X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=default.action.master;h=fef6f7b2a38afa91565ea3330df2dfb844fee80a;hp=344f6d730fb477555b8043e9b86a26aee62cf5ee;hb=89c571890a7f2ba82241d297abb5bdc462f21799;hpb=2984406c6fbef7cd91d9a343e1a66ffcff18a1a1
diff --git a/default.action.master b/default.action.master
index 344f6d73..fef6f7b2 100644
--- a/default.action.master
+++ b/default.action.master
@@ -9,9 +9,9 @@
#
# File : $Source: /cvsroot/ijbswa/current/default.action.master,v $
#
-# $Id: default.action.master,v 1.78 2007/06/13 10:26:26 hal9 Exp $
+# $Id: default.action.master,v 1.161 2009/01/14 21:50:58 fabiankeil Exp $
#
-# Requires : This version requires Privoxy v3.0.7 or later due to
+# Requires : This version requires Privoxy v3.0.11 or later due to
# syntax changes.
#
# Purpose : Default actions file, see
@@ -19,7 +19,7 @@
# This file is subject to periodic updating. Local exceptions
# and enhancements are better placed in user.action.
#
-# Copyright : Written by and Copyright (C) 2001 - 2007 the
+# Copyright : Written by and Copyright (C) 2001-2009 the
# Privoxy team. http://www.privoxy.org/
#
# Note: Updated versions of this file will be made available from time
@@ -122,7 +122,7 @@
# Additionally, there are wildcards that you can use in the domain names
# themselves. They work pretty similar to shell wildcards: "*" stands for
# zero or more arbitrary characters, "?" stands for one, and you can define
-# charachter classes in square brackets and they can be freely mixed:
+# character classes in square brackets and they can be freely mixed:
#
# ad*.example.com
# matches adserver.example.com, ads.example.com, etc but not sfads.example.com
@@ -158,7 +158,7 @@
# will match only documents whose path starts with PaTtErN in exactly this
# capitalization.
#
-# Partially case-sensetive and partially case-insensitive patterns are
+# Partially case-sensitive and partially case-insensitive patterns are
# possible, but the rules about splitting them up are extremely complex
# - see the PCRE documentation for more information.
#
@@ -168,7 +168,7 @@
#
# There are 3 kinds of actions:
#
-# Boolean (e.g. "block"):
+# Boolean (e.g. "handle-as-image"):
# +name # enable
# -name # disable
#
@@ -176,7 +176,7 @@
# +name{param} # enable and set parameter to "param"
# -name # disable
#
-# Multi-value (e.g. "add-header", "send-wafer"):
+# Multi-value (e.g. "add-header", "filter"):
# +name{param} # enable and add parameter "param"
# -name{param} # remove the parameter "param"
# -name # disable totally
@@ -198,9 +198,14 @@
# Adds the specified HTTP header, which is not checked for validity.
# You may specify this many times to specify many headers.
#
-# +block
-# Block this URL. Privoxy will ignore this URL completely, and not request
-# it.
+# +block{reason}
+# Block this URL. Instead of forwarding the request, Privoxy will
+# send a "block" page containing the specified reason.
+#
+# +change-x-forwarded-for{add}
+# +change-x-forwarded-for{block}
+# Adds or blocks the "X-Forwarded-For:" HTTP header in client
+# requests.
#
# +client-header-filter{name}
# All client headers to which this action applies are filtered on-the-fly
@@ -208,7 +213,26 @@
#
# Client-header filters predefined in the supplied default.filter include:
#
-# hide-tor-exit-notation: Removes the Tor exit node notation in Host and Referer headers
+# hide-tor-exit-notation: Removes the Tor exit node notation in Host and Referer headers.
+# privoxy-control: Removes X-Privoxy-Control headers.
+#
+# +client-header-tagger{string}
+# Tag requests based on their headers. Client headers to which this
+# action applies are filtered on-the-fly through the specified regular
+# expression based substitutions, the result is used as a tag.
+# Client-header taggers are the first actions that are executed and their
+# tags can be used to control every other action.
+#
+# Client-header taggers predefined in the supplied default.filter include:
+#
+# image-requests: Tags detected image requests as "IMAGE-REQUEST".
+# css-requests: Tags detected CSS requests as "CSS-REQUEST".
+# client-ip-address: Tags the request with the client's IP address.
+# http-method: Tags the request with its HTTP method.
+# allow-post: Tags POST requests as "ALLOWED-POST".
