my_filters_001

my_filters_001 copied to clipboard

What do you need support with?

The issue is an unblocked cookie consent redirect on derstandard.de. The website uses a 302 redirect so I have been unable to find a solution. This domain was found in https://github.com/uBlockOrigin/uAssets/issues/8680

• [X] Have you checked the wiki?

The website uses a cookie to tell if the user has agreed, but there is no way to test for that & it is done on the server side

May need write someting like custom resource for scriptlets, but add to uBO avanced settings is on own risk.

JS Penguin ideas with guard:

https://github.com/NanoAdblocker/NanoFilters/blob/master/NanoFilters/NanoResources.txt#L283 nanop-click-elements-onready.js https://github.com/NanoAdblocker/NanoFilters/blob/master/NanoFilters/NanoResources.txt#L307 nanop-click-elements-onload.js https://github.com/NanoAdblocker/NanoFilters/blob/master/NanoFilters/NanoResources.txt#L330 nanop-easy-set-cookie.js https://github.com/NanoAdblocker/NanoFilters/blob/master/NanoFilters/NanoResources.txt#L361 nanop-set-cookie.js

In the past this was scriplet to bake cookies: https://github.com/uBlock-user/uBO-Scriptlets/blob/master/scriptlets.js (possible found in history of commits https://github.com/uBlock-user/uBO-Scriptlets/commit/3d1f48573749ac85b20031f78e0d5f7c7bb0f3af#diff-43445a624a2a315ea751bb6ac30f2a3f1ddecbcf35a249af3d493d9fdcddb578).

May need write someting like custom resource for scriptlets, but add to uBO avanced settings is on own risk.

JS Penguin ideas with guard:

https://github.com/NanoAdblocker/NanoFilters/blob/master/NanoFilters/NanoResources.txt#L283 nanop-click-elements-onready.js https://github.com/NanoAdblocker/NanoFilters/blob/master/NanoFilters/NanoResources.txt#L307 nanop-click-elements-onload.js https://github.com/NanoAdblocker/NanoFilters/blob/master/NanoFilters/NanoResources.txt#L330 nanop-easy-set-cookie.js https://github.com/NanoAdblocker/NanoFilters/blob/master/NanoFilters/NanoResources.txt#L361 nanop-set-cookie.js

In the past this was scriplet to bake cookies: https://github.com/uBlock-user/uBO-Scriptlets/blob/master/scriptlets.js (possible found in history of commits uBlock-user/uBO-Scriptlets@3d1f485#diff-43445a624a2a315ea751bb6ac30f2a3f1ddecbcf35a249af3d493d9fdcddb578).

@krystian3w thanks. I don't know much about scriptlets, but will try to implement this. How would I have my list add the scriptlet, or would the user have to do something?

User must perform these steps:

• open uBO pop-up and panel settings
• enabled advanced settings ("I am advanced user")
• added cutom resource into userResourcesLocation
• save and now subscribe your project with scriptlet to click/bake needed cookies.

I am a bit busy but will look into this later

[removed]

It works. Let me make a filter for it...

Added a possible fix in https://github.com/iam-py-test/my_filters_001/commit/385539006a7bff8a495248259190cb634b354dbc It works for me, but can you test? You will have to install https://github.com/iam-py-test/my_filters_001/blob/main/anti-cookie%2Bsign%20up_extention.txt plus add my fix to the user scripts (fix here:https://github.com/iam-py-test/Assets-001/blob/main/script.js )

There is something weird where it only works when JavaScript & inline scripts are enabled on the page. I tested on another device & once I allowed inline JS it worked

Austria maybe have similar pop-up 🇦🇹 (derstandard.at). But need a little other values.

On my device works with derstandard.de 🇩🇪.

Scriptlets need remove rules: no-scripting: www.derstandard.de true

and filters like: derstandard.*$script,inline-script $script,domain=derstandard.*

(these block "CMP" script to load and second can block more - 3p requests to load js)

I will look into the other domains tomorrow.

