Something like “decentraleyes” for Privoxy…

[JJoe]

(Apr. 08, 2019 06:35 PM)vlad_s Wrote:  I looked at news.yandex.ru, there is code "301 Moved Permanently" for the request https://news.yandex.ru/favicon.ico for https://yastatic.net/iconostasis/_/egVpf...c22BBg.ico without transmitting the header "Access-Control-Allow-Origin: *".

The crossorigin restriction does not apply to the image "/favicon.ico". So, the redirect to yastatic from yandex is allowed.

(Apr. 08, 2019 06:35 PM)vlad_s Wrote:  I am assuming that you can still configure the redirect, without filtering the page suggested with your last message? Or am I wrong?

I still need to filter the page to allow the 302. In Proxomitron, 302 is $JUMP().

Fortunately, the Proxomitron has a 'transparent' redirect that the browser cannot see. $RDIR() works without filtering the page.
Unfortunately, I don't think Privoxy has a transparent redirect?

If you can add another instance of Privoxy to add the header to Privoxy's 302,
you would not need to filter the page.



BTW, not trying to convert anybody to Proxomitron. Just trying to help.

[vlad_s]

The redirect in Privoxy is only https://www.privoxy.org/user-manual/acti...l#REDIRECT
Another instance can be launched, but I do not understand their interaction in this form. In addition, Privoxy allows you to do this https://www.privoxy.org/user-manual/filt...ER-SYNTAX, but I also don’t really understand how to apply it.
About Proxomitron, because I use a homemade router, I use the Ubuntu Server OS, so all programs here are typical for Linux systems. I like the flexibility of this system and, as an OS for the router, it is wonderful. And as I understood Proxomitron for Windows systems. I am not against these, not only do I use them myself, but I still prefer Linux as a router.

[vlad_s]

One good person suggested the following method:

Code:

CLIENT-HEADER-FILTER: redirect-uri-u redirect-uri-u
s@(GET)\s+(https?:)//?[^,%]+\b(angularjs|jquery|modernizr|moment)(js)?/([0-9\.]+)/[a-z\-]+\b[^/]*\.js\s+(HTTP/\d+\.\d+)$@$1 https://192.168.2.1/decentraleyes/$3/$5/$3.min.jsm@i
s@(Host:)\s+.*$@$1 192.168.2.1@i

The idea is such, "the browser issues a request to the server, privoxy it intercepts and changes the address, without telling the browser anything about it. The browser receives an answer thinking that it receives data from the original site." But the browser still complains about the missing "Access-Control-Allow-Origin:" header.

[vlad_s]

It seems that the problem is somehow related to the work of ProxHTTPSProxyMII. Here is an example of how the filter works:
filter

Code:

CLIENT-HEADER-FILTER: redirect-uri-u redirect-uri-u
s@(GET)\s+(?:https?\:\/\/)[^\/]+\/send-stylesheet\s+(HTTP\/\d+\.\d+)$@$1 http://www.privoxy.org/p_web.css $2@i
s@(Host:)\s+.*$@$1 www.privoxy.org@i

SERVER-HEADER-FILTER: add-new-header-u add-new-header-u
s@^(HTTP\/\d+\.\d+\s+.*)$@$1\nAccess-Control-Allow-Origin: *@i

action

Code:

{+client-header-filter{redirect-uri-u} \
}
config.privoxy.org/send-stylesheet
{+server-header-filter{add-new-header-u} \
}
config.privoxy.org/

Test page: http://config.privoxy.org/send-stylesheet
Substitution: http://www.privoxy.org/p_web.css
The header is added, but in the filter from my post above, no.

[JJoe]

I think your code is bad.

(Apr. 12, 2019 08:38 PM)vlad_s Wrote:  

Code:

CLIENT-HEADER-FILTER: redirect-uri-u redirect-uri-u
s@(GET)\s+(https?:)//?[^,%]+\b(angularjs|jquery|modernizr|moment)(js)?/([0-9\.]+)/[a-z\-]+\b[^/]*\.js\s+(HTTP/\d+\.\d+)$@$1 https://192.168.2.1/decentraleyes/$3/$5/$3.min.jsm@i
s@(Host:)\s+.*$@$1 192.168.2.1@i

Privoxy is returning

Privoxy Wrote:Bad request. Messed up with header filters.

  PrivoxyResponse.jpg (Size: 46.26 KB / Downloads: 420)

  Network.jpg (Size: 91.48 KB / Downloads: 421)

Try something like:
Filter

Code:

CLIENT-HEADER-FILTER: redirect-uri-u redirect-uri-u
s@(GET)\s+(https?:)//?[^,%]+\b(angularjs|jquery|modernizr|moment)(js)?/([0-9\.]+)/[a-z\-]+\b[^/]*\.js\s+(HTTP/\d+\.\d+)$@$1 http://192.168.2.1/decentraleyes/$3/$5/$3.min.js HTTP/1.1 @i
s@(Host:)\s+.*$@$1 192.168.2.1 @i

SERVER-HEADER-FILTER: add-new-header-u add-new-header-u
s@^(HTTP\/\d+\.\d+\s+.*)$@$1\nAccess-Control-Allow-Origin: *@i

Action

Code:

{+client-header-filter{redirect-uri-u} \
}
yastatic.net/jquery/2.1.4/jquery.min.js
{+server-header-filter{add-new-header-u} \
}
yastatic.net/jquery/

This worked for me:

Code:

CLIENT-HEADER-FILTER: redirect-uri-u redirect-uri-u
s@(GET)\s+(https?:)//?[^,%]+\b(angularjs|jquery|modernizr|moment)(js)?/([0-9\.]+)/[a-z\-]+\b[^/]*\.js\s+(HTTP/\d+\.\d+)$@$1 http://127.0.0.1:8443/decentraleyes/$3/$5/$3.min.js HTTP/1.1 @i
s@(Host:)\s+.*$@$1 127.0.0.1:8443 @i

SERVER-HEADER-FILTER: add-new-header-u add-new-header-u
s@^(HTTP\/\d+\.\d+\s+.*)$@$1\nAccess-Control-Allow-Origin: *@i

Code:

{+client-header-filter{redirect-uri-u} \
}
yastatic.net/jquery/2.1.4/jquery.min.js
{+server-header-filter{add-new-header-u} \
}
yastatic.net/jquery/

[vlad_s]

I apologize for my accusations. Yes, in the latter case, I confused a lot of things, but I was sent on the right path. The working scheme for such a capricious site looks like this:
filter

Code:

CLIENT-HEADER-FILTER: redirect-uri-u redirect-uri-u
s@(GET)\s+(https?://)[^,%]+\b(angularjs|jquery|modernizr|momentjs)/([0-9\.]+)/[a-z\-]+\b[^/]*\.js\s+(HTTP/\d+\.\d+)$@$1 $2\192.168.2.1/decentraleyes/$3/$4/$3.min.jsm $5@i
s@(Host:)\s+.*$@$1 192.168.2.1@i

SERVER-HEADER-FILTER: Add-Access-Control-Allow-Origin Add Access-Control-Allow-Origin header
s@^(HTTP\/\d+\.\d+\s+.*)$@$1\nAccess-Control-Allow-Origin: *@i

action

Code:

{+client-header-filter{redirect-uri-u} \
}
yastatic.net/(angularjs|jquery|jquery-ui|modernizr)/
yandex.st/(angularjs|jquery|jquery-ui|modernizr)/
{+server-header-filter{Add-Access-Control-Allow-Origin} \
}
yastatic.net/(angularjs|jquery|jquery-ui|modernizr)/
yandex.st/(angularjs|jquery|jquery-ui|modernizr)/

Substitution is not noticeable for the browser, you do not need to add your host to the Content-Security-Policy headers.