Post Reply 
Alpha config, possibly
Jun. 05, 2009, 02:44 PM
Post: #46
RE: Alpha config, possibly
(Jun. 05, 2009 01:22 PM)Toppy Wrote:  No Flash Toggle anywhere.D'oh!

EDIT: I reverted to the previous alpha, and it seems the problem is there also, probably youtube pages have changed in the way they implement the flash code....

Same here. Also broken in the 2/13 config.
I don't see a better solution than bypassing "Remove: Ad Functions II - Code" for YouTube.

Exceptions entry:
Code:
s.ytimg.com/        $SET(0=a_adfn2.)

Should also work for the 2/13 config. That might bring back 43unite's problem though.
Add Thank You Quote this message in a reply
Jun. 06, 2009, 03:50 AM
Post: #47
RE: Alpha config, possibly
(Jun. 05, 2009 01:15 PM)sidki3003 Wrote:  In a couple of Log-Rare submissions the referer field is always empty. It's supposed to be only empty if the Flash plugin was causing the hit. I need this link to the originating page.

Can you please set up your browser to not suppress the "Referer" header, while testing this alpha? (Suppressing it also turns off a bunch of third-party restriction routines.) TIA.
That might be my logs. I just turned my browser's Referer option on.
Add Thank You Quote this message in a reply
Jun. 06, 2009, 11:07 AM (This post was last modified: Jun. 06, 2009 12:51 PM by sidki3003.)
Post: #48
RE: Alpha config, possibly
Thanks. If revealing it is uncomfortable for you, just block it with Proxomitron instead.

Code:
[HTTP headers]
In = FALSE
Out = TRUE
Key = "Referer: 2b Kill (Out)"
Match = "?"

3 x Save -> Reload (the original referrer string is captured by "Referer: 1a ...").
Or, for specific sites: $SET(0=b_refer.)

edit: You're aren't revealing off-domain referrers with the config's default settings, but i guess you know that...
Add Thank You Quote this message in a reply
Jun. 06, 2009, 02:23 PM
Post: #49
RE: Alpha config, possibly
(Jun. 06, 2009 11:07 AM)sidki3003 Wrote:  You're aren't revealing off-domain referrers with the config's default settings, but i guess you know that...
Thanks! I know that already. I had my browser setup to not sending referer just as a backup defence in case I'm bypassing prox sometimes. Smile!
Add Thank You Quote this message in a reply
Jun. 09, 2009, 07:27 AM
Post: #50
RE: Alpha config, possibly
URL: http://www.google.com/preferences?hl=en

The Results Window option will remain checked or unchecked after I did check/uncheck and push the "Save Preferences" button for several times.

Commenting out the line 60 in CookieValues.ptxt will get that function back to normal.

btw, is there a documentation for the bottom-left flyover information?
Add Thank You Quote this message in a reply
Jun. 09, 2009, 12:31 PM
Post: #51
RE: Alpha config, possibly
Well, *we* are manipulating the Google cookie (replacing ID, turning off Google Suggest, etc).
What you see is the inevitable consequence. It is the same in all config versions.

Four options:
- Adjust your Google Preferences In CookieValues, as explained in detail in this list.
- Use Light Mode.
- Turn off "Set-Cookie: 3 Filter Cookie Content".
- Comment out line 60-63 in CookieValues.


(Jun. 09, 2009 07:27 AM)whenever Wrote:  btw, is there a documentation for the bottom-left flyover information?

Not beyond the "Kill Display and Log Abbreviations" section in Abbreviations.txt.
You're invited to extend it, though. Wink lnminente has just opened a thread about this.
Add Thank You Quote this message in a reply
Jun. 09, 2009, 12:53 PM
Post: #52
RE: Alpha config, possibly
I have extended the explanation in the list comments a little:
CookieValues Wrote:###############################################################################
#
# NOADDURL $LST(CookieValues)
# Remove / Modify listed cookie values
#
# Only used in the config's Standard Mode and above.
#
# by JD5000 / this version by sidki
# Last updated 2009-06-09
#
###############################################################################

[...]

