Ap0dexMe0 · April 28, 2026 18:31
diff --git a/netflix-bypass.js b/netflix-bypass.js
 // ==UserScript==
 // @name         Block Specific GraphQL + Domains
 // @namespace    Custom Blocking Script
 // @version      1.1
 // @description  Blocks GraphQL POSTs containing specific operations and requests to specific domains
 // @match        *://*/*
 // @run-at       document-start
 // @grant        none
 // @inject-into  page
 // ==/UserScript==

 (function () {
  'use strict';

  const OPERATION_MARKER = '"operationName":"CLCSInterstitial';
  const BLOCKED_DOMAINS = [
    'android.prod.cloud.netflix.com',
    'ios.prod.cloud.netflix.com',
    'web.prod.cloud.netflix.com',
    'prod.cloud.netflix.com'
  ];

  const shouldBlock = (url, bodyString) => {
    const domainBlocked = BLOCKED_DOMAINS.some(domain => url?.includes(domain));
    const operationBlocked = bodyString && bodyString.includes(OPERATION_MARKER);
    return domainBlocked || operationBlocked;
  };

  const getBodyString = (body) => {
    if (!body) return '';
    if (typeof body === 'string') return body;
    if (body instanceof FormData) return '';
    if (body instanceof URLSearchParams) return body.toString();
    try {
      return JSON.stringify(body);
    } catch {
      return '';
    }
  };

  // ---- fetch patch ----
  const originalFetch = window.fetch.bind(window);
  window.fetch = function (input, init) {
    try {
      const url = typeof input === 'string' ? input : input?.url;
      const method = (init?.method || (typeof input !== 'string' && input?.method) || 'GET').toUpperCase();

      if (method === 'POST') {
        const bodyString = getBodyString(init?.body);
        if (shouldBlock(url, bodyString)) {
          console.warn(`[UserScript] Blocking fetch POST to: ${url}`);
          return Promise.reject(new Error('Request blocked by UserScript'));
        }
      }
    } catch {
      // fail silently
    }

    return originalFetch(input, init);
  };

  // ---- XHR patch ----
  const OriginalXHR = window.XMLHttpRequest;
  function PatchedXHR() {
    const xhr = new OriginalXHR();
    let _method = 'GET';
    let _url = '';

    const originalOpen = xhr.open;
    const originalSend = xhr.send;

    xhr.open = function (method, url, ...args) {
      _method = (method || 'GET').toUpperCase();
      _url = url;
      return originalOpen.apply(this, [method, url, ...args]);
    };

    xhr.send = function (data) {
      try {
        if (_method === 'POST') {
          const bodyString = getBodyString(data);
          if (shouldBlock(_url, bodyString)) {
            console.warn(`[UserScript] Blocking XHR POST to: ${_url}`);
            try { this.abort(); } catch {}
            return;
          }
        }
      } catch {
        // ignore errors
      }
      return originalSend.apply(this, [data]);
    };

    return xhr;
  }

  window.XMLHttpRequest = PatchedXHR;
  Object.setPrototypeOf(window.XMLHttpRequest, OriginalXHR);
  window.XMLHttpRequest.prototype = OriginalXHR.prototype;
 })();
	// ==UserScript==
	// @name Block Specific GraphQL + Domains
	// @namespace Custom Blocking Script
	// @version 1.1
	// @description Blocks GraphQL POSTs containing specific operations and requests to specific domains
	// @match :///*
	// @run-at document-start
	// @grant none
	// @inject-into page
	// ==/UserScript==

	(function () {
	'use strict';

	const OPERATION_MARKER = '"operationName":"CLCSInterstitial';
	const BLOCKED_DOMAINS = [
	'android.prod.cloud.netflix.com',
	'ios.prod.cloud.netflix.com',
	'web.prod.cloud.netflix.com',
	'prod.cloud.netflix.com'
	];

	const shouldBlock = (url, bodyString) => {
	const domainBlocked = BLOCKED_DOMAINS.some(domain => url?.includes(domain));
	const operationBlocked = bodyString && bodyString.includes(OPERATION_MARKER);
	return domainBlocked \|\| operationBlocked;
	};

	const getBodyString = (body) => {
	if (!body) return '';
	if (typeof body === 'string') return body;
	if (body instanceof FormData) return '';
	if (body instanceof URLSearchParams) return body.toString();
	try {
	return JSON.stringify(body);
	} catch {
	return '';
	}
	};

	// ---- fetch patch ----
	const originalFetch = window.fetch.bind(window);
	window.fetch = function (input, init) {
	try {
	const url = typeof input === 'string' ? input : input?.url;
	const method = (init?.method \|\| (typeof input !== 'string' && input?.method) \|\| 'GET').toUpperCase();

	if (method === 'POST') {
	const bodyString = getBodyString(init?.body);
	if (shouldBlock(url, bodyString)) {
	console.warn(`[UserScript] Blocking fetch POST to: ${url}`);
	return Promise.reject(new Error('Request blocked by UserScript'));
	}
	}
	} catch {
	// fail silently
	}

	return originalFetch(input, init);
	};

	// ---- XHR patch ----
	const OriginalXHR = window.XMLHttpRequest;
	function PatchedXHR() {
	const xhr = new OriginalXHR();
	let _method = 'GET';
	let _url = '';

	const originalOpen = xhr.open;
	const originalSend = xhr.send;

	xhr.open = function (method, url, ...args) {
	_method = (method \|\| 'GET').toUpperCase();
	_url = url;
	return originalOpen.apply(this, [method, url, ...args]);
	};

	xhr.send = function (data) {
	try {
	if (_method === 'POST') {
	const bodyString = getBodyString(data);
	if (shouldBlock(_url, bodyString)) {
	console.warn(`[UserScript] Blocking XHR POST to: ${_url}`);
	try { this.abort(); } catch {}
	return;
	}
	}
	} catch {
	// ignore errors
	}
	return originalSend.apply(this, [data]);
	};

	return xhr;
	}

	window.XMLHttpRequest = PatchedXHR;
	Object.setPrototypeOf(window.XMLHttpRequest, OriginalXHR);
	window.XMLHttpRequest.prototype = OriginalXHR.prototype;
	})();
No results found