1 # ********************************************************************
3 # File : $Source: /cvsroot/ijbswa/current/default.filter,v $
5 # $Id: default.filter,v 1.42 2007/05/17 15:55:36 fabiankeil Exp $
7 # Purpose : Rules to process the content of web pages
9 # Copyright : Written by and Copyright (C) 2001 - 2007 the
10 # Privoxy team. http://www.privoxy.org/
12 # We value your feedback. However, to provide you with the best support,
15 # * Use the support forum to get help:
16 # http://sourceforge.net/tracker/?group_id=11118&atid=211118
17 # * Submit bugs only thru our bug forum:
18 # http://sourceforge.net/tracker/?group_id=11118&atid=111118
19 # Make sure that the bug has not already been submitted. Please try
20 # to verify that it is a Privoxy bug, and not a browser or site
21 # bug first. If you are using your own custom configuration, please
22 # try the stock configs to see if the problem is a configuration
23 # related bug. And if not using the latest development snapshot,
24 # please try the latest one. Or even better, CVS sources.
25 # * Submit feature requests only thru our feature request forum:
26 # http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse
28 # For any other issues, feel free to use the mailing lists:
29 # http://sourceforge.net/mail/?group_id=11118
31 # Anyone interested in actively participating in development and related
32 # discussions can join the appropriate mailing list here:
33 # http://sourceforge.net/mail/?group_id=11118. Archives are available
36 #################################################################################
40 # Generally filters start with a line like "FILTER: name description".
41 # They are then referrable from the actionsfile with +filter{name}
43 # FILTER marks a filter as content filter, other filter
44 # types are CLIENT-HEADER-FILTER, CLIENT-HEADER-TAGGER,
45 # SERVER-HEADER-FILTER and SERVER-HEADER-TAGGER.
47 # Inside the filters, write one Perl-Style substitution (job) per line.
48 # Jobs that precede the first FILTER: line are ignored.
50 # For Details see the pcrs manpage contained in this distribution.
51 # (and the perlre, perlop and pcre manpages)
53 # Note that you are free to choose the delimiter as you see fit.
55 # Note2: In addidion to the Perl options gimsx, the following nonstandard
56 # options are supported:
58 # 'U' turns the default to ungreedy matching. Add ? to quantifiers to
59 # switch back to greedy.
61 # 'T' (trivial) prevents parsing for backreferences in the substitute.
62 # Use if you want to include text like '$&' in your substitute without
65 # 'D' (Dynamic) allows the use of variables. Supported variables are:
66 # $host, $origin (the IP address the request came from), $path and $url.
68 # Note that '$' is a bad choice as delimiter for dynamic filters as you
69 # might end up with unintended variables if you use a variable name
70 # directly after the delimiter. Variables will be resolved without
71 # escaping anything, therefore you also have to be careful not to chose
72 # delimiters that appear in the replacement text. For example '<' should
73 # be save, while '?' will sooner or later cause conflicts with $url.
75 #################################################################################
78 #################################################################################
80 # js-annoyances: Get rid of particularly annoying JavaScript abuse
82 #################################################################################
83 FILTER: js-annoyances Get rid of particularly annoying JavaScript abuse
85 # Note: Most of these jobs would be safer if restricted to a
86 # <script> context as in:
88 # s/(<script.*)nasty-item(?=.*<\/script>)/$1replacement/sigU
90 # but that would make them match only the first occurance of
91 # nasty-item in each <script>. We need nestable jobs!
93 # Get rid of Javascript referrer tracking.
94 # Test page: http://www.javascript-page.com/referrer.html
96 s|(?:\w+\.)+referrer|"Not Your Business!"|gisU
98 # The status bar is for displaying link targets, not pointless blahblah
100 s@([\W]\s*)((?:this|window)\.(?:default)?status)\s*=\s*((['"]).*?\4)@$1$2 =\
101 (typeof(this.href) != 'undefined')?($3 + ' URL: ' + this.href):($2)@ig
103 s/(?:(?:this|window)\.(?:default)?status)\s*=\s*\w*\s*;//ig
105 # Kill OnUnload popups. Yummy.
106 # Test: http://www.zdnet.com/zdsubs/yahoo/tree/yfs.html
108 s/(<body\s+[^>]*)onunload/$1never/siU
109 s|(<script.*)window\.onunload(?=.*</script>)|$1never|sigU
111 # If we allow window.open, we want normal window features:
112 # Test: http://www.htmlgoodies.com/beyond/notitle.html
114 s/(open\s*\([^\)]+resizable=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
115 s/(open\s*\([^\)]+location=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
116 s/(open\s*\([^\)]+status=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
117 s/(open\s*\([^\)]+scroll(?:ing|bars)=)(["']?)(?:no|0)\2/$1$2auto$2/sigU
118 s/(open\s*\([^\)]+menubar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
119 s/(open\s*\([^\)]+toolbar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
120 s/(open\s*\([^\)]+directories=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
121 s/(open\s*\([^\)]+fullscreen=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
122 s/(open\s*\([^\)]+always(?:raised|lowered)=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
123 s/(open\s*\([^\)]+z-?lock=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
124 s/(open\s*\([^\)]+hotkeys=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
125 s/(open\s*\([^\)]+titlebar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
126 s/(open\s*\([^\)]+always(?:raised|lowered)=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
129 #################################################################################
131 # js-events: Kill all JS event bindings and timers (Radically destructive! Only for extra nasty sites)
133 #################################################################################
134 FILTER: js-events Kill all JS event bindings and timers (Radically destructive! Only for extra nasty sites)
136 s/(on|event\.)((mouse(over|out|down|up|move))|(un)?load|contextmenu|selectstart)/never/ig
137 # Not events, but abused on the same type of sites:
138 s/(alert|confirm)\s*\(/concat(/ig
139 s/settimeout\(/concat(/ig
141 #################################################################################
143 # html-annoyances: Get rid of particularly annoying HTML abuse
145 #################################################################################
146 FILTER: html-annoyances Get rid of particularly annoying HTML abuse
148 # New browser windows (if allowed -- see no-popups filter below) should be
149 # resizeable and have a location and status bar
151 s/(<a\s+href[^>]+resizable=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
152 s/(<a\s+href[^>]+location=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
153 s/(<a\s+href[^>]+status=)(['"]?)(?:no|0)\2/$1$2yes1$2/igU
154 s/(<a\s+href[^>]+scrolling=)(['"]?)(?:no|0)\2/$1$2auto$2/igU
155 s/(<a\s+href[^>]+menubar=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
157 # The <BLINK> and <MARQUEE> tags were crimes!
