Skip to content

Resources Library

gwarser edited this page Feb 9, 2020 · 57 revisions

General purpose scriptlets

  • most script relies on Object properties (methods), altering them may not be the best idea (you should know what you are doing).
  • "optional" for "string/regular expression" parameter defaults to "catch all" (/.?/) if not specified.
  • "string" parameter means plain character(s)/word(s), quotes will be taken literally, commas must be escaped in regex literals: /foo\x2cbar\u002cbaz/, after 1.21.7b8 commas can be escaped by backslash character (foo\,bar)
  • "regular expression" parameter means JavaScript regular expression literal
  • mime type is application/javascript if not present
  • You can use the short alias form when available for scriptlet name
  • You can omit the .js from the scriptlet name (eventually in some future this will be the official way to do this)
    • Do not skip .js when the scriptlet is used with redirect=, only when used in +js(...).
  • crossed out resources are deprecated/removed.

acis.js /

abort-current-inline-script.js

Aborts execution of inline script (throws ReferenceError) when attempts to access specified property when content of <script> element matches specified text or regular expression.

Parameters:

  • required, property (chain of properties joined by .) attached to window object accessed inside <script> tag we want to break
  • optional, string/regular expression matching in <script> element content

aopr.js /

abort-on-property-read.js

Aborts execution of script (throws ReferenceError) when attempts to read specified property. Writes are ignored.

Parameters:

  • required, property (chain of properties joined by .) attached to window object

aopw.js /

abort-on-property-write.js

Aborts execution of script (throws ReferenceError) when attempts to write specified property.

Parameters:

  • required, property (chain of properties joined by .) attached to window object that will be overwritten

aeld.js /

addEventListener-defuser.js

Prevents attaching event listeners.

Parameters:

  • optional, string/regular expression, name of event listener
  • optional, string/regular expression matching in stringified handler function

aell.js /

addEventListener-logger.js

Logs to the console event listeners created on page.


cookie-remover.js

Removes current page cookies specified by name. For current domain, wildcard (dot) subdomain(s), current and / path, script accessible (HttpOnly=false), on load and before unload.

Caveats: cookies set for higher level domain will not be removed. For example, if current page domain is www.example.com, cookies set for example.com will not be removed.

Parameters:

  • optional, string/regular expression, matching in the name of the cookie

csp.js

Removed. Deprecated by $csp network filter option.
Applies content security policy by inserting <meta http-equiv=Content-Security-Policy content="*directive*"> tag to html <head> element. Read more at https://www.w3.org/TR/CSP2/#delivery-html-meta-element
Content Security Policy Quick Reference Guide

Parameters:

  • required, valid Content Security Policy directive

disable-newtab-links.js

Prevents creating new tabs/windows by deactivating links with target attribute.

Parameters:

  • none

json-prune.js

New in 1.23.0

Intercepts calls to JSON.parse, and if the result of the parsing is an Object, it will remove specified properties from the result before returning to the caller.

Parameters:

  • optional, string, a list of space-separated properties to remove
  • optional, string, a list of space-separated properties which must be all present for the pruning to occur

A property in a list of properties can be a chain of properties, example: adpath.url.first.

When used without parameters, will log current hostname + json payload to the console.


noeval.js

Prevent web pages from using eval(), and report attempts to console.


noeval-silent.js /

silent-noeval.js

Prevent web pages from using eval().


noeval-if.js

Prevent web pages from using eval() on specific matching payloads.

Parameters:

  • optional, string/regular expression, matching in payload string.

nosiif.js /

no-setInterval-if.js

New in 1.22.3b

Defuses calls to setInterval() function when parameters:

  • are not prefixed with ! and match the setInterval() argument; OR
  • are prefixed with ! and do not match the setInterval() argument.

Parameters:

  • optional, string/regular expression, matching in stringified callback function
  • optional, decimal integer, matching interval

Use with /^/ parameter to defuse all calls unconditionally.

When used without parameters, will log calls to setInterval() to the console.


nostif.js /

no-setTimeout-if.js

New in 1.22.3b

Defuses calls to setTimeout() function when parameters:

  • are not prefixed with ! and match the setTimeout() argument; OR
  • are prefixed with ! and do not match the setTimeout() argument.

