- </table>
-
- <p>
- The <tt class="LITERAL">x</tt> option in this job turns on extended
- syntax, and allows for e.g. the liberal use of (non-interpreted!)
- whitespace for nicer formatting.
- </p>
- <p>
- You get the idea?
- </p>
- </div>
- <div class="SECT2">
- <h2 class="SECT2">
- <a name="PREDEFINED-FILTERS">9.2. The Pre-defined Filters</a>
- </h2>
- <p>
- The distribution <tt class="FILENAME">default.filter</tt> file
- contains a selection of pre-defined filters for your convenience:
- </p>
- <div class="VARIABLELIST">
- <dl>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">js-annoyances</i></span>
- </dt>
- <dd>
- <p>
- The purpose of this filter is to get rid of particularly
- annoying JavaScript abuse. To that end, it
- </p>
- <ul>
- <li>
- <p>
- replaces JavaScript references to the browser's referrer
- information with the string "Not Your Business!". This
- compliments the <tt class="LITERAL"><a href=
- "actions-file.html#HIDE-REFERRER">hide-referrer</a></tt>
- action on the content level.
- </p>
- </li>
- <li>
- <p>
- removes the bindings to the DOM's <a href=
- "http://www.w3.org/TR/2000/REC-DOM-Level-2-Events-20001113/events.html#Events-eventgroupings-htmlevents"
- target="_top">unload event</a> which we feel has no
- right to exist and is responsible for most <span class=
- "QUOTE">"exit consoles"</span>, i.e. nasty windows that
- pop up when you close another one.
- </p>
- </li>
- <li>
- <p>
- removes code that causes new windows to be opened with
- undesired properties, such as being full-screen,
- non-resizeable, without location, status or menu bar etc.
- </p>
- </li>
- </ul>
-
- <p>
- Use with caution. This is an aggressive filter, and can break
- sites that rely heavily on JavaScript.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class="EMPHASIS">js-events</i></span>
- </dt>
- <dd>
- <p>
- This is a very radical measure. It removes virtually all
- JavaScript event bindings, which means that scripts can not
- react to user actions such as mouse movements or clicks,
- window resizing etc, anymore. Use with caution!
- </p>
- <p>
- We <span class="emphasis"><i class="EMPHASIS">strongly
- discourage</i></span> using this filter as a default since it
- breaks many legitimate scripts. It is meant for use only on
- extra-nasty sites (should you really need to go there).
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">html-annoyances</i></span>
- </dt>
- <dd>
- <p>
- This filter will undo many common instances of HTML based
- abuse.
- </p>
- <p>
- The <tt class="LITERAL">BLINK</tt> and <tt class=
- "LITERAL">MARQUEE</tt> tags are neutralized (yeah baby!), and
- browser windows will be created as resizeable (as of course
- they should be!), and will have location, scroll and menu
- bars -- even if specified otherwise.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">content-cookies</i></span>
- </dt>
- <dd>
- <p>
- Most cookies are set in the HTTP dialog, where they can be
- intercepted by the <tt class="LITERAL"><a href=
- "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a></tt>
- and <tt class="LITERAL"><a href=
- "actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a></tt>
- actions. But web sites increasingly make use of HTML meta
- tags and JavaScript to sneak cookies to the browser on the
- content level.
- </p>
- <p>
- This filter disables most HTML and JavaScript code that reads
- or sets cookies. It cannot detect all clever uses of these
- types of code, so it should not be relied on as an absolute
- fix. Use it wherever you would also use the cookie crunch
- actions.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">refresh-tags</i></span>
- </dt>
- <dd>
- <p>
- Disable any refresh tags if the interval is greater than nine
- seconds (so that redirections done via refresh tags are not
- destroyed). This is useful for dial-on-demand setups, or for
- those who find this HTML feature annoying.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">unsolicited-popups</i></span>
- </dt>
- <dd>
- <p>
- This filter attempts to prevent only <span class=
- "QUOTE">"unsolicited"</span> pop-up windows from opening, yet
- still allow pop-up windows that the user has explicitly
- chosen to open. It was added in version 3.0.1, as an
- improvement over earlier such filters.
- </p>
- <p>
- Technical note: The filter works by redefining the
- window.open JavaScript function to a dummy function, <tt
- class="LITERAL">PrivoxyWindowOpen()</tt>, during the loading
- and rendering phase of each HTML page access, and restoring
- the function afterward.
- </p>
- <p>
- This is recommended only for browsers that cannot perform
- this function reliably themselves. And be aware that some
- sites require such windows in order to function normally. Use
- with caution.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">all-popups</i></span>
- </dt>
- <dd>
- <p>
- Attempt to prevent <span class="emphasis"><i class=
- "EMPHASIS">all</i></span> pop-up windows from opening. Note
- this should be used with even more discretion than the above,
- since it is more likely to break some sites that require
- pop-ups for normal usage. Use with caution.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">img-reorder</i></span>
- </dt>
- <dd>
- <p>
- This is a helper filter that has no value if used alone. It
- makes the <tt class="LITERAL">banners-by-size</tt> and <tt
- class="LITERAL">banners-by-link</tt> (see below) filters more
- effective and should be enabled together with them.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">banners-by-size</i></span>
- </dt>
- <dd>
- <p>
- This filter removes image tags purely based on what size they
- are. Fortunately for us, many ads and banner images tend to
- conform to certain standardized sizes, which makes this
- filter quite effective for ad stripping purposes.
- </p>
- <p>
- Occasionally this filter will cause false positives on images
- that are not ads, but just happen to be of one of the
- standard banner sizes.
- </p>
- <p>
- Recommended only for those who require extreme ad blocking.
- The default block rules should catch 95+% of all ads <span
- class="emphasis"><i class="EMPHASIS">without</i></span> this
- filter enabled.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">banners-by-link</i></span>
- </dt>
- <dd>
- <p>
- This is an experimental filter that attempts to kill any
- banners if their URLs seem to point to known or suspected
- click trackers. It is currently not of much value and is not
- recommended for use by default.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class="EMPHASIS">webbugs</i></span>
- </dt>
- <dd>
- <p>
- Webbugs are small, invisible images (technically 1X1 GIF
- images), that are used to track users across websites, and
- collect information on them. As an HTML page is loaded by the
- browser, an embedded image tag causes the browser to contact
- a third-party site, disclosing the tracking information
- through the requested URL and/or cookies for that third-party
- domain, without the user ever becoming aware of the
- interaction with the third-party site. HTML-ized spam also
- uses a similar technique to verify email addresses.
- </p>
- <p>
- This filter removes the HTML code that loads such <span
- class="QUOTE">"webbugs"</span>.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">tiny-textforms</i></span>
- </dt>
- <dd>
- <p>
- A rather special-purpose filter that can be used to enlarge
- textareas (those multi-line text boxes in web forms) and turn
- off hard word wrap in them. It was written for the
- sourceforge.net tracker system where such boxes are a
- nuisance, but it can be handy on other sites, too.
- </p>
- <p>
- It is not recommended to use this filter as a default.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">jumping-windows</i></span>
- </dt>
- <dd>
- <p>
- Many consider windows that move, or resize themselves to be
- abusive. This filter neutralizes the related JavaScript code.
- Note that some sites might not display or behave as intended
- when using this filter. Use with caution.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">frameset-borders</i></span>
- </dt>
- <dd>
- <p>
- Some web designers seem to assume that everyone in the world
- will view their web sites using the same browser brand and
- version, screen resolution etc, because only that assumption
- could explain why they'd use static frame sizes, yet prevent
- their frames from being resized by the user, should they be
- too small to show their whole content.
- </p>
- <p>
- This filter removes the related HTML code. It should only be
- applied to sites which need it.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">demoronizer</i></span>
- </dt>
- <dd>
- <p>
- Many Microsoft products that generate HTML use non-standard
- extensions (read: violations) of the ISO 8859-1 aka Latin-1
- character set. This can cause those HTML documents to display
- with errors on standard-compliant platforms.
- </p>
- <p>
- This filter translates the MS-only characters into Latin-1
- equivalents. It is not necessary when using MS products, and
- will cause corruption of all documents that use 8-bit
- character sets other than Latin-1. It's mostly worthwhile for
- Europeans on non-MS platforms, if weird garbage characters
- sometimes appear on some pages, or user agents that don't
- correct for this on the fly.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">shockwave-flash</i></span>
- </dt>
- <dd>
- <p>
- A filter for shockwave haters. As the name suggests, this
- filter strips code out of web pages that is used to embed
- shockwave flash objects.
- </p>
- <p>
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">quicktime-kioskmode</i></span>
- </dt>
- <dd>
- <p>
- Change HTML code that embeds Quicktime objects so that
- kioskmode, which prevents saving, is disabled.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class="EMPHASIS">fun</i></span>
- </dt>
- <dd>
- <p>
- Text replacements for subversive browsing fun. Make fun of
- your favorite Monopolist or play buzzword bingo.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">crude-parental</i></span>
- </dt>
- <dd>
- <p>
- A demonstration-only filter that shows how <span class=
- "APPLICATION">Privoxy</span> can be used to delete web
- content on a keyword basis.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">ie-exploits</i></span>
- </dt>
- <dd>
- <p>
- An experimental collection of text replacements to disable
- malicious HTML and JavaScript code that exploits known
- security holes in Internet Explorer.
- </p>
- <p>
- Presently, it only protects against Nimda and a cross-site
- scripting bug, and would need active maintenance to provide
- more substantial protection.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">site-specifics</i></span>
- </dt>
- <dd>
- <p>
- Some web sites have very specific problems, the cure for
- which doesn't apply anywhere else, or could even cause damage
- on other sites.
- </p>
- <p>
- This is a collection of such site-specific cures which should
- only be applied to the sites they were intended for, which is
- what the supplied <tt class="FILENAME">default.action</tt>
- file does. Users shouldn't need to change anything regarding
- this filter.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class="EMPHASIS">google</i></span>
- </dt>
- <dd>
- <p>
- A CSS based block for Google text ads. Also removes a width
- limitation and the toolbar advertisement.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class="EMPHASIS">yahoo</i></span>
- </dt>
- <dd>
- <p>
- Another CSS based block, this time for Yahoo text ads. And
- removes a width limitation as well.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class="EMPHASIS">msn</i></span>
- </dt>
- <dd>
- <p>
- Another CSS based block, this time for MSN text ads. And
- removes tracking URLs, as well as a width limitation.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class="EMPHASIS">blogspot</i></span>
- </dt>
- <dd>
- <p>
- Cleans up some Blogspot blogs. Read the fine print before
- using this one!
- </p>
- <p>
- This filter also intentionally removes some navigation stuff
- and sets the page width to 100%. As a result, some rounded
- <span class="QUOTE">"corners"</span> would appear to early or
- not at all and as fixing this would require a browser that
- understands background-size (CSS3), they are removed instead.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">xml-to-html</i></span>
- </dt>
- <dd>
- <p>
- Server-header filter to change the Content-Type from xml to
- html.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">html-to-xml</i></span>
- </dt>
- <dd>
- <p>
- Server-header filter to change the Content-Type from html to
- xml.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class="EMPHASIS">no-ping</i></span>
- </dt>
- <dd>
- <p>
- Removes the non-standard <tt class="LITERAL">ping</tt>
- attribute from anchor and area HTML tags.
- </p>
- </dd>
- <dt>
- <span class="emphasis"><i class=
- "EMPHASIS">hide-tor-exit-notation</i></span>
- </dt>
- <dd>
- <p>
- Client-header filter to remove the <b class="COMMAND">Tor</b>
- exit node notation found in Host and Referer headers.
- </p>
- <p>
- If <span class="APPLICATION">Privoxy</span> and <b class=
- "COMMAND">Tor</b> are chained and <span class=
- "APPLICATION">Privoxy</span> is configured to use socks4a,
- one can use <span class=
- "QUOTE">"http://www.example.org.foobar.exit/"</span> to
- access the host <span class="QUOTE">"www.example.org"</span>
- through the <b class="COMMAND">Tor</b> exit node <span class=
- "QUOTE">"foobar"</span>.
- </p>
- <p>
- As the HTTP client isn't aware of this notation, it treats
- the whole string <span class=
- "QUOTE">"www.example.org.foobar.exit"</span> as host and uses
- it for the <span class="QUOTE">"Host"</span> and <span class=
- "QUOTE">"Referer"</span> headers. From the server's point of
- view the resulting headers are invalid and can cause
- problems.
- </p>
- <p>
- An invalid <span class="QUOTE">"Referer"</span> header can
- trigger <span class="QUOTE">"hot-linking"</span> protections,
- an invalid <span class="QUOTE">"Host"</span> header will make
- it impossible for the server to find the right vhost (several
- domains hosted on the same IP address).
- </p>
- <p>
- This client-header filter removes the <span class=
- "QUOTE">"foo.exit"</span> part in those headers to prevent
- the mentioned problems. Note that it only modifies the HTTP
- headers, it doesn't make it impossible for the server to
- detect your <b class="COMMAND">Tor</b> exit node based on the
- IP address the request is coming from.
- </p>
- </dd>
- </dl>
- </div>
- </div>
- <div class="SECT2">
- <h2 class="SECT2">
- <a name="EXTERNAL-FILTER-SYNTAX">9.3. External filter syntax</a>
- </h2>
- <p>
- External filters are scripts or programs that can modify the
- content in case common <tt class="LITERAL"><a href=
- "actions-file.html#FILTER">filters</a></tt> aren't powerful enough.
- </p>
- <p>
- External filters can be written in any language the platform <span
- class="APPLICATION">Privoxy</span> runs on supports.
- </p>
- <p>
- They are controlled with the <tt class="LITERAL"><a href=
- "actions-file.html#EXTERNAL-FILTER">external-filter</a></tt> action
- and have to be defined in the <tt class="LITERAL"><a href=
- "config.html#FILTERFILE">filterfile</a></tt> first.
- </p>
- <p>
- The header looks like any other filter, but instead of pcrs jobs,
- external filters contain a single job which can be a program or a
- shell script (which may call other scripts or programs).
- </p>
- <p>
- External filters read the content from STDIN and write the
- rewritten content to STDOUT. The environment variables PRIVOXY_URL,
- PRIVOXY_PATH, PRIVOXY_HOST, PRIVOXY_ORIGIN, PRIVOXY_LISTEN_ADDRESS
- can be used to get some details about the client request.
- </p>
- <p>
- <span class="APPLICATION">Privoxy</span> will temporary store the
- content to filter in the <tt class="LITERAL"><a href=
- "config.html#TEMPORARY-DIRECTORY">temporary-directory</a></tt>.
- </p>
- <p>
- </p>
- <table border="0" bgcolor="#E0E0E0" width="100%">