Skip to content

fix: re-scan ad elements when href or text mutates in-place#20

Merged
Aster1630 merged 2 commits into
mainfrom
fix/ad-blocker-mutation-observer-attrs
May 18, 2026
Merged

fix: re-scan ad elements when href or text mutates in-place#20
Aster1630 merged 2 commits into
mainfrom
fix/ad-blocker-mutation-observer-attrs

Conversation

@Aster1630

@Aster1630 Aster1630 commented May 18, 2026

Copy link
Copy Markdown
Collaborator

What's broken

The MutationObserver in maliciousAdBlocker.js only watches childList + subtree. That covers node additions and removals fine, but on SPAs (YouTube, Instagram, etc.) scripts frequently swap an existing element's href or textContent without touching the DOM tree structure — so those mutations never fire the observer. Because every scanned element gets data-mt-checked = '1', a link that was clean on initial load stays unchecked forever even after a script rewrites it to a malicious URL.

What this changes

  • Adds attributes: true with attributeFilter: ['href', 'src'] to the observer config, so in-place href/src swaps trigger a rescan.
  • Adds characterData: true to catch text content changes on existing nodes.
  • In the observer callback, for attribute and characterData mutations, clears data-mt-checked from the directly-affected element before the debounced scan() fires — so isMalicious gets a fresh look at the updated content instead of skipping it.

The debounce logic and scan behaviour are otherwise unchanged.

Fixes #15.

@Aster1630
fix: re-scan elements when href or text changes in-place
e186b01 
The MutationObserver was only watching childList+subtree, so elements
that already had data-mt-checked=1 were never re-evaluated if a script
mutated their href attribute or text content in-place — common on SPAs
like YouTube or Instagram.

Add attributes:true and characterData:true to the observer config.
On attribute/characterData mutations, clear data-mt-checked from the
directly-affected target before the debounced scan fires, so isMalicious
gets a fresh look at the updated element.

Fixes #15.
@github-actions github-actions Bot added the content-script Changes to content_scripts/ label May 18, 2026
@github-actions github-actions Bot added the docs Documentation or translation changes label May 18, 2026
@Aster1630 Aster1630 linked an issue May 18, 2026 that may be closed by this pull request
[Bug] aria-live="polite" on entire tone panel causes excessive screen reader announcements #14
Closed
1 task
@Aster1630 Aster1630 merged commit 698df1e into main May 18, 2026
9 checks passed
@Aster1630 Aster1630 deleted the fix/ad-blocker-mutation-observer-attrs branch May 18, 2026 19:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

content-script Changes to content_scripts/ docs Documentation or translation changes

Projects

None yet

Milestone

No milestone

1 participant

@Aster1630