[RESOLVED] The Impossible Script Ad

[a guest]

I think I may have found an Script/Ad that seems impossible to block. The site in question is: Im@gef@p dot com. A click anywhere on the pages of this site and another window (popunder) will open with this Ad:
(PORN SITE) hxxp://creatives.livejasmin.com/iframes/i/im/imagefap/imagefap.html
Now obviously, one can just install NoScript or disable Javascript, but in order to see the full size images on the website, Javascript has to be allowed. There just doesn't seem to be anyway around this. Any ideas?

[Alan Baxter]

You got quite a few responses when you asked about this in the Adblock Plus forum. http://adblockplus.org/forum/viewtopic.php?t=3986
There's nothing wrong with you asking about it here too, but I want to give everyone else the benefit of the other discussion as well. This sounds similar to issues discussed recently in the MozillaZine forums, popup related bug at mlb.com?, and elsewhere in the NoScript forums, noscript breaks popupblocker for leftclick on first focus

I'm afraid I don't have any additional suggestions for you. Good luck!

BTW, registered forum members can see you're posting with Internet Explorer. Are you a Firefox/NoScript user, or is this just a general popup/popunder/javascript question?

[Tom T.]

Oh, the things a researche must do in the name of science!
Went there and got a full-size view of one model's home-page pic without issue. Tried clicking others, viewing their galleries, etc. It wasn't until I tried to full-screen a gallery shot that temp-allowing the domain's script was required. I left everything else blocked, incl. flash objects, etc. Yes, it opens a window and tries to connect to promo.awempire.com. It could not, because that site is automatically blocked in my HOSTS file. I can point you to that service if you like.

In the meantime, full-screen images were available. Keep opening NS menu and add everything that shows to the "untrusted" list, especially 77.247.179.152, but also adbrite.com, etc. -- everything except the im@gef@p. After doing this, I could full-screen the images and not get the pop-up window.

It's a dirty, rotten job, but *somebody's* gotta do it...

Edit: Adblock Original shows a blocked iFrame subdocument. It blocks all that type of stuff by default, without any user action. I like it and always use it.

[Giorgio Maone]

From http://forums.mozillazine.org/viewtopic ... 0#p5681105

looks like a great use case for Script Surrogates at the page level.
Please create the two following about:config string preferences:
noscript.surrogate.fap.sources = @*.imagefap.com *.moviefap.com
noscript.surrogate.fap.replacement = window.initPu=function(){};window.load_pop_power=window.initPu;

[EDIT]:
Tested and updated (the one above was 4 months old):
noscript.surrogate.fap.sources = @*.imagefap.com imagefap.com *.moviefap.com moviefap.com
noscript.surrogate.fap.replacement = window.puShown getter = window.puShown setter = function() { return true };

[GµårÐïåñ]

Is this going to be integrated from this point forward along with the other surrogates we have?

[Tom T.]

And is the OP going to switch to Fx/NS permanently now?
Thanks for the higher-tech solution, Giorgio.

[Guest]

From http://forums.mozillazine.org/viewtopic ... 0#p5681105

looks like a great use case for Script Surrogates at the page level.
Please create the two following about:config string preferences:
noscript.surrogate.fap.sources = @*.imagefap.com *.moviefap.com
noscript.surrogate.fap.replacement = window.initPu=function(){};window.load_pop_power=window.initPu;

[EDIT]:
Tested and updated (the one above was 4 months old):
noscript.surrogate.fap.sources = @*.imagefap.com imagefap.com *.moviefap.com moviefap.com
noscript.surrogate.fap.replacement = window.puShown getter = window.puShown setter = function() { return true };

Quick question. I've read this thread (and the other at AdBlock Plus) as well as the hackademix.net post regarding Surrogate scripts in general. I've noticed that there already seems to be a few of these in my about:config including one for fap, one for ga, one for qs, and one for yieldman.

My question is, if I am looking to add one for another site, is there a required string for the entry in the 3rd position? That is noscript.surrogate.WHATGOESHERE.sources (and replacement.) It seems as though the ga would be for the ga.js or whatever that gets called, but I'm doing a view source and I don't see the name of the script being used.

Or am I barking up the wrong tree?

[Guest]

Upon further inspection, it appears that the same bit of code was being used on the other site. This is apparently, semi-generic ad code for Adult Fr1end F1nder which ironically appears on a lot more than just porn sites. I was able to block it by adding the new site to the .fap.sources value which solves my immediate problem and seems to maybe answer my question.

If a new site can be added to the .fap entries, then it suggests that the .fap. part of the entry is nothing more than a label. Correct?

Theoretically then any time I wanted to block a specific instance of javascript sneakiness I can use this function and choose whatever I want for the label. Is there a size limitation to this where things will start to parse too slowly or is this the kind of thing that is rare enough we likely won't ever get to that issue?

Thanks again.

P.S. If there is documentation on this feature, point the way and I'll stop posting

[Giorgio Maone]

If a new site can be added to the .fap entries, then it suggests that the .fap. part of the entry is nothing more than a label. Correct?

Yes, it's correct.

Theoretically then any time I wanted to block a specific instance of javascript sneakiness I can use this function and choose whatever I want for the label. Is there a size limitation to this where things will start to parse too slowly or is this the kind of thing that is rare enough we likely won't ever get to that issue?

As long as you manage to keep the number of preference entries relatively small (i.e. < 100), you shouldn't notice any impact, as each "sources" entry, even if containing multiple patterns, gets compiled to one single regular expression.

[markjayandres]

hello !!! GEORGIO MAONE !!!


Is there a size limitation to this where things will start to parse too slowly or is this the kind of thing that is rare enough we likely won't ever get to that issue?

"""" TNX IN ADVANCE & GOD BLESS """
[EDIT by Giorgio Maone]
Removed spammy link

[Giorgio Maone]

Is there a size limitation to this where things will start to parse too slowly or is this the kind of thing that is rare enough we likely won't ever get to that issue?

No need to worry. And no spam, please.

[Link]

I don't know javascript but I tried my hand at making a surrogate for a few hours; no luck. Any chance someone could help? pornhub . com has a popunder that behaves as OP described: click anywhere and a newtab will open. In my setup it actually opens and focuses to an about:blank tab and the original page tries to redirect to exogripper . com but requestpolicy stops it. Right clicking the page causes firefox to block a popup successfully.

Any suggestions?

[Thrawn]

What is the reason you need to allow scripts on this domain?

[therube]

Looks like you need

+phncdn.com
+pornhub.com

for the clips to play.

(I only got one popup & then couldn't seem to force another by opening other clips.)

[Link]

Looks like you need

+phncdn.com
+pornhub.com

for the clips to play.

(I only got one popup & then couldn't seem to force another by opening other clips.)

Yes, the first time you click anywhere on any page there will be a popup- so when navigating the site you will experience many of these. This exact behavior is actually happening on many more pornsites, and adblockplus w/ popup addon does not block it. Seems like it's time for a new standard surrogate script?