AdGuardSDNSFilter icon indicating copy to clipboard operation
AdGuardSDNSFilter copied to clipboard

Published 20 hours ago verified publisher icon AdguardTeam

Found some improper/non-DNS-level rules.

Open thrive7776 opened this issue 2 years ago • 6 comments

Prerequisites

  • [X] I checked the documentation and found no answer;
  • [X] I checked to make sure that this issue has not already been filed;
  • [X] This is not an ad/bug report.

Problem description

1.Invalid javascript .1.1.1.l80.js^ .n.2.1.js^ .n.2.1.l50.js^ .n.2.1.l60.js^ ||crypta.js^ ← No idea why this exist?

According to https://www.iana.org/domains/root/db .js is not a valid TLD

2.non-DNS-level REGEX /(https?:\/\/)213\.32\.115\..{100,}/ /(https?:\/\/)217\.182\.11\..{100,}/ /(https?:\/\/)51\.195\.31\..{100,}/

3.Private IP 10.10.34.* ||10.10.34.35^ ||10.10.34.36^ ||10.10.34.^

4."://DOMAIN.TLD^" & "://*.DOMAIN.TLD" These rules are working with AGH, but the expected form is "||DOMAIN.TLD^", right? (make file size smaller.)

5.exceptions.txt Redundant vertical line at the end positions. A: @@||FQDN^"|" B: @@||FQDN^ A ↔ B are equivalent forms. (B-form can make file size smaller.)

Proposed solution

Delete 1, 2, 3. For 4: Replace "^://(\*\.)?" with "||". For 5: Replace "\|$" with ""(empty).

Additional information

No response

thrive7776 avatar Feb 19 '23 11:02 thrive7776

  1. .js is not a valid TLD 2.non-DNS-level REGEX 3.Private IP

👍

  1. .js must be excluded as non-TLD.
  2. Not critical, maybe regexps should be validated and excluded, if it is not for DNS filtering.
  3. May be excluded.

4."://DOMAIN.TLD^" & "://*.DOMAIN.TLD" These rules are working with AGH, but the expected form is "||DOMAIN.TLD^", right? (make file size smaller.)

that rules has (had) non-DNS purpose, for blocking subdomains only. Also they are very old (before implementing our DNS). Removed them.

5.exceptions.txt Redundant vertical line at the end positions.

Not redundant. ^| prevents unwanted unblocking when DNS filter is added to a regular ad blocker.

Alex-302 avatar Feb 20 '23 14:02 Alex-302

@Alex-302 Hello Alex, exceptions.txt#L59 @@-ds.metric.gstatic.com^ exceptions.txt#L221 @@||guce.advertising.com^ exceptions.txt#L232 @@||ads.tdbank.com^ so... these entries(without last |) are for special purpose?

thrive7776 avatar Feb 20 '23 14:02 thrive7776

@thrive7776 old exclusions. Changed https://github.com/AdguardTeam/AdGuardSDNSFilter/pull/1227

Alex-302 avatar Feb 20 '23 18:02 Alex-302

@thrive7776 old exclusions. Changed #1227

I see, no questions. Thank you.

thrive7776 avatar Feb 21 '23 03:02 thrive7776

Why I can't open bilibili

Panjult3a avatar Dec 06 '23 14:12 Panjult3a

"4."://DOMAIN.TLD^" (…)" I know such entries became permitted in DNS lists (i.e. the syntax became recognised as an alias for ||) around 2020-21, but changing those entries to || is perfectly okay to do, and wouldn't make any difference for such entries, neither for the worse or for the better.

"/(https?:\/\/)213\.32\.115\..{100,}/" I'm inclined to side with OP on this one, because there's no realistic way for an IP entry to match .{100,}, which means at least 100 characters must follow the initial 3 numbers. Even as a domain entry, it would be difficult for a domain to match at best, though not outright impossible.

DandelionSprout avatar Feb 07 '24 06:02 DandelionSprout