Scriptlets icon indicating copy to clipboard operation
Scriptlets copied to clipboard
verified publisher icon AdguardTeam

Improve 'trusted-set-cookie' and 'trusted-set-local-storage-item' — add ability to specify base64 as encoding

Open contribucious opened this issue 2 years ago • 4 comments

Steps to reproduce

  1. Add this user rule:
@@||www.coolblue.be^$important,document
  1. Go to https://www.coolblue.be/en and refuse cookies.
  2. Observe the apparition of a new cookie-preferences cookie with this value:
eyJmdW5jdGlvbmFsIjp0cnVlLCJhbmFseXRpY2FsIjp0cnVlLCJtYXJrZXRpbmciOmZhbHNlfQ%3D%3D

Goal

Replacing this rule (comment included):  #ᴄʀʏᴘᴛɪᴄ

! Base64 value for: {"functional":true,"analytical":true,"marketing":false}
coolblue.be#%#//scriptlet('trusted-set-cookie', 'cookie-preferences',
'eyJmdW5jdGlvbmFsIjp0cnVlLCJhbmFseXRpY2FsIjp0cnVlLCJtYXJrZXRpbmciOmZhbHNlfQ==')

By this one (self-explanatory for readers):  #ᴛʀᴀɴꜱᴘᴀʀᴇɴᴛ

coolblue.be#%#//scriptlet('trusted-set-cookie', 'cookie-preferences',
'base64:{"functional":true,"analytical":true,"marketing":false}')

 

:writing_hand: Remarks

  1. Possibly use a dedicated parameter instead.

  2. ~~Consider in addition a variant that does not use encodeURIComponent for storing base64 value, for some websites reading the string directly in atob.~~ ~~- That is, the stored value will therefore include == instead of %3D%3D at the end.~~

    ↪️ Variant not anymore required. All situations will be handled correctly if this commit is finally merged: get rid of encodeURIComponent for trusted-set-cookie-* scriptlets. As raw/pure base64 value generated by AdGuard will always be readable by the website: whether the latter uses for reading atob, atob+decodeURIComponent, etc.

  3. Should also apply to:

    • the similar one trusted-set-cookie-reload;
    • and, ideally, trusted-set-local-storage-item too.

 

Hi and thanks in advance! :v:

contribucious avatar Apr 09 '23 07:04 contribucious

1. Possibly use a dedicated parameter instead.

💡 Or … a new "comma-separated" advancedOptions final parameter (code and wiki), which can include in it as={plaintext|base64} or maybe encoding={none|base64} — the former in the sense of "to store value as …", of course.

↪️ Probably both more flexible ~~(especially to add support for the described variant in addition)~~ and more future-proof. ☺️

contribucious avatar Apr 17 '23 13:04 contribucious

But we can convert a scring to BASE64 using tools.

Alex-302 avatar Apr 19 '23 11:04 Alex-302

Of course. Even web tools, easily. But the goal is to have self-explanatory rules for these cases (that is, no need to have an additional comment describing the cryptic content to readers).

↬ It's mainly for adding clarity and transparency to public filters (i.e. those read by people), more so than for local filters. 🙂

contribucious avatar Apr 19 '23 13:04 contribucious

Issue clarified just now (goal better explained). ✔️

contribucious avatar Apr 19 '23 14:04 contribucious