#
# File : $Source: /cvsroot/ijbswa/current/default.filter,v $
#
-# $Id: default.filter,v 1.6 2002/04/03 19:49:52 swa Exp $
+# $Id: default.filter,v 1.32 2006/11/10 18:04:04 fabiankeil Exp $
#
# Purpose : Rules to process the content of web pages
#
-# Copyright : Written by and Copyright
+# Copyright : Written by and Copyright (C) 2001 - 2006 the
# Privoxy team. http://www.privoxy.org/
#
-# Based on the Internet Junkbuster originally written
-# by and Copyright (C) 1997 Anonymous Coders and
-# Junkbusters Corporation. http://www.junkbusters.com
-#
# We value your feedback. However, to provide you with the best support,
# please note:
#
#################################################################################
#
-# html-annoyances: Get rid of particularly annoying HTML abuse
+# js-annoyances: Get rid of particularly annoying JavaScript abuse
#
#################################################################################
-FILTER: html-annoyances Get rid of particularly annoying HTML abuse
+FILTER: js-annoyances Get rid of particularly annoying JavaScript abuse
-# New browser windows (if allowed -- see no-popups filter below) should be
-# resizeable and have a location and status bar
+# Note: Most of these jobs would be safer if restricted to a
+# <script> context as in:
+#
+# s/(<script.*)nasty-item(?=.*<\/script>)/$1replacement/sigU
#
-s/(<a\s+href[^>]+)resizable=['"]?(no|0|false)['"]?(.*>)/$1resizable="1"$3/igU
-s/(<a\s+href[^>]+)location=['"]?(no|0)['"]?(.*>)/$1location="1"$3/igU
-s/(<a\s+href[^>]+)status=['"]?(no|0)['"]?(.*>)/$1status="1"$3/igU
-s/(<a\s+href[^>]+)scrolling=['"]?(no|0|auto)['"]?(.*>)/$1scrolling="no"$3/igU
-s/(<a\s+href[^>]+)menubar=['"]?(no|0)['"]?(.*>)/$1menubar="1"$3/igU
+# but that would make them match only the first occurance of
+# nasty-item in each <script>. We need nestable jobs!
-# The <BLINK> tag was a crime!
+# Get rid of Javascript referrer tracking.
+# Test page: http://www.javascript-page.com/referrer.html
#
-s*<blink>|</blink>**ig
+s|(?:\w+\.)+referrer|"Not Your Business!"|gisU
-# Is this evil?
+# The status bar is for displaying link targets, not pointless blahblah
+#
+s/(\W\s*)((this|window)\.(default)?status)\s*=\s*((['"]).*?(?<!\\)\6)/$1if(typeof(this.href) != 'undefined') $2 = $5 + ' URL: ' + this.href;else return false/ig
+
+# Kill OnUnload popups. Yummy.
+# Test: http://www.zdnet.com/zdsubs/yahoo/tree/yfs.html
+#
+s/(<body\s+[^>]*)onunload/$1never/siU
+s|(<script.*)window\.onunload(?=.*</script>)|$1never|sigU
+
+# If we allow window.open, we want normal window features:
+# Test: http://www.htmlgoodies.com/beyond/notitle.html
#
-#s/margin(height|width)=[0-9]*//gi
-#s/noresize/yesresize/igU
+s/(open\s*\([^\)]+resizable=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+location=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+status=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+scroll(?:ing|bars)=)(["']?)(?:no|0)\2/$1$2auto$2/sigU
+s/(open\s*\([^\)]+menubar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+toolbar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+directories=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+fullscreen=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
+s/(open\s*\([^\)]+always(?:raised|lowered)=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
+s/(open\s*\([^\)]+z-?lock=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
+s/(open\s*\([^\)]+hotkeys=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
+s/(open\s*\([^\)]+titlebar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+always(?:raised|lowered)=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
#################################################################################
#
-# js-annoyances: Get rid of particularly annoying JavaScript abuse
+# js-events: Kill all JS event bindings and timers (Radically destructive! Only for extra nasty sites)
#
#################################################################################
-FILTER: js-annoyances Get rid of particularly annoying JavaScript abuse
+FILTER: js-events Kill all JS event bindings and timers (Radically destructive! Only for extra nasty sites)
+
+s/(on|event\.)((mouse(over|out|down|up|move))|(un)?load|contextmenu|selectstart)/never/ig
+# Not events, but abused on the same type of sites:
+s/(alert|confirm)\s*\(/concat(/ig
+s/settimeout\(/concat(/ig
-# Get rid of Javascript referrer tracking. Test page: http://www.randomoddness.com/untitled.htm
+#################################################################################
+#
+# html-annoyances: Get rid of particularly annoying HTML abuse
#
-s|(<script.*)document\.referrer(.*</script>)|$1"Not Your Business!"$2|Usg
+#################################################################################
+FILTER: html-annoyances Get rid of particularly annoying HTML abuse
-# The status bar is for displaying link targets, not pointless blahblah
+# New browser windows (if allowed -- see no-popups filter below) should be
+# resizeable and have a location and status bar
#
-s/status='.*?';*//ig
+s/(<a\s+href[^>]+resizable=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
+s/(<a\s+href[^>]+location=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
+s/(<a\s+href[^>]+status=)(['"]?)(?:no|0)\2/$1$2yes1$2/igU
+s/(<a\s+href[^>]+scrolling=)(['"]?)(?:no|0)\2/$1$2auto$2/igU
+s/(<a\s+href[^>]+menubar=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
-# Kill OnUnload popups. Yummy. Test: http://www.zdnet.com/zdsubs/yahoo/tree/yfs.html
+# The <BLINK> and <MARQUEE> tags were crimes!
#
-s/(<body .*)onunload(.*>)/$1never$2/iU
+s-</?(blink|marquee).*>--sigU
#################################################################################
#################################################################################
FILTER: content-cookies Kill cookies that come in the HTML or JS content
-# JS cookies, like found on privacy.net:
+# JS cookies, except those used by antiadbuster.com to detect us:
#
-s|(document\.cookie)([ \t\r\n]*=)|documenZapCooky$2|g
+s|(\w+\.)+cookie(?=[ \t\r\n]*=)(?!='aab)|ZappedCookie|ig
# HTML cookies:
#
-s|<meta\s+http-equiv=['"]?set-cookie['"]?\s+content=[^>].*>|<!--no cookies here -->|iUT
+s|<meta\s+http-equiv=['"]?set-cookie.*>|<!-- ZappedCookie -->|igU
+
+
+#################################################################################
+#
+# refresh-tags: Kill automatic refresh tags (for dial-on-demand setups)
+#
+#################################################################################
+FILTER: refresh-tags Kill automatic refresh tags (for dial-on-demand setups)
+
+# Note: Only deactivates refreshes with more than 9 seconds delay to
+# preserve monster-stupid but common redirections via meta tags.
+#
+s/<meta\s+http-equiv\s*=\s*(['"]?)refresh\1\s+content\s*=\s*(['"]?)\d{2,}\s*(;\s*url\s*=\s*([^>\2]*))?\2/<link rev="x-refresh" href="$4"/iU
+
+
+#################################################################################
+#
+# unsolicited-popups: Disable unsolicited pop-up windows
+#
+#################################################################################
+FILTER: unsolicited-popups Disable only unsolicited pop-up windows
+
+s+([^'"]\s*<head.*>)(?=\s*[^'"])+$1<script>function PrivoxyWindowOpen(){return(null);}</script>+isU
+s+([^\w\s.]\s*)((window|this|parent)\.)?open\s*\(+$1PrivoxyWindowOpen(+ig
+s+([^'"]\s*</html>)(?!\s*(\\n|'|"))+$1<script>function PrivoxyWindowOpen(a, b, c){return(window.open(a, b, c));}</script>+iU
##################################################################################
#
-# no-popups: Kill all popups in JS and HTML
+# all-popups: Kill all popups in JavaScript and HTML
#
#################################################################################
-FILTER: no-popups Kill all popups in JS and HTML
+FILTER: all-popups Kill all popups in JavaScript and HTML
+
+s/((\W\s*)(window|this|parent)\.)open\s*\\?\(/$1concat(/ig # JavaScript
+s/\starget\s*=\s*(['"]?)_?(blank|new)\1?/ notarget/ig # HTML
+
+
+##################################################################################
+#
+# img-reorder: Reorder attributes in <img> tags to make the banners-by-* filters more effective
+#
+#################################################################################
+FILTER: img-reorder Reorder attributes in <img> tags to make the banners-by-* filters more effective
+
+# In the first step src is moved to the start, then width is moved to the second
+# place to guarantee an order of src, width, height.
+# This makes banners-by-size more effective and allows both banners-by-size
+# and banners-by-link to preserve the original image URL in the title attribute.
+
+s|<img\s+?([^>]*) src\s*=\s*(['"])([^>\\\2]+)\2|<img src=$2$3$2 $1|siUg
+s|<img\s+?([^>]*) src\s*=\s*([^'">\\\s]+)|<img src=$2 $1|sig
+
+s|<img (src=(?:(['"])[^>\\\\2]*\2\|[^'">\\\s]+?))([^>]*)\s+width\s*=\s*(["']?)(\d+?)\4|<img $1 width=$4$5$4$3|siUg
-s/window\.open\(/1;''\.concat\(/ig # JavaScript
-s/target=['"]?_blank['"]?/target_crunched/ig # HTML
-s/target=['"]?_new['"]?/target_crunched/ig # HTML
#################################################################################
#
-# frameset-borders: Give frames a border and make them resizable
+# banners-by-size: Kill banners by size
#
#################################################################################
-FILTER: frameset-borders Give frames a border and make them resizable
+#
+# Standard banner sizes taken from http://www.iab.net/iab_banner_standards/bannersizes.html
+#
+# Note: Use http://config.privoxy.org/send-banner?type=trans for a transparent 1x1 image
+# Use http://config.privoxy.org/send-banner?type=pattern for a grey/white pattern image
+# Use http://config.privoxy.org/send-banner?type=auto to auto-select.
+#
+# Note2: Use img-reorder before this filter to ensure maximum matching success
+#
+#################################################################################
+FILTER: banners-by-size Kill banners by size
+
+# 88*31
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)88\4)[^>]*?(height=(['"]?)31\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border="0" title=$1Killed-$2-by-size$1 $3 $5>@sig
+# 120*60, 120*90, 120*240, 120*600
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)120\4)[^>]*?(height=(['"]?)(?:600?|90|240)\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border="0" title=$1Killed-$2-by-size$1 $3 $5>@sig
+# 125*125
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)125\4)[^>]*?(height=(['"]?)125\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border="0" title=$1Killed-$2-by-size$1 $3 $5>@sig
+# 160*600
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)160\4)[^>]*?(height=(['"]?)600\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border="0" title=$1Killed-$2-by-size$1 $3 $5>@sig
+# 180*150
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)180\4)[^>]*?(height=(['"]?)150\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border="0" title=$1Killed-$2-by-size$1 $3 $5>@sig
+# 234*60, 468*60 (Most Banners!)
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:234|468)\4)[^>]*?(height=(['"]?)60\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border="0" title=$1Killed-$2-by-size$1 $3 $5>@sig
+# 240*400
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)240\4)[^>]*?(height=(['"]?)400\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border="0" title=$1Killed-$2-by-size$1 $3 $5>@sig
+# 250*250, 300*250
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:250|300)\4)[^>]*?(height=(['"]?)250\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border="0" title=$1Killed-$2-by-size$1 $3 $5>@sig
+# 336*280
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)336\4)[^>]*?(height=(['"]?)280\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border="0" title=$1Killed-$2-by-size$1 $3 $5>@sig
+
+# Note: 200*50 was also proposed, but it probably causes too much collateral damage:
+#
+#s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)200\4)[^>]*?(height=(['"]?)50\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border="0" title=$1Killed-$2-by-size$1 $3 $5>@sig
-s/(<frameset [^>]+)framespacing=['"]?(no|0)['"]?(.*>)/$1$3/igU
-s/(<frameset [^>]+)frameborder=['"]?(no|0)['"]?(.*>)/$1$3/igU
-s/(<frame [^>]+)border=['"]?(no|0)['"]?(.*>)/$1$3/igU
-s/(<frame [^>]+)resizable=['"]?(no|0|false)['"]?(.*>)/$1$3/igU
#################################################################################
#
+# banners-by-link: Kill banners by their links to known clicktrackers (Experimental)
+#
+#################################################################################
+FILTER: banners-by-link Kill banners by their links to known clicktrackers
+
+# Common case with width and height attributes:
+#
+s@<a\s+href\s*=\s*(['"]?)([^>\1\s]*?(?:\
+ adclick # See www.dn.se \
+| atwola\.com/(?:link|redir) # see www.cnn.com \
+| /jump/ # redirs for doublecklick.net ads \
+| tracker | counter # common \
+| adlog\.pl # see sf.net \
+)[^>\1\s]*)\1[^>]*>\s*<img\s+(?:src\s*=\s*(['"]?)([^>\\\3\s]+)\3)?[^>]*((?:width|height)\s*=\s*(['"]?)\d+?\6)[^>]*((?:width|height)\s*=\s*(['"]?)\d+?\8)[^>]*>\
+@<img $5 $7 src=$1http://config.privoxy.org/send-banner?type=auto$1 border="0" title=$1Killed $4 by link to $2$1>@sigx
+
+# Rare case w/o explicit dimensions:
+#
+s@<a\s+href\s*=\s*(['"]?)([^>\1\s]*?(?:adclick|atwola\.com/(?:link|redir)|doubleclick\.net/jump/|tracker|counter|adlog\.pl)[^>\1\s]*)\1[^>]*>\s*<img\s+(?:src\s*=\s*(['"]?)([^>\\\3\s]+)\3)?[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border="0" title=$1Killed $4 by link to $2$1>@sig
+
+
+################################################################################
+#
# webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
#
#################################################################################
FILTER: webbugs Squish WebBugs (1x1 invisible GIFs used for user tracking)
-s/<img\s+[^>]*?(width|height)\s*=\s*['"]?1\D[^>]*?(width|height)\s*=\s*['"]?1(\D[^>]*?)?>/<!-- Squished WebBug -->/sig
+s@<img[^>]*\s(?:width|height)\s*=\s*['"]?[01](?=\D)[^>]*\s(?:width|height)\s*=\s*['"]?[01](?=\D)[^>]*?>@@siUg
+
+
+#################################################################################
+#
+# tiny-textforms: Extend those tiny textareas up to 40x80 and kill the hard wrap
+#
+#################################################################################
+FILTER: tiny-textforms Extend those tiny textareas up to 40x80 and kill the hard wrap
+
+s/(<textarea[^>]*?)(?:\s*(?:rows|cols)=(['"]?)\d+\2)+/$1 rows=$2\40$2 cols=$2\80$2/ig
+s/(<textarea[^>]*?)wrap=(['"]?)hard\2/$1/ig
#################################################################################
#
-# no-refresh: Kill automatic refresh tags (for dial-on-demand setups)
+# jumping-windows: Prevent windows from resizing and moving themselves
#
#################################################################################
-FILTER: no-refresh Kill automatic refresh tags (for dial-on-demand setups)
+FILTER: jumping-windows Prevent windows from resizing and moving themselves
-s/<meta\s+http-equiv=['"]?refresh['"]?\s+content=['"]?[0-9]*;\s+url=([^>]*)['"]?>/<link rev="x-refresh" href=$1>/iU
-s/<meta\s+http-equiv=['"]?page-enter['"]?\s+content=[^>].*>/<!--no page enter for me-->/iU
+s/(?<=[\W])(?:window|this|self)\.(?:move|resize)(?:to|by)\(/''.concat(/ig
+
+#################################################################################
+#
+# frameset-borders: Give frames a border, make them resizable and scrollable
+#
+#################################################################################
+FILTER: frameset-borders Give frames a border and make them resizable
+
+s/(<frameset\s+[^>]*)framespacing=(['"]?)(no|0)\2/$1/igU
+s/(<frameset\s+[^>]*)frameborder=(['"]?)(no|0)\2/$1/igU
+s/(<frameset\s+[^>]*)border=(['"]?)(no|0)\2/$1/igU
+s/(<frame\s+[^>]*)noresize/$1/igU
+s/(<frame\s+[^>]*)frameborder=(['"]?)(no|0)\2/$1/igU
+s/(<frame\s+[^>]*)scrolling=(['"]?)(no|0)\2/$1/igU
+
+
+
+#################################################################################
+#
+# demoronizer: Correct Microsoft's abuse of standardized character sets, which
+# leave the browser to (mis)-interpret unknown characters, with
+# sometimes bizarre results on non-MS platforms.
+#
+# credit: ripped from the demoroniser.pl script by:
+# John Walker -- January 1998, http://www.fourmilab.ch/webtools/demoroniser
+#
+#################################################################################
+FILTER: demoronizer Fix MS's non-standard use of standard charsets
+
+s/(&\#[0-2]\d\d)\s/$1; /g
+# per Robert Lynch: http://slate.msn.com//?id=2067547, just a guess.
+# Must come before x94 below.
+s/\xE2\x80\x94/ -- /g
+s/\x82/,/g
+#s-\x83-<em>f</em>-g
+s/\x84/,,/g
+s/\x85/.../g
+#s/\x88/^/g
+#s-\x89- °/°°-g
+s/\x8B/</g
+s/\x8C/Oe/g
+s/\x91/`/g
+s/\x92/'/g
+s/(\x93|\x94)/"/g
+# Bullet type character.
+s/\x95/·/g
+s/\x96/-/g
+s/\x97/--/g
+#s-\x98-<sup>~</sup>-g
+#s-\x99-<sup>TM</sup>-g
+# per Robert Lynch.
+s/\x9B/>/g # 155
+
+
+#################################################################################
+#
+# shockwave-flash: Kill embedded Shockwave Flash objects
+# Note: Better just block "/.*\.swf$"!
+#
+#################################################################################
+FILTER: shockwave-flash Kill embedded Shockwave Flash objects
+
+s|<object [^>]*macromedia.*</object>|<!-- Squished Shockwave Object -->|sigU
+s|<embed [^>]*(application/x-shockwave-flash\|\.swf).*>(.*</embed>)?|<!-- Squished Shockwave Flash Embed -->|sigU
+
+
+#################################################################################
+#
+# quicktime-kioskmode: Make Quicktime movies saveable
+#
+#################################################################################
+FILTER: quicktime-kioskmode Make Quicktime movies saveable
+
+s/(<embed\s+[^>]*)kioskmode\s*=\s*(["']?)true\2/$1/ig
#################################################################################
#################################################################################
FILTER: fun Text replacements for subversive browsing fun!
-s/microsoft(?!.com)/MicroSuck/ig
+# SCNR
+#
+s/microsoft(?!.[^\s])/MicroSuck/ig
-# Buzzword Bingo (example for extended syntax)
+# Buzzword Bingo (example for extended regex syntax)
#
-s* industry[ -]leading \
+s* (?:industry|world)[ -]leading \
| cutting[ -]edge \
+| customer[ -]focused \
+| market[ -]driven \
| award[ -]winning # Comments are OK, too! \
| high[ -]performance \
| solutions[ -]based \
| unmatched \
| unparalleled \
| unrivalled \
-*<font color="red"><b>BINGO!</b></font> \
+*$0<sup><font color="red"><b>Bingo!</b></font></sup> \
*igx
+# For Germans only
+#
+s/(M|m)edien(?![^<]*>)/$1ädchen/Ug
+
+#################################################################################
+#
+# crude-parental: Crude parental filtering? (Use along with a suitable blocklist).
+# Shows how to deny access to whole page based on a keyword.
+#
+#################################################################################
+FILTER: crude-parental Crude parental filtering (demo only)
+
+# (Note: Middlesex, Sussex and Essex are counties in the UK, not rude words)
+# (Note #2: Is 'sex' a rude word?!)
+
+s%^.*(?<!middle)(?<!sus)(?<!es)sex.*$%<html><head><title>Blocked</title></head><body><h3>Blocked due to possible adult content. Please see <a href="http://dmoz.org/Kids_and_Teens/">this site</a>.</h3></body></html>%is
+s+^.*warez.*$+<html><head><title>No Warez</title></head><body><h3>You're not searching for illegal stuff, are you?</h3></body></html>+is
+
#################################################################################
#
-# nimda: Remove Nimda (virus) code
+# IE-Exploits: Disable some known Internet Explorer bug exploits
#
#################################################################################
-FILTER: nimda Remove Nimda (virus) code
+FILTER: ie-exploits Disable some known Internet Explorer bug exploits
+
+# Note: This is basically a demo and waits for someone more interested in IE
+# security (sic!) to take over.
+
+# Cross-site-scripting:
+#
+s%f\("javascript:location.replace\('mk:@MSITStore:C:'\)"\);%alert\("This page looks like it tries to use a vulnerability described here:\n http://online.securityfocus.com/archive/1/298748/2002-11-02/2002-11-08/2"\);%siU
+# Address bar spoofing (http://www.secunia.com/advisories/10395/):
+#
+s/(<a[^>]*href[^>]*)(?:\x01|\x02|\x03|%0[012])@/$1MALICIOUS-LINK@/ig
+
+# Nimda:
+#
s%<script language="JavaScript">(window\.open|1;''\.concat)\("readme\.eml", null, "resizable=no,top=6000,left=6000"\)</script>%<br><font size="7"> WARNING: This Server is infected with <a href="http://www.cert.org/advisories/CA-2001-26.html">Nimda</a>!</font>%g
#################################################################################
#
-# banners-by-size: Kill banners by size
+#
+# site-specifics: Cure for site-specific problems. Don't apply generally!
+#
+# Note: The fixes contained here are so specific to the problems of the
+# particular web sites they are designed for that they would be a
+# waste of CPU cycles (or even destructive!) on 99.9% of the web
+# sites where they don't apply.
#
#################################################################################
+FILTER: site-specifics Cure for site-specific problems. Don't apply generally!
+
+# www.spiegel.de excludes X11 users from viewing Flash5 objects - shame.
+# Apply to: www.spiegel.de/static/js/flash-plugin.js
#
-# Standard banner sizes taken from http://www.iab.net/iab_banner_standards/bannersizes.html
+s/indexOf\("x11"\)/indexOf("x13")/
+
+# www.quelle-bausparkasse.de uses a very stupid redirect mechanism that
+# relies on a webbug being present. Can we tolerate that? No!
+# Apply to: www.quelle-bausparkasse.de/$
#
-# Note: Use http://config.privoxy.org/send-banner?type=trans for a transparent 1x1 image
-# Use http://config.privoxy.org/send-banner?type=pattern for a grey/white pattern image
-# Use http://config.privoxy.org/send-banner?type=auto to auto-select.
+s/mylogfunc()//g
+
+# groups.yahoo.com has splash pages that one needs to click through in
+# order to access the actual messages. Let the browser do that. Thanks
+# to Paul Jobson for this one:
+#
+s|<a href="(.+?)">(?:Continue to message\|Weiter zu Nachricht)</a>|<meta http-equiv="refresh" content="0; URL=$1">|ig
+
+# monster.com has two very similar gimmicks:
+#
+s|<input type="hidden" name="REDIRECT" value="(.+?)">|<meta http-equiv="refresh" content="0; URL=$1">|i
+
+s|<IMG SRC="http://media.monster.com/mm/usen/my/no_thanks_211x40.gif".+?>|<meta http-equiv="refresh" content="0; URL=http://my.monster.com/resume.asp">|i
+
+# nytimes.com triggers popups through the onload handler of dummy images
+# to fool popup-blockers.
+#
+s|(<img [^>]*)onload|$1never|sig
+
+# Pre-check all the "Discard" buttons in GNU Mailman's web interface.
+# (This saves a lot of mouse aiming practice when flushing spamtraps)
#
+s|(<INPUT name="\d{2,4}" type="RADIO" value="0") CHECKED |$1|g
+s|<INPUT name="\d{2,4}" type="RADIO" value="3" |$0 checked|g
+
#################################################################################
-FILTER: banners-by-size Kill banners by size
+#
+# no-ping: Removes non-standard ping attributes in <a> and <area> tags.
+#
+#################################################################################
+FILTER: no-ping Removes non-standard ping attributes in <a> and <area> tags.
+s@(<a(?:rea)?[^>]*?)\sping=(['"]?)([^"'>]+)\2([>\s]?)@\
+<strong style="color:white; background-color:red;" title="Privoxy removed ping target '$3'">PING!</strong>\n$1$4@ig
+
+#################################################################################
+#
+# google: CSS-based block for Google text ads. Also removes
+# a width limitation and the toolbar advertisement.
+#
+#################################################################################
+FILTER: google CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.
+s@</head>@<style type="text/css">\n\
+ /* Style sheet inserted by Privoxy's google filter. */\n\
+ \#fbc, \#fbl, \#ra, .rhh {visibility: hidden !important;}\n\
+ \#tpa1,\#tpa2,\#tpa3,\#tpa4,\#tpa5,\#tpa5, \#spl, .ch, \#ads,\
+ \#toolbar, \#google_ads_frame{display: none !important;}\n\
+ .main_body, .j {width: 100%}\n</style>\n$0@
+s@<div style=\"padding-top:11px;min-width:500px\">@<div id="main_body">@
+s@(<table cellspacing=0 cellpadding=0 width=25% align=right bgcolor=\#ffffff border=0\
+|</font></td></tr></tbody></table><table align=\"right\" bgcolor=\"\#ffffff\"\
+|<table cellspacing=0 cellpadding=0 align=right bgcolor=\#ffffff border=0\
+|<table style=\"clear:both\" align=right width=25% cellspacing=\"0\" cellpadding=\"0\"\
+ border=\"0\" bgcolor=\"\#ffffff\")@$0 id="ads"@
+s@(<br clear=all><table)( border=0 cellpadding=9><tr><td)@$1 id="toolbar"$2@
-s|<img\s+[^>]*?(width=['"]?468\D)[^>]*(height=['"]?60[^>]*?)>|<img src="http://config.privoxy.org/send-banner?type=auto" $1 $2>|sig
-s|<img\s+[^>]*?(width=['"]?234\D)[^>]*(height=['"]?60[^>]*?)>|<img src="http://config.privoxy.org/send-banner?type=auto" $1 $2>|sig
-s|<img\s+[^>]*?(width=['"]?88\D)[^>]*(height=['"]?31[^>]*?)>|<img src="http://config.privoxy.org/send-banner?type=auto" $1 $2>|sig
-s|<img\s+[^>]*?(width=['"]?120\D)[^>]*(height=['"]?90[^>]*?)>|<img src="http://config.privoxy.org/send-banner?type=auto" $1 $2>|sig
-s|<img\s+[^>]*?(width=['"]?120\D)[^>]*(height=['"]?600[^>]*?)>|<img src="http://config.privoxy.org/send-banner?type=auto" $1 $2>|sig
-s|<img\s+[^>]*?(width=['"]?120\D)[^>]*(height=['"]?60[^>]*?)>|<img src="http://config.privoxy.org/send-banner?type=auto" $1 $2>|sig
-s|<img\s+[^>]*?(width=['"]?160\D)[^>]*(height=['"]?600[^>]*?)>|<img src="http://config.privoxy.org/send-banner?type=auto" $1 $2>|sig
-s|<img\s+[^>]*?(width=['"]?125\D)[^>]*(height=['"]?125[^>]*?)>|<img src="http://config.privoxy.org/send-banner?type=auto" $1 $2>|sig
-s|<img\s+[^>]*?(width=['"]?120\D)[^>]*(height=['"]?240[^>]*?)>|<img src="http://config.privoxy.org/send-banner?type=auto" $1 $2>|sig
-s|<img\s+[^>]*?(width=['"]?180\D)[^>]*(height=['"]?150[^>]*?)>|<img src="http://config.privoxy.org/send-banner?type=auto" $1 $2>|sig
-s|<img\s+[^>]*?(width=['"]?300\D)[^>]*(height=['"]?250[^>]*?)>|<img src="http://config.privoxy.org/send-banner?type=auto" $1 $2>|sig
-s|<img\s+[^>]*?(width=['"]?250\D)[^>]*(height=['"]?250[^>]*?)>|<img src="http://config.privoxy.org/send-banner?type=auto" $1 $2>|sig
-s|<img\s+[^>]*?(width=['"]?240\D)[^>]*(height=['"]?400[^>]*?)>|<img src="http://config.privoxy.org/send-banner?type=auto" $1 $2>|sig
-s|<img\s+[^>]*?(width=['"]?336\D)[^>]*(height=['"]?280[^>]*?)>|<img src="http://config.privoxy.org/send-banner?type=auto" $1 $2>|sig
+#################################################################################
+#
+# yahoo: CSS-based block for Yahoo text ads. Also removes a width limitation.
+#
+#################################################################################
+FILTER: yahoo CSS-based block for Yahoo text ads. Also removes a width limitation.
+s@</head>@\n<style type="text/css">\n\
+ /* Style sheet inserted by Privoxy's yahoo filter. */\n\
+ \#symadbn, \#ymadbn, .yschbox, \#yschsec, .yschhd, \#yschanswr, .yschftad,\
+ .yschspn, .yschspns, \#ygrp-sponsored-links {display: none !important;}\n\
+ \#yschpri, \#yschweb {width: 100% !important; max-width: 100% !important;}\n\
+ \#yschqcon, \#yschtg {width: auto !important; /* No useless horizontal scrollbar please */}\n\
+</style>\n$0@
-# One more. (Where is 200x50 from?)
+#################################################################################
#
-s|<img\s+[^>]*?(width=['"]?200\D)[^>]*(height=['"]?50[^>]*?)>|<img src="http://config.privoxy.org/send-banner?type=auto" $1 $2>|sig
+# msn: CSS-based block for MSN text ads. Also removes tracking URLs
+# and a width limitation.
+#
+#################################################################################
+FILTER: msn CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.
+s@</head>@<style type="text/css">\n\
+ /* Style sheet inserted by Privoxy's msn filter. */\n\
+ .msn_ads {display: none !important;}\n\
+ \#results, .flank, .results_area_flank, .results_area_stroke, .SearchSection .not\
+ {width: 99% /*!important*/; min-width: 99% !important;\
+ max-width: 100% !important; /* width:100% sometimes causes horizontal scrollbars */}\n\
+ /* Make continue links harder to miss */\n\
+ \#pagination_bottom a {padding: .3em .5em .3em .5em; border: 1px solid \#e6e6e6;}\n\
+ \#pagination_bottom li, \#pagination_bottom li .selected, li .nextPage \
+ {margin: 0 !important; cursor: auto; border: none; padding:.1em;}\n\
+ \#pagination_bottom li .prevPage {padding-right: 1.5em !important;}\n\
+ \#pagination_bottom li .selected {border: none;}\n\
+ .selected a {background-color: \#d2eaf6; border: 1px solid \#b7d8ee;}\n\
+ /* Remove "suggestions". They are next to worthless but partly overlap with the search results */\n\
+ .suggestion, \#nys_right {clear: both; display:none;}\n\
+ </style>\n$0@
+s@(<div[^>]*) id=(["']?)ads_[^\2]*\2@$1 class="msn_ads"@Uig
+s@(<a[^>]*href=\")http://g.msn.com/.*\?(http://.*)(&&DI=.*)(\")@$1$2$4@Ug
+s@(<a[^>]*)gping=\".*\"@$1 title="URL cleaned up by Privoxy's msn filter"@Ug
+#################################################################################
+#
+# blogspot: Cleans up some Blogspot blogs. Read the fine print before using this.
+#
+# This filter also intentionally removes some navigation stuff and
+# sets the page width to 100%. As a result, some rounded "corners" would
+# appear to early or not at all and as fixing this would require a browser
+# that understands background-size (CSS3), they are removed instead.
+#
+#################################################################################
+FILTER: blogspot Cleans up some Blogspot blogs. Read the fine print before using this.
+s@</head>@<style type="text/css">\n\
+ /* Style sheet inserted by Privoxy's blogspot filter. */\n\
+ \#powered-by {display: none !important;}\n\
+ \#wrap4, \#wrapper {margin-top: 0px }\n\
+ \#blogheader, \#header {margin-top: 0.5em !important}\n\
+ \#content {width: 98% }\n\
+ \#main {width: 70% }\n\
+ \#sidebar {width: 29% }\n\
+ .post-body {overflow: auto;}\n\
+ .blogComments {width: 100%; overflow: auto;}\n</style>\n$0@
+s@<body.*(?:<div id="space-for-ie"></div>|(<div id="(?:content|wrap4|wrapper)))@<body>\
+ <!-- Privoxy's blogspot filter ditched some garbage here -->$1@Us
+s@(<div style=\"[^\"]*width:)30em@$1 100%@
+s@background:url\(\"http://www.blogblog.com/rounders[^\"]*\"\).*;@/*$0*/@Ug
+s@(background:\#[a-f\d]{3})( url\(\"http://www.blogblog.com/rounders[^\"]*\"\).*;)@$1 ;/*$2*/@Ug
#################################################################################
#
-# crude-parental: Crude parental filtering? (Use along with a suitable blocklist).
-# Shows how to deny access to whole page based on a keyword.
+# x-httpd-php-to-html: Header filter to change the Content-Type from
+# x-httpd-php to html. "Content-Type: x-httpd-php"
+# is set by clueless PHP users and causes many
+# browsers do open a download menu instead of
+# rendering the page.
#
+#################################################################################
+FILTER: x-httpd-php-to-html Header filter to change the Content-Type from x-httpd-php to html.
+s@^(Content-Type:) application/x-httpd-php@$1 text/html@
+
#################################################################################
#
-# (Note: Middlesex, Sussex and Essex are counties in the UK, not rude words)
-# (Note #2: Is 'sex' a rude word?!)
+# html-to-xml: Header filter to change the Content-Type from html to xml.
#
#################################################################################
-FILTER: crude-parental Crude parental filtering (demo only)
+FILTER: html-to-xml Header filter to change the Content-Type from html to xml.
+s@^(Content-Type:) text/html(;.*)?$@$1 application/xhtml+xml$2@
+
+#################################################################################
+#
+# xml-to-html: Header filter to change the Content-Type from xml to html.
+#
+#################################################################################
+FILTER: xml-to-html Header filter to change the Content-Type from xml to html.
+s@^(Content-Type:) (?:application|text)/(?:xhtml\+)?xml(;.*)?$@$1 text/html$2@
+
+#################################################################################
+#
+# hide-tor-exit-notation: Header filter to remove the Tor exit node notation
+# in Host and Referer headers.
+#
+# Note: If Privoxy and Tor are chained and Privoxy is configured to
+# use socks4a, one can use http://www.example.org.foobar.exit/
+# to access the host www.example.org through Tor exit node foobar.
+#
+# As the HTTP client isn't aware of this notation, it treats the
+# whole string "www.example.org.foobar.exit" as host and uses it
+# for the "Host" and "Referer" headers. From the server's point of
+# view the resulting headers are invalid and can cause problems.
+#
+# An invalid "Referer" header can trigger "hot-linking" protections,
+# an invalid "Host" header will make it impossible for the server to
+# find the right vhost (several domains hosted on the same IP address).
+#
+# This filter removes the "foo.exit" part in those headers
+# to prevent the mentioned problems. Note that it only modifies
+# the HTTP headers, it doesn't make it impossible for the server
+# to detect your Tor exit node based on the IP address the request is
+# coming from.
+#
+#################################################################################
+FILTER: hide-tor-exit-notation Header filter to remove the Tor exit node notation in Host and Referer headers.
+s@^((?:Referer|Host):\s*(?:https?://)?[^/]*)\.[^\./]*?\.exit@$1@i
-s%^.*(?<!middle)(?<!sus)(?<!es)sex.*$%<html><head><title>Blocked</title></head><body><h3>Blocked due to possible adult content. Please see <a href="http://dmoz.org/Kids_and_Teens/">this site</a>.</h3></body></html>%is
-s+^.*warez.*$+<html><head><title>No Warez</title></head><body><h3>You're not searching for illegal stuff, are you?</h3></body></html>+is
##############################################################################
#
# Revisions :
# $Log: default.filter,v $
+# Revision 1.32 2006/11/10 18:04:04 fabiankeil
+# Have no-ping print the ping warning in red.
+#
+# Modified yahoo to keep in sync with recent
+# CSS changes and to suppress a useless horizontal
+# scrollbar.
+#
+# msn now makes sure that the continue-link boxes
+# act as links (the original CSS just changes the cursor).
+#
+# Changed fun filter regex to leave microsoft links alone.
+# Fixes BR 1019996.
+#
+# Revision 1.31 2006/10/21 13:12:28 fabiankeil
+# Added no-ping and hide-tor-exit-notation.
+#
+# Adjusted jumping-windows to break less.
+# Fixes BR 1146134.
+#
+# Revision 1.30 2006/10/18 12:36:50 fabiankeil
+# google filter now cleans Google groups as well.
+#
+# Revision 1.29 2006/10/11 14:03:17 fabiankeil
+# Changed img-reorder regex to only move width
+# attributes if they are following at least one
+# whitespace. Fixes BR 1328455.
+#
+# Revision 1.28 2006/10/11 13:31:13 fabiankeil
+# Added Anduin Withers' js-annoyances fix
+# for not messing up escaped quotes. Fixes BR 999765.
+#
+# Improved blogspot filter to make it less likely that
+# the blogspot banner at the top of the page is missed.
+#
+# Revision 1.27 2006/10/08 17:00:51 fabiankeil
+# Modified webbugs filter to create a comment around the offending
+# image instead of removing it entirely.
+#
+# Adjusted regex to only match if there's at least one whitespace
+# before the width and height attributes. Makes it more likely that
+# they are indeed attributes, and not part of the value of another attribute.
+# Solves BR 1035587.
+#
+# Thanks to Martin Thomas for diagnosing the cause of the problem.
+#
+# Revision 1.26 2006/10/06 18:06:16 fabiankeil
+# Added header filter x-httpd-php-to-html
+# and reverted another img-reorder whitespace
+# problem.
+#
+# Revision 1.25 2006/10/06 15:26:09 fabiankeil
+# Bumped copyright year.
+#
+# Reverted parts of the last img-reorder change
+# which were intended to remove superfluous whitespace
+# but had the side effect to mess up some tags.
+#
+# Modified banners-by-size and banners-by-link to
+# use border value "0" instead of "\0". Fixes BR 1100065.
+#
+# Revision 1.24 2006/10/06 11:25:31 fabiankeil
+# Taught img-reorder not to break img tags
+# with empty src attributes. Fixes BR 1089474.
+# Thanks to Raphael Moll for reporting.
+#
+# Revision 1.23 2006/10/05 14:46:28 fabiankeil
+# Replaced "<" in img-reorder's description with "<".
+#
+# Modified msn filter to tag ads with classes instead
+# of ids. There may be more than one ad per page,
+# but ids are required to be unique.
+#
+# Revision 1.22 2006/10/04 19:17:14 fabiankeil
+# Incorportated Frédéric Crozat's ie-exploits
+# modification to make it less trigger-happy.
+#
+# Modified blogspot filter to make .post-body
+# scrollable if necessary.
+#
+# Revision 1.21 2006/10/02 16:21:14 fabiankeil
+# Adjusted yahoo filter to hide .yschspns as well.