159 s-</?(blink|marquee).*>--sigU
162 #################################################################################
164 # content-cookies: Kill cookies that come in the HTML or JS content
166 #################################################################################
167 FILTER: content-cookies Kill cookies that come in the HTML or JS content
169 # JS cookies, except those used by antiadbuster.com to detect us:
171 s|(\w+\.)+cookie(?=[ \t\r\n]*=)(?!='aab)|ZappedCookie|ig
175 s|<meta\s+http-equiv=['"]?set-cookie.*>|<!-- ZappedCookie -->|igU
178 #################################################################################
180 # refresh-tags: Kill automatic refresh tags (for dial-on-demand setups)
182 #################################################################################
183 FILTER: refresh-tags Kill automatic refresh tags (for dial-on-demand setups)
185 # Note: Only deactivates refreshes with more than 9 seconds delay to
186 # preserve monster-stupid but common redirections via meta tags.
188 s/<meta\s+http-equiv\s*=\s*(['"]?)refresh\1\s+content\s*=\s*(['"]?)\d{2,}\s*(;\s*url\s*=\s*([^>\2]*))?\2/<link rev="x-refresh" href="$4"/iU
191 #################################################################################
193 # unsolicited-popups: Disable unsolicited pop-up windows
195 #################################################################################
196 FILTER: unsolicited-popups Disable only unsolicited pop-up windows
198 s+([^'"]\s*<head.*>)(?=\s*[^'"])+$1<script>function PrivoxyWindowOpen(){return(null);}</script>+isU
199 s@([^\w\s.]\s*)((?:map)?(window|this|parent)\.?)?open\s*\(@$1PrivoxyWindowOpen(@ig
200 s+([^'"]\s*</html>)(?!\s*(\\n|'|"))+$1<script>function PrivoxyWindowOpen(a, b, c){return(window.open(a, b, c));}</script>+iU
203 ##################################################################################
205 # all-popups: Kill all popups in JavaScript and HTML
207 #################################################################################
208 FILTER: all-popups Kill all popups in JavaScript and HTML
210 s@((\W\s*)(?:map)?(window|this|parent)\.?)open\s*\\?\(@$1concat(@ig # JavaScript
211 s/\starget\s*=\s*(['"]?)_?(blank|new)\1?/ notarget/ig # HTML
214 ##################################################################################
216 # img-reorder: Reorder attributes in <img> tags to make the banners-by-* filters more effective
218 #################################################################################
219 FILTER: img-reorder Reorder attributes in <img> tags to make the banners-by-* filters more effective
221 # In the first step src is moved to the start, then width is moved to the second
222 # place to guarantee an order of src, width, height.
223 # This makes banners-by-size more effective and allows both banners-by-size
224 # and banners-by-link to preserve the original image URL in the title attribute.
226 s|<img\s+?([^>]*) src\s*=\s*(['"])([^>\\\2]+)\2|<img src=$2$3$2 $1|siUg
227 s|<img\s+?([^>]*) src\s*=\s*([^'">\\\s]+)|<img src=$2 $1|sig
229 s|<img (src=(?:(['"])[^>\\\\2]*\2\|[^'">\\\s]+?))([^>]*)\s+width\s*=\s*(["']?)(\d+?)\4|<img $1 width=$4$5$4$3|siUg
232 #################################################################################
234 # banners-by-size: Kill banners by size
236 #################################################################################
238 # Standard banner sizes taken from http://www.iab.net/iab_banner_standards/bannersizes.html
240 # Note: Use http://config.privoxy.org/send-banner?type=trans for a transparent 1x1 image
241 # Use http://config.privoxy.org/send-banner?type=pattern for a grey/white pattern image
242 # Use http://config.privoxy.org/send-banner?type=auto to auto-select.
244 # Note2: Use img-reorder before this filter to ensure maximum matching success
246 #################################################################################
247 FILTER: banners-by-size Kill banners by size
250 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)88\4)[^>]*?(height=(['"]?)31\6)[^>]*?(?=/?>)@\
251 <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
252 # 120*60, 120*90, 120*240, 120*600
253 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)120\4)[^>]*?(height=(['"]?)(?:600?|90|240)\6)[^>]*?(?=/?>)@\
254 <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
256 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)125\4)[^>]*?(height=(['"]?)125\6)[^>]*?(?=/?>)@\
257 <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
259 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)160\4)[^>]*?(height=(['"]?)600\6)[^>]*?(?=/?>)@\
260 <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
262 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)180\4)[^>]*?(height=(['"]?)150\6)[^>]*?(?=/?>)@\
263 <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
264 # 234*60, 468*60 (Most Banners!)
