Block Iframes, JavaScript, Redirections

Discussion in 'Browsers and Extensions' started by Prorootect, Nov 9, 2017.

  1. Prorootect

    Prorootect Level 46

    Nov 5, 2011
    3,569
    3,824
    0wN3D by my cat!
    BehindTheOverlay offered by NicolaeNVM - works good on my chromium browsers.
    On Chrome Web store: BehindTheOverlay
    Click on icon, or put Ctrl+Shift+x on your keyboard - and no more modal overlay pop-up...

    .. and Auto Overlay Remover I have, works too.
     
    given and Windows_Security like this.
  2. Prorootect

    Prorootect Level 46

    Nov 5, 2011
    3,569
    3,824
    0wN3D by my cat!
    #42 Prorootect, Jan 4, 2018
    Last edited: Jan 4, 2018
    Found true Popupblocker (for Firefox and forks only): Popupblocker – Add-ons for Firefox
    - by Joofthan.
    In the popup window, notch: Block all new tabs.
    It works tirelessly!
    - It blocks above all malware redirection pages (malwares using new windows).
    I use too Behind The Overlay, Gif Blocker (always Enable), and above all: Policy Control and Redirect Control.

    In Policy Control, my settings are:
    Media, Object: on Block all (and with Image on Block all you're able to block more ads)
    Script (JavaScript) and XMLHttpRequest on Block third-party,
    Sub Document on Block all... and with these settings no more redirects and practically no ads, using too this new to me Popupblocker.
    (You see, that I don't use Adguard AdBlocker or others like it, with signatures...)

    Users comments:
    "The very first popup I saw on a video site after updating Firefox and losing my old blocker was obvious malware disguised as a Firefox update with a [modal] page that could not be closed due to dialog popups and it is easy to see how people could be caught out by something like that. This add on makes the internet safe and usable once again..."
    "I STRONGLY Recommend Everyone to Test this one!!"

    _____________

    Tests of ads very complete (many examples) on linearpublishing.com: (page for Overlay test here): Overlay Ads
    - but for other ad examples you have many links on the right side of this page, 'All ads simultaneously' latest link too!;)

    To test malicious redirections (malwares using new windows), you have some links in my precedent posts, eg. you have adware redirections if click on buttons at the top of this page: hxxps://watchfree.ws/watchfree-movies-online (attention!)
     
    given and harlan4096 like this.
  3. Prorootect

    Prorootect Level 46

    Nov 5, 2011
    3,569
    3,824
    0wN3D by my cat!
    #43 Prorootect, Jan 6, 2018
    Last edited: Jan 6, 2018
    Recently, in Firefox and Nightly browsers I've replaced QuickJS with the new one for me YesScript2 add-on.
    Reason: The QuickJS disable Policy Control during its run.
    YesScript2 does not do this, and is more interesting in terms of capabilities.

    Judge for yourself: YesScript2 by Andras Horvath: YesScript2 – Add-ons for Firefox

    It marks the domain of the active tab untrusted, reloads the page and blocks scripts from running on it. An option for the user to stop a website eating up resources or doing malicious things even if it breaks the functionality of the page.
    Features:
    • 3 states of blocking: full blocking (=red icon) (blocking internal and external scripts too), half blocking (=blue icon) (allowing internal and blocking external scripts) and no blocking (gray icon)
    • single click operation
    • automatic page reload
    • utilizing Firefox's Sync feature to remember and auto restore settings across devices (version 53+ or local storage only)
    • compatible with desktop and mobile platforms

    Pushing functionality from server side back to the users by running more codes on their computers instead of on the server is a tendency where the industry go and so web sites use more and more resources on the users' devices so their battery may go off faster. The other problem is that websites and web services become more and more vulnerable for cyber attacks using cross site scripting and other techniques. These can be solved with this extension with some trade off.

    Turning off scripts on websites might break functionality. However if some of them use heavy scripting making your device slow or you worry about being hacked through that site then it is a good practice to block scripts if you want to visit them anyway.

    This tool is just an option for you. There are other more sophisticated options like using the NoScript extension which is a great piece of work that gives you better security because it can block scripts before loading at all whereas YesScript2 blocks them after you activate it by clicking on the icon. However teaching your browser for every domain and every script calls with NoScript seems a tedious and long work. It varies to whom it's worth it. If it's not you then YesScript2 might work for you better.

    One of the main priorities when writing this extension was to create a small code set so it can be audited much easier making it more trustful. The less lines of code, the more reliable and secure a solution can be.

    _______________

    - -very interesting script switch, i play with it now! (watchfree.ws and similar adware redirections on new window shady websites to test).
    Make sure you have Policy Control, Redirect Control, Popupblocker, Gif Block, Behind the Overlay...on Firefox, Nightly and other FF forks.
     
