Open Radar

 
Summary:

Currently, unless-domain and if-domain in content blocking rules match exact subdomains. This is a a huge problem when, for example, we want to block trackers from large companies like Google and Yahoo.

Steps to Reproduce:

Create a content blocking rule to block third-party loads of yimg.com (see https://better.fyi/trackers/yimg.com/). This domain and subdomains of it are is used by Yahoo for serving pixel bugs as well as other, more legitimate assets.

Go to Yahoo.com (it’s broken).

So our task is to not block yimg.com if the call is coming from a Yahoo property (as that is basically first-party, even though the domain is different).

Expected Results:

I should be able to do (pseudo code):

unless-domain: .*yahoo.co.*

Actual Results:

Instead, I have to do (pseudo code):

unless-domain: yahoo.com, login.yahoo.com, edit.yahoo.com, advertising.yahoo.com, answers.yahoo.com, autos.yahoo.com, celebrity.yahoo.com, yahoo.match.com, developer.yahoo.com, downloads.yahoo.com, finance.yahoo.com, www.flickr.com, groups.yahoo.com, help.yahoo.com, local.yahoo.com, mail.yahoo.com, messenger.yahoo.com, mobile.yahoo.com, music.yahoo.com, my.yahoo.com, news.yahoo.com, search.yahoo.com, security.yahoo.com, shopping.yahoo.com, smallbusiness.yahoo.com, connectedtv.yahoo.com, sports.yahoo.com, toolbar.yahoo.com, www.tumblr.com, weather.yahoo.com, ar.yahoo.com, au.yahoo.com, be.yahoo.com, fr-be.yahoo.com, br.yahoo.com, ca.yahoo.com, cz.mail.yahoo.com, cl.yahoo.com, co.yahoo.com, de.yahoo.com, ee.mail.yahoo.com, es.yahoo.com, espanol.yahoo.com, fr.yahoo.com, hr.mail.yahoo.com, in.yahoo.com, id.yahoo.com, ie.yahoo.com, it.yahoo.com, lv.mail.yahoo.com, lt.mail.yahoo.com, hu.mail.yahoo.com, en-maktoob.yahoo.com, malaysia.yahoo.com, mx.yahoo.com, nz.yahoo.com, at.mail.yahoo.com, pe.yahoo.com, ph.yahoo.com, xp.mail.yahoo.com, qc.yahoo.com, ro.yahoo.com, sg.yahoo.com, si.mail.yahoo.com, sk.mail.yahoo.com, za.yahoo.com, se.yahoo.com, uk.yahoo.com, www.yahoo.com, ve.yahoo.com, vn.yahoo.com, gr.yahoo.com, bg.mail.yahoo.com, rs.mail.yahoo.com, ua.mail.yahoo.com, il.mail.yahoo.com, maktoob.yahoo.com, th.yahoo.com, hk.yahoo.com, tw.yahoo.com, yahoo.co.jp

Notes:

* The same thing is true for Google and, for example, their tracking domain gstatic.com (see https://better.fyi/trackers/gstatic.com/)
* Publishers who also run behavioural advertising trackers might also catch onto this tactic of serving legitimate assets used by their properties and serving tracking code accessed by other third-party sites on the same subdomains, thereby making it more difficult to write blocking rules. Having wildcard and/or regex support in unless-domain and if-domain rules would make our lives much easier.