Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make Adguard block ad servers even if HTTPS filtering is turned off #1233

Closed
ameshkov opened this issue Aug 15, 2016 · 6 comments
Closed

Make Adguard block ad servers even if HTTPS filtering is turned off #1233

ameshkov opened this issue Aug 15, 2016 · 6 comments
Assignees
Milestone

Comments

@ameshkov
Copy link
Member

ameshkov commented Aug 15, 2016

Source:
#1228

We should do it for both proxy mode and standard filtering mode. Just examine the SNI extension.

@ameshkov
Copy link
Member Author

ameshkov commented Sep 5, 2016

@confessor-adguard

When HTTPS filtering is turned OFF you should check request during the "outgoing handshake" stage. Create a FilteringContext object with a request URL like "https://" + hostName + "/" and check it against AG filters.

@ameshkov
Copy link
Member Author

ameshkov commented Oct 6, 2016

Sure, but the quality will depend on the filter lists.

I suppose that in case of disabled HTTPS filtering it'd be better to import the same filter AG DNS uses: https://github.com/AdguardTeam/AdguardDNS/blob/master/Filters/filter.txt

@Bohdan-SUP
Copy link

@ameshkov could you please check the request above?

@ameshkov
Copy link
Member Author

ameshkov commented Oct 17, 2016

@The-Commissioner

The rule blocking google analytics looks like:
||google-analytics.com^$third-party which means "block third party requests".

The problem with limited https filtering is that we know nothing except request domain name. So we don't know if request is third party or not, therefore it is not blocked.

That's why I said that it'd be better to import AG DNS filter. $third-party modifiers are stripped from rules in that filter.

@ameshkov
Copy link
Member Author

I have subscribed to Spyware and EasyPrivacy filter lists both of which contain the filter rule
||google-analytics.com/analytics.js

This rule targets specific file, not the whole domain.

Here is the rule to block the whole domain:
||google-analytics.com^

@ameshkov
Copy link
Member Author

@The-Commissioner in case of the rule ||google-analytics.com/analytics.js the file path is /analytics.js.

The problem is that when https filtering is not enabled, there is no way we can find out which file is requested. The only thing we see is the domain name (google-analytics.com).

https://github.com/AdguardTeam/AdguardDNS/blob/master/Filters/filter.txt

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants