1 ######################################################################
3 # File : $Source: /cvsroot/ijbswa/current/default.action,v $
5 # $Id: default.action,v 1.26 2002/04/26 17:41:49 morcego Exp $
7 # Purpose : Default actions file, see
8 # http://www.privoxy.org/faq/questions.html#CONFIGFILES
10 # Copyright : Written by and Copyright
11 # Privoxy team. http://www.privoxy.org/
13 # Based on the Internet Junkbuster originally written
14 # by and Copyright (C) 1997 Anonymous Coders and
15 # Junkbusters Corporation. http://www.junkbusters.com
17 # We value your feedback. However, to provide you with the best support,
20 # * Use the support forum to get help:
21 # http://sourceforge.net/tracker/?group_id=11118&atid=211118
22 # * Submit feedback for this actions file only through our
23 # actions file feedback script: http://www.privoxy.org/actions
24 # * Submit bugs only through our bug forum:
25 # http://sourceforge.net/tracker/?group_id=11118&atid=111118
26 # Make sure that the bug has not already been submitted. Please try
27 # to verify that it is a Privoxy bug, and not a browser or site
28 # bug first. If you are using your own custom configuration, please
29 # try the stock configs to see if the problem is a configuration
30 # related bug. And if not using the latest development snapshot,
31 # please try the latest one. Or even better, CVS sources.
32 # * Submit feature requests only through our feature request forum:
33 # http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse
35 # For any other issues, feel free to use the mailing lists:
36 # http://sourceforge.net/mail/?group_id=11118
38 # Anyone interested in actively participating in development and related
39 # discussions can join the appropriate mailing list here:
40 # http://sourceforge.net/mail/?group_id=11118. Archives are available
43 #############################################################################
45 #############################################################################
47 # To determine which actions apply to a request, the URL of the request is
48 # compared to all patterns in this file. Every time it matches, the list of
49 # applicable actions for this URL is incrementally updated. You can trace
50 # this process by visiting http://i.j.b/show-url-info
52 # There are 4 types of lines in this file: comments (like this line),
53 # actions, aliases and patterns, all of which are explained below.
55 #############################################################################
57 #############################################################################
59 # 1. On Domains and Paths
60 # -----------------------
62 # Generally, a pattern has the form <domain>/<path>, where both the <domain>
63 # and <path> part are optional. If you only specify a domain part, the "/"
67 # is a domain-only pattern and will match any request to www.yahoo.com
70 # means exactly the same (but is slightly less efficient)
72 # www.example.com/index.html
73 # matches only the document /index.html on www.example.com
76 # matches the document /index.html, regardless of the domain
79 # matches nothing, since it would be interpreted as a domain name and
80 # there is no top-level domain called ".html".
85 # The matching of the domain part offers some flexible options: If the
86 # domain starts or ends with a dot, it becomes unanchored at that end:
89 # matches only www.example.com
92 # matches any domain that ENDS in .example.com
95 # matches any domain that STARTS with www.
97 # Additionally, there are wildcards that you can use in the domain names
98 # themselves. They work pretty similar to shell wildcards: "*" stands for
99 # zero or more arbitrary characters, "?" stands for one, and you can define
100 # charachter classes in square brackets and they can be freely mixed:
103 # matches adserver.example.com, ads.example.com, etc but not sfads.example.com
106 # matches all of the above
109 # matches www.ipix.com, pictures.epix.com, a.b.c.d.e.upix.com etc
111 # www[1-9a-ez].example.com
112 # matches www1.example.com, www4.example.com, wwwd.example.com,
113 # wwwz.example.com etc, but not wwww.example.com
120 # Paths are specified as regular expressions. A comprehensive discussion of
121 # regular expressions wouldn't fit here, but (FIXME) someone should paste
122 # a concise intro to the regex language here.
124 # If Privoxy was compiled with pcre support (default), Perl compatible
125 # regular expressions are used. See the pcre/docs/ direcory or man perlre
126 # (also available on http://www.perldoc.com/perl5.6/pod/perlre.html) for
129 # Please note that matching in the path is CASE INSENSITIVE by default, but
130 # you can switch to case sensitive by starting the pattern with the "(?-i)"
133 # www.example.com/(?-i)PaTtErN.*
134 # will match only documents whose path starts with PaTtErN in exactly this
137 # Partially case-sensetive and partially case-insensitive patterns are
138 # possible, but the rules about splitting them up are extremely complex
139 # - see the PCRE documentation for more information.
141 #############################################################################
143 #############################################################################
145 # There are 3 kinds of action:
147 # Boolean (e.g. "block"):
151 # Parameterized (e.g. "hide-user-agent"):
152 # +name{param} # enable and set parameter to "param"
155 # Multi-value (e.g. "add-header", "send-wafer"):
156 # +name{param} # enable and add parameter "param"
157 # -name{param} # remove the parameter "param"
158 # -name # disable totally
160 # The default (if you don't specify anything in this file) is not to take
161 # any actions - i.e completely disabled, so Privoxy will just be a
162 # normal, non-blocking, non-anonymizing proxy. You must specifically
163 # enable the privacy and blocking features you need (although the
164 # provided default actions file will do that for you).
166 # Later actions always override earlier ones. For multi-valued actions,
167 # the actions are applied in the order they are specified.
169 #############################################################################
171 #############################################################################
173 # +add-header{Name: value}
174 # Adds the specified HTTP header, which is not checked for validity.
175 # You may specify this many times to specify many headers.
180 # +deanimate-gifs{last}
181 # +deanimate-gifs{first}
182 # Deanimate all animated GIF images, i.e. reduce them to their last
183 # frame. This will also shrink the images considerably. (In bytes,
185 # If the option "first" is given, the first frame of the animation
186 # is used as the replacement. If "last" is given, the last frame of
187 # the animation is used instead, which propably makes more sense for
188 # most banner animations, but also has the risk of not showing the
189 # entire last frame (if it is only a delta to an earlier frame).
191 # +downgrade-http-version
192 # Downgrade HTTP/1.1 client requests to HTTP/1.0 and downgrade the
193 # responses as well. Use this action for servers that use HTTP/1.1
194 # protocol features that Privoxy currently can't handle yet.
197 # Many sites, like yahoo.com, don't just link to other sites.
198 # Instead, they will link to some script on their own server,
199 # giving the destination as a parameter, which will then redirect
200 # you to the final target.
202 # URLs resulting from this scheme typically look like:
203 # http://some.place/some_script?http://some.where-else
205 # Sometimes, there are even multiple consecutive redirects encoded
206 # in the URL. These redirections via scripts make your web browing
207 # more traceable, since the server from which you follow such a link
208 # can see where you go to. Apart from that, valuable bandwidth and
209 # time is wasted, while your browser aks the server for one redirect
210 # after the other. Plus, it feeds the advertisers.
212 # The +fast-redirects option enables interception of these requests
213 # by Privoxy, who will cut off all but the last valid URL in the
214 # request and send a local redirect back to your browser without
215 # contacting the intermediate sites.
218 # Filter the website through one or more regular expression filters.
219 # Repeat for multiple filters.
221 # Filters predefined in the supplied re_filterfile include:
223 # html-annoyances: Get rid of particularly annoying HTML abuse
224 # js-annoyances: Get rid of particularly annoying JavaScript abuse
225 # content-cookies: Kill cookies that come in the HTML or JS content
226 # popups: Kill all popups in JS and HTML
227 # frameset-borders: Give frames a border
228 # webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
229 # refresh-tags: Kill automatic refresh tags (for dial-on-demand setups)
230 # fun: Text replacements for subversive browsing fun!
231 # nimda: Remove Nimda (virus) code.
232 # banners-by-size: Kill banners by size (very efficient!)
233 # shockwave-flash: Kill embedded Shockwave Flash objects
234 # crude-parental: Kill all web pages that contain the words "sex" or "warez"
237 # +hide-forwarded-for-headers
238 # Block any existing X-Forwarded-for header, and do not add a new one.
240 # +hide-from-header{block}
241 # +hide-from-header{spam@sittingduck.xqq}
242 # If the browser sends a "From:" header containing your e-mail address,
243 # either completely removes the header ("block"), or change it to the
244 # specified e-mail address.
246 # +hide-referer{block}
247 # +hide-referer{forge}
248 # +hide-referer{http://nowhere.com}
249 # Don't send the "Referer:" (sic) header to the web site. You can
250 # block it, forge a URL to the same server as the request (which is
251 # preferred because some sites will not send images otherwise) or
252 # set it to a constant string.
