Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

!#if-!#else-!#endif issue with unknown preprocessing tokens #3393

Closed
10 of 11 tasks
nicolas-yangli opened this issue Sep 30, 2024 · 3 comments
Closed
10 of 11 tasks

!#if-!#else-!#endif issue with unknown preprocessing tokens #3393

nicolas-yangli opened this issue Sep 30, 2024 · 3 comments
Labels
bug Something isn't working fixed issue has been addressed

Comments

@nicolas-yangli
Copy link

Prerequisites

  • This is NOT a YouTube, Facebook, Twitch or a shortener/hosting site report. These sites MUST be reported by clicking their respective links.
  • I read and understand the policy about what is a valid filter issue.
  • I verified that this issue is not a duplicate. (Search here to find out.)
  • I did not remove any of the default filter lists, or I have verified that the issue was not caused by removing any of the default lists.
  • I did not enable additional filter lists, or I have verified that the issue still occurs without enabling additional filter lists.
  • I do not have custom filters/rules, or I have verified that the issue still occurs without custom filters/rules.
  • I am not using uBlock Origin along with other content blockers.
  • I have verified that the web browser's built-in content blocker/tracking protection, network wide/DNS blocking, or my VPN is not causing the issue.
  • I have verified that other extensions are not causing the issue.
  • If this is about a breakage or detection, I have verified that it is caused by uBlock Origin and isn't a site issue.
  • I did not answer truthfully to ALL the above checkboxes.

URL(s) where the issue occurs.

https://mikewang000000.github.io/ClashScan/

Description

The provided URL is a demo to fingerprint by scaning open ports on 127.0.0.1. When using a SOCKS5 proxy and also proxy DNS queries, the filter is not able to block access to 127.0.0.1.

I think this is related to this part in the filter list:

!#if cap_ipaddress
! https://github.com/uBlockOrigin/uBlock-issues/issues/1070#issuecomment-707237653
! https://github.com/uBlockOrigin/uBlock-discussions/discussions/910
*$3p,strict3p,ipaddress=lan,domain=~localhost|~127.0.0.1|~[::1]|~0.0.0.0|~[::]|~local
!#else

I tried copying /^\w+:\/\/127\.(?:(?:[1-9]?\d|1\d\d|2(?:[0-4]\d|5[0-5]))\.){2}(?:[1-9]?\d|1\d\d|2(?:[0-4]\d|5[0-5]))[:/]/$3p,domain=~localhost|~127.0.0.1|~[::1]|~0.0.0.0|~[::]|~local to custom filter list, without guarded by #if cap_ipaddress, it blocks access to 127.0.0.1.

Other extensions used

  • Violentmonkey
  • Stylus

Screenshot(s)

Screenshot(s)

图片

Configuration

Details
uBlock Origin: 1.59.0
Firefox: 130
filterset (summary):
 network: 167781
 cosmetic: 72141
 scriptlet: 21520
 html: 1999
listset (total-discarded, last-updated):
 added:
  adguard-spyware-url: 1720-126, 1d.22h.9m
  block-lan: 62-0, 31m
  JPN-1: 15175-84, 3d.15h.53m
 default:
  user-filters: 9-0, never
  ublock-filters: 40547-138, 1h.17m Δ
  ublock-badware: 11173-6, 1h.17m Δ
  ublock-privacy: 1254-22, 1h.17m Δ
  ublock-unbreak: 2538-1, 1h.17m Δ
  ublock-quick-fixes: 139-8, 1h.17m Δ
  easylist: 85567-184, 1h.17m Δ
  easyprivacy: 53111-64, 1h.17m Δ
  urlhaus-1: 25255-0, 20h.59m
  plowe-0: 3546-993, 20h.58m
  CHN-0: 25223-102, 1d.22h.9m
filterset (user): [array of 9 redacted]
userSettings:
 advancedUserEnabled: true
hiddenSettings: [none]
supportStats:
 allReadyAfter: 287 ms (selfie)
 maxAssetCacheWait: 46 ms
 cacheBackend: indexedDB
popupPanel:
 blocked: 0
@stephenhawk8054
Copy link
Member

I think it's more related to uBlock-issues repo. I'll transfer to that.

@stephenhawk8054 stephenhawk8054 transferred this issue from uBlockOrigin/uAssets Sep 30, 2024
@gorhill
Copy link
Member

gorhill commented Sep 30, 2024

The issue is not really related to using SOCKS5 proxies, it's a !#if-!#else-!#endif preprocessing issue.

When !#if is used with an unknown token, the intended behavior is to discard the preprocessing directives and to not ignore filters in the preprocessing block. However I see there is an issue now which is that the !#else block is not ignored and its content is discarded.

For example, the following should not cause all webpages to be blocked:

!#if cap_ipaddress
*$doc
!#else
@@*$doc
!#endif

But it does because @@*$doc is discarded, while it should not because cap_ipaddress is unknown token in 1.59.0. This needs to be fixed.

Meanwhile the conditional can be rewritten in the form:

!#if cap_ipaddress
*$doc
!#endif
!#if !cap_ipaddress
@@*$doc
!#endif

... to address the issue in the list until there is a fix in uBO itself.

@gorhill gorhill reopened this Sep 30, 2024
@gorhill gorhill changed the title "Block Outsider Intrusion into LAN" does not work when using SOCKS5 proxies #if-!#else-!#endif issue with unknown preprocessing tokens Sep 30, 2024
@gorhill gorhill changed the title #if-!#else-!#endif issue with unknown preprocessing tokens !#if-!#else-!#endif issue with unknown preprocessing tokens Sep 30, 2024
gorhill added a commit to gorhill/uBlock that referenced this issue Sep 30, 2024
@gorhill
Copy link
Member

gorhill commented Sep 30, 2024

Test page: https://example.com/.

Unknown token, should not block -- was erroneously blocking before fix:

!#if huh
*$doc
!#else
@@*$doc
!#endif

Unknown token, should block -- was erroneously not blocking before fix:

!#if huh
!#else
*$doc
!#endif

@MasterKia MasterKia added bug Something isn't working fixed issue has been addressed labels Sep 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working fixed issue has been addressed
Projects
None yet
Development

No branches or pull requests

4 participants