[Privoxy-users] Fwd: Re: [privoxy-users] What are ProxHTTPSProxyMII's features?

Vanderdenduur rvrnt at icloud.com
Thu Sep 1 08:53:16 UTC 2016


Topic : 	Re: [privoxy-users] What are ProxHTTPSProxyMII's features?
To : 	ijbswa-users at lists.sourceforge.net


Hello,

> >From various post athttps://www.prxbx.com/forums/  i see that you have developed some sort of https interface for privoxy and you're highly praised for this performance by some board users.

The one behind ProxHTTPSProxyMII is whenever 
<https://www.prxbx.com/forums/showthread.php?tid=2172&pid=18822#pid18822> 
and indeed, thanks to him, his associates and testers, I only 
managed—with the help of cattleyavns 
<https://www.prxbx.com/forums/member.php?action=profile&uid=21948>—to 
run Privoxy along with ProxHTTPSProxyMII on OS X. As far as I’m aware, 
user cattleyavns is the first to set it up on OS X. I can only be 
“praised” for the tutorial I wrote for OS X users. Linux users have 
their threat here <https://www.prxbx.com/forums/showthread.php?tid=2228> 
and has been created by user kik0s.

> >From your various post athttps://www.prxbx.com/forums/  i can not find a single information - or maybe i overlooked it - what can be done with  ProxHTTPSProxyMII.

Info here <http://www.proxfilter.net/proxhttpsproxy/index.html> and 
there <https://www.prxbx.com/forums/forumdisplay.php?fid=48>.

> You wrote thishttps://sourceforge.net/p/ijbswa/mailman/message/35070785/  and i quote from your post:
>
>> You may want to filter HTTPS requests as well… I know there have
>> been pains and cries recently about Privoxy not being able to filter
>> those requests. There is currently one working solution
>> though—ProxHTTPSProxyMII
>> <https://www.prxbx.com/forums/showthread.php?tid!91&pid728#pid18728>–that
>> I use on a daily basis with virtually no hiccup at all. It works
>> great and I confirm Privoxy is now able to block very nasty
>> encrypted requests.
> That says nothing to me.
>
> We (I !!) know more or less what can be done with Privoxy on the http side. Https traffic can only be blocked by domain names. Privoxy can't see the paths, nor the headers etc.. This kind of a simple domain blocking can also be done with uMask, dnsmasq or a hosts file. What can be done else or more with ProxHTTPSProxyMII?

I should have mentioned that, thanks to ProxHTTPSProxyMII addon, Privoxy 
can now block any request based on the path side of the HTTPS URL. 
Example of useless request (still live):

|https://s3.amazonaws.com/prod.obelusmedia/sdk/platforms/js/v2/sdk.min.js |

  * Privoxy alone; the only way to block it is to create the entry
    |.s3.amazonaws.com| in our blacklist. Not so great… Privoxy can not
    see that part: |/prod.obelusmedia/sdk/platforms/js/v2/sdk.min.js|
  *

    Privoxy + ProxHTTPSProxyMII; thus, a better solution is to block it
    using a rule set that detects “critical” keywords anywhere in the
    path (which would normally be invisible to Privoxy without the add-on) :

    |# Rejected Paths # # Ad Tech #
    /.*(chartbeat|cross.?sell|facebook|forester|mobiquo|sessioncam|yahoo)
    /.*(brightcove|googleads|obelusmedia|tag(commander|man)|xiti|zendesk)
    # <=== Match here!
    /.*(acymailing|bazaarvoice|boomr|cooladata|olark|omniture|trustpilot)
    /.*(blueconic|bluekai|breadcrumb|freshdesk|dmptag|usabilla|nugg\.?ad)
    /.*(adchemix|cedexis|segmentify|optincrusher|smartad|visual.?revenue)
    /.*(adrum|gigya|hapyak|konverto|krux|linkedin|openx|parsely|proximic)
    /.*(clickfunnel|disqus|google?.?(plus|service)|sonyoutube|optimizely)
    /.*(adsense|captify|le.?guide|mailchimp|recsys|ownedit|reevoo|runcpa)
    /.*(addthis|crazyegg|drupal|factortg|emsecure|hotjar|neewee|newgrove)
    /.*(dcstorm|marocrank|mediametrie|(socket|spoti)\.io|vicomi|volusion)
    /.*(adhese|adple?xme?d|dressipi|idcta|live.?intercept|newrelic|xsell)
    /.*(engageya|gemius|traff?ic.?trading|trading.?hub|xdirect|winnebago)
    /.*(awstats|iq.?digital|omnitag|pippity|pushwoosh|matchmedia|twitter)
    /.*(numbate|outbrain|pubn(ation|ub)|syntonic|web(perf|tre?k)|telerik)
    /.*(adestra|adriver|amshopby|dfp.?manager|kelkoo|shopify)
    /(.*[^a-z0-9])?basilic[^a-z0-9] |

I created my own set of rules here 
<https://www.prxbx.com/forums/showthread.php?tid=2226&pid=18812#pid18812> 
; I intend to update it soon with more efficient rules. The downside is 
that you need to create some exceptions if your favourite sites are 
broken. I usually use an “except” |.action| 
file—|PathExcepts.action|—called AFTER my |RejectedPath.action| file in 
Privoxy config.

> Regards.
>
>


More information about the Privoxy-users mailing list