Patch DOM API in order to prevent disabling the injected stylesheet

[mapx]

Background

Some websites (e.g. extremetech.com) currently circumvent element hiding by messing (usually disabling) the style sheet we inject in order to hide ads.

We already detect when the <style> is removed from the DOM, in which case we reinject the rules in the last stylesheet by the page itself (#1677). However, MutationObserver or other DOM APIs don't allow for detecting when the stylesheet gets disabled.

But with some effort it's possible to monkey-patch the DOM API in order to intercept code messing with our style sheet.

What to change

Patch the DOM API, ignoring calls that would disable stylesheets or remove their rules.

[greiner]

I'm currently looking into it. There's definitely a circumvention script by zdbb.net running on the page that tries to mess with us.

However, blocking tblwd_b.js seems so to work as a temporary solution.

[mapx]

no change adding

||extremetech.com/czc/jst/tblwd_b.js

You have to wait other 10 seconds and the second (bigger) banner will appear.

[mapx]

"the site is removing ABP's/AdBlock's injected CSS rules, and also disable their injected stylesheets though the StyleSheet.disabled property."

from
​https://forums.lanik.us/viewtopic.php?p=89222&sid=f65a416801d5437863eaa89d34aaec15#p89222

[sebastian]

Replying to mapx:

I can see (at the top of the page, after the shadow section) using inspect:

style {                 user agent stylesheet

    display: none;
}

Does this mean can't be injected user css rules / stylesheets ?

No, that just means that <style> themselves are generally not visible.

Replying to mapx:

"the site is removing ABP's/AdBlock's injected CSS rules, and also disable their injected stylesheets though the StyleSheet.disabled property."

I can confirm that they disable it. It doesn't seem that they remove it.

Anyway, I think I found a reliable way to tackle that kind of circumvention, it's quite ugly though, see the updated issue description. But given that the practice of messing with our stylesheet becomes increasingly popular, I guess we have to do that.

[abpbot]

A commit referencing this issue has landed:
​https://hg.adblockplus.org/adblockpluschrome/rev/c65ac6352946

[mapx]

I tested this page:
​http://brb.to/video/serials/i3UEI3z2hoNl73hk0fkTB3q-borodach.html

with 1.11 (or before 1.11.0.1573) the page is responsive, normal CPU.

with the last 1.11.0.1576, the page becomes unresponsive, high CPU.

[sebastian]

If I remove the code that prevents to "disable" our stylesheet that page load normally, but well the stylesheet can be disabled again. Interestingly, even if I fake HTMLStyleElement.disabled and CSSStyleSheet.disabled in a way that it can still be set to true and return that value as well, but without having any effect, the page still gets CPU usage up to 100%. So in other words, there is nothing we can do to prevent that, while preventing websites from disabling our stylesheet at the same time.

[mapx]

it's one of these scripts which does all this mess:
asr.dotua.org/fgh.js?*

[mapx]

anyway (it's only for testing, I don't visit the site)

these filters are working (no high CPU)

brb.to##.l-body-branding-link
brb.to##img[src^="data:image"]
brb.to##[href^="http://asr.dotua.org"]
brb.to##[class*="-universalsmall"]
@@||brb.to^$genericblock
||admixer.net^$image,domain=brb.to
@@||brb.to^$generichide

[Ross]

Element hiding no longer looks circumvented on extremetech.com.

ABP 1.11.0.1597
Chrome 32 / 44 / 48 / Windows 8
Chrome 44 / Ubuntu 14.04
Chrome 44 / OS X 10.11