aren't seeing anything, but as I said, it's a race condition, so that can happen, and in any case, I would say that it's a better way to analyze this by adding Little Snitch to your setup.
I quickly downloaded the kagi extension for testing and there I can see the leaking - the Qwant extension still does not leak. Maybe you could also test the Qwant extension?
I just tested with Little Snitch and saw leakage to Google.
It's a race condition, so you might not always see it.
I don't know your setup but in my opinion something like proxyman / mitmproxy or even Wireshark would be the better way to analyse this.
I tested quite often and never saw the leak with Qwant.
All the Safari search engine extensions work the same: https://lapcatsoftware.com/articles/2025/2/2.html
Interesting, something must have changed then - the qwant search extension definitely does not leak the search to the default search engine - I checked myself with Proxyman.
Will this still send your information to Google because the redirect sometimes happens after the search has already been sent? I’m curious because I use a similar Kagi extension and I feel like it’s definitely sending my information to DuckDuckGo which sucks. I wish apple would allow more search options.
Depends on how the extension works probably. Had the issue with some extension but the Qwant extension for example doesn't leak - you can check yourself when capturing the http(s) traffic with something like proxyman.
Cool idea, wanted to try it out but it's not available in my country. Any reason for this? :)
The premise: I wanted truly automatic PiP for multitasking — switch a tab, video keeps playing in a floating window, no clicking required. Safari is the only browser that allows triggering PiP without a user gesture, which is what makes this possible at all.
v2 adds:
- Global on/off toggle in the toolbar (no need to uninstall to pause it)
- Configurable keyboard shortcut (default ⌥P) to manually trigger PiP
- Blacklist / Whitelist mode to control which sites it activates on
Works on YouTube (including PiP on scroll), Netflix, Twitch, Disney+, MAX, Paramount+, Jellyfin and most generic HTML5 players.
GitHub: https://github.com/vordenken/AutoPiP
Free, GPL-3.0, no telemetry.
Happy to answer questions about the Safari extension API quirks I ran into.