1 # ********************************************************************
3 # File : $Source: /cvsroot/ijbswa/current/default.filter,v $
5 # $Id: default.filter,v 1.11.2.10 2002/11/11 13:39:47 oes Exp $
7 # Purpose : Rules to process the content of web pages
9 # Copyright : Written by and Copyright
10 # Privoxy team. http://www.privoxy.org/
12 # We value your feedback. However, to provide you with the best support,
15 # * Use the support forum to get help:
16 # http://sourceforge.net/tracker/?group_id=11118&atid=211118
17 # * Submit bugs only thru our bug forum:
18 # http://sourceforge.net/tracker/?group_id=11118&atid=111118
19 # Make sure that the bug has not already been submitted. Please try
20 # to verify that it is a Privoxy bug, and not a browser or site
21 # bug first. If you are using your own custom configuration, please
22 # try the stock configs to see if the problem is a configuration
23 # related bug. And if not using the latest development snapshot,
24 # please try the latest one. Or even better, CVS sources.
25 # * Submit feature requests only thru our feature request forum:
26 # http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse
28 # For any other issues, feel free to use the mailing lists:
29 # http://sourceforge.net/mail/?group_id=11118
31 # Anyone interested in actively participating in development and related
32 # discussions can join the appropriate mailing list here:
33 # http://sourceforge.net/mail/?group_id=11118. Archives are available
36 #################################################################################
40 # Filters start with a line "FILTER: name description". They are then referrable
41 # from the actionsfile with +filter{name}
43 # Inside the filters, write one Perl-Style substitution (job) per line.
44 # Jobs that precede the first FILTER: line are ignored.
46 # For Details see the pcrs manpage contained in this distribution.
47 # (and the perlre, perlop and pcre manpages)
49 # Note that you are free to choose the delimter as you see fit.
51 # Note2: In addidion to the Perl options gimsx, the following nonstandard
52 # options are supported:
54 # 'U' turns the default to ungreedy matching. Add ? to quantifiers to
55 # switch back to greedy.
56 # 'T' (trivial) prevents parsing for backreferences in the substitute.
57 # Use if you want to include text like '$&' in your substitute without
60 #################################################################################
63 #################################################################################
65 # js-annoyances: Get rid of particularly annoying JavaScript abuse
67 #################################################################################
68 FILTER: js-annoyances Get rid of particularly annoying JavaScript abuse
70 # Note: Most of these jobs would be safer if restricted to a
71 # <script> context as in:
73 # s/(<script.*)nasty-item(?=.*<\/script>)/$1replacement/sigU
75 # but that would make them match only the first occurance of
76 # nasty-item in each <script>. We need nestable jobs!
78 # Get rid of Javascript referrer tracking.
79 # Test page: http://www.javascript-page.com/referrer.html
81 s|document\.referrer|"Not Your Business!"|gisU
83 # The status bar is for displaying link targets, not pointless blahblah
85 #s/([\n =;{}]|window\.)(default)?status\s*=/$1dUmMy=/ig
86 s/(([\n =;{}]|window\.)(default)?status)\s*=\s*((['"]).*?\5)/if(typeof(this.href) != 'undefined') $1 = $4 + ' URL: ' + this.href;else return false/ig
88 # Kill OnUnload popups. Yummy.
89 # Test: http://www.zdnet.com/zdsubs/yahoo/tree/yfs.html
91 s/(<body\s+[^>]*)onunload(.*>)/$1never$2/siU
92 s|(<script.*)window\.onunload(?=.*</script>)|$1never|sigU
94 # If we allow window.open, we want normal window features:
95 # Test: http://www.htmlgoodies.com/beyond/notitle.html
97 s/(open\s*\([^\)]+resizable=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
98 s/(open\s*\([^\)]+location=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
99 s/(open\s*\([^\)]+status=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
100 s/(open\s*\([^\)]+scroll(?:ing|bars)=)(["']?)(?:no|0)\2/$1$2auto$2/sigU
101 s/(open\s*\([^\)]+menubar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
102 s/(open\s*\([^\)]+toolbar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
103 s/(open\s*\([^\)]+directories=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
104 s/(open\s*\([^\)]+fullscreen=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
105 s/(open\s*\([^\)]+always(?:raised|lowered)=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
106 s/(open\s*\([^\)]+zlock=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
107 s/(open\s*\([^\)]+hotkeys=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
108 s/(open\s*\([^\)]+titlebar=)(["']?)(?:yes|1)\2/$1$2yes$2/sigU
111 #################################################################################
113 # html-annoyances: Get rid of particularly annoying HTML abuse
115 #################################################################################
116 FILTER: html-annoyances Get rid of particularly annoying HTML abuse
118 # New browser windows (if allowed -- see no-popups filter below) should be
119 # resizeable and have a location and status bar
121 s/(<a\s+href[^>]+resizable=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
122 s/(<a\s+href[^>]+location=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
123 s/(<a\s+href[^>]+status=)(['"]?)(?:no|0)\2/$1$2yes1$2/igU
124 s/(<a\s+href[^>]+scrolling=)(['"]?)(?:no|0)\2/$1$2auto$2/igU
125 s/(<a\s+href[^>]+menubar=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
127 # The <BLINK> tag was a crime!
129 s*<blink>|</blink>**ig
132 #################################################################################
134 # content-cookies: Kill cookies that come in the HTML or JS content
136 #################################################################################
137 FILTER: content-cookies Kill cookies that come in the HTML or JS content
139 # JS cookies, like found on privacy.net:
141 s|document\.cookie(?=[ \t\r\n]*=)|ZappedCookie|ig
145 s|<meta\s+http-equiv=['"]?set-cookie.*>|<!-- ZappedCookie -->|igU
148 #################################################################################
150 # webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
152 #################################################################################
153 FILTER: webbugs Squish WebBugs (1x1 invisible GIFs used for user tracking)
155 s/<img\s+[^>]*(?:width|height)\s*=\s*['"]?1(?=\D)[^>]*(?:width|height)\s*=\s*['"]?1(?=\D)[^>]*?>//siUg
158 ##################################################################################
160 # popups: Kill all popups in JS and HTML
162 #################################################################################
163 FILTER: popups Kill all popups in JS and HTML
165 s/([\n =;{}]|window\.)open\s*\\?\(/$1concat(/ig # JavaScript
166 s/ target\s*=\s*(['"]?)(_blank|_new)\1?/ notarget/ig # HTML
169 #################################################################################
171 # frameset-borders: Give frames a border, make them resizable and scrollable
173 #################################################################################
174 FILTER: frameset-borders Give frames a border and make them resizable
176 s/(<frameset\s+[^>]*)framespacing=(['"]?)(no|0)\2/$1/igU
177 s/(<frameset\s+[^>]*)frameborder=(['"]?)(no|0)\2/$1/igU
178 s/(<frameset\s+[^>]*)border=(['"]?)(no|0)\2/$1/igU
179 s/(<frame\s+[^>]*)noresize/$1/igU
180 s/(<frame\s+[^>]*)frameborder=(['"]?)(no|0)\2/$1/igU
181 s/(<frame\s+[^>]*)scrolling=(['"]?)(no|0)\2/$1/igU
184 #################################################################################
186 # refresh-tags: Kill automatic refresh tags (for dial-on-demand setups)
188 #################################################################################
189 FILTER: refresh-tags Kill automatic refresh tags (for dial-on-demand setups)
191 # Note: Only deactivates refreshes with more than 9 seconds delay to
192 # preserve monster-stupid but common redirections via meta tags.
194 s/<meta\s+http-equiv\s*=\s*(['"]?)refresh\1\s+content\s*=\s*(['"]?)\d{2,}\s*(;\s*url\s*=\s*([^>\2]*))?\2/<link rev="x-refresh" href="$4"/iU
197 #################################################################################
199 # img-reorder: Reorder attributes in <img> tags to make the banners-by-* filters more effective
201 #################################################################################
202 FILTER: img-reorder Reorder attributes in <img> tags to make the banners-by-* filters more effective
204 # In the first step src is moved to the start, then width is moved to the second
205 # place to guarantee an order of src, width, height.
206 # This makes banners-by-size more effective and allows both banners-by-size
207 # and banners-by-link to preserve the original image URL in the alt attribute.
