From 6c54f92d7dfc01ae843a6935e48f2426553b1ad2 Mon Sep 17 00:00:00 2001
From: SukkaW <isukkaw@gmail.com>
Date: Thu, 25 Jul 2024 18:11:32 +0800
Subject: [PATCH] Re-block Staticfile and BootCDN

---
 Build/build-sgmodule-redirect.ts      | 5 +++++
 Build/constants/reject-data-source.ts | 5 -----
 Source/domainset/reject_sukka.conf    | 6 ++++++
 3 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/Build/build-sgmodule-redirect.ts b/Build/build-sgmodule-redirect.ts
index 5fd74948..ccc44475 100644
--- a/Build/build-sgmodule-redirect.ts
+++ b/Build/build-sgmodule-redirect.ts
@@ -71,6 +71,11 @@ const REDIRECT_MIRROR = [
   ['cdn.polyfill.io/', 'https://cdnjs.cloudflare.com/polyfill/'],
   ['fastly-polyfill.io/', 'https://cdnjs.cloudflare.com/polyfill/'],
   ['fastly-polyfill.net/', 'https://cdnjs.cloudflare.com/polyfill/'],
+  // BootCDN has been controlled by a malicious actor and being used to spread malware
+  ['cdn.bootcdn.net/', 'https://cdnjs.cloudflare.com/ajax/libs/'],
+  ['cdn.bootcdn.com/', 'https://cdnjs.cloudflare.com/ajax/libs/'],
+  ['cdn.staticfile.net/', 'https://cdnjs.cloudflare.com/ajax/libs/'],
+  ['cdn.staticfile.org/', 'https://cdnjs.cloudflare.com/ajax/libs/'],
   // Misc
   ['pics.javbus.com/', 'https://i0.wp.com/pics.javbus.com/'],
   ['googlefonts.wp-china-yes.net/', 'https://fonts.googleapis.com/'],
diff --git a/Build/constants/reject-data-source.ts b/Build/constants/reject-data-source.ts
index 58c431cf..1e3912cb 100644
--- a/Build/constants/reject-data-source.ts
+++ b/Build/constants/reject-data-source.ts
@@ -257,10 +257,5 @@ export const PREDEFINED_WHITELIST = [
   // yet stupid AdGuardDNSFilter blocks all of it. Stupid AdGuard
   '.w3s.link', // stupid phishing.army, introduce both "*.ipfs.w3s.link" and ".w3s.link" to the block list
   'ipfs.io', // ipfs.io was blocked by DigitalSide Threat-Intel - OSINT Hub
-  // stupid uBlock Origin blocking public cdn
-  '.bootcdn.net',
-  '.bootcss.com',
-  '.staticfile.net',
-  '.staticfile.org',
   '.r2.dev' // Despite 5000+ r2 instances used for phishing, yet cloudflare refuse to do anything. we have no choice but whitelist this.
 ];
diff --git a/Source/domainset/reject_sukka.conf b/Source/domainset/reject_sukka.conf
index e582a8b6..97b857d7 100644
--- a/Source/domainset/reject_sukka.conf
+++ b/Source/domainset/reject_sukka.conf
@@ -74,6 +74,12 @@ optimus-ads.amap.com
 # https://sansec.io/research/polyfill-supply-chain-attack
 # https://www.bleepingcomputer.com/news/security/polyfillio-javascript-supply-chain-attack-impacts-over-100k-sites/
 .polyfill.io
+# Other Public CDN also infected by the same company
+.staticfile.org
+.staticfile.net
+.bootcss.com
+.bootcdn.net
+.bootcdn.cn
 # Rest of Malware / Scam
 .hubside.fr