265 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:234|468)\4)[^>]*?(height=(['"]?)60\6)[^>]*?(?=/?>)@\
266 <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
268 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)240\4)[^>]*?(height=(['"]?)400\6)[^>]*?(?=/?>)@\
269 <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
271 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:250|300)\4)[^>]*?(height=(['"]?)250\6)[^>]*?(?=/?>)@\
272 <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
274 s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)336\4)[^>]*?(height=(['"]?)280\6)[^>]*?(?=/?>)@\
275 <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
277 # Note: 200*50 was also proposed, but it probably causes too much collateral damage:
279 #s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)200\4)[^>]*?(height=(['"]?)50\6)[^>]*?(?=/?>)@\
280 # <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
283 #################################################################################
285 # banners-by-link: Kill banners by their links to known clicktrackers (Experimental)
287 #################################################################################
288 FILTER: banners-by-link Kill banners by their links to known clicktrackers
290 # Common case with width and height attributes:
292 s@<a\s+href\s*=\s*(['"]?)([^>\1\s]*?(?:\
293 adclick # See www.dn.se \
294 | advert # see dict.leo.org \
295 | atwola\.com/(?:link|redir) # see www.cnn.com \
296 | /jump/ # redirs for doublecklick.net ads \
297 | tracker | counter # common \
298 | adlog\.pl # see sf.net \
299 )[^>\1\s]*)\1[^>]*>\s*<img\s+(?:src\s*=\s*(['"]?)([^>\\\3\s]+)\3)?[^>]*((?:width|height)\s*=\s*(['"]?)\d+?\6)[^>]*((?:width|height)\s*=\s*(['"]?)\d+?\8)[^>]*?(?=/?>)\
300 @<img $5 $7 src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed $4 by link to $2"@sigx
302 # Rare case w/o explicit dimensions:
304 s@<a\s+href\s*=\s*(['"]?)([^>\1\s]*?(?:ad(?:click|vert)|atwola\.com/(?:link|redir)|doubleclick\.net/jump/|tracker|counter|adlog\.pl)[^>\1\s]*)\1[^>]*>\s*<img\s+(?:src\s*=\s*(['"]?)([^>\\\3\s]+)\3)?[^>]*?(?=/?>)@<img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed $4 by link to $2"@sig
307 ################################################################################
309 # webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
311 #################################################################################
312 FILTER: webbugs Squish WebBugs (1x1 invisible GIFs used for user tracking)
314 s@<img[^>]*\s(?:width|height)\s*=\s*['"]?[01](?=\D)[^>]*\s(?:width|height)\s*=\s*['"]?[01](?=\D)[^>]*?>@@siUg
317 #################################################################################
319 # tiny-textforms: Extend those tiny textareas up to 40x80 and kill the hard wrap
321 #################################################################################
322 FILTER: tiny-textforms Extend those tiny textareas up to 40x80 and kill the hard wrap
324 s/(<textarea[^>]*?)(?:\s*(?:rows|cols)=(['"]?)\d+\2)+/$1 rows=$2\40$2 cols=$2\80$2/ig
325 s/(<textarea[^>]*?)wrap=(['"]?)hard\2/$1/ig
328 #################################################################################
330 # jumping-windows: Prevent windows from resizing and moving themselves
332 #################################################################################
333 FILTER: jumping-windows Prevent windows from resizing and moving themselves
335 s/(?<=[\W])(?:window|this|self)\.(?:move|resize)(?:to|by)\(/''.concat(/ig
337 #################################################################################
339 # frameset-borders: Give frames a border, make them resizable and scrollable
341 #################################################################################
342 FILTER: frameset-borders Give frames a border and make them resizable
344 s/(<frameset\s+[^>]*)framespacing=(['"]?)(no|0)\2/$1/igU
345 s/(<frameset\s+[^>]*)frameborder=(['"]?)(no|0)\2/$1/igU
346 s/(<frameset\s+[^>]*)border=(['"]?)(no|0)\2/$1/igU
347 s/(<frame\s+[^>]*)noresize/$1/igU
348 s/(<frame\s+[^>]*)frameborder=(['"]?)(no|0)\2/$1/igU
349 s/(<frame\s+[^>]*)scrolling=(['"]?)(no|0)\2/$1/igU
353 #################################################################################
355 # demoronizer: Correct Microsoft's abuse of standardized character sets, which
356 # leave the browser to (mis)-interpret unknown characters, with
357 # sometimes bizarre results on non-MS platforms.
359 # credit: ripped from the demoroniser.pl script by:
360 # John Walker -- January 1998, http://www.fourmilab.ch/webtools/demoroniser
362 #################################################################################
363 FILTER: demoronizer Fix MS's non-standard use of standard charsets
365 s/(&\#[0-2]\d\d)\s/$1; /g
366 # per Robert Lynch: http://slate.msn.com//?id=2067547, just a guess.
367 # Must come before x94 below.
368 s/\xE2\x80\x94/ -- /g
380 # Bullet type character.
384 #s-\x98-<sup>~</sup>-g
385 #s-\x99-<sup>TM</sup>-g
390 #################################################################################
392 # shockwave-flash: Kill embedded Shockwave Flash objects
393 # Note: Better just block "/.*\.swf$"!
395 #################################################################################
396 FILTER: shockwave-flash Kill embedded Shockwave Flash objects
398 s|<object [^>]*macromedia.*</object>|<!-- Squished Shockwave Object -->|sigU
399 s|<embed [^>]*(application/x-shockwave-flash\|\.swf).*>(.*</embed>)?|<!-- Squished Shockwave Flash Embed -->|sigU
402 #################################################################################
404 # quicktime-kioskmode: Make Quicktime movies saveable
406 #################################################################################
407 FILTER: quicktime-kioskmode Make Quicktime movies saveable
409 s/(<embed\s+[^>]*)kioskmode\s*=\s*(["']?)true\2/$1/ig
412 #################################################################################
414 # fun: Text replacements for subversive browsing fun!
416 #################################################################################
417 FILTER: fun Text replacements for subversive browsing fun!
421 s/microsoft(?!.[^\s])/MicroSuck/ig
423 # Buzzword Bingo (example for extended regex syntax)
425 s* (?:industry|world)[ -]leading \
427 | customer[ -]focused \
429 | award[ -]winning # Comments are OK, too! \
430 | high[ -]performance \
431 | solutions[ -]based \
435 *$0<sup><font color="red"><b>Bingo!</b></font></sup> \
440 s/(M|m)edien(?![^<]*>)/$1ädchen/Ug
442 #################################################################################
444 # crude-parental: Crude parental filtering. Use with a suitable blocklist.
