-######################################################################
-#
-# File : $Source: /cvsroot/ijbswa/current/default.action,v $
-#
-# $Id: default.action,v 1.28 2002/05/14 21:29:19 oes Exp $
-#
-# Purpose : Default actions file, see
-# http://www.privoxy.org/faq/questions.html#CONFIGFILES
-#
-# Copyright : Written by and Copyright
-# Privoxy team. http://www.privoxy.org/
-#
-# Based on the Internet Junkbuster originally written
-# by and Copyright (C) 1997 Anonymous Coders and
-# Junkbusters Corporation. http://www.junkbusters.com
-#
-# We value your feedback. However, to provide you with the best support,
-# please note:
-#
-# * Use the support forum to get help:
-# http://sourceforge.net/tracker/?group_id=11118&atid=211118
-# * Submit feedback for this actions file only through our
-# actions file feedback script: http://www.privoxy.org/actions
-# * Submit bugs only through our bug forum:
-# http://sourceforge.net/tracker/?group_id=11118&atid=111118
-# Make sure that the bug has not already been submitted. Please try
-# to verify that it is a Privoxy bug, and not a browser or site
-# bug first. If you are using your own custom configuration, please
-# try the stock configs to see if the problem is a configuration
-# related bug. And if not using the latest development snapshot,
-# please try the latest one. Or even better, CVS sources.
-# * Submit feature requests only through our feature request forum:
-# http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse
-#
-# For any other issues, feel free to use the mailing lists:
-# http://sourceforge.net/mail/?group_id=11118
-#
-# Anyone interested in actively participating in development and related
-# discussions can join the appropriate mailing list here:
-# http://sourceforge.net/mail/?group_id=11118. Archives are available
-# here too.
-#
-#############################################################################
-# Syntax
-#############################################################################
-#
-# To determine which actions apply to a request, the URL of the request is
-# compared to all patterns in this file. Every time it matches, the list of
-# applicable actions for this URL is incrementally updated. You can trace
-# this process by visiting http://i.j.b/show-url-info
-#
-# There are 4 types of lines in this file: comments (like this line),
-# actions, aliases and patterns, all of which are explained below.
-#
-#############################################################################
-# Pattern Syntax
-#############################################################################
-#
-# 1. On Domains and Paths
-# -----------------------
-#
-# Generally, a pattern has the form <domain>/<path>, where both the <domain>
-# and <path> part are optional. If you only specify a domain part, the "/"
-# can be left out:
-#
-# www.example.com
-# is a domain-only pattern and will match any request to www.yahoo.com
-#
-# www.example.com/
-# means exactly the same (but is slightly less efficient)
-#
-# www.example.com/index.html
-# matches only the document /index.html on www.example.com
-#
-# /index.html
-# matches the document /index.html, regardless of the domain
-#
-# index.html
-# matches nothing, since it would be interpreted as a domain name and
-# there is no top-level domain called ".html".
-#
-# 2. Domain Syntax
-# ----------------
-#
-# The matching of the domain part offers some flexible options: If the
-# domain starts or ends with a dot, it becomes unanchored at that end:
-#
-# www.example.com
-# matches only www.example.com
-#
-# .example.com
-# matches any domain that ENDS in .example.com
-#
-# www.
-# matches any domain that STARTS with www.
-#
-# Additionally, there are wildcards that you can use in the domain names
-# themselves. They work pretty similar to shell wildcards: "*" stands for
-# zero or more arbitrary characters, "?" stands for one, and you can define
-# charachter classes in square brackets and they can be freely mixed:
-#
-# ad*.example.com
-# matches adserver.example.com, ads.example.com, etc but not sfads.example.com
-#
-# *ad*.example.com
-# matches all of the above
-#
-# .?pix.com
-# matches www.ipix.com, pictures.epix.com, a.b.c.d.e.upix.com etc
-#
-# www[1-9a-ez].example.com
-# matches www1.example.com, www4.example.com, wwwd.example.com,
-# wwwz.example.com etc, but not wwww.example.com
-#
-# You get the idea?
