No, actually not too much. Implementing this is not too much effort, what is more important is (a) ease to use and (b) future extensibility and overall maintainability.
Thanks, we indeed need to be clear what we should do and how. So far we support only the wildcard blocking syntax ||block.me.and.children.com^
. Exactly this and nothing else. If there are any extra options - like block only specific paths on this domain - we ignore this rule.
I do see how this can lead to using lists maybe only partially, however, there should be no misinterpretations and we are not over-blocking anything. Still seems better than doing nothing. This is also the only way to configure wildcards per gravity.
To be more specific we are looking at adding "subscribed allowlists" here which con contain either
- exact domain
- ABP exception rule like
@@||example.com^$document
only with the optiondocument
Even when this is yet another only partial support, it should avoid misunderstandings and utilize the maximum possibility for a network-wide DNS-based blocker.
Question 3:
Assume
||c.d.e^
@@||b.c.d.e^
||a.b.c.d.e^
c.d.e
blocked,x.c.d.e
blocked,x.x.x.x.c.d.e
blocked,b.c.d.e
okay,x.x.x.b.c.d.e
okay, buta.b.c.d.e
blocked or okay?x.x.x.a.b.c.d.e
blocked or okay?
You see what I'm after here: Can an ABP exception rule be overwritten by a more specific block rule? I did not see a clear statement about this in the ABP filters description. It is mostly a performance question: Can we return immediately once we have found @@||b.c.d.e^
or do we have to go on and further chase down the rabbit hole until we (maybe) find an even more specific rule (may it be either blocking or an exception)?