From: Duncan <1i5...@co...> - 2016-01-16 05:54:58
|
Christopher Cabuzzi posted on Sat, 16 Jan 2016 01:55:25 +0000 as excerpted: > I've used Privoxy for years to keep my kids off the seedier parts of the > internet. I've used Privoxy in a strictly whitelist mode. Up until now, > it hasn't been that big of an issue to manage. If the kids wanted to go > to a website, I would ask for the main site, then watch the log to see > if any elements needed to be unblocked for a particular page/webapp to > run. I do not allow referrals, because within 5 minutes, google, > facebook, youtube, etc... will all be added to the allow list. > > My particular issue today is with the Origin application used to launch > games from a PC. My son plays Star Wars Battlefront, but the Origin app > is particularly crappy when it comes to running through a proxy. If > *any* single element of the dynamic webpage built into the client is > blocked, the whole app crashes, preventing games from being launched. Up > until a week ago, it was running fine, albeit with a huge amount of > content providers added to the trust and user actions file. > > Today, it stopped working again. When I looked at the Privoxy logs, > Origin was trying to make connections to several new sites, including > www.google.com<http://www.google.com>, which the kids are not allowed to > go to. Facebook is another site that Origin insists on loading through > the app, though the subsites are usually specific enough to keep the > main page from loading. [Please don't post in HTML, as some of us use mail clients that don't parse HTML in ordered to keep security issues to a minimum, and the raw HTML is just plain ugly. Plain text is fine. Your post had both.] It's quite possible to do what you need via privoxy, with the possible exception of hardcoded https depending on how the browser/app handles that. However, if privoxy is blocking it at all, the intercept and redirect should be possible. Presumably by whitelist mode, you mean the trustfile, as described in section 7.2.8 of the user manual (there's a URL below). I've not used this mode and don't know how it interacts with the below. It may be that you have to turn off whitelist mode to get the below to work. Or you may simply have to whitelist the local privoxy resource (p.p) and/or what you redirect to, if some other (presumably trusted) remote site. It's a step up in complexity from simple whitelist mode, but privoxy is perfectly capable of doing redirects, and indeed, uses that to redirect certain requests to privoxy-internal resources. For instance, it substitutes requests to an internal image for various ads, in the more usual ad-blocking mode. For details you can refer to the privoxy user manual and to usage in the default configuration files, but what you'll want to look at, at minimum, are the action file commands: block (section 8.5.2, this actually serves local resources instead) handle-as-image (8.5.20) set-image-blocker (8.5.35) handle-as-empty-document (8.5.19) ... and as a block alternative... redirect (8.5.31) http://config.privoxy.org/user-manual/ Section 8 is action files in general. You'll want to read the intro if you're not particularly familiar with them. Section 8.4 explains patterns, and section 8.5 is the actions list including the above action commands, but read its intro as well. Between the manual, the examples in the manual, and the examples in the default config files, you should be able to figure it out, tho it might take some time and study. Also of interest is section 7.6.10, handle-as-empty-document-returns-ok, set it the main config file, which you may have to set, along with block and handle-as-empty-document in the actions file, to fool the app into believing all is well. So what you want to do should be possible, but it's complex enough it might take some time to figure out and setup properly. -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman |