Clarification regarding star rule in the block lists

[berstend]

WTF?

https://jspenguin2017.github.io/uBlockProtector/uninstall-unofficial.html

[jspenguin2017]

What's wrong? You found the explanation, have you read it?

[berstend]

You yourself are apparently using stuff from uBo & co and forbid usage in those?

I'm a technical person and it took me a sec to realize what's happening, you broke the internet for most non-technical folks with this move.

[berstend]

I'm usually a calm person but this interrupted my flow quite massively. Anyhow, my issue is resolved - just needed to vent so you might reconsider before doing such things in the future.

[berstend]

And yeah, still no idea why my usage with uBo has been blocked

For the stability and safety of your system, you must follow this guide to uninstall the unofficial version of Nano Defender now.

No idea what this means. Also I forgot when/why I added your lists in the first place. Oh well.

[jspenguin2017]

Do you rather have a subscription pointing to a domain that I plan on releasing in a few years? ! Redirect header is not parsed by uBO, I have no other choice.

[jspenguin2017]

I will send out notification to Chrome users in another way, but the Firefox extension was taken down so I have no other choice.

[jspenguin2017]

To be clear, Firefox users was never supposed to be subscribed to those filters, and I have whitelisted Chrome users who was on the old link.

[berstend]

Apologies for my outburst, you seem to be a genuine developer.

What happened with this change is that every single request was being blocked, I purged the uBo cache and couldn't refresh the filter list as the requests would fail.

Once I noticed which filter lists are the issue and checking them I saw this:

! Access Denied
! NEED HELP? https://bit.ly/2CKzV3L

Which sounds super fishy and extortion like. PS: I'm using Chrome with uBO (again, I must've added your lists a long while back).

Do you rather have a subscription pointing to a domain that I plan on releasing in a few years? ! Redirect header is not parsed by uBO, I have no other choice.

Hmm, I wasn't aware of that. Maybe a softer route would've been to nullify the legacy lists for a while or maybe reach out to gorhill so he can remove the subscriptions in an update.

Again apologies for my outburst, I came here quite loaded given that something broke my internet in the middle of working on something.

Cheers

[berstend]

I was subscribed to this URL:

https://jspenguin.com/NanoAdblocker/AssetsMirror/NanoWhitelist.txt

[jspenguin2017]

I don't see a softer route, no one will notice if I serve a 404 or blank list. Gorhill will not implement anything that can be used to edit user subscription -- he made it clear on multiple occasion.

See: https://github.com/gorhill/uBlock/issues/1183

[jspenguin2017]

I'm using Chrome

The whitelist is IP based, so if your IP changed, the whitelist may stop working. I see that it is affecting less than 1% of requests.

Which sounds super fishy

Hum, yea, I'll change the wording of it.

[berstend]

Gorhill will not implement anything that can be used to edit user subscription

Interesting, he does have quite strong opinions about certain things. 😄 What I meant is that he might add subscription removal code in the uBo extension itself, specifically for the lists in question (though I'm not sure how many users are affected by the deprecation and if he would bother implementing a special case for it).

I understand the conundrum now and wouldn't know how to handle it differently. But adding a little more explanation (e.g. a deprecation warning) to the filter list front matter itself definitely doesn't hurt. :-)

Thanks for the explanation!

[jspenguin2017]

There are a few hundreds users affected at maximum. There is no way for gorhill to add specific code to handle this.

The domain registrar I'm with right now is hot garbage. It is over twice as expensive than the competition, does not support IPv6 (AAAA record), and dox you if you want to transfer. I have no other choice than to release the domain.

[berstend]

Understood, wasn't aware that only so few users are affected and I happened to be one of them.

Reminds me of the time when I was lazy and added an alert() powered update notification in one of my extensions with 20K users, bad idea 😅

Out of scope but I've been using internet.bs (in combo with cloudflare dns) quite happily for years, their whois protection is quite strong and they don't verify any data ;-)

[dudeedud4]

Not a few hundred users tbh.. I got this issue and I'm running Chrome. Everything just went to a * block because it was using the rawgit domain.

It looked something like this.

*
a
e
i
o
u

[jspenguin2017]

@dudeedud4 Not possible, the RawGit links are definitely not serving that. If it is, please give me the link, I will investigate immediately.

[jspenguin2017]

@dudeedud4 Also I sent out the announcement on Friday, most users should have migrated by now.

[dudeedud4]

I never had an issue until right before I posted the comment. It was in a filter list, what I can only assume came from rawgit like the others did. I had since removed them and just readded the filter. I'll see if I can dig it up though.

