Proxomitron

Last updated
Proxomitron
Developer(s) Scott R. Lemmon
Initial releaseMarch 23, 1999;25 years ago (1999-03-23) [1]
Final release Naoko 4.5 (June) (June 1, 2003;20 years ago (2003-06-01)) [±]
Preview release N/A
Operating system Microsoft Windows
Type Filtering proxy
License Shonenware(see below)
Website proxomitron.info   OOjs UI icon edit-ltr-progressive.svg

Proxomitron, the Universal Web Filter, is a filtering web proxy written by Scott R. Lemmon. This program was originally designed to run under Windows 95. All future development of the program was ceased in 2003 one year before its author's death on 1 May 2004. Proxomitron is still viable and used on later Windows platforms such as Vista and Windows 10.

Contents

Premise

The program is generally used to block pop-ups and banners, to remove embedded sounds and animation from web pages, to alter or block JavaScript, and to modify the appearance and content of web pages.

Overview

Properly configured, Proxomitron intercepts HTTP traffic between the user's browser and web servers. The program is capable of altering web page content by removing or adding text. Additionally, it can add, modify, or delete HTTP message headers, be configured to block connections or redirect requests based on the web page address, and be configured to route connections through a remote proxy. The user can monitor connections and filter activations, if desired.

Program operation is dictated through the use of a configuration file containing specialized filters which can be written, edited, deleted, enabled or disabled by the user via the program's graphical user interface. (Third-party filters can also be imported, or "merged", into the configuration.) The filters utilize a "matching" language similar to the standard regular expressions used in text editing. Additional files, such as "blocklists" and SSL DLLs, can extend filtering capabilities.

Use of the program requires knowledge of the Proxomitron scripting language, and some familiarity with at least one of HTTP, HTML, JavaScript, and CSS. The scripting interface was not designed to be user-friendly. Because of these complications, the program can be difficult to customize for novice or non-technical users. A default set of filters is included with the program; advanced filters and filter sets written by experienced users are also available online. (See external links.)

Features

The following items are the basic applications and features of the program: [2]

Filter page content
Using the scripting language, filters are prepared with editing commands to match and replace text in the downloaded page. Specific pages can be targeted for filtering by matching the page's URL with a specified pattern.
Filter HTTP headers
Separate filters for incoming and outgoing HTTP headers can be used to modify the values of existing headers, add new headers, or delete headers. One example of such usage would be for cookie management.
Variables
Filters can use local variables (per filter) or global variables (available to all filters per request) to capture/store text for further test matching, to reinsert content into a new location, or to write content to lists. Preset variables are also available, e.g., the page's URL.
Special commands
A number of special commands are available for use by filters or in URLs; e.g., a filter-based command can check if the user presses a particular key, or a URL-embedded command can direct Proxomitron to filter a local file.
Create lists for filters
Text files (known as "blocklists") can be used as sources for patterns for filter matches.
Create standard lists
Text files (known as "logfiles") can be used by filters to append captured data to a list.
Create session lists
Memory-only text files can be generated and used by filters to build temporary blocklists, or permanent blocklists can be configured to only allow filters to add memory-only "session" data.
Insert files
Local text files containing plain text, HTML snippits, css, or scripts can be independently retrieved and written into the web page by filters.
Reroute traffic
Filters can redirect requests to different web pages or to local files, either by sending the new location as a directive to the browser or by "transparently" connecting to the new location directly.
View traffic between server and browser
The log window permits the user to see the HTTP traffic between the browser and server. This can (optionally) include any POSTed data.
Provide alerts
Filters can be configured to have Proxomitron generate its own alert or confirmation popup containing user-supplied text.
Uncompress data on the fly
With the ZLIB library, the Proxomitron can uncompress GZIP compressed data streams and filter pages delivered in compressed modes.
Filter "secure" channels
With libraries to provide the SSL routines, the Proxomitron can filter secure, encoded streams. Since this forces the proxy to act as a "man in the middle", this should not be used in most cases.
Chain to remote proxies
Proxomitron can test remote proxies, maintain a list of proxies to utilize, and be configured to rotate the remote proxy connections.
Run program or URL
Proxomitron can be configured to launch an external program or URL (as specified in the program settings) upon startup, or on demand via the Launch icon or a menu option. Launching programs and URLs from filters can also be accomplished through the use of an undocumented $EXEC command. [3]
Change interface textures
The user can select bitmap images (referred to as "textures") for tiling interface backgrounds and button and tab faces, or simply disable this feature. An internal set of default bitmaps (admittedly "psychedelic" [4] ) are included with the program.
Debug
A special viewing of the page source showing which filters matched what page content can be sent to the browser for debugging purposes. A test window is also available from the filter editor dialogs for testing matches and checking filter efficiency.

