+######################################################################
+#
+# File : $Source: /cvsroot/ijbswa/current/default.action,v $
+#
+# $Id: default.action,v 1.28 2002/05/14 21:29:19 oes Exp $
+#
+# Purpose : Default actions file, see
+# http://www.privoxy.org/faq/questions.html#CONFIGFILES
+#
+# Copyright : Written by and Copyright
+# Privoxy team. http://www.privoxy.org/
+#
+# Based on the Internet Junkbuster originally written
+# by and Copyright (C) 1997 Anonymous Coders and
+# Junkbusters Corporation. http://www.junkbusters.com
+#
+# We value your feedback. However, to provide you with the best support,
+# please note:
+#
+# * Use the support forum to get help:
+# http://sourceforge.net/tracker/?group_id=11118&atid=211118
+# * Submit feedback for this actions file only through our
+# actions file feedback script: http://www.privoxy.org/actions
+# * Submit bugs only through our bug forum:
+# http://sourceforge.net/tracker/?group_id=11118&atid=111118
+# Make sure that the bug has not already been submitted. Please try
+# to verify that it is a Privoxy bug, and not a browser or site
+# bug first. If you are using your own custom configuration, please
+# try the stock configs to see if the problem is a configuration
+# related bug. And if not using the latest development snapshot,
+# please try the latest one. Or even better, CVS sources.
+# * Submit feature requests only through our feature request forum:
+# http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse
+#
+# For any other issues, feel free to use the mailing lists:
+# http://sourceforge.net/mail/?group_id=11118
+#
+# Anyone interested in actively participating in development and related
+# discussions can join the appropriate mailing list here:
+# http://sourceforge.net/mail/?group_id=11118. Archives are available
+# here too.
+#
#############################################################################
+# Syntax
+#############################################################################
+#
+# To determine which actions apply to a request, the URL of the request is
+# compared to all patterns in this file. Every time it matches, the list of
+# applicable actions for this URL is incrementally updated. You can trace
+# this process by visiting http://i.j.b/show-url-info
+#
+# There are 4 types of lines in this file: comments (like this line),
+# actions, aliases and patterns, all of which are explained below.
+#
+#############################################################################
+# Pattern Syntax
+#############################################################################
+#
+# 1. On Domains and Paths
+# -----------------------
+#
+# Generally, a pattern has the form <domain>/<path>, where both the <domain>
+# and <path> part are optional. If you only specify a domain part, the "/"
+# can be left out:
+#
+# www.example.com
+# is a domain-only pattern and will match any request to www.yahoo.com
+#
+# www.example.com/
+# means exactly the same (but is slightly less efficient)
+#
+# www.example.com/index.html
+# matches only the document /index.html on www.example.com
+#
+# /index.html
+# matches the document /index.html, regardless of the domain
+#
+# index.html
+# matches nothing, since it would be interpreted as a domain name and
+# there is no top-level domain called ".html".
+#
+# 2. Domain Syntax
+# ----------------
+#
+# The matching of the domain part offers some flexible options: If the
+# domain starts or ends with a dot, it becomes unanchored at that end:
+#
+# www.example.com
+# matches only www.example.com
+#
+# .example.com
+# matches any domain that ENDS in .example.com
+#
+# www.
+# matches any domain that STARTS with www.
+#
+# Additionally, there are wildcards that you can use in the domain names
+# themselves. They work pretty similar to shell wildcards: "*" stands for
+# zero or more arbitrary characters, "?" stands for one, and you can define
+# charachter classes in square brackets and they can be freely mixed:
+#
+# ad*.example.com
+# matches adserver.example.com, ads.example.com, etc but not sfads.example.com
+#
+# *ad*.example.com
+# matches all of the above
+#
+# .?pix.com
+# matches www.ipix.com, pictures.epix.com, a.b.c.d.e.upix.com etc
+#
+# www[1-9a-ez].example.com
+# matches www1.example.com, www4.example.com, wwwd.example.com,
+# wwwz.example.com etc, but not wwww.example.com
+#
+# You get the idea?
+#
+# 2. Path Syntax
+# --------------
+#
+# Paths are specified as regular expressions. A comprehensive discussion of
+# regular expressions wouldn't fit here, but (FIXME) someone should paste
+# a concise intro to the regex language here.
+#
+# If Privoxy was compiled with pcre support (default), Perl compatible
+# regular expressions are used. See the pcre/docs/ direcory or man perlre
+# (also available on http://www.perldoc.com/perl5.6/pod/perlre.html) for
+# details.
+#
+# Please note that matching in the path is CASE INSENSITIVE by default, but
+# you can switch to case sensitive by starting the pattern with the "(?-i)"
+# switch:
+#
+# www.example.com/(?-i)PaTtErN.*
+# will match only documents whose path starts with PaTtErN in exactly this
+# capitalization.
