Won't block 3rd party properly
-
@SweetP yes, I would think so. But currently it loads other subdomains that are at the same level as it is. Like auth.investors.com gets to load stuff with only the 1 rule added for research.investors.com.
-
@SweetP I tried that and also tried blocking other subdomains explicitly but still they load. It’s weird.
This is probably a corner case, as the bulk of the app is about blocking 3rd party resources.
But with new tracking/fingerprinting scripts being hosted on subdomains they usually pass by unfiltered.It would be great to specifically add an exception to those pesky subdomains and let all other subdomains load. But currently the exception doesn’t apply if one is permitting JS, all will load regardless.
-
@NickC OK, it finally updated in the store and got to update my main Mac.
I tried it out and as detailed, I think there's still a minor bug either with the subdomain enforcement or with Webkit itself.
From the 2 rules added, I would expect the images from www.investors.com to be blocked and just the ones on research.investors.com to be allowed. However, this is not the case. It would make for a fairly advanced Ad-blocker with this feature fully working
Maybe when you get some spare time to investigate you can figure where the issue lies. Thanks for all your work so far!
-
Ive been thinking about this, and im not sure this is an actual bug (in WebKit) but more of a limitation in the way it is implemented.
With the subdomain rule, you are blocking all third parties - which is happening.
but allowing some first party resources other subdomains and the top-level domain are actually first party resources, which it is also doing.I don't think there is a way to restrict resources to the specific domain/subdomain only - at least not via the APIs that Apple is providing.
-
hmm,
I might have spoke too soon.
there is maybe a rule I can use
but it may be too restrictive for most users....Im not sure how this could be implemented in a user friendly and non destructive way for most users.
Ill have a think about it and see if I can find a way to implement what you are hoping for, but not degrade the experience for everyone else (assuming the rule I mentioned does actually work :)) -
@SweetP That sounds good. Maybe an "advanced" switch in the options that enforces strict subdomain separation? The default could be current behaviour, but for savvy users, the switch would allow for more granularity.
Anyways, would be happy to test a beta of what you come up with. Let me know if I can help in any way.
-
@SweetP Might be a WebKit limitation sadly
If it turns out that the feature cannot be implemented, maybe it’s a better UI to have just the base domain be added when you click the +exception even if you are on a subdomain, since this would be the expected behavior. What do you think?
-
@SweetP Ok, so from what I could tell of the way Minim is writing its ruleset, the trigger “if-domain” with the wildcard * seems to make the root domain + all subdomains whitelist appear.
As per Apple’s docs, "if-domain | An array of strings to match to a URL's domain; limits the action to a list of specific domains. The values must be lowercase ASCII, or Punycode for non-ASCII. Add * in front to match domain and subdomains. You can't use this with unless-domain.”Would this mean that having Minim just add the if-domain without the wildcard * in front work as expected (i.e. to block just that specific subdomain) ?
This way, the user could either add * in front if he/she wants to block the root domain and be done with it or have more granular control by default.
Of course, there could be a small UI element (like a checkmark/asterisk icon or something similar) in front when adding a wildcard exception to the Minim list.
Would this work/be reasonable?