• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1//////////////////////////////////////////////////////////////////////////////
2//
3// John's No-ADS proxy auto configuration script
4//	http://www.schooner.com/~loverso/no-ads/
5//	loverso@schooner.com
6//	Questions/help web forum at http://www.network54.com/Hide/Forum/223428
7//
8// Copyright 1996-2004, John LoVerso.  All Rights Reserved.
9//
10//	Permission is given to use and distribute this file, as long as this
11//	copyright message and author notice are not removed.
12//
13//	No responsibility is taken for any errors on inaccuracies inherent
14//	either to the comments or the code of this program, but if reported
15//	to me, then an attempt will be made to fix them.
16//
17// ("no monies exchanged" in Copyright clause removed 11/2001)
18//
19var noadsver = "$Id: no-ads.pac,v 5.70 2007/05/11 16:56:01 loverso Exp loverso $";
20
21// ****
22// **** If you do not use a proxy to access the Internet, then the following
23// **** line is already fine.
24// ****
25// **** If you use an a proxy to access the Internet, as required by your
26// **** ISP or firewall, then change the line below, replacing
27// **** "DIRECT" with "PROXY hostname:port", using the correct hostname:port
28// **** for your proxy server.
29// ****
30var normal = "DIRECT";
31
32// ***
33// *** If you are not using a blackhold proxy, then you can leave this
34// *** setting as is.
35// ***
36// *** Otherwise, update the next line with the correct hostname:port
37// *** of your blackhole proxy server.  If you are using Larry Wang's
38// *** BHP for Windows, you need to change the "0.0.0.0" to "127.0.0.1"
39// ***
40var blackhole = "PROXY 0.0.0.0:3421";
41
42// ***
43// *** If you need a different proxy to access local/internal hosts vs.
44// *** the rest of the Internet, set 'localproxy' to that value.  Otherwise,
45// *** 'localproxy' defaults to the same value as 'normal', so you do
46// *** not need to change anything in the normal case.
47// ***
48// *** Some typical cases:
49// ***	- 'normal' might be one proxy, and 'localproxy' might be another
50// ***	- 'normal' might be a proxy, and 'localproxy' might be "DIRECT"
51// ***
52// *** You will also need to change the LOCAL section below by adding
53// *** rules to match your local/internal hosts.
54// ***
55var localproxy = normal;
56
57// ***
58// *** 'bypass' is the preferred proxy setting for when no-ads is inactive.
59// *** Either use '= normal' or '= localproxy' (or perhaps just "DIRECT").
60// *** This only matters when you need to use a localproxy.
61// *** (You probably don't need to care about this)
62// ***
63var bypass = normal;
64
65///////////////////////////////////////////////////////////////////////////////
66//
67// This simple kludge uses a mechanism built into most browsers (IE, Netscape,
68// Mozilla, Firefox, and Opera) on most platforms to block connections to
69// banner ad servers.
70//
71// This mechanism uses the "proxy auto configuration" to blackhole requests
72// to load ad images without forcing all your traffic through an ad-blocking
73// proxy server.  Of course, unlike ad-blocking proxy servers, this does not
74// otherwise not strip cookies.
75//
76// "Proxy auto configuration" invokes the JavaScript FindProxyForURL function
77// below each time your browser requests a URL.  This works even if you have
78// JavaScript otherwise disabled in your browser!  (Which you should!)
79//
80
81//
82// Send me your additions or comments.  I'll credit you in the file.
83// (But I've removed all email addresses to stop spam harvesters).
84//
85
86
87///////////////////////////////////////////////////////////////////////////////
88//
89// These are the basic steps needed to use "no-ads.pac".
90// Detailed instructions follow below!
91//
92// 1. Save this as a file (no-ads.pac) on your local disk
93//    (or, add it to your home page, if you have one)
94// 2. Select a no-ads "blackhole".
95// 3. Configure your browser to use this file as its auto proxy configuration.
96// 4. Clear your browser's cache
97//    (or else it may still show you ads it has saved on your disk).
98//
99
100
101///////////////////////////////////////////////////////////////////////////////
102//
103// 1. SAVE THIS FILE
104//
105// Copy this file to your local machine; use your home directory (UNIX)
106// or your Desktop or C:\ directory (Windows).
107//
108
109
110
111///////////////////////////////////////////////////////////////////////////////
112//
113// 2. SELECT A NO-ADS BLACKHOLE
114//
115// You can skip this section if you are using any version of Internet Explorer.
116// You can also skip this section for Netscape 7.1, Mozilla 1.4, or
117// Firefox 1.0 (or later), as they include PAC failover support (but do
118// read the note in section "2a" below).
119//
120//
121// The basic trick of no-ads is to match the site or URL of annoying web content
122// and tell your browser to use a proxy that will deny loading of that resource
123// (image, page, etc).
124//
125// A "black-hole" proxy server is one that always denies loading a web page.
126// ("send it off to a blackhole").
127//
128// When you initially get "no-ads.pac", it is using this as the blackhole:
129//
130//	"PROXY 0.0.0.0:3421"
131//
132// This says to use the local host at a port which nothing should be listening
133// on.  Thus, this is "a server that doesn't repond."
134//
135// This is a good default for all systems, and especially Windows.
136// However, if you are using the Blackhole Proxy Server on Windows,
137// be sure to change it to "PROXY 127.0.0.1:3421"
138//
139//
140// Some possibilities for the blackhole:
141//
142//	a. A server that doesn't respond.
143//
144//		*** This works for all versions of Internet Explorer.
145//		*** This mostly works for Mozilla, Firefox, and Netscape.
146//
147//		If you do nothing, then this is configured to direct annoying
148//		content to the proxy running on your own host at port 3421.
149//		Since you shouldn't have anything running on that port, that
150//		connection will timeout and the annoying content will never be
151//		loaded.
152//
153//		Older versions of Netscape wait to connect to the proxy server
154//		(usually it needs to load part of the image to layout the web
155//		page), and then asks if you want to disable the proxy that
156//		doesn't answer.
157//
158//		Older versions of Mozilla will give an alert saying it couldn't
159//		connect to the proxy server.
160//
161//		Mozilla 1.4+, Firefox 1.0+ and Netscape 7.1 will only give
162//		you this alert if the whole page being display is blocked,
163//		rather than just an image on that page.  Thus, I still
164//		recommend a blackhole proxy even though it isn't needed.
165//
166//		Opera will disable your auto proxy config if the proxy server
167//		doesn't respond.
168//
169//		IE doesn't care that the proxy server isn't responding.  As
170//		this avoids a connection for annoying content, it is fastest.