445 # Pages are "blocked" based on keyword matching.
447 #################################################################################
448 FILTER: crude-parental Crude parental filtering
450 # (Note: Middlesex, Sussex and Essex are counties in the UK, not rude words)
451 # (Note #2: Is 'sex' a rude word?!)
453 s%^.*(?<!middle)(?<!sus)(?<!es)sex.*$%<html><head><title>Blocked</title></head><body><h3>Blocked due to possible adult content. Please see <a href="http://dmoz.org/Kids_and_Teens/">this site</a>.</h3></body></html>%is
455 s+^.*warez.*$+<html><head><title>No Warez</title></head><body><h3>You're not searching for illegal stuff, are you?</h3></body></html>+is
457 # Remove by description
459 (suck |lick |tounge |rub |fuck |fingering |finger |chicks? )?\
460 (her |your |my |hard |with |big |wet |tight |pink |hot |moist |young |teen )+\
461 (dicks?|penis|cocks?|balls?|tits?|pussy|cunt|clit|ass|mouth).*$\
462 /This page has been blocked by Privoxy's crude-parental content filter\
467 (download|broadband|view|watch|free|get|extreem)? \
468 (sex|xxx|porn|cumshot|fuck(ing|s)?|anal|ass|asian|adult|Amateur|org(y|ies)|close ups?|hand ? job|nail(ed)?)+ \
469 (movies?|pics?|videos?|dvds?|dvd's|links?).*$\
470 /This page has been blocked by Privoxy's crude-parental content filter\
473 #Remove by age disclaimer
475 (models?|chicks?|girls?|women|persons) \
476 (who|are|were)+ (over|at least) (16|18|21) years (old|of age).*$\
477 /This page has been blocked by Privoxy's crude-parental content filter\
480 #Remove by regulations
481 s/^.*(Section 2257|18 U.?S.?C.? 2257).*$\
482 /This page has been blocked by Privoxy's crude-parental content filter\
486 #################################################################################
488 # IE-Exploits: Disable some known Internet Explorer bug exploits
490 #################################################################################
491 FILTER: ie-exploits Disable some known Internet Explorer bug exploits
493 # Note: This is basically a demo and waits for someone more interested in IE
494 # security (sic!) to take over.
496 # Cross-site-scripting:
498 s%f\("javascript:location.replace\('mk:@MSITStore:C:'\)"\);%alert\("This page looks like it tries to use a vulnerability described here:\n http://online.securityfocus.com/archive/1/298748/2002-11-02/2002-11-08/2"\);%siU
500 # Address bar spoofing (http://www.secunia.com/advisories/10395/):
502 s/(<a[^>]*href[^>]*)(?:\x01|\x02|\x03|%0[012])@/$1MALICIOUS-LINK@/ig
506 s%<script language="JavaScript">(window\.open|1;''\.concat)\("readme\.eml", null, "resizable=no,top=6000,left=6000"\)</script>%<br><font size="7"> WARNING: This Server is infected with <a href="http://www.cert.org/advisories/CA-2001-26.html">Nimda</a>!</font>%g
509 #################################################################################
512 # site-specifics: Cure for site-specific problems. Don't apply generally!
514 # Note: The fixes contained here are so specific to the problems of the
515 # particular web sites they are designed for that they would be a
516 # waste of CPU cycles (or even destructive!) on 99.9% of the web
517 # sites where they don't apply.
519 #################################################################################
520 FILTER: site-specifics Cure for site-specific problems. Don't apply generally!
522 # www.spiegel.de excludes X11 users from viewing Flash5 objects - shame.
523 # Apply to: www.spiegel.de/static/js/flash-plugin.js
525 s/indexOf\("x11"\)/indexOf("x13")/
527 # www.quelle-bausparkasse.de uses a very stupid redirect mechanism that
528 # relies on a webbug being present. Can we tolerate that? No!
529 # Apply to: www.quelle-bausparkasse.de/$
533 # groups.yahoo.com has splash pages that one needs to click through in
534 # order to access the actual messages. Let the browser do that. Thanks
535 # to Paul Jobson for this one:
537 s|<a href="(.+?)">(?:Continue to message\|Weiter zu Nachricht)</a>|<meta http-equiv="refresh" content="0; URL=$1">|ig
539 # monster.com has two very similar gimmicks:
541 s|<input type="hidden" name="REDIRECT" value="(.+?)">|<meta http-equiv="refresh" content="0; URL=$1">|i
543 s|<IMG SRC="http://media.monster.com/mm/usen/my/no_thanks_211x40.gif".+?>|<meta http-equiv="refresh" content="0; URL=http://my.monster.com/resume.asp">|i
545 # nytimes.com triggers popups through the onload handler of dummy images
546 # to fool popup-blockers.
548 s|(<img [^>]*)onload|$1never|sig
550 # Pre-check all the "Discard" buttons in GNU Mailman's web interface.
551 # (This saves a lot of mouse aiming practice when flushing spamtraps)
553 s|(<INPUT name="\d{2,4}" type="RADIO" value="0") CHECKED |$1|g
554 s|<INPUT name="\d{2,4}" type="RADIO" value="3" |$0 checked|g
556 #################################################################################
558 # no-ping: Removes non-standard ping attributes in <a> and <area> tags.
560 #################################################################################
561 FILTER: no-ping Removes non-standard ping attributes in <a> and <area> tags.
562 s@(<a(?:rea)?[^>]*?)\sping=(['"]?)([^"'>]+)\2([>\s]?)@\
563 <strong style="color:white; background-color:red;" title="Privoxy removed ping target '$3'">PING!</strong>\n$1$4@ig
565 #################################################################################
567 # google: CSS-based block for Google text ads. Also removes
568 # a width limitation and the toolbar advertisement.
570 #################################################################################
571 FILTER: google CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.
572 s@</head>@<style type="text/css">\n\
573 /* Style sheet inserted by Privoxy's google filter. */\n\
574 \#fbc, \#fbl, \#ra, .rhh {visibility: hidden !important;}\n\
575 \#tpa1,\#tpa2,\#tpa3,\#tpa4,\#tpa5,\#tpa5, \#spl, .ch, \#ads,\
576 \#toolbar, \#google_ads_frame, \#mbEnd {display: none !important;}\n\
577 .main_body, .j {width: 100%}\n</style>\n$0@
578 s@<div style=\"padding-top:11px;min-width:500px\">@<div id="main_body">@
579 s@(<table cellspacing=0 cellpadding=0 width=25% align=right bgcolor=\#ffffff border=0\
580 |</font></td></tr></tbody></table><table align=\"right\" bgcolor=\"\#ffffff\"\
581 |<table cellspacing=0 cellpadding=0 align=right bgcolor=\#ffffff border=0\
582 |<table style=\"clear:both\" align=right width=25% cellspacing=\"0\" cellpadding=\"0\"\
583 border=\"0\" bgcolor=\"\#ffffff\")@$0 id="ads"@
584 s@(<br clear=all><table)( border=0 cellpadding=9><tr><td)@$1 id="toolbar"$2@
586 #################################################################################
588 # yahoo: CSS-based block for Yahoo text ads. Also removes a width limitation.
590 #################################################################################
591 FILTER: yahoo CSS-based block for Yahoo text ads. Also removes a width limitation.
592 s@</head>@\n<style type="text/css">\n\
593 /* Style sheet inserted by Privoxy's yahoo filter. */\n\
594 \#symadbn, \#ymadbn, .yschbox, \#yschsec, .yschhd, \#yschanswr, .yschftad,\
595 .yschspn, .yschspns, \#ygrp-sponsored-links, \#ks-ypn-ads {display: none !important;}\n\
596 \#yschpri, \#yschweb {width: 100% !important; max-width: 100% !important;}\n\
597 \#yschqcon, \#yschtg {width: auto !important; /* No useless horizontal scrollbar please */}\n\
600 #################################################################################
602 # msn: CSS-based block for MSN text ads. Also removes tracking URLs
603 # and a width limitation.
605 #################################################################################
606 FILTER: msn CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.
607 s@</head>@<style type="text/css">\n\
608 /* Style sheet inserted by Privoxy's msn filter. */\n\
609 .msn_ads {display: none !important;}\n\
610 \#results, .flank, .results_area_flank, .results_area_stroke, .SearchSection .not\
611 {width: 99% /*!important*/; min-width: 99% !important;\
612 max-width: 100% !important; /* width:100% sometimes causes horizontal scrollbars */}\n\
613 /* Make continue links harder to miss */\n\
614 \#pagination_bottom a {padding: .3em .5em .3em .5em; border: 1px solid \#e6e6e6;}\n\
615 \#pagination_bottom li, \#pagination_bottom li .selected, li .nextPage \
616 {margin: 0 !important; cursor: auto; border: none; padding:.1em;}\n\
617 \#pagination_bottom li .prevPage {padding-right: 1.5em !important;}\n\
618 \#pagination_bottom li .selected {border: none;}\n\
619 .selected a {background-color: \#d2eaf6; border: 1px solid \#b7d8ee;}\n\
620 /* Remove "suggestions". They are next to worthless but partly overlap with the search results */\n\
621 .suggestion, \#nys_right {clear: both; display:none;}\n\
623 s@(<div[^>]*) id=(["']?)ads_[^\2]*\2@$1 class="msn_ads"@Uig
624 s@(<a[^>]*href=\")http://g.msn.com/.*\?(http://.*)(&&DI=.*)(\")@$1$2$4@Ug
625 s@(<a[^>]*)gping=\".*\"@$1 title="URL cleaned up by Privoxy's msn filter"@Ug
627 #################################################################################
629 # blogspot: Cleans up some Blogspot blogs. Read the fine print before using this.
631 # This filter also intentionally removes some navigation stuff and
632 # sets the page width to 100%. As a result, some rounded "corners" would
633 # appear to early or not at all and as fixing this would require a browser
634 # that understands background-size (CSS3), they are removed instead.
636 #################################################################################
637 FILTER: blogspot Cleans up some Blogspot blogs. Read the fine print before using this.
638 s@</head>@<style type="text/css">\n\
639 /* Style sheet inserted by Privoxy's blogspot filter. */\n\
640 \#powered-by {display: none !important;}\n\
641 \#wrap4, \#wrapper {margin-top: 0px }\n\
642 \#blogheader, \#header {margin-top: 0.5em !important}\n\
643 \#content {width: 98% }\n\
644 \#main {width: 70% }\n\
645 \#sidebar {width: 29% }\n\
646 .post-body {overflow: auto;}\n\
647 .blogComments {width: 100%; overflow: auto;}\n</style>\n$0@
648 s@<body.*(?:<div id="space-for-ie"></div>|(<div id="(?:content|wrap4|wrapper)))@<body>\
649 <!-- Privoxy's blogspot filter ditched some garbage here -->$1@Us
650 s@(<div style=\"[^\"]*width:)30em@$1 100%@
651 s@background:url\(\"http://www.blogblog.com/rounders[^\"]*\"\).*;@/*$0*/@Ug
652 s@(background:\#[a-f\d]{3})( url\(\"http://www.blogblog.com/rounders[^\"]*\"\).*;)@$1 ;/*$2*/@Ug
654 #################################################################################
656 # x-httpd-php-to-html: Changes the Content-Type header from
657 # x-httpd-php to html. "Content-Type: x-httpd-php"
658 # is set by clueless PHP users and causes many
659 # browsers do open a download menu instead of
660 # rendering the page.
662 #################################################################################
663 SERVER-HEADER-FILTER: x-httpd-php-to-html Changes the Content-Type header from x-httpd-php to html.
664 s@^(Content-Type:)\s*application/x-httpd-php@$1 text/html@i
666 #################################################################################
668 # html-to-xml: Changes the Content-Type header from html to xml.
670 #################################################################################
671 SERVER-HEADER-FILTER: html-to-xml Changes the Content-Type header from html to xml.
672 s@^(Content-Type:)\s*text/html(;.*)?$@$1 application/xhtml+xml$2@i
674 #################################################################################
676 # xml-to-html: Changes the Content-Type header from xml to html.
678 #################################################################################
679 SERVER-HEADER-FILTER: xml-to-html Changes the Content-Type header from xml to html.
680 s@^(Content-Type:)\s*(?:application|text)/(?:xhtml\+)?xml(;.*)?$@$1 text/html$2@i
682 #################################################################################
684 # hide-tor-exit-notation: Remove the Tor exit node notation in Host and Referer headers.
686 # Note: If Privoxy and Tor are chained and Privoxy is configured to
687 # use socks4a, one can use http://www.example.org.foobar.exit/
688 # to access the host www.example.org through Tor exit node foobar.
690 # As the HTTP client isn't aware of this notation, it treats the
691 # whole string "www.example.org.foobar.exit" as host and uses it
692 # for the "Host" and "Referer" headers. From the server's point of
693 # view the resulting headers are invalid and can cause problems.
695 # An invalid "Referer" header can trigger "hot-linking" protections,
696 # an invalid "Host" header will make it impossible for the server to
697 # find the right vhost (several domains hosted on the same IP address).
699 # This filter removes the "foo.exit" part in those headers
700 # to prevent the mentioned problems. Note that it only modifies
701 # the HTTP headers, it doesn't make it impossible for the server
702 # to detect your Tor exit node based on the IP address the request is
705 #################################################################################
706 CLIENT-HEADER-FILTER: hide-tor-exit-notation Removes the Tor exit node notation in Host and Referer headers.
707 s@^((?:Referer|Host):\s*(?:https?://)?[^/]*)\.[^\./]*?\.exit@$1@i
709 #################################################################################
711 # less-download-windows: Prevents annoying download windows for content types
712 # the browser can handle itself.
714 #################################################################################
715 SERVER-HEADER-FILTER: less-download-windows Prevent annoying download windows for content types the browser can handle itself
716 s@^Content-Disposition:.*filename=(["']?).*\.(png|gif|jpe?g|diff?|d?patch|c|h|pl|shar)\1.*$@@i
717 s@^(Content-Type:)\s*(?:message/(?:news|rfc822)|text/x-.*|application/x-sh)\s*@$1 text/plain@i
719 #################################################################################
721 # image-requests: Tags detected image requests as "IMAGE-REQUEST". Whether
722 # or not the detection actually works depends on the browser.
724 #################################################################################
725 CLIENT-HEADER-TAGGER: image-requests Tags detected image requests as "IMAGE-REQUEST".
726 s@Accept:\s*image/.*@IMAGE-REQUEST@i
728 #################################################################################
730 # css-requests: Tags detected CSS requests as "CSS-REQUEST". Whether
731 # or not the detection actually works depends on the browser.
733 #################################################################################
734 CLIENT-HEADER-TAGGER: text-requests Tags detected CSS requests as "CSS-REQUEST".
735 s@Accept:\s*text/css.*@CSS-REQUEST@i
737 ##############################################################################
740 # $Log: default.filter,v $
741 # Revision 1.42 2007/05/17 15:55:36 fabiankeil
742 # Undo an improperly tested last-minute change
743 # and turn "text-requests" back into "css-requests".
745 # Revision 1.41 2007/05/17 15:45:41 fabiankeil
746 # - Mention new filter types and the 'D' option.
747 # - Header filters are now case-insensitive and accept a
748 # varying amount of whitespace after the colon.
749 # - Add another selector for yahoo ads.
750 # - New server-header filter: less-download-windows
751 # - New client-header taggers: text-requests and image-requests.
753 # Revision 1.40 2007/03/20 15:40:00 fabiankeil
754 # Adjust to new world order with dedicated header-filter actions.
756 # Revision 1.39 2007/02/21 14:10:23 fabiankeil
757 # - Fix a js-annoyances pcrs command that broke
758 # evaluated code. (BR #1124071, thanks to Bor Gergely)
759 # - Have unsolicited-popups and all-popups catch the
760 # wheather.com popup reported in in AF #1640173.
762 # Revision 1.38 2007/02/19 11:22:48 hal9
763 # Adding back the orginal filter content to offset problems found by Fabian.
765 # Revision 1.37 2007/02/17 13:29:44 hal9
766 # Updates to the crude parental filter per Feature Requests item #1648657.
768 # Revision 1.36 2007/02/05 16:47:31 fabiankeil
769 # - Let banners-by-link look for "advert".
770 # - Fix XML systax problems with banners-by-link
771 # and banners-by-size (AF#1651570).
773 # Revision 1.35 2006/12/21 12:28:12 fabiankeil
774 # Escaping special characters in filter descriptions is no
775 # longer necessary, it's done by Privoxy now.
777 # Revision 1.34 2006/12/12 17:32:23 fabiankeil
778 # Added id mbEnd to google filter, it's now and then
779 # used for the sponsored links.
781 # Have js-annoyances try to prevent status bar
782 # modifications where the status bar text is
783 # inside another variable. Fixes 1605710.
785 # Revision 1.33 2006/11/16 17:10:43 fabiankeil
786 # Removed webbugs debugging comment again.
