The Un-Official Proxomitron Forum

The Un-Official Proxomitron Forum > Proxomitron Config Sets > Sidki > flash leaking through toggle again?
Full Version: flash leaking through toggle again?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

bugger

Sep. 01, 2009, 10:49 AM
Here a few example where toggle flash has failed to worked.

http://www.sydneycyclist.com/
http://www.insidehw.com/Reviews/CPU/Inte...age-2.html


[Image: eadflaack.jpg]

sidki3003

Sep. 06, 2009, 12:07 PM
I don't see a Flash object on the second page. There is a setInterval Timer, that isn't intercepted (because the respective function contains "clearInterval").

On the first page the responsible code is:
Code:
<div [...] _embedCode="&lt;embed [...] &lt;/embed&gt;">Loading…</div>

This Flash code is converted to a real Flash object by a script.
The "<object>...: Toggle Flash" webfilter doesn't look for this type of escaped Flash code.


Note that this config neither intercepts every Flash object or timer, nor does it block every advertisement. It just catches most of them.

Toppy

Oct. 28, 2009, 10:10 PM
I don't want to start another thread.

I have the contrary, on this side Proxo doesn't detect any flash. Can only bypass it.

sidki3003

Nov. 15, 2009, 09:00 PM
(Oct. 28, 2009 10:10 PM)Toppy Wrote: [ -> ]I don't want to start another thread.

Hmm... better do so when you come across a different problem, also for reasons of visibility.

If you look at this page in dbug.. view, you'll see that the block is caused by "be.sitestat.com" tracking being integrated into the Flash script. Picking one of the Ad JS bypass keywords should do. Or select "Allow Ad JavaScript" from the Prox menu.

However, currently i see ads/trackers being embedded in Flash video scripts left and right. I'll attach three examples (one containing NSFW code). Maybe someone has an idea how to fix that generically (i.e., prevent respective filter from matching)?

sidki3003

Nov. 15, 2009, 09:52 PM
Well, here's a rather dumb approach for alpha 4 (basically, whitelisting ".swf" in final test).
Hopefully we'll find a better solution.

