The Un-Official Proxomitron Forum

Full Version: Something like “decentraleyes” for Privoxy…
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3
(Apr. 08, 2019 06:35 PM)vlad_s Wrote: [ -> ]I looked at news.yandex.ru, there is code "301 Moved Permanently" for the request https://news.yandex.ru/favicon.ico for https://yastatic.net/iconostasis/_/egVpf...c22BBg.ico without transmitting the header "Access-Control-Allow-Origin: *".

The crossorigin restriction does not apply to the image "/favicon.ico". So, the redirect to yastatic from yandex is allowed.

(Apr. 08, 2019 06:35 PM)vlad_s Wrote: [ -> ]I am assuming that you can still configure the redirect, without filtering the page suggested with your last message? Or am I wrong?

I still need to filter the page to allow the 302. In Proxomitron, 302 is $JUMP().

Fortunately, the Proxomitron has a 'transparent' redirect that the browser cannot see. $RDIR() works without filtering the page.
Unfortunately, I don't think Privoxy has a transparent redirect?

If you can add another instance of Privoxy to add the header to Privoxy's 302,
you would not need to filter the page.



BTW, not trying to convert anybody to Proxomitron. Just trying to help. Smile!
The redirect in Privoxy is only https://www.privoxy.org/user-manual/acti...l#REDIRECT
Another instance can be launched, but I do not understand their interaction in this form. In addition, Privoxy allows you to do this https://www.privoxy.org/user-manual/filt...ER-SYNTAX, but I also don’t really understand how to apply it.
About Proxomitron, because I use a homemade router, I use the Ubuntu Server OS, so all programs here are typical for Linux systems. I like the flexibility of this system and, as an OS for the router, it is wonderful. And as I understood Proxomitron for Windows systems. I am not against these, not only do I use them myself, but I still prefer Linux as a router. Smile!
One good person suggested the following method:
Code:
CLIENT-HEADER-FILTER: redirect-uri-u redirect-uri-u
[email protected](GET)\s+(https?:)//?[^,%]+\b(angularjs|jquery|modernizr|moment)(js)?/([0-9\.]+)/[a-z\-]+\b[^/]*\.js\s+(HTTP/\d+\.\d+)$@$1 https://192.168.2.1/decentraleyes/$3/$5/$[email protected]
[email protected](Host:)\s+.*$@$1 [email protected]
The idea is such, "the browser issues a request to the server, privoxy it intercepts and changes the address, without telling the browser anything about it. The browser receives an answer thinking that it receives data from the original site." But the browser still complains about the missing "Access-Control-Allow-Origin:" header.
It seems that the problem is somehow related to the work of ProxHTTPSProxyMII. Here is an example of how the filter works:
filter
Code:
CLIENT-HEADER-FILTER: redirect-uri-u redirect-uri-u
[email protected](GET)\s+(?:https?\:\/\/)[^\/]+\/send-stylesheet\s+(HTTP\/\d+\.\d+)$@$1 http://www.privoxy.org/p_web.css $[email protected]
[email protected](Host:)\s+.*$@$1 [email protected]

SERVER-HEADER-FILTER: add-new-header-u add-new-header-u
[email protected]^(HTTP\/\d+\.\d+\s+.*)$@$1\nAccess-Control-Allow-Origin: *@i

action
Code:
{+client-header-filter{redirect-uri-u} \
}
config.privoxy.org/send-stylesheet
{+server-header-filter{add-new-header-u} \
}
config.privoxy.org/

Test page: http://config.privoxy.org/send-stylesheet
Substitution: http://www.privoxy.org/p_web.css
The header is added, but in the filter from my post above, no.
I think your code is bad.

