kzar/safari-27656882.txt

## safari-27656882.txt

Summary:
We have found a serious bug whereby a content blocking rule list with a certain rule can stop Safari from being able to parse certain URLs. Specifically we found this to happen for Google text ad links which are supposed to redirect to the advertisement. Instead of the browser being redirected, Safari displays an error (see screenshot). This error goes away when the content blocking API is not used, and when it is used without certain troublesome rules.

Steps to Reproduce:
1. Create a new empty Safari Extension.
2. Create a file called rules.json containing the following:
[
	{
		"trigger": {
			"url-filter": "^https?://.*&advid=",
			"resource-type": [
				"image",
				"style-sheet",
				"script",
				"font",
				"media",
				"raw",
				"document"
			]
		},
		"action": {
			"type": "block"
		}
	}
]
3. Select rules.json for the "Content Blocker File" option of your new extension.
4. Click "Install" to install your new extension.
5. Open the following URL: https://www.google.co.uk/aclk?sa=L&ai=DChcSEwjC6rqt5p_OAhVGuBsKHUoeAG8YABAA&sig=AOD64_2kAoVInCmwfi5kot9P5h-jb1GQ7Q&q=&ved=0ahUKEwjA-bet5p_OAhVlBcAKHVU4CDMQ0QwIIQ&adurl=

Expected Results:
Safari should be redirected successfully to the target page, a Nissan car advertisement.

Actual Results:
An error is displayed: "Safari can't open the page "https://www.google.co.uk/aclick?..." because the page's address isn't valid".

Version:
Safari 9.1 (11601.5.17.1)
Mac OS X 10.11.4

Notes:
Our tester also reproduced this problem on iOS, he used an iPhone 6s Plus with iOS 9.3.1.

Configuration:


Attachments:
'Screen Shot 2016-08-01 at 10.30.54.png' was successfully uploaded

	Summary:
	We have found a serious bug whereby a content blocking rule list with a certain rule can stop Safari from being able to parse certain URLs. Specifically we found this to happen for Google text ad links which are supposed to redirect to the advertisement. Instead of the browser being redirected, Safari displays an error (see screenshot). This error goes away when the content blocking API is not used, and when it is used without certain troublesome rules.

	Steps to Reproduce:
	1. Create a new empty Safari Extension.
	2. Create a file called rules.json containing the following:
	[
	{
	"trigger": {
	"url-filter": "^https?://.*&advid=",
	"resource-type": [
	"image",
	"style-sheet",
	"script",
	"font",
	"media",
	"raw",
	"document"
	]
	},
	"action": {
	"type": "block"
	}
	}
	]
	3. Select rules.json for the "Content Blocker File" option of your new extension.
	4. Click "Install" to install your new extension.
	5. Open the following URL: https://www.google.co.uk/aclk?sa=L&ai=DChcSEwjC6rqt5p_OAhVGuBsKHUoeAG8YABAA&sig=AOD64_2kAoVInCmwfi5kot9P5h-jb1GQ7Q&q=&ved=0ahUKEwjA-bet5p_OAhVlBcAKHVU4CDMQ0QwIIQ&adurl=

	Expected Results:
	Safari should be redirected successfully to the target page, a Nissan car advertisement.

	Actual Results:
	An error is displayed: "Safari can't open the page "https://www.google.co.uk/aclick?..." because the page's address isn't valid".

	Version:
	Safari 9.1 (11601.5.17.1)
	Mac OS X 10.11.4

	Notes:
	Our tester also reproduced this problem on iOS, he used an iPhone 6s Plus with iOS 9.3.1.

	Configuration:


	Attachments:
	'Screen Shot 2016-08-01 at 10.30.54.png' was successfully uploaded