Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

$redirect modifier does not fake Response.prototype.url #2278

Open
piquark6046 opened this issue Jan 27, 2023 · 4 comments
Open

$redirect modifier does not fake Response.prototype.url #2278

piquark6046 opened this issue Jan 27, 2023 · 4 comments
Assignees
@maximtop
Labels
Bug Firefox Priority: P4

Comments

@piquark6046
Copy link
Member

piquark6046 commented Jan 27, 2023
edited
Loading

AdGuard Extension version

4.1.53

Browser version

Mozilla Firefox Developer Edition 110.0b6; Brave 1.47.186

OS version

Ubuntu 22.10

What filters do you have enabled?

AdGuard Base filter, AdGuard German filter, AdGuard Tracking Protection filter, AdGuard URL Tracking filter, List-KR

What Stealth Mode options do you have enabled?

No response

Issue Details

Response.prototype.url returns (Browser Extension)://(UUID)/web-accessible-resources/redirects/googlesyndication-adsbygoogle.js?secret=... if ||pagead2.googlesyndication.com/pagead/js/adsbygoogle.js$redirect=googlesyndication-adsbygoogle rule is applied.

A website can profile a visitor with the browser extension's UUID.
uBlock Origin 1.46.0 is not affected by this issue.

Expected Behavior

Response.prototype.url returns https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js.

Screenshots

No response

Additional Information

async function detectAdblock() {
    try{
        var googlead = 'https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js';
        var response = await fetch(googlead);
        var result = await response.text();
        if (result.length < 1000) {
            console.log("Adblock detected! response length is " + result.length + " but it should be larger than 1.000" );
        }
        if (response.url != googlead) {
            console.log("Adblock detected! response URL is " + response.url + " but it should be " + googlead);
        }
    }catch(e){
        console.log("Adblock detected! The request got blocked");
    }finally{
        // Unbreak the site when the script got executed
    }
  }
detectAdblock();

The above test code is provided by @JobcenterTycoon.
piquark6046 added a commit to List-KR/List-KR that referenced this issue Jan 27, 2023
@piquark6046
FIx AdGguard browser extension bug temporally
f65424e 
AdguardTeam/AdguardBrowserExtension#2278
@adguard-bot adguard-bot assigned maximtop and unassigned mozartinio Jan 30, 2023
@ameshkov
Copy link
Member

ameshkov commented Feb 1, 2023

Check out this demo page as well:
https://adblock-testing.glitch.me/

@krystian3w

This comment was marked as resolved.

Sign in to view
@JobcenterTycoon
Copy link

JobcenterTycoon commented Feb 26, 2023
edited
Loading

Fixed the footer now.

@piquark6046 piquark6046 mentioned this issue Mar 5, 2023
Open
@adguard-bot adguard-bot assigned 105th and maximtop and unassigned maximtop and 105th Mar 6, 2023
JobcenterTycoon referenced this issue in uBlockOrigin/uAssets Aug 14, 2023
@gorhill
Address https://twitter.com/gorhill/status/1583581072197312512
cf9f577 
Unfortunately, the flawed conclusions people are reaching because of
this flawed tool are all over the place, including some spamming results
from this pointless tools in uBO's own thread on Wilders Security despite
advises to refrain from using the tool to evaluate content blockers.
@maximtop
Copy link
Contributor

We have tried to fix this issue using base64 URLs, but in cases where a website has strict CSP policies, errors occur, and the redirect is not applied at all. An example of such problems can be seen here: #2913.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@maximtop maximtop

Labels
Bug Firefox Priority: P4
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
9 participants
@ameshkov @105th @maximtop @adguard-bot @krystian3w @JobcenterTycoon @stanislav-atr @piquark6046 @mozartinio