Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - xartica

Pages: [1] 2
Questions and Answers / Naoko 4.3
« on: August 02, 2002, 01:54:52 AM »

THanks! Unticking "local connections persist" solved the half-laoding page problem for me too.


Questions and Answers / I am stuck
« on: June 09, 2002, 04:08:53 PM »
There's no way to force the display of a particular command entry at the top of the ContextMenu.

What hpguru already posted
(include an ampersand in the command name)
is probably your best bet.

BTW, I've taken a different approach.
I have LOTS of "extras"; most of them are bookmarklets.
Cumulatively, they would clutter the ContextMenu so, instead,
I created a "Prx" folder under IE's "Links" folder...
...and HERE you can drag and rearrange the entries so that they appear in the order you want.

Move the "Prx" folder to the top of the "Links" menu, then you can have it appear (a "Prx" folder icon) appear on your toolbar. All your entries will be in the order you chose, and you might even want to create further subfolders, with those calling Prox commands & reloading the page into an new browser window placed together in one subfolder (flyout menu) and those that reload the page in same brwoser window with prox commands (dbug, etc) applied... place in a separate subfolder.


Other / Response Headers
« on: May 31, 2002, 03:05:37 AM »

Here is what i've got so far through the above RFC link and by looking at Homeric's config.

for caching as much as possible (header value and replacement empty):

Cache-Control: (in) (same as setting the replacement to "pub")
Pragma: (in) (add "no-cache" to the header value to play safe)
ETag: (in)
Expires: (in)
Vary: (in)

Toward facilitating caching, I wouldn't trust "public" to be a cache-friendly
value ~~ instead, just match "*" and no replacement line.

I don't think you're confused by this, but for the benefit of other readers...
The _NAMES_ of Prox header filters often cause confusion, because they're
named to reflect the EFFECT that activating the filter will have.
For instance, the filter named "Cache-Control: always cache (in)" indicates that if you always want your pages cached (to increase page load speed) you should enable this filter ~~ and that the appropriate place to do so is "IN" (the $IHDR).
This approach (to explaining/understanding) the filters also ignores the fact that other headers, and their content, affect caching.

Instead of looking at the "filter name", consider what each header (type) does, the possible valid content "values" for that header type, and what effect each value will have, if present.

FWIW, here's what I use for the Cache-Control $IHDR:

URL = "(^$LST(DisallowCaching))"
Key = "Cache-Control: strip this header to facilitate caching (in)"
Match = "*"

List.DisallowCaching contains the few sites like eBay and eTrade
whose pages I would NOT want to be cached, e.g.:

FWIW, I suspect that the most common reason sites
configure their webserver to include the Cache-Control header
and to set it to "no-cache"... is to drive up "pagehits" and
banner display counts.


for debugging only (header value and replacement empty):

Pragma: (out) disables browser refresh
If-Modified-Since: (out) forces a fresh page, cache is ignored
Last-Modified: (in) forces a fresh page, cache is ignored

None seems to be redundant (correct me if i'm wrong).

I don't disturb the "If_Modified-Since" header. Seems to me that the effect of stripping the tag, if it exists, counters the webbrowser's ability/CHOICE to use cached copy of page.

Above, in this discussion thread, I read:
"The only way to surely get the complete fresh page on reload seems to be killing IF-MODIFIED-SINCE (CTRL-F5 won't always work in IE)."

MSIE uses the If-Modified-Since and Last-Modified headers in tandem
(you'd have to strip both of them to have an effect)
(if either is present, MSIE will act on them)
and I'm struggling to understand why/when it would EVER be desirable to disturb the headers, if they are present.

??? Ctrl+F5 ?
Really? I thought it was just F5 (to definitively pull down a fresh copy)
Anyhow, maybe you're only stripping one of the two (tandem) headers.

Regardless of MSIE, I've noticed in the Prox log window "Browser Refresh Detected". How does is know? Where does PROX get/find/store the info?


Questions and Answers / Popup Bookmarklets
« on: May 31, 2002, 02:52:22 AM »
With MSIE, you should be able to drag the bookmarklet to you "Links" toolbar. When you activate the bookmarklet, IE should handle it in the "local" security context (regardless of the location of the page you're running the bookmark against).

My config "nulls" onunload via a filter that matches <end>.
I didn't come up with this idea, but agree that it's a necessity
(matching <end>, that is) because a page could contain an inline script
that RE-reassigns onunload, after your script (inserted just below the opening body tag) has nulled it.


Other / PDF to HTML on the fly
« on: May 25, 2002, 03:24:54 PM »
With the header filter, if Google doesn't have a cached version of a particular PDF, you're stuck with a "broken link" & would have to bypass and reload the referring page to reach the linked document., I've drafted the following WEBfilter. It lets you see, in advance, that a page anchor links to a PDF... and allows you to choose which [PDF/HTML] version to retrieve.

Name = "optionally view linked PDF as cached Google HTML page"
Active = TRUE
Bounds = "<a hrefs*>*</a>"
URL = "^([^/]|*"
Match = "1 (href=$AV(*.pdf)9)2 (*>*)3"
Replace = "1 2 3
try PDF cached as HTML at "
        "<a href=''>Google</a>"

Although I haven't field-tested the filter, it works in the Prox filter test window

================ filter test window input:
stuff <a href="" target=_new>get the PDF</a>

================ filter test window output:
stuff <a href="" target=_new>get the PDF</a>
try PDF cached as HTML at <a href=''>Google</a>

An icon image (like the lozenge that the SuperOpener filter inserts)
would probably be preferable to using the "anchor text" I used in my test.


Privacy / akamai... and web beacons
« on: May 22, 2002, 05:17:18 PM »
Thanks for the reply.

I periodically grab & examine the TempInternetFiles from a gaming PC
that my son runs outside our home firewall. Here's an example an "in-the-wild" of an occurrence found in his cache. It is apparently from the site:

[ IMG SRC="" HEIGHT="2" WIDTH="1" ]

I think I have "" in my AdDomains blocklist.
(It's a crappy schmooze/pay -for-ranking search engine site)
You should be able to trigger the filter by visiting there.

positional variables:
The $SET thingie is just a way of placing a reminder/comment mid-filter.

All the others reflect my habit of using positional vars in place of asterisks while developing a filter (I tend to insert replacements like "___1___2___" so that I can quickly see the result in a page's view-source or in the replacement box of the Prox filter test window. I just forgot to change them to asterisks before posting this "finished" filter. Think there's much performance impact by leaving in the positional variables? I played with this a while back, and can't remember seeing much difference (vars vs asterisks).

size (height/width dimensions):
In all my other filters, I've chosen to ignore dimensions when filtering.
For instance, my version of "kill offsite images" removes ALL images. Through the years of dialup 'net access, I learned to use (and to appreciate, when surfing) webpages that preload images which will be required within a page later in the pageset... so I don't want to "punish" the continued practice of preloading. Even with a cable modem, pageloads at sites (art sites) that employ preloading can seem quite a bit "snappier".
In this filter though, the rationale is that if I visit a site frequently and know that ALL their images are Akamai-cached, I'll list 'em in a bypass list called by the filter. For other/unknown sites, I guess I'm willing to "lose" the little images (whether they're innocuous or not) for the sake of not tying up so many concurrent TCP connections. This would seem to suit the "way I surf", continually shift-clicking links and tabbing between scads of browser windows (rather than [cough] patiently waiting for each page to load).
I don't know yet if the difference in load-time will be noticable.

Although I found dozens of references to "clear.gif" I'm sure Akamai has several other "reusable" beacon images in their stable. As the filter evolves, instead of "OR -ing " the size and filname arguments, maybe I'll "AND" them,
and just ennumerate the known "reusable" image filenames.


Privacy / akamai... and web beacons
« on: May 22, 2002, 07:44:29 AM »
As far as privacy goes, I normally "shrug off" any worries about "web bugs".
Today, however, I got to thinking: even if the buggers are "harmless enough" they are STEALING tcp connections -- thereby delaying the loading of other page elements, eh?

I've seen configs where Proxxers are blocking akamai altogether, but I don't see that as a feasible option. They carry (cache) a lot of valid content for many sites I visit, especially imagefiles.

By the time I cobbled this filter to address the immediate problem
(akamai... slash partnername and/or ad-client account number ...clear.gif)
the thought process brought a whole bunch of questions and thoughts I'd like to discuss.

Name = "strip Akamai web beacons"
Active = FALSE
Multi = TRUE
Bounds = "<i(m(g|age)|nput)s*>"
Limit = 512
Match = "1 src=$AV( 2 akamai 3)&
       $SET(9=CAVEAT: hidden property may be assigned via external CSS)"
Replace = "
 <!-- SUSPECTED akamai web beacon nixed -->

What about OBJECT, APPLET and EMBED tags?

What about DHTML runtime replacements?
(ala document.links[1].whatever.innerText = "URL of element not prox-parsed when the page loaded")

What about URL strings assigned via variables, declared within external script files? One example I've seen is:
imgsRoot = '';


Privacy / web beacon found within stylesheet linkTag
« on: May 22, 2002, 07:17:14 AM »
--- (in the Yahoo!Prox-list forum) Michael B?rschgens wrote:
> I've found the following line in a webpage:
> <link rel=stylesheet type="text/css"
> href="">
> Since I've never seen this before I think it is a new idea to slip
> through filters.

--- my reply:

Yep, it's definitely a web beacon ~~ calling that URL returned
a zero-length text/html content-typed document.

Here's the counteracting webfilter I propose:

Name = "strip web beacons posing as stylesheets"
Active = TRUE
Bounds = "<links*>
Limit = 512
Match = "*rel=$AV(stylesheet)*&"

Here's my rationale:

~~ 512byte limit because the LINK tag may be padded with with several

~~ path to a valid CSS should never have a questionMark or equalSign
(I've seen valid stylesheets returned with commas in the path, FWIW)

~~ the file extension patterns might seem "obvious" but if they're
not explicitly stated, "href=pathname/MuckUp.css.cgi" could slip by

~~ Although dot-css is the convention, I continually encounter a lot
of dot-txt -named stylesheets

Discussion invited:
Should the filter also include (look for) .asp and other executables?
I think accounting for the common script extensions is enough ~~
because, eventually... some dastardly weenie will just
serve all his stylesheets from a webserver which has configured so that ".css" files are associated with (handled by) perl and are executable. The script will transparently count ya & will return the (a) valid stylesheet.



Thanks for the replies.
JD5000, that's what I was going to do (change it into a webfilter)
but Sidki3003 (thanks for posting it) has already done it.

The filter I've been using is named "banner blaster -- limit text"
but it doesn't use an external blockfile. I'm looking forward to using the external file because I then have ability to temporarily comment out one or more items & add exclusion URLs (per height/width pairs)... without cluttering my default.cfg file


Block List Files / ScoJos AdContainer Remover
« on: May 20, 2002, 02:03:01 AM »
skips the other filters?

Is that a good thing?


Arne, are you still using/recommending this filter?
I found it (active) in my config along with a comment saying that I
added in Feb 2002... but I can't remember EVER seeing it match.

Out = TRUE
Key = "URL-Killer: Multi Ads blaster -Arne (Out)"
URL = "$LST(AdDims)"
Replace = "Ads killed ARNEk"

the external (AdDims) blocklist for the filter contains:

#  banners (468x60, 470x60 (RB1 Network)...)

      (*width=[#468-470] & *height=[#60])
      (*width=([#60]|[#173]|[#230-240]) & *height=[#60])
      ) *>$SET(9=banner)

#  buttons and counters (88x31)
      *width=[#81] & *height=[#63]
      ) *>$SET(9=counter)

      *width=[#88-89] & *height=([#30-31]|[#60-62])
      ) *>$SET(9=button)

#  Part 2------------------------------------------------------
#  These sizes are not used too often for banners
#  The images that have these sizes can be safely removed if they
#  are not related to the site itself
#  ------------------------------------------------------------

# banners (468x*, 470x*...)
  |(*width=([#470]|[#480]) & *height=[#40-120])
  |(*width=([#60]|[#173]|[#230-240]|[#400-500]) & *height=[#60])
  ) *>$SET(9=banner1)

# square banners (100x100 RB2 Network
     (*width=[#95-105] & *height=[#95-105])
     |(*width=[#120-130] & *height=[#120-130])
  ) *>$SET(9=square1)

# Rare standard banners
     (*width=[#390-392] & *height=[#70-72])
     |(*width=[#120] & *height=([#60]|[#90]|[#240]))
     |(*width=[#230] & *height=[#30-33])
  ) *>$SET(9=rarebanner1)

# Non-standard banners (primarily adult sites)
     (*width=[#459-461] & *height=([#55-70]|[#80-90]|[#136]))
     |(*width=[#400] & *height=([#80]|[#100]|[#120]|[#150]))
     |(*width=[#450] & *height=([#80]|[#90]|[#125-130]|[#150]))
  ) *>$SET(9=non-standard1)

# Miscellaneous graphics
      (*width=[#100] & *height=[#50])
      |(*width=[#200] & *height=([#55-60]|[#300]))
      |(*width=[#250] & *height=[#150])
  ) *>$SET(9=misc)

#  User sizes go here...


Other / Remember where you found the html?
« on: April 19, 2002, 02:22:43 PM »
I use IE primarily, and Jor's filter is ESPECIALLY useful for viewing
cached (TempInternetFiles folder) pages.

Similarly, I use the following webfilter to tag external javacsript files:

Name = "external javascript files: insert header showing the source URL"
Active = TRUE
URL = "*.js(^?)"
Match = "*1"
Replace = "//source:       u


# note: <start> did not work with js files when I tried it
# also: some files not being touched ~~
# May need to add  |$Type(js)   to the end of the URL matchline

Questions and Answers / Match/Replace Question
« on: March 22, 2002, 12:42:09 PM »
This match expression/replacement pair:

Match = "([^/]++.|)(DomainDotSuffix)1([./:"'#]|(^?))"
Replace = "1"

will do what you are asking.  In the hostname portion of a URL,
it matches instances of "Anything or Nothing", followed by the
"domain suffix" you are interested in targeting.

Input either "child1.domain.suffix" or "child2.child1.domain.suffix"
or even "childN.....child1.domain.suffix" and it will output

If you are interested in matching/modifying numerous "domain suffix" strings,
you can ennumerate them in an external blocklist and use this, instead:


In this case, your blocklist could contain items like:


Questions and Answers / HighLite list ?
« on: March 11, 2002, 01:10:31 AM »
The following is a general rule, but is especially
relavent to use of the filter I posted above.


# just put (-| ) between the two halves, like this:
#         compound (-| ) word


Security - General / Proxomitron & Zone Alarm
« on: March 10, 2002, 09:41:14 PM »
ZAP should work fine with Proxomitron.
One of the buggy symptoms I've experienced with ZAP 3.0
is an "automagic" change of settings (block cookies, for instance)
after a dirty shutdown. I haven't had to reinstall, nor have I been
frustrated to the point of reverting to v2.6x... yet.

Typical chain of events:
One of the ZAP components "hangs" ~~ won't allow Win98 to shutdown.
Call taskManager to see what's still running, and it just shows rundll32.
Force shutdown (yank plug to PC. Aaargh.)
Upon restart, Win98 runs scandisk. No errors reported.

When this happens, more often than not, one or more of the ZAP
security settings gets scrambled.


Pages: [1] 2