# Google preferences
# -----------------------------------------------------------------------------

# ID -> shared GUID, Filters -> off (:FF=4), Results -> 100 (:NR=100),
# Country-Region -> en/us (:CR=2), Suggest -> off (:SG=0)
#
# To have Google pages displayed in another language, append ":LD=MY_LANG" just
# after ":NR=100:CR=2". "MY_LANG" would be "fr" for French, "de" for German,
# etc.. To show e.g. 25 results per page instead of 100, replace ":NR=100"
# with ":NR=25".
#
# Description of a few more cookie fields:
# Filter both explicit text and explicit images -> :FF=1
# Filter explicit images only - default behavior -> :FF=0
# Do not filter my search results -> :FF=4
# Do not provide query suggestions in the search box -> :SG=0
# Provide query suggestions in the search box -> :SG=1
# Open search results in a new browser window -> :NW=1
#
# If you change any fields here, you'd need to change the complementary entries
# in the "Google" section of Exceptions.ptxt as well.
#
# Note: While below entry is active, you cannot use
# http://www.google.com/preferences to update your cookie.
Add Thank You Quote this message in a reply
Jun. 09, 2009, 01:40 PM
Post: #53
RE: Alpha config, possibly
(Jun. 09, 2009 12:31 PM)sidki3003 Wrote:  Not beyond the "Kill Display and Log Abbreviations" section in Abbreviations.txt.
You're invited to extend it, though. Wink lnminente has just opened a thread about this.
I am glad to but I need your help to clear some of my confusion firstly. Smile!

The cookies flyover has below fields, I am wondering if the First and the Last has special meanings.
  • First Set-Cookie Header In
  • Last Original Set-Cookie Header In

Unlike other flyover, the word cookies is always stroke lined, it is just a style, right?

When a server issue a Set-Cookie header, does the browser overwrite or update the old cookie?

Another question, when the "Content-Type: 7 Sel. Types to Mem-Encode" filter trigger a re-requested URL, will it produce a new connection number/record in the log window?
Add Thank You Quote this message in a reply
Jun. 09, 2009, 02:06 PM
Post: #54
RE: Alpha config, possibly
if you are referring to this - cookie - that means you are BLOCKING cookies by default (and possibly "faking" cookie content), or at least blocking on that site...

the word cookie will not have a line through it if you have a "real" cookie being passed...
Add Thank You Quote this message in a reply
Jun. 09, 2009, 02:19 PM (This post was last modified: Jun. 09, 2009 02:24 PM by sidki3003.)
Post: #55
RE: Alpha config, possibly
Also happens if the browser has rejected the cookie, or denied JS access to it, for many possible reasons, a "httponly" field being the most common one.


(Jun. 09, 2009 01:40 PM)whenever Wrote:  The cookies flyover has below fields, I am wondering if the First and the Last has special meanings.
  • First Set-Cookie Header In
  • Last Original Set-Cookie Header In

"First" is the first set-cookie header after possible manipulations on our part.
"Last" is the last set-cookie header before possible manipulations on our part.

Often they are identical, but sometimes watching the difference is helpful. It's JarC's idea.


Quote:When a server issue a Set-Cookie header, does the browser overwrite or update the old cookie?

If just the content/max-age/expires fields have changed, the browser is overwriting the old cookie.
If another important field, like "path", has changed, the browser is considering it as new cookie, so you end up with two cookies, with the same name, from the same host.


Quote:Another question, when the "Content-Type: 7 Sel. Types to Mem-Encode" filter trigger a re-requested URL, will it produce a new connection number/record in the log window?

Yep, example: http://la.ma.la/misc/js/setclipboard.txt
Add Thank You Quote this message in a reply
Jun. 10, 2009, 03:45 AM
Post: #56
RE: Alpha config, possibly
(Jun. 09, 2009 02:19 PM)sidki3003 Wrote:  "First" is the first set-cookie header after possible manipulations on our part.
"Last" is the last set-cookie header before possible manipulations on our part.
Understood, but the "First" and "Last" is a little confusing, at least to me. I am not sure if it would be better to change them to:
  • Modified Set-Cookie Header In
  • Original Set-Cookie Header In

There should be better word then "Modified" because the Set-Cookie header might not be manipulated.

Quote:
Quote:Another question, when the "Content-Type: 7 Sel. Types to Mem-Encode" filter trigger a re-requested URL, will it produce a new connection number/record in the log window?

Yep, example: http://la.ma.la/misc/js/setclipboard.txt
URL: http://item.taobao.com/auction/item_deta...160535.htm

I could see the "Content-Type: 7 Sel. Types to Mem-Encode" filter was trying to re-request dsc03.taobao.com. It worked under Firefox and Opera but failed under IE8.

Your example worked under all three browsers.
Add Thank You Quote this message in a reply
Jun. 10, 2009, 12:28 PM (This post was last modified: Jun. 10, 2009 12:30 PM by sidki3003.)
Post: #57
RE: Alpha config, possibly
(Jun. 10, 2009 03:45 AM)whenever Wrote:  Understood, but the "First" and "Last" is a little confusing, at least to me. I am not sure if it would be better to change them to:
  • Modified Set-Cookie Header In
  • Original Set-Cookie Header In

A document may come with a bunch of set-cookie headers, hence first/last.

"First Set-Cookie Header In" is only identical to "Last Original Set-Cookie Header In" if there was just one set-cookie header *and* its value hasn't been modified by the config.


Quote:URL: http://item.taobao.com/auction/item_deta...160535.htm

I could see the "Content-Type: 7 Sel. Types to Mem-Encode" filter was trying to re-request dsc03.taobao.com. It worked under Firefox and Opera but failed under IE8.

Your example worked under all three browsers.

Same here in IE6. In Firefox/Opera some of these strange symbols in the script path get encoded, so the URL looks different.

With Proxomitron you can only perform a single redirect ($RDIR, $JUMP, \k). Thus those odd "! : Redir: Delayed...", "! : Redir: Final..." header filters.

Normally that isn't a problem, except maybe for Half-SSL, because our only possible redirect gets used up to hide "http://https.." from IE 7/8's incredible Dot security.

Once that redirect is used up, you may see messages from following redirect attempts, like "...Killed...", "...Re-Requested...", but nothing happens.

However, in your dsc03.taobao.com case i didn't spot a previous redirect (maybe i wasn't looking hard enough), so above explanation is merely for your entertainment. Smile!
Add Thank You Quote this message in a reply
Jun. 10, 2009, 04:40 PM (This post was last modified: Jun. 12, 2009 11:12 PM by ProxRocks.)
Post: #58
RE: Alpha config, possibly
When plugging SocketSniff into Maxthon i see Proxomitron's redirect:
Code:
GET http://dsc03.taobao.com/i3/121/531/12d53e5197b5df51f6d06c5abd160535/T1cUVgXg6870JXXXXX.desc|var^desc;sign^61defec1cde8a714e157075bf8731f8d;lang^gbk;t^1240449428 HTTP/1.1
Accept: */*
Referer: http://item.taobao.com/auction/item_detail-0db1-12d53e5197b5df51f6d06c5abd160535.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Host: dsc03.taobao.com
Proxy-Connection: Keep-Alive
Cookie: wd=12d53e5197b5df51f6d06c5abd160535_0db1; cookie2=ed67ee2d336a91440dd84eb3a0682594; t=a38a112cd02737bd7a79820f04adf41c; uc1=cookie14=UoM%2F0ugJxSsIHA%3D%3D

HTTP/1.1 302 Redirect
Content-Length: 0
Connection: close
Location: http://dsc03.taobao.com/i3/121/531/12d53e5197b5df51f6d06c5abd160535/T1cUVgXg6870JXXXXX.desc|var^desc;sign^61defec1cde8a714e157075bf8731f8d;lang^gbk;t^1240449428

So that part is okay. However, the browser is dropping the 302 response.

Now, if i let the "Content-Type: 7 Sel. Types to Mem-Encode" filter replace the "^" in the Location header field with "%5E", it works. IE is accepting it, just like Firefox, which did the escape stuff on its own.

IOW, IE is apparently accepting certain symbols in the GET request but not in the Location header.


edit by admin: put line-breaks before the two var's to prevent horizontal scroll... - unedited...
Add Thank You Quote this message in a reply
Jun. 11, 2009, 12:18 AM (This post was last modified: Jun. 11, 2009 01:12 AM by sidki3003.)
Post: #59
RE: Alpha config, possibly
Quote:edit by admin: put line-breaks before the two var's to prevent horizontal scroll...

ProxRocks, if things don't look pretty in your Internet Explorer, another option is to say something.
However, as long as you're not using "edit by admin" to prettify my posted filters...

Quoi qu'il en soit, since you're ready to intervene here, i'd like to hand over current topic to you, which would be much of a relieve for me.
Add Thank You Quote this message in a reply
Jun. 11, 2009, 03:06 PM
Post: #60
RE: Alpha config, possibly
i forgot the horizontal-scroll thingie was an IE-only thing (Opera also?)...

Kye-U, is that something that can be changed like our recent &#xyz; thingie?
Add Thank You Quote this message in a reply
Post Reply 


Forum Jump: