NOScript filtering bypassed by third-party advertising site

Ask for help about NoScript, no registration needed to post
Post Reply
NSUser

NOScript filtering bypassed by third-party advertising site

Post by NSUser »

I found NoScript filtering being bypassed by a third-party advertising site on this site http://marienkatn.blog.cz/1205/zlin-fest-2012. It seems to be using document.write() using split strings, for example: document.write('<scr' + 'ipt language=javascript>'); etc. to escape detection by ns. Is there any way to configure ns to stop this from happening?
Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0
Top
User avatar
therube
Ambassador
Posts: 7991
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

Re: NOScript filtering bypassed by third-party advertising s

Post by therube »

Code: Select all

document.write('<scr'+'ipt language="javascript1.1" src="http://adserver.adtech.de/addyn|3.0|1045.1|2439364|0|170|ADTECH;cookie=info;alias=Rectangle_2_Blog.cz_U_Blogs_ostatni-u-blogs;loc=100;target=_blank;sub1=[subst];key=key1+key2+key3+key4;grp='+window.adgroupid+';misc='+new Date().getTime()+'"></scri'+'pt>');
But is it actually something like this that you are seeing, which is not using JavaScript?:

Code: Select all

<noscript><a href="http://adserver.adtech.de/adlink|3.0|1045.1|2439364|0|170|ADTECH;loc=300;alias=Rectangle_2_Blog.cz_U_Blogs_ostatni-u-blogs;key=key1+key2+key3+key4;sub1=[subst]" target="_blank"><img src="http://adserver.adtech.de/adserv|3.0|1045.1|2439364|0|170|ADTECH;cookie=info;loc=300;alias=Rectangle_2_Blog.cz_U_Blogs_ostatni-u-blogs;key=key1+key2+key3+key4" border="0" width="300" height="250" alt="" /></a></noscript>
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:26.0) Gecko/20100101 SeaMonkey/2.23a2
Top
NSUser

Re: NoScript filtering bypassed by third-party advertising s

Post by NSUser »

Thank you. Yes, that was apparently it. Deselecting "Advanced > Trusted > Show the <NOSCRIPT> element..." in "Options" did the trick.
The ad site "adserver.adtech.de" is not present in the "Allow..."/"Temporarily allow..." menu when <NOSCRIPT> is displayed. It would seem I've misunderstood the boundaries within which NS does its job. It isn't a blanket ad blocker, if indeed there is such a thing.
Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0
Top
User avatar
Giorgio Maone
Site Admin
Posts: 9557
Joined: Wed Mar 18, 2009 11:22 pm
Location: Palermo - Italy
Contact:
Contact Giorgio Maone

Re: NOScript filtering bypassed by third-party advertising s

Post by Giorgio Maone »

therube wrote: But is it actually something like this that you are seeing, which is not using JavaScript?:
Indeed, there's no script running there, just a static image you can nuke with Adblock Plus or ABE.
NoScript doesn't rely on naive source parsing (unlike Proximitron and similar solutions), therefore it can't be fooled by "tricks" like that.
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0
Top
Post Reply

Return to “NoScript Support”