Parameters:

  • optional, string/regular expression, matching in stringified callback function
  • optional, decimal integer, matching delay

Use with /^/ parameter to defuse all calls unconditionally.

When used without parameters, will log calls to setTimeout() to the console.

Test page: https://gorhill.github.io/uBlock/tests/scriptlet-injection-filters-1.html


nowebrtc.js

Disables WebRTC by preventing web pages from using RTCPeerConnection(). Report attempts in console.


ra.js /

remove-attr.js

Removes attribute(s) from DOM tree node(s). Will run only once after page load.

Parameters:

  • required, attribute or list of attributes joined by |
  • optional, CSS selector, specifies nodes from which attributes will be removed

raf-if.js /

requestAnimationFrame-if.js

New in 1.22.0, requestAnimationFrame-if.js alias available in 1.22.1b2

Defuses calls to requestAnimationFrame() function when parameter:

  • is not prefixed with ! and does not match the stringified callback argument to requestAnimationFrame(); OR
  • is prefixed with ! and matches the stringified callback argument to requestAnimationFrame().

Parameters:

  • optional, string/regular expression, matching in the stringified callback argument passed to requestAnimationFrame.

Use with ! parameter to defuse all calls unconditionally.

When used without parameters, will log calls to requestAnimationFrame() to the console.


set.js /

set-constant.js

Creates property and initializes it to predefined value from set of available properties.

Scriptlet will succeed only when:

  • original property is undefined (scriptlet is called early enough) or null1.24.3b9 OR
  • new property written by set.js is undefined or null1.24.3b9 OR
  • type of original property is equal to type of new property

Additionally, original property (if exist) must not have getter.

Value set by scriptlet can be overwritten by page script when:

  • current property was not set to undefined or null1.24.3b9 AND
  • new property is not undefined or null1.24.3b9 AND
  • type of original property is different than type of new property

Parameters:

  • required, property (chain of properties joined by .) attached to window object
  • required, possible values:
    • positive decimal integer, no sign, with maximum value of 0x7FFF (32767)
    • one value from set of predefined constants:
      • undefined
      • false
      • true
      • null2018-11-24
      • noopFunc - function with empty body
      • trueFunc - function returning true
      • falseFunc - function returning false
      • '' - empty string2019-01-06

sid.js /

setInterval-defuser.js

Deprecated by no-setInterval-if.js

Defuses calls to setInterval() function for specified matching callbacks and intervals by setting callback function to noop.

Parameters:

  • optional, string/regular expression, matching in stringified callback function
  • optional, decimal integer, matching interval

sil.js /

setInterval-logger.js

Deprecated by no-setInterval-if.js

Removed in 1.22.0.

Logs to the console calls to setInterval() function.


std.js /

setTimeout-defuser.js

Deprecated by no-setTimeout-if.js

Defuses calls to setTimeout() function for specified matching callbacks and delays by setting callback function to noop.

Parameters:

  • optional, string/regular expression, matching in stringified callback function
  • optional, decimal integer, matching delay

stl.js /

setTimeout-logger.js

Deprecated by no-setTimeout-if.js

Removed in 1.22.0.

Logs to the console calls to setTimeout() function.


nano-sib.js /

nano-setInterval-booster.js

Adjusts interval for specified setInterval() callbacks.

Parameters:

  • optional, string/regular expression, matching in stringified callback function
  • optional - defaults to 1000, decimal integer, matching interval
  • optional - default to 0.05 (20x faster), float, capped at 50 times for up and down, interval multiplier

nano-stb.js /

nano-setTimeout-booster.js

Adjusts delay for specified setTimeout() callbacks.

Parameters:

  • optional, string/regular expression, matching in stringified callback function
  • optional - defaults to 1000, decimal integer, matching delay
  • optional - default to 0.05 (20x faster), float, capped at 50 times for up and down, delay multiplier

sharedWorker-defuser.js

Removed. Deprecated by $csp filter option.
Defuses sharedWorker by passing empty worker file (Blob URL) for specified worker URLs

Parameters:

  • optional, string/regular expression, matching in worker URL

webrtc-if.js

Allows opening RTC connections to matching RTCIceServer only.

Parameters:

  • required, string/regular expression, matching in RTCIceServer urls, username or credential.

window.open-defuser.js

Prevent opening new windows by window.open() when URL positively or negatively matches to specific string.

