All text substitutions that can be invoked through the - filter action must first be defined in the filter file, which is typically called default.filter and which can be - selected through the filterfile config option.
Filtering works on any text-based document type, including plain - text, HTML, JavaScript, CSS etc. (all Filtering works on any text-based document type, including + HTML, JavaScript, CSS etc. (all text/*text/* - MIME types). Substitutions are made at the source level, so if - you want to except text/plain). + Substitutions are made at the source level, so if you want to "roll your own" filters, you should be - familiar with HTML syntax.
"roll + your own" filters, you should be familiar with HTML syntax.Just like the keyword FILTER:FILTER:, followed by the filter's .
Once a filter called Once a filter called namename has been defined in the filter file, it can be invoked by using an action of the form - +filter{{name}name} in any Perl's - s///s/// operator. If you are familiar with Perl, you will find this to be quite intuitive, and may want to look at the PCRS man page for the subtle differences to Perl behaviour. Most notably, the non-standard - option letter UU is supported, which turns the default to ungreedy matching.
the
- s///s/// operator's syntax and 9.1. Filter File Tutorial
9.1. Filter File Tutorial
Now, let's complete our "foo" on each page. For global substitution, - we'll need to add the gg option:
\s\s stands for whitespace characters (space, tab, newline, - carriage return, form feed), so that \s*\s* means: "zero or more whitespace". The . The ? in ? in .*?.*? - makes this matching of arbitrary text ungreedy. (Note that the UU - option is not set). The ['"]['"] construct means: "a single @@ -630,13 +639,13 @@ CLASS="EMPHASIS" >or a double quote". Finally, . Finally, \1\1 is - a backreference to the first parenthesis just like $1$1 above, with the difference that in the "<body>" tags with the dummy word tags with the dummy word nevernever. - Note that the ii option makes the pattern matching case-insensitive. Also note that ungreedy matching alone doesn't always guarantee - a minimal match: In the first parenthesis, we had to use [^>]*[^>]* - instead of .*.* to prevent the match from exceeding the <body> tag if it doesn't contain
Note the Note the (?!\.com)(?!\.com) part (a so-called negative lookahead) in the job's pattern, which means: Don't match, if the string
The The xx option in this job turns on extended syntax, and allows for e.g. the liberal use of (non-interpreted!) whitespace for nicer formatting.
You get the idea?
The distribution default.filter file contains a selection of +pre-defined filters for your convenience:
The purpose of this filter is to get rid of particularly annoying JavaScript abuse. + To that end, it +
replaces JavaScript references to the browser's referrer information + with the string "Not Your Business!". This compliments the hide-referrer action on the content level. +
removes the bindings to the DOM's + unload + event which we feel has no right to exist and is responsible for most "exit consoles", i.e. + nasty windows that pop up when you close another one. +
removes code that causes new windows to be opened with undesired properties, such as being + full-screen, non-resizable, without location, status or menu bar etc. +
This is a very radical measure. It removes virtually all JavaScript event bindings, which + means that scripts can not react to user actions such as mouse movements or clicks, window + resizing etc, anymore. +
We strongly discourage using this filter as a default since it breaks + many legitimate scripts. It is meant for use only on extra-nasty sites (should you really + need to go there). +
This filter will undo many common instances of HTML based abuse. +
The BLINK and MARQUEE tags + are neutralized (yeah baby!), and browser windows will be created as + resizable (as of course they should be!), and will have location, + scroll and menu bars -- even if specified otherwise. +
Most cookies are set in the HTTP dialogue, where they can be intercepted + by the + crunch-incoming-cookies + and crunch-outgoing-cookies + actions. But web sites increasingly make use of HTML meta tags and JavaScript + to sneak cookies to the browser on the content level. +
This filter disables HTML and JavaScript code that reads or sets cookies. Use + it wherever you would also use the cookie crunch actions. +
Disable any refresh tags if the interval is greater than nine seconds (so + that redirections done via refresh tags are not destroyed). This is useful + for dial-on-demand setups, or for those who find this HTML feature + annoying. +
This filter attempts to prevent only "unsolicited" pop-up + windows from opening, yet still allow pop-up windows that the user + has explicitly chosen to open. It was added in version 3.0.1, + as an improvement over earlier such filters. +
Technical note: The filter works by redefining the window.open JavaScript + function to a dummy function during the loading and rendering phase of each + HTML page access, and restoring the function afterwards. +
Attempt to prevent all pop-up windows from opening. + Note this should be used with more discretion than the above, since it is + more likely to break some sites that require pop-ups for normal usage. Use + with caution. +
This is a helper filter that has no value if used alone. It makes the + banners-by-size and banners-by-link + (see below) filters more effective and should be enabled together with them. +
This filter removes image tags purely based on what size they are. Fortunately + for us, many ads and banner images tend to conform to certain standardized + sizes, which makes this filter quite effective for ad stripping purposes. +
Occasionally this filter will cause false positives on images that are not ads, + but just happen to be of one of the standard banner sizes. +
This is an experimental filter that attempts to kill any banners if + their URLs seem to point to known or suspected click trackers. It is currently + not of much value and is not recommended for use by default. +
Webbugs are small, invisible images (technically 1X1 GIF images), that + are used to track users across websites, and collect information on them. + As an HTML page is loaded by the browser, an embedded image tag causes the + browser to contact a third-party site, disclosing the tracking information + through the requested URL and/or cookies for that third-party domain, without + the use ever becoming aware of the interaction with the third-party site. + HTML-ized spam also uses a similar technique to verify email addresses. +
This filter removes the HTML code that loads such "webbugs". +
A rather special-purpose filter that can be used to enlarge textareas (those + multi-line text boxes in web forms) and turn off hard word wrap in them. + It was written for the sourceforge.net tracker system where such boxes are + a nuisance, but it can be handy on other sites, too. +
It is not recommended to use this filter as a default. +
Many consider windows that move, or resize themselves to be abusive. This filter + neutralizes the related JavaScript code. Note that some sites might not display + or behave as intended when using this filter. +
Some web designers seem to assume that everyone in the world will view their + web sites using the same browser brand and version, screen resolution etc, + because only that assumption could explain why they'd use static frame sizes, + yet prevent their frames from being resized by the user, should they be too + small to show their whole content. +
This filter removes the related HTML code. It should only be applied to sites + which need it. +
Many Microsoft products that generate HTML use non-standard extensions (read: + violations) of the ISO 8859-1 aka Latin-1 character set. This causes those + HTML documents to display with errors on standard-compliant platforms. +
This filter translates the MS-only characters into Latin-1 equivalents. + It is not necessary when using MS products, and will cause corruption of + all documents that use 8-bit character sets other than Latin-1. It's mostly + worthwhile for Europeans on non-MS platforms, if wierd garbage characters + sometimes appear on some pages. +
A filter for shockwave haters. As the name suggests, this filter strips code + out of web pages that is used to embed shockwave flash objects. +
Change HTML code that embeds Quicktime objects so that kioskmode, which + prevents saving, is disabled. +
Text replacements for subversive browsing fun. Make fun of your favorite + Monopolist or play buzzword bingo. +
A demonstration-only filter that shows how Privoxy + can be used to delete web content on a keyword basis. +
A collection of text replacements to disable malicious HTML and JavaScript + code that exploits known security holes in Internet Explorer. +
Presently, it only protects against Nimda and a cross-site scripting bug, and + would need active maintenance to provide more substantial protection. +
Some web sites have very specific problems, the cure for which doesn't apply + anywhere else, or could even cause damage on other sites. +
This is a collection of such site-specific cures which should only be applied + to the sites they were intended for, which is what the supplied + default.action file does. Users shouldn't need to change + anything regarding this filter. +