Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Delta Between Two Patch Sets: pages/filters.html

Issue 29754559: Issue 54 - Add documentation for the $csp filter option (Closed)
Left Patch Set: Created April 17, 2018, 1:50 p.m.
Right Patch Set: Add parenthesis for version requirement Created April 17, 2018, 3:45 p.m.
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
Left: Side by side diff | Download
Right: Side by side diff | Download
« no previous file with change/comment | « no previous file | no next file » | no next file with change/comment »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
LEFTRIGHT
1 title=Writing Adblock Plus filters 1 title=Writing Adblock Plus filters
2 2
3 3
4 <p>{{s1 Current Adblock Plus versions allow you to "tweak" your filters in many different ways. This document explains the choices that you have and how they ca n be used.}}</p> 4 <p>{{s1 Current Adblock Plus versions allow you to "tweak" your filters in many different ways. This document explains the choices that you have and how they ca n be used.}}</p>
5 5
6 <p>{{s2 <em>Disclaimer</em>: All filter examples given here are really only ex amples and are not meant to be used.}}</p> 6 <p>{{s2 <em>Disclaimer</em>: All filter examples given here are really only ex amples and are not meant to be used.}}</p>
7 7
8 <h2 id="introduction">{{s3 Introduction to Adblock Plus filters}}</h2> 8 <h2 id="introduction">{{s3 Introduction to Adblock Plus filters}}</h2>
9 9
10 <p>{{s4 The options described in this section should be enough for users who h ave to create a filter occasionally.}}</p> 10 <p>{{s4 The options described in this section should be enough for users who h ave to create a filter occasionally.}}</p>
(...skipping 153 matching lines...) Expand 10 before | Expand all | Expand 10 after
164 <code><fix>xbl</fix></code> and <code><fix>dtd</fix></code> are outdated 164 <code><fix>xbl</fix></code> and <code><fix>dtd</fix></code> are outdated
165 and should no longer be used.}} 165 and should no longer be used.}}
166 </li> 166 </li>
167 <li>{{s69 Inverse type options: specify the element types the filter should <strong>not</strong> be applied to. Possible inverse type options: <code><fix>~s cript</fix></code>, <code><fix>~image</fix></code>, <code><fix>~stylesheet</fix> </code>, <code><fix>~object</fix></code>, <code><fix>~xmlhttprequest</fix></code >, <code><fix>~object-subrequest</fix></code>, <code><fix>~subdocument</fix></co de>, <code><fix>~document</fix></code>, <code><fix>~elemhide</fix></code>, <code ><fix>~other</fix></code>}}</li> 167 <li>{{s69 Inverse type options: specify the element types the filter should <strong>not</strong> be applied to. Possible inverse type options: <code><fix>~s cript</fix></code>, <code><fix>~image</fix></code>, <code><fix>~stylesheet</fix> </code>, <code><fix>~object</fix></code>, <code><fix>~xmlhttprequest</fix></code >, <code><fix>~object-subrequest</fix></code>, <code><fix>~subdocument</fix></co de>, <code><fix>~document</fix></code>, <code><fix>~elemhide</fix></code>, <code ><fix>~other</fix></code>}}</li>
168 <li>{{s70 Restriction to third-party/first-party requests: If the <code><fix >third-party</fix></code> option is specified, the filter is only applied to req uests from a different origin than the currently viewed page. Similarly, <code>< fix>~third-party</fix></code> restricts the filter to requests from the same ori gin as the currently viewed page.}}</li> 168 <li>{{s70 Restriction to third-party/first-party requests: If the <code><fix >third-party</fix></code> option is specified, the filter is only applied to req uests from a different origin than the currently viewed page. Similarly, <code>< fix>~third-party</fix></code> restricts the filter to requests from the same ori gin as the currently viewed page.}}</li>
169 <li>{{s71 Domain restrictions: The option <code><fix>domain=example.com</fix ></code> means that the filter should only be applied on pages from "example.com " domain. Multiple domains can be specified using "|" as separator: with the opt ion <code><fix>domain=example.com|example.net</fix></code> the filter will only be applied on pages from "example.com" or "example.net" domains. If a domain nam e is preceded with "~", the filter should <strong>not</strong> be applied on pag es from this domain. For example, <code><fix>domain=~example.com</fix></code> me ans that the filter should be applied on pages from any domain but "example.com" and <code><fix>domain=example.com|~foo.example.com</fix></code> restricts the f ilter to the "example.com" domain with the exception of "foo.example.com" subdom ain.}}</li> 169 <li>{{s71 Domain restrictions: The option <code><fix>domain=example.com</fix ></code> means that the filter should only be applied on pages from "example.com " domain. Multiple domains can be specified using "|" as separator: with the opt ion <code><fix>domain=example.com|example.net</fix></code> the filter will only be applied on pages from "example.com" or "example.net" domains. If a domain nam e is preceded with "~", the filter should <strong>not</strong> be applied on pag es from this domain. For example, <code><fix>domain=~example.com</fix></code> me ans that the filter should be applied on pages from any domain but "example.com" and <code><fix>domain=example.com|~foo.example.com</fix></code> restricts the f ilter to the "example.com" domain with the exception of "foo.example.com" subdom ain.}}</li>
170 <li> 170 <li>