EDIT: Found it, looks like it was from the jspenguin.com domain.

https://jspenguin.com/NanoAdblocker/AssetsMirror/NanoBase.txt https://jspenguin.com/NanoAdblocker/AssetsMirror/NanoDefender.txt

[jspenguin2017]

That's right, it's not from RawGit. I'm shutting down jspenguin.com in a year or so, so I need to make sure everyone has migrated.

RawGit is also shutting down but I think they don't plan on releasing the domain so there is no risk, thus I don't plan on forcing people on RawGit to migrate.

[christinaa]

Just had this happen with jspenguin.com filters all of the sudden, with this being pulled in during the update. A little clarification in the actual filter header would have been nice instead of a blanket block on everything with a vague link, and being greeted with a page that says (that was before I read all of it) that I may have installed a malicious extension in big text.

[Adblock Plus 2.0]
! Title: CLICK HERE TO VIEW DETAILS
! Expires: 999 days
!
! This file does not exist or you do not have the permission to view it.
! Some files were recently moved. Need help? View detailed guide here: https://jspenguin.com/uund
!
@@||github.io^
@@||jspenguin.com^
*
a
e
i
o
u

I appreciate the effort to get people to migrate, it would be nice to have a better explanation in the header for Chromium users since my initial reaction was pretty much "What the hell?" and it actually took me a while to find this particular "bug" listed here, I think the amount of users affected is much bigger than you may have anticipated.

Again, I very much appreciate the work you've put into this, but a filter update like this will catch anyone off guard, including "expert" users or anyone for that matter. For the sake of other users who may get the same update, just as a suggestion, maybe add a small elaboration in the comment (currently it's extremely confusing) regarding why there are suddenly wildcard filters. I would suggest mirroring the announcement you made on your website into the header of those filters including the date of it, otherwise it really does catch people off guard especially since the text is pretty confusing.

Thanks and again, I appreciate the hard work and understand that mistakes happen. I do think it's a genuine bug however so it may be worth reopening it instead of just marking it as invalid.

[jspenguin2017]

@christinaa I sent out an announcement last Friday to Chrome and Chromium users, that's 5 days ago. You should have been notified by the NEW badge on the extension. If not, it means you followed an unofficial installation guide.

I did what I can, some people refuse to read my announcement, refuse to read the official installation guide, or refuse to follow the official installation guide closely. If it is too much work, I also forked uBlock Origin which does the configuration and migration automatically.

The file is served from a catch-all 404 handler, which I believe contains enough information. People will be caught off guard no matter what I wrote, and I want to limit the size of the file that is served.

[christinaa]

@christinaa I sent out a notification 5 days ago to Chrome and Chromium users, if you have not received it, it means you followed an unofficial installation guide.

I did though (follow the official guide), so not entirely sure what went wrong, never saw any kind of notification, Chromium built from LKGR 601653 with a few patches on top (I sit at around 400 tabs most of the time with a vertical "tab" bar and, and a 7 or so of windows, it's possible that's related somehow since I'm not entirely sure how the warning was meant to be displayed), not sure which revision I was on 5 days ago but it would not be too far from it, could check the logs from my buildbot if that matters. Also doubt that it's relevant but I forgot to specify that I use uBlock Origin with Nano Defender.

Just figured I'd mention, if this was just in a popup it's likely I could have accidentally closed it while trying to clear out some of the tabs, I have a bad habit of hoarding tabs and eventually when it becomes unmanageable snapshot the session and then close a window. So yes this could have been my fault, still, I think the message could be a little bit clearer. Again, just a suggestion, I do suspect that most users who didn't get the message at all or just didn't see it since it got buried under a ton of stuff got pretty confused (I definitely was).

So while I understand the necessity of it, I still think the wording of the comments at the top could elaborate it saving people time from having to investigate it themselves (ie. my first assumption was that this was a prank of some kind or a really bad typo in a list, or something worse). A lot of people automatically jump to the conclusion that this is something malicious, hence my suggestion as the actual explanation behind the filter (this particular page) took me a while to find.

Again, just my two cents in, I understand it's impossible to account for everything but a more straightforward clarification would be nicer to a lot of users since as I said, a good number of people jump to the worst possible conclusion right away, and that's normal, can't exactly be too careful.

And again, thanks for your time and I apologize for the wall of text.

[jspenguin2017]

Thanks for the recommendation, but since it is handled by a catch-all 404 handler, I believe the message is appropriate.