Page returns "Disable your adblocker to continue" pop-up message with ETP set to STRICT at defensenews.com
Categories
(Core :: Privacy: Anti-Tracking, defect, P3)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox92 | --- | verified |
People
(Reporter: rbucata, Unassigned)
References
(Blocks 1 open bug, )
Details
Attachments
(1 file)
|
89.81 KB,
image/jpeg
|
Details |
Screenshot_13.jpg
Environment:
Operating system: Windows 10 PRO x64
Firefox version: :Firefox Nightly 88.0a1 (2021-03-16)
Preconditions:
ETP set to STRICT
Clean profile
Steps to reproduce:
- Navigate to: https://www.defensenews.com
- Observe the result
Expected Behavior:
The page is loaded
Actual Behavior:
The page returns a pop-up message regarding Ad-blocker
Notes:
- Not reproducible with ETP set to STANDARD.
- Not reproducible after reloading the page
|
Reporter | |
Updated•3 years ago
|
|
|
Reporter | |
Updated•3 years ago
|
|
|
Reporter | |
Updated•3 years ago
|
|
||
Comment 1•3 years ago
•
|
||
It looks like they're using similar blockerDetected detection code to what's being used in bug 1701685, but in this case they're trying to load a script from "//ad.doubleclick.net/ddm/adj/Azeb/Blqlev", which is being blocked (and also an image after that, from what I can tell) in this code:
function p(n, e, i) {
if (e.isOldIE()) return t.resolve();
var u = r.a.X,
f = null;
return u && u.length > 0 && 'function' == typeof window.URL && Object(h.a) (u[0], (function (t) {
t && t.origin && (f = Object(b.a) (t.origin))
})),
Object(c.a) (n).then((function () {
return Object(a.a) (100)
})).then((function () {
return t = Object(o.b) (o.a),
y(e, u, n, t, 'script', !1, e.isIE()).then((function (i) {
return i.d ? i : y(e, r.a.K, n, t, 'img', !0, !1).then((function (t) {
return {
d: i.d || t.d,
a: i.a && t.a,
h: t.h,
ha: t.ha
}
}))
}));
var t
})).then((function (t) {
t.d ? i.disableDetected(2) : t.a && i.blockerDetected([], 2),
t.h ? i.blockerDetected(t.ha || [
], 512) : i.disableDetected(512),
f && f()
}))
We can possibly shim these using an approach similar to bug 1701685, but given the code being used, there is probably a list of detection techniques we will have to shim, not just the two in these bugs.
|
|
||
Comment 2•3 years ago
|
||
So this is an anti-adblock script called Admiral, which is the safe as the one being used in bug 1701685. The checks I've found in the script include:
- trying to load from
ad.doubleclick.net/ddm/adj/. - trying (twice?) to load a google safeframe.
- test that elements with CSS classes
.banner_slotor.postadcan be added to the document without being hidden/changed in size by an element-hiding ad blocker. - firing an 'error' event on a <video> with a <track> with
srcof//admiral-has-personalized.invalidand seeing if it works. - checking for Adblock Plus without Acceptable Ads activated.
So adding shims for Safeframe and Doubleclick should suffice for both sites (and others using this script).
|
|
Reporter | |
Comment 4•3 years ago
|
||
This was moved to the correct Core Product and Component
Notes:
The issue is still reproducible on the latest build of Firefox Nightly
|
||
Comment 5•3 years ago
|
||
This issue reproduces on the Firefox Nightly from 8.2 with GV 92.0a1 with Google Pixel (Android 10).
The ETP is set to Strict. It reproduces on both, normal and private browsing.
|
||
Comment 6•3 years ago
|
||
This issue is no longer reproducible on the latest Nightly 93.0a1 nor on Firefox 92 beta 1 - the pop-up message regarding Ad-blocker is no longer displayed. Tested with strict mode on and in private browsing on macOS Big Sur 11.5.1, Ubuntu 20.04 x64, and Windows 10 x64.
|
||
Comment 7•3 years ago
|
||
The issue is no longer reproducible on 92.0.0-beta.2 with Google Pixel 3 (Android 12) - tested with ETP Strict.
|
|
||
Comment 8•3 years ago
|
||
The issue doesn’t reproduce on 8/23 Nightly 93.0a1 build, nor in Beta 92.0.0-beta.6, with Lenovo Tab M10 (Android 10).
I'll close this issue as verified.
|
|
||
Updated•3 years ago
|
Description
•