New Update uBlock Origin update thread

[Gandalf_The_Grey]

It does when you clear all caches and update the filters.

 

[SeriousHoax]

Did you notice that the filters "AdGuard Tracking Protection" have moved from the Privacy section to Custom? Or is this not a global change? (uBlock Origin)

Yeah, it was removed and might be added again later.

 

[czesetfan]

Yeah, it was removed and might be added again later.

Ah, thank you for the explanation.

 

[silversurfer]

uBO 1.47.0 released on github:

• Firefox: Submission pending
  • uBO works best on Firefox.
• Chromium: Submission pending
• Edge: Install from Microsoft Store: Microsoft Edge Addons
  • The Microsoft Store version of uBO is published by Nicole Rolls
• Opera: Submission pending

Fixes / changes​

• Prevent context menu entries on non-HTTP documents
• Ignore compilation hints when applying exception cosmetic filters
• Add support for regex-based values as target domain for static extended filters
• Add support for regex-based values for domain=/from=/to= options
• Rewrite static filtering parser
• uBO doesn't reject cosmetic filters with invalid pseudo-classes/pseudo-elements
• Make the logger entry dialog modeless
• Fix missing regex flags
• Import version 1.2.0 of RegexAnalyzer
• Set charset to utf-8 for Blob-based injected scriptlets
• Disallow -abp-... filters if not using #?#
• Work related to keyboard shortcuts for page reload
• New network filter option: to=[list of domain names]
• New network filter option: method=...

Release 1.47.0 · gorhill/uBlock

Commits to master since this release Commits since last release To install the stable build: Firefox: Click uBlock0_1.47.0.firefox.signed.xpi uBO works best on Firefox. Chromium: Install from t...

github.com

 

[silversurfer]

uBOLite_0.1.23.2176 (since yesterday available on Chrome web store): uBlock Origin Lite

Release notes​

• Updated filter lists
• Translation work

Refer to log.txt to see filters which could not be converted due to MV3 incompatibility. At the moment not all discarded filters are necessarily reported in there

Release uBOLite_0.1.23.2176 · gorhill/uBlock

uBO Lite (uBOL), an experimental permission-less MV3 API-based content blocker. See summary description/documentation. Release notes Updated filter lists Translation work Refer to log.txt to see ...

github.com

 

[Gandalf_The_Grey]

uBlock Origin 1.47.2 released

Fixes / changes​

• Support moving logger dialog around with touch events
• Raise minimum version of Firefox
• Fix improper invalidation of inline-(font|script) types

Release 1.47.2 · gorhill/uBlock

Commits to master since this release Commits since last release To install the stable build: Firefox: Review pending uBO works best on Firefox. Chromium: Review pending Edge: Install from Mic...

github.com

 

[ForgottenSeer 97327]

Wow, I have not used uBlockOrigin for a while, but noticed that mr GorHill has seriously restricted the use of CC/TLD's in rules, for instance Jan Willy's easy medium mode rule (for AdGaurd) does not work anymore (||*$third-party,script,frame,denyallow=your list|of trustred|Country Codes|and TopLevelDomains).

I know people are yelling that is where you have the dynamic rules for, but .....

The easy medium mode (as first suggested by Kees1958 and perfected by janWilly) has its charmes and benefits, why?
1. Firstly Jan Willy's easy medium mode rule for AdGuard never issued any problems nor needed any exceptions (probably the reason Kees1958 post became a sticky)
2. Secondly I like to keep the dynamic filtering option for fine tuning and weeding of the 'Easy Medium Mode blocking' reduced attack surface (making dynamic filtering even greater for fine tuning).



From older MT and Wilders post I know Gorhill and Kees1958 have got a troublesome relation, but this is a real pitty. Maybe some inner circle MT-members (of Gorhill) can pleed to return to the old standards (I recall when AdGuard copied them in 2020). GorHill has implemented some of Kees1958 request (only years later ) so GorHill is willing to listen when others confirm.

 

[ErzCrz]

I run it in a variation of Hard Mode. Takes some whitelisting but works pretty well for me. The pop-up rule can get annoying but it does block bad pop-ups

Spoiler: Tweaked Hard Mode

Dynamic rules:

no-csp-reports: * true
no-large-media: behind-the-scene false
no-popups: * true
no-strict-blocking: 192.168.0.1 true
* * 3p block
* * 3p-frame block
* * 3p-script block
* com * noop
* eu * noop
* info * noop
* io * noop
* net * noop
* org * noop
* uk * noop
behind-the-scene * * noop
behind-the-scene * 1p-script noop
behind-the-scene * 3p noop
behind-the-scene * 3p-frame noop
behind-the-scene * 3p-script noop
behind-the-scene * image noop
behind-the-scene * inline-script noop

Static Filters:
! Block beacons, plugins and websockets everywhere
||*$ping,object,websocket

! Block potentially unsafe third-party content to unencrypted websites
|HTTP://*$third-party,~document,~stylesheet,~image,~media

! Block opening webpages on top level domains and countries I never visit
||*$document,~stylesheet,~image,~media,~script,~subdocument,~xmlhttprequest,domain=~com|~info|~io|~eu|~net|~org|~uk

 

[oldschool]

I run it in a variation of Hard Mode. Takes some whitelisting but works pretty well for me. The pop-up rule can get annoying but it does block bad pop-ups

Spoiler: Tweaked Hard Mode

Dynamic rules:

I guess you'd call it Easy Hard mode.

 

[ErzCrz]

I guess you'd call it Easy Hard mode.

Hehe yeah but works. Kind of used to it blocking stuff. The TLD filter saved me a few times but my no-popup dynamic rule is my longest Been tempted to give the Lite beta a go for simplicity but yeah, old habbits

 

[Jan Willy]

@ErzCrz​

This thread isn't meant to discuss about filter rules, but I have to warn you that next rule doesn't block anything, because of the exception ~document.
! Block potentially unsafe third-party content to unencrypted websites
|HTTP://*$third-party,~document,~stylesheet,~image,~media

Edit: Here the result of a correct rule. As intended, the 3p script is blocked.




My advice would be to read next thread very well.

New Update - uBlock0rigin in Medium mode for Lighter and Stronger Protection, with Less websites breakage and hassle

Why a seperate thread? I got a few questions of the uB0 settings I posted in Old School's uB0 tips and tricks. In stead of stealing that thread I thought it might be better to create a new thread to explain these settings. I also got a question how to apply this on other browsers, so I left out...

malwaretips.com

 

[ErzCrz]

@ErzCrz​

This thread isn't meant to discuss about filter rules, but I have to warn you that next rule doesn't block anything, because of the exception ~document.
! Block potentially unsafe third-party content to unencrypted websites
|HTTP://*$third-party,~document,~stylesheet,~image,~media

Edit: Here the result of a correct rule. As intended, the 3p script is blocked.

View attachment 273119


My advice would be to read next thread very well.

New Update - uBlock0rigin in Medium mode for Lighter and Stronger Protection, with Less websites breakage and hassle

Why a seperate thread? I got a few questions of the uB0 settings I posted in Old School's uB0 tips and tricks. In stead of stealing that thread I thought it might be better to create a new thread to explain these settings. I also got a question how to apply this on other browsers, so I left out...

malwaretips.com

Thanks and sorry for going OT. I've not tweaking my filters for quite awhile. Will have a read through and maybe a fresh approach

 

[ForgottenSeer 97327]

Most browser nowadays block HTTP content on HTTPS websites, is this correct?

 

[Jan Willy]

Most browser nowadays block HTTP content on HTTPS websites, is this correct?

Yes, but I don't know if this setting is enabled at default. For me this setting is enough and I don't use a filterrule to block risky content on a http site. But let's not go further OT.

 

[ForgottenSeer 97327]

I have not been using uBo for some time and was disappointed that denyallow did not facilitate entities (any more) like AdGuard in denyallow (see post 227 of this thread).

Today I looked through the uBO Wiki to see whether it was replaced by something else and found that version 1.46 added some important new static rule features which makes them look more like dynamic rules. As I explained in post #227 I liked to add the 'problem free attack surface reduction of easy medium mode' to the static rules and use dynamic filtering to fine tune and weed out unnessecary stuf (and trial it a few weeks before 'promoting' them as a static rule in My Filter).

JanWillys easy medium mode static rule for Adguard: ||*^$script,subdocument,third-party,denyallow=com|eu|inf|io|ms|net|nl|org
Would look like this with the new uBlockOrigin syntax: ||*$script,subdocument,third-party,to=~com|~eu|~inf|~io|~ms|~net|~org
the ~ means not, so: not to com, not to eu | not to inf | not to io | (etc)

ErzCrz easy hard mode dynamic rules
* * 3p block
* com * noop
* eu * noop
* info * noop
* io * noop
* net * noop
* org * noop
* uk * noop

Would look like this with the new uBlockOrigin syntax: ||*$third-party,to=~com|~eu|~info|~io|~net|~org|~uk

Spoiler: FROM - TO logic in static rules making them easier to write

Happy uBO user again

 

[oldschool]

Congratulations.@Max90 you write rules just like @Windows_Security. and @Kees1958.

 

[ForgottenSeer 97327]

Congratulations.@Max90 you write rules just like @Windows_Security. and @Kees1958.

I learned it from JanWilly , but I take it as a compliment. There is a little difference WindowsSecurity and ErzCrz implement easy medium/easy hard mode with dynamic filtering, while JanWilly and I like to implement it with static rules. For me this has the advantage that I can use dynamic filtering to see what Edge Anti-tracking misses.

My approach is that I first start to block unnecessary third party connections for that website only (website1p domain3p * block). When I encounter this third-party domain on another website I make it a general rule (* domain3p * block). I keep those dynamic rules normally for a few weeks and when those extra dynamic third-party blocks don't provide any problems I promote them to static rules in my filters.

When you read the uBO wiki (and also ABP basic rules explanation) it is relatively easy to convert dynamic rules to static rules. With the new uBO FROM and TO static rules it is even easier to convert dynamic rules to static rules (* domain3p * block becomes ||*$third-party,to=domain3p and website1p domain3p * block becomes ||*$third-party,from=website1p,to=domain3p)

 

[Jan Willy]

while JanWilly and I like to implement it with static rules

Manifest V3 was the reason I converted uBO dynamic rules in static rules. Normally I keep using uBO in medium mode with noop rules for regular domainextensions and sometimes for a specific site to unbreak it.

 

[oldschool]

When you read the uBO wiki (and also ABP basic rules explanation) it is relatively easy to convert dynamic rules to static rules. With the new uBO FROM and TO static rules it is even easier to convert dynamic rules to static rules (* domain3p * block becomes ||*$third-party,to=domain3p and website1p domain3p * block becomes ||*$third-party,from=website1p,to=domain3p)

Thanks. I haven't checked the Wiki is a long time so I'll check it out.

 

[ForgottenSeer 97327]

Mini tutorial with new FROM and TO options of uBlockOrigin. The new (version 1.46) FROM and TO options support entities (e.g an asterix for countrycode as Google.* and country codes and top level domains as explained below) can be piped (using | to separate multiple domains or entities) and can be excluded (not is ~).

1. Easy Medium Mode
Block third-party scripts and frames except (not = ~ ) for country code's of Canada (CA), USA (US), UK and Top Level Domain's COM, IO, INF, NET, ORG
||*$third-party,script,frame,to=~CA|~US|~UK|~com|~io|~inf|~net|~org

2. Easy Hard Mode
Block third-party except (not = ~) for country code's of Canada (CA), USA (US), United Kingdom (UK) and Top Level Domain's COM, IO, INF, NET, ORG
||*$third-party,to=~CA|~US|~UK|~com|~io|~inf|~net|~org

3. Block all third-party scripts and frames on (from) a specific website (example1.com)
||*$third-party,script,frame,from=example1.com

4. Block third-party scripts and frames anywhere linking to a specific website (example3.com)
||*$third-party,script,frame,to=example3.com

5. Block third-party scripts and frames on a specific website (example1.com) linking to another specific domain (example3.com)
||*$third-party,script,frame,from=example1.com,to=example3.com

6. Block nasty popups and popunders to an advertising network which will redirect them (often to adult websites, I used three real examples below)
||*$popup,popunder,to=trafficjunky.net|tsyndicate.com|opoxv.com

7. Block nasty popups and popunders on a specific website except (not = ~) to its own website
||*$popup,popunder,from=example1.com,to=~example1.com