as argument and show it on the "blocked" page.
*** Since 3.0.8 ***
- Added SOCKS5 support. Patch provided by Eric M. Hopper.
+- The "blocked" CGI pages include a block reason that was
+ provided as argument to the last-applying block action.
- If enable-edit-actions is disabled (the default since 3.0.7 beta)
the show-status page hides the edit buttons and explains why.
Previously the user would get the "this feature has been disabled"
* DEFINE_ACTION_BOOL()
* DEFINE_ACTION_ALIAS
*
- * Copyright : Written by and Copyright (C) 2001 the SourceForge
+ * Copyright : Written by and Copyright (C) 2001-2008 the SourceForge
* Privoxy team. http://www.privoxy.org/
*
* Based on the Internet Junkbuster originally written
*
* Revisions :
* $Log: actionlist.h,v $
+ * Revision 1.28 2007/12/11 21:08:29 fabiankeil
+ * Let the CGI editor suggest a forward-override
+ * parameter whose syntax is actually valid.
+ *
* Revision 1.27 2007/11/10 15:04:08 fabiankeil
* Tell the CGI editor about +hide-referrer{conditional-forge}.
*
#endif /* ndef DEFINE_CGI_PARAM_RADIO */
DEFINE_ACTION_MULTI ("add-header", ACTION_MULTI_ADD_HEADER)
-DEFINE_ACTION_BOOL ("block", ACTION_BLOCK)
+DEFINE_ACTION_STRING ("block", ACTION_BLOCK, ACTION_STRING_BLOCK)
+DEFINE_CGI_PARAM_NO_RADIO("block", ACTION_BLOCK, ACTION_STRING_BLOCK, "No reason specified.")
DEFINE_ACTION_MULTI ("client-header-filter", ACTION_MULTI_CLIENT_HEADER_FILTER)
DEFINE_ACTION_MULTI ("client-header-tagger", ACTION_MULTI_CLIENT_HEADER_TAGGER)
DEFINE_ACTION_STRING ("content-type-overwrite", ACTION_CONTENT_TYPE_OVERWRITE, ACTION_STRING_CONTENT_TYPE)
-const char actions_rcs[] = "$Id: actions.c,v 1.41 2008/01/28 20:17:40 fabiankeil Exp $";
+const char actions_rcs[] = "$Id: actions.c,v 1.42 2008/02/09 15:15:38 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/actions.c,v $
* Purpose : Declares functions to work with actions files
* Functions declared include: FIXME
*
- * Copyright : Written by and Copyright (C) 2001-2007 the SourceForge
+ * Copyright : Written by and Copyright (C) 2001-2008 the SourceForge
* Privoxy team. http://www.privoxy.org/
*
* Based on the Internet Junkbuster originally written
*
* Revisions :
* $Log: actions.c,v $
+ * Revision 1.42 2008/02/09 15:15:38 fabiankeil
+ * List active and inactive actions in the show-url-info's
+ * "Final results" section separately. Patch submitted by Lee
+ * in #1830056, modified to list active actions first.
+ *
* Revision 1.41 2008/01/28 20:17:40 fabiankeil
* - Mark some parameters as immutable.
* - Hide update_action_bits_for_all_tags() while it's unused.
if ((value == NULL) || (*value == '\0'))
{
- return JB_ERR_PARSE;
+ if (0 != strcmpic(action->name, "block"))
+ {
+ /*
+ * XXX: Temporary backwards compatibility hack.
+ */
+ static int complaint_shown = 0;
+ value = "No reason specified.";
+ if (!complaint_shown)
+ {
+ log_error(LOG_LEVEL_ERROR, "At least one block "
+ "without reason found. This may become a fatal "
+ "error in future versions.");
+ complaint_shown = 1;
+ }
+ }
+ else
+ {
+ return JB_ERR_PARSE;
+ }
}
/* FIXME: should validate option string here */
freez (cur_action->string[action->index]);
#
# File : $Source: /cvsroot/ijbswa/current/default.action.master,v $
#
-# $Id: default.action.master,v 1.111 2008/02/09 20:34:31 fabiankeil Exp $
+# $Id: default.action.master,v 1.112 2008/02/19 18:52:02 fabiankeil Exp $
#
-# Requires : This version requires Privoxy v3.0.7 or later due to
+# Requires : This version requires Privoxy v3.0.9 or later due to
# syntax changes.
#
# Purpose : Default actions file, see
# This file is subject to periodic updating. Local exceptions
# and enhancements are better placed in user.action.
#
-# Copyright : Written by and Copyright (C) 2001 - 2007 the
+# Copyright : Written by and Copyright (C) 2001-2008 the
# Privoxy team. http://www.privoxy.org/
#
# Note: Updated versions of this file will be made available from time
#
# There are 3 kinds of actions:
#
-# Boolean (e.g. "block"):
+# Boolean (e.g. "handle-as-image"):
# +name # enable
# -name # disable
#
# Adds the specified HTTP header, which is not checked for validity.
# You may specify this many times to specify many headers.
#
-# +block
-# Block this URL. Privoxy will ignore this URL completely, and not request
-# it.
+# +block{reason}
+# Block this URL. Instead of forwarding the request, Privoxy will
+# send a "block" page containing the specified reason.
#
# +client-header-filter{name}
# All client headers to which this action applies are filtered on-the-fly
# hide-tor-exit-notation: Removes the Tor exit node notation in Host and Referer headers
#
# +client-header-tagger{string}
-# Block requests based on their headers. Client headers to which this
+# Tag requests based on their headers. Client headers to which this
# action applies are filtered on-the-fly through the specified regular
# expression based substitutions, the result is used as a tag.
# Client-header taggers are the first actions that are executed and their
{{settings}}
#############################################################################
#MASTER# COMMENT: The minimum Privoxy version:
-for-privoxy-version=3.0.7
+for-privoxy-version=3.0.9
#############################################################################
# Aliases
-crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
allow-all-cookies = -crunch-all-cookies -session-cookies-only
allow-popups = -filter{all-popups} -kill-popups -filter{unsolicited-popups}
-+block-as-image = +block +handle-as-image
++block-as-image = +block{Blocked image request.} +handle-as-image
-block-as-image = -block
# These aliases define combinations of actions
#############################################################################
# Generic block patterns by host:
#############################################################################
-{+block}
+{+block{Host matches generic block pattern.}}
#MASTER# DONT-VERIFY (generic)
ad*.
.*ads.
#############################################################################
# Generic block patterns by path:
#############################################################################
-{+block}
+{+block{Path matches generic block pattern.}}
#MASTER# DONT-VERIFY (generic)
/(.*/)?ad(\?|/|s|v|_?(image|se?rv|box)|cycle|rotate|mentor|click|f[ra]m|script|stream|fetch|log|space)
/phpads(new)?/
#############################################################################
# Catch-all for false-positives that are just TOO obvious to let go
#############################################################################
-{+block}
+{+block{Catch-all block for false-positives.}}
#MASTER# PROBLEM URL: http://ads.facebook.com/ads/spreadshirt/banner120x600.jpg
#MASTER# REMARKS: Going for adsrv, adserve, adserver*.
.ads[erv][rv]*.
#############################################################################
# Site-specific block patterns;
#############################################################################
+{+block{Site-specific block pattern matches.}}
#MASTER# BLOCK-REFERRER: http://www.brooksbrothers.com/ 10/18/06
#MASTER# BLOCK-REFERRER: http://www.autodesk.com/
.hitbox.com
#----------------------------------------------------------------------------
# Misc Web-bugs, JS and just plain Junk. Images here aren't normal images.
#----------------------------------------------------------------------------
-{+block +handle-as-empty-document -handle-as-image}
+{+block{Might be a web-bug.} +handle-as-empty-document -handle-as-image}
#MASTER# REMARKS: signature for user tracking nytimes, cnn.com,latimes.com and many others. 10/06/06
/b/ss/.+
#MASTER# BLOCK-REFERRER: http://www.thesun.co.uk/article/0,,11071-10784,00.html
.bloglines.com/r\?
www.skweezer.net/bloglines
-{+block}
+{+block{Looks like an anti-leech trigger URL.}}
#MASTER# COMMENTS: This section not checked 10/17/06 HB. Still out there?