Code:
[Patterns]
Name = "<script> Block: Ad Scripts - Content     09.11.15 [pr sd jd] (d.2) TEST"
Active = TRUE
URL = "$TST(hCT=*html)(^$TST(keyword=*.(a_ads|a_js|a_adjs|a_adscr).*))"
Bounds = "<script(^[^>]++\ssrc=)(*>)+{1}$INEST(<script(*>)+{1},</script)"
Limit = 2038
Match = "$TST(script=1*)(^$TST(comment=2))<script (for\=\"proxMoved-\w|)\2(*(>)\3)+{1}"
        "("
        ""
        "*.write(ln)+ \( "$TST(flag=*.chop_b:[12].*) (</+{0,1}|-)([a-z!-]+{0,10})\#"
        " "+{1,*} \+ "+{1,*}([a-z! -]+{0,20})\#"
        "$TST((\#\#)=(emb|img|ifr|div|lay|nos|scr$TST(\2=for*-(html|void)"))*)$SET(9=: \#+\# :)*"
        "|"
        "*<(" \+ ')+ifr(" \+ ')+ame($TST(flag=*.iframe_b:\0.*)|)("
        "$TST(\0=[12])|(^$TST(\0=0))[^>]++src=$AV([^/.]+//(^([^/]++.|)$TST(uDom)(^.))*|*.swf*)"
        ")$SET(9=iFrame)*"
        "|"
        "(^$TST(flag=*.adkey_j:[#*:0].*))"
        "("
        "($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8 [^a-z0-9](^\=)$SET(9=AdKey.1 \8)"
        "|*\s($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
        " (^[a-z0-9,;&"'<]|=$AV((0|false|null|)(;*|)))$SET(9=AdKey.3 \8)"
        "|*("
        ".(write(ln|) \( |)($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
        "(^[a-z0-9"']|[.#:_ -][a-z0-9.#:_ -]+ { [a-z-]+ :|=$AV((0|false|null|)(;*|)))$SET(9=AdKey.2 \8)"
        "|_($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
        "(^[a-z0-9"']|[.#:_ -][a-z0-9.#:_ -]+ { [a-z-]+ :|=$AV((0|false|null|)(;*|)))$SET(9=AdKey.2 \8)"
        "|;($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
        "(^[a-z0-9]|=$AV((0|false|null|)(;*|)))$SET(9=AdKey.3 \8)"
        "|\+($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8[^a-z0-9]$SET(9=AdKey.3 \8)"
        "|\= ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8[^a-z0-9"']$SET(9=AdKey.4 \8)"
        "|\"($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"$SET(9=AdKey.5 \8)"
        "|\'($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"$SET(9=AdKey.5 \8)"
        ")"
        ")*"
        "|"
        "$TST(flag=*.adurl:1.*)"
        "*("
        "\= [\[(]+("
        "(\\+"(^ :+{0,1}(https+:)+{0,1}\\+/(\\+/)+{0,1})|\\\\+(x22|u0022)) [a-z0-9:_\\-]+{0,20}/| https+:|\\+/"
        "&$AV( $LST(AdList)*)"
        ")"
        "|\" :+{0,1}((https+:)+{0,1}\\+/(\\+/)+{0,1}[^"]+{2,*}(^(^\"))&&$LST(AdList)*)"
        "|\' :+{0,1}((https+:)+{0,1}\\+/(\\+/)+{0,1}[^']+{2,*}(^(^\'))&&$LST(AdList)*)"
        ")*"
        ""
        ")\5"
        "&<(script)\1[^>=]+(=(\\+")\6|>$SET(6=")|)"
        "(^*(<frameset(^*<frame\s[^>]++.location(.href|)[^a-z.])|.swf))"
        "($TST(\2=for*)$SET(2=pre )|$SET(2=$GET(mHead)))$SET(script=void)"
        ""
        "&$TST(hOrigUA=*("
        "(gecko/|opera)$SET(4=data:text/javascript,\3$ESC(\7))"
        "|msie$SET(4=javascript:\3$ESC(\7))"
        ")($TST((\7)=*)$SET(3=void%200%3B)|$SET(3=)$SET(7=var prxCountAd=++prxCountAd||1;))*)"
        "|"
        "$SET(4=http://local.ptron/sidki_h_$GET(cfg)/dummy.js$TST((\7)=*)?prx-w:$ESC(\7))"
        ""
        "&$SET(eAdJS=$GET(eAdJS)"
        "%3Cspan class=%22Pr0xFly-Span%22%3E\2 Content:%3C/span%3E"
        "   $ESC(\9)%3Cbr class=%22Pr0xFly-Br%22 /%3E"
        ")"
        "&$SET(0=$TST(keyword=(^$TST(tFrameset=*))*.i_level:5.*)"
        "<span class=\6Pr0x&#x20;Pr0xAdScript\6 style=\6display:$GET(displayD)\6>"
        "&#8226;&#160;JS Ad: \9</span>"
        ")"
        "&($TST(volat=*.log:2*)$ADDLST(Log-Main,[$DTM(d T)]\tWEB JS_Ad_HTM\t\9 \t\u)|)"
Replace = "\0<\1 type=\6text/javascript\6 src=\6\4\6>\5"

Name = "Remove: Ad Functions II - Code     09.11.15 [jd sd] (d.3 l.3) TEST"
Active = TRUE
URL = "($TST(hCT=*html)|$TYPE(js)|$TYPE(vbs))(^$TST(keyword=*.(a_ads|a_js|a_adjs|a_adfn2|i_level:[12]).*)|$TST(volat=*.clength:([#3:1120]e|[#3:2400]).*))"
Limit = 906
Match = "function$TST(script=[1s]*)((\s[^( ]+ |)$NEST(\(,\)))\3 {($INEST({,}))\1"
        "|if( \($TST(script=[1s]*)$INEST(\(,\))\))\3 {($INEST({,}))\1"
        "|else {$TST(script=[1s]*)$INEST({,})"
        "|.write(ln)+ \($TST(script=[1s]*)($INEST(\(,\)))\1"
        "&&(function$SET(6=Func Code)$SET(4=return String();)$TST(\3)"
        " |if$SET(6=If Code  )$SET(4=} else if (0) {)$TST(\3)"
        " |else$SET(6=Else Code)"
        " |.write$SET(6=Doc Write)$SET(4=String() \); PrxVoidF\()(ln)+ )\7"
        "((?)\3"
        ""
        "&\( "$TST(flag=*.chop_b:[12].*) (<|-)"
        "([a-z!-]+{0,10})\# "+{1,*} \+ "+{1,*}([a-z! -]+{0,20})\#"
        "$TST((\#\#)=(emb|img|ifr|lay|nos)*)$SET(9=: \#+\# :)*>*"
        "|*<iframe($TST(flag=*.iframe_b:\0.*)|)("
        "$TST(\0=[12])|(^$TST(\0=0))[^>]++src=$AV([^/.]+//(^([^/]++.|)$TST(uDom)(^.))*|*.swf*)"
        ")$SET(9=iFrame)*>*"
        "|(^$TST(flag=*.adkey_j:[#*:0].*))"
        "("
        "{ ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8 [^a-z0-9](^\=)$SET(9=AdKey.1 \8)"
        "|\( ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
        " [^a-z0-9,](^\= (^$AV(0|1|false|true|null)))$SET(9=AdKey.1 \8)"
        "|(^\( " \\+<[a-z])*("
        ".($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
        "(^[a-z0-9/"'(]|[.#:_ -][a-z0-9.#:_ -]+ { [a-z-]+ :|=$AV((0|false|null)(;*|)))$SET(9=AdKey.2 \8)"
        "|_($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
        "(^(^?)|[a-z0-9/"'(]|[.#:_ -][a-z0-9.#:_ -]+ { [a-z-]+ :|=$AV((0|false|null)(;*|)))$SET(9=AdKey.2 \8)"
        "|; ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8"
        "(^[a-z0-9"']|(.|\s)[a-z0-9. ]+"|=$AV((0|1|false|true|null)(;*|)))$SET(9=AdKey.3 \8)"
        "|\+ ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8[^a-z0-9]$SET(9=AdKey.3 \8)"
        "|\= ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8[^a-z0-9"']$SET(9=AdKey.4 \8)"
        "|\" ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8(^ [a-z0-9]|\"[,\]])$SET(9=AdKey.5 \8)"
        "|\' ($LST(AdKeys-J)([0-9_.:-][a-z0-9_.:-]+)+{0,1})\8(^ [a-z0-9]|\'[,\]])$SET(9=AdKey.5 \8)"
        ")"
        ")*"
        "|(^\( " \\+<(/|)[a-z])$TST(flag=*.adurl:1.*)"
        "*("
        "\= [\[(]+("
        "(\\+"(^ :+{0,1}(https+:)+{0,1}\\+/(\\+/)+{0,1})|\\\\+(x22|u0022)) [a-z0-9:_\\-]+{0,20}/| https+:|\\+/"
        "&$AV( $LST(AdList)&*[^)](^?))"
        ")"
        "|\" :+{0,1}((https+:)+{0,1}\\+/(\\+/)+{0,1}[^"]+{2,*}(^(^\")|\"[',\]])&&$LST(AdList)*)"
        "|\' :+{0,1}((https+:)+{0,1}\\+/(\\+/)+{0,1}[^']+{2,*}(^(^\')|\'[",\]])&&$LST(AdList)*)"
        ")*"
        ""
        ")"
        "&(^*.(PlayerVersion|swf))"
        "$SET(eAdJS=$TST(hCT=*html)$GET(eAdJS)"
        "%3Cspan class=%22Pr0xFly-Span%22%3E$GET(mHead) \6:%3C/span%3E"
        " $ESC(\9)%3Cbr class=%22Pr0xFly-Br%22 /%3E"
        ")"
        "($TST(volat=*.log:2*)$ADDLST(Log-Main,[$DTM(d T)]\tWEB JS_AdFunction II\t\6 \t\9 \t\u)|)"
Replace = "\7\3 \4 /* PROX: Ad Function II Blocked - (\9) */ \1"

JJoe

Nov. 16, 2009, 08:18 PM
(Nov. 15, 2009 09:00 PM)sidki3003 Wrote: [ -> ]
(Oct. 28, 2009 10:10 PM)Toppy Wrote: [ -> ]I don't want to start another thread.

Hmm... better do so when you come across a different problem, also for reasons of visibility.

(Nov. 15, 2009 09:00 PM)sidki3003 Wrote: [ -> ]Maybe someone has an idea how to fix that generically (i.e., prevent respective filter from matching)?

Ummmm Wink


What about adding something like

Code:
*(https+://\w.(swf|flv)$SET(Block=no)&$LST(AdList))*$SET(Block=)
|
((^$TST(Block=no))|$SET(Block=)(^))

?

Look for scripts that contain swf files and then
remove them immediately or prevent match.

HTH
The Un-Official Proxomitron Forum > Proxomitron Config Sets > Sidki > flash leaking through toggle again?
Reference URL's