When to use mitm vs normal mode?

[kbirger]

The readme explains how to use mitm.js, but not what it is used for, how it's different, or what the advantages are over index.js

Can someone clarify these points for me please?

[3N4N]

mitm uses a library 'http-mitm-proxy', whereas index manually creates the HTTP request. But otherwise they should behave the same.

The practical difference is that index hasn't been updated for a long time. Mitm has been the focus of this git repo. Which wouldn't be a big problem, except these two programs use separate white and black lists. If these lists were the same for both, they would virtually behave the same.

Wanna shed some light as to why the whitelists for index and mitm are different, @AnanthVivekanand?

[AnanthVivekanand]

They don't behave the same -- http-mitm-proxy allows mitm.js to access the full url of all requests. There are some domains that serve both audio and ads, and since mitm.js has access to the full urls, it's able to filter ads while allowing audio through. Refer to blacklist.js (https://github.com/AnanthVivekanand/spotify-adblock/blob/master/blacklist.js) you'll see filtering by exact path rather than just by domain.

There's some more complicated stuff also going on with login5.spotify.com which you can find discussion about here: https://github.com/AnanthVivekanand/spotify-adblock/pull/7#issuecomment-618537177

But yes, I'll update README.md about mitm.js. I think I will rename index.js and move it a deprecated folder or something.

[AnanthVivekanand]

Alright, I've updated README.md with some explanations. @3N4N

[3N4N]

@AnanthVivekanand thanks for the clarification. I would like to propose an addition to the readme, however. It says, "On the first run, mitm.js generates a Root Certificate Authority (CA), which needs to be trusted by the OS." Most people will be unfamiliar with this process (I have read about CA, but never configured it in either of my Windows or Linux machines). You may consider adding a tutorial, or at least a link to some trusted tutorial, teaching people. I followed this YT walkthrough: https://youtu.be/CqkPraRDuHY, and can confirm it works. See if it's a good enough approach to be linked in your readme.

Also, add a CA trusting tutorial for Linux users as well. I'll try finding a way to do it in Ubuntu when I'm on my Linux machine, but it will be late.

[AnanthVivekanand]

Sounds good -- propose a PR with a markdown link for Windows users next to the command I already have for MacOS users and I'll review it. @3N4N

[3N4N]

@AnanthVivekanand I sent a patch to your gmail account logged in this repo. I didn't want to create a fork for a readme patch.

In case your gmail address is incorrect, the patch can also be found here: http://sprunge.us/ZA87WD.