+#
+# Partially case-sensetive and partially case-insensitive patterns are
+# possible, but the rules about splitting them up are extremely complex
+# - see the PCRE documentation for more information.
+#
+#############################################################################
+# Action Syntax
+#############################################################################
+#
+# There are 3 kinds of action:
+#
+# Boolean (e.g. "block"):
+# +name # enable
+# -name # disable
+#
+# Parameterized (e.g. "hide-user-agent"):
+# +name{param} # enable and set parameter to "param"
+# -name # disable
+#
+# Multi-value (e.g. "add-header", "send-wafer"):
+# +name{param} # enable and add parameter "param"
+# -name{param} # remove the parameter "param"
+# -name # disable totally
+#
+# The default (if you don't specify anything in this file) is not to take
+# any actions - i.e completely disabled, so Privoxy will just be a
+# normal, non-blocking, non-anonymizing proxy. You must specifically
+# enable the privacy and blocking features you need (although the
+# provided default actions file will do that for you).
+#
+# Later actions always override earlier ones. For multi-valued actions,
+# the actions are applied in the order they are specified.
+#
+#############################################################################
+# Valid actions are:
+#############################################################################
+#
+# +add-header{Name: value}
+# Adds the specified HTTP header, which is not checked for validity.
+# You may specify this many times to specify many headers.
+#
+# +block
+# Block this URL
+#
+# +deanimate-gifs{last}
+# +deanimate-gifs{first}
+# Deanimate all animated GIF images, i.e. reduce them to their last
+# frame. This will also shrink the images considerably. (In bytes,
+# not pixels!)
+# If the option "first" is given, the first frame of the animation
+# is used as the replacement. If "last" is given, the last frame of
+# the animation is used instead, which propably makes more sense for
+# most banner animations, but also has the risk of not showing the
+# entire last frame (if it is only a delta to an earlier frame).
+#
+# +downgrade-http-version
+# Downgrade HTTP/1.1 client requests to HTTP/1.0 and downgrade the
+# responses as well. Use this action for servers that use HTTP/1.1
+# protocol features that Privoxy currently can't handle yet.
+#
+# +fast-redirects
+# Many sites, like yahoo.com, don't just link to other sites.
+# Instead, they will link to some script on their own server,
+# giving the destination as a parameter, which will then redirect
+# you to the final target.
+#
+# URLs resulting from this scheme typically look like:
+# http://some.place/some_script?http://some.where-else
+#
+# Sometimes, there are even multiple consecutive redirects encoded
+# in the URL. These redirections via scripts make your web browing
+# more traceable, since the server from which you follow such a link
+# can see where you go to. Apart from that, valuable bandwidth and
+# time is wasted, while your browser aks the server for one redirect
+# after the other. Plus, it feeds the advertisers.
+#
+# The +fast-redirects option enables interception of these requests
+# by Privoxy, who will cut off all but the last valid URL in the
+# request and send a local redirect back to your browser without
+# contacting the intermediate sites.
+#
+# +filter{name}
+# Filter the website through one or more regular expression filters.
+# Repeat for multiple filters.
+#
+# Filters predefined in the supplied re_filterfile include:
+#
+# html-annoyances: Get rid of particularly annoying HTML abuse
+# js-annoyances: Get rid of particularly annoying JavaScript abuse
+# content-cookies: Kill cookies that come in the HTML or JS content
+# popups: Kill all popups in JS and HTML
+# frameset-borders: Give frames a border
+# webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
+# refresh-tags: Kill automatic refresh tags (for dial-on-demand setups)
+# fun: Text replacements for subversive browsing fun!
+# nimda: Remove Nimda (virus) code.
+# banners-by-size: Kill banners by size (very efficient!)
+# shockwave-flash: Kill embedded Shockwave Flash objects
+# crude-parental: Kill all web pages that contain the words "sex" or "warez"
+#
+#
+# +hide-forwarded-for-headers
+# Block any existing X-Forwarded-for header, and do not add a new one.
#
-# Bare-bones actions file for Privoxy pre release testdrive
+# +hide-from-header{block}
+# +hide-from-header{spam@sittingduck.xqq}
+# If the browser sends a "From:" header containing your e-mail address,
+# either completely removes the header ("block"), or change it to the
+# specified e-mail address.
#
-# For information, see http://www.oesterhelt.org/testdrive
+# +hide-referer{block}
+# +hide-referer{forge}
+# +hide-referer{http://nowhere.com}
+# Don't send the "Referer:" (sic) header to the web site. You can
+# block it, forge a URL to the same server as the request (which is
+# preferred because some sites will not send images otherwise) or
+# set it to a constant string.
