-
Notifications
You must be signed in to change notification settings - Fork 523
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Request Control Filters #149
Comments
NOTE: ga_ stuff might need XHR type also Pattern: Any URL |
Redirect to URL without REF tracking: Pattern: Any URL |
Remove the crap and possible tracking over URL manipulation after images and CSS: Pattern scheme: http/https UPDATE: Added Types: Document, Embedded document Samples:
BRAINING: maybe there is same method to be added also for Font and Media types... will see. |
UPDATE: Use "Skip Redirect" from AMO... its way better. Pattern scheme: http/https |
Funny... I have to look into it too. |
Hah... resolved, done. |
UPDATE: import/export is done. @Thorin-Oakenpants - if you wish to clean the thread, you can delete my last 3 posts (including this one) and your "didn't work" too, since its resolved. Cheers |
Here some Google's Urchin Tracking Modules that aren't listed in Trim URL Parameters list:
Also, url-tracking-stripper has a few more for other trackers:
|
Thanks @crssi !! 👍 a couple nits if you don't mind...
to give you an example, this is what I came up with for a bing-redirect:
and even then, I'm sure I missed something - regexes are almost impossible to get right another one from my small collection:
|
You are right. Need to rethink the REF one, it was fishy to me also and I don't like it at all.... will put a "Under construction" note on that post. The ga_ stuff, should we separate into another filter extended with XHR or just enable the XHR on the current one. I will enable here now and see if I will get any breakage... will also put a note in that post. I have another "nasty" one, which could replace "Skip Redirect" extension, but it is also fishy... for now I am using Redirector, since I can use regex (not that I like it, but can't see better way. I can place the nasty one in another post together with the Redirector approach for your critics? |
nope
IDK, you tell me :) I'll try it someday. My way too complex bing regex is probably not necessary. It looks like the addon strips additional parameters automatically. I'll try to come up with a simpler solution |
I already edited my post dude - chillax mate :) |
Redirector has some problems, when clicking URL from external program it doesn't always work as intended. |
@Thorin-Oakenpants do you have any sample for ga_ stuff, so I can dig in? |
does not cover @Thorin-Oakenpants sample: http://foo.bar/redirect?href=bar.foo/index.html |
UPDATE: Use "Skip Redirect" from AMO... its way better. It consists 2 filter rules. Pattern: Any URL Pattern scheme: http/https Samples: www.google.com/chrome/?i-would-rather-use-firefox=http%3A%2F%2Fwww.mozilla.org/ Currently broken login pages |
Crap... at least "path" definition is case sensitive. I have placed an issue about that. UPDATE: Case sensitive "bug" is actually "deal breaker" until corrected. Shame, started to love this one. :( |
👎 Redirector always loads the unmodified address. Maybe we should add Request Control to Appendix B: Firefox-Add-ons? |
^^ Ahh, this now perfectly explains my observation about Redirector and what I didn't like about it. |
@crssi wrote:
any site that uses GoogleAnalytics, fe ghacks. GA should already be blocked by uBO or uMatrix or whatnot and I'm not sure we really need a filter for that stuff. earthlng wrote
Yeah, it doesn't, at least not for "Action: Redirect". Redirector doesn't make it easier either.
... pick whichever format you prefer. edit: fuck! the edit2: please try to break this one y'all ;) |
I would stay away from generic ones if you care about efficiency and no breakage.
