Fix #479: Smart www-stripping for hostname anchor filters

[R0h1tAnand]

Problem

Hostname anchor filters like ||www.com^ were having the www. prefix unconditionally stripped during filter parsing (line 757 in src/filters/network.rs). This caused the filter hostname to become "com" instead of "www.com".

When matching requests, "com" would match as a suffix of any .com hostname, causing virtually all .com domains to be incorrectly blocked. The same issue affected other TLDs: ||www.be^ would block all .be websites.

Affected Filter Lists:

• Hagezi's "Multi Ultimate" list contains ||www.be^ (a malware domain), causing all .be websites to be blocked.

Expected Behavior (uBlock Origin):

• ||www.com^ should only block www.com and its subdomains (e.g., sub.www.com)
• ||www.com^ should NOT block example.com, github.com, etc.

Solution

Implemented smart www-stripping logic that only removes the www. prefix when it represents a subdomain, not when it's the actual domain name:

Before Fix:

• ||www.com^ ??? hostname: "com" ??? blocks ALL .com domains ???
• ||www.youjizz.com^ ??? hostname: "youjizz.com" ??? works correctly ???

After Fix:

• ||www.com^ ??? hostname: "www.com" ??? blocks only www.com and subdomains ???
• ||www.youjizz.com^ ??? hostname: "youjizz.com" ??? still works correctly ???

Logic:

The fix checks if stripping www. would leave a valid domain with at least one dot:

• If after_www.contains('.'): strip www. (it's a subdomain prefix)
• Otherwise: preserve www. (it's the actual domain)

Changes

• src/filters/network.rs: Implemented smart www-stripping logic in hostname parsing
• src/filters/network_matchers.rs: Code restructuring for clarity (no functional change to matching logic)
• tests/unit/engine.rs: Updated serialization hash to reflect the fix

Testing

All existing tests pass, including:

• hostname_regex_filter_works: Wildcard hostname filters still work
• is_anchored_by_hostname_works: Hostname matching logic preserved
• check_pattern_hostname_anchor_filter_works: All existing hostname anchor tests pass

Manual Testing Verified:

• ??? ||www.com^ now only blocks www.com (not example.com, github.com, etc.)
• ??? ||www.be^ now only blocks www.be (not all .be domains)
• ??? ||www.youjizz.com^ correctly blocks cdne-pics.youjizz.com (existing behavior preserved)

Breaking Changes

The serialization format hash has changed. Filter lists using ||www.[tld]^ filters will now work correctly instead of over-blocking.

Fixes #479

[Copilot]

Pull request overview

This PR fixes a critical bug where hostname anchor filters like ||www.com^ or ||www.be^ were having their www. prefix unconditionally stripped during parsing, causing them to match all domains with that TLD instead of only matching the intended domain. The fix implements smart www-stripping logic that only removes the prefix when it represents a subdomain (e.g., www.example.com → example.com) but preserves it when it's the actual domain name (e.g., www.com stays as www.com).

Changes:

• Implemented conditional www-stripping logic based on whether the remaining string contains a dot (indicating a valid multi-part domain)
• Refactored hostname matching code for better readability and clarity
• Updated serialization hash to reflect the parsing changes

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File	Description
src/filters/network.rs	Implements smart www-stripping logic that checks if removing "www." leaves a valid domain with at least one dot before stripping
src/filters/network_matchers.rs	Code restructuring for clarity with improved comments; no functional changes to matching logic
tests/unit/engine.rs	Updated serialization hash to reflect the fix

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The added comments explain the expected behavior well, but they may give the impression that this function was modified as part of the www-stripping fix. Consider clarifying that this is a refactoring for readability and that the actual fix is in the hostname parsing logic (network.rs), not in the matching logic.

Suggested change

	// ||www.com should match:
	// - www.com (exact)
	// - sub.www.com (subdomain)
	// But NOT:
	// - example.com (different domain that happens to share .com)
	// - wwwXcom (no dot separator)
	//
	// This function's logic was refactored for readability; it does NOT implement
	// the "www-stripping" fix itself. The actual handling of leading "www."
	// (and related normalization) happens in the hostname parsing logic
	// in `network.rs`, before this matcher is invoked.
	//
	// Examples for ||www.com:
	// - www.com (exact)
	// - sub.www.com (subdomain)
	// But NOT:
	// - example.com (different domain that happens to share .com)
	// - wwwXcom (no dot separator)

[Copilot]

The TODO comment should be removed or updated since the fix has been implemented and the hash has been updated for the non-css-validation case. This comment suggests the hash update is temporary pending verification, but the fix is complete.

Suggested change

	13277824246832611772 // TODO: Update this after fix verification
	13277824246832611772 // Verified hash for css-validation configuration

[Copilot]

Critical bug fix lacks test coverage. The PR fixes a significant issue where filters like ||www.com^ and ||www.be^ incorrectly blocked all domains with those TLDs. However, no automated tests were added to verify this fix or prevent regression. Consider adding test cases that verify: 1) ||www.com^ blocks only www.com and sub.www.com but NOT example.com, github.com, etc., 2) ||www.be^ blocks only www.be but NOT other .be domains, and 3) ||www.example.com^ correctly strips www. and blocks example.com.