+- The Un-Official Proxomitron Forum (https://www.prxbx.com/forums)
+-- Forum: Proxomitron Config Sets (/forumdisplay.php?fid=43)
+--- Forum: Sidki (/forumdisplay.php?fid=44)
+--- Thread: flash leaking through toggle again? (/showthread.php?tid=1472)
flash leaking through toggle again? - bugger - Sep. 01, 2009 10:49 AM
Here a few example where toggle flash has failed to worked.
http://www.sydneycyclist.com/
http://www.insidehw.com/Reviews/CPU/Intel-Core-i7-870/Page-2.html
![[Image: eadflaack.jpg]](http://bayimg.com/image/eadflaack.jpg)
RE: flash leaking through toggle again? - sidki3003 - Sep. 06, 2009 12:07 PM
I don't see a Flash object on the second page. There is a setInterval Timer, that isn't intercepted (because the respective function contains "clearInterval").
On the first page the responsible code is:
Code:
<div [...] _embedCode="<embed [...] </embed>">Loading…</div>This Flash code is converted to a real Flash object by a script.
The "<object>...: Toggle Flash" webfilter doesn't look for this type of escaped Flash code.
Note that this config neither intercepts every Flash object or timer, nor does it block every advertisement. It just catches most of them.
RE: flash leaking through toggle again? - Toppy - Oct. 28, 2009 10:10 PM
I don't want to start another thread.
I have the contrary, on this side Proxo doesn't detect any flash. Can only bypass it.
RE: flash leaking through toggle again? - sidki3003 - Nov. 15, 2009 09:00 PM
(Oct. 28, 2009 10:10 PM)Toppy Wrote: I don't want to start another thread.
Hmm... better do so when you come across a different problem, also for reasons of visibility.
If you look at this page in dbug.. view, you'll see that the block is caused by "be.sitestat.com" tracking being integrated into the Flash script. Picking one of the Ad JS bypass keywords should do. Or select "Allow Ad JavaScript" from the Prox menu.
However, currently i see ads/trackers being embedded in Flash video scripts left and right. I'll attach three examples (one containing NSFW code). Maybe someone has an idea how to fix that generically (i.e., prevent respective filter from matching)?
RE: flash leaking through toggle again? - sidki3003 - Nov. 15, 2009 09:52 PM
Well, here's a rather dumb approach for alpha 4 (basically, whitelisting ".swf" in final test).
Hopefully we'll find a better solution.
Code:
[Patterns]
Name = "<script> Block: Ad Scripts - Content 09.11.15 [pr sd jd] (d.2) TEST"
Active = TRUE
URL = "$TST(hCT=*html)(^$TST(keyword=*.(a_ads|a_js|a_adjs|a_adscr).*))"
Bounds = "<script(^[^>]++\ssrc=)(*>)+{1}$INEST(<script(*>)+{1},</script)"
Limit = 2038
Match = "$TST(script=1*)(^$TST(comment=2))<script (for\=\"proxMoved-\w|)\2(*(>)\3)+{1}"
"("
""
"*.write(ln)+ \( "$TST(flag=*.chop_b:[12].*) (</+{0,1}|-)([a-z!-]+{0,10})\#"
" "+{1,*} \+ "+{1,*}([a-z! -]+{0,20})\#"
"$TST((\#\#)=(emb|img|ifr|div|lay|nos|scr$TST(\2=for*-(html|void)"))*)$SET(9=: \#+\# :)*"
"|"
"*<(" \+ ')+ifr(" \+ ')+ame($TST(flag=*.iframe_b:\0.*)|)("
