From c712c70742c2ce36087a11c0a4d5909668011921 Mon Sep 17 00:00:00 2001 From: oes Date: Thu, 5 Sep 2002 14:55:38 +0000 Subject: [PATCH] Synced with the stable branch: Revision 1.11.2.6 2002/08/23 14:12:26 oes Proofed frameset-borders against "fremaborder=0 border=0" Revision 1.11.2.5 2002/08/22 15:05:20 oes Added Filter to make Quicktime movies saveable (thanks to aaron@linville.org for the idea) Revision 1.11.2.4 2002/08/10 11:32:29 oes Attribute values in replacement tags of banners-by-size filter now undelimited. (Fixes bug #592493) Revision 1.11.2.3 2002/08/05 11:43:56 oes Fixed a bug in the popups filter that was introduced with the last fix :-( Revision 1.11.2.2 2002/08/01 11:20:13 oes Fixed bugs 587802, 577802 and an unreported one Revision 1.11.2.1 2002/07/26 15:18:26 oes - All filters reviewed and many shorcomings fixed - New filters: img-reorder, banners-by-link and js-events - Jobs reorderd because they are now executed in order of appearance --- default.filter | 245 ++++++++++++++++++++++++++++++++++--------------- 1 file changed, 172 insertions(+), 73 deletions(-) diff --git a/default.filter b/default.filter index 485033a2..aca47836 100644 --- a/default.filter +++ b/default.filter @@ -1,8 +1,8 @@ # ******************************************************************** # -# File : $Source: /cvsroot/ijbswa/current/default.filter,v $ +# File : $Source: /cvsroot/ijbswa//current/default.filter,v $ # -# $Id: default.filter,v 1.10 2002/04/18 10:14:19 oes Exp $ +# $Id: default.filter,v 1.11.2.6 2002/08/23 14:12:26 oes Exp $ # # Purpose : Rules to process the content of web pages # @@ -62,43 +62,70 @@ ################################################################################# # -# html-annoyances: Get rid of particularly annoying HTML abuse +# js-annoyances: Get rid of particularly annoying JavaScript abuse # ################################################################################# -FILTER: html-annoyances Get rid of particularly annoying HTML abuse +FILTER: js-annoyances Get rid of particularly annoying JavaScript abuse -# New browser windows (if allowed -- see no-popups filter below) should be -# resizeable and have a location and status bar +# Note: Most of these jobs would be safer if restricted to a +# )|$1never|sigU + +# If we allow window.open, we want normal window features: +# Test: http://www.htmlgoodies.com/beyond/notitle.html # -################################################################################# -FILTER: js-annoyances Get rid of particularly annoying JavaScript abuse +s/(open\s*\([^\)]+resizable=)(["']?)(?:no|0)\2/$1$2yes$2/sigU +s/(open\s*\([^\)]+location=)(["']?)(?:no|0)\2/$1$2yes$2/sigU +s/(open\s*\([^\)]+status=)(["']?)(?:no|0)\2/$1$2yes$2/sigU +s/(open\s*\([^\)]+scroll(?:ing|bars)=)(["']?)(?:no|0)\2/$1$2auto$2/sigU +s/(open\s*\([^\)]+menubar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU +s/(open\s*\([^\)]+toolbar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU +s/(open\s*\([^\)]+directories=)(["']?)(?:no|0)\2/$1$2yes$2/sigU +s/(open\s*\([^\)]+fullscreen=)(["']?)(?:yes|1)\2/$1$2no$2/sigU +s/(open\s*\([^\)]+always(?:raised|lowered)=)(["']?)(?:yes|1)\2/$1$2no$2/sigU +s/(open\s*\([^\)]+zlock=)(["']?)(?:yes|1)\2/$1$2no$2/sigU +s/(open\s*\([^\)]+hotkeys=)(["']?)(?:yes|1)\2/$1$2no$2/sigU +s/(open\s*\([^\)]+titlebar=)(["']?)(?:yes|1)\2/$1$2yes$2/sigU -# Get rid of Javascript referrer tracking. Test page: http://www.randomoddness.com/untitled.htm + +################################################################################# +# +# html-annoyances: Get rid of particularly annoying HTML abuse # -s|()|$1"Not Your Business!"$2|Usg +################################################################################# +FILTER: html-annoyances Get rid of particularly annoying HTML abuse -# The status bar is for displaying link targets, not pointless blahblah +# New browser windows (if allowed -- see no-popups filter below) should be +# resizeable and have a location and status bar # -s/window.status\s*=\s*['"].*?['"]/dUmMy=1/ig +s/(]+resizable=)(['"]?)(?:no|0)\2/$1$2yes$2/igU +s/(]+location=)(['"]?)(?:no|0)\2/$1$2yes$2/igU +s/(]+status=)(['"]?)(?:no|0)\2/$1$2yes1$2/igU +s/(]+scrolling=)(['"]?)(?:no|0)\2/$1$2auto$2/igU +s/(]+menubar=)(['"]?)(?:no|0)\2/$1$2yes$2/igU -# Kill OnUnload popups. Yummy. Test: http://www.zdnet.com/zdsubs/yahoo/tree/yfs.html +# The tag was a crime! # -s/()/$1never$2/iU +s*|**ig ################################################################################# @@ -110,11 +137,21 @@ FILTER: content-cookies Kill cookies that come in the HTML or JS content # JS cookies, like found on privacy.net: # -s|(document\.cookie)([ \t\r\n]*=)|documenZapCooky$2|g +s|document\.cookie(?=[ \t\r\n]*=)|ZappedCookie|ig # HTML cookies: # -s|].*>||iUT +s|||igU + + +################################################################################# +# +# webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking) +# +################################################################################# +FILTER: webbugs Squish WebBugs (1x1 invisible GIFs used for user tracking) + +s/]*(?:width|height)\s*=\s*['"]?1(?=\D)[^>]*(?:width|height)\s*=\s*['"]?1(?=\D)[^>]*?>//siUg ################################################################################## @@ -124,9 +161,8 @@ s|].*>|/siUg +# Note: Only deactivates refreshes with more than 9 seconds delay to +# preserve monster-stupid but common redirections via meta tags. +# +s/\2]*))?\2\s*>//iU ################################################################################# # -# refresh-tags: Kill automatic refresh tags (for dial-on-demand setups) +# img-reorder: Reorder attributes in tags to make the banners-by-* filters more effective # ################################################################################# -FILTER: refresh-tags Kill automatic refresh tags (for dial-on-demand setups) +FILTER: img-reorder Reorder attributes in tags to make the banners-by-* filters more effective + +# In the first step src is moved to the start, then width is moved to the second +# place to guarantee an order of src, width, height. +# This makes banners-by-size more effective and allows both banners-by-size +# and banners-by-link to preserve the original image URL in the alt attribute. -s/]*)['"]?>//iU -s/].*>//iU +s|]*)src\s*=\s*(['"])([^>\\\2]+)\2(.*)>||siUg +s|]*)src\s*=\s*([^'">\\\s]+?)([^\\>]*)>||siUg +s|]*)width\s*=\s*?(["']?)(\d+?)\3(.*)>||siUg + + +################################################################################# +# +# banners-by-size: Kill banners by size +# +################################################################################# +# +# Standard banner sizes taken from http://www.iab.net/iab_banner_standards/bannersizes.html +# +# Note: Use http://config.privoxy.org/send-banner?type=trans for a transparent 1x1 image +# Use http://config.privoxy.org/send-banner?type=pattern for a grey/white pattern image +# Use http://config.privoxy.org/send-banner?type=auto to auto-select. +# +################################################################################# +FILTER: banners-by-size Kill banners by size + +# 88*31 +s@]*(width=(['"]?)88\3)[^>]*(height=(['"]?)31\5)[^>]*>@Killed-$1-by-size@sigU +# 120*60, 120*90, 120*240, 120*600 +s@]*(width=(['"]?)120\3)[^>]*(height=(['"]?)(?:600?|90|240)\5)[^>]*>@Killed-$1-by-size@sigU +# 125*125 +s@]*(width=(['"]?)125\3)[^>]*(height=(['"]?)125\5)[^>]*>@Killed-$1-by-size@sigU +# 160*600 +s@]*(width=(['"]?)160\3)[^>]*(height=(['"]?)600\5)[^>]*>@Killed-$1-by-size@sigU +# 180*150 +s@]*(width=(['"]?)180\3)[^>]*(height=(['"]?)150\5)[^>]*>@Killed-$1-by-size@sigU +# 234*60, 468*60 (Most Banners!) +s@]*(width=(['"]?)(?:234|468)\3)[^>]*(height=(['"]?)60\5)[^>]*>@Killed-$1-by-size@sigU +# 240*400 +s@]*(width=(['"]?)240\3)[^>]*(height=(['"]?)400\5)[^>]*>@Killed-$1-by-size@sigU +# 250*250, 300*250 +s@]*(width=(['"]?)(?:250|300)\3)[^>]*(height=(['"]?)250\5)[^>]*>@Killed-$1-by-size@sigU +# 336*280 +s@]*(width=(['"]?)336\3)[^>]*(height=(['"]?)280\5)[^>]*>@Killed-$1-by-size@sigU + +# Note: 200*50 was also proposed, but it probably causes too much collateral damage: +# +#s@]*(width=(['"]?)200\3)[^>]*(height=(['"]?)50\5)[^>]*>@Killed-$1-by-size@sigU + + +################################################################################# +# +# banners-by-link: Kill banners by their links to known clicktrackers +# +################################################################################# +FILTER: banners-by-link Kill banners by their links to known clicktrackers + +# Common case with width and height attributes: +# +s@\1]*(?:\ + adclick # See www.dn.se \ +| atwola\.com/(?:link|redir) # see www.cnn.com \ +| /jump/ # redirs for doublecklick.net ads \ +| tracker | counter # common \ +| adlog\.pl # see sf.net \ +)[^>\1]*)\1[^>]*>\s*]*((?:width|height)\s*=\s*(['"]?)\d+?\5)[^>]*((?:width|height)\s*=\s*(['"]?)\d+?\7)[^>]*>\ +@Killed $3 by hwlink to $2@siUgx + +# Rare case w/o explicit dimensions: +# +s@\1]*(?:adclick|atwola\.com/(?:link|redir)|doubleclick\.net/jump)[^>\1]*)\1[^>]*>\s*]*>@Killed $3 by link to $2@siUg ################################################################################# # @@ -178,6 +285,8 @@ s/microsoft(?!.com)/MicroSuck/ig # s* industry[ -]leading \ | cutting[ -]edge \ +| customer[ -]focused \ +| market[ -]driven \ | award[ -]winning # Comments are OK, too! \ | high[ -]performance \ | solutions[ -]based \ @@ -197,49 +306,37 @@ FILTER: nimda Remove Nimda (virus) code s%%
WARNING: This Server is infected with Nimda!%g + ################################################################################# # -# banners-by-size: Kill banners by size +# shockwave-flash: Kill embedded Shockwave Flash objects # +################################################################################# +FILTER: shockwave-flash Kill embedded Shockwave Flash objects + +s|]*application/x-shockwave-flash.*||sigU + + ################################################################################# # -# Standard banner sizes taken from http://www.iab.net/iab_banner_standards/bannersizes.html -# -# Note: Use http://config.privoxy.org/send-banner?type=trans for a transparent 1x1 image -# Use http://config.privoxy.org/send-banner?type=pattern for a grey/white pattern image -# Use http://config.privoxy.org/send-banner?type=auto to auto-select. +# quicktime-kioskmode: Make Quicktime movies saveable # ################################################################################# -FILTER: banners-by-size Kill banners by size - -s|]*?(width=['"]?468\D)[^>]*(height=['"]?60[^>]*?)>||sig -s|]*?(width=['"]?234\D)[^>]*(height=['"]?60[^>]*?)>||sig -s|]*?(width=['"]?88\D)[^>]*(height=['"]?31[^>]*?)>||sig -s|]*?(width=['"]?120\D)[^>]*(height=['"]?90[^>]*?)>||sig -s|]*?(width=['"]?120\D)[^>]*(height=['"]?600[^>]*?)>||sig -s|]*?(width=['"]?120\D)[^>]*(height=['"]?60[^>]*?)>||sig -s|]*?(width=['"]?160\D)[^>]*(height=['"]?600[^>]*?)>||sig -s|]*?(width=['"]?125\D)[^>]*(height=['"]?125[^>]*?)>||sig -s|]*?(width=['"]?120\D)[^>]*(height=['"]?240[^>]*?)>||sig -s|]*?(width=['"]?180\D)[^>]*(height=['"]?150[^>]*?)>||sig -s|]*?(width=['"]?300\D)[^>]*(height=['"]?250[^>]*?)>||sig -s|]*?(width=['"]?250\D)[^>]*(height=['"]?250[^>]*?)>||sig -s|]*?(width=['"]?240\D)[^>]*(height=['"]?400[^>]*?)>||sig -s|]*?(width=['"]?336\D)[^>]*(height=['"]?280[^>]*?)>||sig +FILTER: quicktime-kioskmode Make Quicktime movies saveable -# One more. (Where is 200x50 from?) -# -s|]*?(width=['"]?200\D)[^>]*(height=['"]?50[^>]*?)>||sig +s/(]*)kioskmode\s*=\s*(["']?)true\2/$1/ig ################################################################################# # -# shockwave-flash: Kill embedded Shockwave Flash objects +# js-events: Kill all JS event bindings (Radically destructive! Only for extra nasty sites) # ################################################################################# -FILTER: shockwave-flash Kill embedded Shockwave Flash objects +FILTER: js-events Kill all JS event bindings (Radically destructive! Only for extra nasty sites) -s|]*application/x-shockwave-flash.*||sigU +s/(on|event\.)((mouse(over|out|down|up|move))|(un)?load|contextmenu|selectstart)/never/ig +# Not events, but abused on the same type of sites: +s/(alert|confirm)\s*\(/concat(/ig ################################################################################# @@ -248,20 +345,22 @@ s|]*application/x-shockwave-flash.*|