Redirections blocking

[Reaper-1709]

Hi, this is a simple feature request. The proposal is to introduce a setting to block specific website(s) from redirecting the user to urls which do not originate in the same website. This will help users who want to peacefully browse a website but there are hidden advertisement redirects. Thanks.

[ghost]

The adblocker already does that. Either you block the script, you use some scriptlet like prevent-window-open.js (or ##+js(nowoif)) which doesn't allow any thing to open through window: open() method, there is also close-window which would close any popup or new tab that matches the url, like brave.com##+js(close-window) will close any page you open as a new tab from it or to it, like if you open it from a search engine or a link it will get closed. It uses the simple window.close() though, so it doesn't touch the history and it will show like you visited it but it will not load the whole page to download 'too much'.

And there is also CSP, which you can add the pages to sandbox $csp=sandbox and allow everything but popups which will deal with more types of popups, if a page doesn't allow sandbox, you gotta remove the code though, but that's mostly in sport streaming sites maybe movies and manga and anime and all that that is not 'too legal'.

I mean, it is already what the adblocker does, if you find popups report them correctly, easier if you go to brave community and the adblocking category.

Rust language doesn't offer lookaround regex features, and uBlock uses them for some popups, and that's sometimes why people might see them, you fix the regex and problem solved or you block the same scripts uBlock is blocking automtically and done, but in the not so legal pages, the popups change host frequently and that's why regex was implemented. not Brave's fault, but rust language and it will always affect Brave so that's why you have to properly report it.

if it is a common page you don't want popups to happen, sometimes a domain$csp=sandbox allow-scripts allow-same-origin is enough, if not you allow more things depending what you need, but that will allow the executing of scripts which is the most important part of it.

[Reaper-1709]

Thanks for the reply, I completely forgot to mention I meant this for phone browser. I am not too sure if I can do these things on my iPhone.

[ghost]

iPhone has allowed custom adblock rules since couple months ago, and while the adblocker in iOS is not the same as what Chromium (Desktop + Android) has (sadly), it supports scriptlets.

So you might just want to do a quick test (because I couldn't find an iPhone to test it)

github.com$csp=default-src

and

github##+js(close-window)

for the first one, it should block every element from loading in the page, so only the basic document will load when you open github.

the second, you either tap and hold to open a new tab for any github feature and it shoudl be closed when the new tab is created.
or you can just search Github in some search engine that does 'open in new tab' and when it opens the site in a new tab, it should be closed.

If it works, you can then read more about https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox
and some sites don't like their iframes in sandbox, but some sites use a script called blast.js
so a /blast.js rule as custom might work?

But iOS has some issues around with regex and all, and how some things work, so your best thing to do is report any malicious popup in Community Brave and then it should be fixed for iOS, if the normal rules don't work.

Anyway good luck!

[Reaper-1709]

Thanks. I'll try the second way if possible (reporting it) so it benefits everyone.