###################################################################### # # File : $Source: /cvsroot/ijbswa/current/default.action.master,v $ # # $Id: default.action.master,v 1.38 2006/10/21 22:21:45 hal9 Exp $ # # Requires : This version requires Privoxy v3.0.4 or later due to # syntax changes. # # Purpose : Default actions file, see # http://www.privoxy.org/user-manual/actions-file.html. # This file is subject to periodic updating. Local exceptions # and enhancements are better placed in user.action. # # Copyright : Written by and Copyright (C) 2001 - 2006 the # Privoxy team. http://www.privoxy.org/ # # Note: Updated versions of this file will be made available from time # to time. Check http://sourceforge.net/project/showfiles.php?group_id=11118 # for updates and/or subscribe to the announce mailing list # (http://lists.sourceforge.net/lists/listinfo/ijbswa-announce) if you # wish to receive an email notice whenever updates are released. # # We value your feedback. However, to provide you with the best support, # please note: # # * Use the support forum to get help: # http://sourceforge.net/tracker/?group_id=11118&atid=211118 # * Submit feedback for this actions file only through the # SF actions file feedback tracker: # http://sourceforge.net/tracker/?group_id=11118&atid=460288 # * Submit bugs only through our bug forum: # http://sourceforge.net/tracker/?group_id=11118&atid=111118 # Make sure that the bug has not already been submitted. Please try # to verify that it is a Privoxy bug, and not a browser or site # bug first. If you are using your own custom configuration, please # try the stock configs to see if the problem is a configuration # related bug. And if possible please try the latest CVS sources. # * Submit feature requests only through our feature request forum: # http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse # # For any other issues, feel free to use the mailing lists: # http://sourceforge.net/mail/?group_id=11118 # # Anyone interested in actively participating in development and related # discussions can join the appropriate mailing list here: # http://sourceforge.net/mail/?group_id=11118. Archives are available # here too. # # The current development version of this file is located: # http://ijbswa.cvs.sourceforge.net/*checkout*/ijbswa/current/default.action.master # ############################################################################# # Syntax ############################################################################# # # A much better explanation can be found in the user manual which is # part of the distribution and can be found at http://www.privoxy.org/user-manual # # To determine which actions apply to a request, the URL of the request is # compared to all patterns in this file. Every time it matches, the list of # applicable actions for this URL is incrementally updated. You can trace # this process by visiting http://config.privoxy.org/show-url-info # # There are 4 types of lines in this file: comments (like this line), # actions, aliases and patterns, all of which are explained below. # ############################################################################# # Pattern Syntax ############################################################################# # # 1. On Domains and Paths # ----------------------- # # Generally, a pattern has the form /, where both the # and part are optional. The pattern matching syntax is different for # each. If you only specify a domain part, the "/" can be left out, but it is # required for the path part. # # www.example.com # is a domain-only pattern and will match any request to www.example.com # # www.example.com/ # means exactly the same (but is slightly less efficient) # # www.example.com/index.html # matches only the document /index.html on www.example.com # # /index.html # matches the document /index.html, regardless of the domain # # index.html # matches nothing, since it would be interpreted as a domain name and # there is no top-level domain called ".html". # # 2. Domain Syntax # ---------------- # # The matching of the domain part offers some flexible options: If the # domain starts or ends with a dot, it becomes unanchored at that end: # # www.example.com # matches only www.example.com # # .example.com # matches any domain that ENDS in .example.com # # www. # matches any domain that STARTS with www. # # .example. # matches any domain that CONTAINS example # # # Additionally, there are wildcards that you can use in the domain names # themselves. They work pretty similar to shell wildcards: "*" stands for # zero or more arbitrary characters, "?" stands for one, and you can define # charachter classes in square brackets and they can be freely mixed: # # ad*.example.com # matches adserver.example.com, ads.example.com, etc but not sfads.example.com # # *ad*.example.com # matches all of the above # # .?pix.com # matches www.ipix.com, pictures.epix.com, a.b.c.d.e.upix.com etc # # www[1-9a-ez].example.com # matches www1.example.com, www4.example.com, wwwd.example.com, # wwwz.example.com etc, but not wwww.example.com # # You get the idea? # # 2. Path Syntax # -------------- # # Paths are specified as full regular expressions, and are more flexible than # the domain syntax above. A comprehensive discussion of regular expressions # wouldn't fit here. # # Perl compatible regular expressions are used. See the pcre/docs/ direcory or # man perlre (also available at http://perldoc.perl.org/perlre.html) for # details. The appendix to our User Manual also has some detail. # # Please note that matching in the path is CASE INSENSITIVE by default, but # you can switch to case sensitive by starting the pattern with the "(?-i)" # switch: # # www.example.com/(?-i)PaTtErN.* # will match only documents whose path starts with PaTtErN in exactly this # capitalization. # # Partially case-sensetive and partially case-insensitive patterns are # possible, but the rules about splitting them up are extremely complex # - see the PCRE documentation for more information. # ############################################################################# # Action Syntax ############################################################################# # # There are 3 kinds of actions: # # Boolean (e.g. "block"): # +name # enable # -name # disable # # Parameterized (e.g. "hide-user-agent"): # +name{param} # enable and set parameter to "param" # -name # disable # # Multi-value (e.g. "add-header", "send-wafer"): # +name{param} # enable and add parameter "param" # -name{param} # remove the parameter "param" # -name # disable totally # # The default (if you don't specify anything in this file) is not to take # any actions - i.e completely disabled, so Privoxy will just be a # normal, non-blocking, non-anonymizing proxy. You must specifically # enable the privacy and blocking features you need (although the # provided default actions file will do that for you). # # Later actions always override earlier ones. For multi-valued actions, # the actions are applied in the order they are specified. # ############################################################################# # Valid actions are: ############################################################################# # # +add-header{Name: value} # Adds the specified HTTP header, which is not checked for validity. # You may specify this many times to specify many headers. # # +block # Block this URL. Privoxy will ignore this URL completely, and not request # it. # # +content-type-overwrite # Replaces the "Content-Type:" HTTP server header, so that unwanted # download menus will not pop up, or changes the browser's rendering mode. # # +crunch-client-header{string} # Deletes every header sent by the client that contains the string the # user supplied as parameter. # # +crunch-if-none-match # Deletes the "If-None-Match:" HTTP client header. # # +crunch-server-header{string} # Deletes every header sent by the server that contains the string the # user supplied as a parameter. # # +deanimate-gifs{last} # +deanimate-gifs{first} # Deanimate all animated GIF images, i.e. reduce them to their last # frame. This will also shrink the images considerably. (In bytes, # not pixels!) # If the option "first" is given, the first frame of the animation # is used as the replacement. If "last" is given, the last frame of # the animation is used instead, which propably makes more sense for # most banner animations, but also has the risk of not showing the # entire last frame (if it is only a delta to an earlier frame). # # +downgrade-http-version # Downgrade HTTP/1.1 client requests to HTTP/1.0 and downgrade the # responses as well. Use this action for servers that use HTTP/1.1 # protocol features that Privoxy currently can't handle yet. # # +fast-redirects{check-decoded-url} # +fast-redirects{simple-check} # Many sites, like yahoo.com, don't just link to other sites. # Instead, they will link to some script on their own server, # giving the destination as a parameter, which will then redirect # you to the final target. # # URLs resulting from this scheme typically look like: # http://some.place/some_script?http://some.where-else # # Sometimes, there are even multiple consecutive redirects encoded # in the URL. These redirections via scripts make your web browing # more traceable, since the server from which you follow such a link # can see where you go to. Apart from that, valuable bandwidth and # time is wasted, while your browser aks the server for one redirect # after the other. Plus, it feeds the advertisers. # # The +fast-redirects{check-decoded-url} option enables interception of # these requests by Privoxy, who will cut off all but the last valid URL # in the request and send a local redirect back to your browser without # contacting the intermediate sites. NOTE: Syntax change as of v.3.0.4. # # +filter{name} # All files of text-based type, most notably HTML and JavaScript, to which # this action applies, can be filtered on-the-fly