171 {{s72 Sitekey restrictions: The option <code><fix>sitekey=abcdsitekeydcba< /fix></code> means that the filter should only be applied on pages that provide a public key and a signature which can be verified by that very same public key that is also contained in the filter (but without the trailing =). Multiple site keys can be specified using "|" as separator: with the option <code><fix>sitekey =abcdsitekeydcba|bcdesitekeyedcb</fix></code> the filter will only be applied on pages providing either sitekey "abcdsitekeydcba" or "bcdesitekeyedcb". This is similar to domain restrictions but allows covering scenarios where a single filt er should apply to a very large number of domains. Note that sitekey restriction s require <a href="#sitekey_server">modifications on the server-side</a>.}} 171 {{s72 Sitekey restrictions: The option <code><fix>sitekey=abcdsitekeydcba< /fix></code> means that the filter should only be applied on pages that provide a public key and a signature which can be verified by that very same public key that is also contained in the filter (but without the trailing =). Multiple site keys can be specified using "|" as separator: with the option <code><fix>sitekey =abcdsitekeydcba|bcdesitekeyedcb</fix></code> the filter will only be applied on pages providing either sitekey "abcdsitekeydcba" or "bcdesitekeyedcb". This is similar to domain restrictions but allows covering scenarios where a single filt er should apply to a very large number of domains. Note that sitekey restriction s require <a href="#sitekey_server">modifications on the server-side</a>.}}
172 </li> 172 </li>
173 <li> 173 <li>
174 {{csp Content Security Policies: The option <code><fix>csp=script-src: 'no ne'</fix></code> means that the <a href="https://developer.mozilla.org/docs/Web/ HTTP/Headers/Content-Security-Policy">Content Security Policy header</a> of "scr ipt-src: 'none'" will be injected into the response for HTTP requests to address es matching the filter - assuming that exception rules with the option don't als o match and that the addresses aren't whitelisted. This filter option is not gen erally expected to be used, instead saved as a last resort to help prevent advan ced circumvention. Adblock Plus for Chrome, Firefox and opera 3.0.4 or higher re quired.}} 174 {{csp Content Security Policies: The option <code><fix>csp=script-src: 'no ne'</fix></code> causes a Content Security Policy header of <code><fix>script-sr c: 'none'</fix></code> to be injected into HTTP responses for requested document s matching the filter — assuming that exception rules with the same option don't also match and that the document isn’t whitelisted. The Content Security Policy <code><fix>script-src: 'none'</fix></code> would in turn block all scripts — in cluding inline — for the document. This filter option should generally be avoide d, except as a last resort to counter advanced circumvention. (Adblock Plus 3.1 or higher required.)}}
juliandoucette 2018/04/23 14:08:19 Detail: A description list would be more appropria
175 </li> 175 </li>
176 <li>{{s73 <code><fix>match-case</fix></code> — makes the filter only apply t o addresses with matching letter case, e.g. the filter <code><fix>*/BannerAd.gif $match-case</fix></code> will block <code><fix>http://example.com/BannerAd.gif</ fix></code> but not <code><fix>http://example.com/bannerad.gif</fix></code>.}}</ li> 176 <li>{{s73 <code><fix>match-case</fix></code> — makes the filter only apply t o addresses with matching letter case, e.g. the filter <code><fix>*/BannerAd.gif $match-case</fix></code> will block <code><fix>http://example.com/BannerAd.gif</ fix></code> but not <code><fix>http://example.com/bannerad.gif</fix></code>.}}</ li>
177 <li>{{s74 <code><fix>collapse</fix></code> — this option will override the g lobal "Hide placeholders of blocked elements" option and make sure the filter al ways hides the element. Similarly the <code><fix>~collapse</fix></code> option w ill make sure the filter never hides the element.}}</li> 177 <li>{{s74 <code><fix>collapse</fix></code> — this option will override the g lobal "Hide placeholders of blocked elements" option and make sure the filter al ways hides the element. Similarly the <code><fix>~collapse</fix></code> option w ill make sure the filter never hides the element.}}</li>
178 <li> 178 <li>
179 {{s75 <code><fix>donottrack</fix></code> — for any address matching a bloc king rule with 179 {{s75 <code><fix>donottrack</fix></code> — for any address matching a bloc king rule with
180 this option and not matching any exception rules with this option a 180 this option and not matching any exception rules with this option a
181 <a href="http://donottrack.us/">Do-Not-Track header</a> will be sent (requ ires 181 <a href="http://donottrack.us/">Do-Not-Track header</a> will be sent (requ ires
182 Adblock Plus 1.3.5 or higher).}} {{s76 For backwards compatibility it is r ecommended 182 Adblock Plus 1.3.5 or higher).}} {{s76 For backwards compatibility it is r ecommended
183 to use this option in combination with contradicting type options, this wi ll prevent this 183 to use this option in combination with contradicting type options, this wi ll prevent this
184 filter from blocking anything in earlier Adblock Plus versions: 184 filter from blocking anything in earlier Adblock Plus versions:
(...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after
302 {{s110 The data used for creating the signature is a concatenated list of requ est variables (namely URI, host and user agent) separated by the <code><fix>NUL< /fix></code> character "\0". For example:}} 302 {{s110 The data used for creating the signature is a concatenated list of requ est variables (namely URI, host and user agent) separated by the <code><fix>NUL< /fix></code> character "\0". For example:}}
303 </p> 303 </p>
304 304
305 <pre> 305 <pre>
306 /index.html?q=foo\0www.example.com\0Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv :30.0) Gecko/20100101 Firefox/30.0 306 /index.html?q=foo\0www.example.com\0Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv :30.0) Gecko/20100101 Firefox/30.0
307 </pre> 307 </pre>
308 308
309 <p> 309 <p>
310 {{s111 Finally, generate the signature for this string by using the signature algorithm SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE (default when using OpenSSL).}} 310 {{s111 Finally, generate the signature for this string by using the signature algorithm SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE (default when using OpenSSL).}}
311 </p> 311 </p>
LEFTRIGHT
« no previous file | no next file » | Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Toggle Comments ('s')

Powered by Google App Engine
This is Rietveld