uBlock Origin 1.25 Now Blocks Cloaked First-Party Scripts, Firefox Only

Discussion in 'Networking and Security' started by easymon1, Feb 25, 2020.

  1. easymon1


    uBlock Origin 1.25 Now Blocks Cloaked First-Party Scripts, Firefox Only


    US-based Firefox users get encrypted DNS lookups today or within a few weeks.

    Firefox will start switching browser users to Cloudflare's encrypted-DNS service today and roll out the change across the United States in the coming weeks.

    "Today, Firefox began the rollout of encrypted DNS over HTTPS (DoH) by default for US-based users," Firefox maker Mozilla said in an announcement scheduled to go live at this link Tuesday morning. "The rollout will continue over the next few weeks to confirm no major issues are discovered as this new protocol is enabled for Firefox's US-based users."


    Lawrence Abrams
    • February 25, 2020
    • 11:18 AM
    • 0

    uBlock Origin 1.2.5 has been released with a new feature that blocks first-party tracking scripts that use DNS CNAME records to load tracking scripts from a third-party domain and bypass filters.

    A first-party tracking script is when the script loads directly from a subdomain of the web site the script is loaded. For example, if 'www.example.com' was loading a tracking script from 'tracking.example.com', it would be considered a first-party script as they share the same domain.

    As uBlock Origin blocks third-party tracking scripts, or scripts loaded from another domain, sneaky tracking companies came up with a method to use CNAME records to load tracking scripts from what appears to be first-party domains.

    In a sneaky, or cloaked, first-party tracking script example, 'tracking.example.com' uses a CNAME record to load a script from 'www.badtracker.com'. Even though the script is loading from a remote site, uBlock Origin still sees it as a first-party tracker because the page's HTML loads it from the same domain as the web site.

    DNS lookups foil cloaked first-party trackers
    On February 19th, 2020, uBlock Origin 1.2.5 was released and allows the ad blocker to block these cloaked tracking scripts by performing a DNS lookup before loading them.

    If the subdomain is a CNAME to a third-party host, then uBlock Origin will block the script from loading.

    When cloaked first-party trackers are blocked, they will appear in the log as blue entries with the uncloaked domain shown underneath in a smaller font.

    Uncloaked first-party trackers
    Unfortunately, the DNS API that allows DNS lookups is only available for Firefox, so Chrome users are out of luck and cannot take advantage of this feature.

    When loaded, uBlock Origin will now display a new permission titled 'Access IP address and hosting information' that allows uBlock to use the DNS API.

    DNS Permission
    uBlock Origin can be downloaded from the Mozilla Add-Ons site, or if you have it installed already, you can check for the new update by going into Firefox's extensions page and clicking on 'Check for Updates' as shown below.

    Check for Updates
    Last edited: Feb 25, 2020