1.28.0

Commits to master since this release

To install the stable build:

• Firefox: Click uBlock0_1.28.0.firefox.signed.xpi
  • uBO works best on Firefox.
• Chromium: Install from the Chrome store (CWS): https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm
  • For Chromium version 54 and older, it is necessary to enable "Experimental JavaScript" at chrome://flags/#enable-javascript-harmony.
• Edge: Install from Microsoft Store: https://microsoftedge.microsoft.com/addons/detail/odfafepnkmbhccpbejgmiehpchacaeak
  • The Microsoft Store version of uBO is published by Nik Rolls
• Opera: Install from Opera addons: https://addons.opera.com/en/extensions/details/ublock/

---

Changes:

"My filters" pane

Improved syntax highlighting of static filters in "My filters" and asset viewer. Additionally, in "My filters":

• Ability to toggle commenting out of filter(s) by pressing the Tab key
• Auto-completion using Ctrl-Space, this works for:
  • Static filter options
  • Resource names for redirect= option
  • Procedural operators for cosmetic/HTML filters
  • Scriptlet names for ##+js filters

Static extended filter syntax

##script:inject(...), which has been deprecated in favor of ##+js(...) for more than two years, is no longer supported. Similarly, ##script:contains(...) which has been deprecated in favor of ##^script:has-text(...) is no longer supported.

Dynamic filtering

You can skip this section if you didn't opt-in to "I am an advanced user" or you are otherwise not a user of dynamic filtering.

It's no longer possible to point-and-click to create allow (green) rules from within the popup panel by default. This change is motivated by seeing way too many cases of improper usage of dynamic filtering in which users are creating allow (green) rules where noop (gray) rules should have been used.

Creating allow rules has serious consequences as these override blocking static filters and can potentially disable other advanced filtering ability such as HTML filtering and scriptlet injection -- often used to deal with anti-blocker mechanisms; to the point where misusing allow rules can easily cause a user to be less protected than when using uBO with default settings/lists.

Here are typical cases of misuse out of countless I have seen in the wild, including many of them being presented as a reference solution while they actually made things worst. Very recently I even had to correct a technical blog post telling people to use allow rules to override block rules, with no mention of noop rules -- which are the default way to override block rules, while allow rules are to be used in rare, exceptional circumstances. For reference, after years using medium/hard mode, I still have zero allow rules in my permanent ruleset.

You can get back temporarily the ability to create allow rules from within the popup panel by tapping twice the Ctrl key. In some browser versions^[1], double-tapping the Ctrl key does not work, in such case you can recover the ability to create allow rules by changing the advanced setting filterAuthorMode to true.

[1] Tor Browser; Firefox with privacy.resistFingerprinting set to true.

Closed as fixed:

Chromium 65

• Broken popup panel in Chromium 65

Chromium

• Use default_public_interface_only in Chromium-based browsers

Core

• Cookie-remover.js does not remove a cookie
• A possibility of using default system fonts for uBlock Origin?
• Some RegExp filters are not parsed properly
• Add support for entity-matching in domain= filter option

Notable commits with no entry in issue tracker:

• Fix edge case involving filter with a single wildcard
• Add support for wildcard/array in json-prune
• Fix matching of filters with trailing ^|
• Make the creation of allow rules in panel an opt-in feature
• Add ability to lock firewall height to basic pane height
• Fix uselessly allocating one extra WASM page
• Replace FilterPlainHostname with composite filter