mlgualtieri / CSS-Exfil-Protection

Official repository for the CSS Exfil Protection browser extensions.
MIT License
155 stars 11 forks source link

Using a more specific check instead of indexOf('value') #32

Open boronchiev opened 3 years ago

boronchiev commented 3 years ago

Please use a more specific check instead of indexOf('value')

It's necessary to avoid false positives on CSS like: [data-value='0']

mlgualtieri commented 3 years ago

I'll need to think about this one, as it's probably an edge case. Do you have a site that triggers a false positive from rules like this?

boronchiev commented 3 years ago

Do you have a site that triggers a false positive from rules like this?

https://yandex.ru/search/?text=майнкрафт&lr=2

image

mlgualtieri commented 3 years ago

Thanks! Can confirm it triggers the plugin. Not sure what to do about it yet though without impacting filtering elsewhere. It may be possible to look for indexOf(' value') instead of indexOf('value'), but this may cause it to ignore cases where it shouldn't.

mlgualtieri commented 3 years ago

Had an idea on this. It might be better to instead ignore rules where the string "-value" is found, which would filter out things like "data-value" selectors.