+# Added header filters: html-to-xml and xml-to-html.
+#
+# Revision 1.20 2006/10/01 21:00:22 fabiankeil
+# New site-specific filters: google, yahoo, msn and blogspot.
+#
+# Revision 1.19 2006/07/18 14:48:45 david__schmidt
+# Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+# with what was really the latest development (the v_3_0_branch branch)
+#
+# Revision 1.11.2.23 2004/02/17 13:34:01 oes
+# - Beefed up the protection of the unsolicited-popups
+# filter against matching in JavaScript string constants.
+# - Extended the fun filter with a German joke
+# - Extended the site-specifics filter with a convenience
+# reeplacement for managing mailing lists at SourceForge
+#
+# Revision 1.11.2.22 2004/01/30 15:29:29 oes
+# Updated the copyright note
+#
+# Revision 1.11.2.21 2004/01/20 15:15:01 oes
+# Detail enhancement in all-popups
+#
+# Revision 1.11.2.20 2004/01/06 16:46:14 oes
+# Fixed a JS syntax problem in jumping-windows
+#
+# Revision 1.11.2.19 2003/12/17 17:09:25 oes
+# Added remedy against IE address bar spoofing
+#
+# Revision 1.11.2.18 2003/12/02 11:25:27 oes
+# Fixed a line trashed in previous commit
+#
+# Revision 1.11.2.17 2003/12/01 21:58:46 oes
+# Assorted tuning:
+#
+# - unsolicited-popups no longer matches at start or end of quoted
+# strings, and is now activated earlier and deactivated later in
+# the page.
+# - replacement images in banners-by-* now without border
+# - more effective shockwave flash flattening
+# - Custom annoyance filtering for Yahoo Groups, Monster.com, NY Times.
+#
+# Revision 1.11.2.16 2003/05/08 09:44:56 oes
+# Allow extra parameters in blink,marquee tags. Fixes bug #734012
+#
+# Revision 1.11.2.15 2003/03/30 13:57:08 oes
+# Making unsolicited-popups safe for use on <html> tags enclosed in JS strings
+#
+# Revision 1.11.2.14 2003/03/19 13:17:50 oes
+# - Added filter "site-specifics" to address site specific problems
+# - Fixed a small problem in the img-reorder filter
+#
+# Revision 1.11.2.13 2003/03/18 19:28:59 oes
+# Fixed a minor problem in the img-reorder filter
+#
+# Revision 1.11.2.12 2003/03/15 14:06:58 oes
+# - Assorted refinements, optimizations and fixes in the js-annoyances,
+# img-reorder, banners-by-size, banners-by-link, webbugs, refresh-tags,
+# html-annoyances, content-cookies and fun filters
+# - Replaced filter "popups" by choice between two modes:
+# - "unsolicited-popups" tries to catch only the unsolicited ones
+# - "all-popups" tries to kill them all (as before)
+# - New filter "tiny-textforms" Help those tiny or hard-wrap textareas.
+# - New filter "jumping-windows" that prevents windows from resizing
+# and moving themselves
+# - Replaced "nimda" with more general "ie-exploits" filter in which
+# all filters for exploits shall be collected
+#
+# Revision 1.11.2.11 2002/11/12 16:14:43 oes
+# Exchanged js-annoyance filter against status bar rewrites with improved version by Don Libes
+#
+# Revision 1.11.2.10 2002/11/11 13:39:47 oes
+# Make refresh-tags filter work even on incorrect refresh tags like found on usatoday.com
+#
+# Revision 1.11.2.9 2002/11/08 16:39:17 oes
+# Made img-reorder more cautious. Fixes bug #632715
+#
+# Revision 1.11.2.8 2002/10/13 21:56:52 hal9
+# Adding demoronizer filter. This should include all the common abuses. I have
+# left a few of the rare cases commented out (never found these in the wild).
+#
+# Revision 1.11.2.7 2002/09/25 15:09:39 oes
+# Preserve original quoting style in <img> tags wherever possible. Fixes Bug #605956
+#
+# Revision 1.11.2.6 2002/08/23 14:12:26 oes
+# Proofed frameset-borders against "fremaborder=0 border=0"
+#
+# Revision 1.11.2.5 2002/08/22 15:05:20 oes
+# Added Filter to make Quicktime movies saveable (thanks to aaron@linville.org for the idea)
+#
+# Revision 1.11.2.4 2002/08/10 11:32:29 oes
+# Attribute values in replacement tags of banners-by-size filter now undelimited. (Fixes bug #592493)
+#
+# Revision 1.11.2.3 2002/08/05 11:43:56 oes
+# Fixed a bug in the popups filter that was introduced with the last fix :-(
+#
+# Revision 1.11.2.2 2002/08/01 11:20:13 oes
+# Fixed bugs 587802, 577802 and an unreported one
+#
+# Revision 1.11.2.1 2002/07/26 15:18:26 oes
+# - All filters reviewed and many shorcomings fixed
+# - New filters: img-reorder, banners-by-link and js-events
+# - Jobs reorderd because they are now executed in order of
+# appearance
+#
+# Revision 1.11 2002/05/24 00:57:18 oes
+# Made WeBugs job ungreedy; Fixes bug 559190
+#
+# Revision 1.10 2002/04/18 10:14:19 oes
+# renamed some filters
+#
+# Revision 1.9 2002/04/11 07:36:35 oes
+# Generalized js-popup filter
+#
+# Revision 1.8 2002/04/10 17:07:21 oes
+# Fixed potentially desctructive jobs, added noflash filter
+#
+# Revision 1.7 2002/04/09 18:34:51 oes
+# Fixed HTML syntax in replacements
+#
# Revision 1.6 2002/04/03 19:49:52 swa
# name change
#
#
#
#
+
+