787 # The apostrophe could break JavaScript and
788 # the comment itself could mess up existing
791 # Revision 1.32 2006/11/10 18:04:04 fabiankeil
792 # Have no-ping print the ping warning in red.
794 # Modified yahoo to keep in sync with recent
795 # CSS changes and to suppress a useless horizontal
798 # msn now makes sure that the continue-link boxes
799 # act as links (the original CSS just changes the cursor).
801 # Changed fun filter regex to leave microsoft links alone.
804 # Revision 1.31 2006/10/21 13:12:28 fabiankeil
805 # Added no-ping and hide-tor-exit-notation.
807 # Adjusted jumping-windows to break less.
810 # Revision 1.30 2006/10/18 12:36:50 fabiankeil
811 # google filter now cleans Google groups as well.
813 # Revision 1.29 2006/10/11 14:03:17 fabiankeil
814 # Changed img-reorder regex to only move width
815 # attributes if they are following at least one
816 # whitespace. Fixes BR 1328455.
818 # Revision 1.28 2006/10/11 13:31:13 fabiankeil
819 # Added Anduin Withers' js-annoyances fix
820 # for not messing up escaped quotes. Fixes BR 999765.
822 # Improved blogspot filter to make it less likely that
823 # the blogspot banner at the top of the page is missed.
825 # Revision 1.27 2006/10/08 17:00:51 fabiankeil
826 # Modified webbugs filter to create a comment around the offending
827 # image instead of removing it entirely.
829 # Adjusted regex to only match if there's at least one whitespace
830 # before the width and height attributes. Makes it more likely that
831 # they are indeed attributes, and not part of the value of another attribute.
834 # Thanks to Martin Thomas for diagnosing the cause of the problem.
836 # Revision 1.26 2006/10/06 18:06:16 fabiankeil
837 # Added header filter x-httpd-php-to-html
838 # and reverted another img-reorder whitespace
841 # Revision 1.25 2006/10/06 15:26:09 fabiankeil
842 # Bumped copyright year.
844 # Reverted parts of the last img-reorder change
845 # which were intended to remove superfluous whitespace
846 # but had the side effect to mess up some tags.
848 # Modified banners-by-size and banners-by-link to
849 # use border value "0" instead of "\0". Fixes BR 1100065.
851 # Revision 1.24 2006/10/06 11:25:31 fabiankeil
852 # Taught img-reorder not to break img tags
853 # with empty src attributes. Fixes BR 1089474.
854 # Thanks to Raphael Moll for reporting.
856 # Revision 1.23 2006/10/05 14:46:28 fabiankeil
857 # Replaced "<" in img-reorder's description with "<".
859 # Modified msn filter to tag ads with classes instead
860 # of ids. There may be more than one ad per page,
861 # but ids are required to be unique.
863 # Revision 1.22 2006/10/04 19:17:14 fabiankeil
864 # Incorportated Frédéric Crozat's ie-exploits
865 # modification to make it less trigger-happy.
867 # Modified blogspot filter to make .post-body
868 # scrollable if necessary.
870 # Revision 1.21 2006/10/02 16:21:14 fabiankeil
871 # Adjusted yahoo filter to hide .yschspns as well.
872 # Added header filters: html-to-xml and xml-to-html.
874 # Revision 1.20 2006/10/01 21:00:22 fabiankeil
875 # New site-specific filters: google, yahoo, msn and blogspot.
877 # Revision 1.19 2006/07/18 14:48:45 david__schmidt
878 # Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
879 # with what was really the latest development (the v_3_0_branch branch)
881 # Revision 1.11.2.23 2004/02/17 13:34:01 oes
882 # - Beefed up the protection of the unsolicited-popups
883 # filter against matching in JavaScript string constants.
884 # - Extended the fun filter with a German joke
885 # - Extended the site-specifics filter with a convenience
886 # reeplacement for managing mailing lists at SourceForge
888 # Revision 1.11.2.22 2004/01/30 15:29:29 oes
889 # Updated the copyright note
891 # Revision 1.11.2.21 2004/01/20 15:15:01 oes
892 # Detail enhancement in all-popups
894 # Revision 1.11.2.20 2004/01/06 16:46:14 oes
895 # Fixed a JS syntax problem in jumping-windows
897 # Revision 1.11.2.19 2003/12/17 17:09:25 oes
898 # Added remedy against IE address bar spoofing
900 # Revision 1.11.2.18 2003/12/02 11:25:27 oes
901 # Fixed a line trashed in previous commit
903 # Revision 1.11.2.17 2003/12/01 21:58:46 oes
906 # - unsolicited-popups no longer matches at start or end of quoted
907 # strings, and is now activated earlier and deactivated later in
909 # - replacement images in banners-by-* now without border
910 # - more effective shockwave flash flattening
911 # - Custom annoyance filtering for Yahoo Groups, Monster.com, NY Times.
913 # Revision 1.11.2.16 2003/05/08 09:44:56 oes
914 # Allow extra parameters in blink,marquee tags. Fixes bug #734012
916 # Revision 1.11.2.15 2003/03/30 13:57:08 oes
917 # Making unsolicited-popups safe for use on <html> tags enclosed in JS strings
919 # Revision 1.11.2.14 2003/03/19 13:17:50 oes
920 # - Added filter "site-specifics" to address site specific problems
921 # - Fixed a small problem in the img-reorder filter
923 # Revision 1.11.2.13 2003/03/18 19:28:59 oes
924 # Fixed a minor problem in the img-reorder filter
926 # Revision 1.11.2.12 2003/03/15 14:06:58 oes
927 # - Assorted refinements, optimizations and fixes in the js-annoyances,
928 # img-reorder, banners-by-size, banners-by-link, webbugs, refresh-tags,
929 # html-annoyances, content-cookies and fun filters
930 # - Replaced filter "popups" by choice between two modes:
931 # - "unsolicited-popups" tries to catch only the unsolicited ones
932 # - "all-popups" tries to kill them all (as before)
933 # - New filter "tiny-textforms" Help those tiny or hard-wrap textareas.