171//
172//	b. A simple, blackhole server
173//
174//		When needed, I run a simple "server" at port 3421 that denies
175//		all requests.  Some options you can use for this:
176//
177//		- On Windows, you can try Larry Wang's black-hole proxy program:
178//
179//			http://leisuresuit10.tripod.com/BlackHoleProxy/
180//
181//		  I can not vouch that his binaries are virus free, but he does
182//		  offer the source code.
183//
184//		- I use this shell script on UNIX; it is invoked via inetd.
185//		  /usr/local/lib/noproxy:
186//
187//			#!/bin/sh
188//			read a
189//			read b
190//			echo HTTP/1.0 501 No Ads Accepted
191//			echo ""
192//			exit
193//
194//		  Add this line to inetd.conf ('kill -HUP' inetd afterwards):
195//
196//		    3421 stream tcp nowait nobody /usr/local/lib/noproxy noproxy
197//
198//		  This simple script doesn't work on Linux because of the
199//		  (IMHO) broken way its TCP stack works.  See the bottom of
200//		  http://www.schooner.com/~loverso/no-ads/ for a complete copy
201//		  of the `noproxy' shell script.
202//
203//		  If always exec'ing a shell was expensive on your computer
204//		  (it isn't on mine), then you could use a "wait"-style Perl
205//		  script that would accept() incoming connections.
206//
207//		- Sean Burke has a black-hole proxy written in Perl script:
208//
209//		  http://www.speech.cs.cmu.edu/~sburke/pub/black_hole_http_server.pl
210//		  (This is a standalone server, not run from inetd).
211//
212//	e. A trick: use an HTTP/1.0 non-proxy server
213//
214//		An HTTP/1.0 non-proxy server will return a 501 error when
215//		given a proxy request.  Thus, just use the address of your
216//		local intranet web server as your blackhole PROXY.
217//		The downside of this is that it will probably also log an
218//		error, which wastes a small amount of resources.
219//
220//	***
221//	*** Be sure to update the "blackhole" variable above with a setting of
222//	*** "PROXY hostname:port" that matches your blackhole server!!
223//	***
224//
225//	***
226//	*** If you already use a proxy server to access the WWW,
227//	*** change the "normal" variable above from "DIRECT" to
228//	*** be "PROXY proxy:port" to match your proxy server.
229//	***
230
231
232///////////////////////////////////////////////////////////////////////////////
233//
234// 3. TO CONFIGURE YOUR BROWSER
235//
236// The Proxy Auto Configuration file can be either on the local disk or
237// accessed from a web server, with the following constraints:
238//
239//	a. IE4 can only load the PAC from a web server (http:// URL)
240//	b. Netscape, Mozilla, Firefox and IE (5 or later) can load the
241//	   PAC from anywhere.
242//	c. Netscape, Mozilla, Firefox and (probably) Opera require the correct
243//	   MIME type when loading the PAC from a web server.
244//
245//
246// To set the Proxy Auto Configuration with Netscape, Mozilla, or Firefox:
247//
248//   1. Enable Proxy Auto Config:
249//
250//	For Netsacpe/Mozilla:
251//
252//		Open "Edit->Preferences"
253//		Select "Advanced"
254//		Select "Proxies"
255//
256//	For Firefox (1.0):
257//
258//		Open "Tools->Options"
259//		Select "Coonection Settings" on the General tab:
260//
261//	Select the "Auto proxy configuration URL" option.
262//	Enter URL or path of where you've saved this file, such as:
263//
264//		http://yourserver/no-ads.pac
265//
266//	If you place this on your local disk, you should use a
267//	file: URL such as:
268//
269//		file:/home/loverso/no-ads.pac			(UNIX)
270//		file:///c:/windows/desktop/no-ads.pac		(Windows)
271//
272//	(file:/ and file:// will work in Mozilla, but file:/// is correct
273//	required for Firefox)
274//
275//   2. If you are serving this from a web server, these browsers require
276//      the correct MIME type on the file before using it.  You must configure
277//      your web server to provide a "application/x-ns-proxy-autoconfig"
278//	MIME type.
279//
280//      a. For Apache, name the file with a ".pac" extension and add this
281//	   line to the http.conf (or the .htaccess file in the same directory):
282//
283//		AddType application/x-ns-proxy-autoconfig .pac
284//
285//      b. For IIS (instructions from Kevin Roth)
286//
287//	   Open Internet Services Manager
288//	   Right click on the web site (or directory) you wish to change.
289//	   Choose Properties
290//	   Click the "HTTP Headers" tab
291//	   Click the "File Types" button in the "MIME Map" section
292//	   Click the "New Type..." button
293//	   Enter "pac" for "Associated Extension"
294//	   Enter "application/x-ns-proxy-autoconfig" for "Content Type (MIME)"
295//	   Click OK to close the Add type dialog, the MIME types dialog,
296//		and the main properties dialog.
297//
298//      (This is definately needed for NS, but not for IE)
299//
300//
301// To set the Proxy Auto Configuration with IE:
302//
303//   1. Enable Proxy Auto Config:
304//
305//	Open "Tools->Internet Options"
306//	Select "Connections" tab
307//	Click "LAN Settings"
308//		or Choose an entry from "Dial-up settings" and click "Settings"
309//
310//	On the settings dialog, select "Use automatic configuration script"
311//	Enter the URL of this file in Address field.
312//
313//		http://yourserver/no-ads.pac
314//		file:///c:/windows/desktop/no-ads.pac		(Windows)
315//
316//	You can only use a file: URL with IE5 (or later).
317//	("file:///" with with IE versions after 5.0 SP2)
318//
319//   2. Fix Security Settings (IMPORTANT):
320//
321//	Select "Security" tab
322//	Select "Local intranet"
323//	Click "Sites" box
324//	Unselect "include all sites that bypass the proxy server" option
325//
326//   3. Disable "Auto Proxy Caching" (IMPORTANT):
327//      (thanks to Kevin Roth for alerting me of this!)
328//
329//	IE contains a proxy result caching mechanism that will defeat the
330//	ability to block servers that server both ad and non-ad content.
331//	To prevent this, add the registry key described in this MS KB article:
332//
333//		http://support.microsoft.com/?kbid=271361
334//
335//	You can do so by downloading this file and clicking on it to load
336//	it into the registry.  This must be done on a per-user basis.
337//	http://www.schooner.com/~loverso/no-ads/IE-no-auto-proxy-cache.reg
338//
339//   IE doesn't currently check the MIME type of the PAC file.
