| CARVIEW |
Select Language
HTTP/2 200
date: Wed, 23 Jul 2025 17:32:02 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
link: ; rel=preload; as=fetch; crossorigin=use-credentials
referrer-policy: no-referrer-when-downgrade
server-timing: issue_layout-fragment;desc="issue_layout fragment";dur=247.981541,issue_conversation_content-fragment;desc="issue_conversation_content fragment";dur=666.621972,issue_conversation_sidebar-fragment;desc="issue_conversation_sidebar fragment";dur=74.011968,nginx;desc="NGINX";dur=1.492259,glb;desc="GLB";dur=102.67631
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With, Accept,Accept-Encoding, Accept, X-Requested-With
x-content-type-options: nosniff
x-frame-options: deny
x-voltron-version: fd8fbbc
x-xss-protection: 0
server: github.com
content-encoding: gzip
accept-ranges: bytes
set-cookie: _gh_sess=uVHTjh6%2BDDQ3BjN4Fy25j%2BPNLOoHIilX0nogdjPSj%2FN5simF93jB%2B7VXasNVBtoAfVi91ok0QBCbpA1phnZBhdAiOcV%2FSrNjTKEWRpXBBWSTgv%2BtQbfqt%2FIrS1q5zhfL04rzTfr1QGOiVOsBaj%2FY8Z%2BcZtz4D%2FpgjRG1L5GZ90PFjLUhNO4N4ONMD3XrgbnZS%2Bb2eRhzx92tM9FW7EslSOlfCHiU0z9a1elc39n1UqGsMQfXc1e2GJkyddbLxFrl3TBSQ5VbdEFWBcQ9dFv1kA%3D%3D--AiczPLe9B4kfQS9F--cmrjUYW0fkudCZ8vxHVbnQ%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.553713629.1753291921; Path=/; Domain=github.com; Expires=Thu, 23 Jul 2026 17:32:01 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Thu, 23 Jul 2026 17:32:01 GMT; HttpOnly; Secure; SameSite=Lax
x-github-request-id: E8E4:256CA9:F3D190:120545B:68811C91
Dynamic Filter: 3rd party scripts not blocked if in cache · Issue #893 · uBlockOrigin/uBlock-issues · GitHub
No one assignedNo typeNo projectsNo milestoneNone yetNo branches or pull requests
Skip to content
Navigation Menu
{{ message }}
-
Notifications
You must be signed in to change notification settings - Fork 92
Closed
Labels
invalidnot a uBlock issuenot a uBlock issue
Description
Bold text is updated/additional information from comments
Prerequisites
- I verified that this is not a filter issue
- Filter issues MUST be reported at filter issue tracker
- This is not a support issue or a question
- Support issues and questions are handled at /r/uBlockOrigin
- I performed a cursory search of the issue tracker to avoid opening a duplicate issue
- Your issue may already be reported.
- I tried to reproduce the issue when...
- uBlock Origin is the only extension
- uBlock Origin with default lists/settings
- using a new, unmodified browser profile
- I am running the latest version of uBlock Origin
- I checked the documentation to understand that the issue I report is not a normal behavior
Description
In chrome & chromium it appears that not all 3rd party scripts are blocked.
I have set 3rd party scripts to be blocked, but some 3rd party resources (eg cdnjs.cloudflare.com & ravenjs.com) are still loaded.
In firefox uBlock behaves as expected and blocks all scripts.
Edit: appears to effect only 3rd party scripts that are cached by chrome. Disabling cache in developer tools fixes this issue
Screenshots
(chrome with wrong behaviour left, firefox with correct behaviour right):
Logged In
Not logged in
A specific URL where the issue occurs
- https://www.patreon.com/
- https://www.patreon.com/home (if logged in)
Steps to Reproduce
- activate "I am an advanced user"
- block all 3rd party scripts in the dynamic filters
- EDIT: ensure "Disable cache" is not active in chromes developer tools
- visit patrenon.com
Expected behavior:
3rd party scripts should not be loaded (firefox does this correctly)
Actual behavior:
chrome will load some 3rd party scripts
EDIT: the scripts loaded appear to only be scripts that are cached
Your environment
- uBlock Origin version: v1.24.4 (in both, firefox and chrome)
- Browser Name and version:
- Google Chrome: Version 80.0.3987.87 (Official Build) (64-bit)
- Chromium: Version 80.0.3987.87 (Official Build) Arch Linux (64-bit)
- Mozilla Firefox: 72.0.2 (64-bit)
- Operating System and version: OS: Manjaro Linux x86_64, Kernel: 5.5.2-1-MANJARO
Metadata
Metadata
Assignees
Labels
invalidnot a uBlock issuenot a uBlock issue
Type
Projects
Milestone
Relationships
Development
Issue actions
You can’t perform that action at this time.