Skip to content
This repository has been archived by the owner on Dec 11, 2019. It is now read-only.

investigate webRequest bypasses #6997

Closed
diracdeltas opened this issue Feb 2, 2017 · 0 comments
Closed

investigate webRequest bypasses #6997

diracdeltas opened this issue Feb 2, 2017 · 0 comments
Assignees
@diracdeltas
Labels
feature/adblock privacy QA/no-qa-needed release-notes/include
Milestone
0.13.5

Comments

@diracdeltas
Copy link
Member

related: #6831 #6843

currently ads may be able to bypass Brave's builtin blocking by being excluded from webRequest interception. i suspect websockets is the major one, based on https://bugs.chromium.org/p/chromium/issues/detail?id=129353.

we should also ignore https://cs.chromium.org/chromium/src/extensions/browser/api/web_request/web_request_permissions.cc?sq=package:chromium&dr=C&l=46 for the Brave extension
@diracdeltas diracdeltas added this to the 0.13.3 milestone Feb 2, 2017
@diracdeltas diracdeltas self-assigned this Feb 2, 2017
diracdeltas added a commit that referenced this issue Feb 8, 2017
@diracdeltas
Fix websockets bypass in Brave filtering
145d84b 
Fix #6997.
Note: this works around the issue of websocket requests being associated with tabId -1, which seems wrong and is why websocket URLs do not show up in the Bravery Panel stats.

Auditors: @bridiver

Test Plan: covered by automated test
@diracdeltas diracdeltas mentioned this issue Feb 8, 2017
Merged
4 tasks
@bbondy bbondy modified the milestones: 0.13.6, 0.13.5 Feb 16, 2017
diracdeltas added a commit that referenced this issue Feb 16, 2017
@diracdeltas
Fix websockets bypass in Brave filtering
f91f678 
Fix #6997.
Requires brave/muon#160

Auditors: @bridiver

Test Plan: covered by automated test
@diracdeltas diracdeltas modified the milestones: 0.13.5, 0.13.6 Feb 16, 2017
This was referenced Feb 26, 2017
Closed
Closed
Closed
Closed
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@diracdeltas diracdeltas

Labels
feature/adblock privacy QA/no-qa-needed release-notes/include
Projects
None yet
Milestone
0.13.5
Development

No branches or pull requests
3 participants
@diracdeltas @bbondy @luixxiul