Parameters:

  • optional - defaults to "matching", any positive number for "matching", 0 or any string for "not matching",
  • optional, string/regular expression, matching/not matching in URL parameter passed to window.open()

window.name-defuser

Clears window.name property which can be misused for tracking purposes.

Parameters:

  • none

overlay-buster.js

Experimental, gets rid of overlay dialogs, works for ~30s after page load. Preferred way to handle overlays is to use standard cosmetic filters and optionally style injection.


alert-buster.js

Disables alert() dialog boxes by redirecting messages to console.


Defuser scriptlets

ampproject_v0.js /

ampproject.org/v0.js

Removes animation (artificial 8s delay) added to desktop pages supporting AMP, when ampproject.org scripts are blocked.

fingerprint2.js

Defuses Fingerprintjs2. Sanitize Fingerprint2 object.

pornhub-popup-defuser.js

Removed. Sets specific localStorage items (InfNumFastPops, InfNumFastPopsExpire)

forbes-defuser.js

Removed. Fix '/forbes/welcome/' page redirection. Redirects to URL from toURL cookie

nobab.js /

bab-defuser.js

Defuses BlockAdblock. Prevents executing of eval() on sets of predefined payloads.

phenv-defuser.js

Removed. Defuses "g0yav3-lab" Anti Adblock. TODO Deprecated, sets static properties (PHENV)

sas-defuser.js

Removed. Deprecated, Convenience, sets static properties (Ads.display, Ads.refresh) TODO: Convenience means "patches more than one property", I keep this here, not in "Other", just in case.

nofab.js /

fuckadblock.js-3.2.0

Convenience, Sanitize FuckAdBlock, BlockAdBlock, SniffAdBlock, fuckAdBlock, blockAdBlock, sniffAdBlock properties. Often used as redirect in network filters. TODO: copy to redirect?

lemonde-defuser.js

Removed. Sets specific localStorage item (lmd_me_displayed)

popads-dummy.js

Convenience, sets static properties (PopAds, popns)

popads.js /

popads.net.js

Convenience, abort-on-property-write.js (PopAds, popns), throws "magic"

rtlfr-defuser.js

Removed. Deprecated by :style() cosmetic filter. Applies overflow: auto style to document body element after window load event.

uabinject-defuser.js

Removed. Defuses Addefend, convenience, sets static properties (trckd, uabpdl, uabInject, uabDetect)

impspcabe-defuser.js

Removed. Deprecated, Convenience, sets static properties (_impspcabe, _impspcabe_alpha, _impspcabe_beta, _impspcabe_path) TODO: not used, static properties, cannot be set to about:blank by sciptlets is this really needed, used on 4 domains

gpt-defuser.js

Deprecated, Convenience, sets static properties (_resetGPT, resetGPT, resetAndLoadGPTRecovery, _resetAndLoadGPTRecovery, setupGPT, setupGPTuo)

palacesquare.rambler.ru-defuser.js

Removed. Aborts creation of Promise when executor content matches 'getRandomSelector' (throws Error) TODO: Freezes Promise properties?

adfly-defuser.js

Defuses anti adblock on adfly shortened links.

damoh-defuser.js

Fix for disappearing videos on chip.de


Empty redirect resources

These are smallest/shortest/fastest to execute files. Can be used in network filters as a parameter to $redirect option along with specific matching $type option. They purpose is to mislead page to think that real files have been served.

Supported types

TODO: filter types, mime types, this needs clarification TODO: how filter type relates to mime type, needs more source digging font, image, media, object, script, stylesheet, subdocument, xmlhttprequest

Available resources

  • Images
    • 1x1-transparent.gif 1x1.gif image/gif;base64 $image
    • 2x2-transparent.png 2x2.png image/png;base64 $image
    • 3x2-transparent.png 3x2.png image/png;base64 $image
    • 32x32-transparent.png 32x32.png image/png;base64 $image
  • Source code
    • noopcss Removed. text/css $stylesheet
    • noopframe noop.html text/html $subdocument
    • noopjs noop.js application/javascript $script
    • nooptext noop.txt text/plain $xmlhttprequest
  • Media files
    • noopmp3-0.1s noop-0.1s.mp3 audio/mp3;base64 $media
    • noopmp4-1s noop-1s.mp4 video/mp4;base64 $media

Example rule:

||ad.server.com/$script,redirect=noop.js,domain=www.google.com

TODO: object and font resources are missing? Find discussion about adding them on demand.


