New Update uBlock0rigin in Medium mode for Lighter and Stronger Protection, with Less websites breakage and hassle

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
@SeriousHoax and @oldschool

I got a comments through PM to add another cname block rule), so I added the My Filters as text file in the original post, so people can easily change it to their likings

1606034506424.png

@plat1098 and @SampeiNihira

About ^ missing in Kees1958 original rule HTTP://*^$third-party,~stylesheet,~image,~media. When I understand the ABP documentation correctly the ^ stand for 'start of an URL' and the * is a wildcard for zero to all. So the ^ seemed redundant to me. Please comment when iit has performance impact I am unaware or causes other problems.

I have not written uBo, but my guess is that the reason the rule count increases by one when you leave out ~media is that ~ stand for 'not'' (excluding), so when you leave out a NOT, you actually add a rule (without ~media third-party media is also blocked).

The Chrome call out block does not work in Firefox. This is intended for two reasons:
1. I prefer to use static rules, not cosmetic rules you suggested
2. People on Firefox should move to a safer browser :eek::ROFLMAO:
 
Last edited:

JasonUK

Level 5
Apr 14, 2020
235
I have not written uBo, but my guess is that the reason the rule count increases by one when you leave out ~media is that ~ stand for 'not'' (excluding), so when you leave out a NOT, you actually add a rule (without ~media third-party media is also blocked).
That seems to be an accurate guess as leaving of ~spreadsheet further increases rule count by one.
 

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
Okay @rndmblk and @ErzCrz on my girlfriends laptop I have uBlockOrigin in easy medium mode running, so I have AG, uBO and uMA running with setups inspred by Kees1958 (aka Windows_Security on MT). BT I am using the blocklist he maintains with beerisgood (aka @security123 on MT).

All credits go to Kees1958 really, I just updated thread as suggested by @oldschool (btw at the end of the year Dutch TV/Radio broadcast a Top2000, I now know your avitar is Frank Zappa, I always thought it was your picture :) )

I added my girlfriend's laptop uBO setup. I will recap the idea of Kees1958 in short (one with cosmetic filtering enabled and one without)

1609497407013.png

1609513361276.png

EDIT1: thanks @harlan4096 for moving this post to correct thread

EDIT2: it is alo good practice to enable your language specific Easy Privacy Blocklist (Dutch blocklist has little to no value to us with our browsing habits).

EDIT3: added the new powerfull uBO click-2-run redirect in the 'cosmetic filtering disabled version' (thanks @Gandalf_The_Grey for explicitely mentioning this in the uBO updates thread) AND added the minimal version I with Kees1958?beerisgood blocklist only also (that is the 'less is more' version)
 

Attachments

  • my-ublock-backup_cosmetic_enabled.txt
    2.7 KB · Views: 648
  • my-ublock-backup_cosmetic_disabled.txt
    4.5 KB · Views: 597
  • my-ublock-backup_less_is_more_.txt
    4.5 KB · Views: 590
Last edited:

Gandalf_The_Grey

Level 79
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,856
For the people with a Microsoft account, you need to add the following to the default medium mode rules in my Rules tab:
Code:
* gfx.ms * noop
I saw some discussion on the block third-party web requests on insecure HTTP websites except images and CSS-stylesheets rule.
Is this still correct?
Code:
HTTP://*^$third-party,~image,~stylesheet
Or is there an easier way to do this in Edge?
 
Last edited:

Jan Willy

Level 12
Verified
Top Poster
Well-known
Jul 5, 2019
579
it should work, but the ^ is intended to mark the end of a domain name, since we are using a wild card (*), below is probably better
HTTP://*$third-party,~stylesheet,~image,~media
The rule is also usable in Adguard for Windows (desktop-app):
|http$third-party,~stylesheet,~image,~media

Edit: if you want extend the rule to sub-domains:
|http^$third-party,~stylesheet,~image,~media

For using in uBlock one can streamline the rule a little bit:
HTTP://*$3p,~css,~image,~media
 
Last edited:

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
I saw some discussion on the block third-party web requests on insecure HTTP websites except images and CSS-stylesheets rule.
Is this still correct?
Code:
HTTP://*^$third-party,~image,~stylesheet
Or is there an easier way to do this in Edge?

As per advice of Yuki2718 better change this into

|HTTP://$third-party,~stylesheet,~image,~media

Thanks @SeriousHoax for pointing to Yuki's comment
 
Last edited:

JasonUK

Level 5
Apr 14, 2020
235
Quick question on this... should there be zero, one | or two || in front of the HTTP? Every time I see this rule rewritten it seems to vary :) There seems to be a consensus that the ^ (HTTP://*^$) is not needed and the * is only needed if you want to block insecure HTTP content from sub-domains too? I'm using this in the static rules/filters on either UBO, AdGuard Desktop or Extension depending on which I'm using at the time!


Edit: Rereading Jan Willy's post #68 it was the ^ you retained if you wanted it to apply to sub-domains not the *.
 
Last edited:

ErzCrz

Level 21
Verified
Top Poster
Well-known
Aug 19, 2019
1,086
Quick question on this... should there be zero, one | or two || in front of the HTTP? Every time I see this rule rewritten it seems to vary :) There seems to be a consensus that the ^ (HTTP://*^$) is not needed and the * is only needed if you want to block insecure HTTP content from sub-domains too? I'm using this in the static rules/filters on either UBO, AdGuard Desktop or Extension depend|ing on which I'm using at the time!
It's 2 x ||

See here which is for adblock plus but they use the same sort of coding Adblock Plus filters explained and the ublock specific syntax here: Static filter syntax · gorhill/uBlock Wiki · GitHub
 

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
As far as I understand the comment from Yuki correctly and Adblock Plus Filters explained

1610883284716.png




No leading | or ||. e.g. HTTP://
This is translated internally as HTTP://*

One leading |
This is the startmarker of a full domain name, e.g. |hxxp://example .org Using the startmarker makes it a tighter condition (less cpu intensive)

Two leading ||
Means that you can omit the leading HTTP/HTTPS, so just the domain is sufficient: ||example.org filters both hxxp://example.org and hxxps://example.org
 
Last edited:

JasonUK

Level 5
Apr 14, 2020
235
Thanks for the replies above... so reason for opening post recommended http://*^$third-party,~image,~stylesheet without any || at all would suggest that in the original opening posters version the http://* was explicitly stating the internal translation of http:// because no | had been used and the ^ was to include sub-domains (quoting Jan Willy's post #68 second example). If you put a single | in front you can scrap the * making it tighter (Lenny' post #72) but doesn't that mean you lose the wildcard element which was referred to in post #67? Now I'm totally confused :) I think I'll stick to the original until I wrap my brain around the syntax rules!
 

Jan Willy

Level 12
Verified
Top Poster
Well-known
Jul 5, 2019
579
Thanks for the replies above... so reason for opening post recommended http://*^$third-party,~image,~stylesheet without any || at all would suggest that in the original opening posters version the http://* was explicitly stating the internal translation of http:// because no | had been used and the ^ was to include sub-domains (quoting Jan Willy's post #68 second example). If you put a single | in front you can scrap the * making it tighter (Lenny' post #72) but doesn't that mean you lose the wildcard element which was referred to in post #67? Now I'm totally confused :) I think I'll stick to the original until I wrap my brain around the syntax rules!
In my eyes is the explanation from Lenny_Fox in post nr. 72 very clear. I add one little thing: after one leading | (pipe) you can just use http or https if you don't want to limit the rule to a particular domain. I hope that this addition not causes more confusion. ;)
 

JasonUK

Level 5
Apr 14, 2020
235
In my eyes is the explanation from Lenny_Fox in post nr. 72 very clear. I add one little thing: after one leading | (pipe) you can just use http or https if you don't want to limit the rule to a particular domain. I hope that this addition not causes more confusion. ;)
Not too confused :) Does your second comment on post #68 about the inclusion of ^ to cover sub-domains still stand?
 

Jan Willy

Level 12
Verified
Top Poster
Well-known
Jul 5, 2019
579
Does your second comment on post #68 about the inclusion of ^ to cover sub-domains still stand?
In my post #68 I wrote:
'Edit: if you want extend the rule to sub-domains:
|http^$third-party,~stylesheet,~image,~media'
This refers to what I wrote before, namely 'The rule is also usable in Adguard for Windows (desktop-app)'.
From How to create your own ad filters | AdGuard Knowledgebase:

1610977419326.png


In uBlock Origin is the circumflex ^ not necessary to include subdomains. See gorhill/uBlock
 
Last edited:

Jan Willy

Level 12
Verified
Top Poster
Well-known
Jul 5, 2019
579
An interesting approach of uBlock Medium Mode is made by Yuki2718. See Yuki2718/adblock
As usual in Medium Mode, third-party scripts and frames are blocked. The author made dozens of noop-rules for differentiated blocking and preventing false positives. He also added a static filter with 172 rules, which includes an alternative to NoScript.
Yuki2718 was for a short time MT-member. See Q&A - µBlock Origin blocks "https://ipm-provider.ff.avast.com/" (in particular post nr. 22).
 
Last edited:

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
@Jan Willy

Have you tried it? Umatrix also has an option to use a community based medium mode whitelist. I tried it a while together with some other uMa whitelists but I kept running into websites which I had to whitelist myself.

It does not work, there are simply to many websites.

Have you tried Yuki 's uBo version yourself?
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top