Please remove www.gstatic.com from StevenBlack/hosts, it is needed by legit sites

[whorfin]

Commit 6fb2c3e added "www.gstatic.com" to data/StevenBlack/hosts
This breaks all kinds of things... For example I could no longer log in to bafta.org until I fixed this in a local copy.

[welcome]

Hello! Thank you for opening your first issue in this repo. It’s people like you who make these host files better!

[StevenBlack]

Thank you for this @whorfin.

This is fixed in commit 1e6c9de and will be live in the next release.

[hagezi]

@StevenBlack
The same applies to the encrypted-tbn*.gstatic.com domains, see
#2329

[goproslowyo]

@StevenBlack How are you verifying things that are being added to this "curated" list? I think we've lost the meaning of curated somewhere along the way.

You shouldn't be arbitrarily adding unverified sites to be blocked on your list. gstatic is one obviously huge mistake, but looking at the referenced commit.... how did you determine that freecodecamp.org also needs to be blocked? Because there's nothing inherently malicious about that site but now it's blocked on my network and any network using your list so I'd love to hear your reasoning about how this list gets compiled so I can reason about whether I want to trust both the judgement and curation of this list in my firewall.

Call to action: Please help me understand why I should continue to trust the maintainers of this repository.

[sudarpo]

I am curious on this too. And like you I begin to doubt why I should continue to use this curated list.

His argument in #2515 (comment) is also raising more doubts on me.

Yes, it's unfortunate that some devs package js lib and host it through github --> npm --> cdn.jsdelivr.net, but it is the publisher url that should be blocked, and not the cdn, as seen in the usage code below.

  ucTagData.pubUrl = "%%PATTERN:url%%";