+# complete-url: Tags the request with the whole request URL.
+# user-agent: Tags the request with the complete User-Agent header.
+# privoxy-control: Creates tags with the content of X-Privoxy-Control headers.
#
# +content-type-overwrite
# Replaces the "Content-Type:" HTTP server header, so that unwanted
@@ -252,10 +276,10 @@
# http://some.place/some_script?http://some.where-else
#
# Sometimes, there are even multiple consecutive redirects encoded
-# in the URL. These redirections via scripts make your web browing
+# in the URL. These redirections via scripts make your web browsing
# more traceable, since the server from which you follow such a link
# can see where you go to. Apart from that, valuable bandwidth and
-# time is wasted, while your browser aks the server for one redirect
+# time is wasted, while your browser asks the server for one redirect
# after the other. Plus, it feeds the advertisers.
#
# The +fast-redirects{check-decoded-url} option enables interception of
@@ -275,43 +299,56 @@
#
# Filters predefined in the supplied default.filter include:
#
-# js-annoyances: Get rid of particularly annoying JavaScript abuse
-# js-events: Kill all JS event bindings (Radically destructive! Use only on real suckers)
-# html-annoyances: Get rid of particularly annoying HTML abuse
-# content-cookies: Kill cookies that come in the HTML or JS content
-# refresh-tags: Kill automatic refresh tags (for dial-on-demand setups)
-# unsolicited-popups: Disable only unsolicited pop-up windows
-# all-popups: Kill all popups in JavaScript and HTML
-# img-reorder: Reorder attributes in ![]()
tags to make the banners-by-* filters more effective
-# banners-by-size: Kill banners by size (very efficient!)
-# banners-by-link: Kill banners by their links to known clicktrackers
-# webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
-# tiny-textforms: Extend those tiny textareas up to 40x80 and kill the hard wrap
-# jumping-windows: Prevent windows from resizing and moving themselves
-# frameset-borders: Give frames a border
-# demoronizer: Fix MS's non-standard use of standard charsets
-# shockwave-flash: Kill embedded Shockwave Flash objects
-# quicktime-kioskmode: Make Quicktime movies saveable
-# fun: Text replacements for subversive browsing fun!
-# crude-parental: Kill all web pages that contain the words "sex" or "warez"
-# ie-exploits: Disable some known Internet Explorer bug exploits
-# site-specifics: Cure for site-specific problems. Don't apply generally!
-# google: Removes text ads and other Google specific improvements
-# yahoo: Removes text ads and other Yahoo specific improvements
-# msn: Removes text ads and other MSN specific improvements
-# blogspot: Cleans up Blogspot blogs
-# no-ping: Removes non-standard ping attributes from anchor and area tags
+# js-annoyances: Get rid of particularly annoying JavaScript abuse.
+# js-events: Kill all JS event bindings and timers (Radically destructive! Only for extra nasty sites).
+# html-annoyances: Get rid of particularly annoying HTML abuse.
+# content-cookies: Kill cookies that come in the HTML or JS content.
+# refresh-tags: Kill automatic refresh tags (for dial-on-demand setups).
+# unsolicited-popups: Disable only unsolicited pop-up windows.
+# all-popups: Kill all popups in JavaScript and HTML.
+# img-reorder: Reorder attributes in ![]()
tags to make the banners-by-* filters more effective.
+# banners-by-size: Kill banners by size.
+# banners-by-link: Kill banners by their links to known clicktrackers.
+# webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking).
+# tiny-textforms: Extend those tiny textareas up to 40x80 and kill the hard wrap.
+# jumping-windows: Prevent windows from resizing and moving themselves.
+# frameset-borders: Give frames a border and make them resizable.
+# demoronizer: Fix MS's non-standard use of standard charsets.
+# shockwave-flash: Kill embedded Shockwave Flash objects.
+# quicktime-kioskmode: Make Quicktime movies saveable.
+# fun: Text replacements for subversive browsing fun!
+# crude-parental: Crude parental filtering. Note that this filter doesn't work reliably.
+# ie-exploits: Disable some known Internet Explorer bug exploits.
+# site-specifics: Cure for site-specific problems. Don't apply generally!
+# no-ping: Removes non-standard ping attributes in and tags.
+# google: CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.
+# yahoo: CSS-based block for Yahoo text ads. Also removes a width limitation.
+# msn: CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.
+# blogspot: Cleans up some Blogspot blogs. Read the fine print before using this.
#
# +force-text-mode
# Declares a document as plain text, even if the "Content-Type:" isn't detected
# as such.
#
+# +forward-override{forward .}
+# +forward-override{forward 127.0.0.1:8123}
+# +forward-override{forward-socks4a 127.0.0.1:9050 .}
+# +forward-override{forward-socks4a 127.0.0.1:9050 proxy.example.org:8000}
+# +forward-override{forward-socks5 127.0.0.1:9050 .}
+# +forward-override{forward-socks5 127.0.0.1:9050 proxy.example.org:8000}
+# This action overrules the forward directives in the configuration file.
+#
# +handle-as-empty-document
# This action alone doesn't do anything noticeable. It just marks URLs. If
# the block action also applies, the presence or absence of this mark
# decides whether an HTML "blocked" page, or an empty document will be sent
# to the client as a substitute for the blocked content.
#
+# +handle-as-image
+# Treat this URL as an image. This only matters if it's also "+block"ed,
+# in which case a "blocked" image can be sent rather than a HTML page.
+# See +set-image-blocker{} for the control over what is actually sent.
+#
# +hide-accept-language{lang}
# +hide-accept-language{block}
# Deletes or replaces the "Accept-Language:" HTTP header in client
@@ -323,9 +360,6 @@
# servers. This can be used to prevent download menus for content you
# prefer to view inside the browser, for example.
#
-# +hide-forwarded-for-headers
-# Block any existing X-Forwarded-for header, and do not add a new one.
-#
# +hide-from-header{block}
# +hide-from-header{spam@sittingduck.xqq}
# If the browser sends a "From:" header containing your e-mail address,
@@ -360,14 +394,6 @@
# +hide-user-agent{Privoxy/1.0}
# (Don't change the version number from 1.0 - after all, why tell them?)
#
-# +handle-as-image
-# Treat this URL as an image. This only matters if it's also "+block"ed,
-# in which case a "blocked" image can be sent rather than a HTML page.
-# See +set-image-blocker{} for the control over what is actually sent.
-#
-# +inspect-jpegs
-# Scan jpeg headers for malformed comment blocks and correct them.
-#
# +limit-connect{portlist}
# The CONNECT methods exists in HTTP to allow access to secure websites
# (https:// URLs) through proxies. It works very simply: The proxy
@@ -406,9 +432,9 @@
#
# +prevent-compression
# Prevent the website from compressing the data. Some websites do
-# that, which is a problem for Privoxy, since +filter, +kill-popups
-# and +gif-deanimate will not work on compressed data. Will slow down
-# connections to those websites, though.
+# that, which is a problem for Privoxy when built without zlib support,
+# since +filter and +gif-deanimate will not work on compressed data.
+# Will slow down connections to those websites, though.
#
# +server-header-filter{name}
# All server headers to which this action applies are filtered on-the-fly
@@ -416,8 +442,24 @@
#
# Server-header filters predefined in the supplied default.filter include:
#
-# html-to-xml: Changes the Content-Type header from html to xml
-# xml-to-html: Changes the Content-Type header from xml to html
+# x-httpd-php-to-html: Changes the Content-Type header from x-httpd-php to html.
+# html-to-xml: Changes the Content-Type header from html to xml.
+# xml-to-html: Changes the Content-Type header from xml to html.
+# less-download-windows: Prevent annoying download windows for content types the browser can handle itself.
+# privoxy-control: Removes X-Privoxy-Control headers.
+#
+# +server-header-tagger{content-type}
+# Server headers to which this action applies are filtered on-the-fly
+# through the specified regular expression based substitutions, the result
+# is used as a tag. Server-header taggers are executed before all other
+# header actions that modify server headers. Their tags can be used to
+# control all of the other server-header actions, the content filters and
+# the crunch actions (redirect and block).
+#
+# Server-header taggers predefined in the supplied default.filter include:
+#
+# content-type: Tags the request with the content type declared by the server.
+# privoxy-control: Creates tags with the content of X-Privoxy-Control headers.
#
# +session-cookies-only
# If the website sets cookies, make sure they are erased when you exit
@@ -446,39 +488,12 @@
# +crunch-incoming-cookies
# Prevent the website from setting cookies
#
-# +kill-popups (deprecated)
-# Filter the website through a built-in filter to disable
-# window.open() etc. The two alternative spellings are
-# equivalent.
-#
# +redirect{}
# +redirect{}
# Convinces the browser that the requested document has been moved to
# another location and the browser should get it from the specified
# URL.
#
-# +send-vanilla-wafer
-# This action only applies if you are using a jarfile. It sends a
-# cookie to every site stating that you do not accept any copyright
-# on cookies sent to you, and asking them not to track you. Of
-# course, this is a (relatively) unique header they could use to
-# track you.
-#
-# +send-wafer{name=value}
-# This allows you to add an arbitrary cookie. Specify it multiple
-# times in order to add several cookies.
-#
-# +treat-forbidden-connects-like-blocks
-# If this action is enabled, Privoxy no longer makes a difference between
-# forbidden connects and ordinary blocks.
-#
-# By default Privoxy answers forbidden "Connect" requests with a short
-# error message inside the headers. If the browser doesn't display headers
-# (most don't), you just see an empty page. With this action enabled,
-# Privoxy displays the message that is used for ordinary blocks instead. If
-# you decide to make an exception for the page in question, you can do so
-# by following the "See why" link.
-#
#############################################################################
#############################################################################
@@ -487,7 +502,7 @@
{{settings}}
#############################################################################
#MASTER# COMMENT: The minimum Privoxy version:
-for-privoxy-version=3.0.7
+for-privoxy-version=3.0.11
#############################################################################
# Aliases
@@ -517,92 +532,94 @@ for-privoxy-version=3.0.7
+crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
-crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
allow-all-cookies = -crunch-all-cookies -session-cookies-only
- allow-popups = -filter{all-popups} -kill-popups -filter{unsolicited-popups}
-+block-as-image = +block +handle-as-image
+ allow-popups = -filter{all-popups} -filter{unsolicited-popups}
++block-as-image = +block{Blocked image request.} +handle-as-image
-block-as-image = -block
# These aliases define combinations of actions
# that are useful for certain types of sites:
#
-fragile = -block -crunch-all-cookies -filter -fast-redirects -hide-referer -kill-popups -prevent-compression
+fragile = -block -crunch-all-cookies -filter -fast-redirects -hide-referer -prevent-compression
shop = -crunch-all-cookies allow-popups
# Your favourite blend of filters:
#
myfilters = +filter{html-annoyances} +filter{js-annoyances} +filter{all-popups}\
- +filter{webbugs} +filter{nimda} +filter{banners-by-size} #+filter{fun}
+ +filter{webbugs} +filter{banners-by-size}
# Allow ads for selected useful free sites:
#
allow-ads = -block -filter{banners-by-size} -filter{banners-by-link}
-#############################################################################
-# Defaults
-#############################################################################
+################
+#
+# Cautious settings -- safe for all sites, but offer little privacy protection
+#
+{ \
++change-x-forwarded-for{block} \
++hide-from-header{block} \
++set-image-blocker{pattern} \
+}
+standard.Cautious
+
+################
+#
+# Medium settings -- safe for most sites, with reasonable protection/damage tradeoff
+#
+{ \
++change-x-forwarded-for{block} \
++deanimate-gifs{last} \
++filter{refresh-tags} \
++filter{img-reorder} \
++filter{banners-by-size} \
++filter{webbugs} \
++filter{jumping-windows} \
++filter{ie-exploits} \
++hide-from-header{block} \
++hide-referrer{conditional-block} \
++session-cookies-only \
++set-image-blocker{pattern} \
+}
+standard.Medium
+
+################
+#
+# Advanced settings -- reasonable privacy protection but
+# require some exceptions for trusted sites, most likely
+# because of cookies or SSL. Also testing ground for
+# new options.
+#
+# CAUTION: These settings can still be subverted by a
+# misconfigured client that executes code from untrusted
+# sources.
