Add nsIProxyInfo to webRequest API
Reported by
sscar...@gmail.com,
Nov 27 2017
|
||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3275.0 Safari/537.36 Steps to reproduce the problem: 1. 2. 3. What is the expected behavior? Not appliable What went wrong? Not applicable WebStore page: Did this work before? N/A Chrome version: 64.0.3275.0 Channel: canary OS Version: 10.0 Flash Version: Visiting a website for example http://www.sandiegouniontribune.com/ with a content blocker such as AdBlock Plus or uBlock Origin installed, the website forcibly inserts adware and ads which are pulled via proxy ad server and hundreds of third-party cookies as first cookies via an exploit. If nslProxyInfo was supported, the extension can listen and evaluate the proxy server request on the fly and can take action against it before it makes a connection. Currently, uBlock Origin users have to rely on inserting a declaring contentscript extension namely uBlock Origin Extra to fight back and block this exploit. Firefox Quantum recently added the support, so it would be great for Chromium can have it too, so users can no longer rely on hacks such as inserting contentscript to block the exploit. For more information - uBlock Origin issue tracker https://github.com/uBlockOrigin/uAssets/issues/227 https://www.theregister.co.uk/2017/08/11/ad_blocker_bypass_code/ https://www.reddit.com/r/wow/comments/5exq2d/wowheadcom_sucking_bandwidth/
,
Nov 29 2017
sscarl24@ - Thanks for filing the issue...!! Could you please provide a sample extension file with consistent reproducible steps, expected and actual results to test the issue from TE-end. This will help us in triaging the issue further. Thanks...!!
,
Nov 29 2017
sample extension file ? I'm not sure what you mean by that, but you can install uBlock Origin and test it yourself with the following steps. STR - 1) Install uBlock Origin - https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en 2) Browse to chrome://settings/content/cookies?search=cookies and activate "Block third-party cookies" setting. 3) Browse to http://www.sandiegouniontribune.com/ 4) Get bombarded with ads. 5) Click on "View site information" icon and click on Cookies to see 100s of third-party cookies being inserted as first-party even though "Block third-party cookies" setting is activated.
,
Nov 29 2017
Expected result is ADS do not get inserted as uBlock Origin is blocking the ad-servers and third-party cookies do not get inserted as first-party. While the Actual result is the opposite of Expected result here.
,
Nov 29 2017
Thank you for providing more feedback. Adding requester "krajshree@chromium.org" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Nov 29 2017
@krajshree They also detect opening of console and remove all their g00 code and clean it up to avoid their script getting debugged.
,
Nov 29 2017
about detecting the console https://bugs.chromium.org/p/chromium/issues/detail?id=672625
,
Dec 12 2017
Well, is this still being looked at ?
,
Dec 27 2017
Bug https://bugs.chromium.org/p/chromium/issues/detail?id=104058 and https://bugs.chromium.org/p/chromium/issues/detail?id=487422 cover what I wanted to report, so please close this bug report.
,
Dec 28 2017
sscarl24@ Thanks for the feedback. As per comment #9, closing this bug as the reporter has confirmed. Thanks... |
||||
►
Sign in to add a comment |
||||
Comment 1 by krajshree@chromium.org
, Nov 29 2017