Redirector
Redirector's author said the addon is in "maintenance mode" and he won't add new features. RC does some "magic" in the background which is great (and seems to work) but not very transparent. edit: Redirector allows/requires to order the rules but idk how useful that is. It probably makes it more complicated if you have a lot of rules |
This appears to be breaking some internal Amazon links (such as "Warehouse Deals" for example), With regard to this, how exactly are these "2" filter rules applied ? This stuff gives me a headache at the best of times - intriguing stuff though ! |
OT: @Thorin-Oakenpants Good to know, looks like im not John Cena! |
FYI atm there's a bug that a redirected Document still gets added to the history. However the request doesn't touch the network. (that was fixed in 54 and also backported to ESR here) |
The |
Try whitelisting |
Will keep eye on this addon, since it has a lot of potential, but will hold until case insesitive isn't sorted out. |
@GitCurious REF is tricky and WILL make breakage. |
There are also some other issues. I have placed an Issue on RC github. |
Sure you can. Its just a JSON. |
Damn cool... how do you do that? |
Ah, ok, I see now... thx :) |
@crssi Google has |
Thank you @Atavic. Will take a look into in the next days |
For redirect skipping RC is no match to Skip Redirect (WE), especially now where author implemented same domain detection... see sblask-webextensions/webextension-skip-redirect#30 I will not try to mimic the same functionality on RC anymore. For basic tracking removal the Link Cleaner does a nice job, but RC can be used as a supplement for more advanced rules or for additional tracking options removal that are not covered in LC. |
@ghacksuserjs from RemoveGoogleTracking:
Apparently related to screen fingerprint. |
@Atavic Observation: From what I see on the source code of RemoveGoogleTracking, its more complex than just to remove those parameters. |
@Thorin-Oakenpants |
example to skip youtu.be: example url: https://youtu.be/nqbUkThGlCo Request Control supports direct access to named parameters |
As detailed in arkenfox/user.js#149 (comment) Co-authored-by: crssi <[email protected]>
As detailed in arkenfox/user.js#149 (comment) Co-authored-by: crssi <[email protected]>
As detailed in arkenfox/user.js#149 (comment) Co-authored-by: crssi <[email protected]>
* Upgrade the default rules Add rules for GMX, DuckDuckGo, Tumblr, YouTube, Amazon and Bing, and replicate functionality of Neat URL webextension at Smile4ever/Neat-URL * Import rule from 0x01h/gif-tracking-protection Co-authored-by: Geeknik Labs <[email protected]> * Upgrade GIF filter to general image filter Now filters JPG, PNG, GIF and WEBP. It's also based in regular expressions, to filter URLs with different capitalizations (http://bad.site/TRACKER.GIF?id=666) and to register less false positives (http://good.site/giftrackingcounter?lang=en) Co-authored-by: crssi <[email protected]> * Revamp parameter trimming in images Every request for an image is filtered now, regardless of name or file format. Exemptions for common crop and size parameters, and special rules for particular sites (Facebook, Instagram, WhatsApp) have been added. Co-authored-by: crssi <[email protected]> Co-authored-by: Geeknik Labs <[email protected]> * Tweak image URL trimming and add Google Street View exception Also some optional whitelist rules to restore functionality in YouTube. * Add more terms to the blacklist of general parameter trimming As detailed in arkenfox/user.js#149 (comment) Co-authored-by: crssi <[email protected]> * Tweak URL parameter trimming in images Add exemptions for: - embedded interactive Google Maps in 3rd-party sites, - any kind of image shown in DuckDuckGo search results, - and map and aerial view tilesets following WMS and WMTS standards (like one would find while editing OpenStreetMap). * Unblock cas shown when registering a WikiMedia account by whitelisting two innocuous URL parameters: `title` and `wpCaptchaId`. * Tweak filter tracking parameters rule: exempt common parameters found in websites that use IDs for the picture, instead of static paths (as found in region government page www.xunta.gal). * Unblock Reddit pictures They can be later targeted by a different rule if necessary. * Add more image parameters to the whitelist Trimming any of these parameters blocks captchas when creating an email account at Microsoft * Whitelist name parameter Some webpages (mis)use it for size selection, and some pictures in Twitter don't load without this. * Remove two duplicate filters * Add whitelist rules for several sites - Dafont (font shopping and typesetting tests) - Fontstruct (idem) - Fontshop (idem) - SignBank (transcription of sign languages) * More exceptions for well-known sites GMX Mailbox makes extensive use of the SID parameter and will not work otherwise. It will refuse to load importart content or enter a redirection loop. The other rules are for Reddit, maps in Facebook, Google-based embedded maps, and the Ubuntu wiki. * Innocuous image parameters to whitelist Seen in https://incubator.wikimedia.org/wiki/Wp/ase/AS10002S1f548M519x514S1f548481x490S10002489x487_AS1f550S15a37S20e00S26502M531x512S15a37501x488S1f550507x495S20e00487x499S26502469x498 but might appear in typesetting pages and custom banner