-# ********************************************************************
-#
-# File : $Source: /cvsroot/ijbswa/current/default.filter,v $
-#
-# $Id: default.filter,v 1.23 2006/10/05 14:46:28 fabiankeil Exp $
+#################################################################################
+#
+# File : default.filter
#
# Purpose : Rules to process the content of web pages
-#
-# Copyright : Written by and Copyright (C) 2001 - 2004 the
-# Privoxy team. http://www.privoxy.org/
-#
-# We value your feedback. However, to provide you with the best support,
-# please note:
-#
-# * Use the support forum to get help:
-# http://sourceforge.net/tracker/?group_id=11118&atid=211118
-# * Submit bugs only thru our bug forum:
-# http://sourceforge.net/tracker/?group_id=11118&atid=111118
-# Make sure that the bug has not already been submitted. Please try
-# to verify that it is a Privoxy bug, and not a browser or site
-# bug first. If you are using your own custom configuration, please
-# try the stock configs to see if the problem is a configuration
-# related bug. And if not using the latest development snapshot,
-# please try the latest one. Or even better, CVS sources.
-# * Submit feature requests only thru our feature request forum:
-# http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse
-#
-# For any other issues, feel free to use the mailing lists:
-# http://sourceforge.net/mail/?group_id=11118
-#
-# Anyone interested in actively participating in development and related
-# discussions can join the appropriate mailing list here:
-# http://sourceforge.net/mail/?group_id=11118. Archives are available
-# here too.
-#
+#
+# Copyright : Written by and Copyright (C) 2001-2020 the
+# Privoxy team. https://www.privoxy.org/
+#
+# This program is free software; you can redistribute it
+# and/or modify it under the terms of the GNU General
+# Public License as published by the Free Software
+# Foundation; either version 2 of the License, or (at
+# your option) any later version.
+#
+# This program is distributed in the hope that it will
+# be useful, but WITHOUT ANY WARRANTY; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE. See the GNU General Public
+# License for more details.
+#
+# The GNU General Public License should be included with
+# this file. If not, you can view it at
+# http://www.gnu.org/copyleft/gpl.html
+# or write to the Free Software Foundation, Inc., 59
+# Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
#################################################################################
#
# Syntax:
#
-# Filters start with a line "FILTER: name description". They are then referrable
-# from the actionsfile with +filter{name}
+# Generally filters start with a line like "FILTER: name description".
+# They are then referrable from the actionsfile with +filter{name}
+#
+# FILTER marks a filter as content filter, other filter
+# types are CLIENT-HEADER-FILTER, CLIENT-HEADER-TAGGER,
+# SERVER-HEADER-FILTER and SERVER-HEADER-TAGGER.
#
# Inside the filters, write one Perl-Style substitution (job) per line.
# Jobs that precede the first FILTER: line are ignored.
# For Details see the pcrs manpage contained in this distribution.
# (and the perlre, perlop and pcre manpages)
#
-# Note that you are free to choose the delimter as you see fit.
+# Note that you are free to choose the delimiter as you see fit.
#
-# Note2: In addidion to the Perl options gimsx, the following nonstandard
+# Note2: In addition to the Perl options gimsx, the following nonstandard
# options are supported:
-#
+#
# 'U' turns the default to ungreedy matching. Add ? to quantifiers to
# switch back to greedy.
+#
# 'T' (trivial) prevents parsing for backreferences in the substitute.
# Use if you want to include text like '$&' in your substitute without
# quoting.
-#
+#
+# 'D' (Dynamic) allows the use of variables. Supported variables are:
+# $host, $listen-address, $origin (the IP address the request came
+# from), $path and $url.
+#
+# Note that '$' is a bad choice as delimiter for dynamic filters as you
+# might end up with unintended variables if you use a variable name
+# directly after the delimiter. Variables will be resolved without
+# escaping anything, therefore you also have to be careful not to chose
+# delimiters that appear in the replacement text. For example '<' should
+# be save, while '?' will sooner or later cause conflicts with $url.
+#
#################################################################################
#################################################################################
#
-# js-annoyances: Get rid of particularly annoying JavaScript abuse
+# js-annoyances: Get rid of particularly annoying JavaScript abuse.
#
#################################################################################
-FILTER: js-annoyances Get rid of particularly annoying JavaScript abuse
+FILTER: js-annoyances Get rid of particularly annoying JavaScript abuse.
# Note: Most of these jobs would be safer if restricted to a
# <script> context as in:
#
# s/(<script.*)nasty-item(?=.*<\/script>)/$1replacement/sigU
#
-# but that would make them match only the first occurance of
+# but that would make them match only the first occurrence of
# nasty-item in each <script>. We need nestable jobs!
-# Get rid of Javascript referrer tracking.
+# Get rid of Javascript referrer tracking.
# Test page: http://www.javascript-page.com/referrer.html
#
-s|(?:\w+\.)+referrer|"Not Your Business!"|gisU
+s|(?:\w+\.)+referrer|false.toString()|gisU
# The status bar is for displaying link targets, not pointless blahblah
-#
-s/(\W\s*)((this|window)\.(default)?status)\s*=\s*((['"]).*?\6)/$1if(typeof(this.href) != 'undefined') $2 = $5 + ' URL: ' + this.href;else return false/ig
+#
+s@([\W]\s*)((?:this|window)\.(?:default)?status)\s*=\s*((['"]).*?\4)@$1$2 =\
+ (typeof(this.href) != 'undefined')?($3 + ' URL: ' + this.href):($2)@ig
+
+s/(?:(?:this|window)\.(?:default)?status)\s*=\s*\w*\s*;//ig
# Kill OnUnload popups. Yummy.
# Test: http://www.zdnet.com/zdsubs/yahoo/tree/yfs.html
s/(<body\s+[^>]*)onunload/$1never/siU
s|(<script.*)window\.onunload(?=.*</script>)|$1never|sigU
-# If we allow window.open, we want normal window features:
+# If we allow window.open, we want normal window features:
# Test: http://www.htmlgoodies.com/beyond/notitle.html
#
s/(open\s*\([^\)]+resizable=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
-s/(open\s*\([^\)]+location=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
-s/(open\s*\([^\)]+status=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
-s/(open\s*\([^\)]+scroll(?:ing|bars)=)(["']?)(?:no|0)\2/$1$2auto$2/sigU
-s/(open\s*\([^\)]+menubar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
-s/(open\s*\([^\)]+toolbar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
-s/(open\s*\([^\)]+directories=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+location=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+status=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+scroll(?:ing|bars)=)(["']?)(?:no|0)\2/$1$2auto$2/sigU
+s/(open\s*\([^\)]+menubar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+toolbar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+directories=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
s/(open\s*\([^\)]+fullscreen=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
s/(open\s*\([^\)]+always(?:raised|lowered)=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
s/(open\s*\([^\)]+z-?lock=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
#################################################################################
#
-# js-events: Kill all JS event bindings and timers (Radically destructive! Only for extra nasty sites)
+# js-events: Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).
#
#################################################################################
-FILTER: js-events Kill all JS event bindings and timers (Radically destructive! Only for extra nasty sites)
+FILTER: js-events Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).
s/(on|event\.)((mouse(over|out|down|up|move))|(un)?load|contextmenu|selectstart)/never/ig
# Not events, but abused on the same type of sites:
s/(alert|confirm)\s*\(/concat(/ig
-s/settimeout\(/concat(/ig
+s/set(timeout|interval)\(/concat(/ig
#################################################################################
#
-# html-annoyances: Get rid of particularly annoying HTML abuse
+# html-annoyances: Get rid of particularly annoying HTML abuse.
#
#################################################################################
-FILTER: html-annoyances Get rid of particularly annoying HTML abuse
+FILTER: html-annoyances Get rid of particularly annoying HTML abuse.
# New browser windows (if allowed -- see no-popups filter below) should be
# resizeable and have a location and status bar
#
-s/(<a\s+href[^>]+resizable=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
-s/(<a\s+href[^>]+location=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
-s/(<a\s+href[^>]+status=)(['"]?)(?:no|0)\2/$1$2yes1$2/igU
+s/(<a\s+href[^>]+resizable=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
+s/(<a\s+href[^>]+location=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
+s/(<a\s+href[^>]+status=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
s/(<a\s+href[^>]+scrolling=)(['"]?)(?:no|0)\2/$1$2auto$2/igU
s/(<a\s+href[^>]+menubar=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
#################################################################################
#
-# content-cookies: Kill cookies that come in the HTML or JS content
+# content-cookies: Kill cookies that come in the HTML or JS content.
#
#################################################################################
-FILTER: content-cookies Kill cookies that come in the HTML or JS content
+FILTER: content-cookies Kill cookies that come in the HTML or JS content.
# JS cookies, except those used by antiadbuster.com to detect us:
#
#################################################################################
#
-# refresh-tags: Kill automatic refresh tags (for dial-on-demand setups)
+# refresh-tags: Kill automatic refresh tags if refresh time is larger than 9 seconds.
#
#################################################################################
-FILTER: refresh-tags Kill automatic refresh tags (for dial-on-demand setups)
+FILTER: refresh-tags Kill automatic refresh tags if refresh time is larger than 9 seconds.
# Note: Only deactivates refreshes with more than 9 seconds delay to
# preserve monster-stupid but common redirections via meta tags.
#
-s/<meta\s+http-equiv\s*=\s*(['"]?)refresh\1\s+content\s*=\s*(['"]?)\d{2,}\s*(;\s*url\s*=\s*([^>\2]*))?\2/<link rev="x-refresh" href="$4"/iU
+s@<meta\s+http-equiv\s*=\s*(['"]?)refresh\1\s+content\s*=\s*(['"]?)\d{2,}\s*(;(?:\s*url\s*=\s*)?([^>\2]*))?\2@<link rev="x-refresh" href="$4"@ig
#################################################################################
#
-# unsolicited-popups: Disable unsolicited pop-up windows
+# unsolicited-popups: Disable unsolicited pop-up windows.
#
#################################################################################
-FILTER: unsolicited-popups Disable only unsolicited pop-up windows
+FILTER: unsolicited-popups Disable only unsolicited pop-up windows.
s+([^'"]\s*<head.*>)(?=\s*[^'"])+$1<script>function PrivoxyWindowOpen(){return(null);}</script>+isU
-s+([^\w\s.]\s*)((window|this|parent)\.)?open\s*\(+$1PrivoxyWindowOpen(+ig
-s+([^'"]\s*</html>)(?!\s*(\\n|'|"))+$1<script>function PrivoxyWindowOpen(a, b, c){return(window.open(a, b, c));}</script>+iU
+s@([^\w\s.]\s*)((?:map)?(window|this|parent)\.?)?open\s*\(@$1PrivoxyWindowOpen(@ig
+s+([^'"]\s*</html>)(?!\s*(\\n|'|"))+$1<script>function PrivoxyWindowOpen(a, b, c){return(window.open(a, b, c));}</script>+iU
##################################################################################
#
-# all-popups: Kill all popups in JavaScript and HTML
+# all-popups: Kill all popups in JavaScript and HTML.
#
#################################################################################
-FILTER: all-popups Kill all popups in JavaScript and HTML
-
-s/((\W\s*)(window|this|parent)\.)open\s*\\?\(/$1concat(/ig # JavaScript
-s/\starget\s*=\s*(['"]?)_?(blank|new)\1?/ notarget/ig # HTML
+FILTER: all-popups Kill all popups in JavaScript and HTML.
+s@((\W\s*)(?:map)?(window|this|parent)\.?)open\s*\\?\(@$1concat(@ig # JavaScript
+#s/\starget\s*=\s*(['"]?)_?(blank|new)\1?/ notarget/ig # HTML
+s/\starget\s*=\s*(['"]?)_?(blank|new)\1?/ /ig # (X)HTML
##################################################################################
#
-# img-reorder: Reorder attributes in <img> tags to make the banners-by-* filters more effective
+# img-reorder: Reorder attributes in <img> tags to make the banners-by-* filters more effective.
#
#################################################################################
-FILTER: img-reorder Reorder attributes in <img> tags to make the banners-by-* filters more effective
+FILTER: img-reorder Reorder attributes in <img> tags to make the banners-by-* filters more effective.
# In the first step src is moved to the start, then width is moved to the second
-# place to guarantee an order of src, width, height.
+# place to guarantee an order of src, width, height. Also does some white-space
+# normalization.
+#
# This makes banners-by-size more effective and allows both banners-by-size
# and banners-by-link to preserve the original image URL in the title attribute.
-s|<img\s+?([^>]*) src\s*=\s*(['"])([^>\\\2]+)\2|<img src=$2$3$2$1|siUg
-s|<img\s+?([^>]*) src\s*=\s*([^'">\\\s]+)|<img src=$2 $1|sig
+s|<img\s+?([^>]*)\ssrc\s*=\s*(['"])([^>'" ]+)\2|<img src=$2$3$2 $1|siUg
+s|<img\s+?([^>]*)\ssrc\s*=\s*([^'">\\\s]+)|<img src=$2 $1|siUg
+s|(<img[^>]+height)\s*=\s*|$1=|siUg
-s|<img (src=(?:(['"])[^>\\\\2]*\2\|[^'">\\\s]+?))([^>\\s]*)\s*width\s*=\s*(["']?)(\d+?)\4|<img $1 width=$4$5$4$3|siUg
+s|<img (src=(?:(['"])[^>'" ]*\2\|[^'">\\\s]+?))([^>]*)\s+width\s*=\s*((["']?)\d+?\5)(?=[\s>])|<img $1 width=$4$3|siUg
#################################################################################
#
-# banners-by-size: Kill banners by size
+# banners-by-size: Kill banners by size.
#
#################################################################################
#
# Note2: Use img-reorder before this filter to ensure maximum matching success
#
#################################################################################
-FILTER: banners-by-size Kill banners by size
+FILTER: banners-by-size Kill banners by size.
# 88*31
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)88\4)[^>]*?(height=(['"]?)31\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border=$1\\0$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)88\4)[^>]*?(height=(['"]?)31\6)[^>]*?(?=/?>)@\
+ <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
# 120*60, 120*90, 120*240, 120*600
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)120\4)[^>]*?(height=(['"]?)(?:600?|90|240)\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border=$1\\0$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)120\4)[^>]*?(height=(['"]?)(?:600?|90|240)\6)[^>]*?(?=/?>)@\
+ <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
# 125*125
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)125\4)[^>]*?(height=(['"]?)125\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border=$1\\0$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)125\4)[^>]*?(height=(['"]?)125\6)[^>]*?(?=/?>)@\
+ <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
# 160*600
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)160\4)[^>]*?(height=(['"]?)600\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border=$1\\0$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)160\4)[^>]*?(height=(['"]?)600\6)[^>]*?(?=/?>)@\
+ <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
# 180*150
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)180\4)[^>]*?(height=(['"]?)150\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border=$1\\0$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)180\4)[^>]*?(height=(['"]?)150\6)[^>]*?(?=/?>)@\
+ <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
# 234*60, 468*60 (Most Banners!)
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:234|468)\4)[^>]*?(height=(['"]?)60\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border=$1\\0$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:234|468)\4)[^>]*?(height=(['"]?)60\6)[^>]*?(?=/?>)@\
+ <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
# 240*400
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)240\4)[^>]*?(height=(['"]?)400\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border=$1\\0$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)240\4)[^>]*?(height=(['"]?)400\6)[^>]*?(?=/?>)@\
+ <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
# 250*250, 300*250
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:250|300)\4)[^>]*?(height=(['"]?)250\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border=$1\\0$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:250|300)\4)[^>]*?(height=(['"]?)250\6)[^>]*?(?=/?>)@\
+ <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
# 336*280
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)336\4)[^>]*?(height=(['"]?)280\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border=$1\\0$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)336\4)[^>]*?(height=(['"]?)280\6)[^>]*?(?=/?>)@\
+ <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
# Note: 200*50 was also proposed, but it probably causes too much collateral damage:
#
-#s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)200\4)[^>]*?(height=(['"]?)50\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border=$1\\0$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
+#s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)200\4)[^>]*?(height=(['"]?)50\6)[^>]*?(?=/?>)@\
+# <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5@sig
#################################################################################
#
-# banners-by-link: Kill banners by their links to known clicktrackers (Experimental)
+# banners-by-link: Kill banners by their links to known clicktrackers (Experimental).
#
#################################################################################
-FILTER: banners-by-link Kill banners by their links to known clicktrackers
+FILTER: banners-by-link Kill banners by their links to known clicktrackers.
# Common case with width and height attributes:
#
s@<a\s+href\s*=\s*(['"]?)([^>\1\s]*?(?:\
adclick # See www.dn.se \
+| advert # see dict.leo.org \
| atwola\.com/(?:link|redir) # see www.cnn.com \
-| /jump/ # redirs for doublecklick.net ads \
-| tracker | counter # common \
+| doubleclick\.net/jump/ # redirs for doublecklick.net ads \
+| counter # common \
+| (?<!&type=)tracker # (&type=tracker is used in sf's project statistics) \
| adlog\.pl # see sf.net \
-)[^>\1\s]*)\1[^>]*>\s*<img\s+(?:src\s*=\s*(['"]?)([^>\\\3\s]+)\3)?[^>]*((?:width|height)\s*=\s*(['"]?)\d+?\6)[^>]*((?:width|height)\s*=\s*(['"]?)\d+?\8)[^>]*>\
-@<img $5 $7 src=$1http://config.privoxy.org/send-banner?type=auto$1 border=$1\\0$1 title=$1Killed $4 by link to $2$1>@sigx
+)[^>\1\s]*)\1[^>]*>\s*<img\s+(?:src\s*=\s*(['"]?)([^>\\\3\s]+)\3)?[^>]*((?:width|height)\s*=\s*(['"]?)\d+?\6)[^>]*((?:width|height)\s*=\s*(['"]?)\d+?\8)[^>]*?(?=/?>)\
+@<img $5 $7 src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed $4 by link to $2"@sigx
# Rare case w/o explicit dimensions:
#
-s@<a\s+href\s*=\s*(['"]?)([^>\1\s]*?(?:adclick|atwola\.com/(?:link|redir)|doubleclick\.net/jump/|tracker|counter|adlog\.pl)[^>\1\s]*)\1[^>]*>\s*<img\s+(?:src\s*=\s*(['"]?)([^>\\\3\s]+)\3)?[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 border=$1\\0$1 title=$1Killed $4 by link to $2$1>@sig
+s@<a\s+href\s*=\s*(['"]?)([^>\1\s]*?(?:ad(?:click|vert)|atwola\.com/(?:link|redir)|doubleclick\.net/jump/|(?<!&type=)tracker|counter|adlog\.pl)[^>\1\s]*)\1[^>]*>\s*<img\s+(?:src\s*=\s*(['"]?)([^>\\\3\s]+)\3)?[^>]*?(?=/?>)@<img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed $4 by link to $2"@sig
################################################################################
#
-# webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
+# webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking).
#
#################################################################################
-FILTER: webbugs Squish WebBugs (1x1 invisible GIFs used for user tracking)
+FILTER: webbugs Squish WebBugs (1x1 invisible GIFs used for user tracking).
-s/<img\s+[^>]*(?:width|height)\s*=\s*['"]?[01](?=\D)[^>]*(?:width|height)\s*=\s*['"]?[01](?=\D)[^>]*?>//siUg
+s@<img[^>]*\s(?:width|height)\s*=\s*['"]?[01](?=\D)[^>]*\s(?:width|height)\s*=\s*['"]?[01](?=\D)[^>]*?>@@siUg
#################################################################################
#
-# tiny-textforms: Extend those tiny textareas up to 40x80 and kill the hard wrap
+# tiny-textforms: Extend those tiny textareas up to 40x80 and kill the hard wrap.
#
#################################################################################
-FILTER: tiny-textforms Extend those tiny textareas up to 40x80 and kill the hard wrap
+FILTER: tiny-textforms Extend those tiny textareas up to 40x80 and kill the hard wrap.
-s/(<textarea[^>]*?)(?:\s*(?:rows|cols)=(['"]?)\d+\2)+/$1 rows=$2\40$2 cols=$2\80$2/ig
+s/(<textarea[^>]*?)(?:\s*(?:rows|cols)=(['"]?)\d+\2)+/$1 rows=$2\40$2 cols=$2\80$2/ig
s/(<textarea[^>]*?)wrap=(['"]?)hard\2/$1/ig
#################################################################################
#
-# jumping-windows: Prevent windows from resizing and moving themselves
+# jumping-windows: Prevent windows from resizing and moving themselves.
#
#################################################################################
-FILTER: jumping-windows Prevent windows from resizing and moving themselves
-
-s/(?:window|this|self)\.(?:move|resize)(?:to|by)\(/''.concat(/ig
+FILTER: jumping-windows Prevent windows from resizing and moving themselves.
+s/(?<=[\W])(?:window|this|self)\.(?:move|resize)(?:to|by)\(/''.concat(/ig
#################################################################################
#
-# frameset-borders: Give frames a border, make them resizable and scrollable
+# frameset-borders: Give frames a border, make them resizable and scrollable.
#
#################################################################################
-FILTER: frameset-borders Give frames a border and make them resizable
+FILTER: frameset-borders Give frames a border and make them resizable.
s/(<frameset\s+[^>]*)framespacing=(['"]?)(no|0)\2/$1/igU
s/(<frameset\s+[^>]*)frameborder=(['"]?)(no|0)\2/$1/igU
s/(<frameset\s+[^>]*)border=(['"]?)(no|0)\2/$1/igU
s/(<frame\s+[^>]*)noresize/$1/igU
-s/(<frame\s+[^>]*)frameborder=(['"]?)(no|0)\2/$1/igU
+s/(<frame\s+[^>]*)frameborder=(['"]?)(no|0)\2/$1/igU
s/(<frame\s+[^>]*)scrolling=(['"]?)(no|0)\2/$1/igU
+#################################################################################
+#
+# iframes: Remove all detected iframes. Should only be enabled for
+# individual sites after testing that the iframes are optional.
+#
+#################################################################################
+FILTER: iframes Removes all detected iframes. Should only be enabled for individual sites.
+s@<iframe.*</iframe>@<!-- iframe removed by Privoxy's iframe filter -->@Uisg
+
#################################################################################
#
-# demoronizer: Correct Microsoft's abuse of standardized character sets, which
-# leave the browser to (mis)-interpret unknown characters, with
+# demoronizer: Correct Microsoft's abuse of standardized character sets, which
+# leave the browser to (mis)-interpret unknown characters, with
# sometimes bizarre results on non-MS platforms.
#
-# credit: ripped from the demoroniser.pl script by:
+# credit: ripped from the demoroniser.pl script by:
# John Walker -- January 1998, http://www.fourmilab.ch/webtools/demoroniser
#
#################################################################################
-FILTER: demoronizer Fix MS's non-standard use of standard charsets
+FILTER: demoronizer Fix MS's non-standard use of standard charsets.
s/(&\#[0-2]\d\d)\s/$1; /g
# per Robert Lynch: http://slate.msn.com//?id=2067547, just a guess.
#################################################################################
#
-# shockwave-flash: Kill embedded Shockwave Flash objects
+# shockwave-flash: Kill embedded Shockwave Flash objects.
# Note: Better just block "/.*\.swf$"!
#
#################################################################################
-FILTER: shockwave-flash Kill embedded Shockwave Flash objects
+FILTER: shockwave-flash Kill embedded Shockwave Flash objects.
s|<object [^>]*macromedia.*</object>|<!-- Squished Shockwave Object -->|sigU
s|<embed [^>]*(application/x-shockwave-flash\|\.swf).*>(.*</embed>)?|<!-- Squished Shockwave Flash Embed -->|sigU
#################################################################################
#
-# quicktime-kioskmode: Make Quicktime movies saveable
+# quicktime-kioskmode: Make Quicktime movies saveable.
#
#################################################################################
-FILTER: quicktime-kioskmode Make Quicktime movies saveable
+FILTER: quicktime-kioskmode Make Quicktime movies saveable.
-s/(<embed\s+[^>]*)kioskmode\s*=\s*(["']?)true\2/$1/ig
+s/(<embed\s+[^>]*)kioskmode\s*=\s*(["']?)true\2/$1/ig
#################################################################################
# SCNR
#
-s/microsoft(?!.com)/MicroSuck/ig
+s/microsoft(?!\.[^\s])/MicroSuck/ig
# Buzzword Bingo (example for extended regex syntax)
#
#################################################################################
#
-# crude-parental: Crude parental filtering? (Use along with a suitable blocklist).
-# Shows how to deny access to whole page based on a keyword.
+# crude-parental: Crude parental filtering. Use with a suitable blocklist.
+# Pages are "blocked" based on keyword matching.
#
#################################################################################
-FILTER: crude-parental Crude parental filtering (demo only)
+FILTER: crude-parental Crude parental filtering. Note that this filter doesn't work reliably.
# (Note: Middlesex, Sussex and Essex are counties in the UK, not rude words)
# (Note #2: Is 'sex' a rude word?!)
-s%^.*(?<!middle)(?<!sus)(?<!es)sex.*$%<html><head><title>Blocked</title></head><body><h3>Blocked due to possible adult content. Please see <a href="http://dmoz.org/Kids_and_Teens/">this site</a>.</h3></body></html>%is
+s%^.*(?<!middle)(?<!sus)(?<!es)sex.*$%<html><head><title>Blocked</title></head><body>\
+<h3>Blocked by <a href="http://p.p/">Privoxy's</a> crude-parental filter due to possible adult content.</h3></body></html>%is
+
s+^.*warez.*$+<html><head><title>No Warez</title></head><body><h3>You're not searching for illegal stuff, are you?</h3></body></html>+is
+# Remove by description
+s@^.*\
+(?:(suck|lick|tongue|rub|fuck|fingering|finger|chicks?)\s*)?\
+(?:(her|your|my|hard|with|big|wet|tight|pink|hot|moist|young|teen)\s*)+\
+(dicks?|penis|cocks?|balls?|tits?|pussy|cunt|clit|ass|mouth).*$\
+@This page has been blocked by <a href="http://p.p/">Privoxy's</a> crude-parental content filter\
+@is
+
+#Remove by link text
+s@^.*\
+(download|broadband|view|watch|free|get|extreem)?\s*\
+(sex|xxx|porn|cumshot|fuck(ing|s)?|anal|ass|asian|adult|Amateur|org(y|ies)|close ups?|hand?job|nail(ed)?)+\s*\
+(movies?|pics?|videos?|dvds?|dvd's|links?).*$\
+@This page has been blocked by <a href="http://p.p/">Privoxy's</a> crude-parental content filter\
+@is
+
+#Remove by age disclaimer
+s@^.*\
+(models?|chicks?|girls?|women|persons)\s*\
+(who|are|were)+ (over|at least) (16|18|21) years (old|of age).*$\
+@This page has been blocked by <a href="http://p.p/">Privoxy's</a> crude-parental content filter\
+@is
+
+#Remove by regulations
+s@^.*(Section 2257|18 U.?S.?C.? 2257).*$\
+@This page has been blocked by <a href="http://p.p/">Privoxy's</a> crude-parental content filter\
+@is
+
#################################################################################
#
-# IE-Exploits: Disable some known Internet Explorer bug exploits
+# IE-Exploits: Disable some known Internet Explorer bug exploits.
#
#################################################################################
-FILTER: ie-exploits Disable some known Internet Explorer bug exploits
+FILTER: ie-exploits Disable some known Internet Explorer bug exploits.
# Note: This is basically a demo and waits for someone more interested in IE
# security (sic!) to take over.
FILTER: site-specifics Cure for site-specific problems. Don't apply generally!
# www.spiegel.de excludes X11 users from viewing Flash5 objects - shame.
-# Apply to: www.spiegel.de/static/js/flash-plugin.js
+# Apply to: www.spiegel.de/static/js/flash-plugin.js
#
s/indexOf\("x11"\)/indexOf("x13")/
# monster.com has two very similar gimmicks:
#
s|<input type="hidden" name="REDIRECT" value="(.+?)">|<meta http-equiv="refresh" content="0; URL=$1">|i
-
-s|<IMG SRC="http://media.monster.com/mm/usen/my/no_thanks_211x40.gif".+?>|<meta http-equiv="refresh" content="0; URL=http://my.monster.com/resume.asp">|i
+
+s|<IMG SRC="http://media.monster.com/mm/usen/my/no_thanks_211x40.gif".+?>|<meta http-equiv="refresh" content="0; URL=http://my.monster.com/resume.asp">|i
# nytimes.com triggers popups through the onload handler of dummy images
-# to fool popup-blockers.
+# to fool popup-blockers.
#
s|(<img [^>]*)onload|$1never|sig
s|(<INPUT name="\d{2,4}" type="RADIO" value="0") CHECKED |$1|g
s|<INPUT name="\d{2,4}" type="RADIO" value="3" |$0 checked|g
+#################################################################################
+#
+# no-ping: Removes non-standard ping attributes in <a> and <area> tags.
+#
+#################################################################################
+FILTER: no-ping Removes non-standard ping attributes in <a> and <area> tags.
+s@(<a(?:rea)?[^>]*?)\sping=(['"]?)([^"'>]+)\2([>\s]?)@\
+<strong style="color:white; background-color:red;" title="Privoxy removed ping target '$3'">PING!</strong>\n$1$4@ig
+
+#################################################################################
+#
+# allow-autocompletion: Changes autocomplete="off" on form and input fields
+# to "on" to allow autocompletion.
+#
+#################################################################################
+FILTER: allow-autocompletion Changes autocomplete="off" on form and input fields to "on" to allow autocompletion.
+
+s@(<(?:input|form|select|textarea)\s[^>]+autocomplete=)(['"]?)(?:off|0)\2@$1$2on$2@igsU
+
#################################################################################
#
# google: CSS-based block for Google text ads. Also removes
#
#################################################################################
FILTER: google CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.
-s@</head>@<style type="text/css">\n\
+
+s@</head>[^\\]@<style type="text/css">\n\
/* Style sheet inserted by Privoxy's google filter. */\n\
\#fbc, \#fbl, \#ra, .rhh {visibility: hidden !important;}\n\
- \#tpa1,\#tpa2,\#tpa3,\#tpa4,\#tpa5,\#tpa5, \#spl, .ch, \#ads, \#toolbar, \#google_ads_frame{display: none !important;}\n\
- .main_body, .j {width: 100%}\n</style>\n$0@
+ \#tpa1,\#tpa2,\#tpa3,\#tpa4,\#tpa5,\#tpa5, \#spl, .ch, \#ads,\
+ \#toolbar, \#google_ads_frame, \#mbEnd {display: none !important;}\n\
+ .main_body, .j, \#res, .med, .hd, .g, .s\n\
+ {width: 99%; max-width: 100%; margin-left: 0; margin-right: 0;}\n\
+ </style>\n$0@
s@<div style=\"padding-top:11px;min-width:500px\">@<div id="main_body">@
s@(<table cellspacing=0 cellpadding=0 width=25% align=right bgcolor=\#ffffff border=0\
|</font></td></tr></tbody></table><table align=\"right\" bgcolor=\"\#ffffff\"\
-|<table cellspacing=0 cellpadding=0 align=right bgcolor=\#ffffff border=0)@$0 id="ads"@
+|<table cellspacing=0 cellpadding=0 align=right bgcolor=\#ffffff border=0\
+|<table style=\"clear:both\" align=right width=25% cellspacing=\"0\" cellpadding=\"0\"\
+ border=\"0\" bgcolor=\"\#ffffff\")@$0 id="ads"@
s@(<br clear=all><table)( border=0 cellpadding=9><tr><td)@$1 id="toolbar"$2@
#################################################################################
#
#################################################################################
FILTER: yahoo CSS-based block for Yahoo text ads. Also removes a width limitation.
-s@</head>@<style type="text/css">\n\
+
+s@</head>@\n<style type="text/css">\n\
/* Style sheet inserted by Privoxy's yahoo filter. */\n\
- \#symadbn, \#ymadbn, \#yschsec, \#yschanswr, .yschftad,\
- .yschspn, .yschspns {display: none !important;}\n\
- \#yschpri {width: 100% }\n</style>\n$0@
+ \#symadbn, \#ymadbn, .yschbox, .yschhd, .bbox, \#yschsec, \#sec,\
+ \#yschanswr, .yschftad, .yschspn, .yschspns, \#ygrp-sponsored-links,\
+ \#nwad, \#MWA2, \#MSCM, \#yregad, \#sponsored-links,\
+ \#ks-ypn-ads, .ad, \#east, \#ygrp-vital, .ads {display: none !important;}\n\
+ \#yschpri, \#yschweb, \#pri, \#web, \#main, .yschttl, .abstr, .res \n\
+ {width: 99% !important; max-width: 100% !important;}\n\
+ .yschttl, .res, .res.indent, \#web {padding: 0px; margin: 0px !important;}\n\
+ \#web {padding-left: 0.5em}\n\
+ \#yschqcon, \#yschtg {width: auto !important; /* No useless horizontal scrollbar please */}\n\
+ \#composebox \#compose_editorArea {width: 70% !important; /* reasonably sized reply textarea please */\n\
+ </style>\n$0\n@
+
+s@(<textarea\s+id="composeArea"[^>]*)width:545px;@$1width:70%;@isU
#################################################################################
#
#
#################################################################################
FILTER: msn CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.
+
s@</head>@<style type="text/css">\n\
/* Style sheet inserted by Privoxy's msn filter. */\n\
- .msn_ads {display: none !important;}\n\
- \#results, .flank, .SearchSection .not\
- {width: 100% !important; min-width: 100% !important;\
- max-width: 100% !important;}\n</style>\n$0@
+ .msn_ads, \#at, \#ar, .mktmsg {display: none !important;}\n\
+ \#results, \#b_results, .flank, .results_area_flank, .results_area_stroke,\n\
+ \#results_area, \#content, .sb_tlst, .sa_cc, .sb_ph, \#sw_main,\n\
+ .content, .b_content, \#sw_foot, \#bf, \#sw_content, \#sidebar, \#pag\n\
+ {width: 99% !important; min-width: 99% !important;\n\
+ max-width: 100% !important; /* width:100% sometimes causes horizontal scrollbars */}\n\
+ /* Remove 'related' ads */\n\
+ .b_ad, .b_adlabel {clear: both; display:none;}\n\
+ /* Remove "suggestions". They are next to worthless but partly overlap with the search results */\n\
+ .suggestion, \#nys_right, \#nys {clear: both; display:none;}\n\
+ /* Remove "Related searches" at the left side of the main results.\n\
+ They are next to worthless, too, and also are still present below the main search results */\n\
+ \#b_results > .b_ans {clear: both; display:none;}\n\
+ \#s_notf_div,\n \
+ /* Overlay ads to enable Facebook 'likes' in search results. */\n\
+ .sn_container {display:none !important;}\n\
+ \#content, \#b_content {padding: 0px 0px 0px 0px}\n\
+ </style>\n$0@
+# Are these ids still in use?
s@(<div[^>]*) id=(["']?)ads_[^\2]*\2@$1 class="msn_ads"@Uig
+s@(<div[^>]*) class=(["']?)sb_ads[^\2]*\2@$1 class="msn_ads"@Uig
s@(<a[^>]*href=\")http://g.msn.com/.*\?(http://.*)(&&DI=.*)(\")@$1$2$4@Ug
s@(<a[^>]*)gping=\".*\"@$1 title="URL cleaned up by Privoxy's msn filter"@Ug
# appear to early or not at all and as fixing this would require a browser
# that understands background-size (CSS3), they are removed instead.
#
+# When applied to feeds, it removes comment titles that
+# only contain the beginning of the actual comment.
+#
#################################################################################
FILTER: blogspot Cleans up some Blogspot blogs. Read the fine print before using this.
+
s@</head>@<style type="text/css">\n\
/* Style sheet inserted by Privoxy's blogspot filter. */\n\
\#powered-by {display: none !important;}\n\
\#sidebar {width: 29% }\n\
.post-body {overflow: auto;}\n\
.blogComments {width: 100%; overflow: auto;}\n</style>\n$0@
-s@<body.*(<div id="(content|wrap4|wrapper))@<body><!-- Privoxy's\
- blogspot filter ditched some garbage here -->$1@Us
+s@<body.*(?:<div id="space-for-ie"></div>|(<div id="(?:content|wrap4|wrapper)))@<body>\
+ <!-- Privoxy's blogspot filter ditched some garbage here -->$1@Us
s@(<div style=\"[^\"]*width:)30em@$1 100%@
s@background:url\(\"http://www.blogblog.com/rounders[^\"]*\"\).*;@/*$0*/@Ug
s@(background:\#[a-f\d]{3})( url\(\"http://www.blogblog.com/rounders[^\"]*\"\).*;)@$1 ;/*$2*/@Ug
+# Do the feed filtering magic as described above.
+s@<title(?:\s+type=\'text\')?>([^<]*)(?:\.\.\.)?\s*</title>\s*\
+(<content(?:\s+type=\'(?:html|text)\')?>\s*\1)@<title></title>$2@ig
#################################################################################
#
-# html-to-xml: Header filter to change the Content-Type from html to xml.
+# x-httpd-php-to-html: Changes the Content-Type header from
+# x-httpd-php to html. "Content-Type: x-httpd-php"
+# is set by clueless PHP users and causes many
+# browsers do open a download menu instead of
+# rendering the page.
#
#################################################################################
-FILTER: html-to-xml Header filter to change the Content-Type from html to xml.
-s@^(Content-Type:) text/html(;.*)?$@$1 application/xhtml+xml$2@
+SERVER-HEADER-FILTER: x-httpd-php-to-html Changes the Content-Type header from x-httpd-php to html.
+
+s@^(Content-Type:)\s*application/x-httpd-php@$1 text/html@i
#################################################################################
#
-# xml-to-html: Header filter to change the Content-Type from xml to html.
+# html-to-xml: Changes the Content-Type header from html to xml.
#
#################################################################################
-FILTER: xml-to-html Header filter to change the Content-Type from xml to html.
-s@^(Content-Type:) (?:application|text)/(?:xhtml\+)?xml(;.*)?$@$1 text/html$2@
+SERVER-HEADER-FILTER: html-to-xml Changes the Content-Type header from html to xml.
-##############################################################################
-#
-# Revisions :
-# $Log: default.filter,v $
-# Revision 1.23 2006/10/05 14:46:28 fabiankeil
-# Replaced "<" in img-reorder's description with "<".
-#
-# Modified msn filter to tag ads with classes instead
-# of ids. There may be more than one ad per page,
-# but ids are required to be unique.
-#
-# Revision 1.22 2006/10/04 19:17:14 fabiankeil
-# Incorportated Frédéric Crozat's ie-exploits
-# modification to make it less trigger-happy.
-#
-# Modified blogspot filter to make .post-body
-# scrollable if necessary.
-#
-# Revision 1.21 2006/10/02 16:21:14 fabiankeil
-# Adjusted yahoo filter to hide .yschspns as well.
-# Added header filters: html-to-xml and xml-to-html.
-#
-# Revision 1.20 2006/10/01 21:00:22 fabiankeil
-# New site-specific filters: google, yahoo, msn and blogspot.
-#
-# Revision 1.19 2006/07/18 14:48:45 david__schmidt
-# Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
-# with what was really the latest development (the v_3_0_branch branch)
-#
-# Revision 1.11.2.23 2004/02/17 13:34:01 oes
-# - Beefed up the protection of the unsolicited-popups
-# filter against matching in JavaScript string constants.
-# - Extended the fun filter with a German joke
-# - Extended the site-specifics filter with a convenience
-# reeplacement for managing mailing lists at SourceForge
-#
-# Revision 1.11.2.22 2004/01/30 15:29:29 oes
-# Updated the copyright note
-#
-# Revision 1.11.2.21 2004/01/20 15:15:01 oes
-# Detail enhancement in all-popups
-#
-# Revision 1.11.2.20 2004/01/06 16:46:14 oes
-# Fixed a JS syntax problem in jumping-windows
-#
-# Revision 1.11.2.19 2003/12/17 17:09:25 oes
-# Added remedy against IE address bar spoofing
-#
-# Revision 1.11.2.18 2003/12/02 11:25:27 oes
-# Fixed a line trashed in previous commit
-#
-# Revision 1.11.2.17 2003/12/01 21:58:46 oes
-# Assorted tuning:
-#
-# - unsolicited-popups no longer matches at start or end of quoted
-# strings, and is now activated earlier and deactivated later in
-# the page.
-# - replacement images in banners-by-* now without border
-# - more effective shockwave flash flattening
-# - Custom annoyance filtering for Yahoo Groups, Monster.com, NY Times.
-#
-# Revision 1.11.2.16 2003/05/08 09:44:56 oes
-# Allow extra parameters in blink,marquee tags. Fixes bug #734012
-#
-# Revision 1.11.2.15 2003/03/30 13:57:08 oes
-# Making unsolicited-popups safe for use on <html> tags enclosed in JS strings
-#
-# Revision 1.11.2.14 2003/03/19 13:17:50 oes
-# - Added filter "site-specifics" to address site specific problems
-# - Fixed a small problem in the img-reorder filter
-#
-# Revision 1.11.2.13 2003/03/18 19:28:59 oes
-# Fixed a minor problem in the img-reorder filter
-#
-# Revision 1.11.2.12 2003/03/15 14:06:58 oes
-# - Assorted refinements, optimizations and fixes in the js-annoyances,
-# img-reorder, banners-by-size, banners-by-link, webbugs, refresh-tags,
-# html-annoyances, content-cookies and fun filters
-# - Replaced filter "popups" by choice between two modes:
-# - "unsolicited-popups" tries to catch only the unsolicited ones
-# - "all-popups" tries to kill them all (as before)
-# - New filter "tiny-textforms" Help those tiny or hard-wrap textareas.
-# - New filter "jumping-windows" that prevents windows from resizing
-# and moving themselves
-# - Replaced "nimda" with more general "ie-exploits" filter in which
-# all filters for exploits shall be collected
+s@^(Content-Type:)\s*text/html(;.*)?$@$1 application/xhtml+xml$2@i
+
+#################################################################################
#
-# Revision 1.11.2.11 2002/11/12 16:14:43 oes
-# Exchanged js-annoyance filter against status bar rewrites with improved version by Don Libes
+# xml-to-html: Changes the Content-Type header from xml to html.
#
-# Revision 1.11.2.10 2002/11/11 13:39:47 oes
-# Make refresh-tags filter work even on incorrect refresh tags like found on usatoday.com
+#################################################################################
+SERVER-HEADER-FILTER: xml-to-html Changes the Content-Type header from xml to html.
+
+s@^(Content-Type:)\s*(?:application|text)/(?:xhtml\+)?xml(;.*)?$@$1 text/html$2@i
+
+#################################################################################
#
-# Revision 1.11.2.9 2002/11/08 16:39:17 oes
-# Made img-reorder more cautious. Fixes bug #632715
+# hide-tor-exit-notation: Remove the Tor exit node notation in Host and Referer headers.
#
-# Revision 1.11.2.8 2002/10/13 21:56:52 hal9
-# Adding demoronizer filter. This should include all the common abuses. I have
-# left a few of the rare cases commented out (never found these in the wild).
+# Note: If Privoxy and Tor are chained and Privoxy is configured to
+# use socks4a, one can use http://www.example.org.foobar.exit/
+# to access the host www.example.org through Tor exit node foobar.
#
-# Revision 1.11.2.7 2002/09/25 15:09:39 oes
-# Preserve original quoting style in <img> tags wherever possible. Fixes Bug #605956
+# As the HTTP client isn't aware of this notation, it treats the
+# whole string "www.example.org.foobar.exit" as host and uses it
+# for the "Host" and "Referer" headers. From the server's point of
+# view the resulting headers are invalid and can cause problems.
#
-# Revision 1.11.2.6 2002/08/23 14:12:26 oes
-# Proofed frameset-borders against "fremaborder=0 border=0"
+# An invalid "Referer" header can trigger "hot-linking" protections,
+# an invalid "Host" header will make it impossible for the server to
+# find the right vhost (several domains hosted on the same IP address).
#
-# Revision 1.11.2.5 2002/08/22 15:05:20 oes
-# Added Filter to make Quicktime movies saveable (thanks to aaron@linville.org for the idea)
+# This filter removes the "foo.exit" part in those headers
+# to prevent the mentioned problems. Note that it only modifies
+# the HTTP headers, it doesn't make it impossible for the server
+# to detect your Tor exit node based on the IP address the request is
+# coming from.
#
-# Revision 1.11.2.4 2002/08/10 11:32:29 oes
-# Attribute values in replacement tags of banners-by-size filter now undelimited. (Fixes bug #592493)
+#################################################################################
+CLIENT-HEADER-FILTER: hide-tor-exit-notation Removes the Tor exit node notation in Host and Referer headers.
+
+s@^((?:Referer|Host):\s*(?:https?://)?[^/]*)\.[^\./]*?\.exit@$1@i
+
+#################################################################################
#
-# Revision 1.11.2.3 2002/08/05 11:43:56 oes
-# Fixed a bug in the popups filter that was introduced with the last fix :-(
+# no-brotli-accepted: Strips "br" from the Accept-Encoding header as Privoxy
+# currently doesn't support Brotli.
#
-# Revision 1.11.2.2 2002/08/01 11:20:13 oes
-# Fixed bugs 587802, 577802 and an unreported one
+#################################################################################
+CLIENT-HEADER-FILTER: no-brotli-accepted Strip "br" from Accept-Encoding header
+
+s@(^Accept-Encoding:.*?)(?:br, |, br|br)@$1@i
+
+#################################################################################
#
-# Revision 1.11.2.1 2002/07/26 15:18:26 oes
-# - All filters reviewed and many shorcomings fixed
-# - New filters: img-reorder, banners-by-link and js-events
-# - Jobs reorderd because they are now executed in order of
-# appearance
+# less-download-windows: Prevents annoying download windows for content types
+# the browser can handle itself.
#
-# Revision 1.11 2002/05/24 00:57:18 oes
-# Made WeBugs job ungreedy; Fixes bug 559190
+#################################################################################
+SERVER-HEADER-FILTER: less-download-windows Prevent annoying download windows for content types the browser can handle itself.
+
+s@^Content-Disposition:.*filename=(["']?).*\.(png|gif|jpe?g|diff?|d?patch|c|h|pl|shar)\1.*$@@i
+s@^(Content-Type:)\s*(?:message/(?:news|rfc822)|text/x-.*|application/x-sh(?:\s|$))\s*@$1 text/plain@i
+
+#################################################################################
#
-# Revision 1.10 2002/04/18 10:14:19 oes
-# renamed some filters
+# image-requests: Tags detected image requests as "IMAGE-REQUEST". Whether
+# or not the detection actually works depends on the browser.
#
-# Revision 1.9 2002/04/11 07:36:35 oes
-# Generalized js-popup filter
+#################################################################################
+CLIENT-HEADER-TAGGER: image-requests Tags detected image requests as "IMAGE-REQUEST".
+
+s@^Accept:\s*image/.*@IMAGE-REQUEST@i
+
+#################################################################################
#
-# Revision 1.8 2002/04/10 17:07:21 oes
-# Fixed potentially desctructive jobs, added noflash filter
+# css-requests: Tags detected CSS requests as "CSS-REQUEST". Whether
+# or not the detection actually works depends on the browser.
#
-# Revision 1.7 2002/04/09 18:34:51 oes
-# Fixed HTML syntax in replacements
+#################################################################################
+CLIENT-HEADER-TAGGER: css-requests Tags detected CSS requests as "CSS-REQUEST".
+
+s@^Accept:\s*text/css.*@CSS-REQUEST@i
+
+#################################################################################
#
-# Revision 1.6 2002/04/03 19:49:52 swa
-# name change
+# range-requests: Tags range requests as "RANGE-REQUEST".
#
-# Revision 1.5 2002/03/27 15:30:26 swa
-# have a consistent appearance
+# By default Privoxy removes Range headers for requests to
+# ressources that will be filtered to make sure the filters
+# get the whole picture. Otherwise Range requests could be
+# intentionally used to circumvent filters or, less likely,
+# filtering a partial response may damage it because it matched
+# a pattern that the ressource as a whole wouldn't.
#
-# Revision 1.4 2002/03/26 22:29:54 swa
-# we have a new homepage!
+# Range requests can be useful and save bandwidth so instead
+# of removing Range headers for requests to ressources that
+# will be filtered, you may prefer to simply disable filtering
+# for those requests.
#
-# Revision 1.3 2002/03/24 16:08:03 jongfoster
-# Fixing banners-by-size for new config URLs
+# That's what this tagger is all about. After enabling it,
+# you can disable filtering for range requests using the following
+# action section:
#
-# Revision 1.2 2002/03/24 13:02:18 swa
-# name change related issues.
+# {-filter -deanimate-gifs}
+# TAG:^RANGE-REQUEST
#
-# Revision 1.1 2002/03/24 11:37:39 jongfoster
-# Name change
+#################################################################################
+CLIENT-HEADER-TAGGER: range-requests Tags range requests as "RANGE-REQUEST".
+
+s@^Range:.*@RANGE-REQUEST@i
+
+#################################################################################
#
-# Revision 1.24 2002/03/16 20:39:54 oes
-# - Added descriptions to the filters so users will know what they select in the cgi editor
-# - Added content-cookies filter
-# - Bugfixed many jobs (Thanks to Al for some hints)
+# client-ip-address: Tags the request with the client's IP address.
#
-# Revision 1.22 2002/03/12 13:42:50 oes
-# Fixing & Optimizing REs
+#################################################################################
+CLIENT-HEADER-TAGGER: client-ip-address Tags the request with the client's IP address.
+
+s@^\w*\s+.*\s+HTTP/\d\.\d\s*@IP-ADDRESS: $origin@D
+
+#################################################################################
#
-# Revision 1.21 2002/03/12 11:59:20 oes
-# Beefed up Buzzword Bingo
+# listen-address: Tags the request with the listen-address on which the request
+# came in.
#
-# Revision 1.20 2002/03/12 01:42:50 oes
-# Introduced modular filters
+#################################################################################
+CLIENT-HEADER-TAGGER: listen-address Tags the request with the listen-address on which the request came in.
+
+s@^\w*\s+.*\s+HTTP/\d\.\d\s*@LISTEN-ADDRESS: $listen-address@D
+
+#################################################################################
#
-# Revision 1.19 2002/03/10 19:49:24 oes
-# Added expression to kill referer tracking in JavaScripts
+# http-method: Tags the request with its HTTP method.
#
-# Revision 1.18 2002/03/08 17:14:12 oes
-# PNG -> image in comments
+#################################################################################
+CLIENT-HEADER-TAGGER: http-method Tags the request with its HTTP method.
+
+s@^(\w*).*HTTP/\d\.\d\s*$@$1@i
+
+#################################################################################
#
-# Revision 1.17 2002/03/07 03:50:54 oes
-# Adapted comments to new built-in images
+# allow-post: Tags POST requests as "ALLOWED-POST".
#
-# Revision 1.16 2002/02/21 00:12:19 jongfoster
-# Modifying the banner regexps to use long URLS and to autodetect
-# whether to show a logo or a transparent GIF, based on actionsfile
-# setting.
+#################################################################################
+CLIENT-HEADER-TAGGER: allow-post Tags POST requests as "ALLOWED-POST".
+
+s@^(?:POST)\s+.*\s+HTTP/\d\.\d\s*@ALLOWED-POST@i
+
+#################################################################################
#
-# Revision 1.15 2001/12/28 23:54:20 steudten
-# Fix for feature Req #495374: http-equiv problem
+# complete-url: Tags the request with the whole request URL.
#
-# Revision 1.14 2001/12/09 18:55:11 david__schmidt
-# Updated CODE_STATUS to beta, commented out microsuck line in re_filterfile
-# for 2.9.10 beta
+#################################################################################
+CLIENT-HEADER-TAGGER: complete-url Tags the request with the whole request URL.
+
+s@^\w*\s+(.*)\s+HTTP/\d\.\d\s*$@$1@i
+
+#################################################################################
#
-# Revision 1.13 2001/10/13 13:11:20 joergs
-# Fixed WebBug filter.
+# user-agent: Tags the request with the complete User-Agent header.
#
-# Revision 1.12 2001/10/07 15:46:42 oes
-# Followed Guy's proposal to change the document.cookie job
+#################################################################################
+CLIENT-HEADER-TAGGER: user-agent Tags the request with the complete User-Agent header.
+
+s@^User-Agent:.*@$0@i
+
+#################################################################################
#
-# Revision 1.11 2001/09/21 12:34:00 joergs
-# Added filter to replace "Nimda" code by a warning.
+# referer: Tags the request with the complete Referer header.
#
-# Revision 1.10 2001/07/20 11:04:26 oes
-# Added Rodneys javascript cookie filter
+#################################################################################
+CLIENT-HEADER-TAGGER: referer Tags the request with the complete Referer header.
+
+s@^Referer:.*@$0@i
+
+#################################################################################
#
-# Revision 1.9 2001/07/13 14:03:48 oes
-# Elimiated yet another bug in the banner-by-size jobs. Shame on me!
+# content-type: Tags the request with the content type declared by the server.
#
-# Revision 1.8 2001/06/29 13:34:00 oes
-# - Added explanation for U and T options
-# - Added hint on image replacement by CGI call
-# - Fixed bug in banner-by-size jobs
+#################################################################################
+SERVER-HEADER-TAGGER: content-type Tags the request with the content type declared by the server.
+
+s@^Content-Type:\s*([^;]+).*@$1@i
+
+#################################################################################
#
-# Revision 1.7 2001/06/19 14:21:56 oes
-# Fixed microsuck line
+# privoxy-control: The taggers create tags with the content of X-Privoxy-Control
+# headers, the filters remove said headers.
#
-# Revision 1.6 2001/06/09 14:01:57 swa
-# header. cosmetics. default: no messing ala microsuck.
+#################################################################################
+CLIENT-HEADER-TAGGER: privoxy-control Creates tags with the content of X-Privoxy-Control headers.
+
+s@^X-Privoxy-Control:\s*@@i
+
+CLIENT-HEADER-FILTER: privoxy-control Removes X-Privoxy-Control headers.
+
+s@^X-Privoxy-Control:.*@@i
+
+SERVER-HEADER-TAGGER: privoxy-control Creates tags with the content of X-Privoxy-Control headers.
+
+s@^X-Privoxy-Control:\s*@@i
+
+SERVER-HEADER-FILTER: privoxy-control Removes X-Privoxy-Control headers.
+
+s@^X-Privoxy-Control:.*@@i
+
+#################################################################################
#
+# client-body: Modify client request body
#
-#
+#################################################################################
+CLIENT-BODY-FILTER: remove-first-byte Removes the first byte from the request body
+s@^.@@
+CLIENT-BODY-FILTER: remove-test Removes "test" everywhere in the request body
+s@test@@g
+CLIENT-BODY-FILTER: overwrite-test-value Overwrites the value of the "test" variable with blafasel
+s@(test=)[^&\s]*@$1blafasel@g
projects / privoxy.git / blobdiff