############################################################################# # # Bare-bones actions file for Privoxy pre release testdrive # # For information, see http://www.oesterhelt.org/testdrive # ############################################################################# ###################################################################### # # File : $Source: /cvsroot/ijbswa/current/default.action,v $ # # $Id: default.action,v 1.20 2002/04/21 05:50:10 swa Exp $ # # Purpose : Default actions file, see # http://www.privoxy.org/faq/questions.html#CONFIGFILES # # Copyright : Written by and Copyright # Privoxy team. http://www.privoxy.org/ # # Based on the Internet Junkbuster originally written # by and Copyright (C) 1997 Anonymous Coders and # Junkbusters Corporation. http://www.junkbusters.com # # We value your feedback. However, to provide you with the best support, # please note: # # * Use the support forum to get help: # http://sourceforge.net/tracker/?group_id=11118&atid=211118 # * Submit feedback for this actions file only through our # actions file feedback script: http://www.privoxy.org/actions # * Submit bugs only through our bug forum: # http://sourceforge.net/tracker/?group_id=11118&atid=111118 # Make sure that the bug has not already been submitted. Please try # to verify that it is a Privoxy bug, and not a browser or site # bug first. If you are using your own custom configuration, please # try the stock configs to see if the problem is a configuration # related bug. And if not using the latest development snapshot, # please try the latest one. Or even better, CVS sources. # * Submit feature requests only through our feature request forum: # http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse # # For any other issues, feel free to use the mailing lists: # http://sourceforge.net/mail/?group_id=11118 # # Anyone interested in actively participating in development and related # discussions can join the appropriate mailing list here: # http://sourceforge.net/mail/?group_id=11118. Archives are available # here too. # ############################################################################# # Syntax ############################################################################# # # To determine which actions apply to a request, the URL of the request is # compared to all patterns in this file. Every time it matches, the list of # applicable actions for this URL is incrementally updated. You can trace # this process by visiting http://i.j.b/show-url-info # # There are 4 types of lines in this file: comments (like this line), # actions, aliases and patterns, all of which are explained below. # ############################################################################# # Pattern Syntax ############################################################################# # # 1. On Domains and Paths # ----------------------- # # Generally, a pattern has the form /, where both the # and part are optional. If you only specify a domain part, the "/" # can be left out: # # www.example.com # is a domain-only pattern and will match any request to www.yahoo.com # # www.example.com/ # means exactly the same (but is slightly less efficient) # # www.example.com/index.html # matches only the document /index.html on www.example.com # # /index.html # matches the document /index.html, regardless of the domain # # index.html # matches nothing, since it would be interpreted as a domain name and # there is no top-level domain called ".html". # # 2. Domain Syntax # ---------------- # # The matching of the domain part offers some flexible options: If the # domain starts or ends with a dot, it becomes unanchored at that end: # # www.example.com # matches only www.example.com # # .example.com # matches any domain that ENDS in .example.com # # www. # matches any domain that STARTS with www. # # Additionally, there are wildcards that you can use in the domain names # themselves. They work pretty similar to shell wildcards: "*" stands for # zero or more arbitrary characters, "?" stands for one, and you can define # charachter classes in square brackets and they can be freely mixed: # # ad*.example.com # matches adserver.example.com, ads.example.com, etc but not sfads.example.com # # *ad*.example.com # matches all of the above # # .?pix.com # matches www.ipix.com, pictures.epix.com, a.b.c.d.e.upix.com etc # # www[1-9a-ez].example.com # matches www1.example.com, www4.example.com, wwwd.example.com, # wwwz.example.com etc, but not wwww.example.com # # You get the idea? # # 2. Path Syntax # -------------- # # Paths are specified as regular expressions. A comprehensive discussion of # regular expressions wouldn't fit here, but (FIXME) someone should paste # a concise intro to the regex language here. # # If Privoxy was compiled with pcre support (default), Perl compatible # regular expressions are used. See the pcre/docs/ direcory or man perlre # (also available on http://www.perldoc.com/perl5.6/pod/perlre.html) for # details. # # Please note that matching in the path is CASE INSENSITIVE by default, but # you can switch to case sensitive by starting the pattern with the "(?-i)" # switch: # # www.example.com/(?-i)PaTtErN.* # will match only documents whose path starts with PaTtErN in exactly this # capitalization. # # Partially case-sensetive and partially case-insensitive patterns are # possible, but the rules about splitting them up are extremely complex # - see the PCRE documentation for more information. # ############################################################################# # Action Syntax ############################################################################# # # There are 3 kinds of action: # # Boolean (e.g. "block"): # +name # enable # -name # disable # # Parameterized (e.g. "hide-user-agent"): # +name{param} # enable and set parameter to "param" # -name # disable # # Multi-value (e.g. "add-header", "wafer"): # +name{param} # enable and add parameter "param" # -name{param} # remove the parameter "param" # -name # disable totally # # The default (if you don't specify anything in this file) is not to take # any actions - i.e completely disabled, so Privoxy will just be a # normal, non-blocking, non-anonymizing proxy. You must specifically # enable the privacy and blocking features you need (although the # provided default actions file will do that for you). # # Later actions always override earlier ones. For multi-valued actions, # the actions are applied in the order they are specified. # ############################################################################# # Valid actions are: ############################################################################# # # +add-header{Name: value} # Adds the specified HTTP header, which is not checked for validity. # You may specify this many times to specify many headers. # # +block # Block this URL # # +deanimate-gifs{last} # +deanimate-gifs{first} # Deanimate all animated GIF images, i.e. reduce them to their last # frame. This will also shrink the images considerably. (In bytes, # not pixels!) # If the option "first" is given, the first frame of the animation # is used as the replacement. If "last" is given, the last frame of # the animation is used instead, which propably makes more sense for # most banner animations, but also has the risk of not showing the # entire last frame (if it is only a delta to an earlier frame). # # +downgrade # Downgrade HTTP/1.1 client requests to HTTP/1.0 and downgrade the # responses as well. Use this action for servers that use HTTP/1.1 # protocol features that Privoxy currently can't handle yet. # # +fast-redirects # Many sites, like yahoo.com, don't just link to other sites. # Instead, they will link to some script on their own server, # giving the destination as a parameter, which will then redirect # you to the final target. # # URLs resulting from this scheme typically look like: # http://some.place/some_script?http://some.where-else # # Sometimes, there are even multiple consecutive redirects encoded # in the URL. These redirections via scripts make your web browing # more traceable, since the server from which you follow such a link # can see where you go to. Apart from that, valuable bandwidth and # time is wasted, while your browser aks the server for one redirect # after the other. Plus, it feeds the advertisers. # # The +fast-redirects option enables interception of these requests # by Privoxy, who will cut off all but the last valid URL in the # request and send a local redirect back to your browser without # contacting the intermediate sites. # # +filter{name} # Filter the website through one or more regular expression filters. # Repeat for multiple filters. # # Filters predefined in the supplied re_filterfile include: # # html-annoyances: Get rid of particularly annoying HTML abuse # js-annoyances: Get rid of particularly annoying JavaScript abuse # content-cookies: Kill cookies that come in the HTML or JS content # popups: Kill all popups in JS and HTML # frameset-borders: Give frames a border # webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking) # refresh-tags: Kill automatic refresh tags (for dial-on-demand setups) # fun: Text replacements for subversive browsing fun! # nimda: Remove Nimda (virus) code. # banners-by-size: Kill banners by size (very efficient!) # shockwave-flash: Kill embedded Shockwave Flash objects # crude-parental: Kill all web pages that contain the words "sex" or "warez" # # # +hide-forwarded # Block any existing X-Forwarded-for header, and do not add a new one. # # +hide-from{block} # +hide-from{spam@sittingduck.xqq} # If the browser sends a "From:" header containing your e-mail address, # either completely removes the header ("block"), or change it to the # specified e-mail address. # # +hide-referer{block} # +hide-referer{forge} # +hide-referer{http://nowhere.com} # Don't send the "Referer:" (sic) header to the web site. You can # block it, forge a URL to the same server as the request (which is # preferred because some sites will not send images otherwise) or # set it to a constant string. # # +hide-referrer{...} # Alternative spelling of +hide-referer. Has the same parameters, # and can be freely mixed with, "+hide-referer". ("referrer" is the # correct English spelling, however the HTTP specification has a # bug - it requires it to be spelt "referer"). # # +hide-user-agent{browser-type} # Change the "User-Agent:" header so web servers can't tell your # browser type. (Breaks many web sites). Specify the user-agent # value you want - e.g., to pretend to be using Netscape on Linux: # +hide-user-agent{Mozilla (X11; I; Linux 2.0.32 i586)} # Or to identify yourself explicitly as a Privoxy user: # +hide-user-agent{Privoxy/1.0} # (Don't change the version number from 1.0 - after all, why tell them?) # # +image # Treat this URL as an image. This only matters if it's also "+block"ed, # in which case a "blocked" image can be sent rather than a HTML page. # See +image-blocker{} for the control over what is actually sent. # # +image-blocker{blank} # +image-blocker{pattern} # +image-blocker{} with being any valid image URL # Decides what to do with URLs that end up tagged with {+block +image}. # There are 4 options: # * "-image-blocker" will send a HTML "blocked" page, usually # resulting in a "broken image" icon. # * "+image-blocker{blank}" will send a 1x1 transparent image # * "+image-blocker{pattern}" will send a 4x4 grey/white pattern # which is less intrusive than the logo but easier to recognize # than the transparent one. # * "+image-blocker{}" will send a HTTP temporary redirect # to the specified image URL. # # # +limit-connect{portlist} # The CONNECT methods exists in HTTP to allow access to secure websites # (https:// URLs) through proxies. It works very simply: The proxy # connects to the server on the specified port, and then short-circuits # its connections to the cliant and to the remote proxy. # This can be a big security hole, since CONNECT-enabled proxies can # be abused as TCP relays very easily. # By default, i.e. in the absence of a +limit-connect action, Privoxy # will only allow CONNECT requests to port 443, which is the standard port # for https. # If you want to allow CONNECT for more ports than that, or want to forbid # CONNECT altogether, you can specify a comma separated list of ports and port # ranges (the latter using dashes, with the minimum defaulting to 0 and max to 65K): # # +limit-connect{443} # This is the default and need no be specified. # +limit-connect{80,443} # Ports 80 and 443 are OK. # +limit-connect{-3, 7, 20-100, 500-} # Port less than 3, 7, 20 to 100, and above 500 are OK. # # +no-compression # Prevent the website from compressing the data. Some websites do # that, which is a problem for Privoxy, since +filter, +no-popup # and +gif-deanimate will not work on compressed data. Will slow down # connections to those websites, though. # # +no-cookies-keep # If the website sets cookies, make sure they are erased when you exit # and restart your web browser. This makes profiling cookies useless, # but won't break sites which require cookies so that you can log in # or for transactions. # # +no-cookies-read # Prevent the website from reading cookies # # +no-cookies-set # Prevent the website from setting cookies # # +no-popup # +no-popups # Filter the website through a built-in filter to disable # 1;''.concat() etc. The two alternative spellings are # equivalent. # # +vanilla-wafer # This action only applies if you are using a jarfile. It sends a # cookie to every site stating that you do not accept any copyright # on cookies sent to you, and asking them not to track you. Of # course, this is a (relatively) unique header they could use to # track you. # # +wafer{name=value} # This allows you to add an arbitrary cookie. Specify it multiple # times in order to add several cookies. # ############################################################################# ############################################################################# # Settings -- Don't change. ############################################################################# {{settings}} ############################################################################# for-privoxy-version=3.0 ############################################################################# # Aliases ############################################################################# {{alias}} ############################################################################# # # You can define a short form for a list of permissions - e.g., instead # of "-no-cookies-set -no-cookies-read -filter -fast-redirects", you can # just write "shop". This is called an alias. # # Currently, an alias can contain any character except space, tab, '=', '{' # or '}'. # But please use only 'a'-'z', '0'-'9', '+', and '-'. # # Alias names are not case sensitive. # # Aliases beginning with '+' or '-' may be used for system permission names # in future releases - so try to avoid alias names like this. (e.g. # "+no-cookies" below is not a good name) # # Aliases must be defined before they are used. # # Useful aliases +no-cookies = +no-cookies-set +no-cookies-read -no-cookies = -no-cookies-set -no-cookies-read +imageblock = +block +image # Fragile sites should have the minimum changes fragile = -block -deanimate-gifs -fast-redirects -filter -hide-referer -no-cookies -no-popups # Shops should be allowed to set persistent cookies shop = -filter -no-cookies -no-cookies-keep # Your favourite blend of filters: # myfilters = +filter{html-annoyances} +filter{js-annoyances} +filter{popups}\ +filter{webbugs} +filter{nimda} +filter{banners-by-size} #+filter{fun} #... etc. Customize to your heart's content. ############################################################################# # Defaults ############################################################################# {\ -add-header \ -block \ +deanimate-gifs{last} \ -downgrade \ +filter{html-annoyances} \ +filter{content-cookies} \ +filter{js-annoyances} \ +filter{popups} \ +filter{webbugs} \ +filter{nimda} \ +filter{banners-by-size} \ +hide-forwarded \ +hide-from{block} \ +hide-referer{forge} \ -hide-user-agent \ -image \ +image-blocker{pattern} \ +no-compression \ +no-cookies-keep \ -no-cookies-read \ -no-cookies-set \ +no-popups \ -vanilla-wafer \ -wafer \ } / # Match all URLs ############################################################################# # Needed for automatic feedback evaluation; Please don't delete! ############################################################################# {+add-header{X-Actions-File-Version: 1.2} -filter -no-popups} .privoxy.org/actions .oesterhelt.org/actions ############################################################################# # These sites are very complex and require # minimal interference. ############################################################################# {fragile} .office.microsoft.com .windowsupdate.microsoft.com ############################################################################# # Shopping sites - still want to block ads. ############################################################################# {shop} .quietpc.com .worldpay.com # for quietpc.com .jungle.com .scan.co.uk ############################################################################# # These shops require pop-ups ############################################################################# {shop -no-popups -filter{popups}} .dabs.com .overclockers.co.uk ############################################################################# # Sometimes fast-redirects catches things by mistake ############################################################################# {-fast-redirects} www.ukc.ac.uk/cgi-bin/wac\.cgi\? login.yahoo.com edit.europe.yahoo.com .google.com .altavista.com/.*(like|url|link):http .altavista.com/trans.*urltext=http .speedfind.de .nytimes.com ############################################################################# # Don't filter code! ############################################################################# {-filter} .cvs.sourceforge.net ############################################################################# # Imagelist: ############################################################################# {+image} ############################################################################# /.*\.(gif|jpe?g|png|bmp|ico) ############################################################################# {+imageblock} ############################################################################# #BLOCK-REFERRER: http://www.cnn.com/ #BLOCK-REFERRER: http://www.aol.com/ ar.atwola.com #BLOCK-REFERRER: http://www.altavista.com/ .ad.doubleclick.net .a.yimg.com/(?:(?!/i/).)*$ .a[0-9].yimg.com/(?:(?!/i/).)*$ #BLOCK-REFERRER: bs*.gsanet.com bs*.einets.com #BLOCK-REFERRER: Opera browser built-in .qkimg.net #BLOCK-REFERRER: http://www.tecchannel.de/index.html #BLOCK-REFERRER: and thousands more ad.*.doubleclick.net ############################################################################# # Blocklist: ############################################################################# {+block} ############################################################################# #BLOCK-GENERIC: ad*. .*ads. banner?. count*. /(?:.*/)?(ads(erver?|tream)?|.*?ads|adv(ert(s|enties|is(ing|e?ments)?)?)?|(ad)?[-_]?banner(s|ads?|farm)?)/ /.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?) /(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/ #BLOCK-REFERRER: http://www.brooksbrothers.com #BLOCK-REFERRER: http://www.autodesk.com .hitbox.com ############################################################################# {-block} ############################################################################# include.ebay.com advogato.org adsl. ad[ud]*. advice. .edu .ac.uk .uni-*.de www.ugu.com/sui/ugu/adv .*downloads.