pages, too. * More general-purpose changes - Add more whitelisted URL parameters to the general image filter, in particular, PHP parameters used by Oracle's Site-Satellite cache. - Improve support for maps embedded in Facebook. - Trim unnecessary URL parameters in embedded Google maps. * Clearer and louder whitelist rules Most whitelist rules are now separate from the general image filter. They're also logged by default. The URL exclusion in the general image filter is best used for requests that will be processed by another filter. * IMPORTANT CHANGES - Whitelist rules completely reworked: they're no longer baked into the filter rules, and are now more specific, easily disabled, and more helpful (they are also always logged): * GMX web client whitelisted (uses `sid` parameter); * DuckDuckGo whitelisted (helpful, and built with privacy in mind); * CAPTCHAs are logged as a whitelist rule now, ensuring no parameters are removed when creating a new account; * user avatars and user karmas are a logged whitelist rule now for similar reasons; * Reddit external previews are whitelisted by necessity; * Youtube seekbar and thumbnail previews are folded into a single whitelist filter now. - New filter to anonymize Reddit's banner and community images. - New filter to avoid image downsamplers: when enabled, retrieves the original picture from the original domain. Can be disabled. - New filter for cdn.embedly.com (an unnecessary wrapper for embedding videos seen, by instance, in the site Know Your Meme) - Google Street View filter disabled by default as it breaks Street View in Firefox ESR (works correctly in the most current desktop Firefox). - Redundant filter deleted (for URL paramater `fbclid`). - General image filter tweaked: * whitelisted parameters for a couple systems of signed URLs, like Amazon's (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-urls.html) and Facebook's (several URL parameters beginning with `_nc_`); * whitelisted innocuous parameters that don't break webpages, but result in a much longer log, like `*style`, `version`, `preview` and `i10c` (this last one is used for downsampling user avatars); * removed `url` from the whitelist (it will break some image in some random website but it is NOT worth it); * removed `wpCaptchaId` and `userid` as they are covered by the whitelist rules for user avatars and CAPTCHAs now. * Improvements for VK, LinkedIn, and Facebook and others - Some site-specific anti-redirector filters were merged into a generic one. This new filter is effective against social network VK's redirector. - Tags are now more descriptive and unique for every filter. - Facebook brands: * WhatsApp Web filters changed to fit the new avatar URLs. * Instagram's redirector is now accounted for. * More URL parameters used by Facebook blacklisted. `igshid` blacklisted globally. - Removed `wprov` parameter by Wikipedia. - Whitelisted more parameters for a different syntax for Amazon searches - The optional YouTube filter now also blocks the "watchtime" images (unblocked recently at EasyPrivacy and AdGuard because of problems with logged accounts) - General image filters: * Exceptions to this filter are clearer now. * Whitelisted URL parameters `bg` and `fg` (background and foreground colour) and `latex` (used for at least one LaTeX renderer, at WordPress). Also whitelisted `quality`, `sign`, `ssl`, `token-hash` and `token-time` (some of these are necessary at VK). * A second filter added for a gallery syntax (a PHP script to select an image based on numeric IDs). `uuid` is removed from the whitelist on the first filter. - Whitelist rules: * Added rules for YouTube icons on profile pages (low impact) and LinkedIn (very high impact). * Images from `outlook.office.com` (Outlook's web client) and `www.osapublishing.org` (a site publishing scientific papers) are now allowed in same-domain policy. * Images from GettyImages, iStockPhoto, ImageBank and AltMetric are now allowed globally. * Tweaked rule for whitelisting avatars. * Rule for MoinMoin-powered wikis is now global. * ReCAPTCHA rule merged into general CAPTCHA rules. * Whitelisted maps and street view for Google, Bing, and HERE * General image filters are now more granular and based on regexps Also, more whitelist rules, and tweaks to other rules. * Image server from LinkedIn is now whitelisted URLs are very different, often change, and never use optional query parameters. Whitelisting the whole server will not cause the browsear to leak extra data to LinkedIn. * Add filter for LinkedIn URLs This filter should cut tracking parameters from hyperlinks at LinkedIn. Exceptions for special pages like lost password retrieval have been made. Also, tweaks to other filters. * Unbreak Disqus and LinkedIn, and tweak other rules * Unbreak Amazon, Linkedin and Google -Amazon's cart -Linkedin's password management and recovery screens -Google's reCAPTCHA Co-authored-by: Geeknik Labs <[email protected]> Co-authored-by: crssi <[email protected]>
My love to all of you |
This is Request Control | GitHub
This is our Request Control Filters Wiki
Post your Request Control Filter-fu here
Note: Examples below are for discussion / testing - use/test at your leisure, post feedback. As really cool filters emerge, we will put them in the wiki
The text was updated successfully, but these errors were encountered: