Deprecated: Assigning the return value of new by reference is deprecated in /var/www/content/wiki/wwk/includes/DifferenceEngine.php on line 413

Deprecated: Assigning the return value of new by reference is deprecated in /var/www/content/wiki/wwk/includes/DifferenceEngine.php on line 414
Privoxy - WorldWideWiki
  Article | Talk | Edit | History  

Privoxy

From the World Wide Wiki
If you can read this, you're in range.
(Difference between revisions)
Jump to: navigation, search
Revision as of 13:52, 30 April 2010
Bmearns (Talk | contribs)
(Blocking Facebook's Open Graph)
← Previous diff		 Revision as of 13:57, 30 April 2010
Bmearns (Talk | contribs)
(Blocking Facebook's Open Graph)
Next diff →
Line 33: Line 33:
#Except if it was referred by facebook, make sure we allow the cookies. #Except if it was referred by facebook, make sure we allow the cookies.
{allow-all-cookies} {allow-all-cookies}
-TAG:^referrer-site:^(?:https?://)?.*\.?(facebook.com)(?:/.*)?$+TAG:^referrer-site:(?:https?://)?.*\.?(facebook.com)(?:/.*)?$
</pre> </pre>

Revision as of 13:57, 30 April 2010

Blocking Facebook's Open Graph

Open Graph is this absurd thing that Facebook has implemented where other sites can access all sorts of information about you if you're currently logged onto Facebook in the same browser. To work, it relies on the fact that your browser will send your facebook login cookies to some secondary resource (an IFRAME or script or something, not sure of the details). You can use privoxy to block this by scrubbing away cookies if the referrer is not Facebook itself. This way, when remote sites reference this Facebook resource, privoxy will block the cookies, but when you access Facebook directly, the cookies will be sent as usual because the referrer will be Facebook.

Put this in your .filter file (e.g., user.filter, if you've got user.filter listed in your config file): 

#################################################################################
# referrer-set: This applies a tag "referrer-set:<referer>" to requests when the
#               referrer header is set.
#               Among other things, this is used to block Facebook Open Graph
#               stuff, and provide an escape hatch for when no referrer is set.
#################################################################################
CLIENT-HEADER-TAGGER: referrer-set Tag requests where the referrer is set.
s@^Referr?er:\s*(\S.*)$@referrer-set:$1@i

Then put this in your .actions file (e.g., user.action) 

#############################################################################
# BPM
# This is used for blocking Facebook Open Graph stuff, where third party
# sites include resources from Facebook.
#############################################################################
#See if the referrer is ever set.
{+client-header-tagger{referrer-set}}
.facebook.com

#If a referrer was set, block cookies.
{+crunch-outgoing-cookies}
TAG:^referrer-set:

#Except if it was referred by facebook, make sure we allow the cookies.
{allow-all-cookies}
TAG:^referrer-site:(?:https?://)?.*\.?(facebook.com)(?:/.*)?$

A side effect is that actual links to Facebook from other sites will have cookies blocked as well. To get around this, just stick your cursor in the address bar and hit enter. This should resend the request, but as a direct access, so the referrer won't be set. Once you've configured your system, you can try it out: http://www.facebook.com. This link should not have you logged in, but if you hit enter in the address bar, it should work.

Retrieved from "http://bmearns.net/wwk/view/Privoxy"