-#
-# 2. Path Syntax
-# --------------
-#
-# Paths are specified as regular expressions. A comprehensive discussion of
-# regular expressions wouldn't fit here, but (FIXME) someone should paste
-# a concise intro to the regex language here.
-#
-# If Privoxy was compiled with pcre support (default), Perl compatible
-# regular expressions are used. See the pcre/docs/ direcory or man perlre
-# (also available on http://www.perldoc.com/perl5.6/pod/perlre.html) for
-# details.
-#
-# Please note that matching in the path is CASE INSENSITIVE by default, but
-# you can switch to case sensitive by starting the pattern with the "(?-i)"
-# switch:
-#
-# www.example.com/(?-i)PaTtErN.*
-# will match only documents whose path starts with PaTtErN in exactly this
-# capitalization.
-#
-# Partially case-sensetive and partially case-insensitive patterns are
-# possible, but the rules about splitting them up are extremely complex
-# - see the PCRE documentation for more information.
-#
-#############################################################################
-# Action Syntax
-#############################################################################
-#
-# There are 3 kinds of action:
-#
-# Boolean (e.g. "block"):
-# +name # enable
-# -name # disable
-#
-# Parameterized (e.g. "hide-user-agent"):
-# +name{param} # enable and set parameter to "param"
-# -name # disable
-#
-# Multi-value (e.g. "add-header", "send-wafer"):
-# +name{param} # enable and add parameter "param"
-# -name{param} # remove the parameter "param"
-# -name # disable totally
-#
-# The default (if you don't specify anything in this file) is not to take
-# any actions - i.e completely disabled, so Privoxy will just be a
-# normal, non-blocking, non-anonymizing proxy. You must specifically
-# enable the privacy and blocking features you need (although the
-# provided default actions file will do that for you).
-#
-# Later actions always override earlier ones. For multi-valued actions,
-# the actions are applied in the order they are specified.
-#
-#############################################################################
-# Valid actions are:
-#############################################################################
-#
-# +add-header{Name: value}
-# Adds the specified HTTP header, which is not checked for validity.
-# You may specify this many times to specify many headers.
-#
-# +block
-# Block this URL
-#
-# +deanimate-gifs{last}
-# +deanimate-gifs{first}
-# Deanimate all animated GIF images, i.e. reduce them to their last
-# frame. This will also shrink the images considerably. (In bytes,
-# not pixels!)
-# If the option "first" is given, the first frame of the animation
-# is used as the replacement. If "last" is given, the last frame of
-# the animation is used instead, which propably makes more sense for
-# most banner animations, but also has the risk of not showing the
-# entire last frame (if it is only a delta to an earlier frame).
-#
-# +downgrade-http-version
-# Downgrade HTTP/1.1 client requests to HTTP/1.0 and downgrade the
-# responses as well. Use this action for servers that use HTTP/1.1
-# protocol features that Privoxy currently can't handle yet.
-#
-# +fast-redirects
-# Many sites, like yahoo.com, don't just link to other sites.
-# Instead, they will link to some script on their own server,
-# giving the destination as a parameter, which will then redirect
-# you to the final target.
-#
-# URLs resulting from this scheme typically look like:
-# http://some.place/some_script?http://some.where-else
-#
-# Sometimes, there are even multiple consecutive redirects encoded
-# in the URL. These redirections via scripts make your web browing
-# more traceable, since the server from which you follow such a link
-# can see where you go to. Apart from that, valuable bandwidth and
-# time is wasted, while your browser aks the server for one redirect
-# after the other. Plus, it feeds the advertisers.
-#
-# The +fast-redirects option enables interception of these requests
-# by Privoxy, who will cut off all but the last valid URL in the
-# request and send a local redirect back to your browser without
-# contacting the intermediate sites.
-#
-# +filter{name}
-# Filter the website through one or more regular expression filters.
