google.com

[cantunborn]

URL(s) where the issue occurs

https://www.google.com

Describe the issue

When tapping on the search results, first a google URL is opened and then page is redirected to main search result URL. The link shown after right-clicking (long press on mobile) is also not the URL of search result. This can also be seen in DOM of webpage where the anchor tag a has ping and oncontextmenu (to prevent copying main URL and to replace it with ping URL) attributes which may be considered tracking, but I'm not sure. It definitely is an annoyance since it brings extra redirection and slows down browsing.

Screenshot(s)

I have put screenshots in another issue on adguard filters page https://github.com/AdguardTeam/AdguardFilters/issues/64616.

Versions

• Browser/version: Firefox Fenix Nightly
• uBlock Origin version: 1.29.2

Settings

Default settings.

Notes

I bypassed this with google.com##+js(ra, ping|oncontextmenu, a), but it may not be accurate.

[uBlock-user]

Click-tracking is not an issue because hyperlink auditing is disabled by default.

[cantunborn]

Yes, I can see in the logger that beacon is blocked but the intermediate page still loads albeit as a blank page. Wouldn't you consider it an annoyance atleast?

[liamengland1]

Google rewrites the links in results on mousedown, proxying the URLs through https://www.google.com/url?.... I fix this using the filter google.*##+js(set, rwt, noopFunc).

[cantunborn]

I am talking mainly about mobile devices, try opening any google search result in responsive mode in dev tools.

[uBlock-user]

but the intermediate page still loads albeit as a blank page. Wouldn't you consider it an annoyance atleast?

google.*##+js(ra, onmousedown, a[href][onmousedown]) works for you ?

[cantunborn]

but the intermediate page still loads albeit as a blank page. Wouldn't you consider it an annoyance atleast?

google.*##+js(ra, onmousedown, a[href][onmousedown]) works for you ?

No, the search results don't have onmousedown attribute on mobile. Take a look at the screenshots I posted on the adguard filters issues page.

[uBlock-user]

@cantunborn try google.*##+js(ra, onmousedown|ping, a[href][onmousedown]\, a[href][ping])

[liamengland1]

Sneaky google

google.ctpacw = {};
google.ctpacw.cm = function(a) {
  a.ping && (a.href = a.ping, a.removeAttribute("ping"))
};

[cantunborn]

Sneaky google

google.ctpacw = {};
google.ctpacw.cm = function(a) {
  a.ping && (a.href = a.ping, a.removeAttribute("ping"))
};

This is what I was talking about 😃.

[cantunborn]

@cantunborn try google.*##+js(ra, onmousedown|ping, a[href][onmousedown]\, a[href][ping])

Yes it works.

[krystian3w]

"\," no need documented on wiki https://github.com/gorhill/uBlock/wiki/Resources-Library#remove-attrjs-?

[gwarser]

@krystian3w third point https://github.com/gorhill/uBlock/wiki/Resources-Library#general-purpose-scriptlets

[cantunborn]

Similar issue in image results, google uses mousedown event listener with JsAction to modify result URL on right-click. Can copy original link using ClearURLs addon's cleaner.

Is it possible to defuse the listener using uBO?

[krystian3w]

Maybe not visible in aell or need kill all of group events +js(aeld, mousedown) so have similar bugs to events created with jQuery.

https://github.com/ClearURLs/Addon/blob/6e3ff2247eb084c7fd2ca88d09749a1ef4ef2d43/core_js/google_link_fix.js

[uBlock-user]

You can try www.google.*##+js(ra, jsaction, a[data-ved][jsaction][rel="noopener"][target="_blank"], stay) on uBO dev-build on Chromium/Chrome or www.google.*##+js(aeld, contextmenu) on Chromium/Chrome.

[cantunborn]

www.google.*##+js(aeld, contextmenu) does not work. I can't install dev-build currently, will check other filter when uBO update releases.

