Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

streamsilk.com: popups #25510

Closed
10 of 11 tasks
ghajini opened this issue Oct 3, 2024 · 40 comments
Closed
10 of 11 tasks

streamsilk.com: popups #25510

ghajini opened this issue Oct 3, 2024 · 40 comments

Comments

@ghajini
Copy link
Collaborator

ghajini commented Oct 3, 2024

Prerequisites

  • This is NOT a YouTube, Facebook, Twitch or a shortener/hosting site report. These sites MUST be reported by clicking their respective links.
  • I read and understand the policy about what is a valid filter issue.
  • I verified that this issue is not a duplicate. (Use this button to find out.)
  • I did not remove any of the default filter lists, or I have verified that the issue was not caused by removing any of the default lists.
  • I did not enable additional filter lists, or I have verified that the issue still occurs without enabling additional filter lists.
  • I do not have custom filters/rules, or I have verified that the issue still occurs without custom filters/rules.
  • I am not using uBlock Origin along with other content blockers.
  • I have verified that the web browser's built-in content blocker/tracking protection, network wide/DNS blocking, or my VPN is not causing the issue.
  • I have verified that other extensions are not causing the issue.
  • If this is about a breakage or detection, I have verified that it is caused by uBlock Origin and isn't a site issue.
  • I did not answer truthfully to ALL the above checkboxes.

URL address of the web page

https://streamsilk.com/d/66fef1e5f0d37

Category

popups

Description

clicking 480/720 generates new popup window which is closed due to matching EL filter

Other extensions used

none

Screenshot(s)

Screenshot(s)

Screenshot_20241004-013110-381

Configuration

uBlock Origin: 1.60.0
Firefox Mobile: 133
filterset (summary):
 network: 151321
 cosmetic: 57025
 scriptlet: 21199
 html: 2003
listset (total-discarded, last-updated):
 default:
  user-filters: 14-0, never
  ublock-filters: 41078-216, 2m Δ
  ublock-badware: 11256-7, 2m Δ
  ublock-privacy: 1271-22, 2m Δ
  ublock-unbreak: 2540-3, 2m Δ
  ublock-quick-fixes: 159-13, 2m Δ
  adguard-mobile: 9828-11, now
  easylist: 85686-259, 2m Δ
  easyprivacy: 53129-71, 2m Δ
  urlhaus-1: 24860-0, now
  plowe-0: 3546-1068, now
filterset (user): [array of 14 redacted]
userSettings:
 advancedUserEnabled: true
 userFiltersTrusted: true
hiddenSettings:
 filterAuthorMode: true
 trustedListPrefixes: ublock- user-
supportStats:
 allReadyAfter: 1059 ms (selfie)
 maxAssetCacheWait: 361 ms
 cacheBackend: indexedDB
popupPanel:
 blocked: 5
 network:
  googletagmanager.com: 1
  vklljvzzezvy.top: 3
  yandex.ru: 1
 extended:
  ##.div_pop
  ###pop.div_pop
  ##+js(addEventListener-defuser, click, pop)
  ##+js(trusted-set-constant, premium, "'1'")
  ##+js(no-window-open-if)
  ##+js(no-setTimeout-if, window.open)
  ##+js(trusted-replace-node-text, script, /openNewTab\(".*?"\)/g,…
@D4niloMR
Copy link
Contributor

D4niloMR commented Oct 3, 2024

The code responsible for the popup is in the first lines in https://streamsilk.com/build/assets/download-BFOXNMjL.js

This works here:

streamsilk.com##+js(set, HTMLElement.prototype.click, noopFunc)

@stephenhawk8054
Copy link
Member

stephenhawk8054 commented Oct 4, 2024

I think we can limit to anchor elements only

streamsilk.com##+js(set, HTMLAnchorElement.prototype.click, noopFunc)

@ghajini
Copy link
Collaborator Author

ghajini commented Oct 4, 2024

both of them work, but limiting to anchor elements is good.also site is self broken i guess, timer never ends.

also is issue can be fixed with such idea https://github.com/AdguardTeam/Scriptlets/issues/449

@stephenhawk8054
Copy link
Member

stephenhawk8054 commented Oct 4, 2024

Yeah, that's what I was thinking too. Currently I can't think of other solutions based on current methods that can defuse element click() but with fine-grained choice of elements.

@gorhill Sorry, could you take a look?

@ghajini
Copy link
Collaborator Author

ghajini commented Oct 4, 2024

another examples we have are hydrax players

ghajini added a commit that referenced this issue Oct 4, 2024
@ghajini ghajini closed this as completed Oct 5, 2024
@gorhill
Copy link
Member

gorhill commented Oct 5, 2024

gorhill/uBlock@95b0ce5. This should work:

streamsilk.com##+js(trusted-override-element-method, HTMLAnchorElement.prototype.click, a[target="_blank"][style])

@ghajini
Copy link
Collaborator Author

ghajini commented Oct 6, 2024

https://toonstream.co/episode/pokemon-journeys-the-series-23x2/
server 2
i test on firefox abysscdn.com##+js(trusted-override-element-method, HTMLAnchorElement.prototype.click, a[target="_blank"])
work
how to see which specific elements it has overrided(if its possible)?

@gorhill
Copy link
Member

gorhill commented Oct 6, 2024

how to see which specific elements it has overrided(if its possible)?

The only way I can think of is to output the element at the console. Maybe this could be done when verbose mode is enabled?


Another way is to add debug as possible value for disposition, and this would trigger a debugger; statement in the scriptlet, then from there you can look at the page's code triggering the click.

Problem with either approach is that the page detect dev tools being opened. The issue with the verbose mode approach is that the element is removed immediately from the DOM upon return.

@ghajini
Copy link
Collaborator Author

ghajini commented Oct 6, 2024

i don't see
image

@gorhill
Copy link
Member

gorhill commented Oct 6, 2024

You will never see elements themselves in the logger, elements or element references are not serializable, they can't be transported across documents. We can output an element to the browser dev console, and from there the browser tools will let you find it in the DOM. In any case, the element is removed from the DOM immediately by the page code, so it's not very useful. Triggering a breakpoint in the code when the override occurs is a better approach, because it will let you examine the element while it still is in the DOM.

@gorhill
Copy link
Member

gorhill commented Oct 6, 2024

Anyway, how do I trigger the filter on that site? I don't get a report that the method was overridden.

gorhill added a commit to gorhill/uBlock that referenced this issue Oct 6, 2024
Support `debug` as valid `disposition` value: to trigger a `debugger`
statement, but only if uBO's logger is opened.

Related feedback:
uBlockOrigin/uAssets#25510 (comment)
@gorhill
Copy link
Member

gorhill commented Oct 6, 2024

Next build you can try abysscdn.com##+js(trusted-override-element-method, HTMLAnchorElement.prototype.click, a[target="_blank"], debug) with logger opened to trigger a breakpoint in the scriptlet. The element should still be part of the DOM, and you can examine the caller's code to see what they are doing.

@ghajini
Copy link
Collaborator Author

ghajini commented Oct 6, 2024

  • add abysscdn.com#@#+js(aost, HTMLElement.prototype.click, _0x)
  • go to https://toonstream.co/episode/pokemon-journeys-the-series-23x2/
  • click server 2
  • play the video ,now go into fullscreen & then come out of fullscreen, the popup will happen

@gorhill
Copy link
Member

gorhill commented Oct 6, 2024

With the new debug disposition value, I could break into the scriptlet code at override time. Had to use Anti Anti Debug extension. To my surprise, the a element is not part of the DOM, I thought this was a requirement for the click() method to work. Anyway, when the breakpoint triggers, you can inspect the element properties and the caller's code:

Screenshots

image

image

@uBlock-user
Copy link
Contributor

streamsilk.com##+js(disable-newtab-links) works fine without having any need for a new scriptlet.

@gorhill
Copy link
Member

gorhill commented Oct 6, 2024

Forgot about disable-newtab-links but anyway this one acts on all click events, including legitimate (isTrusted is true) ones by the user, while specifically trapping click() targets non-trusted clicks, and the new scriptlet also allows to narrow down further using a selector, and is more logger friendly.

@uBlock-user
Copy link
Contributor

but anyway this one acts on all click events

Can't you make it specific to certain elements or urls ? like we have for nowoif, I feel this old scriptlet is perfect for this case.

@gorhill
Copy link
Member

gorhill commented Oct 6, 2024

Why invest time on this unless there are actual cases to solve?

@uBlock-user
Copy link
Contributor

This could resolve this case without having to resort to a new scriptlet, but it's your choice though.

@gorhill
Copy link
Member

gorhill commented Oct 6, 2024

abysscdn.com##+js(disable-newtab-links) does not work, need to specifically trap click().

@ghajini
Copy link
Collaborator Author

ghajini commented Oct 6, 2024

i added abysscdn.com##+js(trusted-override-element-method, HTMLAnchorElement.prototype.click, a[target="_blank"], debug)
with ubo logger open & dev tools, i don't see debugger statement being invoked.
i have added ubo filters annoyances to foil antidevtool
iam on firefox stable 131 ,ubo 1.60.1b7

@ghajini
Copy link
Collaborator Author

ghajini commented Oct 6, 2024

this was part of code responsible for popups

0x305: _0x473fc2 => {
      var _0x4ec335 = -0x1;
      var _0x1b4c33 = null;
      function _0x2c6597() {
        if (_0x1b4c33) {
          var _0x685c92 = document.createElement('a');
          _0x685c92.setAttribute("href", _0x1b4c33);
          _0x685c92.setAttribute('target', "_blank");
          _0x685c92.click();
          document.onclick = null;
          document.ontouchend = null;
        }
      }
      _0x473fc2.exports = (_0x6005aa = false, _0x58ae87 = []) => {
        if (!_0x6005aa && _0x58ae87?.["length"]) {
          _0x1b4c33 = _0x58ae87[++_0x4ec335 % _0x58ae87.length];
          if (/iPhone|iPad|iPod|Mac OS/i.test(navigator.userAgent)) {
            document.onclick = _0x2c6597;
            if ("ontouchstart" in window || "onmsgesturechange" in window) {
              document.ontouchend = _0x2c6597;
            }
          } else {
            _0x2c6597();
          }
        }
      };
    },

@gorhill
Copy link
Member

gorhill commented Oct 6, 2024

I just reproduced successfully. Did you enable debugger statement in dev tools?

image

My steps in a new browser profile:

  • Enable Anti Anti Debug
  • Add abysscdn.com#@#+js(aost, HTMLElement.prototype.click, _0x)
  • Add abysscdn.com##+js(trusted-override-element-method, HTMLAnchorElement.prototype.click, a[target="_blank"], debug)
  • Open logger
  • Open https://toonstream.co/episode/pokemon-journeys-the-series-23x2/ in a new tab
  • Open dev tools for that tab
  • Click "SEVER 2"
  • Click play
  • Stop play (just to keep environment quiet)
  • Maximize player
  • Minimize player
  • Debug statement triggered as seen in screenshot

@ghajini
Copy link
Collaborator Author

ghajini commented Oct 6, 2024

ok some firefox hang problem on my end, i could see debugger statement on opera👍

@D4niloMR
Copy link
Contributor

D4niloMR commented Oct 8, 2024

Can nowoif also have a debug value?

@gorhill
Copy link
Member

gorhill commented Oct 8, 2024

I could add a special case for the url parameter:

##+js(nowoif, debug)

Which would trigger a debugger; statement for all calls to window.open() without preventing them. Would that work?

@D4niloMR
Copy link
Contributor

D4niloMR commented Oct 8, 2024

Yes, that should work. I was thinking of using it on https://filemoon.sx/e/dpgw5dfyk8p8 (There's no popup on Firefox because of injected CSP).

gorhill added a commit to gorhill/uBlock that referenced this issue Oct 8, 2024
Support triggering a `debugger` statement when `window.open()` is
called.

Related feedback:
uBlockOrigin/uAssets#25510 (comment)
@ghajini
Copy link
Collaborator Author

ghajini commented Nov 8, 2024

https://streamsilk.com/p/66fef1e5f0d37
@stephenhawk8054 i think we need different filter than streamsilk.com##+js(set, HTMLAnchorElement.prototype.click, noopFunc) because this blocks download at
image

@mapx-
Copy link
Contributor

mapx- commented Nov 8, 2024

clicking 480/720 generates new popup window which is closed due to matching EL filter

no popup on my side even disabling HTMLAnchorElement.prototype.click filter, so it could be removed

@ghajini
Copy link
Collaborator Author

ghajini commented Nov 8, 2024

it does for me if i disable that filter
image

@stephenhawk8054
Copy link
Member

stephenhawk8054 commented Nov 8, 2024

They still keep that script:

function openNewTab(url) {
  var a = document.createElement("a");
  a.href = url;
  a.target = "_blank";
  a.style.display = "none";
  document.body.appendChild(a);
  a.click();
  document.body.removeChild(a);
}

@stephenhawk8054
Copy link
Member

@ghajini Does this work on your side?

streamsilk.com##+js(nostif, adDiv)

@ghajini
Copy link
Collaborator Author

ghajini commented Nov 8, 2024

it does not work for me

@stephenhawk8054
Copy link
Member

Oh sorry, I checked wrong page.

@ghajini
Copy link
Collaborator Author

ghajini commented Nov 8, 2024

does having stack trace in set-constant will help?

@stephenhawk8054
Copy link
Member

Maybe. But currently the only way I can think of is rpnt

streamsilk.com##+js(rpnt, script, window.dataLayer =, 'window.HTMLAnchorElement.prototype.click=new Proxy(window.HTMLAnchorElement.prototype.click,{apply:(target,thisArg,args)=>{console.log(thisArg);if(thisArg&&!thisArg.href.includes("streamsilk.com"))return;return Reflect.apply(target,thisArg,args)}});window.dataLayer =', sedCount, 1)

@mapx-
Copy link
Contributor

mapx- commented Nov 8, 2024

popups only on mobile ?

@mapx-
Copy link
Contributor

mapx- commented Nov 8, 2024

ok, popups on the first link in the issue, not on the last link

@ghajini
Copy link
Collaborator Author

ghajini commented Nov 8, 2024

opera/ firefox mobile

@ghajini
Copy link
Collaborator Author

ghajini commented Nov 8, 2024

Maybe. But currently the only way I can think of is rpnt

streamsilk.com##+js(rpnt, script, window.dataLayer =, 'window.HTMLAnchorElement.prototype.click=new Proxy(window.HTMLAnchorElement.prototype.click,{apply:(target,thisArg,args)=>{console.log(thisArg);if(thisArg&&!thisArg.href.includes("streamsilk.com"))return;return Reflect.apply(target,thisArg,args)}});window.dataLayer =', sedCount, 1)

that works for me

stephenhawk8054 added a commit that referenced this issue Nov 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

6 participants