+# Sample default.action file <developers@privoxy.org>
+
+# Settings -- Don't change! For internal Privoxy use ONLY.
+{{settings}}
+for-privoxy-version=3.0
+
+
+##########################################################################
+# <ulink url="actions-file.html#ALIASES">Aliases</ulink> must be defined *before* they are used. These are
+# easier to remember, and can combine several actions into one. Once
+# defined they can be used just like any built-in action -- but within
+# this file only! Aliases do not require a + or - sign.
+##########################################################################
+
+# Some useful aliases.
+# Alias to turn off cookie handling, ie allow all cookies unmolested.
+ -prevent-cookies = -prevent-setting-cookies -prevent-reading-cookies \
+ -session-cookies-only
+
+# Alias to both block and treat as if an image for ad blocking
+# purposes.
+ +imageblock = +block +handle-as-image
+
+# Fragile sites should have the minimum changes:
+ fragile = -block -deanimate-gifs -fast-redirects -filter -hide-referer \
+ -prevent-cookies -kill-popups
+
+# Shops should be allowed to set persistent cookies
+ shop = -filter -prevent-cookies -session-cookies-only
+
+
+##########################################################################
+# Begin default action settings. Anything in this section will match
+# all URLs -- UNLESS we have exceptions that also match, defined below this
+# section. We will show all potential actions here whether they are on
+# or off. We could omit any disabled action if we wanted, since all
+# actions are 'off' by default anyway. Shown for completeness only.
+# Actions are enabled if preceded by a '+', otherwise they are disabled
+# (unless an alias has been defined without this).
+##########################################################################
+ { \
+ <ulink url="actions-file.html#ADD-HEADER">-add-header</ulink> \
+ <ulink url="actions-file.html#BLOCK">-block</ulink> \
+ <ulink url="actions-file.html#DEANIMATE-GIFS">-deanimate-gifs</ulink> \
+ <ulink url="actions-file.html#DOWNGRADE-HTTP-VERSION">-downgrade-http-version</ulink> \
+ <ulink url="actions-file.html#FAST-REDIRECTS">+fast-redirects</ulink> \
+ <ulink url="actions-file.html#FILTER-HTML-ANNOYANCES">+filter{html-annoyances}</ulink> \
+ <ulink url="actions-file.html#FILTER-JS-ANNOYANCES">+filter{js-annoyances}</ulink> \
+ <ulink url="actions-file.html#FILTER-CONTENT-COOKIES">-filter{content-cookies}</ulink> \
+ <ulink url="actions-file.html#FILTER-POPUPS">-filter{popups}</ulink> \
+ <ulink url="actions-file.html#FILTER-WEBBUGS">+filter{webbugs}</ulink> \
+ <ulink url="actions-file.html#FILTER-REFRESH-TAGS">-filter{refresh-tags}</ulink> \
+ <ulink url="actions-file.html#FILTER-FUN">-filter{fun}</ulink> \
+ <ulink url="actions-file.html#FILTER-NIMDA">+filter{nimda}</ulink> \
+ <ulink url="actions-file.html#FILTER-BANNERS-BY-SIZE">+filter{banners-by-size}</ulink> \
+ <ulink url="actions-file.html#FILTER-SHOCKWAVE-FLASH">-filter{shockwave-flash}</ulink> \
+ <ulink url="actions-file.html#FILTER-CRUDE-PARENTAL">-filter{crude-prental}</ulink> \
+ <ulink url="actions-file.html#HIDE-FORWARDED-FOR-HEADERS">+hide-forwarded-for-headers</ulink> \
+ <ulink url="actions-file.html#HIDE-FROM-HEADER">+hide-from-header{block}</ulink> \
+ <ulink url="actions-file.html#HIDE-REFERER">-hide-referrer</ulink> \
+ <ulink url="actions-file.html#HIDE-USER-AGENT">-hide-user-agent</ulink> \
+ <ulink url="actions-file.html#HANDLE-AS-IMAGE">-handle-as-image</ulink> \
+ <ulink url="actions-file.html#SET-IMAGE-BLOCKER">+set-image-blocker{pattern}</ulink> \
+ <ulink url="actions-file.html#LIMIT-CONNECT">-limit-connect</ulink> \
+ <ulink url="actions-file.html#PREVENT-COMPRESSION">+prevent-compression</ulink> \
+ <ulink url="actions-file.html#SESSION-COOKIES-ONLY">-session-cookies-only</ulink> \
+ <ulink url="actions-file.html#PREVENT-READING-COOKIES">-prevent-reading-cookies</ulink> \
+ <ulink url="actions-file.html#PREVENT-SETTING-COOKIES">-prevent-setting-cookies</ulink> \
+ <ulink url="actions-file.html#KILL-POPUPS">-kill-popups</ulink> \
+ <ulink url="actions-file.html#SEND-VANILLA-WAFER">-send-vanilla-wafer</ulink> \
+ <ulink url="actions-file.html#SEND-WAFER">-send-wafer</ulink> \
+ }
+ / # forward slash will match *all* potential URL patterns.
+
+##########################################################################
+# Default behavior is now set. Now we will define some exceptions to our
+# default action policies.
+##########################################################################
+
+# These sites are very complex and require very minimal interference.
+# We'll disable most actions with our 'fragile' alias:
+ { fragile }
+ .office.microsoft.com # surprise, surprise!
+ .windowsupdate.microsoft.com
+
+
+# Shopping sites - not as fragile but require some special
+# handling. We still want to block ads, and we will allow
+# persistant cookies via the 'shop' alias:
+ { shop }
+ .quietpc.com
+ .worldpay.com # for quietpc.com
+ .jungle.com
+ .scan.co.uk
+
+
+# These sites require pop-ups too :( We'll combine our 'shop'
+# alias with two other actions into one rule to allow all popups.
+ { shop <ulink url="actions-file.html#KILL-POPUPS">-kill-popups</ulink> <ulink url="actions-file.html#FILTER-POPUPS">-filter{popups}</ulink> }
+ .dabs.com
+ .overclockers.co.uk
+
+
+# The 'Fast-redirects' action breaks some sites. Disable this action
+# for these known sensitive sites:
+ { <ulink url="actions-file.html#FAST-REDIRECTS">-fast-redirects</ulink> }
+ login.yahoo.com
+ edit.europe.yahoo.com
+ .google.com
+ .altavista.com/.*(like|url|link):http
+ .altavista.com/trans.*urltext=http
+ .nytimes.com
+
+
+# Define which file types will be treated as images. Important
+# for ad blocking.
+ { <ulink url="actions-file.html#HANDLE-AS-IMAGE">+handle-as-image</ulink> }
+ /.*\.(gif|jpe?g|png|bmp|ico)
+
+
+# Now lets list some domains that are known ad generators. And
+# our alias that we use here will block these as well as force
+# them to be treated as images. This combination of actions is
+# important for ad blocking. What the browser will show instead is
+# determined by the setting of <ulink url="actions-file.html#SET-IMAGE-BLOCKER"><quote>+set-image-blocker</quote></ulink>
+ { +imageblock }
+ ar.atwola.com
+ .ad.doubleclick.net
+ .a.yimg.com/(?:(?!/i/).)*$
+ .a[0-9].yimg.com/(?:(?!/i/).)*$
+ bs*.gsanet.com
+ bs*.einets.com
+ .qkimg.net
+ ad.*.doubleclick.net
+
+
+# These will just simply be blocked. They will generate the BLOCKED
+# banner page, if matched. Heavy use of wildcards and regular
+# expressions in this example. Enable block action:
+ { <ulink url="actions-file.html#BLOCK">+block</ulink> }
+ ad*.
+ .*ads.
+ banner?.
+ count*.
+ /.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?)
+ /(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/
+ .hitbox.com
+
+
+# The above block section will probably inadvertantly catch some
+# sites we DO NOT want blocked via the wildcards and regular expressions.
+# Now let's set exceptions to the exceptions so the good guys get better
+# treatment. Disable block action:
+ { <ulink url="actions-file.html#BLOCK">-block</ulink> }
+ advogato.org
+ adsl.
+ ad[ud]*.
+ advice.
+# Let's just trust all .edu top level domains.
+ .edu
+ www.ugu.com/sui/ugu/adv
+# We'll need to access to path names containing 'download'
+ .*downloads.
+ /downloads/
+# 'adv' is for globalintersec and means advanced, not advertisement
+ www.globalintersec.com/adv
+
+
+# Don't filter *anything* from our friends at sourceforge.
+# Notice we don't have to name the individual filter
+# identifiers -- we just turn them all off in one fell swoop.
+# Disable all filters for this one site:
+ { <ulink url="actions-file.html#FILTER">-filter</ulink> }
+ .sourceforge.net
+ </literallayout>
+ </msgtext>
+ </literal>
+</para>
+
+<para>
+ So far we are painting with a broad brush by setting general policies.
+ The above would be a reasonable starting point for many situations. Now,
+ we want to be more specific and have customized rules that are more suitable
+ to our personal habits and preferences. These would be for narrowly defined
+ situations like your ISP or your bank, and should be placed in
+ <filename>user.action</filename>, which is parsed after all other
+ actions files and should not be clobbered by upgrades. So any settings here,
+ will have the last word and over-ride any previously defined actions.
+</para>
+
+<para>
+ Now a few examples of some things that one might do with a
+ <filename>user.action</filename> file.
+</para>
+
+<!-- brief sample user.action here -->
+
+<para>
+ <literal>
+ <msgtext>
+ <literallayout>
+# Sample user.action file.
+
+# Any aliases you want to use need to be re-defined here.
+# Alias to turn off cookie handling, ie allow all cookies unmolested.
+ -prevent-cookies = -prevent-setting-cookies -prevent-reading-cookies \
+ -session-cookies-only
+
+# Fragile sites should have the minimum changes:
+ fragile = -block -deanimate-gifs -fast-redirects -filter -hide-referer \
+ -prevent-cookies -kill-popups
+
+# Allow persistent cookies for a few regular sites that we
+# trust via our above alias. These will be saved from one browser session
+# to the next. We are explicity turning off any and all cookie handling,
+# even though the prevent-*-cookie settings were disabled in our above
+# default.action anyway. So cookies from these domains will come through
+# unmolested.
+ { -prevent-cookies }