254 # +hide-referrer{...}
255 # Alternative spelling of +hide-referer. Has the same parameters,
256 # and can be freely mixed with, "+hide-referer". ("referrer" is the
257 # correct English spelling, however the HTTP specification has a
258 # bug - it requires it to be spelt "referer").
260 # +hide-user-agent{browser-type}
261 # Change the "User-Agent:" header so web servers can't tell your
262 # browser type. (Breaks many web sites). Specify the user-agent
263 # value you want - e.g., to pretend to be using Netscape on Linux:
264 # +hide-user-agent{Mozilla (X11; I; Linux 2.0.32 i586)}
265 # Or to identify yourself explicitly as a Privoxy user:
266 # +hide-user-agent{Privoxy/1.0}
267 # (Don't change the version number from 1.0 - after all, why tell them?)
270 # Treat this URL as an image. This only matters if it's also "+block"ed,
271 # in which case a "blocked" image can be sent rather than a HTML page.
272 # See +set-image-blocker{} for the control over what is actually sent.
274 # +set-image-blocker{blank}
275 # +set-image-blocker{pattern}
276 # +set-image-blocker{<URL>} with <url> being any valid image URL
277 # Decides what to do with URLs that end up tagged with {+block +handle-as-image}.
278 # There are 4 options:
279 # * "-set-image-blocker" will send a HTML "blocked" page, usually
280 # resulting in a "broken image" icon.
281 # * "+set-image-blocker{blank}" will send a 1x1 transparent image
282 # * "+set-image-blocker{pattern}" will send a 4x4 grey/white pattern
283 # which is less intrusive than the logo but easier to recognize
284 # than the transparent one.
285 # * "+set-image-blocker{<URL>}" will send a HTTP temporary redirect
286 # to the specified image URL.
289 # +limit-connect{portlist}
290 # The CONNECT methods exists in HTTP to allow access to secure websites
291 # (https:// URLs) through proxies. It works very simply: The proxy
292 # connects to the server on the specified port, and then short-circuits
293 # its connections to the cliant and to the remote proxy.
294 # This can be a big security hole, since CONNECT-enabled proxies can
295 # be abused as TCP relays very easily.
296 # By default, i.e. in the absence of a +limit-connect action, Privoxy
297 # will only allow CONNECT requests to port 443, which is the standard port
299 # If you want to allow CONNECT for more ports than that, or want to forbid
300 # CONNECT altogether, you can specify a comma separated list of ports and port
301 # ranges (the latter using dashes, with the minimum defaulting to 0 and max to 65K):
303 # +limit-connect{443} # This is the default and need no be specified.
304 # +limit-connect{80,443} # Ports 80 and 443 are OK.
305 # +limit-connect{-3, 7, 20-100, 500-} # Port less than 3, 7, 20 to 100, and above 500 are OK.
307 # +prevent-compression
308 # Prevent the website from compressing the data. Some websites do
309 # that, which is a problem for Privoxy, since +filter, +kill-popups
310 # and +gif-deanimate will not work on compressed data. Will slow down
311 # connections to those websites, though.
313 # +prevent-keeping-cookies
314 # +session-cookies-only
315 # If the website sets cookies, make sure they are erased when you exit
316 # and restart your web browser. This makes profiling cookies useless,
317 # but won't break sites which require cookies so that you can log in
318 # or for transactions.
320 # +prevent-reading-cookies
321 # Prevent the website from reading cookies
323 # +prevent-setting-cookies
324 # Prevent the website from setting cookies
327 # Filter the website through a built-in filter to disable
328 # 1;''.concat() etc. The two alternative spellings are
331 # +send-vanilla-wafer
332 # This action only applies if you are using a jarfile. It sends a
333 # cookie to every site stating that you do not accept any copyright
334 # on cookies sent to you, and asking them not to track you. Of
335 # course, this is a (relatively) unique header they could use to
338 # +send-wafer{name=value}
339 # This allows you to add an arbitrary cookie. Specify it multiple
340 # times in order to add several cookies.
342 #############################################################################
344 #############################################################################
345 # Settings -- Don't change.
346 #############################################################################
348 #############################################################################
349 for-privoxy-version=3.0
351 #############################################################################
353 #############################################################################
355 #############################################################################
357 # You can define a short form for a list of permissions - e.g., instead
358 # of "-prevent-setting-cookies -prevent-reading-cookies -filter -fast-redirects",
359 # you can just write "shop". This is called an alias.
361 # Currently, an alias can contain any character except space, tab, '=', '{'
363 # But please use only 'a'-'z', '0'-'9', '+', and '-'.
365 # Alias names are not case sensitive.
367 # Aliases beginning with '+' or '-' may be used for system permission names
368 # in future releases - so try to avoid alias names like this. (e.g.
369 # "+prevent-cookies" below is not a good name)
371 # Aliases must be defined before they are used.
375 +prevent-cookies = +prevent-setting-cookies +prevent-reading-cookies
376 -prevent-cookies = -prevent-setting-cookies -prevent-reading-cookies
377 +imageblock = +block +handle-as-image
379 # Fragile sites should have the minimum changes
380 fragile = -block -deanimate-gifs -fast-redirects -filter -hide-referer -prevent-cookies -kill-popups
382 # Shops should be allowed to set persistent cookies
383 shop = -filter -prevent-cookies -prevent-keeping-cookies
385 # Your favourite blend of filters:
387 myfilters = +filter{html-annoyances} +filter{js-annoyances} +filter{popups}\
388 +filter{webbugs} +filter{nimda} +filter{banners-by-size} #+filter{fun}
389 #... etc. Customize to your heart's content.
390 #############################################################################
392 #############################################################################
393 {-add-header -block +deanimate-gifs{last} -downgrade-http-version -fast-redirects -filter{popups} -filter{fun} -filter{shockwave-flash} -filter{crude-prental} +filter{html-annoyances} +filter{js-annoyances} +filter{content-cookies} +filter{webbugs} +filter{refresh-tags} +filter{nimda} +filter{banners-by-size} +hide-forwarded-for-headers +hide-from-header{block} +hide-referer{forge} -hide-user-agent -handle-as-image +set-image-blocker{pattern} -limit-connect +prevent-compression +session-cookies-only -prevent-reading-cookies -prevent-setting-cookies -kill-popups -send-vanilla-wafer -send-wafer}
397 #############################################################################
398 # Needed for automatic feedback evaluation; Please don't delete!
399 #############################################################################
400 {+add-header{X-Actions-File-Version: 1.2} -filter -kill-popups}
402 .oesterhelt.org/actions
405 #############################################################################
406 # These sites are very complex and require
407 # minimal interference.
408 #############################################################################
410 .office.microsoft.com
411 .windowsupdate.microsoft.com
413 #############################################################################
414 # Shopping sites - still want to block ads.
415 #############################################################################
418 .worldpay.com # for quietpc.com
422 #############################################################################
423 # These shops require pop-ups
424 #############################################################################
425 {shop -no-popups -filter{popups}}
429 #############################################################################
430 # Sometimes fast-redirects catches things by mistake
431 #############################################################################
433 www.ukc.ac.uk/cgi-bin/wac\.cgi\?
435 edit.europe.yahoo.com
437 .altavista.com/.*(like|url|link):http
438 .altavista.com/trans.*urltext=http
442 #############################################################################
444 #############################################################################
448 #############################################################################
450 #############################################################################
452 #############################################################################
453 /.*\.(gif|jpe?g|png|bmp|ico)
455 #############################################################################
457 #############################################################################
458 #BLOCK-REFERRER: http://www.cnn.com/
459 #BLOCK-REFERRER: http://www.aol.com/
462 #BLOCK-REFERRER: http://www.altavista.com/
465 .a.yimg.com/(?:(?!/i/).)*$
466 .a[0-9].yimg.com/(?:(?!/i/).)*$
472 #BLOCK-REFERRER: Opera browser built-in
475 #BLOCK-REFERRER: http://www.tecchannel.de/index.html
476 #BLOCK-REFERRER: and thousands more
479 #############################################################################
481 #############################################################################
483 #############################################################################
490 /(?:.*/)?(ads(erver?|tream)?|.*?ads|adv(ert(s|enties|is(ing|e?ments)?)?)?|(ad)?[-_]?banner(s|ads?|farm)?)/
491 /.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?)
492 /(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/
494 #BLOCK-REFERRER: http://www.brooksbrothers.com
495 #BLOCK-REFERRER: http://www.autodesk.com
498 #############################################################################
500 #############################################################################
509 www.ugu.com/sui/ugu/adv
511 # So many download pages being blocked
513 # adv for globalintersec means advanced, not advertisement
514 www.globalintersec.com/adv
515 # We all want weather forecast to work
516 banners.wunderground.com/banner/gizmotemp/