diff -urN current.orig/actionlist.h current/actionlist.h
--- current.orig/actionlist.h Sun Oct 3 14:53:32 2004
+++ current/actionlist.h Sat Apr 8 21:15:57 2006
@@ -134,6 +134,7 @@
DEFINE_CGI_PARAM_RADIO ("hide-from-header", ACTION_HIDE_FROM, ACTION_STRING_FROM, "block", 1)
DEFINE_CGI_PARAM_CUSTOM ("hide-from-header", ACTION_HIDE_FROM, ACTION_STRING_FROM, "spam_me_senseless@sittingduck.xyz")
DEFINE_ACTION_STRING ("hide-referrer", ACTION_HIDE_REFERER, ACTION_STRING_REFERER)
+DEFINE_CGI_PARAM_RADIO ("hide-referrer", ACTION_HIDE_REFERER, ACTION_STRING_REFERER, "conditional-block", 2)
DEFINE_CGI_PARAM_RADIO ("hide-referrer", ACTION_HIDE_REFERER, ACTION_STRING_REFERER, "forge", 1)
DEFINE_CGI_PARAM_RADIO ("hide-referrer", ACTION_HIDE_REFERER, ACTION_STRING_REFERER, "block", 0)
DEFINE_CGI_PARAM_CUSTOM ("hide-referrer", ACTION_HIDE_REFERER, ACTION_STRING_REFERER, "http://www.google.com/")
diff -urN current.orig/parsers.c current/parsers.c
--- current.orig/parsers.c Sat Jan 21 17:16:08 2006
+++ current/parsers.c Sat Apr 8 21:16:30 2006
@@ -833,7 +833,7 @@
*********************************************************************/
jb_err crumble(struct client_state *csp, char **header)
{
- log_error(LOG_LEVEL_HEADER, "crunch!");
+ log_error(LOG_LEVEL_HEADER, "crumble crunched: %s!", *header);
freez(*header);
return JB_ERR_OK;
}
@@ -866,6 +866,7 @@
if (csp->content_type != CT_TABOO)
{
if ((strstr(*header, " text/") && !strstr(*header, "plain"))
+ || strstr(*header, "xml")
|| strstr(*header, "application/x-javascript"))
csp->content_type = CT_TEXT;
else if (strstr(*header, " image/gif"))
@@ -1129,10 +1130,13 @@
jb_err client_referrer(struct client_state *csp, char **header)
{
const char *newval;
-
+ const char *host;
+ char *referer;
+ int hostlenght;
+
#ifdef FEATURE_FORCE_LOAD
/* Since the referrer can include the prefix even
- * even if the request itself is non-forced, we must
+ * if the request itself is non-forced, we must
* clean it unconditionally
*/
strclean(*header, FORCE_PREFIX);
@@ -1146,27 +1150,73 @@
return JB_ERR_OK;
}
- freez(*header);
-
newval = csp->action->string[ACTION_STRING_REFERER];
+ if ((0 != strcmpic(newval, "conditional-block")))
+ {
+ freez(*header);
+ }
if ((newval == NULL) || (0 == strcmpic(newval, "block")) )
{
/*
* Blocking referer
*/
- log_error(LOG_LEVEL_HEADER, "crunch!");
+ log_error(LOG_LEVEL_HEADER, "Referer crunched!");
return JB_ERR_OK;
}
- else if (0 == strncmpic(newval, "http://", 7))
+ else if (0 == strcmpic(newval, "conditional-block"))
{
/*
- * We have a specific (fixed) referer we want to send.
+ * Block referer if host has changed.
*/
- log_error(LOG_LEVEL_HEADER, "modified");
+ if (NULL == (host = strdup(csp->http->hostport)))
+ {
+ freez(*header);
+ log_error(LOG_LEVEL_HEADER, "Referer crunched! Couldn't allocate memory for temporary host copy.");
+ return JB_ERR_MEMORY;
+ }
+ if (NULL == (referer = strdup(*header)))
+ {
+ freez(*header);
+ freez(host);
+ log_error(LOG_LEVEL_HEADER, "Referer crunched! Couldn't allocate memory for temporary referer copy.");
+ return JB_ERR_MEMORY;
+ }
+ hostlenght = strlen(host);
+ if ( hostlenght < (strlen(referer)-17) ) /*referer begins with 'Referer: http[s]://'*/
+ {
+ /*Shorten referer to make sure the referer is blocked
+ *if www.example.org/www.example.com-shall-see-the-referer/
+ *links to www.example.com/
+ */
+ referer[hostlenght+17] = '\n';
+ }
+ if ( 0 == strstr(referer, host)) /*Host has changed*/
+ {
+ log_error(LOG_LEVEL_HEADER, "New host is: %s. Crunching %s!", host, *header);
+ freez(*header);
+ }
+ else
+ {
+ log_error(LOG_LEVEL_HEADER, "%s (not modified, still on %s)", *header, host);
+ }
+ freez(referer);
+ freez(host);
+ return JB_ERR_OK;
+ }
+ else if (0 != strcmpic(newval, "forge"))
+ {
+ /*
+ * We have a specific (fixed) referer we want to send.
+ */
+ if ((0 != strncmpic(newval, "http://", 7)) && (0 != strncmpic(newval, "https://", 8)))
+ {
+ log_error(LOG_LEVEL_HEADER, "Parameter: +referrer{%s} is a bad idea, but I don't care.", newval);
+ }
*header = strdup("Referer: ");
string_append(header, newval);
+ log_error(LOG_LEVEL_HEADER, "Referer overwritten with: %s", *header);
return (*header == NULL) ? JB_ERR_MEMORY : JB_ERR_OK;
}
@@ -1176,18 +1226,11 @@
* Forge a referer as http://[hostname:port of REQUEST]/
* to fool stupid checks for in-site links
*/
- if (0 != strcmpic(newval, "forge"))
- {
- /*
- * Invalid choice - but forge is probably the best default.
- */
- log_error(LOG_LEVEL_ERROR, "Bad parameter: +referer{%s}", newval);
- }
*header = strdup("Referer: http://");
string_append(header, csp->http->hostport);
string_append(header, "/");
- log_error(LOG_LEVEL_HEADER, "crunch+forge to %s", *header);
+ log_error(LOG_LEVEL_HEADER, "Referer forged to: %s", *header);
return (*header == NULL) ? JB_ERR_MEMORY : JB_ERR_OK;
}
@@ -1228,12 +1271,12 @@
return JB_ERR_OK;
}
- log_error(LOG_LEVEL_HEADER, "modified");
-
freez(*header);
*header = strdup("User-Agent: ");
string_append(header, newval);
+ log_error(LOG_LEVEL_HEADER, "Modified: %s", *header);
+
return (*header == NULL) ? JB_ERR_MEMORY : JB_ERR_OK;
}
@@ -1259,7 +1302,7 @@
{
if ((csp->action->flags & ACTION_HIDE_USER_AGENT) != 0)
{
- log_error(LOG_LEVEL_HEADER, "crunch!");
+ log_error(LOG_LEVEL_HEADER, "crunched User-Agent!");
freez(*header);
}
@@ -1303,7 +1346,7 @@
*/
if ((newval == NULL) || (0 == strcmpic(newval, "block")) )
{
- log_error(LOG_LEVEL_HEADER, "crunch!");
+ log_error(LOG_LEVEL_HEADER, "crunched From!");
return JB_ERR_OK;
}
@@ -1394,7 +1437,7 @@
else
{
freez(*header);
- log_error(LOG_LEVEL_HEADER, " crunch!");
+ log_error(LOG_LEVEL_HEADER, "crunched x-forwarded-for!");
}
return JB_ERR_OK;
diff -urN current.orig/templates/edit-actions-for-url current/templates/edit-actions-for-url
--- current.orig/templates/edit-actions-for-url Fri Apr 7 17:42:07 2006
+++ current/templates/edit-actions-for-url Sat Apr 8 21:15:57 2006
@@ -536,7 +536,7 @@
name="downgrade_http_version" value="N" @downgrade-http-version-n@>
|
- downgrade-http-version |
+ downgrade-http-version |
Change HTTP/1.1 requests to HTTP/1.0. Only change if you know
what you're doing! |
@@ -660,7 +660,12 @@
for="hide_referrer_mode_set">Fake as this web address:
+ value="@hide-referrer-param@">
+
|
- kill-popups |
+ kill-popups |
Filter the website through a built-in filter to disable many JavaScript
pop-up windows. |