[uBlock-user]

Scriptlets will not work on google image search page on Firefox because of https://bugzilla.mozilla.org/show_bug.cgi?id=1267027

[krystian3w]

Possible with with Scriptlet Doctor or this:

security.csp.enable	false	no longer in Firefox

[kotarou3]

Note that this ends up partially disabling search history (which is technically tracking, but I nevertheless find useful).
Specifically, search history will no longer be able to track which results you clicked on.

I've personally added a filter exception for this filter in my personal list, but leaving a message here in case others come wondering

[stdedos]

It also blocks Timeline manipulation from working

[uBlock-user]

replaced with www.google.*##+js(set, rwt, noopFunc), report if you still experience such breakage.

[stdedos]

Is it live? Should I update my filter list now and try it?

I had also opted to disable the filter in The Logger (#@#), but I don't find such disable in my filters. Do I need to do something about it?

[uBlock-user]

Remove the filters you added to counter the filter and force update uBlock Annoyances list.

[stdedos]

I didn't add a filter manually, and I cannot find any google entry in My filters

[okiehsch]

Update the uBlock Annoyances list to get the new filter.

[krystian3w]

Recommend is waiting 10 minutes after update any list on github - glitch with CDN cache...

[in4u]

This filter is causing breakage where some PDF files in the search results page do not get downloaded/saved.

Tested using Firefox 100.0.2 with its PDF option set to Save File instead of Open in Firefox. Search google for sample pdf, scroll through results and click on the PDF file link from pdf995.com. The file gets saved but is actually empty, i.e. 0 bytes size. If the filter is disabled then things work as expected and the proper file gets saved.

[mapx-]

First I get "potential security risk", then I allow the download => the pdf is correctly downloaded

[in4u]

@mapx- Your security warning hints at this being a problem only for HTTP (not HTTPS) PDF file link results. My FF has HTTPS-Only mode disabled in favour of dom.security.https_first = true (i.e. HTTPS-First mode, which is the FF default for private browsing windows). Can you try again after disabling HTTPS-Only mode in FF settings and searching in private browsing mode instead? Do you still get the proper non-zero byte PDF file saved?

[mapx-]

still can not reproduce your issue, @okiehsch could you test ?

[okiehsch]

I can't, I tried in a private browsing window as well and I can save the file without issue.

[in4u]

Okay guys, can you please try again after removing the Downloads button from the FF toolbar also. I can reliably reproduce the problem even in a brand new profile after this.

In both my existing and new profiles, console shows that file download is blocked by extension. What I can't wrap my head around YET is, why removing this filter solves the problem in my existing profile and not in the new profile?!

[MasterKia]

What do you think about moving this rule from annoyances.txt to privacy.txt: www.google.*##+js(set, rwt, noopFunc)

Click-tracking is not an issue because hyperlink auditing is disabled by default.

But the user is still visiting Google's redirection URL, surely Google can log who has visited that redirection link server-side.

@okiehsch @uBlock-user

[Daxy7]

Is it possible to exclude recaptcha api from this? On some sites api calls over four times Test: https://www.google.com/recaptcha/api2/demo

[stephenhawk8054]

https://www.google.com/recaptcha/api2/demo

Captcha works normally for me on this site. What do you mean?

[Daxy7]

I mean uBO puts js on where link tracking doesn't apply

[stephenhawk8054]

Yes, currently scriptlets can only be applied on domain levels. Does it cause any breakages?

[Daxy7]

No

[Daxy7]

Found occurrence when right clicking an image

https://github.com/uBlockOrigin/uAssets/assets/91396482/a30bc5e8-c8e8-43fe-ae1d-0ab72d6cad33

[gwarser]

Found occurrence when right clicking an image

Occurrence of what?