209 s|<img\s+?([^>]*) src\s*=\s*(['"])([^>\\\2]+)\2|<img src=$2$3$2 $1|siUg
210 s|<img\s+?([^>]*) src\s*=\s*([^'">\\\s]+)|<img src=$2 $1|sig
212 s|<img (src=(?:(['"])[^>\\\\2]+\2\|[^'">\\\s]+?))([^>]*)width\s*=\s*(["']?)(\d+?)|<img $1 width=$4$5$4$3|siUg
215 #################################################################################
217 # banners-by-size: Kill banners by size
219 #################################################################################
221 # Standard banner sizes taken from http://www.iab.net/iab_banner_standards/bannersizes.html
223 # Note: Use http://config.privoxy.org/send-banner?type=trans for a transparent 1x1 image
224 # Use http://config.privoxy.org/send-banner?type=pattern for a grey/white pattern image
225 # Use http://config.privoxy.org/send-banner?type=auto to auto-select.
227 # Note2: Use img-reorder before this filter to ensure maximum matching success
229 #################################################################################
230 FILTER: banners-by-size Kill banners by size
233 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)88\4)[^>]*?(height=(['"]?)31\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
234 # 120*60, 120*90, 120*240, 120*600
235 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)120\4)[^>]*?(height=(['"]?)(?:600?|90|240)\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
237 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)125\4)[^>]*?(height=(['"]?)125\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
239 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)160\4)[^>]*?(height=(['"]?)600\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
241 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)180\4)[^>]*?(height=(['"]?)150\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
242 # 234*60, 468*60 (Most Banners!)
243 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:234|468)\4)[^>]*?(height=(['"]?)60\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
245 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)240\4)[^>]*?(height=(['"]?)400\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
247 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:250|300)\4)[^>]*?(height=(['"]?)250\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
249 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)336\4)[^>]*?(height=(['"]?)280\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
251 # Note: 200*50 was also proposed, but it probably causes too much collateral damage:
253 #s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)200\4)[^>]*?(height=(['"]?)50\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
256 #################################################################################
258 # banners-by-link: Kill banners by their links to known clicktrackers
260 #################################################################################
261 FILTER: banners-by-link Kill banners by their links to known clicktrackers
263 # Common case with width and height attributes:
265 s@<a\s+href\s*=\s*(['"]?)([^>\1\s]*?(?:\
266 adclick # See www.dn.se \
267 | atwola\.com/(?:link|redir) # see www.cnn.com \
268 | /jump/ # redirs for doublecklick.net ads \
269 | tracker | counter # common \
270 | adlog\.pl # see sf.net \
271 )[^>\1\s]*)\1[^>]*>\s*<img\s+(?:src\s*=\s*(['"]?)([^>\\\3\s]+)\3)?[^>]*((?:width|height)\s*=\s*(['"]?)\d+?\6)[^>]*((?:width|height)\s*=\s*(['"]?)\d+?\8)[^>]*>\
272 @<img $5 $7 src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed $4 by link to $2$1>@sigx
274 # Rare case w/o explicit dimensions:
276 s@<a\s+href\s*=\s*(['"]?)([^>\1\s]*?(?:adclick|atwola\.com/(?:link|redir)|doubleclick\.net/jump/|tracker|counter|adlog\.pl)[^>\1\s]*)\1[^>]*>\s*<img\s+(?:src\s*=\s*(['"]?)([^>\\\3\s]+)\3)?[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed $4 by link to $2$1>@sig
278 #################################################################################
280 # fun: Text replacements for subversive browsing fun!
282 #################################################################################
283 FILTER: fun Text replacements for subversive browsing fun!
285 s/microsoft(?!.com)/MicroSuck/ig
287 # Buzzword Bingo (example for extended regex syntax)
289 s* industry[ -]leading \
291 | customer[ -]focused \
293 | award[ -]winning # Comments are OK, too! \
294 | high[ -]performance \
295 | solutions[ -]based \
299 *<font color="red"><b>BINGO!</b></font> \
303 #################################################################################
305 # nimda: Remove Nimda (virus) code
307 #################################################################################
308 FILTER: nimda Remove Nimda (virus) code
310 s%<script language="JavaScript">(window\.open|1;''\.concat)\("readme\.eml", null, "resizable=no,top=6000,left=6000"\)</script>%<br><font size="7"> WARNING: This Server is infected with <a href="http://www.cert.org/advisories/CA-2001-26.html">Nimda</a>!</font>%g
313 #################################################################################
315 # shockwave-flash: Kill embedded Shockwave Flash objects
317 #################################################################################
318 FILTER: shockwave-flash Kill embedded Shockwave Flash objects
320 s|<embed [^>]*application/x-shockwave-flash.*</embed>|<!-- Squished Shockwave Flash Embed -->|sigU
323 #################################################################################
325 # quicktime-kioskmode: Make Quicktime movies saveable
327 #################################################################################
328 FILTER: quicktime-kioskmode Make Quicktime movies saveable
330 s/(<embed\s+[^>]*)kioskmode\s*=\s*(["']?)true\2/$1/ig
333 #################################################################################
335 # js-events: Kill all JS event bindings (Radically destructive! Only for extra nasty sites)
337 #################################################################################
338 FILTER: js-events Kill all JS event bindings (Radically destructive! Only for extra nasty sites)
340 s/(on|event\.)((mouse(over|out|down|up|move))|(un)?load|contextmenu|selectstart)/never/ig
341 # Not events, but abused on the same type of sites:
342 s/(alert|confirm)\s*\(/concat(/ig
345 #################################################################################
347 # crude-parental: Crude parental filtering? (Use along with a suitable blocklist).
348 # Shows how to deny access to whole page based on a keyword.
350 #################################################################################
351 FILTER: crude-parental Crude parental filtering (demo only)
353 # (Note: Middlesex, Sussex and Essex are counties in the UK, not rude words)
354 # (Note #2: Is 'sex' a rude word?!)
356 s%^.*(?<!middle)(?<!sus)(?<!es)sex.*$%<html><head><title>Blocked</title></head><body><h3>Blocked due to possible adult content. Please see <a href="http://dmoz.org/Kids_and_Teens/">this site</a>.</h3></body></html>%is
357 s+^.*warez.*$+<html><head><title>No Warez</title></head><body><h3>You're not searching for illegal stuff, are you?</h3></body></html>+is
360 #################################################################################
362 # demoronizer: Correct Microsoft's abuse of standardized character sets, which
363 # leave the browser to (mis)-interpret unknown characters, with
364 # sometimes bizarre results on non-MS platforms.
366 # credit: ripped from the demoroniser.pl script by:
367 # John Walker -- January 1998, http://www.fourmilab.ch/webtools/demoroniser
369 #################################################################################
370 FILTER: demoronizer fixing MS's non-standard use of std charsets.
372 s/(&\#[0-2]\d\d)\s/$1; /g
373 # per Robert Lynch: http://slate.msn.com//?id=2067547, just a guess.
374 # Must come before x94 below.
375 s/\xE2\x80\x94/ -- /g
387 # Bullet type character.
391 #s-\x98-<sup>~</sup>-g
392 #s-\x99-<sup>TM</sup>-g
397 ##############################################################################
400 # $Log: default.filter,v $
401 # Revision 1.11.2.10 2002/11/11 13:39:47 oes
402 # Make refresh-tags filter work even on incorrect refresh tags like found on usatoday.com
404 # Revision 1.11.2.9 2002/11/08 16:39:17 oes
405 # Made img-reorder more cautious. Fixes bug #632715
407 # Revision 1.11.2.8 2002/10/13 21:56:52 hal9
408 # Adding demoronizer filter. This should include all the common abuses. I have
409 # left a few of the rare cases commented out (never found these in the wild).
411 # Revision 1.11.2.7 2002/09/25 15:09:39 oes
412 # Preserve original quoting style in <img> tags wherever possible. Fixes Bug #605956
414 # Revision 1.11.2.6 2002/08/23 14:12:26 oes
415 # Proofed frameset-borders against "fremaborder=0 border=0"
417 # Revision 1.11.2.5 2002/08/22 15:05:20 oes
418 # Added Filter to make Quicktime movies saveable (thanks to aaron@linville.org for the idea)
420 # Revision 1.11.2.4 2002/08/10 11:32:29 oes
421 # Attribute values in replacement tags of banners-by-size filter now undelimited. (Fixes bug #592493)
423 # Revision 1.11.2.3 2002/08/05 11:43:56 oes
424 # Fixed a bug in the popups filter that was introduced with the last fix :-(
426 # Revision 1.11.2.2 2002/08/01 11:20:13 oes
427 # Fixed bugs 587802, 577802 and an unreported one
429 # Revision 1.11.2.1 2002/07/26 15:18:26 oes
430 # - All filters reviewed and many shorcomings fixed
431 # - New filters: img-reorder, banners-by-link and js-events
432 # - Jobs reorderd because they are now executed in order of
435 # Revision 1.11 2002/05/24 00:57:18 oes
436 # Made WeBugs job ungreedy; Fixes bug 559190
438 # Revision 1.10 2002/04/18 10:14:19 oes
439 # renamed some filters
441 # Revision 1.9 2002/04/11 07:36:35 oes
442 # Generalized js-popup filter
444 # Revision 1.8 2002/04/10 17:07:21 oes
445 # Fixed potentially desctructive jobs, added noflash filter
447 # Revision 1.7 2002/04/09 18:34:51 oes
448 # Fixed HTML syntax in replacements
450 # Revision 1.6 2002/04/03 19:49:52 swa
453 # Revision 1.5 2002/03/27 15:30:26 swa
454 # have a consistent appearance
456 # Revision 1.4 2002/03/26 22:29:54 swa
457 # we have a new homepage!
459 # Revision 1.3 2002/03/24 16:08:03 jongfoster
460 # Fixing banners-by-size for new config URLs
462 # Revision 1.2 2002/03/24 13:02:18 swa
463 # name change related issues.
465 # Revision 1.1 2002/03/24 11:37:39 jongfoster
468 # Revision 1.24 2002/03/16 20:39:54 oes
469 # - Added descriptions to the filters so users will know what they select in the cgi editor
470 # - Added content-cookies filter
471 # - Bugfixed many jobs (Thanks to Al for some hints)
473 # Revision 1.22 2002/03/12 13:42:50 oes
474 # Fixing & Optimizing REs
476 # Revision 1.21 2002/03/12 11:59:20 oes
477 # Beefed up Buzzword Bingo
479 # Revision 1.20 2002/03/12 01:42:50 oes
480 # Introduced modular filters
482 # Revision 1.19 2002/03/10 19:49:24 oes
483 # Added expression to kill referer tracking in JavaScripts
485 # Revision 1.18 2002/03/08 17:14:12 oes
486 # PNG -> image in comments
488 # Revision 1.17 2002/03/07 03:50:54 oes
489 # Adapted comments to new built-in images
491 # Revision 1.16 2002/02/21 00:12:19 jongfoster
492 # Modifying the banner regexps to use long URLS and to autodetect
493 # whether to show a logo or a transparent GIF, based on actionsfile
496 # Revision 1.15 2001/12/28 23:54:20 steudten
497 # Fix for feature Req #495374: http-equiv problem
499 # Revision 1.14 2001/12/09 18:55:11 david__schmidt
500 # Updated CODE_STATUS to beta, commented out microsuck line in re_filterfile
503 # Revision 1.13 2001/10/13 13:11:20 joergs
504 # Fixed WebBug filter.
506 # Revision 1.12 2001/10/07 15:46:42 oes
507 # Followed Guy's proposal to change the document.cookie job
509 # Revision 1.11 2001/09/21 12:34:00 joergs
510 # Added filter to replace "Nimda" code by a warning.
512 # Revision 1.10 2001/07/20 11:04:26 oes
513 # Added Rodneys javascript cookie filter
515 # Revision 1.9 2001/07/13 14:03:48 oes
516 # Elimiated yet another bug in the banner-by-size jobs. Shame on me!
518 # Revision 1.8 2001/06/29 13:34:00 oes
519 # - Added explanation for U and T options
520 # - Added hint on image replacement by CGI call
521 # - Fixed bug in banner-by-size jobs
523 # Revision 1.7 2001/06/19 14:21:56 oes
524 # Fixed microsuck line
526 # Revision 1.6 2001/06/09 14:01:57 swa
527 # header. cosmetics. default: no messing ala microsuck.