Open bozicm opened 6 months ago
kwitsch
commented
6 months ago Sounds reasonable even if you're idea would most likely end up in an SSL warning page since almost all requests are done with HTTPS and even if your warning page has a correct certificate it wouldn't match with the requested URL.
bozicm
commented
6 months ago Sounds reasonable even if you're idea would most likely end up in an SSL warning page since almost all requests are done with HTTPS and even if your warning page has a correct certificate it wouldn't match with the requested URL.
Yes, I'm aware that incorrect certificate might be an issue but IMO this is better than generic error. On the other hand, it really depends on the implementation of the URL redirection on the http://123.123.123.123 ?
kwitsch
commented
6 months ago Depends on your use case since most users get suspicious at SSL errors. Seeing nothing is in most cases less alarming than seeing the "Not secure" warning in your browser as a user.
It might be possible to set up SSL man-in-the-middle to combat those but this is really painful and most likely isn't beneficial for your user experience.
ikarisan
commented
2 months ago I'd like to see this feature for domains I had to put on the "allowlist" to make some sites/mobile apps working. In example I had to whitelist tags-eu.tiqcdn.com to make some sites/apps working because they didn't with "zeroIP" as block type. Maybe a blockType per list is a good solution.
blocking:
denylists:
inlineBlockType: zeroIp
ads:
- https://...list1/
- https://...list2/
- |
tags-eu.tiqcdn.comor
blocking:
customlist:
blockType: zeroIp
cdn:
- |
tags-eu.tiqcdn.com
I don't care much about adware and in that case
zeroIPornxDomainresponse is good enough. But for malware&co I do want to have a custom IP redirect where a warning message for the mentioned page is displayed.Would it be possible to refactor the
blockTypeto support different response options per blacklist group? For example, the config would be like: