[nsfw] ylilauta.org: detection

[BasicParameter]

Prerequisites

• [X] I read and understood the policy as to what is a valid filter issue
• [X] I verified that the issue has not already been reported (use this button to find out)
• [X] I forced an update of my filter lists (how to do this: click "Purge all caches", then click "Update now")
• [X] I did not remove any of the default filter lists, or I verified that the issue is not caused by removing any of the default lists
• [X] I did not enable external filter lists, or I verified that the issue still occurs without enabling external filter lists
• [X] I do not have custom filters/rules, or I verified that the issue still occurs without custom filters/rules
• [X] I am not using another content blocker along uBO (also mind browser built-in blockers)
• [ ] I did not answer truthfully to all the above checkpoints

URL address of the web page

https://ylilauta.org/satunnainen/

Category

nuisance

Describe the issue

First uses a constant notification on site to remove blocker, then when you block the element, site uses the browser's built in dialogue pop up to remind to remove the blocker. Pop up keeps coming up as you scroll down the page.

Extremely invasive and seemingly impossible to block with current tools available for firefox on android.

Screenshot(s)

Screenshot(s)


Configuration

```yaml uBlock Origin: 1.43.0 Firefox Mobile: 103 filterset (summary): network: 177969 cosmetic: 154323 scriptlet: 37403 html: 727 listset (total-discarded, last updated): added: adguard-generic: 66320-5650, 3d.10h.37m adguard-spyware: 27473-1291, 3d.11h.33m adguard-spyware-url: 687-2, 3d.10h.11m block-lan: 43-0, 24d.21h.13m curben-phishing: 50677-4, 23h.36m curben-pup: 182-0, 23h.38m adguard-annoyance: 55385-1796, 3d.11h.32m adguard-social: 18030-2488, 3d.10h.44m fanboy-thirdparty_social: 69-1, 8d.14h.59m fanboy-annoyance: 76068-64845, 8d.14h.57m fanboy-cookiemonster: 36968-17313, 8d.14h.58m fanboy-social: 23239-13678, 3d.10h.33m ublock-annoyances: 4531-7, 3d.9h.1m FIN-0: 1916-76, 3d.10h.22m default: user-filters: 8-0, never ublock-filters: 33097-698, 3d.10h.35m ublock-badware: 4214-0, 3d.11h.35m ublock-privacy: 242-1, 23h.46m ublock-abuse: 76-0, 23h.45m ublock-unbreak: 1869-0, 3d.10h.20m ublock-quick-fixes: 328-1, 23h.40m adguard-mobile: 8005-167, 3d.11h.36m easylist: 68901-25151, 3d.10h.21m easyprivacy: 27459-10545, 3d.10h.23m urlhaus-1: 4929-0, 23h.37m plowe-0: 3639-3, 23h.44m filterset (user): [array of 8 redacted] trustedset: added: [array of 3 redacted] modifiedUserSettings: advancedUserEnabled: true modifiedHiddenSettings: [none] supportStats: allReadyAfter: 1378 ms (selfie) maxAssetCacheWait: 463 ms popupPanel: blocked: 0 ```

[MasterKia]

• [X] I did not enable external filter lists, or I verified that the issue still occurs without enabling external filter lists

added: 
    adguard-generic: 66320-5650, 3d.10h.37m
    adguard-spyware: 27473-1291, 3d.11h.33m
    adguard-spyware-url: 687-2, 3d.10h.11m
    block-lan: 43-0, 24d.21h.13m
    curben-phishing: 50677-4, 23h.36m
    curben-pup: 182-0, 23h.38m
    adguard-annoyance: 55385-1796, 3d.11h.32m
    adguard-social: 18030-2488, 3d.10h.44m
    fanboy-thirdparty_social: 69-1, 8d.14h.59m
    fanboy-annoyance: 76068-64845, 8d.14h.57m
    fanboy-cookiemonster: 36968-17313, 8d.14h.58m
    fanboy-social: 23239-13678, 3d.10h.33m
    ublock-annoyances: 4531-7, 3d.9h.1m
    FIN-0: 1916-76, 3d.10h.22m

Could you try with only the default lists?

[BasicParameter]

Could you try with only the default lists?

There is a script element in the page that will not allow you to block the ad container and the default lists do not always update to include the casino ads that the page creator hosts, which is why the iframe and toast script need to be blocked, which get overwritten then by the invasive dialogue popup in the browser.

[MasterKia]

Does anyone know why ylilauta.org##+js(alert-buster) doesn't work?

[okiehsch]

Probably a race condition, the alert function is at the top of the source.

[MasterKia]

