streamsilk.com: popups

[ghajini]

Prerequisites

• This is NOT a YouTube, Facebook, Twitch or a shortener/hosting site report. These sites MUST be reported by clicking their respective links.
• I read and understand the policy about what is a valid filter issue.
• I verified that this issue is not a duplicate. (Use this button to find out.)
• I did not remove any of the default filter lists, or I have verified that the issue was not caused by removing any of the default lists.
• I did not enable additional filter lists, or I have verified that the issue still occurs without enabling additional filter lists.
• I do not have custom filters/rules, or I have verified that the issue still occurs without custom filters/rules.
• I am not using uBlock Origin along with other content blockers.
• I have verified that the web browser's built-in content blocker/tracking protection, network wide/DNS blocking, or my VPN is not causing the issue.
• I have verified that other extensions are not causing the issue.
• If this is about a breakage or detection, I have verified that it is caused by uBlock Origin and isn't a site issue.
• I did not answer truthfully to ALL the above checkboxes.

URL address of the web page

https://streamsilk.com/d/66fef1e5f0d37

Category

popups

Description

clicking 480/720 generates new popup window which is closed due to matching EL filter

Other extensions used

none

Screenshot(s)

Screenshot(s)

Configuration

uBlock Origin: 1.60.0
Firefox Mobile: 133
filterset (summary):
 network: 151321
 cosmetic: 57025
 scriptlet: 21199
 html: 2003
listset (total-discarded, last-updated):
 default:
  user-filters: 14-0, never
  ublock-filters: 41078-216, 2m Δ
  ublock-badware: 11256-7, 2m Δ
  ublock-privacy: 1271-22, 2m Δ
  ublock-unbreak: 2540-3, 2m Δ
  ublock-quick-fixes: 159-13, 2m Δ
  adguard-mobile: 9828-11, now
  easylist: 85686-259, 2m Δ
  easyprivacy: 53129-71, 2m Δ
  urlhaus-1: 24860-0, now
  plowe-0: 3546-1068, now
filterset (user): [array of 14 redacted]
userSettings:
 advancedUserEnabled: true
 userFiltersTrusted: true
hiddenSettings:
 filterAuthorMode: true
 trustedListPrefixes: ublock- user-
supportStats:
 allReadyAfter: 1059 ms (selfie)
 maxAssetCacheWait: 361 ms
 cacheBackend: indexedDB
popupPanel:
 blocked: 5
 network:
  googletagmanager.com: 1
  vklljvzzezvy.top: 3
  yandex.ru: 1
 extended:
  ##.div_pop
  ###pop.div_pop
  ##+js(addEventListener-defuser, click, pop)
  ##+js(trusted-set-constant, premium, "'1'")
  ##+js(no-window-open-if)
  ##+js(no-setTimeout-if, window.open)
  ##+js(trusted-replace-node-text, script, /openNewTab\(".*?"\)/g,…

[D4niloMR]

The code responsible for the popup is in the first lines in https://streamsilk.com/build/assets/download-BFOXNMjL.js

This works here:

streamsilk.com##+js(set, HTMLElement.prototype.click, noopFunc)

[stephenhawk8054]

I think we can limit to anchor elements only

streamsilk.com##+js(set, HTMLAnchorElement.prototype.click, noopFunc)

[ghajini]

both of them work, but limiting to anchor elements is good.also site is self broken i guess, timer never ends.

also is issue can be fixed with such idea https://github.com/AdguardTeam/Scriptlets/issues/449

[stephenhawk8054]

Yeah, that's what I was thinking too. Currently I can't think of other solutions based on current methods that can defuse element click() but with fine-grained choice of elements.

@gorhill Sorry, could you take a look?

[ghajini]

another examples we have are hydrax players

[gorhill]

gorhill/uBlock@95b0ce5. This should work:

streamsilk.com##+js(trusted-override-element-method, HTMLAnchorElement.prototype.click, a[target="_blank"][style])

[ghajini]

https://toonstream.co/episode/pokemon-journeys-the-series-23x2/
server 2
i test on firefox abysscdn.com##+js(trusted-override-element-method, HTMLAnchorElement.prototype.click, a[target="_blank"])
work
how to see which specific elements it has overrided(if its possible)?

[gorhill]

how to see which specific elements it has overrided(if its possible)?

The only way I can think of is to output the element at the console. Maybe this could be done when verbose mode is enabled?

---

Another way is to add debug as possible value for disposition, and this would trigger a debugger; statement in the scriptlet, then from there you can look at the page's code triggering the click.

Problem with either approach is that the page detect dev tools being opened. The issue with the verbose mode approach is that the element is removed immediately from the DOM upon return.

[ghajini]

i don't see

[gorhill]

You will never see elements themselves in the logger, elements or element references are not serializable, they can't be transported across documents. We can output an element to the browser dev console, and from there the browser tools will let you find it in the DOM. In any case, the element is removed from the DOM immediately by the page code, so it's not very useful. Triggering a breakpoint in the code when the override occurs is a better approach, because it will let you examine the element while it still is in the DOM.

[gorhill]

Anyway, how do I trigger the filter on that site? I don't get a report that the method was overridden.

[gorhill]

Next build you can try abysscdn.com##+js(trusted-override-element-method, HTMLAnchorElement.prototype.click, a[target="_blank"], debug) with logger opened to trigger a breakpoint in the scriptlet. The element should still be part of the DOM, and you can examine the caller's code to see what they are doing.

[ghajini]

• add abysscdn.com#@#+js(aost, HTMLElement.prototype.click, _0x)
• go to https://toonstream.co/episode/pokemon-journeys-the-series-23x2/
• click server 2
• play the video ,now go into fullscreen & then come out of fullscreen, the popup will happen

[gorhill]

With the new debug disposition value, I could break into the scriptlet code at override time. Had to use Anti Anti Debug extension. To my surprise, the a element is not part of the DOM, I thought this was a requirement for the click() method to work. Anyway, when the breakpoint triggers, you can inspect the element properties and the caller's code:

Screenshots

[uBlock-user]

streamsilk.com##+js(disable-newtab-links) works fine without having any need for a new scriptlet.

[gorhill]

Forgot about disable-newtab-links but anyway this one acts on all click events, including legitimate (isTrusted is true) ones by the user, while specifically trapping click() targets non-trusted clicks, and the new scriptlet also allows to narrow down further using a selector, and is more logger friendly.

[uBlock-user]

but anyway this one acts on all click events

Can't you make it specific to certain elements or urls ? like we have for nowoif, I feel this old scriptlet is perfect for this case.

[gorhill]

Why invest time on this unless there are actual cases to solve?

[uBlock-user]

This could resolve this case without having to resort to a new scriptlet, but it's your choice though.

[gorhill]

abysscdn.com##+js(disable-newtab-links) does not work, need to specifically trap click().

[ghajini]

i added abysscdn.com##+js(trusted-override-element-method, HTMLAnchorElement.prototype.click, a[target="_blank"], debug)
with ubo logger open & dev tools, i don't see debugger statement being invoked.
i have added ubo filters annoyances to foil antidevtool
iam on firefox stable 131 ,ubo 1.60.1b7

[ghajini]

this was part of code responsible for popups

0x305: _0x473fc2 => {
      var _0x4ec335 = -0x1;
      var _0x1b4c33 = null;
      function _0x2c6597() {
        if (_0x1b4c33) {
          var _0x685c92 = document.createElement('a');
          _0x685c92.setAttribute("href", _0x1b4c33);
          _0x685c92.setAttribute('target', "_blank");
          _0x685c92.click();
          document.onclick = null;
          document.ontouchend = null;
        }
      }
      _0x473fc2.exports = (_0x6005aa = false, _0x58ae87 = []) => {
        if (!_0x6005aa && _0x58ae87?.["length"]) {
          _0x1b4c33 = _0x58ae87[++_0x4ec335 % _0x58ae87.length];
          if (/iPhone|iPad|iPod|Mac OS/i.test(navigator.userAgent)) {
            document.onclick = _0x2c6597;
            if ("ontouchstart" in window || "onmsgesturechange" in window) {
              document.ontouchend = _0x2c6597;
            }
          } else {
            _0x2c6597();
          }
        }
      };
    },