"$TST(\0=[12])|(^$TST(\0=0))[^>]++src=$AV([^/.]+//(^([^/]++.|)$TST(uDom)(^.))*|*.swf*)"
")$SET(9=iFrame)*"
"|"
"(^$TST(flag=*.adkey_j:[#*:0].*))"
"("
"($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8 [^a-z0-9](^\=)$SET(9=AdKey.1 \8)"
"|*\s($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
" (^[a-z0-9,;&"'<]|=$AV((0|false|null|)(;*|)))$SET(9=AdKey.3 \8)"
"|*("
".(write(ln|) \( |)($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
"(^[a-z0-9"']|[.#:_ -][a-z0-9.#:_ -]+ { [a-z-]+ :|=$AV((0|false|null|)(;*|)))$SET(9=AdKey.2 \8)"
"|_($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
"(^[a-z0-9"']|[.#:_ -][a-z0-9.#:_ -]+ { [a-z-]+ :|=$AV((0|false|null|)(;*|)))$SET(9=AdKey.2 \8)"
"|;($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
"(^[a-z0-9]|=$AV((0|false|null|)(;*|)))$SET(9=AdKey.3 \8)"
"|\+($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8[^a-z0-9]$SET(9=AdKey.3 \8)"
"|\= ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8[^a-z0-9"']$SET(9=AdKey.4 \8)"
"|\"($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"$SET(9=AdKey.5 \8)"
"|\'($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"$SET(9=AdKey.5 \8)"
")"
")*"
"|"
"$TST(flag=*.adurl:1.*)"
"*("
"\= [\[(]+("
"(\\+"(^ :+{0,1}(https+:)+{0,1}\\+/(\\+/)+{0,1})|\\\\+(x22|u0022)) [a-z0-9:_\\-]+{0,20}/| https+:|\\+/"
"&$AV( $LST(AdList)*)"
")"
"|\" :+{0,1}((https+:)+{0,1}\\+/(\\+/)+{0,1}[^"]+{2,*}(^(^\"))&&$LST(AdList)*)"
"|\' :+{0,1}((https+:)+{0,1}\\+/(\\+/)+{0,1}[^']+{2,*}(^(^\'))&&$LST(AdList)*)"
")*"
""
")\5"
"&<(script)\1[^>=]+(=(\\+")\6|>$SET(6=")|)"
"(^*(<frameset(^*<frame\s[^>]++.location(.href|)[^a-z.])|.swf))"
"($TST(\2=for*)$SET(2=pre )|$SET(2=$GET(mHead)))$SET(script=void)"
""
"&$TST(hOrigUA=*("
"(gecko/|opera)$SET(4=data:text/javascript,\3$ESC(\7))"
"|msie$SET(4=javascript:\3$ESC(\7))"
")($TST((\7)=*)$SET(3=void%200%3B)|$SET(3=)$SET(7=var prxCountAd=++prxCountAd||1;))*)"
"|"
"$SET(4=http://local.ptron/sidki_h_$GET(cfg)/dummy.js$TST((\7)=*)?prx-w:$ESC(\7))"
""
"&$SET(eAdJS=$GET(eAdJS)"
"%3Cspan class=%22Pr0xFly-Span%22%3E\2 Content:%3C/span%3E"
" $ESC(\9)%3Cbr class=%22Pr0xFly-Br%22 /%3E"
")"
"&$SET(0=$TST(keyword=(^$TST(tFrameset=*))*.i_level:5.*)"
"<span class=\6Pr0x Pr0xAdScript\6 style=\6display:$GET(displayD)\6>"
"• JS Ad: \9</span>"
")"
"&($TST(volat=*.log:2*)$ADDLST(Log-Main,[$DTM(d T)]\tWEB JS_Ad_HTM\t\9 \t\u)|)"
Replace = "\0<\1 type=\6text/javascript\6 src=\6\4\6>\5"
Name = "Remove: Ad Functions II - Code 09.11.15 [jd sd] (d.3 l.3) TEST"
Active = TRUE
URL = "($TST(hCT=*html)|$TYPE(js)|$TYPE(vbs))(^$TST(keyword=*.(a_ads|a_js|a_adjs|a_adfn2|i_level:[12]).*)|$TST(volat=*.clength:([#3:1120]e|[#3:2400]).*))"
Limit = 906
Match = "function$TST(script=[1s]*)((\s[^( ]+ |)$NEST(\(,\)))\3 {($INEST({,}))\1"
"|if( \($TST(script=[1s]*)$INEST(\(,\))\))\3 {($INEST({,}))\1"
"|else {$TST(script=[1s]*)$INEST({,})"
"|.write(ln)+ \($TST(script=[1s]*)($INEST(\(,\)))\1"
"&&(function$SET(6=Func Code)$SET(4=return String();)$TST(\3)"
