PopSugar.* - Required user action blocked (Fanboy's Annoyance List + Fanboy's Cookie List)

[THEtomaso]

Affected sites:

https://www.popsugar.co.uk/
https://www.popsugar.com/
https://www.popsugar.com.au/

(Not sure about the .com and .com.au domains though, since this seems to be a GDPR thing)

Issue:

Required user action (cookie consent) is blocked, preventing access to the sites.

Problem filters:

• Fanboy's Annoyance List
• Fanboy's Cookie List

Problem rules:

##.evidon-banner
###_evidon_banner
/evidon-banner.

(Each rule alone is enough to block the cookie consent, so all of them needs to be whitelisted)

Blocked script:

https://c.evidon.com/sitenotice/evidon-banner.js

Possible fix:

popsugar.*#@#.evidon-banner
popsugar.*#@##_evidon_banner
@@/evidon-banner.$domain=popsugar.co.uk|popsugar.com|popsugar.com.au

--

• OS/version: Windows 8.1 Pro (x64)
• Browser/version: Pale Moon v27.9.4 (x64)
• Adblock Extension/version: uBlock Origin v1.16.4.4 (XUL)

[krystian3w]

From my side only Disconnect / Firefox tracking protection block load GDPR actions:

https://www.popsugar.co.uk/gdpr-consent?destination=https%3A%2F%2Fwww.popsugar.co.uk%2F

when I have blank website or request to disable "adblock":

Hi friend!
To access POPSUGAR, please disable your adblocker or change your browser settings.

---

PS. popsugar.* - this is works only in uBlock Origin.

[THEtomaso]

I've tested this issue thoroughly, using only Fanboy's Annoyance List and Fanboy's Cookie List.
Each one of the rules that I listed is enough to block the cookie consent, so exceptions needs to be made for all three of them.
I'll leave it to ryanbr to come up with the right method.

[THEtomaso]

Guess that neither the .com, nor the .com.au domains are effected by this issue.
Therefore, the fix should probably look something like this instead:

popsugar.co.uk#@#.evidon-banner
popsugar.co.uk#@##_evidon_banner
@@/evidon-banner.$domain=popsugar.co.uk

[krystian3w]

Shop can open from menu https://www.popsugar.co.uk/shop/

[THEtomaso]

No, when using Fanboy's Annoyance List and/or Fanboy's Cookie List, NOTHING can be accessed @ popsugar.co.uk!!

Example 1:
Trying to access https://www.popsugar.co.uk/ redirects to this URL (and a completely white page, with nothing to click on!):
https://www.popsugar.co.uk/gdpr-consent?destination=https%3A%2F%2Fwww.popsugar.co.uk%2F

Example 2:
Trying to access the subpage https://www.popsugar.co.uk/shop/ redirects to this URL (and again.. a completely white page, with nothing to click on!):
https://www.popsugar.co.uk/gdpr-consent?destination=https%3A%2F%2Fwww.popsugar.co.uk%2Fshop%2F

To properly test this, make sure that you're ONLY using Fanboy's Annoyance List and/or Fanboy's Cookie List, with a EMPTY browser cache!
(PS: it can only be properly tested if you try to access the domain from within EU)

The ONLY way to fix this (that I'm aware of), is to make exceptions for all of the three cosmetic rules that I've pointed out in my previous posts!!

[ryanbr]

I couldn't reproduce it with my lists; here is a video of what I see;

https://youtu.be/PTBWRB_11ps

[THEtomaso]

First of all, I can tell that you're not testing this properly, because you're using additional filters.
This is obvious from the following exception rule in uBO's logger, which is visible in your video:
@@||evidon.com/geo/$domain=comi...
This exception is certainly NOT included in Fanboy's Annoyance List, nor in Fanboy's Cookie List!

Also, something strange is indeed going on, because you're getting a completely different cookie consent warning than I am.
Perhaps things are more location-dependent than I thought, or browser-dependent?

Anyway, this is what I get, when trying to access popsugar.co.uk from my end (using ONLY Fanboy's Annoyance List and Fanboy's Cookie List):

As you can see, it stops at this rule:
/evidon-banner.

So, after adding the exception @@/evidon-banner.$domain=popsugar.co.uk, I give things another try, and get this:

Now it stops at these rules:

##.evidon-banner
###_evidon_banner

So, after also adding the exceptions popsugar.co.uk#@#.evidon-banner + popsugar.co.uk#@##_evidon_banner, I finally get the cookie consent warning, which looks like this:

[ryanbr]

I am using Easylist + Easyprivacy here, can you confirm it works fine with Easyprivacy enabled?

[ryanbr]

Given uBo defaults have Easyprivacy List enabled, not sure why you disabled it.

I have no issues having a 2nd @@||evidon.com/geo/ whitelist, but thats all its needed. (as seen by the video)

[THEtomaso]

New test, using EasyList + EasyPrivacy + Fanboy's Annoyance List + Fanboy's Cookie List:

It still stops at this rule:
/evidon-banner.

After adding the exception @@/evidon-banner.$domain=popsugar.co.uk again, I get this:

Again, it stops at these cosmetic rules:

##.evidon-banner
###_evidon_banner

So, the same exceptions are needed!

[ryanbr]

How does it differ from my video?

[THEtomaso]

I have no issues having a 2nd @@||evidon.com/geo/ whitelist, but thats all its needed. (as seen by the video)

No, like I said, there are obviously some differences to what you're experiencing from your end, compared to what I am experiencing from my end.

How does it differ from my video?

The cosmetic rules alone are enough to block the cookie consent from my end.
Also, the cookie consent warning that I get is different from the one that you get, as you can see from the screenshot at the very bottom of my post here:
#512 (comment)

I don't know if it's related to location differences, or UA sniffing that discriminates certain browsers, but I can say with absolute certainty at this point that all of the three exceptions that I've listed needs to be present!!

[ryanbr]

Already whitelisted in the list:
fanboy-addon/fanboy_cookie_whitelist_general_hide.txt:popsugar.co.uk#@##_evidon-background
fanboy-addon/fanboy_cookie_whitelist_general_hide.txt:popsugar.co.uk#@##_evidon-barrier-wrapper

Elements shown on popsugar.co.uk:
https://imgur.com/a/I3MySkb
###_evidon-banner-content ###_evidon-banner ###_evidon-barrier-wrapper

Generic elements used:
fanboy-addon/fanboy_cookie_general_hide.txt:###_evidon-background
fanboy-addon/fanboy_cookie_general_hide.txt:###_evidon-barrier-wrapper
fanboy-addon/fanboy_cookie_general_hide.txt:###_evidon_banner

Decision: Leaving it.

[THEtomaso]

Decision: Leaving it.

Well, all I can say is that it's a wrong decision.
Because, like I said; From my end, I can say with 100% certainty that all of the three exceptions that I mentioned are needed.
Otherwise, all I get is a blank page!

[THEtomaso]

I can tell from your video, that from your end, it doesn't even try to access the essential script that I mentioned in the first post, which is this one!:
https://c.evidon.com/sitenotice/evidon-banner.js
This is proof that there are indeed some location- or browser dependent differences at work when trying to access the site.

Oh well, I've wasted enough time on this. :(

[THEtomaso]

If anyone else is interested in troubleshooting this issue, here's my latest finding:

I just gave it a try, using SRWare Iron, which is a Chromium-based browser..
The results were exactly the same as they were with Pale Moon and SeaMonkey, which are the other two browsers that I've tested this with.
So, I guess this rules out UA sniffing (and any other forms of browser discrimination) on the server-side.
The differences that we're experiencing must therefore be location-dependent!
I'm connecting from Norway, so if anyone is interested in trying to reproduce this iussue, I guess you should try connecting from a Scandinavian proxy.

[krystian3w]

Strange bug, I cannot reproduce on the Swedish proxy and the preferred Norwegian language.
I also limited the number of lists to the two discussed - excluding the rest of the default uBlock Origin.

[THEtomaso]

We'll continue this discussion at that other issue report, that I refered to above.

[THEtomaso]

The issue have been confirmed now, and it seems to be limited to non-EU European countries.
Read from this post and down:
DandelionSprout/adfilt#7 (comment)

Perhaps now, ryanbr, you'll reconsider to include the necessary exceptions in your filters?

--

EDIT:
A detailed explanation of what's actually happening:
DandelionSprout/adfilt#7 (comment)