µBlock, a lean and fast blocker

More of a suggestion than issue. I don't use uBlock Annoyance, but considering other rules included in it, maybe these rules for mobile version of Reddit can be added to hide annoying popups, tho they sometimes change selector name:

www.reddit.com##.XPromoPopup
www.reddit.com##.xPromoChoiceBanner
www.reddit.com##body:style(overflow: auto !important;)

 

Code:

@@||uliza.jp/*/RequestVideoTag.aspx$script,domain=kobe-np.co.jp
||uliza.jp/Player/js/ulizahtml5-google-analytics$script,redirect=noopjs,domain=kobe-np.co.jp

@@||google-analytics.com/ga.js$script,domain=bimi.jorudan.co.jp

Works on my end for two of the sites mentioned and I added them https://github.com/uBlockOrigin/uAssets/commit/686ddd6a915847ecb65cda9d4cebf9dcc3f22459

I can't reproduce the issue at https://www.electriciantalk.com

As a side note I don't intend for this thread to evolve into a "please add filter for site X" free for all because of me posting here.
I think most interested users about this topic would become rather bored.
If possible open problems with filters at the github issue thread.

 

Thanks!

Okay, I also can't reproduce it reliably so maybe the cause is different.

I understand, and that is a reason I picked rules for Reddit only which I believe is very popular. Anyway, I'll create a Github account sooner or later.

 

Nice - thanks for sharing these lists How did you create them? Are you planning to keep them updated?

 

Thanks to you and okiehsch both. It was late and I as tired when I made that post. Apologies for not giving you enough information.

I added what both of you did and it is better, but there are still ads showing up. These guys are really pushing the ads this holiday season!

 

Worth importing either or both to uBO custom lists?
https://hostfiles.frogeye.fr/firstparty-only-trackers-hosts.txt
https://www.orwell1984.today/cname/eulerian.net.txt

Can either of you expand a little on what these actually cover, what are CNAMES?

 

https://medium.com/nextdns/cname-cl...disguise-of-third-party-trackers-195205dc522a
https://github.com/uBlockOrigin/uBlock-issues/issues/780
https://github.com/gorhill/uBlock/commit/3a564c199260a857f3d78d5f12b8c3f1aa85b865

Frogeyes's list is the superior since it's already include these eulerian trackers plus many others, moreover the dev is working to get better sources so you won't have any missing trackers in the future.

additionally and slightly OT brave browser has also plans to block these CNAME trackers

 

I downloaded the freely available cname database provided by rapid7 (the same company thats behind the both open source & commercial versions of metasploit framework) from: https://opendata.rapid7.com/sonar.fdns_v2/

Then uncompressed the gzip compressed file, created simple program with Qtcreator that filtered the timestamp and other stuff out of the uncompressed json file, leaving only left the cname and actual target.

Im a little busy right now but I certainly will update it (and add more) when rapid7 again updates their database next month.

For Linux only:
I can (maybe) also upload squashfs (with xz compression) version of the modified cname database that contains all cnames to my server. If I still have space left on my server. It's size is 1.4 GB compressed.

xz compressed squashfs filesystem has the advantage that you don't need to uncompress it all when reading (it's size would be 8.2GB uncompressed)

You can just mount the filesystem with:

mkdir tmp
mount -o loop cname.sqfs tmp

and then just list the contents with, for example:

cat tmp/cname

 

CNAME is nothing more than an alias to some other name.
They are one of the many different types of DNS records.

Many of you might be even using cnames right now when you type some web address into your browser.

For example, if you type www.wilderssecurity you are actually referring CNAME that points to real target
wilderssecurity.com

Example in Linux with dig command:

dig -t cname www.wilderssecurity.com

; <<>> DiG 9.9.5 <<>> -t cname www.wilderssecurity.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51198
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;www.wilderssecurity.com. IN CNAME

;; ANSWER SECTION:
www.wilderssecurity.com. 65 IN CNAME wilderssecurity.com.

;; Query time: 38 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Fri Dec 13 23:03:25 CET 2019
;; MSG SIZE rcvd: 66

Or, if you prefer much more less verbose version:

dig +short -t cname www.wilderssecurity.com
wilderssecurity.com.
'
If the given name is not cname dig returns nothing

 

I see that frogeyes added some of the missing eulerian trackers from my list

grep 54.36.54.7 /var/log/nginx/localhost.access_log
54.36.54.7 - - [12/Dec/2019:19:13:33 +0100] "GET /cname/eulerian.net_full.txt HTTP/2.0" 200 36509 "-" "curl/7.67.0" "-"
54.36.54.7 - - [12/Dec/2019:23:19:34 +0100] "GET /cname/eulerian.net.txt HTTP/1.1" 200 15895 "-" "Wget/1.20.3 (linux-gnu)" "-"

