MozillaZine

[Ext] uBlock Origin

Announce and Discuss the Latest Theme and Extension Releases.
GHM113
 
Posts: 384
Joined: December 16th, 2015, 3:59 am
Location: Moscow, Russia

Post Posted May 17th, 2017, 8:33 am

ChewInternetExplorer wrote:Bug:—

    Cosmetic filters have stopped working on v1.12.5b2.

I can't reproduce, cosmetic filters work on 1.12.5b2 at least on https://www.overclockers.ru/ in my case. What STR did you use?
I am an idiot. Sorry for my poor English.

delicacy1
 
Posts: 78
Joined: September 28th, 2016, 11:25 am

Post Posted May 17th, 2017, 9:50 am

Ok thanks virtual, thats what i thought, i was wondering why i never received a response in the forum for my question in April the 20th.

mightyglydd

User avatar
 
Posts: 8692
Joined: November 4th, 2006, 7:07 pm
Location: Hollywood Ca.

Post Posted May 17th, 2017, 10:01 am

delicacy1 wrote: i never received a response in the forum for my question in April the 20th.
:-k Because you're asking at the wrong forum ?
https://forum.palemoon.org/index.php
#KeepFightingMichael

ChewInternetExplorer

User avatar
 
Posts: 54
Joined: April 7th, 2011, 10:14 am

Post Posted May 17th, 2017, 11:51 am

GHM113 wrote:
ChewInternetExplorer wrote:Bug:—

    Cosmetic filters have stopped working on v1.12.5b2.

I can't reproduce, cosmetic filters work on 1.12.5b2 at least on https://www.overclockers.ru/ in my case. What STR did you use?

It's 100% reproducible, here — it might be working for you if you disabled Ignore generic cosmetic filters (please enable Ignore generic cosmetic filters to be able to reproduce the bug.)

Not a user of that overclocking site but I just tried overclockers.ru###wrapper which is supposed to hide the entire page — it does, but the cosmetic filter fails once the page is refreshed.

Don't know what you mean by STR — if it's the Firefox version you were referring to:—

  • Nightly 55.0a.1 (date-code — 17th May 2017.)
  • Firefox 54 Beta 8

gorhill
 
Posts: 90
Joined: February 10th, 2015, 8:00 am

Post Posted May 17th, 2017, 2:19 pm

ChewInternetExplorer wrote:Not a user of that overclocking site but I just tried overclockers.ru###wrapper which is supposed to hide the entire page — it does, but the cosmetic filter fails once the page is refreshed.

I could reproduce. I will investigate and fix as soon as possible.

("STR" means "steps to reproduce".)

gorhill
 
Posts: 90
Joined: February 10th, 2015, 8:00 am

Post Posted May 17th, 2017, 2:46 pm

Fixed in 1.12.5b3, available in dev channel on AMO.

GµårÐïåñ

User avatar
 
Posts: 156
Joined: March 26th, 2008, 1:43 pm
Location: Area 51.2

Post Posted May 17th, 2017, 3:08 pm

delicacy1 wrote:Is GµårÐïåñ the author of the addon ?

No I am not. Just know it's author and the development.
Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k

ChewInternetExplorer

User avatar
 
Posts: 54
Joined: April 7th, 2011, 10:14 am

Post Posted May 17th, 2017, 11:12 pm

gorhill wrote:
ChewInternetExplorer wrote:Not a user of that overclocking site but I just tried overclockers.ru###wrapper which is supposed to hide the entire page — it does, but the cosmetic filter fails once the page is refreshed.

I could reproduce. I will investigate and fix as soon as possible.

It's fixed with the latest 1.12.5b3 . Image


gorhill wrote:("STR" means "steps to reproduce".)

Ah, shall remember that one. :)

Peja Stija

User avatar
 
Posts: 505
Joined: June 4th, 2008, 8:46 am
Location: Belgium (proud producer of waffles)

Post Posted May 19th, 2017, 1:01 pm

@gorhill,

This is a feature request, regarding the latest malware news regarding whatsapp.com being replaced by the Cyrillic "version" of the url, more and more malware news pops up that abuses this to infect people, even for a very security-attentive user, this technique is pretty much "free-to-go" without the user noticing anything suspicious, and more and more of those will make their way into the public, most perhaps containing only 1 single Cyrillic char, but it's enough to do its job.

.... so, to get to the point, for us users that *never* visit any Cyrillic char containing url, not even relying on anything 3rd party, could there be an advanced option to block ANY URL that contains 1 or more Cyrillic char(s) please ?

notonymous

User avatar
 
Posts: 135
Joined: November 6th, 2002, 6:57 pm
Location: Beyond the fringe

Post Posted May 19th, 2017, 1:30 pm

Peja Stija wrote:could there be an advanced option to block ANY URL that contains 1 or more Cyrillic char(s) please ?


I think this is already covered by default Fx behaviour. See https://wiki.mozilla.org/IDN_Display_Algorithm

Code: Select all
All characters in each label must be from Common + Inherited + a single script, or from one of the following combinations ... Common + Inherited + Latin + any single other "Recommended" or "Aspirational" script except Cyrillic or Greek

GµårÐïåñ

User avatar
 
Posts: 156
Joined: March 26th, 2008, 1:43 pm
Location: Area 51.2

Post Posted May 19th, 2017, 3:50 pm

Peja Stija wrote:@gorhill,

This is a feature request, regarding the latest malware news regarding whatsapp.com being replaced by the Cyrillic "version" of the url, more and more malware news pops up that abuses this to infect people, even for a very security-attentive user, this technique is pretty much "free-to-go" without the user noticing anything suspicious, and more and more of those will make their way into the public, most perhaps containing only 1 single Cyrillic char, but it's enough to do its job.

.... so, to get to the point, for us users that *never* visit any Cyrillic char containing url, not even relying on anything 3rd party, could there be an advanced option to block ANY URL that contains 1 or more Cyrillic char(s) please ?

I assume you use FX, why not just tell the browser to show you the real address and not the encoded and when it doesn't look the same, you'll know instantly.

set: network.IDN_show_punycode to true and now they won't be able to fool you as you will see the "ugly" address, so you'll know instantly. Now keep in mind, while it might not apply to your usage behavior, there ARE legitimate domains that are encoded this way, not all are evil.

EDIT: Forgot to add, you can also look at: network.IDN.blacklist_chars as a way to add your own custom whatever to avoid, just something to consider.
Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k

Return to Extension/Theme Releases


Who is online

Users browsing this forum: No registered users and 2 guests