edmunds.com

[ghajini]

@gorhill url affected= edmunds.com

issue= g00/instart logic on this site, loading infinitely ,high cpu usage

screenshot=

reported here= https://github.com/uBlockOrigin/uAssets/issues/3164 https://github.com/jspenguin2017/uBlockProtector/issues/980

[ghajini]

its timing issue(race condition) sometimes i can reproduce/sometimes not windows 10 Indian ip page source code served: https://pastebin.com/729vALfp https://pastebin.com/229BWzit

[okiehsch]

I can reproduce this issue, sometimes I get redirected, sometimes uBO-extra works. The same issue occurs with uBO-extra 2.76 on my end.

[gorhill]

I am unable to reproduce. Looking at the pastebin'ed code above, it seems the IL code is loading from a file instead of from an inline script tag. If you use the following filter, is it still reproducible?

||g00.edmunds.com^*?i10c.$script,first-party

[okiehsch]

That filter breaks the site after I get redirected.

I can see the script https://www.edmunds.com/i10c@p1/botox/file/nv-loaded.js?status=loaded on my end but blocking it does not prevent the redirection.

[okiehsch]

What does consistently fix the issue on my end, is to go to edmunds.com using uBO's medium mode.

[gorhill]

Doesn't this cause breakage?

On my side I only see edmunds-media.com being needed so far. So maybe we could use a csp-based filter.

[okiehsch]

Yes, it does break some functionality and it only works on the homepage.

If I go to edmunds.com/suv with medium mode, I do get the redirection.

[okiehsch]

I can reproduce the issue on the homepage using Medium mode, if I load the site while I have opened the dev console and bypass the cache. If I bypass the cache without opening the console I can't reproduce, this is really weird but I can reproduce the behaviour consistently.

[okiehsch]

cnet.com is another site I can reproduce redirections while nasdaq.com works fine which is strange considering both use the same Instart Logic code

/Copyright Instart Logic Tue Jul 17 2018 - All rights reserved - version: 10.2.8

[gorhill]

I think they are wrapping their code with try-catch where it may throw from uBO-Extra hooks.

The only real solid solution for all that pain is to just use Firefox, maybe it's what we should advise first as the real solution. Until Chromium supports HTML filtering (if ever), dealing with IL crap is a huge time sink.

[gorhill]

The filter I suggested above was for one file I saw at the top being declared and which contained the core IL code. But I see there are other such files declared later. So mainly they load multiple js files for their code (instead of or on top of the inline script tag), and uBO-Extra does not have an effect on these files except for the one I hard-coded a long time ago, which URL contains instart.js. The ones I see now have rather random names, I see no obvious patterns.

Edit: Actually I am not even sure about anything, just going from the pastebin content since I can't reproduce so far on my side (including with us ip), would need to take time to investigate methodically, not sure it's something I want to do now, that would be at the expense of other all issues.

[okiehsch]

they load multiple js files for their code (instead of or on top of the inline script tag)

Going to edmunds.com/suv with everything blocked except the inline-script I still get redirected.

[okiehsch]

I can only reproduce the issue with a handful of the sites that are fixed by uBO-Extra and only if I am using Windows, I can't reproduce on any site with Linux, so I don't think this is a high priority issue, atleast from my point of view.

[okiehsch]

I guess you mean

view-source:https://www.edmunds.com/g00/?i10c.encReferrer=aHR0cHM6Ly93d3cuZWRtdW5kcy5jb20v&i10c.ua=1&i10c.dv=14

[gorhill]

I will have to give on just trying stuff, I would need to step into the code, but since I am never served IL code (even if using a US or India IP), there is nothing I can do for now. Whoever with dev skills can reproduce at will is welcome to investigate.

[gorhill]

@okiehsch

I am never served IL code

Just to be clear, I see IL code with your view-source link above, but this expected given that this is an explicit g00 link. I can't see IL code with view-source:https://www.edmunds.com/ however, which is where things must always start.

[mapx-]

my edmunds page

https://pastebin.com/mXrg0y5X

[gorhill]

Ok, finally I found a way to reproduce: need a user agent string which tells the server my OS is Windows.

[gorhill]

Found an issue with uBO-Extra: turns out edmunds.com is also injected with another independant IL-defusing scriptlets, and in a silly mistake, the other scriptlet was being "defused" by the first one. Hopefully this is what was causing the issue.

[gorhill]

Although I fixed the self-inflicted defusing, I wonder if the second scriptlet is still really needed: https://github.com/gorhill/uBO-Extra/blob/master/contentscript.js#L455.

I commented out edmunds.com and the site seems to still work just fine.

[gorhill]

I used this user agent switcher by the way: https://chrome.google.com/webstore/detail/user-agent-switcher-and-m/bhchdcejhohfmigjafbampogmaanbfkg. Open source, developed in full view, Mozilla Public License.

[gwarser]

boston.com also affected (screenshot, top right corner): https://twitter.com/gorhill/statuses/1032605206952009729

I tried uBO-Extra from git without success. With Linux UA.

[gorhill]

Unable to reproduce so far with 2.76. Tried with a US IP + Chrome/Windows user agent.

Did you try to clear the cookies after trying with 2.76?

Just to confirm, I can reproduce when I turn off uBO-Extra, thus confirming I am being served IL.

[gwarser]

ctrl+shift+del -> advanced -> select all checkboxes and "Clear data" uBO 1.16.16, uBO-Extra loaded from git folder, 2.76 (2.75 disabled) Chromium Version 68.0.3440.106 (Official Build) Built on Ubuntu , running on LinuxMint 18.3 (64-bit)

Page is loading for very long, maybe never stops? g00 in uBO Logger.

I get it working sometimes, but after cleaning is back again.

[okiehsch]

Like gwarser I can still repdroduce with 2.76. I don't get any IL-code at boston.com though. Anyway, edmunds.com and cnet.com still have the same issue on my end, using Windows 10

Just to confirm, I can reproduce when I turn off uBO-Extra, thus confirming I am being served IL.

Does that mean that you do get redirections with 2.75 enabled at edmunds.com ? I ask because even using the User-Agent Switcher with my Linux desktop I can't reproduce any actual redirection or g00-ads. The same is true with an old Windows 7 Laptop. Maybe it is a browser bug as jspenguin2017 suspects

[ghajini]

i can confirm findings of gwarser & okiehsch like 7/10 case i can produce........... refresh >clear data> refresh page ,IL IS back to foot my setup ubo dev build 1.16.17b9 ubo extra 2.76 windows 10 os ,chrome stable browser screenshots - https://www.dropbox.com/s/aqbx3u0upyqcvgj/Screenshots.rar?dl=0

edmunds.com nasdaq.com boston.com

[gorhill]

Does that mean that you do get redirections with 2.75 enabled at edmunds.com ?

Yes, after I ...

• install uBO-Extra 2.75
• US IP
• Windows 10/Chrome 68 user agent string
• Clean all cache/cookies

I get IL redirections.

Then after I ...

• install uBO-Extra 2.76
• Clean all cache/cookies

No more redirections -- leaving both US IP and user agent unchanged.

[gorhill]

For boston.com, an new issue should be opened -- I can't reproduce IL redirections on my side -- i.e. works as expected with uBO-Extra.

[okiehsch]

I can reproduce redirectons only at

cnet.com
edmunds.com
gamespot.com

With all of these domains the redirections also occur if I use uBO-Extra 2.76 and a fresh profile.