fonts.gstatic.com blocked due gstaticadssl.l.google.com over cname

Question

fonts.gstatic.com blocked due gstaticadssl.l.google.com over cname

crssi opened this issue 5 years ago · 4 comments

Hi Daniel

Would you mind removing gstaticadssl.l.google.com from ads-and-tracking-extended.txt, since the fonts.gstatic.com is a CNAME (#1, #2) for it and it blocks google fonts now.

See more nextdns/metadata#361 (comment)

Thank you and cheers

Answer 1 · 2020-08-05T13:12:28.000Z

Please see #197 and #136

Answer 2 · 2020-08-05T13:53:30.000Z

I added a section to the README about this: https://github.com/lightswitch05/hosts#common-issues

Answer 3 · 2020-08-05T18:27:45.000Z

Understand. Thank you for fast response and sorry for duplicate issue.

Cheers

Answer 4 · 2020-08-06T21:02:49.000Z

@lightswitch05 something important to consider:

Some major stub resolvers (macOS, iOS, unbound) chase CNAMEs (because they cache them separately, and for many other funky reasons), which means that a large percentage of users using your blocklist will have fonts.gstatic.com blocked even if they did not manually chose to apply it to CNAMEs (and even if they didn't enable deep CNAME inspection in Pihole, Adguard, or NextDNS).

Basically, QNAMEs-only blocklists don't really make sense. There are tons of domains not being blocked because they break functionality, IMO this should be treated the same way.