54.36.54.7 is IP address of hostfiles.frogeye.fr

ping -c3 hostfiles.frogeye.fr
PING rana.frogeye.fr (54.36.54.7) 56(84) bytes of data.
64 bytes from rana.frogeye.fr (54.36.54.7): icmp_seq=1 ttl=53 time=7.89 ms
64 bytes from rana.frogeye.fr (54.36.54.7): icmp_seq=2 ttl=53 time=7.88 ms
64 bytes from rana.frogeye.fr (54.36.54.7): icmp_seq=3 ttl=53 time=11.8 ms

And the timestamp of the updated files is same day that I posted my list (12 Dec):

https://hostfiles.frogeye.fr/

So yeah, it's superior list now


EDIT:

And if anyone wonders why the ping command shows rana.frogeye.fr instead of hostfiles.frogeye.fr ... well it's again because CNAME magic

dig -t cname hostfiles.frogeye.fr

; <<>> DiG 9.9.5 <<>> -t cname hostfiles.frogeye.fr
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42179
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;hostfiles.frogeye.fr. IN CNAME

;; ANSWER SECTION:
hostfiles.frogeye.fr. 3600 IN CNAME rana.frogeye.fr.

;; Query time: 103 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Sat Dec 14 00:04:00 CET 2019
;; MSG SIZE rcvd: 68

 

Thank you @Nanobot & @Stefan Froberg for these lists!

 

So these lists are purely for trackers, nothing ad related then correct?

 

Add this line to My Filter. (ww. is needed even when you visit "9to5mac.com", just copy and paste it!)

Code:

||ww.9to5mac.com/js/aptrk.js

Correct, except sometimes a same domain serves both ads and trackers.

 

Added that to My Filter. Seeing these ads still.

Thanks!!

https://9to5google.com/2019/12/13/google-assistant-routine-widgets-feature-request/

 

I could finally reproduce it and on my end it only appears on Firefox.
Add these, but please double-check if they don't break contents:

Code:

||9to5google.com/wp-content/uploads/sites/*_amz.jpg
##.post-content > div[class^=th]:has(img[src^="https://9to5google.com"])

[EDIT] The second filter is no more needed once okiehsch added his solution to uBlock filter.

 

I can only reproduce if I disable cosmetic filters for that site on my end.

Does adding

Code:

9to5google.com##+js(set, canRunAds, true)

to your filter list work for you?

 

That works on my Firefox (default lists + AGBL), so this site switches contents by detecting ad-blocker?

[EDIT] So this?

Code:

<script>

        // Check if our canRunAds variable is set
        if ( typeof canRunAds === 'undefined' || canRunAds === null ){
            document.body.classList.add( 'enable-fallbacks' );
        }

        (function($){
            $( '.thaebba88a' ).click( function () {
                window.open( $( this ).data( 'thb563e31a' ) );
                return false;
            });

            $(document.body).on('post-load', function(){
                $( '.thaebba88a' ).click( function () {
                    window.open( $( this ).data( 'thb563e31a' ) );
                    return false;
                });
            });
        })(jQuery);
    </script>

 

The site checks if

Code:

https://9to5google.com/wp-content/themes/9to5-2015/assets/js/adsbygoogle.js

is blocked. If it is blocked the site will execute

Code:

// Check if our canRunAds variable is set
if ( typeof canRunAds === 'undefined' || canRunAds === null ){
document.body.classList.add( 'enable-fallbacks' );
}

(function($){
$( '.thaebba88a' ).click( function () {
window.open( $( this ).data( 'thb563e31a' ) );
return false;
});

$(document.body).on('post-load', function(){
$( '.thaebba88a' ).click( function () {
window.open( $( this ).data( 'thb563e31a' ) );
return false;
});
});
})(jQuery);

and reinsert the ad you see.

The filter I mentioned sets canRunAds to true and the site "thinks" that the request was not blocked.

Edit: I did not notice your edit, so part of this reply is redundant.

 

Thx for explanation, now I learned how to use set.js in a real situation, it's always my pleasure to learn new things!
It seems 9to5google.com/wp-content/uploads/sites/4/2017/05/best-usb-c_amz.jpg is loaded regardless, tho not displayed.

 

Yes, it will always load but it will only display if the site thinks that you use an adblocker.

 

+1

 

Still: frogeye 7,323 out of 7,323 but yours still 159 out of 789.

 

Hm, according to Wikipedia it's actually the other way round

So in your example www.wilderssecurity.com is an alias for the CNAME wilderssecurity.com.

 

Thanks, I wasn't aware of that site!

 

Dang...you are right !
My western mind always assumed that the logical way would have been from left to right.