" |if$SET(6=If Code )$SET(4=} else if (0) {)$TST(\3)"
" |else$SET(6=Else Code)"
" |.write$SET(6=Doc Write)$SET(4=String() \); PrxVoidF\()(ln)+ )\7"
"((?)\3"
""
"&\( "$TST(flag=*.chop_b:[12].*) (<|-)"
"([a-z!-]+{0,10})\# "+{1,*} \+ "+{1,*}([a-z! -]+{0,20})\#"
"$TST((\#\#)=(emb|img|ifr|lay|nos)*)$SET(9=: \#+\# :)*>*"
"|*<iframe($TST(flag=*.iframe_b:\0.*)|)("
"$TST(\0=[12])|(^$TST(\0=0))[^>]++src=$AV([^/.]+//(^([^/]++.|)$TST(uDom)(^.))*|*.swf*)"
")$SET(9=iFrame)*>*"
"|(^$TST(flag=*.adkey_j:[#*:0].*))"
"("
"{ ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8 [^a-z0-9](^\=)$SET(9=AdKey.1 \8)"
"|\( ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
" [^a-z0-9,](^\= (^$AV(0|1|false|true|null)))$SET(9=AdKey.1 \8)"
"|(^\( " \\+<[a-z])*("
".($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
"(^[a-z0-9/"'(]|[.#:_ -][a-z0-9.#:_ -]+ { [a-z-]+ :|=$AV((0|false|null)(;*|)))$SET(9=AdKey.2 \8)"
"|_($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
"(^(^?)|[a-z0-9/"'(]|[.#:_ -][a-z0-9.#:_ -]+ { [a-z-]+ :|=$AV((0|false|null)(;*|)))$SET(9=AdKey.2 \8)"
"|; ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
"(^[a-z0-9"']|(.|\s)[a-z0-9. ]+"|=$AV((0|1|false|true|null)(;*|)))$SET(9=AdKey.3 \8)"
"|\+ ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8[^a-z0-9]$SET(9=AdKey.3 \8)"
"|\= ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8[^a-z0-9"']$SET(9=AdKey.4 \8)"
"|\" ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8(^ [a-z0-9]|\"[,\]])$SET(9=AdKey.5 \8)"
"|\' ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8(^ [a-z0-9]|\'[,\]])$SET(9=AdKey.5 \8)"
")"
")*"
"|(^\( " \\+<(/|)[a-z])$TST(flag=*.adurl:1.*)"
"*("
"\= [\[(]+("
"(\\+"(^ :+{0,1}(https+:)+{0,1}\\+/(\\+/)+{0,1})|\\\\+(x22|u0022)) [a-z0-9:_\\-]+{0,20}/| https+:|\\+/"
"&$AV( $LST(AdList)&*[^)](^?))"
")"
"|\" :+{0,1}((https+:)+{0,1}\\+/(\\+/)+{0,1}[^"]+{2,*}(^(^\")|\"[',\]])&&$LST(AdList)*)"
"|\' :+{0,1}((https+:)+{0,1}\\+/(\\+/)+{0,1}[^']+{2,*}(^(^\')|\'[",\]])&&$LST(AdList)*)"
")*"
""
")"
"&(^*.(PlayerVersion|swf))"
"$SET(eAdJS=$TST(hCT=*html)$GET(eAdJS)"
"%3Cspan class=%22Pr0xFly-Span%22%3E$GET(mHead) \6:%3C/span%3E"
" $ESC(\9)%3Cbr class=%22Pr0xFly-Br%22 /%3E"
")"
"($TST(volat=*.log:2*)$ADDLST(Log-Main,[$DTM(d T)]\tWEB JS_AdFunction II\t\6 \t\9 \t\u)|)"
Replace = "\7\3 \4 /* PROX: Ad Function II Blocked - (\9) */ \1"RE: flash leaking through toggle again? - JJoe - Nov. 16, 2009 08:18 PM
(Nov. 15, 2009 09:00 PM)sidki3003 Wrote:(Oct. 28, 2009 10:10 PM)Toppy Wrote: I don't want to start another thread.
Hmm... better do so when you come across a different problem, also for reasons of visibility.
(Nov. 15, 2009 09:00 PM)sidki3003 Wrote: Maybe someone has an idea how to fix that generically (i.e., prevent respective filter from matching)?
Ummmm
What about adding something like
Code:
*(https+://\w.(swf|flv)$SET(Block=no)&$LST(AdList))*$SET(Block=)
|
((^$TST(Block=no))|$SET(Block=)(^))?
Look for scripts that contain swf files and then
remove them immediately or prevent match.
HTH