Is ##+js(aell) not working on Firefox for the same reason?

[okiehsch]

No. You don't see anything in the console after adding ylilauta.org##+js(aell)?

[MasterKia]

No, nothing about event listeners.

Firefox 102: https://user-images.githubusercontent.com/17685483/182318837-abffea54-b6ff-42be-a284-4560ba1e1e1b.png

But I tried on another site and it works.

[okiehsch]

Hm, looks like a Firefox issue. It works fine with chromium on my end, I have no access to a Firefox browser at the moment.

ylilauta.org##+js(aeld, load, setTimeout) fixes the issue on my end using chromium, but if Firefox does not log anything I highly doubt that filter will work using Firefox.

[okiehsch]

Does anyone know why ylilauta.org##+js(alert-buster) doesn't work?

What exactly do you see if you add that filter using Firefox? Is it the same alert box that you see without the filter?

[MasterKia]

if Firefox does not log anything I highly doubt that filter will work using Firefox.

ylilauta.org##+js(aeld, load, setTimeout)
ylilauta.org##iframe

Yeah, I still get alert.

[MasterKia]

Is it the same alert box that you see without the filter?

No difference.

First this appears but quickly goes away: https://user-images.githubusercontent.com/17685483/182321475-1150afce-d4cc-4ba5-bec4-89c6572447b5.png

Then this alert: https://user-images.githubusercontent.com/17685483/182321009-f83c55d5-5198-4687-8d06-c463ff1c89a0.png

[okiehsch]

It is not a race condition I checked using chromium and alert-buster works as expected.

[MasterKia]

So this solves it?

ylilauta.org##+js(alert-buster)
ylilauta.org##iframe

[MasterKia]

Maybe something's wrong with Firefox on my machine. @BasicParameter Does the suggested filters work on your Firefox mobile?

ylilauta.org##+js(alert-buster)
ylilauta.org##iframe
ylilauta.org##.toast-root

[okiehsch]

So this solves it?

No, that triggers another warning using chromium.

[okiehsch]

ylilauta.org##+js(alert-buster)
ylilauta.org##iframe
ylilauta.org##.toast-root

works for me.

Maybe something's wrong with Firefox on my machine.

I doubt it if it only happens on one site.

[BasicParameter]

Unfortunately not, leaving out .toast-root shows this and adding .toast-root will give you the browser dialogue popup.

[MasterKia]

Try:

ylilauta.org##+js(aeld, load, setTimeout)
ylilauta.org##+js(alert-buster)
ylilauta.org##iframe
ylilauta.org##.toast-root

[BasicParameter]

Try:

ylilauta.org##+js(aeld, load, setTimeout)
ylilauta.org##+js(alert-buster)
ylilauta.org##iframe
ylilauta.org##.toast-root

Unfortunately the same conclusion, firefox shows the dialogue pop up seen in the OP screenshot. I guess mobile firefox is just too lackluster to allow dealing with this issue.

[MasterKia]

I guess mobile firefox is just too lackluster to allow dealing with this issue.

I'm experiencing the same thing on Firefox desktop.

[MasterKia]

@okiehsch What about :remove() or :style(width: 0px !important;)?

[okiehsch]

The site detects that too.

[JobcenterTycoon]

For the firefox issue see here https://github.com/uBlockOrigin/uBlock-issues/issues/2079#issuecomment-1088678416

On desktop i get no anti adblock

[MasterKia]

For the firefox issue see here

The bug on Firefox bugzilla is 6 years old, so Firefox won't fix this.

Gorhill refused to fix it :

I don't plan to have uBO lower CSP rules set by a site. In my opinion, being able to inject a surrogate is less important than not relaxing existing CSP ruleset.

I wonder how many sites will exploit this to gain protection against scriptlet injection on Firefox.

[JobcenterTycoon]

Not many because it only affect firefox

[MasterKia]

Not many because it only affect firefox

Firefox still has 200M users.

[JobcenterTycoon]

Even on chrome most filters doesn’t work because the site detect tampering and breaks itself (try to click the "Profile" tab on the left side with your filter enabled, it will not work)

[matso167]

In theory one can fix this by modifying Lauta.js and Toast.js source codes referenced by the site. Having researched this issue for a while I cannot find any other way. However this is currently not possible using only uBlock.

