Related issue:
https://github.com/uBlockOrigin/uBlock-issues/issues/3452
Use blob-based injection only when direct injection fails because
of a page's CSP. This is a mitigation until a better approach is
devised.
Such future better approach to investigate:
- Use `MAIN` world injection supported by contentScript.register()
since Firefox 128
- Investigate registering script to inject ahead of time thru
some heuristic
Add support for range for the `delay` paramater:
---
@param [delay]
A value to match against the delay. Can be a single value for exact match,
or a range:
- `min-max`: matches if delay >= min and delay <= max
- `min-`: matches if delay >= min
- `-max`: matches if delay <= max
No delay means to match any delay value.
Prepend with `!` to reverse the match condition.
---
As discussed with filter list maintainers.
As discussed with filter list maintainers, added ability to
partially replace an argument using the `repl:` prefix. Updated
documentation:
---
@scriptlet trusted-replace-argument.js
@description
Replace an argument passed to a method. Requires a trusted source.
@param propChain
The property chain to the function which argument must be replaced when
called.
@param argposRaw
The zero-based position of the argument in the argument list. Use a negative
number for a position relative to the last argument.
@param argraw
The replacement value, validated using the same heuristic as with the
`set-constant.js` scriptlet.
If the replacement value matches `json:...`, the value will be the
json-parsed string after `json:`.
If the replacement value matches `repl:/.../.../`, the target argument will
be replaced according the regex-replacement directive following `repl:`
@param [, condition, pattern]
Optional. The replacement will occur only when pattern matches the target
argument.
---
Aditionally, more scriptlets moved into their own files.
New managed setting:
"disabledFeatures": {
"title": "User interface features to disable",
"description": "A list of tokens, each of which correspond to a user interface feature to disable.",
"type": "array",
"items": { "type": "string" }
}
Supported tokens:
- `dashboard`: Prevent access to all dashboard settings
- `filteringMode`: Prevent changes to the default filtering mode,
or the current filtering mode of any site
Related feedback:
https://github.com/uBlockOrigin/uBOL-home/discussions/35#discussioncomment-11326086
Collecting matched rules when the extension is side-loaded is now
opt-in, by enabling "Developer mode" in the dashboard.
The reason is to allow the extension to behave same as the official
released version when side-loaded.
Specifically, as side-loaded extension, uBOL's service worker would
wake up due to matched-rule listener even though it would not wake
up the worker with same configuration in stable release.
Not all matching scriptlets were injected on a given site in Optimal
or Complete mode when default mode was set to Basic or less.
A high profile manifestation of this bug was that Youtube ads were
not being blocked when using Optimal on Youtube while default mode
was Basic.
Related issue:
https://github.com/uBlockOrigin/uBOL-home/issues/229
Add "Filter lists" pane in dashboard
The DNR API now supports enabling 50 static rulesets put of a
maximum of 100 (instead of 10 out of 50 originally). Thus given
the potentially growing number of static rulesets, the available
stock rulesets has been moved to its own pane, with the following
improvements:
- Support sublists
- Support search
Aditionally, "RU AdList: Counter" has been added as a stock
ruleset.
Other changes:
- Do not re-evaluate regexes which failed validation
- Better reduce `removeparam` rules
Related bugzilla issue:
https://bugzilla.mozilla.org/show_bug.cgi?id=1736575
The issue was fixed months ago.
The removed code block is causing uBOL to be flagged as "including
remotely hosted code".
To be clear, the removed obsolete code block was not related to
executing remote code. The referenced code was in the file itself,
not remote, and this was a workaround for when Firefox was not
supporting injecting script in the `MAIN` world.
The issue was fixed months ago in Firefox, so there is no point for
the workaround.
Raymond Hill