Still able to navigate to blacklisted url

[Tareffic]

Describe the Bug If I have an blacklisted url that I can still navigate to.

Steps to Reproduce Steps to reproduce the behavior:

0. Have an exam ready that contains an url like: https://www.surveymonkey.com/
1. Open SEB Configuration
2. Click Network TAB
3. Click on Filter
4. Turn on checkboxes: Activate url filtering, filter embedded content
5. Add new url rule (example expression: google.com)
6. Turn on checkbox: Active
7. Click on Action, set it to Block
8. Add another url: Localhost -> Action Allow, checkbox on: Active
9. Save this file and use it for your exam.
10. In the exam, click on the link: https://www.surveymonkey.com/
11. from the url https://www.surveymonkey.com/ click on sign up
12. Click at the bottom on the google icon
13. Click at the bottom on help
14. Click on the dotted square button in the right top corner, next to the login button of google.
15. Click on Search
16. You have now managed to browse to google without being blocked from accessing it.

Expected Behavior The urls in the blacklist should not be able to access.

Version Information

• OS: Windows 10 Enterprise 64 bit, Version 17763
• SEB-Version: SEB 2.3

[beneug]

URL filtering can be super tricky. After plenty of trial and error I found out that blocking or allowing the URL without "https" and/or "www" can make a huge difference. Also, I think it really matters what the exact link on surveymonkey to google looks like. So you might need to consider blocking multiple entry points. And what happens if you simply do not allow any other URL than surveymonkey.com/*? You shouldn't need to define every blocked external page, actually... Could you copy your exact URL filter list here to reproduce the problem?

[Tareffic]

I explained it a little bit wrong, here is an scenario that defines the issue.

Scenario; everyone is allowed to search and browse on google to any website. Except the ones that are in the blacklist. But if I search for example: "Amazon.com" on google and click the url of Amazon.com in google. It gives me a website blocked pop-up while Amazon.com is not blacklisted.

Or is there a way to disable the whitelist entirely?

Here is the config of the filter from the SEB Config Tool

Active	Regex	Expression	Action
True	False	gmail.com	Block
True	False	live.nl	Block
True	False	kpnmail.nl	Block
True	False	ziggo.nl	Block
True	False	localhost	Allow
True	False	google.com	Allow
True	False	google.nl	Allow
True	False	outlook.com	Block
True	False	outlook.nl	Block
True	False	outlook.live.com	Block

[dbuechel]

The mechanics of the URL filter are explained in detail in the documentation: https://safeexambrowser.org/windows/win_usermanual_en.html#NetworkPane.

Pertaining to your case: Per default, all URLs are blocked if the filter is active and no rules are defined. If you wish to use a blacklist mechanism (instead of the default whitelist), you need to allow everything via "*" -> "allow" and then manually block all forbidden URLs. For exams, this approach is not recommended as it may be easily circumvented!

[beneug]

We had a similar request from a teacher recently and I am afraid, as dbuechel mentioned, that this kind of exam (?) scenario is difficult to implement with all the urls that would need to be blocked. Let me put it like this: why block outlook.com and outlook.nl if every imaginable other e-mail- or messaging service would still be available? I would recommend to focus on a sensibly comprehensive group of allowed resources (idk, like wikipedia, or topic specific knowledge databases) instead that are helpful for the given tasks.

[Tareffic]

The mechanics of the URL filter are explained in detail in the documentation: https://safeexambrowser.org/windows/win_usermanual_en.html#NetworkPane.

Pertaining to your case: Per default, all URLs are blocked if the filter is active and no rules are defined. If you wish to use a blacklist mechanism (instead of the default whitelist), you need to allow everything via "*" -> "allow" and then manually block all forbidden URLs. For exams, this approach is not recommended as it may be easily circumvented!

Sorry for taking your time, I could not find the "*" in the documentation to allow everything. You have solved my problem, thank you very much!