[Rabbit-proxy-development] Re: Re: 060403: Pre-3.1 imressions & ideas for the future releases

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

 > -----Original Message-----
 > From: Robert Olofsson [mailto:ro...@kh...]
 > Sent: 03. april 2006 22:34
 > To: Matej Miheli=E8
 > Cc: rab...@li...
 > Subject: Re: [Rabbit-proxy-development] 060403: Pre-3.1 imressions &=20
ideas
 > for the future releases

[MM] ...

 > > There is one more problem regarding Firefox and incomplete pages in
 > > connection with time-outs. It looks like sometimes the connection wi=
ll
 > > simply hang and then an incomplete page is returned and cached by th=
e
 > > Firefox. I don't exactly know what is happening but I've not seen su=
ch
 > > behaviour with any other proxy and I have a few experiences.
 >
 > Hmmm, I have not seen this. Do you have a web site where it usually
 > happens?

[MM] I'll try to find a pattern. It is probably connected with me=20
overloading the Rabbit. My usual browsing habbits include simultaneous=20
opening of 30 tabs in Firefox :).

 > > There is a condition that you may want to handle gracefully. Some
 > > webmasters use and send "-1" as a value for "Expires" header. I know=

 > > this is a violation of the RFC but it is common. You should handle i=
t
 > > gracefully. It means don't cache or already expired.
 >
 > Maybe, but note that there are _very_ many different expires that
 > violate the spec. I could try to make rabbit be a bit nicer with -1 an=
d
 > already expired entries when it is run in non-strict mode.

[MM] That's what I meant. This one is very common due to people not=20
thinking what it is written in MS ASP documentation. There is an example =

specifying -1 for expires property. And they are using it anywhere.

 > > If you would implement the ad blocking and URL blocking in a way tha=
t
 > > would enable user to use a pre-prepared block lists you would really=

 > > help them. The most popular ad-block list would be the one for the
 > > ADBlock Firefox extension - G-Filter sets (
 > > http://www.pierceive.com/filtersetg/ ). They are formed in two separ=
ate
 > > lists: black list and white list. By implementing the import from th=
em
 > > in the Rabbit you would really help the users.
 >
 > This ought to be simple enough. Rabbit currently uses one regexp and
 > theese lists seems to be a set of regexps.

[MM] I am glad to hear this. This really looks vary useful to me.

 > >    * Enhance "rabbit.filter.BlockFilter" to blocks HTTPS URLs as wel=
l.
 > >      I have explained in a previous message why I find this importan=
t.
 >
 > This could be easy or hard, depending on what you mean.
 > Blocking the CONNECT request is trivial, but what happens on an tunnel=
ed
 > and encrypted connection is not something rabbit can filter.

[MM] Yes. This would suffice. It would allow for filtering sites that=20
are trying to enforce HTTPS.
=20
 > >    * When possible embed external files into the HTML using the
 > >      RFC-2397 data URI scheme
 >
 > Ugh, Sounds like this will take some time, if I am to do it. You do no=
t
 > have a patch ready? ;-).

[MM] I get the back tone :) Your project is the first one in a long time =

that is interesting to me. But I am no Java coder - actually I am no=20
programmer at all. If there were something to do with DB/SQL backend=20
than it would be easy for me to help. More important reason for me not=20
immediately offering help is that I have decided to steer as far away=20
from computers in my spare time as I possibly can. I am not very=20
successful in this resolution but I try to.
=20
 > >      I know that data URI is in general limited to 1024-4096 bytes
 >
 > Rabbit currently has a 4k buffer so that is the current maximum uri fo=
r
 > rabbit. I plan to make that growable as needed in the future. I believ=
e
 > that it ought to stay limited though.
 >
 > >        * I would also replace HREFs that are pointing to
 > >          (adfiler/blockfilter) blocked URLs with one of the followin=
g
 > ones:
 > >              o HREF to a fixed error page at the RABBIT server. This=

 > >                would allow for caching of the response.
 > >              o HREF=DAta:,Rabbit%20denied%20this%20page
 >
 > What do you think that this does:
 > adreplacer=3Dhttp://$proxy/FileSender/public/NoAd.gif

[MM] Ah... How easy is to get carried away and not thinking things=20
through twice.. Yes. You are right.

 > So for ad-filtering this already works. Adding blocked site replacemen=
t
 > could be tricky, due to me wanting to have the real site name in the
 > "this page '<page url>' is blocked by rabbit configuration..."

[MM] Well, you could embed the message in data URI. But this is a=20
function od ad-blocking - isn't it? Perhaps a variable with a block URL=20
would be usefull?. It would allow for the following syntax:

adreplacer=3Ddata:text/html,<HTML><BODY><B>Rabbit3</B> denied this page -=
=20
<A href=3D"$1noproxy.$2">Click here for unfiltered page</A></BODY></HTML>=

 > > Then there is one last proposal. You could implement SSL filtering a=
s
 > > well. Proxomitron is a great example how it could be done. It users
 > > temporary SSL key between client and proxy and temporary or predefin=
ed
 > > SSL certificates when communicating with remote servers.
 >
 > Maybe, again, this is probably something that will take time. Rabbit i=
s
 > a spare time project so patches are very welcome.
 >
 > Many nice ideas, I like it.

[MM] I must say that I am tempted. We will see.

 > Thanks
 > /robo