X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=default.action.master;h=c642c7eafda994a1d6c96a0a34a9892211ba13a6;hp=802511ece877da01c9174bba81f27b21a0e70cd3;hb=aa48dc0c96a29aeb4298ee0529c8020c8a318289;hpb=7135dc52b45e35af20f591def09daf74e7993e05

diff --git a/default.action.master b/default.action.master
index 802511ec..c642c7ea 100644
--- a/default.action.master
+++ b/default.action.master
@@ -9,17 +9,19 @@
 # 
 #  File        :  $Source: /cvsroot/ijbswa/current/default.action.master,v $
 # 
-#  $Id: default.action.master,v 1.132 2008/08/02 12:43:40 fabiankeil Exp $
+#  $Id: default.action.master,v 1.163 2009/02/09 18:39:08 fabiankeil Exp $
 #
-#  Requires    :  This version requires Privoxy v3.0.9 or later due to 
+#  Requires    :  This version requires Privoxy v3.0.11 or later due to 
 #                 syntax changes.
 #
 #  Purpose     :  Default actions file, see
 #                 http://www.privoxy.org/user-manual/actions-file.html.
-#                 This file is subject to periodic updating. Local exceptions
-#                 and enhancements are better placed in user.action. 
+#                 This file is subject to periodic updating. It is
+#                 not supposed to be edited by the user. Local exceptions
+#                 and enhancements are better placed in user.action,
+#                 the match-all section has been moved to match-all.action.
 #
-#  Copyright   :  Written by and Copyright (C) 2001-2008 the
+#  Copyright   :  Written by and Copyright (C) 2001-2009 the
 #                 Privoxy team. http://www.privoxy.org/
 #
 #  Note: Updated versions of this file will be made available from time
@@ -202,6 +204,11 @@
 #    Block this URL. Instead of forwarding the request, Privoxy will
 #    send a "block" page containing the specified reason.
 #
+# +change-x-forwarded-for{add}
+# +change-x-forwarded-for{block}
+#   Adds or blocks the "X-Forwarded-For:" HTTP header in client
+#   requests.
+#
 # +client-header-filter{name}
 #    All client headers to which this action applies are filtered on-the-fly
 #    through the specified regular expression based substitutions.
@@ -312,7 +319,7 @@
 #     shockwave-flash:     Kill embedded Shockwave Flash objects.
 #     quicktime-kioskmode: Make Quicktime movies saveable.
 #     fun:                 Text replacements for subversive browsing fun!
-#     crude-parental:      Crude parental filtering. Note that this filter doesn't work reliable.
+#     crude-parental:      Crude parental filtering. Note that this filter doesn't work reliably.
 #     ie-exploits:         Disable some known Internet Explorer bug exploits.
 #     site-specifics:      Cure for site-specific problems. Don't apply generally!
 #     no-ping:             Removes non-standard ping attributes in <a> and <area> tags.
@@ -355,9 +362,6 @@
 #   servers. This can be used to prevent download menus for content you 
 #   prefer to view inside the browser, for example.
 #
-# +hide-forwarded-for-headers
-#   Block any existing X-Forwarded-for header.
-#
 # +hide-from-header{block}
 # +hide-from-header{spam@sittingduck.xqq}
 #   If the browser sends a "From:" header containing your e-mail address, 
@@ -393,22 +397,24 @@
 #    (Don't change the version number from 1.0 - after all, why tell them?)
 #
 # +limit-connect{portlist}
-#   The CONNECT methods exists in HTTP to allow access to secure websites
-#   (https:// URLs) through proxies. It works very simply: The proxy
-#   connects to the server on the specified port, and then short-circuits
-#   its connections to the client and to the remote proxy.
-#   This can be a big security hole, since CONNECT-enabled proxies can
-#   be abused as TCP relays very easily.
-#   By default, i.e. in the absence of a +limit-connect action, Privoxy
-#   will only allow CONNECT requests to port 443, which is the standard port
-#   for https.
-#   If you want to allow CONNECT for more ports than that, or want to forbid
-#   CONNECT altogether, you can specify a comma separated list of ports and port
-#   ranges (the latter using dashes, with the minimum defaulting to 0 and max to 65K):
-#
-#   +limit-connect{443} # This is the default and need no be specified.
-#   +limit-connect{80,443} # Ports 80 and 443 are OK.
-#   +limit-connect{-3, 7, 20-100, 500-} # Port less than 3, 7, 20 to 100, and above 500 are OK.
+#
+#    By default, i.e. if no limit-connect action applies, Privoxy
+#    allows HTTP CONNECT requests to all ports. Use limit-connect
+#    if fine-grained control is desired for some or all destinations.
+#    The CONNECT methods exists in HTTP to allow access to secure websites
+#    ("https://" URLs) through proxies. It works very simply: the proxy
+#    connects to the server on the specified port, and then short-circuits
+#    its connections to the client and to the remote server. This means
+#    CONNECT-enabled proxies can be used as TCP relays very easily. Privoxy
+#    relays HTTPS traffic without seeing the decoded content. Websites can
+#    leverage this limitation to circumvent Privoxy's filters. By specifying
+#    an invalid port range you can disable HTTPS entirely. 
+#
+#    +limit-connect{443}                   # Only port 443 is OK.
+#    +limit-connect{80,443}                # Ports 80 and 443 are OK.
+#    +limit-connect{-3, 7, 20-100, 500-}   # Ports less than 3, 7, 20 to 100 and above 500 are OK.
+#    +limit-connect{-}                     # All ports are OK
+#    +limit-connect{,}                     # No HTTPS/SSL traffic is allowed
 #
 # +overwrite-last-modified{block}
 # +overwrite-last-modified{reset-to-request-time}
@@ -430,7 +436,7 @@
 #  
 # +prevent-compression
 #    Prevent the website from compressing the data. Some websites do
-#    that, which is a problem for Privoxy when build without zlib support,
+#    that, which is a problem for Privoxy when built without zlib support,
 #    since +filter and +gif-deanimate will not work on compressed data.
 #    Will slow down connections to those websites, though.
 #
@@ -500,7 +506,7 @@
 {{settings}}
 #############################################################################
 #MASTER# COMMENT: The minimum Privoxy version:
-for-privoxy-version=3.0.9
+for-privoxy-version=3.0.11
 
