InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

Abe rule blocking some Google search results, is this normal

https://forums.informaction.com/viewtopic.php?t=21998

Page 1 of 1

Abe rule blocking some Google search results, is this normal

Posted: Mon Jul 04, 2016 11:34 am
by johnscript
I was trying something with ABE and observed that this rule

Code: Select all

USER rule:
Site *.informaction.com
Accept from SELF
Deny
prevents google search results with the keyword "informaction" from being opened, meaning that if I click directly on the links in the search page, they will be blocked by ABE

Code: Select all

[ABE] <*.informaction.com> Deny on {GET https://forums.informaction.com/viewforum.php?f=7 <<< https://encrypted.google.com/search?output=search&sclient=psy-ab&q=noscript+forum+&btnG= - 6}
whilst I can still copy/paste such links in a new tab and open them.

Is this normal?

Why ABE thinks that clicks on a search result from google should be intercepted by the above rule?
Is that possibly because of some tracking header/cookie that google is adding to its search results?

Re: Abe rule blocking some Google search results, is this no

Posted: Mon Jul 04, 2016 3:07 pm
by barbaz
Yes it's normal and expected. ABE is a CSRF prevention tool and if it didn't work this way then CSRF would be as simple as redirection of the main document and/or offering you a link to click on.
Use Deny INC instead of just Deny - or, alternatively, add .encrypted.google.com (note the leading dot) to the end of the Accept line.

ABE Rules .pdf

Re: Abe rule blocking some Google search results, is this no

Posted: Sun Jul 10, 2016 10:22 pm
by Thrawn
You could also allow anonymous GET:

Code: Select all

Site *.informaction.com
Accept from SELF
Deny INC
Anon GET
Deny
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited