brave
Add pixeltris's TwitchAdSolutions scripts
Include an option for users to filter out twitch.tv ads.
2 different scripts, filtering in 2 different ways.
https://github.com/pixeltris/TwitchAdSolutions
The 2 scripts imported here:
https://github.com/pixeltris/TwitchAdSolutions/blob/master/video-swap-new/video-swap-new-ublock-origin.js https://github.com/pixeltris/TwitchAdSolutions/blob/master/vaft/vaft-ublock-origin.js
Not global scripts, but will only apply too twitch.tv domain.
-
twitch.tv##+js(video-swap-new-ublock-origin) -
twitch.tv##+js(vaft-ublock-origin)
Won't be a default, enabled option. But something we test via a seperate list or via experimental list.
@bcaller can you take a look at these scriptlets? Plan would be to bundle them with the other scriptlets but only insert them on Twitch on an experimental basis (e.g. put them in the Experimental filter list).
Re-sync with latest changes in https://github.com/pixeltris/TwitchAdSolutions/commit/044d1fb3bb88a19ab718603069354d43eeba7015
Still curious where the
SetTwitchAdblockSettingsis supposedly fired from.
That vaft script was originally an extension and has stuff left over from that. It sounds like that code can be removed. The invoker was https://github.com/cleanlock/VideoAdBlockForTwitch/blob/master/chrome/content.js
[puLL-Merge] - brave/adblock-resources@160
Description
This PR adds two new JavaScript files to the adblock-resources repository: vaft-ublock-origin.js and video-swap-new-ublock-origin.js. These scripts appear to be modifications of the Twitch ad blocking scripts from the VideoAdBlockForTwitch and uBlock Origin extensions, adapted to work with the Brave browser's adblock system.
Changes
Changes
-
metadata.json: Adds entries for the two new JS files, specifying their names, aliases, mime types, and resource paths. -
resources/vaft-ublock-origin.js: A large, minified JavaScript file based on the VideoAdBlockForTwitch extension. It hooks into the Twitch player to block ad segments, skipping them by requesting an ad-free stream from the server. Also prevents Twitch from pausing the stream when ads are blocked. -
resources/video-swap-new-ublock-origin.js: Another large, obfuscated JavaScript file adapted from uBlock Origin's Twitch ad blocking scripts. Uses a similar approach of intercepting requests, detecting ad segments, and seamlessly swapping in an ad-free video stream. Includes additional features like preserving player volume/quality settings.
Security Hotspots
-
Execution of remote code - Both scripts are large and difficult to audit. They hook into Twitch's player and intercept network requests, which could potentially be abused if the code was modified maliciously. Careful review is needed to ensure no vulnerable or malicious code is present.
-
Disclosure of personal information - The scripts appear to collect some device/browser fingerprinting information to spoof Twitch's adblock detection. Ensure this data is generated client-side and not sent to any third-party servers.
-
Breakage of Twitch functionality - Interfering with Twitch's player and ad loading has the potential to break stream playback in some cases if not implemented carefully. Thorough testing is advised to verify streams play back smoothly without impacting performance.
In summary, adding Twitch adblocking is a complex task requiring careful implementation to avoid security holes or negative impacts to browser performance/stability. The changed files should be vetted line-by-line to verify the safety and legitimacy of the code before merging. User privacy and consent is also an important consideration when implementing adblock functionality.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
[puLL-Merge] - brave/adblock-resources@160
Description
This pull request adds two new JavaScript files, vaft-ublock-origin.js and video-swap-new-ublock-origin.js, to the adblock resources. These scripts enhance ad blocking functionality specifically for Twitch.tv.
The vaft-ublock-origin.js script handles ad blocking by intercepting fetch requests, checking m3u8 files for ad segments, and replacing them with ad-free content where possible. It also notifies Twitch that ads were "watched" to avoid pausing.
The video-swap-new-ublock-origin.js script has similar ad blocking functionality, but uses a different approach by swapping to lower quality video when ads are detected. It preserves player state like volume and resolution during blocking.
Both scripts aim to provide a seamless viewing experience on Twitch by removing ads with minimal disruption.
Changes
Changes
-
metadata.json: Added entries for the two new JS filesvaft-ublock-origin.jsandvideo-swap-new-ublock-origin.js -
resources/vaft-ublock-origin.js: New file added. Contains ad blocking logic for Twitch that strips ad segments from m3u8 manifests. Uses fetch intercepting and notifies Twitch of "watched" ads. -
resources/video-swap-new-ublock-origin.js: New file added. Another ad blocking approach for Twitch that swaps to lower quality video when ads are detected. Preserves player state during the ad block process.
Security Hotspots
-
The scripts intercept and modify network requests which could potentially break Twitch functionality if not implemented carefully. Need to thoroughly test various scenarios.
-
Spoofing
localStorageto preserve player settings could cause unexpected behavior if Twitch changes their player implementation. Should monitor this. -
The
innerHTMLassignments when creating the ad block notification div are prone to XSS if the ad message strings are ever made dynamic without sanitization. Keep ad messaging static.
Overall the changes look good with useful functionality, but the highlighted areas should be reviewed and tested regularly, especially when Twitch makes player updates. Let me know if you have any other questions!
This LGMT but @bcaller could you take a quick look again? The scripts changed a bit (for the better I think).