URL-specific sanitized redirect resources (surrogates)

addthis_widget.js /

addthis.com/addthis_widget.js

amazon_ads.js /

amazon-adsystem.com/aax2/amzn_ads.js

monkeybroker.js /

d3pkae9owd2lcf.cloudfront.net/mb105.js

doubleclick_instream_ad_status.js /

doubleclick.net/instream/ad_status.js

google-analytics_ga.js /

google-analytics.com/ga.js

google-analytics_analytics.js /

google-analytics.com/analytics.js

google-analytics_inpage_linkid.js /

google-analytics.com/inpage_linkid.js

google-analytics_cx_api.js /

google-analytics.com/cx/api.js

googletagservices_gpt.js /

googletagservices.com/gpt.js

googletagmanager_gtm.js /

googletagmanager.com/gtm.js

googlesyndication_adsbygoogle.js /

googlesyndication.com/adsbygoogle.js

scorecardresearch_beacon.js /

scorecardresearch.com/beacon.js

outbrain-widget.js /

widgets.outbrain.com/outbrain.js

hd-main.js

xvideos.com.js

disqus_forums_embed.js AND disqus_embed.js /

disqus.com/forums/*/embed.js AND disqus.com/embed.js

Along with Disqus click-to-load filter list, allows to have Click-to-unblock experience for Discus comments widgets.

twitch-videoad.js

Twitch stream embedded ads bypasser


Other

Deprecated by general purpose scriptlets / outdated (please move to proper section if still used).

antiAdBlock.js

Removed. Sanitize antiAdBlock.onDetected, antiAdBlock.onNotDetected

pornhub-sanitizer.js

Removed. Removes ad frames on Pornhub (block_logic)

nr-unwrapper.js

Removed. Fix memory leaks on spotify, newrelic. https://github.com/uBlockOrigin/uAssets/issues/36


golem.de.js

Deprecated, addEventListener-defuser

uAssets-17

Removed. Deprecated, setTimeout-defuser

last.fm.js

Removed. Deprecated, setTimeout-defuser

ytad-defuser.js

Removed. Deprecated, setTimeout-defuser, fix for YouTube "An error occured"


bcplayer-defuser.js

Removed. Deprecated, sets static properties (bcPlayer.ads)

wpredirect-defuser.js

Removed. Deprecated, sets static properties (TWP.Identity.initComplete)

kissanime-defuser.js

Removed. Deprecated, sets static properties (DoDetect1, DoDetect2, isBlockAds2)

__$dc-defuser.js

Removed. Deprecated, sets static properties (Math.mt_random), throws TypeError

upmanager-defuser.js

Deprecated, sets static properties (upManager)

r3z-defuser.js

Removed. Deprecated, sets static properties (_r3z.jq, _r3z.pub)

folha-de-sp.js

Removed. Deprecated, sets static properties (folha_ads)

chartbeat.js /

static.chartbeat.com/chartbeat.js

Deprecated, sets static properties (pSUPERFLY.activity, pSUPERFLY.virtualPage)

entrepreneur.com.js

Removed. Deprecated, sets static properties (analyticsEvent)

ligatus_angular-tag.js /

ligatus.com/*/angular-tag.js

Deprecated, sets static properties (adProtect, uabpdl, uabDetect)

openload.co.js

Removed. Deprecated, sets static properties (adblock2, OlPopup, preserve, turnoff)

imore-sanitizer.js

Removed. Deprecated, sets static properties (mbn_zones)

smartadserver.com.js

Removed. Deprecated, sets static properties (SmartAdObject, SmartAdServerAjax, smartAd.LoadAds, smartAd.Register)

lesechos.fr.js

Removed. Deprecated, sets static properties (checkAdBlock)

criteo.net.js

Removed. Deprecated, sets static properties (Criteo.criteo)

goyavelab-defuser.js

Removed. Deprecated, sets static properties (_$14)

figaro-defuser.js

Removed. Deprecated, sets static properties (adisplaynormal)


Glossary

Clone this wiki locally
You can’t perform that action at this time.