[TekMol]

I guess it would be easy to block ads via a proxy?

An http proxy in Python is just a few lines of code. It could simply drop the requests to known ad servers.

And in Chrome, there is a setting to use a proxy.

So all one had to do is run ./my_ad_blocking_proxy.py and set the proxy in Chrome to something like 127.0.0.1:8080?

[solardev]

No, it takes way more than that. That's basically what running a Pihole does, which barely blocks anything these days.

Good ad blocking requires you to be able to look at decrypted HTTPS traffic and remove content from the DOM, including stuff added after the fact by Javascript. That's why uBlock Origin works better than Adguard (which is a https MITM ad blocker) and why Adguard works better than Pihole (which doesn't usually MITM HTTPS).

Simple hosts blocking used to work OK two decades ago but these days so many ads are served directly from the same servers within the same HTTPS connection that it's just not enough.

[kmlx]

> Good ad blocking requires you to be able to look at decrypted HTTPS traffic and remove content from the DOM, including stuff added after the fact by Javascript.

ironically this also sounds like a security nightmare.

[solardev]

Yeah, especially since Adguard was originally Russian (they moved to Cyprus though).

But the web is unusable without ad blocking, IMO. Necessary risk.

[TekMol]

Ok, but the proxy could insert JS code into the html page which does what uBlock Origin does, couldn't it?

This would give the same flexibility without the need for a browser plugin.

[nijave]

You'd still have to MITM HTTPS which is non-trivial (compared to installing an extension) and accept the risks of managing your own CA

Afaik uBlock benefits from some browser APIs that can do things like prevent content from loading before the add-on is injected into the page so you'd lose some coverage there. I imagine it'd also be fairly difficult to intercept all outgoing web requests (to selectively block them) which a browser is fairly well positioned to provide an API for.

[solardev]

You can try, but that adds way more complexity and fragility than a simple browser extension.

That said, if you build such a product (something that can MITM HTTPS and then inject ad blocking JS on every page or video, or simply rewrite traffic to strip out ads like a packet shaping firewall, etc.) and that can make use of existing filter lists, I'd be very happy (eager, actually) to pay for it.

That is similar to how Adguard works, but that can't run on a router like Pihole does. I don't know how you'd get past the HTTPS cert issue. I think you'd first have to install that custom cert on every device connected to the router, or else have the router completely proxy every HTTPS connection and re-serve it from own domain and cert. Might run into dnssec issues too? Not really sure but sounds messy. Browser extensions don't have to worry about HTTPS and can (or could before manifest V3) directly manipulate the DOM.

That the market hasn't created one yet suggests it might be difficult. But I'd love to see one.

[tjpnz]

AdGuard does a good job if you're happy sending them your DNS queries. You'll still want to adopt a layered approach however, and that will involve a browser based ad blocker.

[nickthegreek]

I second setting up AdGuard. It is the simplest solution for non-techies to use to help mitigate the problem here wihtout switching browsers. Although I would recommend doing both.

[nijave]

uBlock can do fairly sophisticated content blocking and rules that rely on the page being rendered out. Even with tls MiTM you'd need to fully render the page and run JS

Just yesterday I noticed it managed to block self hosted Snowplow (clickstream analytics) JS library without blocking other scripts on the same CDN/domain.

[ale42]

This is what I was doing around 25 years ago before ad blockers were a thing, and the web was not encrypted... (Python didn't exist yet, the proxy was a lot of code in Object Pascal, i.e. Delphi)

[ewenquim]

Good idea! But I'll have to install this on my relative's computer or router, that's not as convenient as a browser extension

[tkzed49]

I run a pihole and I don't regret it, but it's nowhere near ublock in capability. Ublock's more important filters are selecting individual scripts and even page elements.

[Fokamul]

Nope, cannot be done like this. You can block just some of the ADs on websites. But for example YouTube requests for video chunks, is same domain as ADs. So you would have Youtube with ADs.

Much easier solution, which everyone should made years ago, STOP using Chrome crapbrowser.

[TekMol]

For same-domain ads you could use content-inspection. That is probably how in-browser adblockers do it too.

[salzig]

up next: chrome ignores proxy configurations if content is available without.

[speckx]

I thought chrome was already doing this for some google domains and using their own DNS vs. the operating DNS? Maybe I’m wrong, but I thought this was a thing.