Open bozicm opened 6 months ago
Sounds reasonable even if you're idea would most likely end up in an SSL warning page since almost all requests are done with HTTPS and even if your warning page has a correct certificate it wouldn't match with the requested URL.
Sounds reasonable even if you're idea would most likely end up in an SSL warning page since almost all requests are done with HTTPS and even if your warning page has a correct certificate it wouldn't match with the requested URL.
Yes, I'm aware that incorrect certificate might be an issue but IMO this is better than generic error. On the other hand, it really depends on the implementation of the URL redirection on the http://123.123.123.123 ?
Depends on your use case since most users get suspicious at SSL errors. Seeing nothing is in most cases less alarming than seeing the "Not secure" warning in your browser as a user.
It might be possible to set up SSL man-in-the-middle to combat those but this is really painful and most likely isn't beneficial for your user experience.
I'd like to see this feature for domains I had to put on the "allowlist" to make some sites/mobile apps working. In example I had to whitelist tags-eu.tiqcdn.com to make some sites/apps working because they didn't with "zeroIP" as block type. Maybe a blockType per list is a good solution.
blocking:
denylists:
inlineBlockType: zeroIp
ads:
- https://...list1/
- https://...list2/
- |
tags-eu.tiqcdn.com
or
blocking:
customlist:
blockType: zeroIp
cdn:
- |
tags-eu.tiqcdn.com
I don't care much about adware and in that case
zeroIP
ornxDomain
response is good enough. But for malware&co I do want to have a custom IP redirect where a warning message for the mentioned page is displayed.Would it be possible to refactor the
blockType
to support different response options per blacklist group? For example, the config would be like: