-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Incorporate "debouncing" lists as part of top-level domain blocking #15090
Comments
Here are the three lists I mentioned on https://github.com/brave/security/issues/316#issuecomment-812278055: |
Hi there. Just out of curiosity, I've seen this extension being recommended, would that incorporate the same features you guys are planning to implement into brave? (Not extremely knowledgeable on the topic just curious.) https://github.com/ClearURLs/Addon |
Thanks for that @Dryader . There are indeed some more usable rules in that extension: https://github.com/ClearURLs/Rules/blob/master/data.json (see |
@antonok-edm found another one: https://github.com/Sainan/Universal-Bypass/blob/master/rules.json |
@brave/legacy_qa the above changes are already live as we enabled debouncing via Griffin. I went through verifications via brave/brave-variations#195 (comment) on Nightly but it's worth going through a quick check to make sure it's working on the release channel. |
Verified
Followed the verification steps from brave/brave-variations#195 (comment).
Launched Brave using
Went through the cases under
Launched Brave using
|
Labelled as |
Removing |
Verified
Followed the verification steps from brave/brave-variations#195 (comment).
Launched Brave using only
Went through the cases under
launched with Verification passed on
Followed the verification steps from brave/brave-variations#195 (comment).
Launched Brave using only
Went through the cases under
launched with Verification PASSED on
Went through the cases under
|
Follow up / related to top level domain blocking: #14134
For some of the bounce tracking cases top level domain blocking is trying to guard against, we can solve them without bothering users by automatically following the bounce to URLs for them. For example, common pattern:
@fmarier and @diracdeltas have found several lists that identify the above cases and allow for them to be automatically skipped.
It would be neat to incorporate these lists into (or along side) the top-level domain blocking feature, so that we could warp users past the well-know trackers, while having domain blocking still in place to protect against the more sophisticated or less well known cases.
The text was updated successfully, but these errors were encountered: