search

el1t / uBlock-Safari

uBlock Origin - An efficient blocker for Chromium, Firefox, and Safari. Fast and lean.
GNU General Public License v3.0
2.74k stars 97 forks source link

Requests to blocked domains are sometimes allowed #39

Open yawns opened 7 years ago

yawns commented 7 years ago

Describe the issue

I have uBO set to block "all" globally and only allow specific domains locally. Not sure if it matters, but I also have Safari set to "Allow from current website only" under preferences->privacy->"cookies and website data."

When I check under Safari preferences->privacy->"manage website data" I often find cache items from blocked domains. In Safari's inspector under the network tab I can see requests to these domains going through, but in uBlock's request log it says they were blocked. I don't have any local rules allowing these domains anywhere, but to be sure, I wiped all local rules and reinstalled before testing.

One or more specific URLs where the issue occurs

https://www.regions.com/personal-banking/

Steps for anyone to reproduce the issue

  1. Block "all" globally in uBO and remove all local rules, so that no requests are allowed.
  2. Go to https://www.regions.com/personal-banking/ -- the site shouldn't load correctly due to blocking (just text on a white background).
  3. Locally allow only "regions.com"
ub-settings
  1. Under Safari preferences->privacy->"manage website data," empty your cache or remove anything related to the regions.com site.
privacy-before

  1. Open uBO logger and Safari's inspector, then reload the page.

  2. Safari's inspector will show successful requests to fonts.googleapis.com, apis.google.com, and nexus.ensighten.com. Safari preferences->privacy->"manage website data," will show cache from these domains.

privacy-after
  1. uBO logger shows the requests were blocked / only requests to regions.com (the allowed domain) went through.
ublock-request-log

In Firefox with the same settings, there is no connection to enlighten (verified with FF developer tools and monitoring traffic with nettop). Maybe useful: Firefox blocks 8 requests, whereas in Safari only 6 requests are blocked. Firefox blocks a second request to ensighten and a second request to apis.google.com. In Safari I don't see these requests allowed or blocked in uBO's logger. Maybe it's somehow not catching these? This is what gets blocked in FF:

screen shot 2017-04-24 at 6 38 48 am

The Regions site is an example, but I see this happening on other sites, too. For example, I have mail.google.com set to only allow google.com locally, but requests to gstatic.com and ggpht.com are still going through from gmail (though uBO logger says they were blocked).

Your settings

Your filter lists

I have all 3rd party filter lists enabled except "uBlock filters – Experimental," "uBlock filters – Unbreak," and the "Regions, languages" filters. I've also tried will all lists disabled except for "My filters" (which is empty), "uBlock filters," "uBlock filters – Badware risks," and "uBlock filters – Privacy" to rule out one the lists allowing these requests.

Your custom filters (if any)

None

relikd commented 7 years ago

can confirm this behaviour with image loading and net filters. I have a net filter for all images from sciencealert.com ||www.sciencealert.com/images/articles/processed/*

But If I open the Web Inspector - Ressources tab or Timelines tab I can see there are still images loaded exactly from this location. (Of course with purging all caches and history).

Example url:

screenshot

Note: images are also downloaded with no-large-media filter.