Issue with $redirect when the script is upgraded to HTTPS.

Hi @pes10k There is a big, not so big, kind of big issue with $redirect or $redirect-rule filters when the Network element is being upgraded to https. I feel I found it, even if it was in plain sight all this time.

Basically, the problem is that the script upgraded to https is not even getting blocked, it is allowed completely when a $redirect rule is being applied to it. It acts like if it was whitelisted which is not good, especially if we talk about google scripts being the most common items that get redirected.

Easiest way to see:

1. Add this as a custom filter: ||google-analytics.com/analytics.js$script,redirect=google-analytics.com/analytics.js This has to be done because of the problem with Brave not doing the $redirect as it should, so it won’t work by default for you as it does for me since I fixed/found workarounds for all those issues on my side.

2. go to http://markkystreams.com/ (easiest website I found to do this test this)

3. Open shields and it will say google-analytics.com/analytics.js was upgraded and blocked.

4. Open DevTools and you will see analytics is in the source list, so Shields information is not accurate since the script wasn’t blocked, because if it was, it wouldn’t be in the list and it wasn’t redirected since the script is the same analytics script used by the page, not the uBlock one.

5. Turn Upgrade connections to HTTPS Off, and then you will see the script properly redirected with the uBlock google-analytics resource.

I had to solved this for now (hopefully) by turning https upgrade completely off in Preferences file and now Brave adblocker works beautifully, since no scripts are being allowed like that anymore, and I don’t have to see uBlock telling me about it and doing the job.

Since I fixed the issues with $redirect and my Brave adblocker works “perfect” with the redirect feature, I see this problem a lot, of course, normal Brave users will not have this problem since the script will just get blocked by Brave today (unless they do the same I did). But whenever Brave supports the priority integer for the redirect directives and uBlock lists are more compatible with Brave, then normal users will get this problem and many http scripts being upgraded will just be allowed to connect even if they should not do that at all.

I mean, it doesn’t affect me now I did the fixes on my side but still reporting what I think is a not good but not the most terrible bug.

Thank you and have a good day!