  4. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,268
    13,580
    Utopia
    Every additional extension that you install is another extension that can get hacked and receive malicious updates, or be sold to an unscrupulous party. Since these things can and do happen, it's best to keep it down to a minimum, in order to reduce risks.
     
  5. Prorootect

    Prorootect Level 46

    Nov 5, 2011
    3,569
    3,824
    0wN3D by my cat!
    Sure, shmu!
    But for reduce risks, I chose rather only from developers who are still very much alive, who have trustworthy websites.
    Eg developer of this add-on above, Andras Horvath, it has the trustworthy website, I posted the link too, here too:
    user info: User Info for Andras Horvath :: Add-ons for Firefox
    - and homepage of developer: on frontfoo.com: frontfoo.com
    He is personally interested in developing the code, this can be seen clearly from the posting on his homepage: his proposal is on the "web app development with STANDARD HTML, CSS AND JAVASCRIPT to access and manipulate data without the knowledge and hassle of the underlying full layers of backend programming and server maintenance".... In addition he has a face too trustworthy, the glasses also visibly are of good quality... so... so... he is Hungarian, I like Hungarians!
    I hope you have nothing against Hungarians and their add-ons? Which are offered to us for free...

    Shmu, if you have seen an extension that I've posted, that you don't consider trustworthy, quickly give us the sign, so that we can also judge again...
    Because first - I tried all the extensions/add-ons I posted the links, I have pure conscience.
     
    given likes this.
  6. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,268
    13,580
    Utopia
    You know a lot more about these extensions than I do. If it's good enough for you, it's good enough for me.
     
    given, BryanB and Prorootect like this.
  7. Prorootect

    Prorootect Level 46

    Nov 5, 2011
    3,569
    3,824
    0wN3D by my cat!
    Results of my test:

    If YesScript2 is on half blocking
    (=blue icon; allowing internal and blocking external scripts) - it blocks start of new window malicious redirections, so you're safe ( seen with this watchfree.ws link from post #42, redirecting - after click on buttons at the top of the page - to 77f24529d8427410.com adware, on new window)....
    - even if Policy Control is disabled! And Popupblocker disabled too.

    - too on half blocking position, blocks overlay ads (too with Policy Control disabled), and blocks most of ads with Policy Control enabled (which is with Image on Block all). - I've tested with:
    Overlay Ads: Overlay Ads
    All Ads Simutaneously: All Ads Simutaneously

    Leave YesScript2 enabled for all websites, except login on MT, Edit function on MT...

    So this YesScript2 is very good defense utility!
     
    given and harlan4096 like this.
  8. Prorootect

    Prorootect Level 46

    Nov 5, 2011
    3,569
    3,824
    0wN3D by my cat!
    In Policy Control, set Image on Block all - if you wish browse on nasty shady websites only.
    While your normal browsing on safe websites switch Image on Allow all.

    That way, everyone would be happy.
     
    given likes this.
  9. Prorootect

    Prorootect Level 46

    Nov 5, 2011
    3,569
    3,824
    0wN3D by my cat!
    #49 Prorootect, Jan 14, 2018 at 8:40 AM
    Last edited: Jan 14, 2018 at 9:20 AM
    Weird, but the two links to test I posted in the post #47 above, works no more Today!
    - these links:

    Overlay Ads: Overlay Ads

    All Ads Simutaneously:
    All Ads Simutaneously


    - are Redirected to "Problem loading page" page: http://foo.example.com/cgi-bin/tester
    "Server not found
    Firefox can’t find the server at foo.example.com. ..."

    - and on CENT browser:
    "This site can’t be reached
    foo.example.com’s server DNS address could not be found.
    ERR_NAME_NOT_RESOLVED"

    linearpublishing.com is dead with this redirect manner...
    verify-www.com spoked here: “foo.example.com_cgi-bin_tester” Site Info - (read error or page not found: 5000 - 302 - text/html; charset=iso-8859-1)

    So my links have "foo.example.com" redirect attached to normal address, why?
    Hacked addresses, hacked website?...

    Yes the whole web is the big swamp.

    - Some of you could get comments, please?
     
    given likes this.
  10. Prorootect

    Prorootect Level 46

    Nov 5, 2011
    3,569
    3,824
    0wN3D by my cat!
    OK., website from post above works today, no more appendice redirect "foo.example.com" in the links.
     
    given likes this.
Loading...
Similar Threads Forum Date
New Chrome and Firefox extensions block their removal to hijack browsers Browsers and Extensions Yesterday at 4:16 PM
Compare Protection DNS Threat-blocking comparison Compare Apps Tuesday at 3:47 AM
Q&A Kaspersky Firewall - block internet access for specific apps when on a public network? Kaspersky Monday at 11:02 PM