Git/firefox-user.js
1
0
Fork 0
mirror of https://github.com/arkenfox/user.js.git synced 2024-11-22 10:31:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Destroyed 4.2.2 uBlock Origin (markdown)

Thorin-Oakenpants 2021-11-27 05:53:08 +00:00
parent 523a87aa44
commit a7629daa46
1 changed files with 0 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
4.2.2-uBlock-Origin.md

@ -1,37 +0,0 @@
Best practice is to default deny-all, then whitelist.
### :small_orange_diamond: Rules
- block all 3rd party, 3rd party frames, all 3rd party scripts
```
* * 3p block
* * 3p-frame block
* * 3p-script block
```
### :small_orange_diamond: Filters
<details><summary>what appear to be tracking images on startpage - click to expand</summary><p>
* See [this](https://support.startpage.com/index.php?/Knowledgebase/Article/View/260/0/why-is-startpage-loading-1x1-gifs-clear-pixel-images-when-i-search) Startpage support page
* In an email from Startpage: We have a proxy service that lets you view a result anonymously (by clicking Proxy near a result). When you view a webpage this way, our servers load the page on your behalf, and then provide the content to you. That way the website you are viewing wont see you. Their website content is served through our domain. Webpages have many ways to set cookies through Javascript and otherwise. When we proxy the webpage on your behalf, we take many steps to prevent them from doing so. (If they did successfully set a cookie, the cookie would be stored on our domain.) To add extra protection, we then display this extra 1×1 image from our domain that includes cookie headers to clear any such cookies. That way, if any external website you viewed through our proxy manages to set a cookie on our proxys domain, we immediately clear that cookie
</p></details>
```
! 1x1pixel clear images on startpage.com
||startpage.com/do/*$image,important
||startpage.com/english/*$image,important
||startpage.com/tst2/*$image,important
```
- Workers (requires [FF58+](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/worker-src))
* If you have uMatrix [1.2.0+](https://github.com/gorhill/uMatrix/releases/tag/1.2.0), there is a new switch: "Forbid web workers", use that instead.
* Note: `dom.workers.enabled` was [deprecated](https://bugzilla.mozilla.org/1434934) in FF60
* Prevent workers everywhere (first line below)
* Exception, do not prevent workers on `example.org` (second line below)
```
*$csp=worker-src 'none'
@@||example.org^$csp=worker-src 'none'
```