[gorhill]

I just reproduced successfully. Did you enable debugger statement in dev tools?

My steps in a new browser profile:

• Enable Anti Anti Debug
• Add abysscdn.com#@#+js(aost, HTMLElement.prototype.click, _0x)
• Add abysscdn.com##+js(trusted-override-element-method, HTMLAnchorElement.prototype.click, a[target="_blank"], debug)
• Open logger
• Open https://toonstream.co/episode/pokemon-journeys-the-series-23x2/ in a new tab
• Open dev tools for that tab
• Click "SEVER 2"
• Click play
• Stop play (just to keep environment quiet)
• Maximize player
• Minimize player
• Debug statement triggered as seen in screenshot

[ghajini]

ok some firefox hang problem on my end, i could see debugger statement on opera👍

[D4niloMR]

Can nowoif also have a debug value?

[gorhill]

I could add a special case for the url parameter:

##+js(nowoif, debug)

Which would trigger a debugger; statement for all calls to window.open() without preventing them. Would that work?

[D4niloMR]

Yes, that should work. I was thinking of using it on https://filemoon.sx/e/dpgw5dfyk8p8 (There's no popup on Firefox because of injected CSP).

[ghajini]

https://streamsilk.com/p/66fef1e5f0d37
@stephenhawk8054 i think we need different filter than streamsilk.com##+js(set, HTMLAnchorElement.prototype.click, noopFunc) because this blocks download at

[mapx-]

clicking 480/720 generates new popup window which is closed due to matching EL filter

no popup on my side even disabling HTMLAnchorElement.prototype.click filter, so it could be removed

[ghajini]

it does for me if i disable that filter

[stephenhawk8054]

They still keep that script:

function openNewTab(url) {
  var a = document.createElement("a");
  a.href = url;
  a.target = "_blank";
  a.style.display = "none";
  document.body.appendChild(a);
  a.click();
  document.body.removeChild(a);
}

[stephenhawk8054]

@ghajini Does this work on your side?

streamsilk.com##+js(nostif, adDiv)

[ghajini]

it does not work for me

[stephenhawk8054]

Oh sorry, I checked wrong page.

[ghajini]

does having stack trace in set-constant will help?

[stephenhawk8054]

Maybe. But currently the only way I can think of is rpnt

streamsilk.com##+js(rpnt, script, window.dataLayer =, 'window.HTMLAnchorElement.prototype.click=new Proxy(window.HTMLAnchorElement.prototype.click,{apply:(target,thisArg,args)=>{console.log(thisArg);if(thisArg&&!thisArg.href.includes("streamsilk.com"))return;return Reflect.apply(target,thisArg,args)}});window.dataLayer =', sedCount, 1)

[mapx-]

popups only on mobile ?

[mapx-]

ok, popups on the first link in the issue, not on the last link

[ghajini]

opera/ firefox mobile

[ghajini]

Maybe. But currently the only way I can think of is rpnt

streamsilk.com##+js(rpnt, script, window.dataLayer =, 'window.HTMLAnchorElement.prototype.click=new Proxy(window.HTMLAnchorElement.prototype.click,{apply:(target,thisArg,args)=>{console.log(thisArg);if(thisArg&&!thisArg.href.includes("streamsilk.com"))return;return Reflect.apply(target,thisArg,args)}});window.dataLayer =', sedCount, 1)

that works for me