mirror of
https://github.com/arkenfox/user.js.git
synced 2024-11-25 12:01:38 +01:00
Destroyed 4.2.2 uBlock Origin (markdown)
parent
523a87aa44
commit
a7629daa46
@ -1,37 +0,0 @@
|
||||
Best practice is to default deny-all, then whitelist.
|
||||
|
||||
### :small_orange_diamond: Rules
|
||||
|
||||
- block all 3rd party, 3rd party frames, all 3rd party scripts
|
||||
```
|
||||
* * 3p block
|
||||
* * 3p-frame block
|
||||
* * 3p-script block
|
||||
```
|
||||
|
||||
### :small_orange_diamond: Filters
|
||||
|
||||
<details><summary>what appear to be tracking images on startpage - click to expand</summary><p>
|
||||
|
||||
* See [this](https://support.startpage.com/index.php?/Knowledgebase/Article/View/260/0/why-is-startpage-loading-1x1-gifs-clear-pixel-images-when-i-search) Startpage support page
|
||||
|
||||
* In an email from Startpage: We have a proxy service that lets you view a result anonymously (by clicking Proxy near a result). When you view a webpage this way, our servers load the page on your behalf, and then provide the content to you. That way the website you are viewing won’t see you. Their website content is served through our domain. Webpages have many ways to set cookies – through Javascript and otherwise. When we proxy the webpage on your behalf, we take many steps to prevent them from doing so. (If they did successfully set a cookie, the cookie would be stored on our domain.) To add extra protection, we then display this extra 1×1 image from our domain that includes cookie headers to clear any such cookies. That way, if any external website you viewed through our proxy manages to set a cookie on our proxy’s domain, we immediately clear that cookie
|
||||
|
||||
</p></details>
|
||||
|
||||
```
|
||||
! 1x1pixel clear images on startpage.com
|
||||
||startpage.com/do/*$image,important
|
||||
||startpage.com/english/*$image,important
|
||||
||startpage.com/tst2/*$image,important
|
||||
```
|
||||
|
||||
- Workers (requires [FF58+](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/worker-src))
|
||||
* If you have uMatrix [1.2.0+](https://github.com/gorhill/uMatrix/releases/tag/1.2.0), there is a new switch: "Forbid web workers", use that instead.
|
||||
* Note: `dom.workers.enabled` was [deprecated](https://bugzilla.mozilla.org/1434934) in FF60
|
||||
* Prevent workers everywhere (first line below)
|
||||
* Exception, do not prevent workers on `example.org` (second line below)
|
||||
```
|
||||
*$csp=worker-src 'none'
|
||||
@@||example.org^$csp=worker-src 'none'
|
||||
```
|
Loading…
Reference in New Issue
Block a user