header filter (out)

[xartica]

Should be a simple header filter, but I guess I've grown rusty in crafting filters.

Nowadays, seems like everybody and their brother is on the bandwagon
creating sites which are dependent on Google-hosted javascript libraries.

http://code.google.com/apis/libraries/devguide.html

Although we filter outbound calls to google-analytics, most pageviews include callouts to, for example:
h ttps://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.js

User-Agent + Referer + Timestamp + IP + URI
Even if we spoof the referer and randomize the UA... and hide inside TOR...

No! Let's just stop the incessant pinpong of requests + HTTP304 responses

Code:

In = FALSE
Out = TRUE
Key = "Host: serve local copies of js libs (out)"
Match = "http(s|)://ajax.googleapis.com/*/\0*.js\1"
Replace = "$RDIR(http://local.ptron/googleapis_redirect/\1)"

Fail! I'm stumped in finding the correct syntax?

googleapis hosts 10 libraries x 2 flavors each for most of them (regular and minified)

The pattern just needs to match/redirect the filename.
If my locally archived copy of jquery.js(v1.4.3) isn't compatible with same-named older versions
(1.2.3, 1.2.6, 1.3.0, 1.3.1, 1.3.2, 1.4.0, 1.4.1, 1.4.2)
too bad, so sad, tough turkey.

some background reading, FWIW:

Quote:http://juixe.com/techknow/index.php/2009...cript-cdn/
"One theory why using Google hosting for jQuery and similar hosted JavaScript frameworks is that if many of the sites you visit use them,
your browser will already have a fresh cached version ready for you. My question is, why don’t browsers come pre-installed with the commonly
used versions of JavaScript libraries? Odiously, if this feature would be enabled from the top tier browsers there would also need to implement a
discovery mechanism to download into a browser repository new versions of those JavaScript libraries. A code discovery, management, and
repository system that I have seen work well is that provided by Maven. In Maven, you can indicate a number of online and local code repositories
from which to download required dependencies."

Quote:http://yuiblog.com/blog/2007/02/22/free-yui-hosting
What About Privacy?
Usage of this service will be recorded in Yahoo!’s Web traffic logs. We can assure you that our intent is simply to provide a convenience to the YUI developer community.
If the record left in Yahoo!’s logs would compromise the privacy of your users, do not use this service.

From a developer standpoint, YUI is my favorite js library... but from a privacy/blocking standpoint, I will continue to just block the hostname. their CDN serves far too many permutations for me to consider attempting match patterns (and messing around with building a comprehensive local archive)

I'm also ignoring (i.e. just entirely blocking by hostname)
http://ajax.microsoft.com/ajax/beta/0911/Start.js
http://www.asp.net/ajaxlibrary/cdn.ashx
due to the hassle (myriad paths / hundreds of files + filename ambiguity) of recreating their archived content... along with the fact that I rarely notice sites I that frequent ever calling the MS CDN.

[ProxRocks]

very interesting indeed!

i've seen a few "secure" web sites 'use' YAHOO scripts and you are definitely correct, GOOGLE scripts are on the rise big time...

i'm no header filter expert (in fact, i just logged on to post another header filter question i've spent nearly an hour and a half on to no avail), so i'll have to wait to see if a more knowledgeable responent drops by...

there was a filter a long while back that stored a large chunk of CastleCops "locally" when their speed declined for a short term - i know i have it "archived" somewhere, so i'm not out of ideas "yet", lol...

[JJoe]

(Nov. 09, 2010 07:12 AM)xartica Wrote:  

Code:

In = FALSE
Out = TRUE
Key = "Host: serve local copies of js libs (out)"
Match = "http(s|)://ajax.googleapis.com/*/\0*.js\1"
Replace = "$RDIR(http://local.ptron/googleapis_redirect/\1)"

Fail! I'm stumped in finding the correct syntax?

Code:

[HTTP headers]
In = FALSE
Out = TRUE
Key = "Host: serve local copies of js libs (out)"
Match = "ajax.googleapis.com/*/([a-z]+.js)\1"
Replace = "$RDIR(http://local.ptron/googleapis_redirect/\1)"

HTH