[Privoxy-commits] [privoxy] 06/08: Remove the obsolete ie-exploits filter
User Git
git at git.privoxy.org
Sat Apr 5 14:18:54 CEST 2025
This is an automated email from the git hooks/post-receive script.
git pushed a commit to branch master
in repository privoxy.
commit 62b68d363a7e71ba69aa4526204e38dabd508dfb
Author: Fabian Keil <fk at fabiankeil.de>
AuthorDate: Thu Feb 6 14:56:56 2025 +0100
Remove the obsolete ie-exploits filter
It doesn't actually reliably protect against Nimda, there never
were active maintainers and IE is obsolete anyway.
Also some virus scanners seem to be offended by the test case
for the filter in the source tarball.
---
tests/cts/content-filters/data/test33 | 99 -----------------------------------
1 file changed, 99 deletions(-)
diff --git a/tests/cts/content-filters/data/test33 b/tests/cts/content-filters/data/test33
deleted file mode 100644
index f1dc0db4..00000000
--- a/tests/cts/content-filters/data/test33
+++ /dev/null
@@ -1,99 +0,0 @@
-<testcase>
-<info>
-<keywords>
-HTTP
-HTTP GET
-filter ie-exploits
-</keywords>
-</info>
-
-<reply>
-<data>
-HTTP/1.1 200 OK
-Date: Thu, 22 Jul 2010 11:22:33 GMT
-Connection: close
-Content-Type: text/html
-X-Control: swsclose
-
-# Here are some strings the ie-exploits filter should filter:
-
-# pcrs command 1:
-
-f("javascript:location.replace('mk:@MSITStore:C:')");
-
-# pcrs command 2:
-
-<a href="http://www.example.org/%hex[%01]hex%@blafasel">
-<a href="http://www.example.org/%hex[%02]hex%@blafasel">
-<a href="http://www.example.org/%hex[%03]hex%@blafasel">
-
-<a href="http://www.example.org/%00@blafasel">
-<a href="http://www.example.org/%01@blafasel">
-<a href="http://www.example.org/%02@blafasel">
-
-# pcrs command 3:
-
-<script language="JavaScript">window.open("readme.eml", null, "resizable=no,top=6000,left=6000")</script>
-<script language="JavaScript">1;''.concat("readme.eml", null, "resizable=no,top=6000,left=6000")</script>
-</data>
-</reply>
-
-<proxy-reply>
-<data>
-HTTP/1.1 200 OK
-Date: Thu, 22 Jul 2010 11:22:33 GMT
-Connection: close
-Content-Type: text/html
-X-Control: swsclose
-Content-Length: 890
-
-# Here are some strings the ie-exploits filter should filter:
-
-# pcrs command 1:
-
-alert("This page looks like it tries to use a vulnerability described here:
- http://online.securityfocus.com/archive/1/298748/2002-11-02/2002-11-08/2");
-
-# pcrs command 2:
-
-<a href="http://www.example.org/MALICIOUS-LINK@blafasel">
-<a href="http://www.example.org/MALICIOUS-LINK@blafasel">
-<a href="http://www.example.org/MALICIOUS-LINK@blafasel">
-
-<a href="http://www.example.org/MALICIOUS-LINK@blafasel">
-<a href="http://www.example.org/MALICIOUS-LINK@blafasel">
-<a href="http://www.example.org/MALICIOUS-LINK@blafasel">
-
-# pcrs command 3:
-
-<br><font size="7"> WARNING: This Server is infected with <a href="http://www.cert.org/advisories/CA-2001-26.html">Nimda</a>!</font>
-<br><font size="7"> WARNING: This Server is infected with <a href="http://www.cert.org/advisories/CA-2001-26.html">Nimda</a>!</font>
-</data>
-</proxy-reply>
-
-<client>
-<server>
-http
-</server>
-<name>
-+filter{ie-exploits}
-</name>
-<features>
-proxy
-</features>
-<command>
-http://%HOSTIP:%HTTPPORT/ie-exploits/%TESTNUMBER
-</command>
-</client>
-
-<verify>
-<protocol>
-GET /ie-exploits/%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-User-Agent: curl/%VERSION
-Accept: */*
-Connection: close
-
-</protocol>
-</verify>
-</testcase>
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Privoxy-commits
mailing list