Change @@|| to @@| in Anti-malware lists

DandelionSprout / adfilt

The place where I, DandelionSprout, store my web filter lists for countless topics, including my Nordic adblock list. As simple as that, really.

Other

1.3k stars 143 forks source link

Change @@|| to @@| in Anti-malware lists #877

Closed KnightmareVIIVIIXC closed 5 months ago

KnightmareVIIVIIXC commented 11 months ago

Reason: some block list may block abc.google.ga but when you allow @@||google.ga it will allow all google.ca links. Instead do @@|google.ga. That will be safer. But I'm just using that as an example. Do that for all the TLDs that are blocked so that way the actual dangerous domains will still be blocked.

DandelionSprout commented 11 months ago

I'm currently thinking about how to rewrite those entries anyway, since uBlock Origin added a better framework for annoyances lists in 1.50.0 that make me tempted to get more of my lists included there, but the uBO team has been strangely hostile to ||top^ in particular.

KnightmareVIIVIIXC commented 11 months ago

I'm using Adguard DNS. I just noticed this in their block list.

KnightmareVIIVIIXC commented 11 months ago

I don't know how you make your lists but can you make a command to change @@|| to @@| Ask chatgpt.

KnightmareVIIVIIXC commented 11 months ago

Worse case scenario, you copy paste your list into notepad++ and replace @@|| to @@| and that'll be that

DandelionSprout commented 11 months ago

This kind of stuff should be pretty easy for me to handle with Sublime Text and with the scripts I use.

DandelionSprout commented 11 months ago

Having thought about this for some days, I don't think there's much security benefits from using single |'s.

If we presume the use of, for example, @@|google.cf^, then I'd most likely have to add additional whitelistings for www.google.cf, mail.google.cf, maps.google.cf, and dozens more. If anything, I'd assume that all subdomains of domains that I do approve for whitelisting, can be considered to be safely under the control on the main domain's owner (In this case Google).

At most, I could evaluate the use of | in case-by-case, and would only be kinda feasible if any whitelisted domains turn out to have hacked subdomains of the g37d5a.domain.top variety that often show up in Google search results.

Bonus trivia: The only reason @@|| became used in the AdGuard Home list version at all, was because of a baffling bug in (what I think is) https://github.com/AdguardTeam/FiltersCompiler that discarded $denyallow entries in included AGH lists for no reason.

DandelionSprout commented 10 months ago

Update: I'm hoping for https://github.com/AdguardTeam/HostlistCompiler/pull/50 to get merged, which should hopefully allow me to revert back to the intended ~google.ga|~example.ga format that is used in the highest-profile list versions.

KnightmareVIIVIIXC commented 10 months ago

https://github.com/AdguardTeam/AdGuardHome/wiki/Hosts-Blocklists#denyallow

krystian3w commented 9 months ago

Also this can generate confusion with ABP (EasyList) syntax:

||due-punto.bara^ - block all

@@|http://due-punto.bara^ (unlock only http without www.) and still blocked https, http://www. & https://www..

DandelionSprout commented 7 months ago

I'm still waiting for https://github.com/AdguardTeam/HostlistCompiler/pull/50 to get processed. This is becoming an absolute embarrassment for AdGuard Home (The software), sorry to say.