(Apr. 12, 2019 08:38 PM)vlad_s Wrote: [ -> ]
Code:
CLIENT-HEADER-FILTER: redirect-uri-u redirect-uri-u
[email protected](GET)\s+(https?:)//?[^,%]+\b(angularjs|jquery|modernizr|moment)(js)?/([0-9\.]+)/[a-z\-]+\b[^/]*\.js\s+(HTTP/\d+\.\d+)$@$1 https://192.168.2.1/decentraleyes/$3/$5/$[email protected]
[email protected](Host:)\s+.*$@$1 [email protected]

Privoxy is returning
Privoxy Wrote:Bad request. Messed up with header filters.

[attachment=1073]
[attachment=1074]

Try something like:
Filter
Code:
CLIENT-HEADER-FILTER: redirect-uri-u redirect-uri-u
[email protected](GET)\s+(https?:)//?[^,%]+\b(angularjs|jquery|modernizr|moment)(js)?/([0-9\.]+)/[a-z\-]+\b[^/]*\.js\s+(HTTP/\d+\.\d+)$@$1 http://192.168.2.1/decentraleyes/$3/$5/$3.min.js HTTP/1.1 @i
[email protected](Host:)\s+.*$@$1 192.168.2.1 @i

SERVER-HEADER-FILTER: add-new-header-u add-new-header-u
[email protected]^(HTTP\/\d+\.\d+\s+.*)$@$1\nAccess-Control-Allow-Origin: *@i

Action
Code:
{+client-header-filter{redirect-uri-u} \
}
yastatic.net/jquery/2.1.4/jquery.min.js
{+server-header-filter{add-new-header-u} \
}
yastatic.net/jquery/


This worked for me:

Code:
CLIENT-HEADER-FILTER: redirect-uri-u redirect-uri-u
[email protected](GET)\s+(https?:)//?[^,%]+\b(angularjs|jquery|modernizr|moment)(js)?/([0-9\.]+)/[a-z\-]+\b[^/]*\.js\s+(HTTP/\d+\.\d+)$@$1 http://127.0.0.1:8443/decentraleyes/$3/$5/$3.min.js HTTP/1.1 @i
[email protected](Host:)\s+.*$@$1 127.0.0.1:8443 @i

SERVER-HEADER-FILTER: add-new-header-u add-new-header-u
[email protected]^(HTTP\/\d+\.\d+\s+.*)$@$1\nAccess-Control-Allow-Origin: *@i

Code:
{+client-header-filter{redirect-uri-u} \
}
yastatic.net/jquery/2.1.4/jquery.min.js
{+server-header-filter{add-new-header-u} \
}
yastatic.net/jquery/
I apologize for my accusations. Yes, in the latter case, I confused a lot of things, but I was sent on the right path. The working scheme for such a capricious site looks like this:
filter
Code:
CLIENT-HEADER-FILTER: redirect-uri-u redirect-uri-u
[email protected](GET)\s+(https?://)[^,%]+\b(angularjs|jquery|modernizr|momentjs)/([0-9\.]+)/[a-z\-]+\b[^/]*\.js\s+(HTTP/\d+\.\d+)$@$1 $2\192.168.2.1/decentraleyes/$3/$4/$3.min.jsm $[email protected]
[email protected](Host:)\s+.*$@$1 [email protected]

SERVER-HEADER-FILTER: Add-Access-Control-Allow-Origin Add Access-Control-Allow-Origin header
[email protected]^(HTTP\/\d+\.\d+\s+.*)$@$1\nAccess-Control-Allow-Origin: *@i
action
Code:
{+client-header-filter{redirect-uri-u} \
}
yastatic.net/(angularjs|jquery|jquery-ui|modernizr)/
yandex.st/(angularjs|jquery|jquery-ui|modernizr)/
{+server-header-filter{Add-Access-Control-Allow-Origin} \
}
yastatic.net/(angularjs|jquery|jquery-ui|modernizr)/
yandex.st/(angularjs|jquery|jquery-ui|modernizr)/
Substitution is not noticeable for the browser, you do not need to add your host to the Content-Security-Policy headers.
Smile!
Pages: 1 2 3
Reference URL's