MozillaZine

[Ext] uBlock Origin

Announce and Discuss the Latest Theme and Extension Releases.
GHM113

User avatar
 
Posts: 448
Joined: December 16th, 2015, 3:59 am
Location: Moscow, Russia

Post Posted May 17th, 2017, 8:33 am

ChewInternetExplorer wrote:Bug:—

    Cosmetic filters have stopped working on v1.12.5b2.

I can't reproduce, cosmetic filters work on 1.12.5b2 at least on https://www.overclockers.ru/ in my case. What STR did you use?
I am an idiot. Sorry for my poor English.

delicacy1
 
Posts: 94
Joined: September 28th, 2016, 11:25 am

Post Posted May 17th, 2017, 9:50 am

Ok thanks virtual, thats what i thought, i was wondering why i never received a response in the forum for my question in April the 20th.

mightyglydd

User avatar
 
Posts: 8743
Joined: November 4th, 2006, 7:07 pm
Location: Hollywood Ca.

Post Posted May 17th, 2017, 10:01 am

delicacy1 wrote: i never received a response in the forum for my question in April the 20th.
:-k Because you're asking at the wrong forum ?
https://forum.palemoon.org/index.php
#KeepFightingMichael

ChewInternetExplorer

User avatar
 
Posts: 58
Joined: April 7th, 2011, 10:14 am

Post Posted May 17th, 2017, 11:51 am

GHM113 wrote:
ChewInternetExplorer wrote:Bug:—

    Cosmetic filters have stopped working on v1.12.5b2.

I can't reproduce, cosmetic filters work on 1.12.5b2 at least on https://www.overclockers.ru/ in my case. What STR did you use?

It's 100% reproducible, here — it might be working for you if you disabled Ignore generic cosmetic filters (please enable Ignore generic cosmetic filters to be able to reproduce the bug.)

Not a user of that overclocking site but I just tried overclockers.ru###wrapper which is supposed to hide the entire page — it does, but the cosmetic filter fails once the page is refreshed.

Don't know what you mean by STR — if it's the Firefox version you were referring to:—

  • Nightly 55.0a.1 (date-code — 17th May 2017.)
  • Firefox 54 Beta 8

gorhill
 
Posts: 103
Joined: February 10th, 2015, 8:00 am

Post Posted May 17th, 2017, 2:19 pm

ChewInternetExplorer wrote:Not a user of that overclocking site but I just tried overclockers.ru###wrapper which is supposed to hide the entire page — it does, but the cosmetic filter fails once the page is refreshed.

I could reproduce. I will investigate and fix as soon as possible.

("STR" means "steps to reproduce".)

gorhill
 
Posts: 103
Joined: February 10th, 2015, 8:00 am

Post Posted May 17th, 2017, 2:46 pm

Fixed in 1.12.5b3, available in dev channel on AMO.

GµårÐïåñ

User avatar
 
Posts: 164
Joined: March 26th, 2008, 1:43 pm
Location: Area 51.2

Post Posted May 17th, 2017, 3:08 pm

delicacy1 wrote:Is GµårÐïåñ the author of the addon ?

No I am not. Just know it's author and the development.
Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k

ChewInternetExplorer

User avatar
 
Posts: 58
Joined: April 7th, 2011, 10:14 am

Post Posted May 17th, 2017, 11:12 pm

gorhill wrote:
ChewInternetExplorer wrote:Not a user of that overclocking site but I just tried overclockers.ru###wrapper which is supposed to hide the entire page — it does, but the cosmetic filter fails once the page is refreshed.

I could reproduce. I will investigate and fix as soon as possible.

It's fixed with the latest 1.12.5b3 . Image


gorhill wrote:("STR" means "steps to reproduce".)

Ah, shall remember that one. :)

Peja Stija

User avatar
 
Posts: 514
Joined: June 4th, 2008, 8:46 am
Location: Belgium (proud producer of waffles)

Post Posted May 19th, 2017, 1:01 pm

@gorhill,

This is a feature request, regarding the latest malware news regarding whatsapp.com being replaced by the Cyrillic "version" of the url, more and more malware news pops up that abuses this to infect people, even for a very security-attentive user, this technique is pretty much "free-to-go" without the user noticing anything suspicious, and more and more of those will make their way into the public, most perhaps containing only 1 single Cyrillic char, but it's enough to do its job.

.... so, to get to the point, for us users that *never* visit any Cyrillic char containing url, not even relying on anything 3rd party, could there be an advanced option to block ANY URL that contains 1 or more Cyrillic char(s) please ?

notonymous

User avatar
 
Posts: 138
Joined: November 6th, 2002, 6:57 pm
Location: Beyond the fringe

Post Posted May 19th, 2017, 1:30 pm

Peja Stija wrote:could there be an advanced option to block ANY URL that contains 1 or more Cyrillic char(s) please ?


I think this is already covered by default Fx behaviour. See https://wiki.mozilla.org/IDN_Display_Algorithm

Code: Select all
All characters in each label must be from Common + Inherited + a single script, or from one of the following combinations ... Common + Inherited + Latin + any single other "Recommended" or "Aspirational" script except Cyrillic or Greek

GµårÐïåñ

User avatar
 
Posts: 164
Joined: March 26th, 2008, 1:43 pm
Location: Area 51.2

Post Posted May 19th, 2017, 3:50 pm

Peja Stija wrote:@gorhill,

This is a feature request, regarding the latest malware news regarding whatsapp.com being replaced by the Cyrillic "version" of the url, more and more malware news pops up that abuses this to infect people, even for a very security-attentive user, this technique is pretty much "free-to-go" without the user noticing anything suspicious, and more and more of those will make their way into the public, most perhaps containing only 1 single Cyrillic char, but it's enough to do its job.

.... so, to get to the point, for us users that *never* visit any Cyrillic char containing url, not even relying on anything 3rd party, could there be an advanced option to block ANY URL that contains 1 or more Cyrillic char(s) please ?

I assume you use FX, why not just tell the browser to show you the real address and not the encoded and when it doesn't look the same, you'll know instantly.

set: network.IDN_show_punycode to true and now they won't be able to fool you as you will see the "ugly" address, so you'll know instantly. Now keep in mind, while it might not apply to your usage behavior, there ARE legitimate domains that are encoded this way, not all are evil.

EDIT: Forgot to add, you can also look at: network.IDN.blacklist_chars as a way to add your own custom whatever to avoid, just something to consider.
Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k

delicacy1
 
Posts: 94
Joined: September 28th, 2016, 11:25 am

Post Posted June 25th, 2017, 2:12 pm

When people aren't logged i motherless.com
& you're browsing search results, it sends you continuously to:

every 10 to 50 seconds, after having passed the first 2 to 3 pages of search results..

that page is a stupid
"WARNING: You are NOT logged in!"

Anyone has a filter for that ?
Last edited by DanRaisch on June 25th, 2017, 7:32 pm, edited 1 time in total.
Reason: Porn site link removed.

GµårÐïåñ

User avatar
 
Posts: 164
Joined: March 26th, 2008, 1:43 pm
Location: Area 51.2

Post Posted June 25th, 2017, 3:49 pm

delicacy1 wrote:When people aren't logged i motherless.com
& you're browsing search results, it sends you continuously to:

every 10 to 50 seconds, after having passed the first 2 to 3 pages of search results..

that page is a stupid
"WARNING: You are NOT logged in!"

Anyone has a filter for that ?

Try a few things. First and most like, its a timed inline script, so disable inline scripts for it and see if it keeps doing it. If not, that's it, if it is then. Second, disable 3p-frames and/or 3p-scripts and see if that solves it; you can then manually release 3p stuff until you get the full function but no more shenanigans. Good luck.
Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k

delicacy1
 
Posts: 94
Joined: September 28th, 2016, 11:25 am

Post Posted June 25th, 2017, 4:29 pm

I found 1 inline script in the logger, how could i disable it without affecting a single page but any page, moreover, "elle" is a search term, so it should be for any search term:
inline-script

delicacy1
 
Posts: 94
Joined: September 28th, 2016, 11:25 am

Post Posted June 25th, 2017, 4:30 pm

I guess i need to disable inline-scripting
Last edited by DanRaisch on June 25th, 2017, 7:34 pm, edited 1 time in total.
Reason: Porn site link removed

Return to Extension/Theme Releases


Who is online

Users browsing this forum: No registered users and 1 guest