@krystian3w it seems that the cookie-set is not applied. (maybe problem on my end) Does the following get rid of the redirect:

www.derstandard.at##+js(clog,tester001)
www.derstandard.at##+js(cs,_sp_v1_consent,1!1:1:1:0:0:0)
www.derstandard.at##+js(cs,_sp_v1_opt,1:login|true:last_id|11:)
www.derstandard.at##+js(cs,tcfs,1)
www.derstandard.at##+js(cs,privacyWallReferrer,null)
www.derstandard.at##+js(cs,DSGVO_ZUSAGE_V1,true)
www.derstandard.at##+js(cs,MGUID,GUID=1f4bf0d8-85cb-4052-8b70-c869410e5d76&Timestamp=2021-06-24T12:05:23&DetectedVersion=&Version=&BIV=1&Hash=B65E2EAA40D38B8E398AD1556F1A3B00)
www.derstandard.at##+js(cs,consentUUID,4748711d-428a-4fef-b3e2-3247acb586ff)
www.derstandard.at##+js(cs,_sp_v1_uid,1:724:aa1735e1-bdbb-4189-8dd4-ad7b584c061e)
www.derstandard.at##+js(cs,_sp_v1_data,2:335457:1624536730:0:2:0:2:0:0:_:-1)
www.derstandard.at##+js(cs,_sp_v1_ss,1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXSGk7JoYtTHkmIQiJEHYhjg1ofbwFgAuNVQ-YUBAAA%3D)
www.derstandard.at##+js(cs,_sp_v1_csv,null)
www.derstandard.at##+js(cs,_sp_v1_lt,1:)

Do the filters work?

No works on derstandard.at or page is sensitive to disabled security.csp.enable | false.

I don't know if it might not be useful to have a scriptlet that checks the value of existing cookies as the current one doesn't overwrite nevertheless.

Odd. Wonder if I can use $csp to disable their blocking

Is www.derstandard.at$document,csp=script-src 'unsafe-inline' * fix the problem? I am in the U.S. if that means anything. I can get through if I just click the accept button though. I can get aopr to work with or without the $csp, so maybe it is a problem with the cookie scriptlet

I disabled csp via about:config & it still does not work. I wonder why?

I disabled csp via about:config & it still does not work.

Firefox config with false for security.csp.enable exclude use fixes based on $csp / $inline-script, maybe too unable use new clog.js (I no checked code that your scriptlet).

If I undo this change "security.csp.enable" it still rather doesn't work, supposedly for using custom .user.js for Firefox interface I have to use: pref("general.config.obscure_value", 0); pref("general.config.sandbox_enabled", false); break something?

I disabled csp via about:config & it still does not work.

Firefox config with false for security.csp.enable exclude use fixes based on $csp / $inline-script, maybe too unable use new clog.js (I no checked code that your scriptlet).

If I undo this change "security.csp.enable" it still rather doesn't work, supposedly for using custom .user.js for Firefox interface I have to use: pref("general.config.obscure_value", 0); pref("general.config.sandbox_enabled", false); break something?

Ok. Will test. Also, the original domain is now redirecting me to its cookie consent. Maybe they are detecting my ip and blocking it...

Try with any free VPN?

Try with any free VPN?

Do you think TOR would work ok?

Tried over TOR & it still did not work. Wonder if they changed how their site works

@krystian3w can you test the original domain? It did not work for me (in both Firefox & TOR), but I want to confirm. If so, do you think there is a permanent fix?

effect on origin - redirect derstandard.de/consent/tcf/international

Some cookie maybe was expired/banned as too "constant" value?

effect on origin - redirect derstandard.de/consent/tcf/international

Some cookie maybe was expired/banned as too "constant" value?

If so, that means there is no permanent solution. I guess this issue & both domains are can't fix

I agree.

I am leaving it open just encase someone can solve it

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Maybe addressed in uBo cookies List...?

I do not have time to look into this, but now that we have (trusted)-set-cookie, maybe.