projects / privoxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ac597db)
Remove the obsolete ie-exploits filter
authorFabian Keil <fk@fabiankeil.de>
Thu, 6 Feb 2025 13:56:56 +0000 (14:56 +0100)
committerFabian Keil <fk@fabiankeil.de>
Sat, 5 Apr 2025 12:17:38 +0000 (14:17 +0200)
It doesn't actually reliably protect against Nimda, there never
were active maintainers and IE is obsolete anyway.

Also some virus scanners seem to be offended by the test case
for the filter in the source tarball.

tests/cts/content-filters/data/test33 [deleted file] patch | blob | history

diff --git a/tests/cts/content-filters/data/test33 b/tests/cts/content-filters/data/test33
deleted file mode 100644 (file)
index f1dc0db..0000000
--- a/tests/cts/content-filters/data/test33
+++ /dev/null
@@ -1,99 +0,0 @@
-<testcase>
-<info>
-<keywords>
-HTTP
-HTTP GET
-filter ie-exploits
-</keywords>
-</info>
-
-<reply>
-<data>
-HTTP/1.1 200 OK\r
-Date: Thu, 22 Jul 2010 11:22:33 GMT\r
-Connection: close\r
-Content-Type: text/html\r
-X-Control: swsclose\r
-\r
-# Here are some strings the ie-exploits filter should filter:
-
-# pcrs command 1:
-
-f("javascript:location.replace('mk:@MSITStore:C:')");
-
-# pcrs command 2:
-
-<a href="http://www.example.org/%hex[%01]hex%@blafasel">
-<a href="http://www.example.org/%hex[%02]hex%@blafasel">
-<a href="http://www.example.org/%hex[%03]hex%@blafasel">
-
-<a href="http://www.example.org/%00@blafasel">
-<a href="http://www.example.org/%01@blafasel">
-<a href="http://www.example.org/%02@blafasel">
-
-# pcrs command 3:
-
-<script language="JavaScript">window.open("readme.eml", null, "resizable=no,top=6000,left=6000")</script>
-<script language="JavaScript">1;''.concat("readme.eml", null, "resizable=no,top=6000,left=6000")</script>
-</data>
-</reply>
-
-<proxy-reply>
-<data>
-HTTP/1.1 200 OK\r
-Date: Thu, 22 Jul 2010 11:22:33 GMT\r
-Connection: close\r
-Content-Type: text/html\r
-X-Control: swsclose\r
-Content-Length: 890\r
-\r
-# Here are some strings the ie-exploits filter should filter:
-
-# pcrs command 1:
-
-alert("This page looks like it tries to use a vulnerability described here:
- http://online.securityfocus.com/archive/1/298748/2002-11-02/2002-11-08/2");
-
-# pcrs command 2:
-
-<a href="http://www.example.org/MALICIOUS-LINK@blafasel">
-<a href="http://www.example.org/MALICIOUS-LINK@blafasel">
-<a href="http://www.example.org/MALICIOUS-LINK@blafasel">
-
-<a href="http://www.example.org/MALICIOUS-LINK@blafasel">
-<a href="http://www.example.org/MALICIOUS-LINK@blafasel">
-<a href="http://www.example.org/MALICIOUS-LINK@blafasel">
-
-# pcrs command 3:
-
-<br><font size="7"> WARNING: This Server is infected with <a href="http://www.cert.org/advisories/CA-2001-26.html">Nimda</a>!</font>
-<br><font size="7"> WARNING: This Server is infected with <a href="http://www.cert.org/advisories/CA-2001-26.html">Nimda</a>!</font>
-</data>
-</proxy-reply>
-
-<client>
-<server>
-http
-</server>
-<name>
-+filter{ie-exploits}
-</name>
-<features>
-proxy
-</features>
-<command>
-http://%HOSTIP:%HTTPPORT/ie-exploits/%TESTNUMBER
-</command>
-</client>
-
-<verify>
-<protocol>
-GET /ie-exploits/%TESTNUMBER HTTP/1.1\r
-Host: %HOSTIP:%HTTPPORT\r
-User-Agent: curl/%VERSION\r
-Accept: */*\r
-Connection: close\r
-\r
-</protocol>
-</verify>
-</testcase>
The official Privoxy git repository