340//
341//   To see some notes from MS on PAC in IE, see
342//	http://msdn.microsoft.com/library/periodic/period99/faq0599.htm
343//	(they seem to have removed this URL)
344//
345//
346// To set the Proxy Auto Configuration with Opera 6 (6.04 on Windows tested):
347//
348//   1. Enable Proxy Auto Config:
349//	Open the Preferences (Alt-P)
350//	Select "Network"
351//	Click the "Proxy servers" box
352//	Select "Use automatic proxy configuration"
353//	Enter the URL of this file as
354//
355//		http://yourserver/no-ads.pac
356//		file://c:/windows/desktop/no-ads.pac
357//
358//	(file:/// might be needed; I've not tested Opera lately)
359//
360//   2. You must use a blackhole proxy for Opera (it will not work with an
361//	address of a server that does not respond).
362//
363//   3. Be sure to clear the cache and exit/restart Opera.
364//
365
366
367///////////////////////////////////////////////////////////////////////////////
368//
369// 4. CLEAR YOUR BROWSER'S CACHE
370//
371// For Internet Explorer:
372//
373//	Open "Tools->Internet Options"
374//	Select "Delete Files" under "Temporary Internet Files"
375//	Click "OK"
376//
377// For Mozilla/Netscape Navigator:
378//
379//	Open "Edit->Preferences"
380//	Select "Advanced"
381//	Select "Proxies"
382//	Click "Clear Disk Cache"
383//	Click "Clear Memory Cache"
384//
385// For Firefox:
386//
387//	Open "Tools->Options"
388//	Select the "Privay" tab
389//	Scroll down or go to the "Cache" section
390//	Click "Clear"
391//
392// For Opera:
393//
394//	Open "File->Preferences"
395//	Select "History and cache"
396//	Click "Empty now"
397//
398
399
400///////////////////////////////////////////////////////////////////////////////
401//
402// To see the definition of this page's JavaScript contents, see
403//
404//	http://home.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html
405//
406// Microsoft includes this in their KB article:
407//
408//	http://support.microsoft.com/support/kb/articles/Q209/2/66.ASP
409//
410// Special PAC functions:
411// Hostname:
412//	isPlainHostName(host)
413//	dnsDomainIs(host, domain)
414//	localHostOrDomainIs(host, hostdom)
415//	isResolvable(host)
416//	isInNet(host, pattern, mask)
417// Utility:
418//	dnsResolve(host)
419//	myIpAddress()
420//	dnsDomainLevels(host)
421// URL:
422//	shExpMatch(str, shexp)
423// Time:
424//	weekdayRange(wd1, wd2, gmt)
425//	dateRange(...)
426//	timeRange(...)
427//
428// Other functions and methods that may work:
429//	http://developer.netscape.com/docs/manuals/communicator/jsref/win1.htm
430//	Note that "alert()" only works with Netscape4 and IE, and Mozilla 1.4+.
431//
432// NOTE:
433//	isInNet() will resolve a hostname to an IP address, and cause
434//	hangs on Mozilla/Firefox.  Currently, these are stubbed out and replaced
435//	with shExpMatch(host, "a.b.c.*"), which doesn't do the same thing,
436//	but is sufficient for these purposes.
437//
438// Additional Mozilla/Firefox comments:
439//
440//	All the above PAC functions are implemented in JavaScript,
441//	and are added to the body of your PAC file when it is loaded.
442//	See the "components/nsProxyAutoConfig.js" browser install
443//	directory.
444//
445//	- shExpMatch() is implemented as three pattern.replaces()
446//		 followed by a call to RegExp()  (SLOW)
447//	- isPlainHostname() just checks for lack of "." in the string
448//	- dnsDomainIs() just matches strings exactly
449//	- alert() is bound to this.proxyAlert(), which displays a message
450//		in the JavaScript console window
451
452///////////////////////////////////////////////////////////////////////////////
453//
454// Regular Expressions
455//
456// Angus Turnbull pointed out the JavaScript 1.2 RE operators to me.
457// These should work in NS4 and IE4 (or later), but I have only tested on
458// Mozilla (1.3), IE5.5, and IE6.  PLEASE TELL ME IF IT WORKS FOR YOU!
459//
460// A good introduction is at:
461//	http://www.evolt.org/article/Regular_Expressions_in_JavaScript/17/36435/
462// Some references:
463//	(old Netscape documentation is gone)
464//	http://devedge.netscape.com/library/manuals/2000/javascript/1.5/reference/regexp.html
465//	http://developer.netscape.com/docs/manuals/js/client/jsref/regexp.htm
466//	http://www.webreference.com/js/column5/
467//	http://msdn.microsoft.com/library/default.asp?url=/library/en-us/script56/html/js56jsobjRegExpression.asp
468//	http://msdn.microsoft.com/library/default.asp?url=/library/en-us/script56/html/js56jsgrpRegExpSyntax.asp
469// Real-time evaluator:
470//	http://www.cuneytyilmaz.com/prog/jrx/
471//
472// I'm slowly replacing multiple glob patterns with regexps.
473// By using RE literals of /.../ rather than the constructor 'new RegExp()',
474// the regexps should be compiled as no-ads.pac is loaded.
475//
476// Important notes:
477// -	if using the constructor, \ needs to be quoted; thus "\\." is used
478//	to match a literal '.'.  In the RE literal form, I need to end up
479//	quoting any / for a URL path.
480// -    Avoid these for now; they are broken or not supported in "older"
481//	browsers such as NS4 and IE4:
482//	- look-aheads (?=pat)
483//	- non-greedy ? - a ? that follows *,+,?, and {}; (s)? is NOT non-greedy
484//
485
486// matches several common URL paths for ad images:
487// such as: /banner/ /..._banner/ /banner_...
488// but matches several words and includes plurals
489var re_banner = /\/(.*_){0,1}(ad|adverts?|adimage|adframe|adserver|admentor|adview|banner|popup|popunder)(s)?[_.\/]/i;
490
491// matches host names staring with "ad" but not (admin|add|adsl)
492// or any hostname starting with "pop", "clicks", and "cash"
493// or any hostname containing "banner"
494// ^(ad(s)?.{0,4}\.|pop|click|cash|[^.]*banner|[^.]*adserv)
495// ^(ad(?!(min|sl|d\.))|pop|click|cash|[^.]*banner|[^.]*adserv)
496// ^(ad(?!(min|sl|d\.))|pop|click|cash|[^.]*banner|[^.]*adserv|.*\.ads\.)
497var re_adhost = /^(www\.)?(ad(?!(ult|obe.*|min|sl|d|olly.*))|tology|pop|click|cash|[^.]*banner|[^.]*adserv|.+\.ads?\.)/i;
498
499// neg:
500//	admin.foobar.com
501//	add.iahoo.com
502//	adsl.allow.com
503//	administration.all.net
504// pos:
505//	fire.ads.ighoo.com
506//	ads.foo.org
507//	ad0121.aaaa.com
508//	adserver.goo.biz
509//	popup.foo.bar
510
511///////////////////////////////////////////////////////////////////////////////
512
513var isActive = 1;
514
515function FindProxyForURL(url, host)
516{
517    // debug
518    // alert("checking: url=" + url + ", host=" + host);
519
520    // Excellent kludge from Sean M. Burke:
521    // Enable or disable no-ads for the current browser session.
522    //
523    // To disable, visit this URL:		http://no-ads.int/off
524    // To re-enable, visit this URL:		http://no-ads.int/on
525    //
526    // (this will not work with Mozilla or Opera if the alert()s are present)
527    //
528    // This happens before lowercasing the URL, so make sure you use lowercase!
529    //
530    if (shExpMatch(host, "no-ads.int")) {
531        if (shExpMatch(url, "*/on*")) {
532	    isActive = 1;
533	    //alert("no-ads is enabled.\n" + url);
534	} else if (shExpMatch(url, "*/off*")) {
535	    isActive = 0;
536	    //alert("no-ads has been disabled.\n" + url);
537	} else if (shExpMatch(url, "*no-ads.int/")) {
538	    alert("no-ads is "+(isActive ? "enabled" : "disabled")+".\n" + url);
539	} else {
540	    alert("no-ads unknown option.\n" + url);
541	}
542
543	return blackhole;
544    }
545
546    if (!isActive) {
547	// alert("allowing (not active): return " + bypass);
548	return bypass;
549    }
550
551    // Suggestion from Quinten Martens
552    // Make everything lower case.
553    // WARNING: all shExpMatch rules following MUST be lowercase!
554    url = url.toLowerCase();
555    host = host.toLowerCase();
556
557    //
558    // Local/Internal rule
559    // matches to this rule get the 'local' proxy.
560    // Adding rules here enables the use of 'local'
561    //
562    if (0
563	// LOCAL
564	// add rules such as:
565  	//	|| dnsDomainIs(host, "schooner.com")
566	//	|| isPlainHostName(host)
567	// or for a single host
568	//	|| (host == "some-local-host")
569	) {
570	// alert("allowing (local): return " + localproxy);
571	return localproxy;
572    }
573
574    //
575    // Whitelist section from InvisiBill
576    //
577    // Add sites here that should never be matched for ads.
578    //
579    if (0
580	// WHITELIST
581    	// To add whitelist domains, simple add a line such as:
582  	//	|| dnsDomainIs(host, "schooner.com")
583	// or for a single host
584	//	|| (host == "some-host-name")
585
586	// Note: whitelisting schooner.com will defeat the "is-it-working"
587	// test page at http://www.schooner.com/~loverso/no-ads/ads/
588
589	// Apple.com "Switch" ads
590	|| shExpMatch(url, "*.apple.com/switch/ads/*")
591
592	// SprintPCS
593	|| dnsDomainIs(host, ".sprintpcs.com")
594
595	// Lego
596	|| dnsDomainIs(host, ".lego.com")
597
598	// Dell login popups
599	|| host == "ecomm.dell.com"
600
601	|| host == "click2tab.mozdev.org"
602	|| host == "addons.mozilla.org"
603
604	// Uncomment for metacrawler
605	// || (host == "clickit.go2net.com")
606
607        // Wunderground weather station banners
608	|| shExpMatch(url, "*banners.wunderground.com/cgi-bin/banner/ban/wxbanner*")
609	|| shExpMatch(url, "*banners.wunderground.com/weathersticker/*")
610	) {
611	// alert("allowing (whitelist): return " + normal);
612	return normal;
613    }
614
615    // To add more sites, simply include them in the correct format.
616    //
617    // The sites below are ones I currently block.  Tell me of others you add!
618
619    if (0
620	// BLOCK
621	// Block IE4/5 "favicon.ico" fetches
622	// (to avoid being tracked as having bookmarked the site)
623	|| shExpMatch(url, "*/favicon.ico")
624
625	//////
626	//
627	// Global Section
628	// tries to match common names
629	//
630
631	// RE for common URL paths
632	|| re_banner.test(url)
633
634	// RE for common adserver hostnames.
635	// The regexp matches all hostnames starting with "ad" that are not
636	//	admin|add|adsl
637	// (replaces explicit shExpMatch's below)
638	|| re_adhost.test(host)
639
640//	|| (re_adhost.test(host)
641//	    && !(
642//	        shExpMatch(host, "add*")
643//	     || shExpMatch(host, "admin*")
644//	     || shExpMatch(host, "adsl*")
645//	   )
646//	)
647//	// or any subdomain "ads"
648//	|| (dnsDomainLevels(host) > 2 && shExpMatch(host, "*.ads.*"))
649
650	//////
651	//
652	// banner/ad organizations
653	// Just delete the entire namespace
654	//
655
656        // doubleclick
657	|| dnsDomainIs(host, ".doubleclick.com")
658        || dnsDomainIs(host, ".doubleclick.net")
659        || dnsDomainIs(host, ".rpts.net")
660	|| dnsDomainIs(host, ".2mdn.net")
661	|| dnsDomainIs(host, ".2mdn.com")
662
663	// these set cookies
664	|| dnsDomainIs(host, ".globaltrack.com")
665	|| dnsDomainIs(host, ".burstnet.com")
666	|| dnsDomainIs(host, ".adbureau.net")
667	|| dnsDomainIs(host, ".targetnet.com")
668	|| dnsDomainIs(host, ".humanclick.com")
669	|| dnsDomainIs(host, ".linkexchange.com")
670
671	|| dnsDomainIs(host, ".fastclick.com")
672	|| dnsDomainIs(host, ".fastclick.net")
673
674        // one whole class C full of ad servers (fastclick)
675	// XXX this might need the resolver
676//        || isInNet(host, "205.180.85.0", "255.255.255.0")
677	|| shExpMatch(host, "205.180.85.*")
678
679	// these use 1x1 images to track you
680	|| dnsDomainIs(host, ".admonitor.com")
681	|| dnsDomainIs(host, ".focalink.com")
682
683	|| dnsDomainIs(host, ".websponsors.com")
684	|| dnsDomainIs(host, ".advertising.com")
685	|| dnsDomainIs(host, ".cybereps.com")
686	|| dnsDomainIs(host, ".postmasterdirect.com")
687	|| dnsDomainIs(host, ".mediaplex.com")
688	|| dnsDomainIs(host, ".adtegrity.com")
689	|| dnsDomainIs(host, ".bannerbank.ru")
690	|| dnsDomainIs(host, ".bannerspace.com")
691	|| dnsDomainIs(host, ".theadstop.com")
692	|| dnsDomainIs(host, ".l90.com")
693	|| dnsDomainIs(host, ".webconnect.net")
694	|| dnsDomainIs(host, ".avenuea.com")
695	|| dnsDomainIs(host, ".flycast.com")
696	|| dnsDomainIs(host, ".engage.com")
697	|| dnsDomainIs(host, ".imgis.com")
698	|| dnsDomainIs(host, ".datais.com")
699	|| dnsDomainIs(host, ".link4ads.com")
700	|| dnsDomainIs(host, ".247media.com")
701	|| dnsDomainIs(host, ".hightrafficads.com")
702	|| dnsDomainIs(host, ".tribalfusion.com")
703	|| dnsDomainIs(host, ".rightserve.net")
704	|| dnsDomainIs(host, ".admaximize.com")
705	|| dnsDomainIs(host, ".valueclick.com")
706	|| dnsDomainIs(host, ".adlibris.se")
707	|| dnsDomainIs(host, ".vibrantmedia.com")
708	|| dnsDomainIs(host, ".coremetrics.com")
709	|| dnsDomainIs(host, ".vx2.cc")
710	|| dnsDomainIs(host, ".webpower.com")
711	|| dnsDomainIs(host, ".everyone.net")
712	|| dnsDomainIs(host, ".zedo.com")
713	|| dnsDomainIs(host, ".bigbangmedia.com")
714	|| dnsDomainIs(host, ".ad-annex.com")
715	|| dnsDomainIs(host, ".iwdirect.com")
716	|| dnsDomainIs(host, ".adlink.de")
717	|| dnsDomainIs(host, ".bidclix.net")
718	|| dnsDomainIs(host, ".webclients.net")
719	|| dnsDomainIs(host, ".linkcounter.com")
720	|| dnsDomainIs(host, ".sitetracker.com")
721	|| dnsDomainIs(host, ".adtrix.com")
722	|| dnsDomainIs(host, ".netshelter.net")
723	|| dnsDomainIs(host, ".rn11.com")
724	// http://vpdc.ru4.com/content/images/66/011.gif
725	|| dnsDomainIs(host, ".ru4.com")
726	// no '.' for rightmedia.net
727	|| dnsDomainIs(host, "rightmedia.net")
728	|| dnsDomainIs(host, ".casalemedia.com")
729	|| dnsDomainIs(host, ".casalemedia.com")
730
731	// C-J
732	|| dnsDomainIs(host, ".commission-junction.com")
733	|| dnsDomainIs(host, ".qkimg.net")
734	// emjcd.com ... many others
735
736	// */adv/*
737	|| dnsDomainIs(host, ".bluestreak.com")
738
739	// Virtumundo -- as annoying as they get
740	|| dnsDomainIs(host, ".virtumundo.com")
741	|| dnsDomainIs(host, ".treeloot.com")
742	|| dnsDomainIs(host, ".memberprize.com")
743
744	// internetfuel and _some_ of the sites they redirect to
745	// (more internetfuel - from Sam G)
746	|| dnsDomainIs(host, ".internetfuel.net")
747	|| dnsDomainIs(host, ".internetfuel.com")
748	|| dnsDomainIs(host, ".peoplecaster.com")
749	|| dnsDomainIs(host, ".cupidsdatabase.com")
750	|| dnsDomainIs(host, ".automotive-times.com")
751	|| dnsDomainIs(host, ".healthy-lifetimes.com")
752	|| dnsDomainIs(host, ".us-world-business.com")
753	|| dnsDomainIs(host, ".internet-2-web.com")
754	|| dnsDomainIs(host, ".my-job-careers.com")
755	|| dnsDomainIs(host, ".freeonline.com")
756	|| dnsDomainIs(host, ".exitfuel.com")
757	|| dnsDomainIs(host, ".netbroadcaster.com")
758	|| dnsDomainIs(host, ".spaceports.com")
759	|| dnsDomainIs(host, ".mircx.com")
760	|| dnsDomainIs(host, ".exitchat.com")
761	|| dnsDomainIs(host, ".atdmt.com")
762	|| dnsDomainIs(host, ".partner2profit.com")
763	|| dnsDomainIs(host, ".centrport.net")
764	|| dnsDomainIs(host, ".centrport.com")
765	|| dnsDomainIs(host, ".rampidads.com")
766
767	//////
768	//
769	// banner servers
770	// (typically these set cookies or serve animated ads)
771	//
772
773	|| dnsDomainIs(host, "commonwealth.riddler.com")
774	|| dnsDomainIs(host, "banner.freeservers.com")
775	|| dnsDomainIs(host, "usads.futurenet.com")
776	|| dnsDomainIs(host, "banners.egroups.com")
777	|| dnsDomainIs(host, "ngadclient.hearme.com")
778	|| dnsDomainIs(host, "affiliates.allposters.com")
779	|| dnsDomainIs(host, "adincl.go2net.com")
780	|| dnsDomainIs(host, "webads.bizservers.com")
781	|| dnsDomainIs(host, ".addserv.com")
782	|| dnsDomainIs(host, ".falkag.net")
783	|| (host == "promote.pair.com")
784
785	// marketwatch.com (flash ads), but CSS get loaded
786	|| (dnsDomainIs(host, ".mktw.net")
787	    && !shExpMatch(url, "*/css/*"))
788	|| dnsDomainIs(host, ".cjt1.net")
789	|| dnsDomainIs(host, ".bns1.net")
790
791	// "undergroundonline"
792	// comes from iframe with this url: http://mediamgr.ugo.com/html.ng/size=728x90&affiliate=megagames&channel=games&subchannel=pc&Network=affiliates&rating=g
793	|| dnsDomainIs(host, "image.ugo.com")
794	|| dnsDomainIs(host, "mediamgr.ugo.com")
795
796	// web ads and "cheap Long Distance"
797	|| dnsDomainIs(host, "zonecms.com")
798	|| dnsDomainIs(host, "zoneld.com")
799
800	// AOL
801	|| dnsDomainIs(host, ".atwola.com")
802	|| dnsDomainIs(host, "toolbar.aol.com")
803
804	// animated ads shown at techbargains
805	|| (dnsDomainIs(host, ".overstock.com")
806	    && shExpMatch(url, "*/linkshare/*"))
807	|| (dnsDomainIs(host, ".supermediastore.com")
808	    && shExpMatch(url, "*/lib/supermediastore/*"))
809	|| (dnsDomainIs(host, ".shop4tech.com")
810	    && shExpMatch(url, "*/assets/*"))
811	|| (dnsDomainIs(host, ".softwareandstuff.com")
812	    && shExpMatch(url, "*/media/*"))
813	|| (dnsDomainIs(host, ".buy.com")
814	    && shExpMatch(url, "*/affiliate/*"))
815
816	|| (dnsDomainIs(host, "pdaphonehome.com")
817	    && (shExpMatch(url, "*/pocketpcmagbest.gif")
818		|| shExpMatch(url, "*/link-msmobiles.gif")))
819	|| (dnsDomainIs(host, "ppc4you.com")
820	    && shExpMatch(url, "*/ppc_top_sites.gif"))
821
822	// more animated ads... these really drive me crazy
823	|| (dnsDomainIs(host, ".freewarepalm.com")
824	    && shExpMatch(url, "*/sponsors/*"))
825
826	//////
827	//
828	// popups/unders
829	//
830
831	|| dnsDomainIs(host, "remotead.cnet.com")
832	|| dnsDomainIs(host, ".1st-dating.com")
833	|| dnsDomainIs(host, ".mousebucks.com")
834	|| dnsDomainIs(host, ".yourfreedvds.com")
835	|| dnsDomainIs(host, ".popupsavings.com")
836	|| dnsDomainIs(host, ".popupmoney.com")
837	|| dnsDomainIs(host, ".popuptraffic.com")
838	|| dnsDomainIs(host, ".popupnation.com")
839	|| dnsDomainIs(host, ".infostart.com")
840	|| dnsDomainIs(host, ".popupad.net")
841	|| dnsDomainIs(host, ".usapromotravel.com")
842	|| dnsDomainIs(host, ".goclick.com")
843	|| dnsDomainIs(host, ".trafficwave.net")
844	|| dnsDomainIs(host, ".popupad.net")
845	|| dnsDomainIs(host, ".paypopup.com")
846
847	// Popups from ezboard
848	|| dnsDomainIs(host, ".greenreaper.com")
849	|| dnsDomainIs(host, ".spewey.com")
850	|| dnsDomainIs(host, ".englishharbour.com")
851	|| dnsDomainIs(host, ".casino-trade.com")
852	|| dnsDomainIs(host, "got2goshop.com")
853	// more ezboard crud (from Miika Asunta)
854	|| dnsDomainIs(host, ".addynamix.com")
855	|| dnsDomainIs(host, ".trafficmp.com")
856	|| dnsDomainIs(host, ".makingmoneyfromhome.net")
857	|| dnsDomainIs(host, ".leadcart.com")
858
859	// http://www.power-mark.com/js/popunder.js
860	|| dnsDomainIs(host, ".power-mark.com")
861
862	//////
863	//
864	// User tracking (worse than ads) && hit counting "services"
865	//
866
867	// "web trends live"
868	|| dnsDomainIs(host, ".webtrendslive.com")
869	|| dnsDomainIs(host, ".wtlive.com")
870
871	// 1x1 tracking images
872	// ** (but also used in some pay-for-clicks that I want to follow,
873	// **  so disabled for now.  9/2001)
874	// || dnsDomainIs(host, "service.bfast.com")
875
876	// one whole class C full of ad servers
877	// XXX this might need the resolver
878//	|| isInNet(host, "66.40.16.0", "255.255.255.0")
879	|| shExpMatch(host, "66.40.16.*")
880
881	|| dnsDomainIs(host, ".web-stat.com")
882	|| dnsDomainIs(host, ".superstats.com")
883	|| dnsDomainIs(host, ".allhits.ru")
884	|| dnsDomainIs(host, ".list.ru")
885	|| dnsDomainIs(host, ".counted.com")
886	|| dnsDomainIs(host, ".rankyou.com")
887	|| dnsDomainIs(host, ".clickcash.com")
888	|| dnsDomainIs(host, ".clickbank.com")
889	|| dnsDomainIs(host, ".paycounter.com")
890	|| dnsDomainIs(host, ".cashcount.com")
891	|| dnsDomainIs(host, ".clickedyclick.com")
892	|| dnsDomainIs(host, ".clickxchange.com")
893	|| dnsDomainIs(host, ".sitestats.com")
894	|| dnsDomainIs(host, ".site-stats.com")
895	|| dnsDomainIs(host, ".hitbox.com")
896	|| dnsDomainIs(host, ".exitdirect.com")
897	|| dnsDomainIs(host, ".realtracker.com")
898	|| dnsDomainIs(host, ".etracking.com")
899	|| dnsDomainIs(host, ".livestat.com")
900	|| dnsDomainIs(host, ".spylog.com")
901	|| dnsDomainIs(host, ".freestats.com")
902	|| dnsDomainIs(host, ".addfreestats.com")
903	|| dnsDomainIs(host, ".topclicks.net")
904	|| dnsDomainIs(host, ".mystat.pl")
905	|| dnsDomainIs(host, ".hitz4you.de")
906	|| dnsDomainIs(host, ".hitslink.com")
907	|| dnsDomainIs(host, ".thecounter.com")
908	|| dnsDomainIs(host, ".roiservice.com")
909	|| dnsDomainIs(host, ".overture.com")
910	|| dnsDomainIs(host, ".xiti.com")
911	|| dnsDomainIs(host, ".cj.com")
912	|| dnsDomainIs(host, ".anrdoezrs.net")
913	|| dnsDomainIs(host, ".hey.it")
914	|| dnsDomainIs(host, ".ppctracking.net")
915	|| dnsDomainIs(host, ".darkcounter.com")
916	|| dnsDomainIs(host, ".2o7.com")
917	|| dnsDomainIs(host, ".2o7.net")
918	|| dnsDomainIs(host, ".gostats.com")
919	|| dnsDomainIs(host, ".everstats.com")
920	|| dnsDomainIs(host, ".onestat.com")
921	|| dnsDomainIs(host, ".statcounter.com")
922	|| dnsDomainIs(host, ".trafic.ro")
923	|| dnsDomainIs(host, ".exitexchange.com")
924
925	// clickability, via CNN
926	|| dnsDomainIs(host, ".clickability.com")
927	|| dnsDomainIs(host, ".savethis.com")
928
929	//////
930	//
931	// Dead domain parking
932	//
933	|| dnsDomainIs(host, ".netster.com")
934
935	//////
936	//
937	// Search engine "optimizers"
938	//
939	|| dnsDomainIs(host, ".searchmarketing.com")
940
941	//////
942	//
943	// Spyware/worms
944	//
945
946	|| dnsDomainIs(host, ".friendgreetings.com")
947	|| dnsDomainIs(host, ".permissionedmedia.com")
948	|| dnsDomainIs(host, ".searchbarcash.com")
949
950	//////
951	//
952	// "Surveys"
953	//
954
955	|| dnsDomainIs(host, ".zoomerang.com")
956
957	//////
958	//
959	// "Casino" ads (scams)
960	//
961
962	|| dnsDomainIs(host, ".aceshigh.com")
963	|| dnsDomainIs(host, ".idealcasino.net")
964	|| dnsDomainIs(host, ".casinobar.net")
965	|| dnsDomainIs(host, ".casinoionair.com")
966
967	|| (dnsDomainIs(host, ".go2net.com")
968	    && shExpMatch(url, "*adclick*")
969	)
970
971	//////
972	//
973	// Spammers
974	//
975
976	|| dnsDomainIs(host, ".licensed-collectibles.com")
977	|| dnsDomainIs(host, ".webdesignprofessional.com")
978
979	//////
980	//
981	// Directed at extra annoying places
982	//
983
984	// Attempts to download ad-supported spyware without asking first
985	|| dnsDomainIs(host, ".gator.com")
986
987	// ebay
988	|| ((dnsDomainIs(host, "pics.ebay.com")
989	     || dnsDomainIs(host, "pics.ebaystatic.com"))
990	    && shExpMatch(url, "*/pics/mops/*/*[0-9]x[0-9]*")
991	)
992	|| (dnsDomainIs(host, "ebayobjects.com")
993	    && shExpMatch(url, "*search/keywords*")
994	)
995	|| dnsDomainIs(host, "admarketplace.com")
996	|| dnsDomainIs(host, "admarketplace.net")
997
998	// Bravenet & Ezboard
999	|| (dnsDomainIs(host, ".ezboard.com")
1000	    && shExpMatch(url, "*/bravenet/*")
1001	)
1002	|| (dnsDomainIs(host, ".bravenet.com")
1003	    && (   shExpMatch(host, "*counter*")
1004		|| shExpMatch(url, "*/jsbanner*")
1005	        || shExpMatch(url, "*/bravenet/*")
1006	    )
1007	)
1008
1009	// GeoCities
1010	// (checking "toto" from Prakash Persaud)
1011	|| ((   dnsDomainIs(host,"geo.yahoo.com")
1012	     || dnsDomainIs(host,".geocities.com"))
1013	    && (
1014		   shExpMatch(url,"*/toto?s*")
1015		|| shExpMatch(url, "*geocities.com/js_source*")
1016		|| dnsDomainIs(host, "visit.geocities.com")
1017	    )
1018	)
1019
1020	// Yahoo ads (direct and via Akamai)
1021	// http://us.a1.yimg.com/us.yimg.com/a/...
1022	|| (dnsDomainIs(host,"yimg.com")
1023	    && (   shExpMatch(url,"*yimg.com/a/*")
1024		|| shExpMatch(url,"*yimg.com/*/adv/*")
1025	    )
1026	)
1027	// "eyewonder" ads at Yahoo
1028	|| dnsDomainIs(host,"qz3.net")
1029	|| dnsDomainIs(host,".eyewonder.com")
1030
1031	// background ad images
1032	|| dnsDomainIs(host,"buzzcity.com")
1033
1034	// FortuneCity - ads and tracking
1035	|| (dnsDomainIs(host,".fortunecity.com")
1036	    && (    shExpMatch(url,"*/js/adscript*")
1037		 || shExpMatch(url,"*/js/fctrack*")
1038	    )
1039	)
1040
1041	// zdnet
1042	// tracking webbugs:
1043	// http://gserv.zdnet.com/clear/ns.gif?a000009999999999999+2093
1044	|| (dnsDomainIs(host, ".zdnet.com")
1045	    && (   dnsDomainIs(host, "ads3.zdnet.com")
1046		|| host == "gserv.zdnet.com"
1047		|| shExpMatch(url, "*/texis/cs/ad.html")
1048		|| shExpMatch(url, "*/adverts")
1049	     )
1050	)
1051
1052	// cnet
1053	// web bugs and ad redirections
1054	// taken care of by hostname rules:
1055	//	http://adimg.com.com/...
1056	//	http://adlog.com.com/...
1057	// http://dw.com.com/clear/c.gif
1058	// http://dw.com.com/redir?astid=2&destUrl=http%3A%2F%2Fwww.buy ...
1059	// http://mads.com.com/mac-ad?...
1060	|| (host == "dw.com.com" || host == "mads.com.com")
1061	|| (dnsDomainIs(host, ".com.com")
1062	    && (   host == "dw.com.com"
1063		|| host == "mads.com.com"
1064	     )
1065	)
1066
1067	// nytimes
1068	|| (dnsDomainIs(host, ".nytimes.com")
1069	    && shExpMatch(url,"*/adx/*")
1070	)
1071
1072	// pop-after
1073	|| dnsDomainIs(host, ".unicast.net")
1074
1075
1076	// Be Free affiliate ads
1077	|| dnsDomainIs(host, ".reporting.net")
1078	|| dnsDomainIs(host, ".affliate.net")
1079	|| (dnsDomainIs(host, ".akamai.net")
1080	    && shExpMatch(url, "*.affiliate.net/*")
1081	)
1082
1083	// Infospace.com popunder
1084	// for "webmarket.com" & "shopping.dogpile.com" -- just say no!
