55
9
My ISP has a bad habit of putting every page I visit into an iframe so they can
overlay it with their commercials etc..
(I'm guessing they are using a transparent proxy to do it)
Is there an add-on that can remove the frames or block the attempt to do so?
Something like AdBlock does not work in this case.
TimothyP
Posted 2013-01-28T03:10:22.700
Reputation: 933
52
If the frame-busting code on Stack Exchange sites is working for you, then you could write a userscript to insert frame-busting code on every site. If you've never made a userscript before, here are some resources to get started:
There's a good Stack Overflow thread on frame busting and frame-bust-buster-busting. You could theoretically take some of the code from the answers on the SO post and inject them into every page using a userscript.
nhinkle
Posted 2013-01-28T03:10:22.700
Reputation: 35 057
This seems to be what I'm looking for, thnx – TimothyP – 2013-01-28T07:02:24.267
38
Vote with your wallet and don't use ISP that does this garbage.
If that's not possible, your next best bet would be to hide all the traffic from your ISP so that they can't see inside and consequently modify it. You can accomplish this by encrypting all/as much as possible of your traffic.
You can do that with browser addons like HTTPS Everywhere. It has a large list of websites to which this addon forces HTTPS connection. Also make sure your browser has SPDY protocol enabled. As part of SPDY spec, all connections are encrypted.
To go one step further, consider using some VPN service. That will make content of your traffic totally hidden to your ISP and will prevent such content modification.
Mxx
Posted 2013-01-28T03:10:22.700
Reputation: 2 659
4We use VPN as much as possible, but they actively scan and block it. Right now OpenVPN has been rendered useless and PPTP connections... well we're lucky if they can stay up for 10 minutes. We're looking into changing providers... but there's a big chance that won't do us any good, privacy isn't something that is respected in China – TimothyP – 2013-01-28T06:21:56.220
If they are blocking openvpn and pptp, there's still ipsec. You can also setup vpn-like connection using SSH protocol. One more thing to consider is to do all your browsing from outside of China by using some sort of Remote Desktop connection. It will be slower, but at least they won't spy on you.. – Mxx – 2013-01-28T06:28:06.730
Thnx @Mxx, we do rotate between all these methods, no other option really. It's just that if there had been an easy way to prevent them from hijacking the browser that would have been nice for those situation when we can't connect. We'll change provider soon as this is a startup and I think they have a small number of customers so nothing better to do than to show what good citizens they are and kill connections like it's a game :) – TimothyP – 2013-01-28T06:34:49.957
10Is getting the hell out of the PRC an option? I don't see how any person who makes a living in tech could really work there without it feeling like one hand was tied behind their back. Are they still blocking GitHub? They started that garbage right in the middle of my trip there… – Garrett Albright – 2013-01-28T07:38:48.960
4Hey, Github works without issues. What can I say... went to China a few years back for work, met a girl, got married, etc... but that's not for S.U. :p – TimothyP – 2013-01-28T13:04:05.197
3
@TimothyP Not to FUD, but are you quite sure that Github is working exactly the way you think it is?
– kojiro – 2013-01-29T01:40:54.263@kojiro I would have to check that :p – TimothyP – 2013-01-29T02:19:57.077
16
If your ISP is doing this by injecting JavaScript sourced from a specific domain, you could use a JavaScript blacklist extension to avoid running any JavaScript from that domain. (One of the public hotspots I connect to uses this approach.) However, if your ISP injects the entire script directly, then I don't think this will work.
Chrome: JavaScript Blacklist
Firefox: YesScript
You should also be able to use ad blocking extensions to block JavaScript. The most popular ones support custom filter lists, and it should be pretty easy to add an extra filter pattern to catch the framing code. If you're already running an ad blocker anyway, this might be the most sensible approach.
jjlin
Posted 2013-01-28T03:10:22.700
Reputation: 12 964
@jjlin if web pages are displayed Inside iframes, I’m unsure what blocking Javascript completely would provide. – user2284570 – 2018-07-05T17:23:14.347
@user2284570 As the first sentence says, "If your ISP is doing this by injecting Javascript sourced from a specific domain..." But these days, it's probably simpler just to go through a VPN or HTTPS proxy. – jjlin – 2018-07-05T21:48:49.213
@jjlin easier to say than to do : 社會信用體系. Not sure using a ᴠᴘɴ is a bad cast… – user2284570 – 2018-07-06T03:31:38.327
I'll try and figure out what they are doing exactly first – TimothyP – 2013-01-28T06:29:51.533
4It would be helpful to get a full HTML dump from a page that gets framed. View-source on the page holding the frame would be instructive. – nhinkle – 2013-01-28T06:51:06.547
15
Besides the frame busting trick, I would suggest getting the IPs of the servers that serve the framed pages and block them. If you are using China Telecom like me, they don't always frame the pages and, when they do so, a simple reload will give you the un-framed page. I guess they cannot frame everything since hijacking millions of connections per minute would bring down their resources quickly.
So what I ended up doing is to block all these IPs so I get a clean connection error when they try to mess with the current request. Then I know I can reload to get the real page. An added advantage of this method is that you don't send these servers any information, while for the frame-busting trick, the request still goes there (and given the crap they send back, I wouldn't trust them with the sensitive info that might end up in their logs).
For information here the IPs I've currently collected and blocked:
laurent
Posted 2013-01-28T03:10:22.700
Reputation: 5 258
Hey, thnx I will give this a try as well – TimothyP – 2013-01-28T13:32:19.993
2Where is this screenshot from? – That Brazilian Guy – 2013-01-29T12:51:38.230
4@ruda.almeida, from Windows Firewall (Advanced settings). – laurent – 2013-01-29T13:35:41.487
@TimothyP I know it’s unrealted, but in those times of net neutrality fears, I need to site an example instead of just claiming. Despite, this can you give the exact ɪꜱᴘ name and offer ? Even privately in order to not change your social credit score ? – user2284570 – 2018-07-05T17:24:44.053
@MichaelButler you should rather admit most of the world population choose to stay in that situation. I don’t think moving is the right solution for every problems. – user2284570 – 2018-07-05T17:25:44.560
@TimothyP I know it’s unrealted, but in those times of net neutrality fears, I need to site an example instead of just claiming. Despite, this can you give the exact ɪꜱᴘ name and offer ? Even privately in order to not change your 社會信用體系 ? – user2284570 – 2018-07-05T17:33:21.037
17What ISP do you have? And are you sure it's the ISP doing this? That sounds very sketchy, and I wonder if you might have a virus that's doing this. I'm not aware of any ISP except for a handful of free dialup providers that do this. – nhinkle – 2013-01-28T03:12:38.080
7It's the ISP alright :-) As soon as I enable VPN I don't have the problem. Problem is the same on Windows, Android, WinRT (surface), iOS, Linux... I'm in China... It's pretty common here. StackOverflow/Superuser even informs me that I'm framed, and then removes the frame. – TimothyP – 2013-01-28T03:41:57.480
Ahh. I see. When SO removes the frame, does the frame come back or does it go away? And why does your ISP suck? :P – nhinkle – 2013-01-28T04:41:02.477
34Because this is China, they want to monitor and block everything – TimothyP – 2013-01-28T06:22:35.593
2When I was using the wifi at a hotel recently (in China, but maybe that's just coincidental), occasionally pages would appear framed; the top frame was 25 pixels or so tall and told me how many days, hours, and minutes of wifi service I had left. There was an "X" icon to "close" the frame, but it would just reappear some minutes later. Quite annoying. – Garrett Albright – 2013-01-28T07:35:02.137
3If possible, go to another ISP ASAP. – None – 2013-01-28T09:14:47.510
13For best results, live and work in a different country. – Michael Butler – 2013-01-28T20:21:51.603
Yes, something like AdBlock will work, just not AdBlock itself. – Kaz – 2013-01-28T22:35:39.547
Have you tried the Google DNS: 8.8.8.8 and 8.8.4.4? – Xiè Jìléi – 2013-01-30T02:03:11.363
@XièJìléi omg... apparently those are not blocked anymore... that's just weird... Of course that won't change the fact that the frame me, but it does improve the overall speed of my connection. thnx – TimothyP – 2013-01-30T05:45:51.277
@MichaelButler thnx for stating the obvious :) – TimothyP – 2013-01-30T07:16:01.280