A serious bug in the easylist blacklist/ whitelist - you can see an example at www.walla.co.il
Using this bug they can bypass the adblock with a simple HTTP request although the domain is already in the blacklist. They trick the easylist with using a 'whitelisted' domain as a sub-domain (with no connection to the acceptable ads rules).
Explanation:
The ad blocked domain (REAL domain): umamdmo.com (already blocked in the Heb list).
The main easy list has a record with the rule:
@@||comeadvertisewithus.com*/ads.js
(source: eastlist)They are using the sub-domain called "comeadvertisewithus.com" for the domain "umamdmo.com" which generates this URL, for example,
Code: Select all
https://comeadvertisewithus.com.umamdmo.com/i161eee4/?w=w&q=/ads.js
https://comeadvertisewithus.com.umamdmo.com
as a whitelisted domain, and the ad block is unable to distinguish between REAL domain and the sub-domain, and since the whitelisted rule is stronger than the blacklisted rule, the domain is bypass easily the adblock.see this: https://github.com/easylist/EasyListHebrew/issues/211
https://cloud.githubusercontent.com/ass ... fd6924.png
Thanks