-# Repeat for multiple filters.
-#
-# Filters predefined in the supplied re_filterfile include:
-#
-# html-annoyances: Get rid of particularly annoying HTML abuse
-# js-annoyances: Get rid of particularly annoying JavaScript abuse
-# content-cookies: Kill cookies that come in the HTML or JS content
-# popups: Kill all popups in JS and HTML
-# frameset-borders: Give frames a border
-# webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
-# refresh-tags: Kill automatic refresh tags (for dial-on-demand setups)
-# fun: Text replacements for subversive browsing fun!
-# nimda: Remove Nimda (virus) code.
-# banners-by-size: Kill banners by size (very efficient!)
-# shockwave-flash: Kill embedded Shockwave Flash objects
-# crude-parental: Kill all web pages that contain the words "sex" or "warez"
-#
-#
-# +hide-forwarded-for-headers
-# Block any existing X-Forwarded-for header, and do not add a new one.
-#
-# +hide-from-header{block}
-# +hide-from-header{spam@sittingduck.xqq}
-# If the browser sends a "From:" header containing your e-mail address,
-# either completely removes the header ("block"), or change it to the
-# specified e-mail address.
-#
-# +hide-referer{block}
-# +hide-referer{forge}
-# +hide-referer{http://nowhere.com}
-# Don't send the "Referer:" (sic) header to the web site. You can
-# block it, forge a URL to the same server as the request (which is
-# preferred because some sites will not send images otherwise) or
-# set it to a constant string.
-#
-# +hide-referrer{...}
-# Alternative spelling of +hide-referer. Has the same parameters,
-# and can be freely mixed with, "+hide-referer". ("referrer" is the
-# correct English spelling, however the HTTP specification has a
-# bug - it requires it to be spelt "referer").
-#
-# +hide-user-agent{browser-type}
-# Change the "User-Agent:" header so web servers can't tell your
-# browser type. (Breaks many web sites). Specify the user-agent
-# value you want - e.g., to pretend to be using Netscape on Linux:
-# +hide-user-agent{Mozilla (X11; I; Linux 2.0.32 i586)}
-# Or to identify yourself explicitly as a Privoxy user:
-# +hide-user-agent{Privoxy/1.0}
-# (Don't change the version number from 1.0 - after all, why tell them?)
-#
-# +handle-as-image
-# Treat this URL as an image. This only matters if it's also "+block"ed,
-# in which case a "blocked" image can be sent rather than a HTML page.
-# See +set-image-blocker{} for the control over what is actually sent.
-#
-# +set-image-blocker{blank}
-# +set-image-blocker{pattern}
-# +set-image-blocker{<URL>} with <url> being any valid image URL
-# Decides what to do with URLs that end up tagged with {+block +handle-as-image}.
-# There are 4 options:
-# * "-set-image-blocker" will send a HTML "blocked" page, usually
-# resulting in a "broken image" icon.
-# * "+set-image-blocker{blank}" will send a 1x1 transparent image
-# * "+set-image-blocker{pattern}" will send a 4x4 grey/white pattern
-# which is less intrusive than the logo but easier to recognize
-# than the transparent one.
-# * "+set-image-blocker{<URL>}" will send a HTTP temporary redirect
-# to the specified image URL.
-#
-#
-# +limit-connect{portlist}
-# The CONNECT methods exists in HTTP to allow access to secure websites
-# (https:// URLs) through proxies. It works very simply: The proxy
-# connects to the server on the specified port, and then short-circuits
-# its connections to the cliant and to the remote proxy.
-# This can be a big security hole, since CONNECT-enabled proxies can
-# be abused as TCP relays very easily.
-# By default, i.e. in the absence of a +limit-connect action, Privoxy
-# will only allow CONNECT requests to port 443, which is the standard port
-# for https.
-# If you want to allow CONNECT for more ports than that, or want to forbid
-# CONNECT altogether, you can specify a comma separated list of ports and port
-# ranges (the latter using dashes, with the minimum defaulting to 0 and max to 65K):
-#
-# +limit-connect{443} # This is the default and need no be specified.
-# +limit-connect{80,443} # Ports 80 and 443 are OK.
-# +limit-connect{-3, 7, 20-100, 500-} # Port less than 3, 7, 20 to 100, and above 500 are OK.
-#
-# +prevent-compression
-# Prevent the website from compressing the data. Some websites do
-# that, which is a problem for Privoxy, since +filter, +kill-popups
-# and +gif-deanimate will not work on compressed data. Will slow down
-# connections to those websites, though.
-#
-# +prevent-keeping-cookies
-# +session-cookies-only
-# If the website sets cookies, make sure they are erased when you exit
-# and restart your web browser. This makes profiling cookies useless,
-# but won't break sites which require cookies so that you can log in
-# or for transactions.
-#
-# +crunch-outgoing-cookies
-# Prevent the website from reading cookies
-#
-# +crunch-incoming-cookies
-# Prevent the website from setting cookies
-#
-# +kill-popups
-# Filter the website through a built-in filter to disable
-# 1;''.concat() etc. The two alternative spellings are
-# equivalent.
-#
-# +send-vanilla-wafer
-# This action only applies if you are using a jarfile. It sends a
-# cookie to every site stating that you do not accept any copyright
-# on cookies sent to you, and asking them not to track you. Of
-# course, this is a (relatively) unique header they could use to
-# track you.
-#
-# +send-wafer{name=value}
-# This allows you to add an arbitrary cookie. Specify it multiple
-# times in order to add several cookies.
-#
-#############################################################################
-
-#############################################################################
-# Settings -- Don't change.
-#############################################################################
-{{settings}}
-#############################################################################
-for-privoxy-version=3.0
-
-#############################################################################
-# Aliases
-#############################################################################
-{{alias}}
-#############################################################################
-#
-# You can define a short form for a list of permissions - e.g., instead
-# of "-crunch-incoming-cookies -crunch-outgoing-cookies -filter -fast-redirects",
-# you can just write "shop". This is called an alias.
-#
-# Currently, an alias can contain any character except space, tab, '=', '{'
-# or '}'.
-# But please use only 'a'-'z', '0'-'9', '+', and '-'.
-#
-# Alias names are not case sensitive.
-#
-# Aliases beginning with '+' or '-' may be used for system permission names
-# in future releases - so try to avoid alias names like this. (e.g.
-# "+crunch-all-cookies" below is not a good name)
-#
-# Aliases must be defined before they are used.
-#
-
-# Useful aliases
-+crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
--crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
-+imageblock = +block +handle-as-image
-
-# Fragile sites should have the minimum changes
-fragile = -block -deanimate-gifs -fast-redirects -filter -hide-referer -crunch-all-cookies -kill-popups
-
-# Shops should be allowed to set persistent cookies
-shop = -filter -crunch-all-cookies -prevent-keeping-cookies
-
-# Your favourite blend of filters:
-#
-myfilters = +filter{html-annoyances} +filter{js-annoyances} +filter{popups}\
- +filter{webbugs} +filter{nimda} +filter{banners-by-size} #+filter{fun}
-#... etc. Customize to your heart's content.
-#############################################################################
-# Defaults
-#############################################################################
-{-add-header \
- -block \
- -crunch-incoming-cookies \
- -crunch-outgoing-cookies \
- +deanimate-gifs{last} \
- -downgrade-http-version \
- -fast-redirects \
- -filter{popups} \
- -filter{fun} \
- -filter{shockwave-flash} \
- -filter{crude-prental} \
- +filter{html-annoyances} \
- +filter{js-annoyances} \
- +filter{content-cookies} \
- +filter{webbugs} \
- +filter{refresh-tags} \
- +filter{nimda} \
- +filter{banners-by-size} \
- -handle-as-image \
- +hide-forwarded-for-headers \
- +hide-from-header{block} \
- +hide-referer{forge} \
- -hide-user-agent \
- -kill-popups \
- -limit-connect \
- +prevent-compression \
- -send-vanilla-wafer \
- -send-wafer \
- +session-cookies-only \
- +set-image-blocker{pattern} \
-}
-/ # Match all URLs
-
-
-#############################################################################
-# Needed for automatic feedback evaluation; Please don't delete!
-#############################################################################
-{+add-header{X-Actions-File-Version: 1.2} -filter -kill-popups}
-.privoxy.org
-.oesterhelt.org/actions
-
-
-#############################################################################
-# These sites are very complex and require
-# minimal interference.
-#############################################################################
-{fragile}
-.office.microsoft.com
-.windowsupdate.microsoft.com
-
-#############################################################################
-# Shopping sites - still want to block ads.
-#############################################################################
-{shop}
-.quietpc.com
-.worldpay.com # for quietpc.com
-.jungle.com
-.scan.co.uk
-
-#############################################################################
-# These shops require pop-ups
-#############################################################################
-{shop -no-popups -filter{popups}}
-.dabs.com
-.overclockers.co.uk
-
-#############################################################################
-# Sometimes fast-redirects catches things by mistake
-#############################################################################
-{-fast-redirects}
-www.ukc.ac.uk/cgi-bin/wac\.cgi\?
-login.yahoo.com
-edit.europe.yahoo.com
-.google.com
-.altavista.com/.*(like|url|link):http
-.altavista.com/trans.*urltext=http
-.speedfind.de
-.nytimes.com
-
-#############################################################################
-# Don't filter code!
-#############################################################################
-{-filter}
-.cvs.sourceforge.net
-
-#############################################################################
-# These are images:
-#############################################################################
-{+handle-as-image}
-#############################################################################
-/.*\.(gif|jpe?g|png|bmp|ico)$
-
-#############################################################################
-{+imageblock}
-#############################################################################
-#BLOCK-REFERRER: http://www.cnn.com/
-#BLOCK-REFERRER: http://www.aol.com/
-ar.atwola.com
-
-#BLOCK-REFERRER: http://www.altavista.com/
-.ad.doubleclick.net
-
-.a.yimg.com/(?:(?!/i/).)*$
-.a[0-9].yimg.com/(?:(?!/i/).)*$
-
-#BLOCK-REFERRER:
-bs*.gsanet.com
-bs*.einets.com
-
-#BLOCK-REFERRER: Opera browser built-in
-.qkimg.net
-
-#BLOCK-REFERRER: http://www.tecchannel.de/index.html
-#BLOCK-REFERRER: and thousands more
-ad.*.doubleclick.net
-
-#############################################################################
-# Blocklist:
-#############################################################################
-{+block}
-#############################################################################
-#BLOCK-GENERIC:
-ad*.
-.*ads.
-banner?.
-count*.
-
-/(?:.*/)?(ads(erver?|tream)?|.*?ads|adv(ert(s|enties|is(ing|e?ments)?)?)?|(ad)?[-_]?banner(s|ads?|farm)?)/
-/.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?)
-/(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/
-
-#BLOCK-REFERRER: http://www.brooksbrothers.com
-#BLOCK-REFERRER: http://www.autodesk.com
-.hitbox.com
-
-#############################################################################
-{-block}
-#############################################################################
-include.ebay.com
-advogato.org
-adsl.
-ad[ud]*.
-advice.
-.edu
-.ac.uk
-.uni-*.de
-www.ugu.com/sui/ugu/adv
-.*downloads.
-# So many download pages being blocked
-/downloads/
-# adv for globalintersec means advanced, not advertisement
-www.globalintersec.com/adv
-# We all want weather forecast to work
-banners.wunderground.com/banner/gizmotemp/
-
-{+downgrade-http-version}
-linuxdailynews.net
-.linuxandmain.com
-.ofb.biz
-
projects / privoxy.git / commitdiff