934 # - New filter "jumping-windows" that prevents windows from resizing
935 # and moving themselves
936 # - Replaced "nimda" with more general "ie-exploits" filter in which
937 # all filters for exploits shall be collected
939 # Revision 1.11.2.11 2002/11/12 16:14:43 oes
940 # Exchanged js-annoyance filter against status bar rewrites with improved version by Don Libes
942 # Revision 1.11.2.10 2002/11/11 13:39:47 oes
943 # Make refresh-tags filter work even on incorrect refresh tags like found on usatoday.com
945 # Revision 1.11.2.9 2002/11/08 16:39:17 oes
946 # Made img-reorder more cautious. Fixes bug #632715
948 # Revision 1.11.2.8 2002/10/13 21:56:52 hal9
949 # Adding demoronizer filter. This should include all the common abuses. I have
950 # left a few of the rare cases commented out (never found these in the wild).
952 # Revision 1.11.2.7 2002/09/25 15:09:39 oes
953 # Preserve original quoting style in <img> tags wherever possible. Fixes Bug #605956
955 # Revision 1.11.2.6 2002/08/23 14:12:26 oes
956 # Proofed frameset-borders against "fremaborder=0 border=0"
958 # Revision 1.11.2.5 2002/08/22 15:05:20 oes
959 # Added Filter to make Quicktime movies saveable (thanks to aaron@linville.org for the idea)
961 # Revision 1.11.2.4 2002/08/10 11:32:29 oes
962 # Attribute values in replacement tags of banners-by-size filter now undelimited. (Fixes bug #592493)
964 # Revision 1.11.2.3 2002/08/05 11:43:56 oes
965 # Fixed a bug in the popups filter that was introduced with the last fix :-(
967 # Revision 1.11.2.2 2002/08/01 11:20:13 oes
968 # Fixed bugs 587802, 577802 and an unreported one
970 # Revision 1.11.2.1 2002/07/26 15:18:26 oes
971 # - All filters reviewed and many shorcomings fixed
972 # - New filters: img-reorder, banners-by-link and js-events
973 # - Jobs reorderd because they are now executed in order of
976 # Revision 1.11 2002/05/24 00:57:18 oes
977 # Made WeBugs job ungreedy; Fixes bug 559190
979 # Revision 1.10 2002/04/18 10:14:19 oes
980 # renamed some filters
982 # Revision 1.9 2002/04/11 07:36:35 oes
983 # Generalized js-popup filter
985 # Revision 1.8 2002/04/10 17:07:21 oes
986 # Fixed potentially desctructive jobs, added noflash filter
988 # Revision 1.7 2002/04/09 18:34:51 oes
989 # Fixed HTML syntax in replacements
991 # Revision 1.6 2002/04/03 19:49:52 swa
994 # Revision 1.5 2002/03/27 15:30:26 swa
995 # have a consistent appearance
997 # Revision 1.4 2002/03/26 22:29:54 swa
998 # we have a new homepage!
1000 # Revision 1.3 2002/03/24 16:08:03 jongfoster
1001 # Fixing banners-by-size for new config URLs
1003 # Revision 1.2 2002/03/24 13:02:18 swa
1004 # name change related issues.
1006 # Revision 1.1 2002/03/24 11:37:39 jongfoster
1009 # Revision 1.24 2002/03/16 20:39:54 oes
1010 # - Added descriptions to the filters so users will know what they select in the cgi editor
1011 # - Added content-cookies filter
1012 # - Bugfixed many jobs (Thanks to Al for some hints)
1014 # Revision 1.22 2002/03/12 13:42:50 oes
1015 # Fixing & Optimizing REs
1017 # Revision 1.21 2002/03/12 11:59:20 oes
1018 # Beefed up Buzzword Bingo
1020 # Revision 1.20 2002/03/12 01:42:50 oes
1021 # Introduced modular filters
1023 # Revision 1.19 2002/03/10 19:49:24 oes
1024 # Added expression to kill referer tracking in JavaScripts
1026 # Revision 1.18 2002/03/08 17:14:12 oes
1027 # PNG -> image in comments
1029 # Revision 1.17 2002/03/07 03:50:54 oes
1030 # Adapted comments to new built-in images
1032 # Revision 1.16 2002/02/21 00:12:19 jongfoster
1033 # Modifying the banner regexps to use long URLS and to autodetect
1034 # whether to show a logo or a transparent GIF, based on actionsfile
1037 # Revision 1.15 2001/12/28 23:54:20 steudten
1038 # Fix for feature Req #495374: http-equiv problem
1040 # Revision 1.14 2001/12/09 18:55:11 david__schmidt
1041 # Updated CODE_STATUS to beta, commented out microsuck line in re_filterfile
1044 # Revision 1.13 2001/10/13 13:11:20 joergs
1045 # Fixed WebBug filter.
1047 # Revision 1.12 2001/10/07 15:46:42 oes
1048 # Followed Guy's proposal to change the document.cookie job
1050 # Revision 1.11 2001/09/21 12:34:00 joergs
1051 # Added filter to replace "Nimda" code by a warning.
1053 # Revision 1.10 2001/07/20 11:04:26 oes
1054 # Added Rodneys javascript cookie filter
1056 # Revision 1.9 2001/07/13 14:03:48 oes
1057 # Elimiated yet another bug in the banner-by-size jobs. Shame on me!
1059 # Revision 1.8 2001/06/29 13:34:00 oes
1060 # - Added explanation for U and T options
1061 # - Added hint on image replacement by CGI call
1062 # - Fixed bug in banner-by-size jobs
1064 # Revision 1.7 2001/06/19 14:21:56 oes
1065 # Fixed microsuck line
1067 # Revision 1.6 2001/06/09 14:01:57 swa
1068 # header. cosmetics. default: no messing ala microsuck.