Closed Bug 362330 Opened 18 years ago Closed 18 years ago

Omnibus ad-blocking bug for December/January


(Camino Graveyard :: Annoyance Blocking, defect)

Not set


(Not tracked)



(Reporter: alqahira, Assigned: alqahira)



(Keywords: fixed1.8.0.10, fixed1.8.1.2)


(1 file, 1 obsolete file)

I'm seeing images from[...]/[...]
inside links like:[...]

I don't know if burstnet has legit content, nor whether it's best to target the <a> or the <img>.
There's a particularly annoying Flash ad that appears at the top of the page here:

It's coming in through Javascript, seemingly from here:

cl is providing a bunch of ads on Mac Daily News (which is a horrid Fox-esque site that I loathe) that we should probably be blocking.

Sample URL:
From generated source on an internal page:

<!-- Begin: AdBrite -->

<script type="text/javascript" src=";br=1">
</script><a class="adHeadline" target="_top" onmouseover="window.status=''; return true;" onmouseout="window.status=' '; return true;" href=";banner_id=10551105&amp;cpc=302e3035&amp;ssc=e6934d9befee23e0d895e6abfa6e15b9&amp;variation_id=11174&amp;keyword_id=18647"><b><span class="adHeadline">Work for an Airline.</span></b></a><br><a class="adText" target="_top" onmouseover="window.status=''; return true;" onmouseout="window.status=' '; return true;" href=";banner_id=10551105&amp;cpc=302e3035&amp;ssc=e6934d9befee23e0d895e6abfa6e15b9&amp;variation_id=11174&amp;keyword_id=18647"><span class="adText">Get Hired 50% Faster with! Hiring for All Job Titles.</span></a><br><br><a class="adHeadline" target="_top" onmouseover="window.status=''; return true;" onmouseout="window.status=' '; return true;" href=";banner_id=10208570&amp;cpc=302e313133&amp;ssc=a691c8439f0ba20abc2f927422aa5aa8&amp;variation_id=2996&amp;keyword_id=913606"><b><span class="adHeadline">Titanium Engagement Rings</span></b></a><br><a class="adText" target="_top" onmouseover="window.status=''; return true;" onmouseout="window.status=' '; return true;" href=";banner_id=10208570&amp;cpc=302e313133&amp;ssc=a691c8439f0ba20abc2f927422aa5aa8&amp;variation_id=2996&amp;keyword_id=913606"><span class="adText">Unique, hand crafted Titanium Engagement Rings, true symbols of love</span></a><br><br><a class="adHeadline" target="_top" onmouseover="window.status=''; return true;" onmouseout="window.status=' '; return true;" href=";banner_id=10393503&amp;cpc=302e313638&amp;ssc=0776df9e4fa57f832114ac7f958a1d2b&amp;variation_id=7411&amp;keyword_id=913606"><b><span class="adHeadline">Students Save on Software</span></b></a><br><a class="adText" target="_top" onmouseover="window.status=''; return true;" onmouseout="window.status=' '; return true;" href=";banner_id=10393503&amp;cpc=302e313638&amp;ssc=0776df9e4fa57f832114ac7f958a1d2b&amp;variation_id=7411&amp;keyword_id=913606"><span class="adText">Academic Superstore offers up to 80% off retail on software/hardware.</span></a><br><br><span id="AdBriteIntermission65647"><script type="text/javascript" src=""></script></span>
<div><a class="adHeadline" target="_top" href=";afsid=1">Your Ad Here</a></div>
<!-- End: AdBrite -->

Basically, block Adbrite, please. :)
I realise it's a Swedish site, but there are ads galore over here:
Gmail's right-hand ads are back.

div#rhc > div.rh

should be the new rule, but my trunk testing build won't load gmail atm....
There's a Customs and Border Patrol Flash ad showing up on ESPN all of a sudden, generated by

<script language="Javascript1.1" type="text/javascript" src=";js=1&amp;AdTypes=Banner;"></script>

Blocks: 363615
Summary: Omnibus ad-blocking bug for December → Omnibus ad-blocking bug for December/January
cl decided that the ad was really

(which seems to be an ad-server host we can bit-bucket for everything).
And another one that got through on (from TribalFusion):

<!-- TF 160x600 JScript VAR code -->
<center><script language="javascript"><!--
document.write('<scr'+'ipt language=javascript src="'+((new Date()).getTime() % 2147483648) + Math.random()+'"></scr'+'ipt>');
</script><script language="javascript" src=";adSpace=ROS&amp;size=160x600&amp;type=var&amp;requestID=9999558340.6710055010994362"></script>

<img src="" usemap="#Map" border="0" height="600" width="160"> 
<map name="Map"><area shape="rect" coords="4,158,157,185" href="" target="_blank"><area shape="rect" coords="4,204,157,233" href="" target="_blank"><area shape="rect" coords="4,253,155,280" href="" target="_blank"><area shape="rect" coords="4,300,155,326" href="" target="_blank"><area shape="rect" coords="4,345,157,374" href="" target="_blank"><area shape="rect" coords="4,392,155,421" href="" target="_blank"><area shape="rect" coords="2,440,157,468" href="" target="_blank"><area shape="rect" coords="4,486,155,519" href="" target="_blank"><area shape="rect" coords="4,532,155,560" href="" target="_blank"><area shape="rect" coords="6,567,52,586" href="" target="_blank"><area shape="rect" coords="2,2,157,105" href="" target="_blank"> 
<img src="" border="0" height="1" width="1">

   <a href="" target=_blank>
   <img src="" 
                  width=160 height=600 border=0 alt="Click Here"></a>
<!-- TF 160x600 JScript VAR code -->

Do you hate me yet? ;)
Yes ;)

Looks like we block every other sort of tribalfusion thing except plain ol' img[src*=""]
Hm... That'd basically kill any legitimate images on, no? We already break a lot of it... if we're okay with completely killing any legitimate access to (like, say, seeing what services they offer), then this change is fine with me.
We could come up with some complicated rule to exclude images on, but frankly, if a Camino user is interested in those services, he/she can just turn off ad-blocking while browsing that site.  For the vast majority of Camino users, though, there are no "legitimate images on" ;)
Yeah, that'd be fine.

On a side note, I just got some Google ads on MySpace:

<div id="ctl00_cpMain_messageList_MessageList_gads" style="margin-left: 165px;">
	<div id="ctl00_cpMain_messageList_CMS_MessageList_Gads" name="ctl00_cpMain_messageList_CMS_MessageList_Gads">
	<script type="text/javascript" language="JavaScript">

function google_ad_request_done(google_ads)
	var i = 0;
	if (google_ads == null || google_ads.length == 0) return;
	var ctl = null;
	var str = '';
			str = '';
		document.write('<STYLE>  #ad-wrap {width: 600px; height: auto; font: 11px verdana,sans-serif; overflow: hidden;}  #ad-hdr {width: auto; color: #000; text-align: right; border-bottom: 1px solid #a5a5a5; margin: 0 5px; padding: 0; padding-top: 10px}  #ad-wrap a {text-align:left; text-decoration: none; display: block; width: 45%; margin: 0; padding: 20px 10px; float: left;}  *html #ad-wrap a {width: 48%;}  #ad-wrap p {color: #000; font-weight: normal; margin: 0; padding: 0;}  #ad-wrap span {color: #01a920; font-weight: normal; text-decoration: none; }  #ad-wrap strong {color: #1619fc; font-weight: bold; text-decoration: underline; }  </STYLE>');
		str += '    <DIV id=ad-wrap>  <DIV id=ad-hdr>Sponsored Links</DIV>';
			for (l = 0; l < 4; l++)
			if (google_ads[i] == null) break;
			str += ' <A onmouseover="window.status=\'go to ' + google_ads[i].visible_url + '\'; return true;" onmouseout="window.status=\'\';" href="' + google_ads[i].url + '" target=_blank><STRONG>' + google_ads[i].line1 + '</STRONG>   <P>' + google_ads[i].line2 + '<BR>' + google_ads[i].line3 + '</P><SPAN>' + google_ads[i].visible_url + '</SPAN></A> ';
			str += ' </DIV>';

var google_ad_client = "fim_myspace_mail_js";
var google_encoding = "utf8";
var google_ad_channel = "fim_myspace_mail";
var google_safe = "high";
var google_max_num_ads = 4;
var google_ad_type = "text";
var google_adtest = "off";
var google_ed = "0:0:YjVjZmRkZDk4MTVhZDVhM_QyA0sbLut7h4QQzPi7qK3X2LfFzuBNkbCjvlyCC7PTwJgidaMxv1ZdG4wxNybrPlhJrZgqvND988932TmesWXjdnX2Y0Yx8_COHxD78fJa";
var google_ad_output = "js";
<script type="text/javascript" language="JavaScript" src=""></script><script language="JavaScript1.1" src=";dt=1169525810864&amp;adsafe=high&amp;oe=utf8&amp;lmt=1169525810&amp;num_ads=4&amp;output=js&amp;adtest=off&amp;channel=fim_myspace_mail&amp;;ad_type=text&amp;;ed=0:0:YjVjZmRkZDk4MTVhZDVhM_QyA0sbLut7h4QQzPi7qK3X2LfFzuBNkbCjvlyCC7PTwJgidaMxv1ZdG4wxNybrPlhJrZgqvND988932TmesWXjdnX2Y0Yx8_COHxD78fJa&amp;cc=31&amp;u_h=768&amp;u_w=1024&amp;u_ah=687&amp;u_aw=1024&amp;u_cd=32&amp;u_tz=-480&amp;u_his=15&amp;u_java=true&amp;u_nplug=10&amp;u_nmime=115"></script>    <div id="ad-wrap">  <div id="ad-hdr">Sponsored Links</div> <a onmouseover="window.status='go to'; return true;" onmouseout="window.status='';" href=";ai=BfFT9PYy1ReODL56UhQPX2ZnFBY_O2BPbzp2mAsCNtwGgnAEQARgBIP_I_wUwADgAUIrKlakEYMmOxo30pNAZmAGrxo4mqgEQZmltX215c3BhY2VfbWFpbLIBFW1lc3NhZ2luZy5teXNwYWNlLmNvbcgBAdoBXmh0dHA6Ly9tZXNzYWdpbmcubXlzcGFjZS5jb20vTW9kdWxlcy9NZXNzYWdpbmcvUGFnZXMvbWVzc2FnZUxpc3QuYXNweD8lM0ZmdXNlYWN0aW9uPW1haWwuaW5ib3ioAwE&amp;num=1&amp;adurl=;client=ca-fim_myspace_mail_js" target="_blank"><strong>Widespread Panic Ringtone</strong>   <p>Send this ringtone to your phone<br>right now!</p><span></span></a>  </div>
div[id*="ad-wrap"] for that.
Annoying floating flash ad at, eg,