through the specified # regular expression based substitutions. (Note: plain text documents are # exempted from filtering, because web servers often use the text/plain # MIME type for all files whose type they don't know.) By default, # filtering works only on the raw document content itself (that which can # be seen with View Source), not the headers. Repeat for multiple filters. # Use with caution: filters can be very intrusive. # # Filters predefined in the supplied default.action include: # # js-annoyances: Get rid of particularly annoying JavaScript abuse # js-events: Kill all JS event bindings (Radically destructive! Use only on real suckers) # html-annoyances: Get rid of particularly annoying HTML abuse # content-cookies: Kill cookies that come in the HTML or JS content # refresh-tags: Kill automatic refresh tags (for dial-on-demand setups) # unsolicited-popups: Disable only unsolicited pop-up windows # all-popups: Kill all popups in JavaScript and HTML # img-reorder: Reorder attributes in tags to make the banners-by-* filters more effective # banners-by-size: Kill banners by size (very efficient!) # banners-by-link: Kill banners by their links to known clicktrackers # webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking) # tiny-textforms: Extend those tiny textareas up to 40x80 and kill the hard wrap # jumping-windows: Prevent windows from resizing and moving themselves # frameset-borders: Give frames a border # demoronizer: Fix MS's non-standard use of standard charsets # shockwave-flash: Kill embedded Shockwave Flash objects # quicktime-kioskmode: Make Quicktime movies saveable # fun: Text replacements for subversive browsing fun! # crude-parental: Kill all web pages that contain the words "sex" or "warez" # ie-exploits: Disable some known Internet Explorer bug exploits # site-specifics: Cure for site-specific problems. Don't apply generally! # # +filter-client-headers # By default, filters only apply to the document content itself. This will # extend those filters to include the client's headers as well. # # +filter-server-headers # By default, filters only apply to the document content itself. This will # extend those filters to include the server's headers as well. # # +force-text-mode # Declares a document as plain text, even if the "Content-Type:" isn't detected # as such. # # +handle-as-empty-document # This action alone doesn't do anything noticeable. It just marks URLs. If # the block action also applies, the presence or absence of this mark # decides whether an HTML "blocked" page, or an empty document will be sent # to the client as a substitute for the blocked content. # # +hide-accept-language{lang} # +hide-accept-language{block} # Deletes or replaces the "Accept-Language:" HTTP header in client # requests. # # +hide-content-disposition{block} # +hide-content-disposition{string} # Deletes or replaces the "Content-Disposition:" HTTP header set by some # servers. This can be used to prevent download menus for content you # prefer to view inside the browser, for example. # # +hide-forwarded-for-headers # Block any existing X-Forwarded-for header, and do not add a new one. # # +hide-from-header{block} # +hide-from-header{spam@sittingduck.xqq} # If the browser sends a "From:" header containing your e-mail address, # either completely removes the header ("block"), or change it to the # specified e-mail address. # # +hide-if-modified-since{block} # +hide-if-modified-since{-1} # Deletes the "If-Modified-Since:" HTTP client header or modifies its # value, preventing another way to track users. # # +hide-referer{block} # +hide-referer{forge} # +hide-referer{http://nowhere.com} # Don't send the "Referer:" (sic) header to the web site. You can # block it, forge a URL to the same server as the request (which is # preferred because some sites will not send images otherwise) or # set it to a constant string. # # +hide-referrer{...} # Alternative spelling of +hide-referer. Has the same parameters, # and can be freely mixed with, "+hide-referer". ("referrer" is the # correct English spelling, however the HTTP specification has a # bug - it requires it to be spelt "referer"). # # +hide-user-agent{browser-type} # Change the "User-Agent:" header so web servers can't tell your # browser type. (Breaks many web sites). Specify the user-agent # value you want - e.g., to pretend to be using Netscape on Linux: # +hide-user-agent{Mozilla (X11; I; Linux 2.0.32 i586)} # Or to identify yourself explicitly as a Privoxy user: # +hide-user-agent{Privoxy/1.0} # (Don't change the version number from 1.0 - after all, why tell them?) # # +handle-as-image # Treat this URL as an image. This only matters if it's also "+block"ed, # in which case a "blocked" image can be sent rather than a HTML page. # See +set-image-blocker{} for the control over what is actually sent. # # +inspect-jpegs # Scan jpeg headers for malformed comment blocks and correct them. # # +set-image-blocker{blank} # +set-image-blocker{pattern} # +set-image-blocker{} with being any valid image URL # Decides what to do with URLs that end up tagged with {+block +handle-as-image}. # There are 4 options: # * "-set-image-blocker" will send a HTML "blocked" page, usually # resulting in a "broken image" icon. # * "+set-image-blocker{blank}" will send a 1x1 transparent image # * "+set-image-blocker{pattern}" will send a 4x4 grey/white pattern # which is less intrusive than the logo but easier to recognize # than the transparent one. # * "+set-image-blocker{}" will send a HTTP temporary redirect # to the specified image URL. # # # +limit-connect{portlist} # The CONNECT methods exists in HTTP to allow access to secure websites # (https:// URLs) through proxies. It works very simply: The proxy # connects to the server on the specified port, and then short-circuits # its connections to the cliant and to the remote proxy. # This can be a big security hole, since CONNECT-enabled proxies can # be abused as TCP relays very easily. # By default, i.e. in the absence of a +limit-connect action, Privoxy # will only allow CONNECT requests to port 443, which is the standard port # for https. # If you want to allow CONNECT for more ports than that, or want to forbid # CONNECT altogether, you can specify a comma separated list of ports and port # ranges (the latter using dashes, with the minimum defaulting to 0 and max to 65K): # # +limit-connect{443} # This is the default and need no be specified. # +limit-connect{80,443} # Ports 80 and 443 are OK. # +limit-connect{-3, 7, 20-100, 500-} # Port less than 3, 7, 20 to 100, and above 500 are OK. # # +overwrite-last-modified{block} # +overwrite-last-modified{reset-to-request-time} # +overwrite-last-modified{randomize} # Removing the "Last-Modified:" header is useful for filter testing, where # you want to force a real reload instead of getting status code "304", # which would cause the browser to reuse the old version of the page. # # The "randomize" option overwrites the value of the "Last-Modified:" # header with a randomly chosen time between the original value and the # current time. In theory the server could send each document with a # different "Last-Modified:" header to track visits without using cookies. # "Randomize" makes it impossible and the browser can still revalidate # cached documents. # # "reset-to-request-time" overwrites the value of the "Last-Modified:" # header with the current time. You could use this option together with # hided-if-modified-since to further customize your random range. # # +prevent-compression # Prevent the website from compressing the data. Some websites do # that, which is a problem for Privoxy, since +filter, +kill-popups # and +gif-deanimate will not work on compressed data. Will slow down # connections to those websites, though. # # +prevent-keeping-cookies # +session-cookies-only # If the website sets cookies, make sure they are erased when you exit # and restart your web browser. This makes profiling cookies useless, # but won't break sites which require cookies so that you can log in # or for transactions. # # +crunch-outgoing-cookies # Prevent the website from reading cookies # # +crunch-incoming-cookies # Prevent the website from setting cookies # # +kill-popups (deprecated) # Filter the website through a built-in filter to disable # window.open() etc. The two alternative spellings are # equivalent. # # +redirect{} # Convinces the browser that the requested document has been moved to # another location and the browser should get it from the specified # URL. # # +send-vanilla-wafer # This action only applies if you are using a jarfile. It sends a # cookie to every site stating that you do not accept any copyright # on cookies sent to you, and asking them not to track you. Of # course, this is a (relatively) unique header they could use to # track you. # # +send-wafer{name=value} # This allows you to add an arbitrary cookie. Specify it multiple # times in order to add several cookies. # # +treat-forbidden-connects-like-blocks # If this action is enabled, Privoxy no longer makes a difference between # forbidden connects and ordinary blocks. # # By default Privoxy answers forbidden "Connect" requests with a short # error message inside the headers. If the browser doesn't display headers # (most don't), you just see an empty page. With this action enabled, # Privoxy displays the message that is used for ordinary blocks instead. If # you decide to make an exception for the page in question, you can do so # by following the "See why" link. # ############################################################################# ############################################################################# # Settings -- Don't change. ############################################################################# {{settings}} ############################################################################# for-privoxy-version=3.0.5 ############################################################################# # Aliases ############################################################################# {{alias}} ############################################################################# # # You can define a short form for a list of permissions - e.g., instead # of "-crunch-incoming-cookies -crunch-outgoing-cookies -filter -fast-redirects", # you can just write "shop". This is called an alias. # # Currently, an alias can contain any character except space, tab, '=', '{' # or '}'. # But please use only 'a'-'z', '0'-'9', '+', and '-'. # # Alias names are not case sensitive. # # Aliases beginning with '+' or '-' may be used for system action names # in future releases - so try to avoid alias names like this. (e.g. # "+crunch-all-cookies" below is not a good name) # # Aliases must be defined before they are used. # # These aliases just save typing later: # +crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies -crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies allow-all-cookies = -crunch-all-cookies -session-cookies-only allow-popups = -filter{all-popups} -kill-popups -filter{unsolicited-popups} +block-as-image = +block +handle-as-image -block-as-image = -block # These aliases define combinations of actions # that are useful for certain types of sites: # fragile = -block -crunch-all-cookies -filter -fast-redirects -hide-referer -kill-popups -prevent-compression shop = -crunch-all-cookies allow-popups # Your favourite blend of filters: # myfilters = +filter{html-annoyances} +filter{js-annoyances} +filter{all-popups}\ +filter{webbugs} +filter{nimda} +filter{banners-by-size} #+filter{fun} # Allow ads for selected useful free sites: # allow-ads = -block -filter{banners-by-size} -filter{banners-by-link} ############################################################################# # Defaults ############################################################################# { \ -add-header \ -block \ -content-type-overwrite \ -crunch-client-header \ -crunch-if-none-match \ -crunch-outgoing-cookies \ -crunch-incoming-cookies \ -crunch-server-header \ -deanimate-gifs \ -downgrade-http-version \ -fast-redirects \ -filter{js-annoyances} \ -filter{js-events} \ -filter{html-annoyances} \ -filter{content-cookies} \ -filter{refresh-tags} \ -filter{unsolicited-popups} \ -filter{all-popups} \ -filter{img-reorder} \ -filter{banners-by-size} \ -filter{banners-by-link} \ -filter{webbugs} \ -filter{tiny-textforms} \ -filter{jumping-windows} \ -filter{frameset-borders} \ -filter{demoronizer} \ -filter{shockwave-flash} \ -filter{quicktime-kioskmode} \ -filter{fun} \ -filter{crude-parental} \ -filter{ie-exploits} \ -filter{site-specifics} \ -filter-client-headers \ -filter-server-headers \ -force-text-mode \ -handle-as-empty-document \ -handle-as-image \ -hide-accept-language \ -hide-content-disposition \ -hide-if-modified-since \ +hide-forwarded-for-headers \ +hide-from-header{block} \ -hide-referrer \ -hide-user-agent \ -inspect-jpegs \ -kill-popups \ -limit-connect \ -prevent-compression \ -overwrite-last-modified \ -redirect \ -send-vanilla-wafer \ -send-wafer \ -session-cookies-only \ +set-image-blocker{pattern} \ -treat-forbidden-connects-like-blocks \ } / # Match all URLs ############################################################################# # These extensions belong to images: ############################################################################# {+handle-as-image -filter} ############################################################################# /.*\.(gif|jpe?g|png|bmp|ico)($|\?) ############################################################################# # These don't: ############################################################################# {-handle-as-image} /.*\.(js|php|css|.?html?) ############################################################################# # Generic block patterns by host: ############################################################################# {+block} ad*. .*ads. .ad. .*advert*. *banner*. count*. *counter. promotions. ############################################################################# # Generic unblockers by host: ############################################################################# {-block} adsl. ad[udmw]*. adbl*. adam*. adob*. adrenaline. adtp*. adv[oia]*. .*road*. .olympiad*. .*load*. .*[epu]ad*. county*. countr*. ############################################################################# # Generic block patterns by path: ############################################################################# {+block} /(.*/)?ad(\?|/|s|v|_?(image|se?rv|box)|cycle|rotate|mentor|click|f[ra]m|script|stream|fetch|log|space) /.*ads(new)?/ /(.*/)?(ad|all|nn|db|promo(tion)?)?[-_]?banner /(.*/)?(publicite|werbung|reklaa?m|annonse|maino(kset|nta|s)?/) /.*(count|track|compteur|adframe|adse?rve?|banner)(er|run)?(\?|\.(pl|cgi|exe|dll|asp|php|cpt)) /(.*/)?clicktrack ############################################################################# # Generic unblockers by path: ############################################################################# {-block} /.*ad(sl|v(i[cs]|o|an|ertencia|ent|.*search)) # advice/advisories/advan*/advertencia (spanish) /.*(lo|thre|he|d|gr|l|ro|re|squ)ads /.*account support./(.*/)?track ############################################################################# # Exceptions for academia ############################################################################# .edu .ac.*/ .uni-*.de .tu-*.de .gov .hs-*.de .fh-*.de ############################################################################# # Catch-all for false-positives that are just TOO obvious to let go ############################################################################# {+block} .ads[erv][rv]*. .ads. /(.*/)?ad(se?rv|click|stream|image) ############################################################################# # Site-specific block patterns; ############################################################################# .hitbox.com .the-gadgeteer.com/cgi-bin/getimage.cgi/ dest.travelocity.com/website/destinations/images/partner_frommers.gif dest.travelocity.com/website/destinations/images/travelex_logo.gif i.imdb.com/Photos/CMSIcons/(?!buttons|emoticons) rcm.amazon.com .nytimes.com/adx/ #www.popupad.net/ats/ .adtrak.net .elitemediagroup.net .popuptraffic.com .hit-now.com [a-v]*.valueclick.com .cpays.com .oxado.com .adultfriendfinder.com /scripts/cms/xcms.asp /.*intellitxt/ .intellitxt.com .klipmart.com ad*.com.com dw.com.com sales.liveperson.net .iad.liveperson.net data.coremetrics.com/cm .realmedia.com/data/ .revsci.net .clickability.com /.*clickability(.com)?/ stats.*.ihost.com .2o7.net .webtrends.com .tacoda. .ign.com ad.theadhost.com .adbureau.net .adgardener.com .revenue.net .geocities.com/js_source #---------------------------------------------------------------------------- # Misc Junk. #---------------------------------------------------------------------------- {+block +handle-as-empty-document} /b/ss/.+ /HG\?hc= .visistat.com .google-analytics. .overture. .doubleclick.net/adi .doubleclick.net/(.*/)?adj/ view.atdmt.com/(.*/)?iview/ tracking. /(.*/)?adjs\.php\? #---------------------------------------------------------------------------- # JavaScripts for ad and popup generation #---------------------------------------------------------------------------- pagead*.googlesyndication./.*\.js a.tfag.de/js.ng/ /popunder ############################################################################# # Generic block-as-image patterns: ############################################################################# {+block-as-image} /.*ad_?image\.(php|cgi) /.*recips?/ /bandeaux/ /.*client_?ad\.(php|cgi) /.*AIM_UAC.adp ############################################################################# # Site-specific block-as-image patterns: ############################################################################# #---------------------------------------------------------------------------- # Banner farms: #---------------------------------------------------------------------------- ?r.atwola.com .[a-vx-z]*.doubleclick.net/(?!(.*/)?ad[ji]) .*servedby.advertising.com .a.yimg.com/(?:(?!/i/).)*$ .a[0-9].yimg.com/(?:(?!/i/).)*$ .yimg.com/(.*/)?a/ .yimg.com/.*/(flash|java)/promotions .yimg.com/a/.*/flash/ bs*.gsanet.com bs*.einets.com .qkimg.net [a-vx-z]*.atdmt.com/ .fastclick.net .casalemedia.com kermit.macnn.com/ quinst.com/images valuepage.com/images ia.imdb.com/.*\.swf .reactivpub. .as*.falkag. a.tribalfusion.com/ .adserver.com/ .ru4.com/ www.smartadserver.com/ admedia. jmcms.cydoor.com/ .adtrix.com *[0-9].tribalfusion.com/ img.mediaplex.com a*farm.mediaplex.com view.atdmt.com matrix.mediavantage. .cibleclick.com .netracker.net .interclick.com .maxserving.com .gonamic.de .webads. .adlegend.com .belnk.com .euros4click. ads-*.quarterserver. searchportal.information.com/ images.ibsys.com/ #---------------------------------------------------------------------------- # Cross-site user tracking #---------------------------------------------------------------------------- .*.*.spylog.com/ statse.webtrendslive.com spinbox.versiontracker.com/.*\.(gif|jpg) stat.onestat.com .[a-vx-z]*.tradedoubler.com stat.webmedia. log*.xiti.com/ log*.hit-parade.com/ www.xml.eshop.msn.com/tracksponsorimpression.asp #stats.surfaid.ihost.com/(crc/)?images/(bounce/)?uc.GIF stats./c?rc/.*/uc.gif .imrworldwide.com .clicktracks.com .etracker. .x-traceur.com content.ipro.com .247realmedia.com .sify.com .searchignite.com .statcounter.com .research-int.se/data .cybermonitor.com /(.*/)?c(lear)?\.gif\?. #/(.*/)?(clear|(trans_?1x|blank)?1).gif /(.*/)?(clear|blank|(trans_?|1x)?1).gif\?.+ log.go.com/log stats.indextools.com /.*/dcs.gif\?&?dcs /__utm.gif\? #---------------------------------------------------------------------------- # Specific counters (see above for generic patterns) #---------------------------------------------------------------------------- s*.sitemeter.com/meter fastcounter.bcentral.com/ bilbo.counted.com/ #[a-z][0-9].nedstatbasic.net/ #---------------------------------------------------------------------------- # On-site ads and other single sources: #---------------------------------------------------------------------------- .travelocity./Sponsor_gifs/ .weather.com/creatives/ .weather.com/web/services/email/ /.*/topslots/topslot .contextweb.com/ .offermatica.com/ .adbrite.com .jpost.com/images/\d+/promos/ .infoempleo.com/(pop-up|images(/Nueva/|/motor)) hera.hardocp.com/ leadback.advertising. .yieldmanager.com/ .displayadsmedia.com astalavista.box.sk/adult.*\.jpg smartad.*.*.* .bc.yahoo.com/b\?P= .dinside.no/annonsorer/ /RealMedia/ads/ ############################################################################# # Site-specific unblockers: ############################################################################# {-block} .faqs.org/banner\.html bannerblind.mozdev.org advogato.org ad*.vhb.de .globalintersec.com/adv banners.wunderground.com/ .openoffice.org/banners/ .amazon.com/.*/banners/ .washingtonpost.com/wp-srv/ .gnome.org .nycsubway.org/img/banner .forgotten-ny.com/ADS/ counter.li.org adrian.adrian.org adela.karlin.mff.cuni.cz .swcp.com/rtoads/ .privoxy.org sourceforge.net/.*tracker .brawnylads.com adzapper. .altavista.com/web/adv rads.mcafee.com/ linuxfromscratch.org/ dv411.com/.*advc50 .freeswan.org/ www.arm.com/.*ads www.anybrowser.org/ www.tads.org/ .mbe.com/redir/packtrack.asp .iship.com/trackit/ .esis.com.au/AdvSerialCards .familysearch.org/.*banner coder.com/creations/banner/ arnolds.dhs.org/static/adv_tools.html .gpl.org/ .europa.eu. .schooner.com/~loverso/no-ads/ source.bungie.org/ adonthell.linuxgames.com/ .bbc.co.uk/ adc.netlabs.org/ .tela.bc.ca/tads/ adbusters.org/ .eads.*/ .qualcomm.com/brew/developer/resources/ad/ /update/.*adsnt.* msdn.microsoft.com/.*masthead .indymedia.org .seanbaby.com cels.org/.*track .nic.ad.jp /(.*/)?somerights20.gif .creativecommons.org .ups.com/.*/track .adju. .rubberslug.com .freebsd.org adiumx.com .googleadservices./pagead/adclick .garaget.org/annonser/ edge.macworld.com .discovery./.*/topads/ .dawn.com/.*/(9690dina|aurora_award)\. ############################################################################# # Site-specific special rules: ############################################################################# #---------------------------------------------------------------------------- # These sites are very complex (read: keen on your identity) and require # minimal interference. #---------------------------------------------------------------------------- {fragile} .office.microsoft.com .windowsupdate.microsoft.com # too broad: .apple.com www.apple.com store.apple.com images.apple.com .update.microsoft.com mail.google. #---------------------------------------------------------------------------- # Semi-fragile, allow for blocks. #---------------------------------------------------------------------------- { -crunch-all-cookies -filter -fast-redirects -hide-referer -kill-popups -prevent-compression } .yahoo.com #---------------------------------------------------------------------------- # Shopping and banking sites - allow cookies and pop-ups #---------------------------------------------------------------------------- {shop} .quietpc.com .worldpay.com # for quietpc.com .jungle.com .dabs.com .overclockers.co.uk .db24.de .ebay. .mobile.de www.fondationlejeu.com www.techtv.com .mywebgrocer.com #---------------------------------------------------------------------------- # Subscription sites (with credible privacy policy) - allow permanent cookies #---------------------------------------------------------------------------- {-session-cookies-only} .nytimes.com/ .volkskrant.nl/ #---------------------------------------------------------------------------- # These sites require pop-ups, so don't use the unconditional filters. #---------------------------------------------------------------------------- {allow-popups} www.aprilbarrows.com/discography\.html$ .nvidia.com www*.chathouse.com/games/ .bild.t-online.de .netflix.com my.aol.com i.cnn.net/cnn/.*/clickability/button .rosettaproject.org .quantum.com #---------------------------------------------------------------------------- # Sometimes (i.e. often!) fast-redirects catches things by mistake #---------------------------------------------------------------------------- {-fast-redirects} www.ukc.ac.uk/cgi-bin/wac\.cgi\? .google. .altavista.com/(.*(like|url|link):|trans.*urltext=)http .speedfind.de .nytimes.com .yahoo.com/.*done= .w3.org .directhit.com .zagats.com my.msn.com/passport/pp(consent|set)\.ashx\?msnru= www.passport.com/Consumer/default\.asp\?lc=[0-9]+&msppchlg=[01]&mspplogin= login.passport.com/logout\.(asp|srf)\? download.com.com/redir\? www.fileplanet.com/redir\.asp\? web.archive.org .edu .archive.org www.guenstiger.de .anonymizer.com www.mailtothefuture.com support.microsoft.com/ .alexa.com www.translate.ru/url/ schneegans.de/ config.privoxy.org/ #---------------------------------------------------------------------------- # No filtering for sourcecode or other automatically parsed content #---------------------------------------------------------------------------- {-filter -prevent-compression} cvs. /.*(cvs(view|web)|viewcvs) svn. websvn. /(.*/)?svn/ liveupdate.symantec.com liveupdate.liveupdatesymantec.com liveupdate.symantecliveupdate.com .bookmarklets.com .squarefree.com/bookmarklets/ swquery.apple.com swscan.apple.com .speakeasy.net/\d+k .debian.org bugzilla. .tldp.org webmail. .wiki*. .*wiki. /.*wiki/ maps.google. .google.com/calendar code. developer. .mozdev.org .mozilla.org .perl.org .cpan.org .webdeveloper.com .ibm.com/developerworks .apache.org/docs .comptechdoc.org .webmonkey.com .webreference.com docs.sun.com java.sun.com .thescripts.com .php.net .phpdeveloper.org .oreillynet.com/pub .devshed.com .htmlgoodies.com .javascript.com javascript.internet.com .w3schools.com .devguru.com javascriptkit.com .xulplanet.com .perl.com/language/newdocs .freebsd.org .watson.org .netbsd.org .openbsd.org .dragonflybsd.org .freedesktop.org /(.*/)?flyspray/ /(.*/)?mail(man|archive|inglists?)/ bugs. quoka.de #---------------------------------------------------------------------------- # These sites suffer from a bug in PHP < 4.2.3 (ob_gzhandler broken; # workaround is to use zlib.output_compression): # (Section obsolete as of Privoxy 3.0.3, which has workaround) #---------------------------------------------------------------------------- #{-prevent-compression} # Surely this is rectified by now 09/16/06 ??? #www.powie.de #www.phpcenter.de #www.timeanddate.com #.pclinuxonline.com #.dungeoncrawl.org #www.digitalspy.co.uk #www.audio-illumination.org/forums/ #www.catchword.com #www.ubernet.org #www.ooodocs.org #www.ntcompatible.com #.winehq.com #.dotcomtod.de/ #.tweakers.net #.troublesathome.nl #.art.softshape.com #---------------------------------------------------------------------------- # Innocent images in standard banner sizes found here: #---------------------------------------------------------------------------- {-filter{banners-by-size}} .pricegrabber.com/search_getprod.php .cnn.com .gamespot.com/gamespot www.wral.com .cartoonnetwork.com/ .anybrowser.org images.google. .pbs.org/.*/roadshow/ objects.povworld.org/cat/ www.xach.com/gimp/ .mapquest.com/directions/ .theonion.com/content/ .pattilupone.net/gallery.html .ambrosiasw.com/ .microsoft.com javabog.dk/ijk/ .w3.org #---------------------------------------------------------------------------- # These don't work without the referrer information: #---------------------------------------------------------------------------- {-hide-referrer} .totaleclips.com .mandrakelinux.com/en/ftp.php3 validator.w3.org/check\?uri=referer .petitiononline.com/mod_perl/signed.cgi .telia.se #---------------------------------------------------------------------------- # These animated gifs are either useful or nice: #---------------------------------------------------------------------------- {-deanimate-gifs} .care2.com .care-mail.com .wunderground.com 66.28.250.180/data/ .teamquest.com/gifs/gunther/ .rubberslug.com #---------------------------------------------------------------------------- # These sites are so abusive that we need to kill all JS event bindings (and # probably a break a lot along the way) #---------------------------------------------------------------------------- #{+filter{js-radical}} #.planetspiele.de #216.12.219.40 #---------------------------------------------------------------------------- # The "site-specifics" filter has special cures for problems found here: #---------------------------------------------------------------------------- {+filter{site-specifics} +prevent-compression} .spiegel.de/static/js/flash-plugin\.js .quelle-bausparkasse.de/$ .groups.yahoo.com/group/ .nytimes.com/ #---------------------------------------------------------------------------- # Content under these TLDs is most probably in character sets which the # demoronizer filter would mess up #---------------------------------------------------------------------------- {-filter{demoronizer}} .jp .cn .tw .ru .kr #---------------------------------------------------------------------------- # Misc special rules: #---------------------------------------------------------------------------- {-filter{content-cookies} -filter{webbugs}} .friendscout24.de .webreference.com/js/column8/property.html {-filter{fun}} /(.*/)?user-manual/filter-file.html #{+filter{img-reorder} +filter{banners-by-link}} #www.dn.se {-filter{img-reorder}} .google. /.*wired(\.com)?/ .wired.com/ {-filter{js-annoyances}} .nasa.gov .cnrs.fr blogs.msdn.com {-filter{unsolicited-popups}} /.*mt.cgi$ .cnrs.fr blogs.msdn.com {+fast-redirects{check-decoded-url} -block} .*rd.yahoo.com/ {+block} /antitheft\.php {+filter{tiny-textforms} +prevent-compression} .sourceforge.net/tracker {+downgrade-http-version} :631 #{ -crunch-outgoing-cookies \ # -crunch-incoming-cookies \ # +session-cookies-only \ #} #www.versiontracker.com/