This scriplet supersedes abort-current-inline-script (acis),
and accepts an optional third argument which is matched
against the `src` property of script resources.
When the third argument is not provided, the scriptlet
behaves essentially the same as `acis`, and because of
this `acis` is now aliased to `abort-current-script`, and
all existing `acis` filters will execute with no change
in behavior.
In the long run, usage of `abort-current-inline-script` or
its alias `acis` should go away and be replaced with
`abort-current-script` or its alias `acs`.
Some sublists fail to load with this CDN, and
uBO fails to properly error out on the whole
list in such case, causing a truncated whole
list to be used in the end.
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/1553
This commit ensures FLoC is opt-in. The generic filter
`*##+js(no-floc)` in "uBlock filters -- Privacy" ensures
the feature is disabled when using default settings/lists.
Users can opt-in to FLoC by adding a generic exception
filter to their custom filters, `#@#+js(no-floc)`; or they
can opt-in only for a specific set of websites through a
more specific exception filter:
example.com,shopping.example#@#+js(no-floc)
Too likely to cause breakage. It was originally added without
having been really evaluated. As per feedback, it's too likely
to cause breakage.
The list is seemingly used to evaluate filters, which are moved
to EasyPrivacy once they are deemed valid and useful.
As discussed internally with list maintainers:
- EasyList China doesn't leverage uBO's extended
filter syntax
- EasyList China's home page is no longer available
to the public
Additionally, "CJX's EasyList Lite" has been removed
from stock lists, as the list hosted on GitHub is no
longer updated, and "AdGuard Chinese" is the official
list to enable to address all filter issues for
Chinese sites.
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/1445
A third (optional) argument has been added to `remove-attr`
scriptlet, which can be one or more space-separated tokens
dictating the behavior of the scriptlet:
`stay`: This tells the scriplet to stay and act on DOM
changes, whiĺe the default behavior is to act only once
when the document becomes interactive.
`complete`: This tells the scriplet to start acting only
when the document is complete, i.e. once all secondary
resources have been loaded, while the default is to start
acting when the document is interactive -- which is earlier
than when the document is complete.
Example:
...##+js(remove-attr, class, .j-mini-player, stay)
When no-fetch-if scriptlet is used without argument, the
parameters passed to no-fetch-if will be output to the
console, as `uBO: fetch([...list of arguments...])`.
The new scriptlet allows to defuse calls to fetch() by returning
a promise which always resolve to an empty response.
There is only one argument, which is a space-separated list
of conditions which must be ALL fulfilled in order for the
defusing to take place.
Each condition is a pair of property name and property value
separated by a column. Valid property names are those
documented as valid `init` options:
https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch
The URL of the fetch() is a special case and does not have to
be associated with a property name. Example of usage:
...##+js(no-fetch-if, method:HEAD)
Which means: defuse the call to fetch() if there is an
explicit option which contains `HEAD`. Another example:
...##+js(no-fetch-if, adsbygoogle.js)
Which means: defuse the call to fetch() if the URL contains
`adsbygoogle.js`. Multiple conditions can be provided:
...##+js(no-fetch-if, adsbygoogle.js method:HEAD)
If at least one condition does not match, the defusing will
not take place.
The string against which to match can be a literal regular
expression:
...##+js(no-fetch-if, /adsbygoogle.js$/ method:/HEAD|POST/)
Additonally, the following deprecated scriplets have been
removed:
- requestAnimationFrame-if.js
- setInterval-defuser.js
- setTimeout-logger.js
This new scriplet has become necessary as a
countermeasure to new bypass mechanisms by
some websites, as discussed with filter list
maintainers.
Also related discussion:
https://github.com/AdguardTeam/Scriptlets/issues/82
Scriptlet: abort-on-stack-trace
Alias: aost
Argument 1:
The property to trap in order to launch the
stack trace matching code, ex. Math.random
Argument 2:
The string (needle) to match against the stack
trace. If the empty string, always match. There
is a special string which can be used to match
inline script context, <inline-script>.
Argument 3:
Whether to log, and if so how:
Empty string: do not log
1: log stack trace for all access to trapped
property
2: log stack trace for defused access to trapped
property
3: log stack trace for non-defused access to
trapped property
Many filter lists are known to cause serious filtering
issues in uBO and are not meant to be used in uBO.
Unfortunately, unwitting users keep importing these
filter lists and as a result this ends up causing
filtering issues for which the resolution is always
to remove the incompatible filter list.
Example of inconpatible filter lists:
- Reek's Anti-Adblock Killer
- AdBlock Warning Removal List
- ABP anti-circumvention filter list
uBO will use the following resource to know
which filter lists are incompatible:
- https://github.com/uBlockOrigin/uAssets/blob/master/filters/badlists.txt
Incompatible filter lists can still be imported into
uBO, useful for asset-viewing purpose, but their content
will be discarded at compile time.
Reported internally by team.
Explicit conversion was causing an exception to be
thrown when the type argument was not supporting
`toString()`, for example when `type` argument was
literal `null`.
Related issues:
- https://github.com/uBlockOrigin/uBlock-issues/issues/1116
- https://github.com/uBlockOrigin/uBlock-issues/issues/984
It has been found that the two malware lists uBO uses by
default appear to be essentially no longer maintained.
urlhaus list[1] has been identified by the community as
being well maintained and as being actually useful as a
default malware-related list in uBO, since it's being updated
every day from a database of top domains and specific URLs
identified as serving malicious content. Additionally, the
maintainer of urlhaus list has taken steps to increase
compatibility with uBO[2].
The decision has been to replace the current two malware-
related lists with urlhaus list, which will be enabled by
default in uBO -- and this means that list will be part of
uBO's package from now on.
For those who have the two removed malware lists enabled,
these will be moved to the custom lists section -- they
will still be enabled. It is suggested users remove them from
their selection of lists as their usefulness at this point
is questionable.
[1] https://gitlab.com/curben/urlhaus-filter
[2] 859dfd03c6
Add support for specially-named properties:
`[]`, to iterate through all elements in an array, in
order to deal more graciously with cases where the
property to remove is an element in an array. An
actual case:
+js(json-prune, playlist.movies.0.adserver playlist.movies.1.adserver ...)
Can be now converted to:
+js(json-prune, playlist.movies.[].adserver)
`*`, to iterate through all own properties of an object,
in order to deal with random-named properties. For
example (not an actual case):
+js(json-prune, playlist.*.adserver)
Where `adserver` would be a property member of an
object which is itself a property of `playlist`, but
which name is unknown or is variable.
Specifically:
- Log entries as received by client code
- Prettier and more readable console output
- Ability to only log entries matching a
specific needle
As per internal discussion at
<https://github.com/uBlockOrigin/uAssets>; limited
logging capabilities of json-prune originally raised
by <https://github.com/gwarser>.
Related issue:
- https://github.com/uBlockOrigin/uBlock-issues/issues/981
To be consistent with no-setTimeout-if.js.
requestAnimationFrame-if.js is deprecated and must no longer be
used, it will be removed in the near future when it's no longer
in use in default filter lists.
no-requestAnimationFrame-if.js is aliased to norafif.js.
The scriptlet will now still try to trap a specific
property if a segment of the chain is not undefined
while yet not an object either.
For example, this now allows to set a value on
`document.body.onselectstart` when `document.body` has
not been instantiated yet by the browser parser,
whereas this would previously fail because
`document.body` would be `null` while the scriptlet
was testing against `undefined`.