#MASTER# PROBLEM-URL: http://www.anti-leech.com/theft_example.html
#MASTER# REMARKS: Lame attempt at banning ad-blockers. Used by other websites as well.
-const char filters_rcs[] = "$Id: filters.c,v 1.100 2008/02/23 16:33:43 fabiankeil Exp $";
+const char filters_rcs[] = "$Id: filters.c,v 1.101 2008/02/23 16:57:12 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/filters.c,v $
* `jpeg_inspect_response', `execute_single_pcrs_command',
* `rewrite_url', `get_last_url'
*
- * Copyright : Written by and Copyright (C) 2001, 2004-2007 the SourceForge
+ * Copyright : Written by and Copyright (C) 2001, 2004-2008 the SourceForge
* Privoxy team. http://www.privoxy.org/
*
* Based on the Internet Junkbuster originally written
*
* Revisions :
* $Log: filters.c,v $
+ * Revision 1.101 2008/02/23 16:57:12 fabiankeil
+ * Rename url_actions() to get_url_actions() and let it
+ * use the standard parameter ordering.
+ *
* Revision 1.100 2008/02/23 16:33:43 fabiankeil
* Let forward_url() use the standard parameter ordering
* and mark its second parameter immutable.
#endif /* def FEATURE_ACL */
+/*********************************************************************
+ *
+ * Function : connect_port_is_forbidden
+ *
+ * Description : Check to see if CONNECT requests to the destination
+ * port of this request are forbidden. The check is
+ * independend of the actual request method.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns : True if yes, false otherwise.
+ *
+ *********************************************************************/
+int connect_port_is_forbidden(const struct client_state *csp)
+{
+ return ((!(csp->action->flags & ACTION_LIMIT_CONNECT) && csp->http->port != 443)
+ || (csp->action->flags & ACTION_LIMIT_CONNECT &&
+ !match_portlist(csp->action->string[ACTION_STRING_LIMIT_CONNECT], csp->http->port)));
+}
+
+
/*********************************************************************
*
* Function : block_url
if (!err) err = map(exports, "hostport", 1, html_encode(csp->http->hostport), 0);
if (!err) err = map(exports, "path", 1, html_encode(csp->http->path), 0);
if (!err) err = map(exports, "path-ue", 1, url_encode(csp->http->path), 0);
-
+ if (!err)
+ {
+ const char *block_reason;
+ if (csp->action->string[ACTION_STRING_BLOCK] != NULL)
+ {
+ block_reason = csp->action->string[ACTION_STRING_BLOCK];
+ }
+ else
+ {
+ assert(connect_port_is_forbidden(csp));
+ block_reason = "Forbidden CONNECT port.";
+ }
+ err = map(exports, "block-reason", 1, html_encode(block_reason), 0);
+ }
if (err)
{
free_map(exports);
#ifndef PROJECT_H_INCLUDED
#define PROJECT_H_INCLUDED
/** Version string. */
-#define PROJECT_H_VERSION "$Id: project.h,v 1.101 2007/12/07 18:29:23 fabiankeil Exp $"
+#define PROJECT_H_VERSION "$Id: project.h,v 1.102 2008/02/03 13:46:14 fabiankeil Exp $"
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/project.h,v $
* project. Does not define any variables or functions
* (though it does declare some macros).
*
- * Copyright : Written by and Copyright (C) 2001 - 2007 the SourceForge
+ * Copyright : Written by and Copyright (C) 2001-2008 the SourceForge
* Privoxy team. http://www.privoxy.org/
*
* Based on the Internet Junkbuster originally written
*
* Revisions :
* $Log: project.h,v $
+ * Revision 1.102 2008/02/03 13:46:14 fabiankeil
+ * Add SOCKS5 support. Patch #1862863 by Eric M. Hopper with minor changes.
+ *
* Revision 1.101 2007/12/07 18:29:23 fabiankeil
* Remove now-obsolete csp member x_forwarded.
*
#define ACTION_STRING_FAST_REDIRECTS 14
/** Action string index: Overriding forward rule. */
#define ACTION_STRING_FORWARD_OVERRIDE 15
+/** Action string index: Reason for the block. */
+#define ACTION_STRING_BLOCK 16
/** Number of string actions. */
-#define ACTION_STRING_COUNT 16
+#define ACTION_STRING_COUNT 17
/* To make the ugly hack in sed easier to understand */
{
document.write('\
<p class="small" align="center"> \
- <a href="@default-cgi@" target="_blank">Privoxy</a> blocked <b>@protocol@@hostport@@path@</b>. \
- <br><a href="@default-cgi@show-url-info?url=@hostport@@path-ue@" target="_blank">See why</a> \
+ Request blocked by <a href="@default-cgi@" target="_blank">Privoxy</a>: @block-reason@ \
+ <br>See <a href="@default-cgi@show-url-info?url=@hostport@@path-ue@" \
+ target="_blank">why this block applies</a> \
<!-- @if-force-support-start --> \
- or <a href="http://@hostport@@force-prefix@@path@">go there anyway</a>. \
+ or <a href="http://@hostport@@force-prefix@@path@">go \
+ <!-- if-force-support-end@ --> \
+ to <b>@protocol@@hostport@@path@</b> \
+ <!-- @if-force-support-start --> \
+ anyway</a>. \
<!-- if-force-support-end@ --> \
</p> \
');
<td class="box" colspan="2"> \
<h2>Request for blocked URL</h2> \
<p>Your request for <b>@protocol@@hostport@@path@</b> was blocked. \
- <br><a href="@default-cgi@show-url-info?url=@hostport@@path-ue@">See why</a> \
- <!-- @if-force-support-start --> \
+ <br>Block reason: @block-reason@ \
+ <br><a href="@default-cgi@show-url-info?url=@hostport@@path-ue@" \
+ target="_blank">See why this block applies</a> \
+<!-- @if-force-support-start --> \
or <a href="http://@hostport@@force-prefix@@path@">go there anyway</a>. \
<!-- if-force-support-end@ --> \
</p> \
<noscript>
<p class="small" align="center">
- <a href="@default-cgi@" target="_blank">Privoxy</a> blocked <b>@protocol@@hostport@@path@</b>.
- <br><a href="@default-cgi@show-url-info?url=@hostport@@path-ue@" target="_blank">See why</a>
+ Request blocked by <a href="@default-cgi@" target="_blank">Privoxy</a>: @block-reason@
+ <br>See <a href="@default-cgi@show-url-info?url=@hostport@@path-ue@"
+ target="_blank">why this block applies</a>
+ <!-- @if-force-support-start -->
+ or <a href="http://@hostport@@force-prefix@@path@">go
+ <!-- if-force-support-end@ -->
+ to <b>@protocol@@hostport@@path@</b>
<!-- @if-force-support-start -->
- or <a href="http://@hostport@@force-prefix@@path@">go there anyway</a>.
+ anyway</a>.
<!-- if-force-support-end@ -->
</p>
</noscript>
# particular section in an actions file.
#
#
-# Copyright : Written by and Copyright (C) 2001-2007 the SourceForge
+# Copyright : Written by and Copyright (C) 2001-2008 the SourceForge
# Privoxy team. http://www.privoxy.org/
#
# Original Author: Copyright (C) 2001 Jonathan Foster
#
# Revisions :
# $Log: edit-actions-for-url,v $
+# Revision 1.48 2007/12/11 21:18:55 fabiankeil
+# Make forward-override accessible through the CGI editor.
+#
# Revision 1.47 2007/12/06 18:21:55 fabiankeil
# Update hide-forwarded-for-headers description.
#
<td class="action"><a href="@user-manual@@actions-help-prefix@BLOCK">block</a></td>
<td>Block the request.</td>
</tr>
+ <tr class="bg1" align="left" valign="top" id="block_opts">
+ <td class="en1"> </td>
+ <td class="dis1"> </td>
+ <td class="noc1"> </td>
+ <td> </td>
+ <td>Block reason to tell the user:<br>
+ <input type="text" name="block_mode" size="40" value="@block-param@">
+ </td>
+ </tr>
@client-header-filter-params@
@client-header-tagger-params@