 #############################################################################
 # Aliases
@@ -549,15 +555,75 @@ myfilters   = +filter{html-annoyances} +filter{js-annoyances} +filter{all-popups
 #
 allow-ads   = -block -filter{banners-by-size} -filter{banners-by-link}
 
-#############################################################################
-# Defaults
-#############################################################################
+################
+#
+# Cautious settings -- safe for all sites, but offer little privacy protection
+#
 { \
-+hide-forwarded-for-headers \
++change-x-forwarded-for{block} \
 +hide-from-header{block} \
 +set-image-blocker{pattern} \
 }
-/ # Match all URLs
+standard.Cautious
+
+################
+#
+# Medium settings -- safe for most sites, with reasonable protection/damage tradeoff
+#
+{ \
++change-x-forwarded-for{block} \
++deanimate-gifs{last} \
++filter{refresh-tags} \
++filter{img-reorder} \
++filter{banners-by-size} \
++filter{webbugs} \
++filter{jumping-windows} \
++filter{ie-exploits} \
++hide-from-header{block} \
++hide-referrer{conditional-block} \
++session-cookies-only \
++set-image-blocker{pattern} \
+}
+standard.Medium
+
+################
+#
+# Advanced settings -- reasonable privacy protection but
+# require some exceptions for trusted sites, most likely
+# because of cookies or SSL. Also testing ground for
+# new options.
+#
+# CAUTION: These settings can still be subverted by a
+# misconfigured client that executes code from untrusted
+# sources.
+#
+{ \
++change-x-forwarded-for{block} \
++client-header-tagger{css-requests} \
++client-header-tagger{image-requests} \
++crunch-if-none-match \
++crunch-outgoing-cookies \
++crunch-incoming-cookies \
++deanimate-gifs{last} \
++fast-redirects{check-decoded-url} \
++filter{html-annoyances} \
++filter{content-cookies} \
++filter{refresh-tags} \
++filter{img-reorder} \
++filter{banners-by-size} \
++filter{banners-by-link} \
++filter{webbugs} \
++filter{jumping-windows} \
++filter{frameset-borders} \
++filter{quicktime-kioskmode} \
++hide-if-modified-since{-60} \
++hide-from-header{block} \
++hide-referrer{conditional-block} \
++limit-connect{,} \
++overwrite-last-modified{randomize} \
++set-image-blocker{pattern} \
+}
+standard.Advanced
 