[Daxy7]

link tracking

[MasterKia]

@ThreeDeeJay https://github.com/uBlockOrigin/uAssets/issues/20833

[mapx-]

the original https://github.com/uBlockOrigin/uAssets/issues/20833 converted in discussion:

https://github.com/uBlockOrigin/uAssets/discussions/20846

[necaran]

Edit: I got the rule to prevent rewriting, but It will stop working again once they change the attribute name.

www.google.*##a[data-sb]:remove-attr(data-sb)

---

The rule stopped working recently. I found a suspicious function called google.arwt.

www.google.*##+js(set, google.arwt, noopFunc)

But this does not help. When I dig further I found this (beautified).

window.document.documentElement.addEventListener("mousedown", function(b) {
var c = b.target;
if (!c) return !0;
c = c.closest("a[data-sb]");
if (!c) return !0;
if (0 !== b.button) {
    a: {
        b = c.getAttribute("data-sb");
        var a = void 0 === a ? l : a;
        if (b instanceof d) a = b;
        else {
            for (var g = 0; g < a.length; ++g) {
                var h = a[g];
                if (h instanceof f && h.i(b)) {
                    a = new d(b, e);
                    break a
                }
            }
            a = void 0
        }
    }
    a instanceof d ? a = a instanceof d && a.constructor === d ? a.g : "type_error:SafeUrl" : a = m.test(a) ? a : void 0;void 0 !== a && (c.href = a);c.removeAttribute("data-sb")
}
else "function" ===
    typeof navigator.sendBeacon ? navigator.sendBeacon(c.getAttribute("data-sb"), "") : google.log("", "", c.getAttribute("data-sb"));
return !0
}, !0);

I tried aeld.js, but somehow it does not always work. Besides, I am not sure if it breaks anything.

www.google.*##+js(aeld, mousedown)

Fortunately, my userscript still works.

new MutationObserver(m=>{
for(let r of m) {
    let _ = r.target.getAttribute("href").match(/[\?&]url=([^&]+)/);
    _ && r.target.setAttribute("href", decodeURIComponent(_[1]));
}
}).observe(document.body, {subtree:true,attributeFilter:["href"]});

[stephenhawk8054]

@gorhill Sorry, can you take a look? I can reproduce the issue where google.com##+js(aeld, mousedown) cannot defuse the above event listener.

---

In the mean time, I think we can use

www.google.*##a[data-sb^="/url?"]:remove-attr(data-sb)

?

[uBlock-user]

Can't repro, www.google.*##+js(set, rwt, noopFunc) still works.

[stephenhawk8054]

I can reproduce in Firefox when right click

---

Maybe sign-in required?

[uBlock-user]

@stephenhawk8054 Need to use -href-cleaner scriptlet for that. The issue is at href=/url?sa=t&source=web&rct=j&opi=89978449&url=https://en.wikipedia.org/wiki/X-Men:_The_Animated_Series&ved=2ahUKEwjWkrSg05OFAxWKk68BHdF0CToQFnoECC0QAQ&usg=AOvVaw1QZ23LbjrlDMGmvRkROWDH attribute

[stephenhawk8054]

That could be another way, before right clicking on that link the element looks like this

<a jsname="UWckNb" href="https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm" data-ved="2ahUKEwijuJvG1ZOFAxWblK8BHSa6DcoQFnoECAYQAQ" data-sb="/url?sa=t&amp;source=web&amp;rct=j&amp;opi=89978449&amp;url=https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm&amp;ved=2ahUKEwijuJvG1ZOFAxWblK8BHSa6DcoQFnoECAYQAQ&amp;usg=AOvVaw1m9pu35nBXRjvT4aqrVBjR"></a>

href is not modified yet, the redirected URL is in data-sb attribute. That's why www.google.*##a[data-sb^="/url?"]:remove-attr(data-sb) works

---

Hmm... Looks like href-sanitizer kicks in too late after user right-clicking on the link.

[uBlock-user]

That's why www.google.*##a[data-sb^="/url?"]:remove-attr(data-sb) works

Indeed, this fixes up. You should add it.