+#
{ \
--add-header \
--block \
--client-header-filter{hide-tor-exit-notation} \
--content-type-overwrite \
--crunch-client-header \
--crunch-if-none-match \
--crunch-outgoing-cookies \
--crunch-incoming-cookies \
--crunch-server-header \
--deanimate-gifs \
--downgrade-http-version \
--fast-redirects \
--filter{js-annoyances} \
--filter{js-events} \
--filter{html-annoyances} \
--filter{content-cookies} \
--filter{refresh-tags} \
--filter{unsolicited-popups} \
--filter{all-popups} \
--filter{img-reorder} \
--filter{banners-by-size} \
--filter{banners-by-link} \
--filter{webbugs} \
--filter{tiny-textforms} \
--filter{jumping-windows} \
--filter{frameset-borders} \
--filter{demoronizer} \
--filter{shockwave-flash} \
--filter{quicktime-kioskmode} \
--filter{fun} \
--filter{crude-parental} \
--filter{ie-exploits} \
--filter{site-specifics} \
--filter{google} \
--filter{yahoo} \
--filter{msn} \
--filter{blogspot} \
--filter{no-ping} \
--force-text-mode \
--handle-as-empty-document \
--handle-as-image \
--hide-accept-language \
--hide-content-disposition \
--hide-if-modified-since \
-+hide-forwarded-for-headers \
++change-x-forwarded-for{block} \
++client-header-tagger{css-requests} \
++client-header-tagger{image-requests} \
++crunch-if-none-match \
++crunch-outgoing-cookies \
++crunch-incoming-cookies \
++deanimate-gifs{last} \
++fast-redirects{check-decoded-url} \
++filter{html-annoyances} \
++filter{content-cookies} \
++filter{refresh-tags} \
++filter{img-reorder} \
++filter{banners-by-size} \
++filter{banners-by-link} \
++filter{webbugs} \
++filter{jumping-windows} \
++filter{frameset-borders} \
++filter{quicktime-kioskmode} \
++hide-if-modified-since{-60} \
+hide-from-header{block} \
--hide-referrer \
--hide-user-agent \
--inspect-jpegs \
--kill-popups \
--limit-connect \
--prevent-compression \
--overwrite-last-modified \
--redirect \
--send-vanilla-wafer \
--send-wafer \
--server-header-filter{xml-to-html} \
--server-header-filter{html-to-xml} \
--session-cookies-only \
++hide-referrer{conditional-block} \
++limit-connect{,} \
++overwrite-last-modified{randomize} \
+set-image-blocker{pattern} \
--treat-forbidden-connects-like-blocks \
}
-/ # Match all URLs
+standard.Advanced
#############################################################################
# These extensions belong to images:
@@ -620,27 +637,30 @@ allow-ads = -block -filter{banners-by-size} -filter{banners-by-link}
#############################################################################
# Generic block patterns by host:
#############################################################################
-{+block}
-#MASTER# DONT-VERIFY (generic)
+{+block{Host matches generic block pattern.}}
ad*.
.*ads.
-.ad.
-#MASTER# PROBLEM URL: http://alternativos.iw-advertising.com/
+#MASTER# REMARKS: removed .ad. 2007-12-18 HB
+#MASTER# REMARKS: Modifications per Actionsfile feedback item #1807613
+.ad.?.
+.ad.[a-ik-z][a-oq-z].
+.ad.jp.*.
+.ad.???*.
+# Blocked URL = http://alternativos.iw-advertising.com/
.*advert*.
*banner*.
count*.
*counter.
#MASTER# PROBLEM URL: http://www.newegg.com
promotions.
-#MASTER# PROBLEM URL: http://metrics.performancing.com/ 11/04/06
#MASTER# BLOCK-REFERRER: http://tech.cybernetnews.com/
+# Blocked URL = http://metrics.performancing.com/
metrics.
#############################################################################
# Generic unblockers by host:
#############################################################################
{-block}
-#MASTER# DONT-VERIFY (generic)
adsl.
ad[udmw]*.
adbl*.
@@ -650,6 +670,7 @@ adob*.
adrenaline.
adtp*.
adv[oia]*.
+adventure*.
.*road*.
.olympiad*.
.*load*.
@@ -660,15 +681,15 @@ countr*.
#############################################################################
# Generic block patterns by path:
#############################################################################
-{+block}
-#MASTER# DONT-VERIFY (generic)
+{+block{Path matches generic block pattern.}}
/(.*/)?ad(\?|/|s|v|_?(image|se?rv|box)|cycle|rotate|mentor|click|f[ra]m|script|stream|fetch|log|space)
+# Blocked URL = http://www.example.org/adimage
+# Blocked URL = http://www.example.org/adspace
/phpads(new)?/
/(.*/)?(ad|all|nn|db|promo(tion)?)?[-_]?banner
-/(.*/)?(publicite|werbung|reklaa?m|annonse|maino(kset|nta|s)?/)
+/(.*/)?(publicite|werbung|rekla(me|am)|annonse|maino(kset|nta|s)?/)
/.*(count|track|compteur|(?