#
# File : $Source: /cvsroot/ijbswa/current/default.filter,v $
#
-# $Id: default.filter,v 1.11.2.10 2002/11/11 13:39:47 oes Exp $
+# $Id: default.filter,v 1.11.2.11 2002/11/12 16:14:43 oes Exp $
#
# Purpose : Rules to process the content of web pages
#
# Get rid of Javascript referrer tracking.
# Test page: http://www.javascript-page.com/referrer.html
#
-s|document\.referrer|"Not Your Business!"|gisU
+s|(?:\w+\.)+referrer|"Not Your Business!"|gisU
# The status bar is for displaying link targets, not pointless blahblah
-#
-#s/([\n =;{}]|window\.)(default)?status\s*=/$1dUmMy=/ig
-s/(([\n =;{}]|window\.)(default)?status)\s*=\s*((['"]).*?\5)/if(typeof(this.href) != 'undefined') $1 = $4 + ' URL: ' + this.href;else return false/ig
+#
+s/(\W\s*)((this|window)\.(default)?status)\s*=\s*((['"]).*?\6)/$1if(typeof(this.href) != 'undefined') $2 = $5 + ' URL: ' + this.href;else return false/ig
# Kill OnUnload popups. Yummy.
# Test: http://www.zdnet.com/zdsubs/yahoo/tree/yfs.html
#
-s/(<body\s+[^>]*)onunload(.*>)/$1never$2/siU
+s/(<body\s+[^>]*)onunload/$1never/siU
s|(<script.*)window\.onunload(?=.*</script>)|$1never|sigU
# If we allow window.open, we want normal window features:
s/(open\s*\([^\)]+directories=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
s/(open\s*\([^\)]+fullscreen=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
s/(open\s*\([^\)]+always(?:raised|lowered)=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
-s/(open\s*\([^\)]+zlock=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
+s/(open\s*\([^\)]+z-?lock=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
s/(open\s*\([^\)]+hotkeys=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
-s/(open\s*\([^\)]+titlebar=)(["']?)(?:yes|1)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+titlebar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+always(?:raised|lowered)=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
+
+
+#################################################################################
+#
+# js-events: Kill all JS event bindings (Radically destructive! Only for extra nasty sites)
+#
+#################################################################################
+FILTER: js-events Kill all JS event bindings (Radically destructive! Only for extra nasty sites)
+
+s/(on|event\.)((mouse(over|out|down|up|move))|(un)?load|contextmenu|selectstart)/never/ig
+# Not events, but abused on the same type of sites:
+s/(alert|confirm)\s*\(/concat(/ig
#################################################################################
s/(<a\s+href[^>]+scrolling=)(['"]?)(?:no|0)\2/$1$2auto$2/igU
s/(<a\s+href[^>]+menubar=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
-# The <BLINK> tag was a crime!
+# The <BLINK> and <MARQUEE> tags were crimes!
#
-s*<blink>|</blink>**ig
+s*</?(blink|marquee)>**ig
#################################################################################
#################################################################################
FILTER: content-cookies Kill cookies that come in the HTML or JS content
-# JS cookies, like found on privacy.net:
+# JS cookies, except those used by antiadbuster.com to detect us:
#
-s|document\.cookie(?=[ \t\r\n]*=)|ZappedCookie|ig
+s|(\w+\.)+cookie(?=[ \t\r\n]*=)(?!='aab)|ZappedCookie|ig
# HTML cookies:
#
#################################################################################
#
-# webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
+# refresh-tags: Kill automatic refresh tags (for dial-on-demand setups)
#
#################################################################################
-FILTER: webbugs Squish WebBugs (1x1 invisible GIFs used for user tracking)
-
-s/<img\s+[^>]*(?:width|height)\s*=\s*['"]?1(?=\D)[^>]*(?:width|height)\s*=\s*['"]?1(?=\D)[^>]*?>//siUg
-
+FILTER: refresh-tags Kill automatic refresh tags (for dial-on-demand setups)
-##################################################################################
-#
-# popups: Kill all popups in JS and HTML
+# Note: Only deactivates refreshes with more than 9 seconds delay to
+# preserve monster-stupid but common redirections via meta tags.
#
-#################################################################################
-FILTER: popups Kill all popups in JS and HTML
-
-s/([\n =;{}]|window\.)open\s*\\?\(/$1concat(/ig # JavaScript
-s/ target\s*=\s*(['"]?)(_blank|_new)\1?/ notarget/ig # HTML
+s/<meta\s+http-equiv\s*=\s*(['"]?)refresh\1\s+content\s*=\s*(['"]?)\d{2,}\s*(;\s*url\s*=\s*([^>\2]*))?\2/<link rev="x-refresh" href="$4"/iU
#################################################################################
#
-# frameset-borders: Give frames a border, make them resizable and scrollable
+# unsolicited-popups: Disable unsolicited pop-up windows
#
#################################################################################
-FILTER: frameset-borders Give frames a border and make them resizable
+FILTER: unsolicited-popups Disable only unsolicited pop-up windows
-s/(<frameset\s+[^>]*)framespacing=(['"]?)(no|0)\2/$1/igU
-s/(<frameset\s+[^>]*)frameborder=(['"]?)(no|0)\2/$1/igU
-s/(<frameset\s+[^>]*)border=(['"]?)(no|0)\2/$1/igU
-s/(<frame\s+[^>]*)noresize/$1/igU
-s/(<frame\s+[^>]*)frameborder=(['"]?)(no|0)\2/$1/igU
-s/(<frame\s+[^>]*)scrolling=(['"]?)(no|0)\2/$1/igU
+s+<body.*>+$0<script><!--\nfunction PrivoxyWindowOpen(){return(null);}\n//--></script>+isU
+s+([^\w\s.]\s*)((window|this|parent)\.)?open\s*\(+$1PrivoxyWindowOpen(+ig
+s+</body>+<script><!--\nfunction PrivoxyWindowOpen(a, b, c){return(window.open(a, b, c));}\n//--></script>$0+iU
-#################################################################################
+##################################################################################
#
-# refresh-tags: Kill automatic refresh tags (for dial-on-demand setups)
+# all-popups: Kill all popups in JavaScript and HTML
#
#################################################################################
-FILTER: refresh-tags Kill automatic refresh tags (for dial-on-demand setups)
+FILTER: all-popups Kill all popups in JavaScript and HTML
-# Note: Only deactivates refreshes with more than 9 seconds delay to
-# preserve monster-stupid but common redirections via meta tags.
-#
-s/<meta\s+http-equiv\s*=\s*(['"]?)refresh\1\s+content\s*=\s*(['"]?)\d{2,}\s*(;\s*url\s*=\s*([^>\2]*))?\2/<link rev="x-refresh" href="$4"/iU
+s/((\W\s*)(window|this|parent)\.)open\s*\\?\(/$1concat(/ig # JavaScript
+s/ target\s*=\s*(['"]?)(_blank|_new)\1?/ notarget/ig # HTML
-#################################################################################
+##################################################################################
#
# img-reorder: Reorder attributes in <img> tags to make the banners-by-* filters more effective
#
# In the first step src is moved to the start, then width is moved to the second
# place to guarantee an order of src, width, height.
# This makes banners-by-size more effective and allows both banners-by-size
-# and banners-by-link to preserve the original image URL in the alt attribute.
+# and banners-by-link to preserve the original image URL in the title attribute.
s|<img\s+?([^>]*) src\s*=\s*(['"])([^>\\\2]+)\2|<img src=$2$3$2 $1|siUg
s|<img\s+?([^>]*) src\s*=\s*([^'">\\\s]+)|<img src=$2 $1|sig
FILTER: banners-by-size Kill banners by size
# 88*31
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)88\4)[^>]*?(height=(['"]?)31\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)88\4)[^>]*?(height=(['"]?)31\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
# 120*60, 120*90, 120*240, 120*600
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)120\4)[^>]*?(height=(['"]?)(?:600?|90|240)\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)120\4)[^>]*?(height=(['"]?)(?:600?|90|240)\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
# 125*125
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)125\4)[^>]*?(height=(['"]?)125\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)125\4)[^>]*?(height=(['"]?)125\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
# 160*600
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)160\4)[^>]*?(height=(['"]?)600\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)160\4)[^>]*?(height=(['"]?)600\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
# 180*150
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)180\4)[^>]*?(height=(['"]?)150\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)180\4)[^>]*?(height=(['"]?)150\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
# 234*60, 468*60 (Most Banners!)
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:234|468)\4)[^>]*?(height=(['"]?)60\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:234|468)\4)[^>]*?(height=(['"]?)60\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
# 240*400
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)240\4)[^>]*?(height=(['"]?)400\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)240\4)[^>]*?(height=(['"]?)400\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
# 250*250, 300*250
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:250|300)\4)[^>]*?(height=(['"]?)250\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:250|300)\4)[^>]*?(height=(['"]?)250\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
# 336*280
-s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)336\4)[^>]*?(height=(['"]?)280\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)336\4)[^>]*?(height=(['"]?)280\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
# Note: 200*50 was also proposed, but it probably causes too much collateral damage:
#
-#s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)200\4)[^>]*?(height=(['"]?)50\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed-$2-by-size$1 $3 $5>@sig
+#s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)200\4)[^>]*?(height=(['"]?)50\6)[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 title=$1Killed-$2-by-size$1 $3 $5>@sig
#################################################################################
#
-# banners-by-link: Kill banners by their links to known clicktrackers
+# banners-by-link: Kill banners by their links to known clicktrackers (Experimental)
#
#################################################################################
FILTER: banners-by-link Kill banners by their links to known clicktrackers
| tracker | counter # common \
| adlog\.pl # see sf.net \
)[^>\1\s]*)\1[^>]*>\s*<img\s+(?:src\s*=\s*(['"]?)([^>\\\3\s]+)\3)?[^>]*((?:width|height)\s*=\s*(['"]?)\d+?\6)[^>]*((?:width|height)\s*=\s*(['"]?)\d+?\8)[^>]*>\
-@<img $5 $7 src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed $4 by link to $2$1>@sigx
+@<img $5 $7 src=$1http://config.privoxy.org/send-banner?type=auto$1 title=$1Killed $4 by link to $2$1>@sigx
# Rare case w/o explicit dimensions:
#
-s@<a\s+href\s*=\s*(['"]?)([^>\1\s]*?(?:adclick|atwola\.com/(?:link|redir)|doubleclick\.net/jump/|tracker|counter|adlog\.pl)[^>\1\s]*)\1[^>]*>\s*<img\s+(?:src\s*=\s*(['"]?)([^>\\\3\s]+)\3)?[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 alt=$1Killed $4 by link to $2$1>@sig
-
-#################################################################################
-#
-# fun: Text replacements for subversive browsing fun!
-#
-#################################################################################
-FILTER: fun Text replacements for subversive browsing fun!
-
-s/microsoft(?!.com)/MicroSuck/ig
-
-# Buzzword Bingo (example for extended regex syntax)
-#
-s* industry[ -]leading \
-| cutting[ -]edge \
-| customer[ -]focused \
-| market[ -]driven \
-| award[ -]winning # Comments are OK, too! \
-| high[ -]performance \
-| solutions[ -]based \
-| unmatched \
-| unparalleled \
-| unrivalled \
-*<font color="red"><b>BINGO!</b></font> \
-*igx
-
-
-#################################################################################
-#
-# nimda: Remove Nimda (virus) code
-#
-#################################################################################
-FILTER: nimda Remove Nimda (virus) code
+s@<a\s+href\s*=\s*(['"]?)([^>\1\s]*?(?:adclick|atwola\.com/(?:link|redir)|doubleclick\.net/jump/|tracker|counter|adlog\.pl)[^>\1\s]*)\1[^>]*>\s*<img\s+(?:src\s*=\s*(['"]?)([^>\\\3\s]+)\3)?[^>]*>@<img src=$1http://config.privoxy.org/send-banner?type=auto$1 title=$1Killed $4 by link to $2$1>@sig
-s%<script language="JavaScript">(window\.open|1;''\.concat)\("readme\.eml", null, "resizable=no,top=6000,left=6000"\)</script>%<br><font size="7"> WARNING: This Server is infected with <a href="http://www.cert.org/advisories/CA-2001-26.html">Nimda</a>!</font>%g
-
-#################################################################################
+################################################################################
#
-# shockwave-flash: Kill embedded Shockwave Flash objects
+# webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
#
#################################################################################
-FILTER: shockwave-flash Kill embedded Shockwave Flash objects
+FILTER: webbugs Squish WebBugs (1x1 invisible GIFs used for user tracking)
-s|<embed [^>]*application/x-shockwave-flash.*</embed>|<!-- Squished Shockwave Flash Embed -->|sigU
+s/<img\s+[^>]*(?:width|height)\s*=\s*['"]?[01](?=\D)[^>]*(?:width|height)\s*=\s*['"]?[01](?=\D)[^>]*?>//siUg
#################################################################################
#
-# quicktime-kioskmode: Make Quicktime movies saveable
+# tiny-textforms: Extend those tiny textareas up to 40x80 and kill the hard wrap
#
#################################################################################
-FILTER: quicktime-kioskmode Make Quicktime movies saveable
+FILTER: tiny-textforms Extend those tiny textareas up to 40x80 and kill the hard wrap
-s/(<embed\s+[^>]*)kioskmode\s*=\s*(["']?)true\2/$1/ig
+s/(<textarea[^>]*?)(?:\s*(?:rows|cols)=(['"]?)\d+\2)+/$1 rows=$2\40$2 cols=$2\80$2/ig
+s/(<textarea[^>]*?)wrap=(['"]?)hard\2/$1/ig
#################################################################################
#
-# js-events: Kill all JS event bindings (Radically destructive! Only for extra nasty sites)
+# jumping-windows: Prevent windows from resizing and moving themselves
#
#################################################################################
-FILTER: js-events Kill all JS event bindings (Radically destructive! Only for extra nasty sites)
+FILTER: jumping-windows Prevent windows from resizing and moving themselves
-s/(on|event\.)((mouse(over|out|down|up|move))|(un)?load|contextmenu|selectstart)/never/ig
-# Not events, but abused on the same type of sites:
-s/(alert|confirm)\s*\(/concat(/ig
+s/(?:window|this|self)\.(?:move|resize)(?:to|by)\(/concat(/ig
#################################################################################
#
-# crude-parental: Crude parental filtering? (Use along with a suitable blocklist).
-# Shows how to deny access to whole page based on a keyword.
+# frameset-borders: Give frames a border, make them resizable and scrollable
#
#################################################################################
-FILTER: crude-parental Crude parental filtering (demo only)
+FILTER: frameset-borders Give frames a border and make them resizable
-# (Note: Middlesex, Sussex and Essex are counties in the UK, not rude words)
-# (Note #2: Is 'sex' a rude word?!)
+s/(<frameset\s+[^>]*)framespacing=(['"]?)(no|0)\2/$1/igU
+s/(<frameset\s+[^>]*)frameborder=(['"]?)(no|0)\2/$1/igU
+s/(<frameset\s+[^>]*)border=(['"]?)(no|0)\2/$1/igU
+s/(<frame\s+[^>]*)noresize/$1/igU
+s/(<frame\s+[^>]*)frameborder=(['"]?)(no|0)\2/$1/igU
+s/(<frame\s+[^>]*)scrolling=(['"]?)(no|0)\2/$1/igU
-s%^.*(?<!middle)(?<!sus)(?<!es)sex.*$%<html><head><title>Blocked</title></head><body><h3>Blocked due to possible adult content. Please see <a href="http://dmoz.org/Kids_and_Teens/">this site</a>.</h3></body></html>%is
-s+^.*warez.*$+<html><head><title>No Warez</title></head><body><h3>You're not searching for illegal stuff, are you?</h3></body></html>+is
#################################################################################
# John Walker -- January 1998, http://www.fourmilab.ch/webtools/demoroniser
#
#################################################################################
-FILTER: demoronizer fixing MS's non-standard use of std charsets.
+FILTER: demoronizer Fix MS's non-standard use of standard charsets
s/(&\#[0-2]\d\d)\s/$1; /g
# per Robert Lynch: http://slate.msn.com//?id=2067547, just a guess.
s/\x9B/>/g # 155
+#################################################################################
+#
+# shockwave-flash: Kill embedded Shockwave Flash objects
+#
+#################################################################################
+FILTER: shockwave-flash Kill embedded Shockwave Flash objects
+
+s|<embed [^>]*application/x-shockwave-flash.*</embed>|<!-- Squished Shockwave Flash Embed -->|sigU
+
+
+#################################################################################
+#
+# quicktime-kioskmode: Make Quicktime movies saveable
+#
+#################################################################################
+FILTER: quicktime-kioskmode Make Quicktime movies saveable
+
+s/(<embed\s+[^>]*)kioskmode\s*=\s*(["']?)true\2/$1/ig
+
+
+#################################################################################
+#
+# fun: Text replacements for subversive browsing fun!
+#
+#################################################################################
+FILTER: fun Text replacements for subversive browsing fun!
+
+s/microsoft(?!.com)/MicroSuck/ig
+
+# Buzzword Bingo (example for extended regex syntax)
+#
+s* (?:industry|world)[ -]leading \
+| cutting[ -]edge \
+| customer[ -]focused \
+| market[ -]driven \
+| award[ -]winning # Comments are OK, too! \
+| high[ -]performance \
+| solutions[ -]based \
+| unmatched \
+| unparalleled \
+| unrivalled \
+*$0<sup><font color="red"><b>Bingo!</b></font></sup> \
+*igx
+
+
+#################################################################################
+#
+# crude-parental: Crude parental filtering? (Use along with a suitable blocklist).
+# Shows how to deny access to whole page based on a keyword.
+#
+#################################################################################
+FILTER: crude-parental Crude parental filtering (demo only)
+
+# (Note: Middlesex, Sussex and Essex are counties in the UK, not rude words)
+# (Note #2: Is 'sex' a rude word?!)
+
+s%^.*(?<!middle)(?<!sus)(?<!es)sex.*$%<html><head><title>Blocked</title></head><body><h3>Blocked due to possible adult content. Please see <a href="http://dmoz.org/Kids_and_Teens/">this site</a>.</h3></body></html>%is
+s+^.*warez.*$+<html><head><title>No Warez</title></head><body><h3>You're not searching for illegal stuff, are you?</h3></body></html>+is
+
+
+#################################################################################
+#
+# IE-Exploits: Disable some known Internet Explorer bug exploits
+#
+#################################################################################
+FILTER: ie-exploits Disable some known Internet Explorer bug exploits
+
+# Note: This is basically a demo and waits for someone more interested in IE
+# security (sic!) to take over.
+
+# Cross-site-scripting:
+#
+s%f\("javascript:location.replace\('mk:@MSITStore:C:'\)"\);%alert\("This page looks like it tries to use a vulnerability described here:\n http://online.securityfocus.com/archive/1/298748/2002-11-02/2002-11-08/2"\);%siU
+
+# Nimda:
+#
+s%<script language="JavaScript">(window\.open|1;''\.concat)\("readme\.eml", null, "resizable=no,top=6000,left=6000"\)</script>%<br><font size="7"> WARNING: This Server is infected with <a href="http://www.cert.org/advisories/CA-2001-26.html">Nimda</a>!</font>%g
+
+
##############################################################################
#
# Revisions :
# $Log: default.filter,v $
+# Revision 1.11.2.11 2002/11/12 16:14:43 oes
+# Exchanged js-annoyance filter against status bar rewrites with improved version by Don Libes
+#
# Revision 1.11.2.10 2002/11/11 13:39:47 oes
# Make refresh-tags filter work even on incorrect refresh tags like found on usatoday.com
#
projects / privoxy.git / commitdiff