#
+# +hide-referrer{...}
+# Alternative spelling of +hide-referer. Has the same parameters,
+# and can be freely mixed with, "+hide-referer". ("referrer" is the
+# correct English spelling, however the HTTP specification has a
+# bug - it requires it to be spelt "referer").
+#
+# +hide-user-agent{browser-type}
+# Change the "User-Agent:" header so web servers can't tell your
+# browser type. (Breaks many web sites). Specify the user-agent
+# value you want - e.g., to pretend to be using Netscape on Linux:
+# +hide-user-agent{Mozilla (X11; I; Linux 2.0.32 i586)}
+# Or to identify yourself explicitly as a Privoxy user:
+# +hide-user-agent{Privoxy/1.0}
+# (Don't change the version number from 1.0 - after all, why tell them?)
+#
+# +handle-as-image
+# Treat this URL as an image. This only matters if it's also "+block"ed,
+# in which case a "blocked" image can be sent rather than a HTML page.
+# See +set-image-blocker{} for the control over what is actually sent.
+#
+# +set-image-blocker{blank}
+# +set-image-blocker{pattern}
+# +set-image-blocker{<URL>} with <url> being any valid image URL
+# Decides what to do with URLs that end up tagged with {+block +handle-as-image}.
+# There are 4 options:
+# * "-set-image-blocker" will send a HTML "blocked" page, usually
+# resulting in a "broken image" icon.
+# * "+set-image-blocker{blank}" will send a 1x1 transparent image
+# * "+set-image-blocker{pattern}" will send a 4x4 grey/white pattern
+# which is less intrusive than the logo but easier to recognize
+# than the transparent one.
+# * "+set-image-blocker{<URL>}" will send a HTTP temporary redirect
+# to the specified image URL.
+#
+#
+# +limit-connect{portlist}
+# The CONNECT methods exists in HTTP to allow access to secure websites
+# (https:// URLs) through proxies. It works very simply: The proxy
+# connects to the server on the specified port, and then short-circuits
+# its connections to the cliant and to the remote proxy.
+# This can be a big security hole, since CONNECT-enabled proxies can
+# be abused as TCP relays very easily.
+# By default, i.e. in the absence of a +limit-connect action, Privoxy
+# will only allow CONNECT requests to port 443, which is the standard port
+# for https.
+# If you want to allow CONNECT for more ports than that, or want to forbid
+# CONNECT altogether, you can specify a comma separated list of ports and port
+# ranges (the latter using dashes, with the minimum defaulting to 0 and max to 65K):
+#
+# +limit-connect{443} # This is the default and need no be specified.
+# +limit-connect{80,443} # Ports 80 and 443 are OK.
+# +limit-connect{-3, 7, 20-100, 500-} # Port less than 3, 7, 20 to 100, and above 500 are OK.
+#
+# +prevent-compression
+# Prevent the website from compressing the data. Some websites do
+# that, which is a problem for Privoxy, since +filter, +kill-popups
+# and +gif-deanimate will not work on compressed data. Will slow down
+# connections to those websites, though.
+#
+# +prevent-keeping-cookies
+# +session-cookies-only
+# If the website sets cookies, make sure they are erased when you exit
+# and restart your web browser. This makes profiling cookies useless,
+# but won't break sites which require cookies so that you can log in
+# or for transactions.
+#
+# +crunch-outgoing-cookies
+# Prevent the website from reading cookies
+#
+# +crunch-incoming-cookies
+# Prevent the website from setting cookies
+#
+# +kill-popups
+# Filter the website through a built-in filter to disable
+# 1;''.concat() etc. The two alternative spellings are
+# equivalent.
+#
+# +send-vanilla-wafer
+# This action only applies if you are using a jarfile. It sends a
+# cookie to every site stating that you do not accept any copyright
+# on cookies sent to you, and asking them not to track you. Of
+# course, this is a (relatively) unique header they could use to
+# track you.
+#
+# +send-wafer{name=value}
+# This allows you to add an arbitrary cookie. Specify it multiple
+# times in order to add several cookies.
+#
+#############################################################################
+
+#############################################################################
+# Settings -- Don't change.
+#############################################################################
+{{settings}}
+#############################################################################
+for-privoxy-version=3.0
+
+#############################################################################
+# Aliases
#############################################################################
{{alias}}
+#############################################################################
+#
+# You can define a short form for a list of permissions - e.g., instead
+# of "-crunch-incoming-cookies -crunch-outgoing-cookies -filter -fast-redirects",
+# you can just write "shop". This is called an alias.
+#
+# Currently, an alias can contain any character except space, tab, '=', '{'
+# or '}'.
+# But please use only 'a'-'z', '0'-'9', '+', and '-'.
+#
+# Alias names are not case sensitive.
+#
+# Aliases beginning with '+' or '-' may be used for system permission names
+# in future releases - so try to avoid alias names like this. (e.g.
+# "+crunch-all-cookies" below is not a good name)
+#
+# Aliases must be defined before they are used.
+#
+
# Useful aliases
-+imageblock = +block +image
++crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
+-crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
++imageblock = +block +handle-as-image
# Fragile sites should have the minimum changes
-fragile = -block -deanimate-gifs -fast-redirects -filter -hide-referer -no-cookies-keep -no-popups
+fragile = -block -deanimate-gifs -fast-redirects -filter -hide-referer -crunch-all-cookies -kill-popups
# Shops should be allowed to set persistent cookies
-shop = -filter -no-cookies-keep
+shop = -filter -crunch-all-cookies -prevent-keeping-cookies
+# Your favourite blend of filters:
+#
+myfilters = +filter{html-annoyances} +filter{js-annoyances} +filter{popups}\
+ +filter{webbugs} +filter{nimda} +filter{banners-by-size} #+filter{fun}
+#... etc. Customize to your heart's content.
#############################################################################
# Defaults
#############################################################################
-{\
--add-header \
--block \
-+deanimate-gifs{last} \
--downgrade \
-+filter{html-annoyances} \
-+filter{content-cookies} \
-+filter{js-annoyances} \
-+filter{no-popups} \
-+filter{webbugs} \
-+filter{nimda} \
-+filter{banners-by-size} \
-+no-compression \
-+hide-forwarded \
-+hide-from{block} \
-+hide-referer{forge} \
--hide-user-agent \
--image \
-+image-blocker{pattern} \
-+no-cookies-keep \
--no-cookies-read \
--no-cookies-set \
-+no-popups \
--vanilla-wafer \
--wafer \
+{-add-header \
+ -block \
+ -crunch-incoming-cookies \
+ -crunch-outgoing-cookies \
+ +deanimate-gifs{last} \
+ -downgrade-http-version \
+ -fast-redirects \
+ -filter{popups} \
+ -filter{fun} \
+ -filter{shockwave-flash} \
+ -filter{crude-prental} \
+ +filter{html-annoyances} \
+ +filter{js-annoyances} \
+ +filter{content-cookies} \
+ +filter{webbugs} \
+ +filter{refresh-tags} \
+ +filter{nimda} \
+ +filter{banners-by-size} \
+ -handle-as-image \
+ +hide-forwarded-for-headers \
+ +hide-from-header{block} \
+ +hide-referer{forge} \
+ -hide-user-agent \
+ -kill-popups \
+ -limit-connect \
+ +prevent-compression \
+ -send-vanilla-wafer \
+ -send-wafer \
+ +session-cookies-only \
+ +set-image-blocker{pattern} \
}
/ # Match all URLs
#############################################################################
# Needed for automatic feedback evaluation; Please don't delete!
#############################################################################
-{+add-header{X-Actions-File-Version: 1.1} -filter -no-popups}
-.privoxy.org/actions
+{+add-header{X-Actions-File-Version: 1.2} -filter -kill-popups}
+.privoxy.org
.oesterhelt.org/actions
#############################################################################
# These shops require pop-ups
#############################################################################
-{shop -no-popups -filter{no-poups}}
+{shop -no-popups -filter{popups}}
.dabs.com
.overclockers.co.uk
.cvs.sourceforge.net
#############################################################################
-# Imagelist:
+# These are images:
#############################################################################
-{+image}
+{+handle-as-image}
#############################################################################
-/.*\.(gif|jpe?g|png|bmp|ico)
+/.*\.(gif|jpe?g|png|bmp|ico)$
#############################################################################
{+imageblock}
#BLOCK-REFERRER: http://www.aol.com/
ar.atwola.com
+#BLOCK-REFERRER: http://www.altavista.com/
+.ad.doubleclick.net
+
+.a.yimg.com/(?:(?!/i/).)*$
+.a[0-9].yimg.com/(?:(?!/i/).)*$
+
#BLOCK-REFERRER:
bs*.gsanet.com
bs*.einets.com
.uni-*.de
www.ugu.com/sui/ugu/adv
.*downloads.
+# So many download pages being blocked
+/downloads/
+# adv for globalintersec means advanced, not advertisement
+www.globalintersec.com/adv
+# We all want weather forecast to work
+banners.wunderground.com/banner/gizmotemp/
+
+{+downgrade-http-version}
+linuxdailynews.net
+.linuxandmain.com
+.ofb.biz
+