// John's No-ADS proxy auto configuration script // http://www.schooner.com/~loverso/no-ads/ // loverso@schooner.com // // Copyright 1996-2000, John LoVerso. All Rights Reserved. // // Permission is given to distribute this file, as long as this // copyright message and author notice are not removed, and no // monies are exchanged. // // No responsibility is taken for any errors on inaccuracies inherent // either to the comments or the code of this program, but if reported // to me, then an attempt will be made to fix them. // // $Id: no-ads.pac,v 2.2 2001/05/11 19:09:00 loverso Exp loverso $ // Heavily modded by sburke@cpan.org 2002 // // Hey! // http://www.speech.cs.cmu.edu/~sburke/pub/black_hole_http_server.pl // is a handy black-whole server that you can run on a box that's // nearby on your network. //////// // // This simple kludge uses a mechanism built into most browsers (well, "just" // IE & Netscape) on most platforms to block connections to ad servers. // // This mechanism uses the "auto proxy configuration" to blackhole requests // to load ads without forcing all your traffic through an ad-blocking proxy // server. Of course, unlike ad-blocking proxy servers, this does not // otherwise not strip cookies. // // "Auto proxy configuration" uses invokes the JavaScript function below each // time you request a URL. This works even if you have JavaScript otherwise // disabled in your browser! (Which you should!) // //////// // // TO USE: // // 1. Save this as a file (no-ads.pac) on your local disk or off your home page. // 2. Select a no-ads blackhole // 3. Configure your browser to use this file as it's auto proxy configuration. //////// // // 1. SAVE THIS FILE // // // PLEASE don't load this over and over again from my server (please!) // //////// // // 2. SELECT A NO-ADS BLACKHOLE // // The basic trick is to match the site or URL of annoying web content and // tell the browser to use a proxy that will deny loading of that resource // (image, page, etc). // You basically need a proxy server that always denies loading a particlar // object. // As distributed, the selection of the blackhole proxy is done with the line // below that reads: // return "PROXY localhost:3421"; // Some possibilities for the blackhole: // a. A server that doesn't respond. // // If you do nothing, then this is configured to direct annoying // content to the proxy running on your localhost at port 3421. // Since you shouldn't have anything running on that port, that // connection will timeout and the annoying content will never be // loaded. // // THIS ONLY WORKS FOR IE! // // Netscape waits for the proxy server to connect (usually it // needs to load part of the image to layout the web page), and // then asks if you want to disable the proxy that won't answer. // // IE doesn't care that the proxy server isn't responding. As // this avoids a connection for annoying content, it is fastest. // b. A simple, blackhole server // // When needed, I run a simple "server" at port 3421 that denies // all requests. I include the shell script I use; this could // also be done with a "wait"-style perl script that did the same // thing, if exec'ing a shell was overly expensive on your computer // (it isn't on mine). // // Add this to inetd.conf: ("bmap" is the defined server on port // 3421) // // bmap stream tcp nowait nobody /usr/local/lib/noproxy noproxy // // Create /usr/local/lib/noproxy as this shell script: // // #!/bin/sh // read a // read b // echo HTTP/1.0 501 No Ads Accepted // echo "" // exit // c. A trick: use an HTTP/1.0 non-proxy server // // An HTTP/1.0 non-proxy server will return a 501 error when // given a proxy request! If you So, you can just return as the // PROXY your local intranet web server! However, it will likely // also log error, wasting a tad bit of resources. // *** // *** Be sure to update the "PROXY" line below with the correct // *** hostname:port of your blackhole server!! // *** // *** // *** If you already use a proxy server to access the WWW, // *** change the "DIRECT" line below to your proxy server. // *** //////// // // 3. TO CONFIGURE YOUR BROWSER // // The Proxy Auto Configuration file can be either on the local disk or // accessed from a web server, with the following constraints: // a. IE can only load the PAC from a web server (http:// URL) // b. Netscape can load the PAC from anywhere. // c. Netscape requires the correct MIME type when loading the PAC // from a web server. // To set the Proxy Auto Configuration with Netscape Navigator: // // Open "Edit->Preferences" // Select "Advanced" // Select "Proxies" // Select "Auto proxy configuration" option // Enter URL or path of this file // // If you place this on your local disk, you can configure Netscape with a // file: URL such as: // // file:/user/loverso/no-ads.pac (UNIX) // file://c:/windows/no-ads.pac (Windows) // // If you are using Netscape and serving this from a web server, then you need // to configure your web server to serve this file with the correct MIME type. // I.e., to properly serve this file from Apache, call it "no-ads.pac" and // add this next line in either the http.conf or in your own .htaccess file: // // AddType application/x-ns-proxy-autoconfig .pac // // (This is definately needed for NS, but not for IE) // To set the Proxy Auto Configuration with IE: // // 1. Enable Proxy Auto Config: // // Open "Tools->Internet Options" // Select "Connections" tab // Click "LAN Settings" box // Select "Use automatic configuration script" // Enter the http:// URL of this file in Address // (you cannot use a file: URL) // // 2. Fix Security Settings (IMPORTANT): // // Select "Security" tab // Select "Local intranet" // Click "Sites" box // Unselect "include all sites that bypass the proxy server" option // // IE doesn't currently check the MIME type of the loaded file. // // To see some notes from MS on PAC in IE, see // http://msdn.microsoft.com/library/periodic/period99/faq0599.htm // //////// // // To see the definition of this page's JavaScript contents, see // // http://home.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html // // Special PAC functions: // Hostname: // isPlainHostName(host) // dnsDomainIs(host, domain) // localHostOrDomainIs(host, hostdom) // isResolvable(host) // isInNet(host, pattern, mask) // Utility: // dnsResolve(host) // myIpAddress() // dnsDomainLevels(host) // URL: // shExpMatch(str, shexp) // Time: // weekdayRange(wd1, wd2, gmt) // dateRange(...) // timeRange(...) // // Other methods: // alert(), etc // http://developer.netscape.com/docs/manuals/communicator/jsref/win1.htm // function FindProxyForURL(url, host) { // debug // alert("checking: " + url); // To add more sites, simply include them in the correct list in the // correct format. if( // Things I don't want to block: shExpMatch(url, "*adbusters*") || shExpMatch(url, "*eadshot*") ) { return "DIRECT"; } // The sites below are ones I currently block. Tell me of others you add! if (0 // Block IE4/5 "favicon.ico" fetches // (to avoid being tracked as having bookmarked the site) // // NOTE: IE5 *sometimes* fetches facicon.ico w/o using the proxy! || shExpMatch(url, "*/favicon.ico") ////// // // Global Section // tries to match common names // // Uncomment these if you want to really knock out ads. After doing // so, you can probably remove rules below that mention ads or Ads. // || shExpMatch(url, "*ads*") // || shExpMatch(url, "*Ads*") // More targeted than the above || shExpMatch(url,"*/ads/*") || shExpMatch(url,"*/advert*") || shExpMatch(url,"*/ad.s/*") || shExpMatch(url,"*/_ads/*") || shExpMatch(url,"*/ad_graphics/*") || shExpMatch(url,"*ticker*") // just annoying || shExpMatch(url,"*/adverts*") || shExpMatch(url,"*/Adverts*") || shExpMatch(url,"*bannerid*") || shExpMatch(url,"*/Ads/*") || shExpMatch(url,"*/banners/*") || shExpMatch(url,"*/banner/*") || shExpMatch(url,"*/adv/*") || shExpMatch(url,"*/Adv/*") || shExpMatch(url,"*/adbroker") || shExpMatch(url,"*us.yimg.com/i/tv/*") || shExpMatch(url,"*banners.*") || shExpMatch(url,"*/Photos/CMSIcons/*") || shExpMatch(url,"*/Vpics/*") // This removes all hostnames with "ad", but not "add" // (for instance, add.yahoo.com) || (shExpMatch(url, "http://ad*") && !shExpMatch(url, "http://add*")) // || shExpMatch(url, "http://counter*") || shExpMatch(url, "*counter*") // or any subdomain "ads" || (dnsDomainLevels(host) > 2 && shExpMatch(url, "http://*.ads.*/*")) || shExpMatch(url, "*/images/sponsors/*") || dnsDomainIs(host, "java.yahoo.com") // serves lame ads || dnsDomainIs(host, 'keyword.netscape.com') // auto-keyword feature that I don't like || dnsDomainIs(host, 'messenger.netscape.com') // boring unavoidable start page for messenger ////// // // banner/ad organizations -- delete the entire organization // || dnsDomainIs(host, ".akamai.net") || dnsDomainIs(host, ".akamaitech.net") // Altho more and more "real" sites are // using those for image hosting. Lame! || dnsDomainIs(host, ".7adpower.com") || dnsDomainIs(host, ".spinbox.net") || dnsDomainIs(host, ".qksrv.net") || dnsDomainIs(host, ".fastclick.net") || dnsDomainIs(host, ".admonitor.net") || dnsDomainIs(host, ".bluestreak.com") || dnsDomainIs(host, ".hitbox.com") || dnsDomainIs(host, ".atwola.com") // "AOL Time Warner online Advertising" || dnsDomainIs(host, ".clickability.com") || shExpMatch(url, "*spinbox*") || shExpMatch(url, "*trafficmonetizers*") || shExpMatch(url, "*tsx.org*") // these set cookies || dnsDomainIs(host, ".doubleclick.com") || dnsDomainIs(host, ".doubleclick.net") || dnsDomainIs(host, ".globaltrack.com") || dnsDomainIs(host, ".burstnet.com") || dnsDomainIs(host, ".adbureau.net") || dnsDomainIs(host, ".hitbox.com") || dnsDomainIs(host, ".targetnet.com") // these servers use 1x1 images over https! || dnsDomainIs(host, ".focalink.com") || dnsDomainIs(host, ".websponsors.com") || dnsDomainIs(host, ".commission-junction.com") || dnsDomainIs(host, ".advertising.com") || dnsDomainIs(host, ".cybereps.com") || dnsDomainIs(host, ".postmasterdirect.com") || dnsDomainIs(host, ".mediaplex.com") || dnsDomainIs(host, ".adtegrity.com") || dnsDomainIs(host, ".bannerbank.ru") || dnsDomainIs(host, ".bannerspace.com") || dnsDomainIs(host, ".theadstop.com") || dnsDomainIs(host, ".l90.com") || dnsDomainIs(host, ".webconnect.net") || dnsDomainIs(host, ".avenuea.com") || dnsDomainIs(host, ".flycast.com") || dnsDomainIs(host, ".engage.com") || dnsDomainIs(host, ".imgis.com") || dnsDomainIs(host, ".link4ads.com") || dnsDomainIs(host, ".datais.com") // misc annoyance || dnsDomainIs(host, ".sitemeter.com") ////// // // banner servers // (typically these set cookies or serve animated ads) // || dnsDomainIs(host, "sbad.foxsports.lycos.com") || dnsDomainIs(host, "commonwealth.riddler.com") || dnsDomainIs(host, "banner.freeservers.com") || dnsDomainIs(host, "usads.futurenet.com") || dnsDomainIs(host, "banners.egroups.com") || dnsDomainIs(host, "ngadclient.hearme.com") || shExpMatch(url, "*freewebsites.com/banner/*") || shExpMatch(url, "*linkexchange.com/*banner*") || shExpMatch(url, "*tvguide.com/rbitmaps/*") /// matched by global rules /// || dnsDomainIs(host, "ad.linkexchange.com") /// || dnsDomainIs(host, "ads.infi.net") /// || dnsDomainIs(host, "adclub.net") /// || dnsDomainIs(host, "adserv.newcentury.net") /// || dnsDomainIs(host, "ad.adsmart.net") /// || dnsDomainIs(host, "adbot.com") /// || dnsDomainIs(host, "ads.softbank.net") /// || dnsDomainIs(host, "ad.preferences.com") /// || dnsDomainIs(host, "ads.jwtt3.com") /// || dnsDomainIs(host, "ads.ugo.com") /// || dnsDomainIs(host, "ads.csi.com") /// || dnsDomainIs(host, "ads.enliven.com") /// || dnsDomainIs(host, "ads.admonitor.com") /// || dnsDomainIs(host, "adcontent.gamespy.com") /// || dnsDomainIs(host, "adrunner.mycomputer.com") /// || shExpMatch(url, "*.computers.com/Ads*") /// || shExpMatch(url, "*.cnet.com/Ads*") /// || shExpMatch(url, "*/cnet*/Ads*") /// || shExpMatch(url, "*socialnet.com/banners*") /// || shExpMatch(url, "*adex*.flycast.com/*") /// || shExpMatch(url, "*ads*.sandpiper.com/*") /// || dnsDomainIs(host, "ads.bla-bla.com") ////// // // Directed // || ( // Yahoo ads are tricky to kill... shExpMatch(url, "*.yimg.*") && ! shExpMatch(url, "*/i/*") ) // GeoCities Ad Square (From "Prakash Persaud" ) || (dnsDomainIs(host,"geocities.yahoo.com") && shExpMatch(url,"*/toto?s*")) // FortuneCity - ads and tracking || (dnsDomainIs(host,".fortunecity.com") && (shExpMatch(url,"*/js/adscript*") || shExpMatch(url,"*/js/fctrack*"))) // zdnet || (dnsDomainIs(host, ".zdnet.com") && (dnsDomainIs(host, "ads3.zdnet.com") || shExpMatch(url, "*/texis/cs/ad.html") || shExpMatch(url, "*/adverts"))) /// matched by global rules /// // intellicast /// || (dnsDomainIs(host, ".intellicast.com") && /// shExpMatch(url, "*images/ads/*")) // Most annoying: cookies on their background images to track you // also have shockwave ads || (dnsDomainIs(host, ".ad.tomshardware.com") && shExpMatch(url, "*/cgi-bin/banner*")) /// matched by global rules /// // shockwave & animated ads /// || shExpMatch(url, "*sharkyextreme.com/ads/*") /// || (dnsDomainIs(host,"anandtech.com") /// && shExpMatch(url,"*/banners/*")) // these set cookies || shExpMatch(url, "*.dejanews.com/ads*") || shExpMatch(url, "*.deja.com/ads*") || shExpMatch(url, "*MapsOnUs.com/ad.images*") // Slashdot: added these when I saw hidden 1x1 images with cookies || dnsDomainIs(host, "adfu.blockstackers.com") || (dnsDomainIs(host, "slashdot.org") && ( shExpMatch(url, "*/Slashdot/pc.gif*") || shExpMatch(url, "*/pagecount.gif*") || shExpMatch(url, "*/adlog.pl*") || shExpMatch(url, "*/banner/*") ) ) ////// // // User tracking (worse than ads) // || dnsDomainIs(host, "web-stat.com") || dnsDomainIs(host, "webtrendslive.com") || dnsDomainIs(host, "wtlive.com") // javascript || dnsDomainIs(url, "superstats.com") // 1x1 tracking images || dnsDomainIs(url, "service.bfast.com") || shExpMatch(url, "*/tracker.exe*") ////// // // popups // || dnsDomainIs(url, "mousebucks.com") || shExpMatch(url, "*popup*") ////// // // Sex sites (contributed) // || dnsDomainIs(host, "porntrack.com") || dnsDomainIs(host, "sexe-portail.com") || dnsDomainIs(host, "purefuck.com") || dnsDomainIs(host, "sextracker.com") // debug // || (alertmatch("NOT:" + url) && 0) ) { // alert("blackholing: " + url); // *** // *** Update the next line with the correct // *** hostname:port of your blackhole proxy server // *** return "PROXY spinntwo.spinn.net:9123"; // !!!!!!!!!!!!!!!!! // Change that to whatever host and port you run // your black-hole server on // !!!!!!!!!!!!!!!!! // Maybe even: "PROXY localhost:3421"; } else { // debug // alert("allowing: " + url); // all other requests go direct and avoid any overhead return "DIRECT"; // **** // **** If you cannot go direct or need to use an actual proxy // **** (such as used by an ISP or business or on a firewall), // **** change the "DIRECT" above to "PROXY hostname:port", // **** with the correct hostname:port for your proxy server. // **** } } // // This line is just for testing; you can ignore it. But, if you are having // problems where you think this PAC file isn't being loaded, then change this // to read "if (1)" and the alert box should appear when the browser loads this // file. // if (0) { alert("autoconfig notice: LOADED"); } // The above should show you that this JavaScript is executed in an // unprotected global context. NEVER point at someone elses autoconfig file; // always load from your own copy! // an alert that returns true function alertmatch(url) { alert("match: "+url); return 1; } // Tired of reading boring comments? Try reading today's comics: // http://www.schooner.com/~loverso/comics/ // // or getting a quote from my collection: // http://www.schooner.com/~loverso/quote/ // eof