Guilty servers: and

Sample Flash URLs (warning: long!):

    src =,0,300,250;7,58,293,88;&swfdim=300,250&ad=297488&action=1&subswf=

    src =*/r%253B57221779%253B0-0%253B0%253B12327283%253B4307-300/250%253B19806041/19823935/1%253B%253B~aopt=2/1/68d/0%253B~sscs=%253F|37B0|0|0|%25252a|h%253B70212324%253B0-0%253B0%253B15528660%253B31-1|1%253B19765348|19783242|1%253B%253B%25253f&resTag1=;skin=morningstar&resTag3=;skin=morningstar&resTag4=;skin=morningstar&resTag5=;skin=morningstar&resTag6=;skin=morningstar&resTag7=;skin=morningstar&resTag8=;skin=morningstar&resTag9=;skin=morningstar&resTag10=;skin=morningstar&resTag11=

src =
Whoops, I had ad blocking off (was testing something else). When I turned it back on I no longer saw the ads from --then again, those could've been dynamic and might've appeared with ad blocking on. I'll keep my eyes out for other ads from that server.

On the other hand, the ad from still persisted even with ad blocking on.
That ad can probably be killed by just killing the entire domain. Going to it in a browser yields "This is a DoubleClick advertising server."

And going to just yields an error. Let's just kill the entire domain.
(In reply to comment #18)
> And going to just yields an error. Let's just kill the entire domain.

We already are :(

This ad sneaks through, in my best guess, because it's being served as application/octet-stream instead of as Flash?
Washington Post (any article):


Imageshack (e.g. ):

> div[id*="ad_links_bottom"]

How about just |div[id*="ad_links"]|? It's more general, but unlikely to have false positives.
Attached patch Omnibus Ad-Blocking Update (obsolete) — Splinter Review
Here's the patch, which fixes everything here except the two odd flash ads already and also fixes the two dep bugs.  

Most of the rules are self-explanatory or have been mentioned, but see bug 369088 for the rationale behind the doubleclick embed change.  Also, the linksynergy/apple whitelist rule was changed to block Apple ads on cl's Mac Daily News article (but preserves the little iTunes buttons we added the whitelist rule for in the first place).

Someone please remind me never again to miss turning in a patch at the end of a month; it becomes very time-consuming to axe two months worth of ads ;)

February is bug 369174.
Attachment #253842 - Flags: superreview?(sfraser_bugs)
Attachment #253842 - Flags: superreview?(sfraser_bugs) → superreview+
I have on objection : the inclusion of div#rhc>div.rh is quite generic.
Example: it was used for legitimate content until recently by (one of the most important newspaper sites in Spain) before they redirected to, and used a different stylesheet.

(I also use it for my own browser bugs internal site, but I can change that...;-)
This does smorgan's comment 21, which somehow I didn't see until well after attaching the patch (yay no conflict screens for patches :p) as well as addresses philippe's concern by throwing that rule in a Gmail @-moz-document block.
Attachment #253842 - Attachment is obsolete: true
Checked in on trunk and MOZILLA_1_8_BRANCH
Closed: 18 years ago
Keywords: fixed1.8.1.2
Resolution: --- → FIXED
Nominating for 1.0.4; depending on the ship date, we might want to take this, or a subset of it (marketwatch and philippe's gmail nit), if things have been in the wild long enough.  If not, we'll take it for 1.0.5.
Flags: camino1.0.4?
Should be OK, it's been baking for over a week.
Flags: camino1.0.4? → camino1.0.4+
Whiteboard: [needs checkin 1.8.0]
Checked in on MOZILLA_1_8_0_BRANCH.
Keywords: fixed1.8.0.10
Whiteboard: [needs checkin 1.8.0]
You need to log in before you can comment on or make changes to this bug.