[Anti-adblock] washingtonpost.com

[jspenguin2017]

URL(s) where the issue occurs

https://www.washingtonpost.com/world/europe/eu-takes-6-member-states-to-court-over-air-quality/2018/05/17/8582aea4-59f2-11e8-9889-07bcc1327f4b_story.html?noredirect=on&utm_term=.af82a1f5e561

Describe the issue

Anti-adblock

Screenshot(s)

Versions

• Browser/version: Chrome 68
• uBlock Origin version: 1.16.6

Settings

All default

[jspenguin2017]

Eh... Are you sure that's going to last? But alright, let's call it fixed for now...

[okiehsch]

I am open for long lasting suggestions.

[jspenguin2017]

Do you have good toolkits to deobfuscate it? Mine is falling short these days.

[okiehsch]

No, which is why I added that fix 😉 .

[okiehsch]

What is your main "objection" LaodIrmb or entMNbx or both?

[jspenguin2017]

My toolkit can only get this far...

```js var a = ['type', 'innerHTML', 'getElementsByTagName', 'head', 'createElement', 'push', 'childNodes', 'parentNode', 'insertBefore', 'appendChild', 'is_firefox', 'is_safari', 'is_opera', 'iframe', 'setAttribute', 'style', 'display: none !important;', 'lastElementChild', 'setTimeout', 'display', 'block', 'className', 'getComputedStyle', 'none', 'abp-', 'chrome:', 'abp', 'height', 'replace', 'https://securepubads.g.doubleclick.net', 'http://s0.2mdn.net/instream/video/', 'https://securepubads.g.doubleclick.net/gpt/pubads_impl_108.js', 'iabc', 'washingtonpost.com', '1440', 'false', 'reload', 'reverse', 'cxadb_cb', 'adp', 'pb-f-page-outbrain', ' {height: 300px !important;}', 'is_explorer', 'class', 'jpg', 'src', 'parentElement', 'parentElemen', 'removeChild', 'test', 'substr', 'userAgent', 'opera', 'join', 'MSIE', 'indexOf', 'rv:11.0', 'Edge', 'Safari', 'toLowerCase', 'Opera Mini', 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz', 'floor', 'random', 'charAt', 'length', 'call', 'setTime', 'getTime', 'expires=', 'toUTCString', ';domain=.', ';path=/', 'cookie', 'split', 'substring', 'setItem', 'true', '__aabcd', 'navigator', 'cookieEnabled', 'addEventListener', 'beforeunload', 'removeItem', 'self', 'top']; (function(h, i) { (function(k) { for (; --k;) h.push(h.shift()) })(++i) })(a, 307); var b = function(h) { h -= 0; var j = a[h]; return j }, c = 0, d = 18, e = !1, f = !1; (function(h) { (/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows ce|xda|xiino/i [b('0x0')](h) || /1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i [b('0x0')](h[b('0x1')](0, 4))) && (f = !0) })(navigator[b('0x2')] || navigator.vendor || window[b('0x3')]); (function() { var h = function(ca) { return ca[b('0x4')]('') }, i = ['i', 'f', 'r', 'a', 'm', 'e'], k = ['u', 'n', 'd', 'e', 'f', 'i', 'n', 'e', 'd'], l = -1 < navigator[b('0x2')].indexOf(h(['C', 'h', 'r', 'o', 'm', 'e'])), m = -1 < navigator[b('0x2')].indexOf(b('0x5')); m || (m = -1 < navigator[b('0x2')][b('0x6')](b('0x7'))), m || (m = -1 < navigator[b('0x2')][b('0x6')](b('0x8'))); var n = typeof InstallTrigger !== h(k), o = -1 < navigator.userAgent[b('0x6')](b('0x9')), p = -1 < navigator[b('0x2')][b('0xa')]()[b('0x6')]('op'); l && o && (o = !1), l && p && (l = !1); var q = -1 < navigator[b('0x2')].indexOf(b('0xb')), r = { is_chrome: l, is_explorer: m, is_firefox: n, is_safari: o, is_opera: p, isOperaMini: q, ab: { iu: !1 } }, s = function(ca) { var da = 10; (ca == void 0 || null == ca) && (ca = 4, da = 36); for (var ea = '', fa = b('0xc'), ga = 0; ga < Math[b('0xd')](Math[b('0xe')]() * da) + ca; ga++) ea += fa[b('0xf')](Math[b('0xd')](Math[b('0xe')]() * fa[b('0x10')])); return ea }, t = function(ca) { return ca && {}.toString[b('0x11')](ca) === ['[', 'o', 'b', 'j', 'e', 'c', 't', ' ', 'F', 'u', 'n', 'c', 't', 'i', 'o', 'n', ']'][b('0x4')]('') }, u = function(ca, da, ea, fa) { if (ca && 0 != ca[b('0x10')]) { var ga = new Date; ga[b('0x12')](ga[b('0x13')]() + 1e3 * (60 * fa)); var ha = b('0x14') + ga[b('0x15')](), ia = ca + '=' + da + '; ' + ha + b('0x16') + ea + b('0x17'); document.cookie = ia } }, v = function(ca) { for (var ga, da = ca + '=', ea = document[b('0x18')][b('0x19')](';'), fa = 0; fa < ea[b('0x10')]; fa++) { for (ga = ea[fa]; ' ' == ga[b('0xf')](0);) ga = ga[b('0x1a')](1); if (0 == ga[b('0x6')](da)) try { return ga[b('0x1a')](da.length, ga[b('0x10')]) } catch (ha) { return null } } return '' }, w = function(ca, da) { typeof Storage !== h(k) && localStorage[b('0x1b')](ca, da) }, x = function(ca) { if (ca) { if (!ca[b('0xa')]) return ca; if (ca[b('0xa')]() == b('0x1c') || '1' == ca[b('0xa')]()) return !0 } return !1 }, y = b('0x1d'), z = !1; x('true') && (z = !0); var A = !1; x(b('0x1c')) && (A = window[b('0x1e')][b('0x1f')]), z && (window[b('0x20')](b('0x21'), function() { localStorage[b('0x22')](y) }), localStorage.removeItem(y)); var B = function(ca) { return !isNaN(parseFloat(ca)) && isFinite(ca) }, C = function(ca) { return null == ca || void 0 == ca || 0 >= ca[b('0x10')] ? '' : ca[Math[b('0xd')](Math[b('0xe')]() * ca[b('0x10')])] }, E = function(ca) { var ea = H(['s', 't', 'y', 'l', 'e'][b('0x4')]('')); return ea[b('0x25')] = ['t', 'e', 'x', 't', '/', 'c', 's', 's'][b('0x4')](''), ea[b('0x26')] = ca, I(document[b('0x27')](b('0x28'))[0], ea), ea }, G = [], H = function(ca) { var da = document[b('0x29')](ca); return G[b('0x2a')](da), da }, I = function(ca, da) { if (ca && da) if (ca[b('0x2b')] && 0 < ca[b('0x2b')][b('0x10')]) { var ea = ca[b('0x2b')][Math.floor(Math[b('0xe')]() * (ca.childNodes[b('0x10')] - 1) + 1 - 1)]; ea[b('0x2c')][b('0x2d')](da, ea) } else ca[b('0x2e')](da) }, J = function(ca, da) { var ea = null; try { if (ea = setTimeout, r[b('0x2f')]); else if (!r[b('0x30')] && !r.is_chrome && !r[b('0x31')]) setTimeout.arguments; else if (r[b('0x30')]) { var ga = H(b('0x32')); ga[b('0x33')](b('0x34'), b('0x35')), document[b('0x36')][b('0x36')] ? document.lastElementChild.lastElementChild[b('0x2e')](ga) : document.lastElementChild[b('0x2e')](ga), ea = ga.contentWindow[b('0x37')] } return ea(ca, da) } catch (ha) { e = !0 } return null }, K = function(ca, da) { if (resulte = !1, c++, null != ca && void 0 != ca) if (!1 != da && null == ca[b('0x2c')]) resulte = !0; else { var ea = ca[b('0x2c')][b('0x34')][b('0x38')]; if (n && (ca[b('0x2c')][b('0x34')][b('0x38')] = b('0x39')), void 0 == ca.className || '' == ca[b('0x3a')]) resulte = !0; else if (1 < c && void 0 != ca[b('0x34')] && ca[b('0x34')][b('0x38')] == V.s.n) resulte = !0; else if (void 0 != ca[b('0x34')] && '' != ca.style.orphans && 1e3 < parseFloat(ca[b('0x34')].orphans)) resulte = !0; else if (void 0 != window[b('0x3b')] && null != window[b('0x3b')]) { var fa = window.getComputedStyle(ca, null), ga = fa[V.s.o]; void 0 != ga && '' != ga && 4321 != parseFloat(ga) && 1e3 < parseFloat(ga) && (resulte = !0), r[b('0x31')] && fa.display == b('0x3c') ? resulte = !0 : fa[b('0x38')] == b('0x3c') && (resulte = !0); var ha = fa[V.s.mb]; if (1 < ca.className[b('0x19')](' ')[b('0x10')] && void 0 != ha && (-1 < ha[b('0x6')](V.s.h) || -1 < ha.indexOf(b('0x3d'))) || n && (-1 < ha[b('0x6')](b('0x3e')) || f && -1 < ha[b('0x6')](b('0x3f')))) resulte = !0; else if (n && 3 < c) { var ia = parseInt(window[b('0x3b')](ca.parentNode, null)[b('0x40')][b('0x41')]('px', '')); 155 > ia && (resulte = !0) } '0px' == window[b('0x3b')](ca[b('0x2c')], null)[b('0x40')] && (resulte = !0) } n && (ca[b('0x2c')][b('0x34')][b('0x38')] = ea) } return resulte }, L = null, M = !1, N = [], O = null, Q = ['n', 'o', 'n', 'e'], U = ['/', '/', 'a', 'd', '.', 'd', 'o', 'u', 'b', 'l', 'e', 'c', 'l', 'i', 'c', 'k', '.', 'n', 'e', 't', '/', 'f', 'a', 'v', 'i', 'c', 'o', 'n', '.', 'i', 'c', 'o', '?', 'a', 'd', '=', '3', '0', '0', 'x', '2', '5', '0', '&', 'a', 'd', '_', 'b', 'o', 'x', '_', '=', '1', '&', 'a', 'd', 'n', 'e', 't', '=', '1', '&', 's', 'h', 'o', 'w', 'a', 'd', '=', '1', '&', 's', 'i', 'z', 'e', '=', '2', '5', '0', 'x', '2', '5', '0'].join(''), V = { adp: { pe: [h(['d', 'i', 'v'])], ph: [h(Q)], c: ['AdCommercial', 'AdHeader'], ce: [h(i)], ae: [h(i)], l: [b('0x42'), 'https://tpc.googlesyndication.com/simgad/', b('0x43')], lf: [b('0x44')], ic: [U] }, s: { n: [h(Q)], o: [h(['o', 'r', 'p', 'h', 'a', 'n', 's'])], mb: [h(['M', 'o', 'z', 'B', 'i', 'n', 'd', 'i', 'n', 'g'])], h: [h(['h', 'i', 'd', 'e'])] } }, W = function(ca) { var da = function() { A && u(b('0x45'), '', b('0x46'), 0), A && u(b('0x45'), '', 'washingtonpost.com', 0) }; if (!ca) z && w(y, b('0x48')), da(), A && u(b('0x45'), b('0x48'), b('0x46'), parseInt(b('0x47'))); else if (z && w(y, b('0x1c')), A) { var ea = !1; 'true' != v(b('0x45')) && (ea = !0), da(), u(b('0x45'), b('0x1c'), b('0x46'), parseInt(b('0x47'))), x(b('0x48')) && ea && location[b('0x49')](!0) } var fa = function(oa) { return oa[b('0x4')]('') }, ga = fa(['d', 'a'][b('0x4a')]()), ha = fa(['o', 'c']), ia = fa(['b', 'l', ha, 'k']), ja = fa(['n', 'u', 'r'].reverse()), ka = fa([ga, ia, ja]), la = {}; la[ka] = ca; var ma = b('0x4b'); if (ma && ma[b('0x10')] && 0 < ma[b('0x10')]) try { var na = function() { t(window[ma]) && window[ma](la) }; J(na, 10) } catch (oa) {} }; if (null == L) { var X = H(C(V[b('0x4c')].pe)); X[b('0x34')][b('0x38')] = C(V[b('0x4c')].ph), L = H(C(V.adp.ce)); var Y = [b('0x4d')]; '' != Y && (Y = ' ' + Y[b('0x4')](' ')); var Z = C(V[b('0x4c')].c) + Y; O = E('.' + Z + b('0x4e')), L[b('0x3a')] = Z, X[b('0x2e')](L), J(function() { try { var ca = H('html'), da = H(b('0x28')); ca[b('0x2e')](da); var ea = H('body'); ca[b('0x2e')](ea) } catch (fa) {} }, 250), document[b('0x28')].appendChild(X) } var $ = function() { if (!f && V[b('0x4c')].l && 0 < V[b('0x4c')].l[b('0x10')] && !r[b('0x4f')]) { var ca, da, ea, fa, ga; for (var ca in V[b('0x4c')].lf) if (B(ca)) { var da = H(i[b('0x4')]('')); da[b('0x33')](b('0x50'), s()); var ea = V.adp.lf[ca]; da[b('0x33')](b('0x52'), ea), X.appendChild(da), N.push(da) } } }, _ = function() { try { for (var ca in N) if (B(ca) && K(N[ca])) return !0 } catch (da) {} return !1 }, ba = function() { if (0 < d) { if (3 == d && $(), 14 == d) { var ca = H(['i', 'm', 'g'][b('0x4')]('')); ca.src = C(V[b('0x4c')].ic), ca.addEventListener(['e', 'r', 'r', 'o', 'r'][b('0x4')](''), function() { M = !0 }), L[b('0x53')][b('0x2e')](ca) } if (M || e || K(L) || 1 == d && _()) return void W(!0); d--, J(ba, 250) } else W(!1) }; ba() })() ```

Seems that navigator and _0x are good candidates.

[jspenguin2017]

The code feels like https://github.com/javascript-obfuscator/javascript-obfuscator , I'm making a deobfuscator specifically targeted at it, but so far no luck, it's pretty difficult to fingerprint their template functions.

[okiehsch]

How about washingtonpost.com##script:inject(abort-current-inline-script.js, InstallTrigger, _0x) ?

[jspenguin2017]

Yea, that looks better.

[okiehsch]

I agree :).

[jspenguin2017]

Doesn't quite work anymore, new rule: ||washingtonpost.com/wp-stat/pwapi/prod/*

[okiehsch]

@jspenguin2017 that is no anti-adblock message, it is their "paywall", I get it every few articles even if I disable uBlock.

[mapx-]

@okiehsch I get exactly the first anti adb message in this thread

[okiehsch]

I do not get that message, I tried with Chrome and Firefox, the only way to reproduce is to disable the filter washingtonpost.com##script:inject(abort-current-inline-script.js, InstallTrigger, _0x)

The filter jspenguin proposed disables the "paywall" part, so I guess that is what he meant when he said "Doesn't quite work anymore".

[okiehsch]

@mapx- washingtonpost.com##.adblocker-root fixes the adb-message on your end, do you get the "paywall" message of my screenshot if you click a number of different articles?

[Hrxn]

Best solution: Just ignore washingtonpost.com completely, nothing of value is lost.

Sorry, I could not resist, please don't hate me.

[mapx-]

After few articles I get an overlay instead, if I hide it I see "subscribe to read the full article"

[mapx-]

The question is ..should we block the paywall ?

[jspenguin2017]

Really? When I tested it, the "paywall" goes away if I disable my adblocker -- so it is not a paywall.

[okiehsch]

It always goes away, even if you do not disable your adblocker, for a few articles then it comes back. You can see in my screenshot that uBO is disabled.

[gorhill]

Is there a point to even ponder whether we should remove that overlay? On my side when I remove it I am left with a not very useful page: article is truncated and there is a "Subscribe to read the full article".

[okiehsch]

If I add washingtonpost.com##script:inject(abort-on-property-read.js, WpPwapi1) I never get that overlay and can read every article without any "Subscribe to read the full article" message.

[jspenguin2017]

Well, either remove the "paywall" entirely or unbreak it entirely, removing just half of it is confusing.

[okiehsch]

We are not removing half of it, it is broken because of EasyPrivacy, so adding

@@||washingtonpost.com/wp-stat/analytics/*.js$script,domain=subscribe.washingtonpost.com

to uBO-unbreak and

washingtonpost.com##script:inject(abort-on-property-read.js, WpPwapi1)

to uBO-annoyances if we decide to circumvent it.

[okiehsch]

In my opinion it is a badly implemented "quasi" paywall, there is no difference if you use an adblocker or not on my end, so it should not be fixed in a default list, if at all.

[jspenguin2017]

It's your call, I'm OK with either way, just make sure it's not confusing.

[okiehsch]

either remove the "paywall" entirely or unbreak it entirely, removing just half of it is confusing.

has been fixed with https://github.com/uBlockOrigin/uAssets/commit/7ff90332738717c3bd816fa8f9c6479a2681b6bb and for the rest, that's gorhills decision.

[gorhill]

A paywall-circumvention list is not part of uBO's stock lists, that would be the only place to put a filter which primary purpose is to cirumvent a paywall. Also, I think it's best to not have such list in uBO's stock lists.

[gorhill]

Reportedly there is an issue with washingtonpost.com:

https://bugzilla.mozilla.org/show_bug.cgi?id=1466730

I can't reproduce on my side (using a US VPN), using default lists.

[okiehsch]

The issue https://bugzilla.mozilla.org/show_bug.cgi?id=1466730 is OS related.

Some script:inject filters do not work with MacOS, see https://github.com/uBlockOrigin/uAssets/issues/682 and https://github.com/NanoAdblocker/NanoFilters/issues/45#issuecomment-391129192 for example.

I can reproduce the bugzilla issue, if I add

washingtonpost.com#@#script:inject(abort-current-inline-script.js, InstallTrigger, _0x)

To get the antiadblock message I also have to add washingtonpost.com#@#.adblocker-root Example link:

https://www.washingtonpost.com/news/worldviews/wp/2018/06/03/the-united-nations-says-trump-is-making-life-harder-for-the-poor/

[ghajini]

Whats the latest filter to circumvent paywall(to be used as custom filter ) ? like this

[mapx-]

try https://www.reddit.com/r/uBlockOrigin/comments/e3qd06/washington_post_at_it_again_changed_their_nagwall/f9pfdev/

[liamengland1]

low-tech solution, clear cookies or stop the page from loading as soon as you click on the link. That's what I do on my phone often.

[uBlock-user]

clear cookies or stop the page from loading as soon as you click on the link.

Technically, you will have to do that after browsing every 3-4 links and that will turn into quite an annoyance if you're an active reader, that's why I didn't suggest that before.

[liamengland1]

You can also block cookies but that will break videos and I'm sure it will break other stuff.

[Dyras]

There's an addon for this called "Bypass Paywalls Clean" Might be worth checking out, since it seems unlikely for uBlock to add this.

[uBlock-user]

For this case, ||washingtonpost.com/*/pwapi-proxy.min.js$script,1p still works. but won't be added to built-in lists as we don't fix paywalls.