[JobcenterTycoon]

@matso167 @okiehsch try ylilauta.org##.toast-root:style(position: absolute !important; clip: rect(0px,0px,0px,0px);)

[matso167]

@matso167 @okiehsch try ylilauta.org##.toast-root:style(position: absolute !important; clip: rect(0px,0px,0px,0px);)

Oh that actually worked!

(At least as long as site admin notices it and makes it not work)

[matso167]

Still one bug. Scrolling page down until the "load more" button, an alert appears:

Caused by https://static.ylilauta.org/js/5.36/Module/FrameLoader.js line 103

Edit:

I don't know if they already changed the site code or what happened, but now I get again this alert box already in initial loading of the page.

[JobcenterTycoon]

Yes they changed

[JobcenterTycoon]

Ok i post this private here

||fcdn.lauta.media^$frame,redirect=noopframe,domain=ylilauta.org
ylilauta.org##.toast-content
ylilauta.org##.toast-root:style(mix-blend-mode: lighten !important;)

[peace2000]

Don't know how private a public web is. The admin is very active on this.

[peace2000]

Also, I would not hide toast unconditionally on the page because it's also used for error messages in general.

[peace2000]

In theory one can fix this by modifying Lauta.js and Toast.js source codes referenced by the site. Having researched this issue for a while I cannot find any other way. However this is currently not possible using only uBlock.

You are probably right. Adguard does that (though with FrameLoader.js):

||static.ylilauta.org/js/*/Module/FrameLoader.js$replace=/this\.#?contentLoadFailed\(\);//
||ylilauta.org^$document,replace=/(<script src="https:\/\/static\.ylilauta\.org\/js\/.+?\/Module\/FrameLoader\.js" )integrity=".*?" (type="module"><\/script>)/\$1\$2/

https://github.com/AdguardTeam/AdguardFilters/blob/1cbe8db62d481d4da464faad8f9b156c606b2b76/EnglishFilter/sections/foreign.txt#L2098

[Bec-de-Xorbin]

Broken.

[MasterKia]

@Bec-de-Xorbin Force update your filterlists and test again:

• How to do this: click "Purge all caches", then click "Update now"

[MasterKia]

https://github.com/uBlockOrigin/uAssets/issues/14204#ref-commit-9d7e3ad

@krystian3w Can you stop referencing issues like this? What's the point?

[krystian3w]

IMO webmaster follow history commits directly but no newbie reporters.

[JobcenterTycoon]

Or webmasters bot which checking for keywords and sending a notification to the admin when the bot find ylilauta or lauta.media inside the commit.

[JobcenterTycoon]

Unfixable now.

[gorhill]

I loaded OP's link and what is there to filter?

[JobcenterTycoon]

@gorhill these ads

Screenshot

But the admin know what he does and using a lot of anti tampering scripts.

The frame getting loaded with: https://static.ylilauta.org/js/54a46c8d0e1983e00a9207ea7c3ca33e/Module/FrameLoader.js

https://static.ylilauta.org/js/54a46c8d0e1983e00a9207ea7c3ca33e/Lauta.js contains most of the anti tampering code.

Blocking the script(s) will result in a breakage (top left the "profile" tab stops working)

[MasterKia]

I wonder if the AdGuard fix still works:

||static.ylilauta.org/js/*/Module/FrameLoader.js$replace=/this\.#?contentLoadFailed\(\);//
||ylilauta.org^$document,replace=/(<script src="https:\/\/static\.ylilauta\.org\/js\/.+?\/Module\/FrameLoader\.js" )integrity=".*?" (type="module"><\/script>)/\$1\$2/

[Daxy7]

Both of them show up errored in user filters. https://user-images.githubusercontent.com/91396482/224969841-3307a1f6-0fe7-44f2-b47f-d58496679043.png

[MasterKia]

$replace is not supported by uBO.

[Daxy7]

I added the user rules in AdGuard AdBlocker for Firefox but I still get popup message https://user-images.githubusercontent.com/91396482/224988780-c3125473-ed0b-4bc0-9dee-5d968992fe1d.png

[MasterKia]

Those rules are outdated.

[Bec-de-Xorbin]

All anti-adblock scripts have been removed so no need for these special rules anymore. Simple ylilauta.org##.a seems to block every ad without breaking anything.

https://ylilauta.org/palaute/128887035#226049477