License

The program was distributed under a "ShonenWare" license. Under the license it was free to use. Lemmon would consider users purchasing and listening to a Shonen Knife CD would be sufficient to register that user.

History

The first[ citation needed ] public release of Proxomitron (Naoko 2) was in 1999 [1] as a download via Simtel. Releases that followed were all named "Naoko" (for Naoko Yamano) followed by a release number. (Release versions were 3, 3(b), 4.0, 4.1, 4.2, 4.3, 4.4, 4.5.)

The May 2003 release of Naoko 4.5 was followed very quickly by the removal of the program's web site and Lemmon's declared termination of continued development of Proxomitron. [5] A subsequent release, however, was made in June 2003, primarily to revert a new behavior related to remote proxy connections that had been designed into the May version. [6]

After the release of Naoko 4.5 (June), development was permanently discontinued and the official site had the message:

消えました

This reads kiemashita (消えました) in Japanese and translates to "it went out" or "gone." The original home webpage is no longer accessible. Lemmon's mirror redirect [ broken anchor ] was changed to display a different final message from the author a short time later.

The author, Scott R. Lemmon, died 1 May 2004 aged 36. [7]

Current status

As this was a closed-source project, Proxomitron is no longer being maintained or developed; however, the Proxomitron program is still functional, and there is a community of users who provide support for it through electronic forums. Filters, filter sets, compatible DLLs and other files, and GUI patches to restyle and/or update Proxomitron's graphical user interface are also being provided by users.

Many current browsers do contain features similar to those provided by Proxomitron filters – blocking advertisements and pop-ups, for example. Other browser features or add-ons, such as Greasemonkey for Firefox and user stylesheets for Firefox and other browsers via the Stylish addon, also allow for local modification of web pages.

See also

Related Research Articles

In computing, Common Gateway Interface (CGI) is an interface specification that enables web servers to execute an external program to process HTTP or HTTPS user requests.

<span class="mw-page-title-main">Konqueror</span> Web browser and file manager

Konqueror is a free and open-source web browser and file manager that provides web access and file-viewer functionality for file systems. It forms a core part of the KDE Software Compilation. Developed by volunteers, Konqueror can run on most Unix-like operating systems. The KDE community licenses and distributes Konqueror under GNU GPL-2.0-or-later.

<span class="mw-page-title-main">Web server</span> Computer software that distributes web pages

A web server is computer software and underlying hardware that accepts requests via HTTP or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, initiates communication by making a request for a web page or other resource using HTTP, and the server responds with the content of that resource or an error message. A web server can also accept and store resources sent from the user agent if configured to do so.

<span class="mw-page-title-main">Proxy server</span> Computer server that makes and receives requests on behalf of a user

In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and performance in the process.

<span class="mw-page-title-main">Privoxy</span> Non-caching proxy server

Privoxy is a free non-caching web proxy with filtering capabilities for enhancing privacy, manipulating cookies and modifying web page data and HTTP headers before the page is rendered by the browser. Privoxy is a "privacy enhancing proxy", filtering web pages and removing advertisements. Privoxy can be customized by users, for both stand-alone systems and multi-user networks. Privoxy can be chained to other proxies and is frequently used in combination with Squid among others and can be used to bypass Internet censorship.

Inline linking is the use of a linked object, often an image, on one site by a web page belonging to a second site. One site is said to have an inline link to the other site where the object is located.

URL redirection, also called URL forwarding, is a World Wide Web technique for making a web page available under more than one URL address. When a web browser attempts to open a URL that has been redirected, a page with a different URL is opened. Similarly, domain redirection or domain forwarding is when all pages in a URL domain are redirected to a different domain, as when wikipedia.com and wikipedia.net are automatically redirected to wikipedia.org.

The Web Proxy Auto-Discovery (WPAD) Protocol is a method used by clients to locate the URL of a configuration file using DHCP and/or DNS discovery methods. Once detection and download of the configuration file is complete, it can be executed to determine the proxy for a specified URL.

<span class="mw-page-title-main">Dynamic web page</span> Type of web page

A dynamic web page is a web page constructed at runtime, as opposed to a static web page, delivered as it is stored. A server-side dynamic web page is a web page whose construction is controlled by an application server processing server-side scripts. In server-side scripting, parameters determine how the assembly of every new web page proceeds, and including the setting up of more client-side processing. A client-side dynamic web page processes the web page using JavaScript running in the browser as it loads. JavaScript can interact with the page via Document Object Model (DOM), to query page state and modify it. Even though a web page can be dynamic on the client-side, it can still be hosted on a static hosting service such as GitHub Pages or Amazon S3 as long as there is not any server-side code included.

A webform, web form or HTML form on a web page allows a user to enter data that is sent to a server for processing. Forms can resemble paper or database forms because web users fill out the forms using checkboxes, radio buttons, or text fields. For example, forms can be used to enter shipping or credit card data to order a product, or can be used to retrieve search results from a search engine.

A proxy auto-config (PAC) file defines how web browsers and other user agents can automatically choose the appropriate proxy server for fetching a given URL.

In HTTP networking, typically on the World Wide Web, referer spoofing sends incorrect referer information in an HTTP request in order to prevent a website from obtaining accurate data on the identity of the web page previously visited by the user.

<span class="mw-page-title-main">CGI:IRC</span> CGI program

CGI:IRC is a CGI program written in Perl that allows access to IRC via a web browser. It is designed to be flexible and has many uses such as an IRC gateway for an IRC network, a chat-room for a website or to access IRC when stuck behind a restrictive firewall.

<span class="mw-page-title-main">HTTP referer</span> HTTP header field

In HTTP, "Referer" is an optional HTTP header field that identifies the address of the web page, from which the resource has been requested. By checking the referrer, the server providing the new web page can see where the request originated.

<span class="mw-page-title-main">Polipo</span>

Polipo is a discontinued lightweight caching and forwarding web proxy server. It has a wide variety of uses, from aiding security by filtering traffic; to caching web, DNS and other computer network lookups for a group of people sharing network resources; to speeding up a web server by caching repeated requests. It can be configured to use on-disk cache and serve cached content when offline and perform various forms of content filtering.

<span class="mw-page-title-main">Helicon Ape</span>

Helicon Ape is a piece of software developed by Helicon Tech to bring Apache functionality to IIS web servers. It executes as an ASP.NET module for IIS 7, integrating the functionalities of over 35 Apache modules. This integration allows for the use of Apache configurations on IIS while maintaining the syntax intact, thereby extending the standard capabilities of IIS.

<span class="mw-page-title-main">DansGuardian</span> Content-control software

DansGuardian, written by SmoothWall Ltd and others, is content-control software: software designed to control which websites users can access. It also includes virus filtering and usage monitoring features. DansGuardian must be installed on a Unix or Linux computer, such as a server computer; its filtering extends to all computers in an organization, including Windows and Macintosh computers. DansGuardian is used by schools, businesses, value-added Internet service providers, and others.

Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF or XSRF, is a type of malicious exploit of a website or web application where unauthorized commands are submitted from a user that the web application trusts. There are many ways in which a malicious website can transmit such commands; specially-crafted image tags, hidden forms, and JavaScript fetch or XMLHttpRequests, for example, can all work without the user's interaction or even knowledge. Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user's browser. In a CSRF attack, an innocent end user is tricked by an attacker into submitting a web request that they did not intend. This may cause actions to be performed on the website that can include inadvertent client or server data leakage, change of session state, or manipulation of an end user's account.

The following outline is provided as an overview of and topical guide to the Perl programming language:

A web shell is a shell-like interface that enables a web server to be remotely accessed, often for the purposes of cyberattacks. A web shell is unique in that a web browser is used to interact with it.

References

  1. 1 2 Scott R. Lemmon (1999-03-23). "proxn2i.zip – Proxomitron: Custom filter webpages as viewed". Usenet . Retrieved 2017-06-03.
  2. Scott R. Lemmon. "What The Heck Is It?". proxomitron.info. Retrieved 2017-06-03.
  3. "MizzMona's Proxomitron Notes". mizzmona.com. Archived from the original on 2016-03-03. Retrieved 2017-06-03.
  4. Scott R. Lemmon. "Disorientation". proxomitron.info. Retrieved 2017-06-03.
  5. Iain Cheyne (2003-06-02). "The message from Scott". Usenet . Retrieved 2017-06-03. Yes, I pulled the site down...I was hurt that Arne attacked me personally...As Arne said, this isn't the first time I've considered giving it all up. This is just the first time I've actually done it. I apologize, I'm not perfect - all I was trying to do was the best I can. However, if a change I considered so minor can get me labeled as a "betrayer of trust" from someone I've long regarded with respect, then perhaps I shouldn't be doing this at all...There are many, many reasons for me to give it up - not just this. In this day and age I even worry someone might sue me because of it. I have to ask myself why devote so much of my life to something when it can illicit this kind of reaction from people. I've never asked that *anyone* use the program, and I'm surely not offended if people wish to use something else.
  6. "PROXOMITRON 4.5 -- May vs. June". proxomitron.info. Retrieved 2017-06-03.
  7. "Scott Lemmon, Proxomitron Author, Deceased May 1st 2004". castlecops.com. 2004-07-16. Archived from the original on 2008-10-11. Retrieved 2017-06-03.