[Anti-adblock] derstandard.at

[Esokrates]

Sorry, I do not want to fool you guys, but the issue is not solved for real, locking as solved does not make it any better. I do not use any Apple device.

Here is a screencast I just recorded for proof when launching chromium with a fresh profile: https://youtu.be/JR-NgxfAuIc

I am happy to give you any info you need.

[Esokrates]

@okiehsch Regarding your comment that the anti-adblock script is broken in the first place: As someone who understands German it does not look like it: The second screenshot in my previous comment (Bitte ein wenig Geduld, Ihr Adblocker-Status wird überprüft) states "Patience, your adblocker status is checked", so it checks if you have whitelisted the site in the meantime. This check occurred previously too if a certain timeout was reached I think, but the test always failed and the paywall remained, so I think what you did is break the detection in that paywall script after it triggered, because it thinks now the adblocker is indeed turned off. So yes there seems to be an inconsistency in their check, because the check that triggers the paywall is more aggressive than the one that rechecks if you have turned off in the meantime.

Do you think the cookie-removed could be adapted to work more reliable in order to not trigger the paywall in the first place like @gwarser pointed out?

[okiehsch]

As someone who understands German it does not look like it

I know what the messages state ;) My opinion:

Es macht wenig Sinn zu prüfen ob ein bestimmtes script geladen werden konnte und dann, nach erfolgter Erkennung, das Erlauben eines anderen script's zum Anlass zu nehmen die Seite doch zu zeigen.

That's why I think that the anti-adblock script is atleast unusual.

[okiehsch]

Ok, shall I do something else?

I have said all there is to say, I can't reproduce.

[jspenguin2017]

If you don't have any adblockers active, does the site still redirect you to the block screen (then back to homepage)? From my quick test, it seems no.

I think the anti-adblock script on the homepage also checks for size or visibility of ads frames, but the block screen only checks for network connection.

[Esokrates]

@okiehsch Have you tried using a VPN? Now is there some way to fix "Cookie is only removed at the main page, because document.cookie defaults to current path when path is missing in cookie string, and derstandard.at sets cookies on."? Even if you can't reproduce is there anything I could try for you? @jspenguin2017 Without adblocker no block screen for me.

[Esokrates]

@okiehsch Also, maybe we could do something else in terms of reproduction: Would you be able to boot a live image in a virtual machine so that we have exactly the same software running in order to find the reason why we have different results?

[okiehsch]

My last comment on this topic:

I am always successful within a 5 minute timeframe. It still triggers but recovers afterwards

I will not try clicking maniacally through articles for minutes at a time on the off chance that I can reproduce an anti-adblock message, which I will then recover from immediately.

Like I repeatedly said, I use the site frequently and have no issues, though I do not refresh the same pages five times in a row or click frantically through numerous articles.

If there is a better cookie-fix, I will post it.

I will unsubscribe from this topic, please do not ping me.

Edit: Just for the record @Esokrates you were helpful and responsive, so this is not meant as a personal criticism, I just feel that this issue has reached a dead end from my point of view and I have spent a vast amount of time trying to reproduce to no avail, so I call it quits.

[Esokrates]

Okay thank you very much for your support. I use the site frequently as well and I do get the problem without "clicking maniacally through articles for minutes", I did that just for testing and for showing you guys that the issue triggers in a sensible timeframe.

I can understand that you do not have the motivation to click randomly on some page in order to trigger some issue, but as I clearly showed it works. I thought this would be helpful for your to find a way to fix that.

@jspenguin2017 Could you include the workaround found in this thread? derstandard.at##script:inject(cookie-remover.js, /^MGUID/) @@||adfarm1.adition.com/s$script,domain=derstandard.at derstandard.at##iframe[src="about:blank"] My testing showed that sometimes a page gets bigger as if some elements were not hidden (no ads get through though) but that issue disappears within seconds.

[jspenguin2017]

The cookie removing filter breaks login, so no.

I want to see if it can be fixed with monkey patching. Since the whitelist doesn't always work, I don't really want to include it in the default filters set.

[MaxValue]

I have currently this same problem, I tried all the rules in this thread (also all of them together), but it still gives me the paywall.

But: On reddit I found this thread. This guy made a user script which essentially does the same as the scriptlet (it also deletes the "PurWallHit" cookie, but this cookie was never relevant).

So my point is: Maybe the scriptlet does not work at all?

I tested this with reddit, adding a rule to delete the "reddit_session" cookie. If it would work, it should always keep me logged out, which it does not since I was still logged in there (even after visiting multiple pages, reopening and closing the filter list).

[jspenguin2017]

You're right, there is a problem with the scriptlet. It doesn't quite handle domain properly.

The scriptlet will set cookie for www.reddit.com and .www.reddit.com but it should be .reddit.com.

---

Update: Actually, the behavior of cookie-remover.js does match its documentation. Although I think that it is kind of useless in its current form. It should accept a domain and a path parameter. Right now, it fails on all websites that have a leading www. which is like half of the Internet.

[jspenguin2017]

@MaxValue Doesn't really matter though, I can always add a new script snippet to Nano Resources. The reason I didn't land the fix is that deleting MGUID will break login.

[MaxValue]

Yes, I just checked it - deleting MGUID will break login (the user is logged out on next request).

[MaxValue]

Something else: I think that getting cookie-remover working is preeetty important for the future of ad blocking. What derstandard.at does makes totally sense and other sites will do the same in the future:

Force the user to have cookies enabled (because of the privacywall at first visit) and then use a HttpOnly cookie (which you cannot manipulate over simple JavaScript) which you use to track the users' usage of the site. And by tracking I mean here counting the number of seen articles.

So what this scriptlet (or any other similar envisioned feature) should be able to do is allowing filter lists to edit/delete both kinds (normal and HttpOnly) of cookies. Other extensions (cookie editors) can very well edit HttpOnly cookies. Making a userscript for every website which uses this trick defeats the purpose of adblocking extensions.

[jspenguin2017]

Not really, I don't think we ever needed that cookie remover scriptlet, and even if it worked as expected, it wouldn't be an ideal solution for this issue.

Maybe breaking login isn't an issue for you, but that can't be considered OK in general.

[MaxValue]

You are right.

So this leaves no solution I guess. Blocking/deleting cookies disables the website, sooo what now?

[jspenguin2017]

If I understood right, the anti-adblock screen only shows if you refresh the home page 5 times, which I don't think can happen during normal use.

There will be solutions, but I have other priorities right now so I didn't spend time to look for them.

[MaxValue]

No, this is a sort of freemium model: The site tracks the user and if they read too many articles (about more than 4), it gives you this paywall, because your trial ended. Maybe it is indeed duty cycle based, meaning it will go away after some time, but I doubt this.

I think this paywall comes anyways, no matter how slow you navigate. Of course, maybe if you navigate extremly slow around the site it will not come up, because you are not hitting the duty cycle. I will test this in the next time and let you know if it doesn't come up.

[jspenguin2017]

Can't reproduce. If I navigate over articles, I don't get anti-adblock walls.

[jspenguin2017]

Fixed here: https://github.com/uBlockOrigin/uAssets/commit/ea3c7777c5994f6558176d06a3a2cba6be41eae6