 #############################################################################
 # These extensions belong to images:
@@ -576,7 +642,6 @@ allow-ads   = -block -filter{banners-by-size} -filter{banners-by-link}
 # Generic block patterns by host:
 #############################################################################
 {+block{Host matches generic block pattern.}}
-#MASTER# DONT-VERIFY (generic)
 ad*.
 .*ads.
 #MASTER# REMARKS: removed .ad. 2007-12-18 HB
@@ -600,7 +665,6 @@ metrics.
 # Generic unblockers by host:
 #############################################################################
 {-block}
-#MASTER# DONT-VERIFY (generic)
 adsl.
 ad[udmw]*.
 adbl*.
@@ -610,7 +674,6 @@ adob*.
 adrenaline.
 adtp*.
 adv[oia]*.
-#MASTER# REMARKS: Added 2008-02-08 HB
 adventure*.
 .*road*.
 .olympiad*.
@@ -623,16 +686,14 @@ countr*.
 # Generic block patterns by path:
 #############################################################################
 {+block{Path matches generic block pattern.}}
-#MASTER# DONT-VERIFY (generic)
 /(.*/)?ad(\?|/|s|v|_?(image|se?rv|box)|cycle|rotate|mentor|click|f[ra]m|script|stream|fetch|log|space)
 # Blocked URL = http://www.example.org/adimage
 # Blocked URL = http://www.example.org/adspace
 /phpads(new)?/
 /(.*/)?(ad|all|nn|db|promo(tion)?)?[-_]?banner
-/(.*/)?(publicite|werbung|reklaa?m|annonse|maino(kset|nta|s)?/)
+/(.*/)?(publicite|werbung|rekla(me|am)|annonse|maino(kset|nta|s)?/)
 /.*(count|track|compteur|(?<!relo)adframe|adse?rve?|banner)(er|run)?(\?|\.(pl|cgi|exe|dll|asp|php|cpt))
 /(.*/)?clicktrack
-#MASTER# REMARKS: Added 12/28/06 per Adam Piggott
 /(.*/)?(full)?pop[-_]?(up|over|under|open(er)?)?s?(/|\.)
 /(.*/)?((flash)?pop|live(cnt|count(er)?)).*\.(js|php|cgi)
 
@@ -641,7 +702,6 @@ countr*.
 #############################################################################
 {-block}
 # Sticky Actions = -block
-#MASTER# DONT-VERIFY (generic)
 /.*ad(sl|v(i[cs]|o|an|ertencia|ent|.*search|erse)) # advice/advisories/advan*/advertencia (spanish) adverse
 /.*(lo|thre|he|d|gr|l|ro|re|squ|class(ified)?)ads
 /.*account
@@ -655,7 +715,6 @@ support./(.*/)?track
 .uni-*.de
 .tu-*.de
 .gov
-#MASTER# REMARKS: 09/18/06 Tracker request
 .hs-*.de 
 .fh-*.de
 #MASTER# REMARKS: Try to avoid harmless names in non-commercial organizations. Added 10/24/06
@@ -679,6 +738,15 @@ support./(.*/)?track
 #############################################################################
 # Site-specific block patterns;
 #############################################################################
+{+block{Domain parking site}}
+#MASTER# BLOCK-REFERRER: http://www.inetcat.org
+# Blocked URL = http://www.sedoparking.com/www.inetcat.org
+.sedoparking.com/
+# Blocked URL = http://landing.trafficz.com/index.php?domain=www.inetcat.org
+landing.trafficz.com/
+# Blocked URL = http://www.searchnut.com/?domain=www.inetcat.org
+.searchnut.com/\?domain
+
 {+block{Site-specific block pattern matches.}}
 #MASTER# BLOCK-REFERRER: http://www.brooksbrothers.com/ 10/18/06
 #MASTER# BLOCK-REFERRER: http://www.autodesk.com/
@@ -817,6 +885,11 @@ static.lycos-europe.net
 #MASTER# BLOCK-REFERRER: http://hitta.se
 # Blocked URL = http://82.99.18.195/media.1/112/9460/146016/150x175_Hitta_FV_Feb08.gif
 82.99.18.195
+#MASTER# REMARKS: Actionsfile feedback item #1888197  2008-02-06
+#MASTER# REMARKS: Have a "go there anyway" link for clk.atdmt.com
+#MASTER# BLOCK-REFERRER: http://www.networkworld.com/resourcelibrary/?tid=4&type=special%20report
+# Blocked URL = http://clk.atdmt.com/
+.atdmt.com/
 
 #----------------------------------------------------------------------------
 # Misc Web-bugs, JS and just plain Junk. Images here aren't normal images.
@@ -997,15 +1070,15 @@ bwp.
 #.yimg.com/a/.*/flash/
 #MASTER# REMARKS: The above replaced with below. Actions file tracker #1645616 2007-01-27
 .yimg.com/.*\.yimg\.com/a/
-#MASTER# DONT-VERIFY
 bs*.gsanet.com
 bs*.einets.com
-#MASTER# DONT-VERIFY 
 .qkimg.net
 #MASTER# BLOCK-REFERRER: http://salon.com/ 10/19/06
 #MASTER# BLOCK-REFERRER: http://maps.yahoo.com/
 #MASTER# REMARKS: Banner farms; just exclude their corp. info
-[a-vx-z]*.atdmt.com/
+#MASTER# REMARKS: and have a "go there anyway" link for clk.atdmt.com
+#MASTER# REMARKS:   (Actionsfile feedback item #1888197)
+[abd-vx-z]*.atdmt.com/
 #MASTER# BLOCK-REFERRER: http://www.exactaudiocopy.de/ 09/11/06
 #MASTER# BLOCK-REFERRER: http://stanford.facebook.com/home.php 
 # URL = http://www.fastclick.net/
@@ -1035,7 +1108,6 @@ a.tribalfusion.com/
 www.smartadserver.com/
 #MASTER# BLOCK-REFERRER: http://www.chez.tiscali.fr/ 10/07/06
 admedia.
-#MASTER# DONT-VERIFY
 #MASTER# REMARKS: Bannerfarm used by Morpheus file sharing software
 jmcms.cydoor.com/
 #MASTER# BLOCK-REFERRER: http://www.tech-report.com/etc/2003q2/3dmurk03/index.x?pg=7
@@ -1109,6 +1181,9 @@ img.directtrack.com
 #MASTER# BLOCK-REFERRER: http://www.thinkbroadband.com/news/3621-complaint-about-orange-broadband-advertising-upheld.html
 # URL = http://eas.apm.emediate.eu/media.5/1/1228/19193/ACT1215_120x600_v3.gif
 .emediate.eu/
+# URL = http://feedads.googleadservices.com/~a/dPlpGU767u4D4kVO8EGuUlnf1Q0/i
+# URL = http://feedads.googleadservices.com/~at/EpX-FnAXxwdaBSq-GRze37-rG0M/i
+.googleadservices.com/~
 
 #----------------------------------------------------------------------------
 # Cross-site user tracking
@@ -1193,9 +1268,14 @@ rss.slashdot.org/~r/Slashdot/slashdot/~4/
 # Blocked URL = http://feeds.feedburner.com/~r/PCLoadLetter/~4/270448381
 #MASTER# REMAKRKS: This seem to be a common pattern for web bugs in feedburner feeds.
 feeds.feedburner.com/~r/.*/~4/
+# Blocked URL = http://feedproxy.google.com/~r/DilbertDailyStrip/~4/y_kXD1z1HO0
+feedproxy.google.com/~r/.*/~4/
 # Blocked URL = http://feeds.feedburner.com/~a/DilbertDailyStrip?a=Ebzxel
 #MASTER# REMAKRKS: This looks like a pattern as well, maybe we should block feeds.feedburner.com/~a/ here.
 feeds.feedburner.com/~a/DilbertDailyStrip\?
+#MASTER# BLOCK-REFERER: http://www.buch.de/
+# URL = http://track.webtrekk.de/471497967328727/wt.pl?p=177,de.buch.show.home,1,1024x768,24,1,1218816426275,0,884x653,0&enc1=%FC&enc2=iso-8859-1&st=view&la=en-US&np=Default%20Plugi
+track.webtrekk.de/
 
 #----------------------------------------------------------------------------
 # Specific counters (see above for generic patterns)
@@ -1216,7 +1296,6 @@ bilbo.counted.com/
 #MASTER# BLOCK-REFERRER: http://www.travelocity.com/Vacations/0,,TRAVELOCITY||Y,00.html?HPTRACK=mpc_vac
 #MASTER# BLOCK-REFERRER: http://dest.travelocity.com/DestGuides/geo_frontdoor/0,,TRAVELOCITY,00.html?HPTRACK=icon_dest 10/07/06
 .travelocity./Sponsor_gifs/
-#MASTER# DONT-VERIFY
 #MASTER# REMARKS: Referenced from HTML-Emails (not checked 10/08/06)
 # URL = http://foo.weather.com/creatives/
 # URL = http://bar.weather.com/web/services/email/
@@ -1304,7 +1383,6 @@ adela.karlin.mff.cuni.cz
 # URL = http://www.privoxy.org/actions/index.php
 .privoxy.org
 #MASTER# UNBLOCK-REFERRER: http://sourceforge.net/help/tracker.php
-# URL = http://www.brawnylads.com/
 sourceforge.net/.*tracker
 #MASTER# UNBLOCK-REFERRER: http://www.brawnylads.com/
 # URL = http://www.brawnylads.com/
@@ -1460,6 +1538,9 @@ switch.atdmt.com/action/
 .wikimedia.org/
 # URL = http://en.wikipedia.org/wiki/Advertisement
 .wikipedia.org/
+#MASTER# REMARKS Actionsfile feedback item #2299717 2008-11-16
+# URL = http://en.wiktionary.org/wiki/advertisement
+.wiktionary.org/
 # URL = http://curl.haxx.se/docs/adv_20070710.html
 .haxx.se/docs/adv_
 # URL = http://www.google.com/adsense/
@@ -1469,10 +1550,47 @@ www.google.com/adsense/
 .encyclopediadramatica.com/
 #MASTER# UNBLOCK-REFERRER: http://lifehacker.com 2008-04-18 HB
 # URL = tags.gawker.com/assets/minify.php?files=/assets/base.v6/css/global.css,/assets/base.v6/css/header.css,/assets/base.v6/css/sidebar.css,/assets/base.v6/css/content.css,/assets/base.v6/css/images.css,/assets/base.v6/css/ads.css,/assets/base.v6/css/community.css,/assets/base.v6/css/comments.css,/assets/base.v6/css/messages.css,/assets/base.v6/css/ui.css
-crunch
-tags.gawker.com/.*css
+tags.gawker.com/.*css$
 # URL = http://cgi.tnt.co.uk/TrackNTrace/quicktrack.asp
 .tnt.co.uk/TrackNTrace/
+#MASTER# UNBLOCK-REFERRER: http://www.supermediastore.com/trackorder.html
+# URL = http://secure.howtoburndvd.net/ups/track.php
+/ups/track\.php
+#MASTER# REMARKS: Actionsfile feedback item #1886140  2008-02-04
+#MASTER# UNBLOCK-REFERRER: http://idonthateyouall.imeem.com/video/8zH0_f9i/kiley_rilo_pull_me_in_tighter_art_video/
+# URL = http://ad.doubleclick.net/crossdomain.xml
+ad.doubleclick.net/crossdomain\.xml
+#MASTER# REMARKS: Actionsfile feedback item #2021509  2008-07-18
+#MASTER# REMARKS: Allow realplayer site help popup windows
+#MASTER# UNBLOCK-REFERRER: http://real.custhelp.com/cgi-bin/real.cfg/php/enduser/std_adp.php?p_faqid=4512
+# URL = http://real.custhelp.com/cgi-bin/real.cfg/php/enduser/popup_adp.php
+real.custhelp.com/cgi-bin/real\.cfg/php/enduser/popup_adp\.php
+# URL = http://fritz.fonwlan.box/cgi-bin/webcm?getpage=../html/de/help/popup.html&var:lang=de&var:pagename=hilfe_syslog&var:anker=24
+fritz.fonwlan.box/
+# URL = http://fritz.box/cgi-bin/webcm?getpage=../html/de/help/popup.html&var:lang=de&var:pagename=hilfe_syslog&var:anker=24
+fritz.box/
+#MASTER# REMARKS: Actionsfile feedback item #2043327 2008-08-08
+# URL = http://kb.adobe.com/selfservice/viewContent.do?externalId=kb402747&sliceId=1
+.adobe.com
+# URL = http://qa.debian.org/popcon.php
+qa.debian.org/popcon\.php
+#MASTER# REMARKS: Support Requests item #2432535 2008-12-16
+# URL = http://www.mta.info/bandt/traffic/advmain.htm
+.mta.info/.*advmain.htm$
+#MASTER# REMARKS: We also use this as a light character class test, therefore the additional URL directives.
+# URL = http://www.proaurum.de/bannerA2/image/pro_master_r3_01_04.gif
+# URL = http://www.proaurum.de/bannerA1/image/limitorder2.gif
+# URL = http://www.proaurum.de/bannerA3/image/pro_master_r5_banken_01_01+.gif
+# URL = http://www.proaurum.de/bannerB2/image/pro_banner_mitte.gif
+# URL = http://www.proaurum.de/bannerB1_/image/pro_banner_links.gif
+# URL = http://www.proaurum.de/bannerC1/image/partner1.png
+.proaurum.de/banner[ABC]\d_?/
+# URL = http://www.goldmoney.com/en/images/home/banner_r4_c1.gif
+.goldmoney.com/
+#MASTER# REMARKS: Actionsfile feedback item #2017126  2008-07-13
+#MASTER# REMARKS: The dutch newspaper site of Algemeen Dagblad (http://www.ad.nl) is blocked
+# URL = http://www.ad.nl/
+.ad.nl/
 
 #############################################################################
 # Site-specific special rules:
@@ -1640,6 +1758,12 @@ view.samurajdata.se/ps\.php\?url=
 #MASTER# REMARKS: While this is a redirect, the token isn't part of the URL redirected to.
 # URL = http://www.amazon.com/gp/redirect.html/ref=cm_plog_item_link/105-3659773-0844420?ie=UTF8&location=http%3A%2F%2Fjoltawards.com%2F2007%2F&token=A07736D870C02EF10CB13BCC8A33C302F689BBBA
 .amazon.com/gp/redirect.html/.*location.*&token
+# URL = http://en.groundspring.org/EmailNow/pub.php?module=WebSignup&cmd=thankyou&gotoUrl=http%3A%2F%2Fwww.freebsdfoundation.org&gotoText=Return+to+Home+Page&listNames=The+FreeBSD+Foundation+Mailing+List
+.groundspring.org/
+# URL = http://www1.landsend.de/pp/undefined/images/error.gif?onerr=true&ts=1227969386837&file=http%3A//s7.landsend.com/is-viewers/dhtml/include/sj_textloader.js%3Fver%3Dle.1&line=0&msg=Script%20error.&sid=
+.landsend.de/
+# URL = http://www.youtube.com/swf/l.swf?swf=http%3A//s.ytimg.com/yt/swf/cps-vfl68942.swf&video_id=2cpd6rHIfyA&rel=1&showsearch=1&eurl=&iurl=http%3A//i3.ytimg.com/vi/2cpd6rHIfyA/hqdefault.jpg&sk=5E3I2RCcOLknk1qyI_JgVVnb8FKwgpHzC&use_get_video_info=1&load_modules=1&fs=1&hl=en
+.youtube.com/swf/.*swf=
 
 #----------------------------------------------------------------------------
 # No filtering for sourcecode or other automatically parsed content
@@ -1663,7 +1787,6 @@ liveupdate.symantecliveupdate.com
 .bookmarklets.com
 # URL = http://www.squarefree.com/bookmarklets/
 .squarefree.com/bookmarklets/
-#MASTER# DONT-VERIFY
 #MASTER# REMARKS: Used by Mac OSX's automatic software update feature
 swquery.apple.com
 swscan.apple.com
@@ -1682,6 +1805,9 @@ webmail.
 .wiki*.
 .*wiki.
 /.*wiki/
+#MASTER# REMARKS Actionsfile feedback item #2299717 2008-11-16
+# URL = http://en.wiktionary.org/
+.wiktionary.org/
 #MASTER# REMARKS: protect some google projects from accidental JS/HTML tampering, etc
 maps.google.
 .google.com/(calendar|reader)
@@ -1776,6 +1902,12 @@ javabog.dk/ijk/
 .encyclopediadramatica.com/
 # URL = http://www.ikea.com/us/en/catalog/products/00103102
 .ikea.com/
+# URL = http://www.froscon.de/en/projects.html
+.froscon.de/
+# URL = http://www.fsfe.org/en/supporters
+.fsfe.org/
+# URL = http://www.couchsurfing.com/mapsurf.html
+.couchsurfing.com/
 
 {-filter{banners-by-link}}
 # Sticky Actions = -filter{banners-by-link}
@@ -1824,6 +1956,8 @@ schneegans.de/sv/\?url=referer
 .teamquest.com/gifs/gunther/
 #MASTER# REMARKS: 09/12/06 Art site, and ad-free
 .rubberslug.com
+#MASTER# REMARKS: Actionsfile feedback item #2040467, allow animated gifs from wikipedia.org
+.wikipedia.org/
 
 #----------------------------------------------------------------------------
 # The "site-specifics" filter has special cures for problems found here:
@@ -1871,8 +2005,8 @@ schneegans.de/sv/\?url=referer
 
 #{+filter{img-reorder} +filter{banners-by-link}}
 #MASTER# REMARKS: Temporarily decommissioning 10/15/06. Violates Cautious no filter policy. HB
-##MASTER# PROBLEM-URL: http://www.dn.se/
-##MASTER# REMARKS: Can't catch by size or location
+#MASTER# PROBLEM-URL: http://www.dn.se/
+#MASTER# REMARKS: Can't catch by size or location
 #www.dn.se
 
 {-filter{img-reorder}}
@@ -1900,7 +2034,6 @@ blogs.msdn.com
 
 {-filter{unsolicited-popups}}
 # Sticky Actions = -filter{unsolicited-popups}
-#MASTER# DONT-VERIFY
 #MASTER# REMARKS: Breaks Movable Type's admin interface (http://www.movabletype.org/)
 /.*mt.cgi$
 #MASTER# REMARKS: Exclude per Debian bug report #377843 09/17/06