1085	|| (dnsDomainIs(host, ".infospace.com")
1086	    && shExpMatch(url, "*/goshopping/*")
1087	)
1088	|| dnsDomainIs(host, ".webmarket.com")
1089	|| dnsDomainIs(host, "shopping.dogpile.com")
1090
1091	// goto.com popunder for information.gopher.com
1092	|| dnsDomainIs(host, "information.gopher.com")
1093
1094	// About.com popunder and floating ad bar
1095	|| (dnsDomainIs(host, ".about.com")
1096	    && (0
1097	    || shExpMatch(url, "*/sprinks/*")
1098	    || shExpMatch(url, "*about.com/0/js/*")
1099	    || shExpMatch(url, "*about.com/f/p/*")
1100	    )
1101	)
1102
1103	// Dell
1104	|| (dnsDomainIs(host, ".dell.com")
1105	    && shExpMatch(url, "*/images/affiliates/*")
1106	)
1107
1108	// IFilm iframes
1109	|| (dnsDomainIs(host, ".ifilm.com")
1110	    && (shExpMatch(url, "*/partners/*")
1111	        || shExpMatch(url, "*/redirect*")
1112	    )
1113	)
1114
1115	// tomshardware
1116	// they are most annoying:
1117	// - cookies on their background images to track you
1118	// - looping shockwave ads
1119	// this kills most of the crud
1120//	     || isInNet(host, "216.92.21.0", "255.255.255.0")
1121	|| ((dnsDomainIs(host, ".tomshardware.com")
1122	     || shExpMatch(host, "216.92.21.*"))
1123	    && (   shExpMatch(url, "*/cgi-bin/banner*")
1124	        || shExpMatch(url, "*/cgi-bin/bd.m*")
1125	        || shExpMatch(url, "*/images/banner/*")
1126	    )
1127	)
1128
1129	|| shExpMatch(url, "*mapsonus.com/ad.images*")
1130
1131	// Slashdot: added these when I saw hidden 1x1 images with cookies
1132	|| dnsDomainIs(host, "adfu.blockstackers.com")
1133	|| (dnsDomainIs(host, "slashdot.org")
1134	    && (
1135	           shExpMatch(url, "*/slashdot/pc.gif*")
1136		|| shExpMatch(url, "*/pagecount.gif*")
1137		|| shExpMatch(url, "*/adlog.pl*")
1138	    )
1139        )
1140	|| dnsDomainIs(host, "googlesyndication.com")
1141	|| dnsDomainIs(host, "google-analytics.com")
1142
1143	// it-aint-cool.com
1144	|| (dnsDomainIs(host, "aintitcool.com")
1145	    && (
1146	           shExpMatch(url, "*/newline/*")
1147		|| shExpMatch(url, "*/drillteammedia/*")
1148		|| shExpMatch(url, "*/foxsearchlight/*")
1149		|| shExpMatch(url, "*/media/aol*")
1150		|| shExpMatch(url, "*swf")
1151	    )
1152	)
1153
1154	// Staples & CrossMediaServices
1155	|| (dnsDomainIs(host, ".staples.com")
1156	    && shExpMatch(url, "*/pixeltracker/*")
1157	)
1158	|| dnsDomainIs(host, "pt.crossmediaservices.com")
1159
1160	// OfficeMax affiliate art (affArt->affart because of toLowerCase)
1161	|| (dnsDomainIs(host, ".officemax.com")
1162	    && shExpMatch(url, "*/affart/*")
1163	)
1164
1165	// complicated JavaScript for directed ads!
1166// 1/5/2004: allow /js/ as they now use it for graphs
1167//	|| (dnsDomainIs(host, ".anandtech.com")
1168//	    && (shExpMatch(url,"*/js/*")
1169//	        || shExpMatch(url,"*/bnr_*")
1170//	    )
1171//	)
1172
1173	// hardocp
1174	// http://65.119.30.151/UploadFilesForNewegg/onlineads/newegg728hardocp.swf
1175	|| (host == "hera.hardocp.com")
1176	|| shExpMatch(url,"*/onlineads/*")
1177
1178	// complicated JavaScript for gliding ads!
1179	|| (dnsDomainIs(host, ".fatwallet.com")
1180	    && shExpMatch(url,"*/js/*")
1181	)
1182
1183	// cnet ads
1184	|| dnsDomainIs(host, "promo.search.com")
1185
1186	// IMDB celeb photos
1187	// (Photos/CMSIcons->photos/cmsicons because of toLowerCase)
1188	|| (dnsDomainIs(host, "imdb.com")
1189	    && (   shExpMatch(url, "*/photos/cmsicons/*")
1190	        || shExpMatch(url, "*/icons/*/celeb/*")
1191	        || shExpMatch(url, "*.swf")
1192	    )
1193	)
1194	// incredibly annoying IMDB shock/flash ads
1195	|| dnsDomainIs(host, "kliptracker.com")
1196	|| dnsDomainIs(host, "klipmart.com")
1197
1198	|| host == "spinbox.techtracker.com"
1199
1200	// Amazon affiliate 'search'. retrieves a JS that writes new HTML
1201	// that references one or more images "related to your search".
1202	// (If there is a real use for rcm.amazon.com, let me know)
1203	// http://rcm.amazon.com/e/cm?t=starlingtechnolo&l=st1&search=cynicism&mode=books&p=11&o=1&bg1=CEE7FF&fc1=000000&lc1=083194&lt1=_blank
1204	|| host == "rcm.amazon.com"
1205
1206	//////
1207	//
1208	// "Other Scum And Villainry"
1209	//
1210
1211	// Popup from "reserved" domains at register.com
1212	// (I considered blocking all of register.com)
1213	|| (dnsDomainIs(host, ".register.com")
1214	    && (shExpMatch(url,"*.js")
1215		|| shExpMatch(host, "searchtheweb*")
1216		|| shExpMatch(host, "futuresite*")
1217	    )
1218	)
1219
1220	|| dnsDomainIs(host, ".oingo.com")
1221	|| dnsDomainIs(host, ".namingsolutions.com")
1222
1223	// "Data collection"
1224	|| dnsDomainIs(host, ".coremetrics.com")
1225
1226	// Sets your home page
1227	|| dnsDomainIs(host, ".firehunt.com")
1228
1229	// tracking
1230	|| dnsDomainIs(host, ".appliedsemantics.com")
1231
1232	// Scum who buy ad space from the above
1233	// || dnsDomainIs(host, ".hartfordrents.com")
1234	// || dnsDomainIs(host, ".chicagocomputerrentals.com")
1235	// || dnsDomainIs(host, ".ccrsolutions.com")
1236	// || dnsDomainIs(host, ".rushcomputer.com")
1237	// || dnsDomainIs(host, ".localesimates.com")
1238	// || dnsDomainIs(host, ".unitedvision.com")
1239	// XXX this might need the resolver
1240//	|| isInNet(host, "216.216.246.31", "255.255.255.255")
1241	|| (host == "216.216.246.31")
1242
1243	// avsforum ads
1244//	|| isInNet(host, "216.66.21.35", "255.255.255.255")
1245	|| (host == "216.66.21.35")
1246	|| dnsDomainIs(host, ".avsads.com")
1247
1248	// bogus "search" sites at non-existent sites
1249	|| dnsDomainIs(host, ".search411.com")
1250
1251	// palmgear.com
1252	|| (dnsDomainIs(host, ".palmgear.com")
1253	    && (   shExpMatch(url, "*/adsales/*")
1254		|| shExpMatch(url, "*/emailblast*")
1255	    )
1256	)
1257
1258	//////
1259	//
1260	// Contributed adult sites
1261	//
1262
1263	|| dnsDomainIs(host, ".porntrack.com")
1264	|| dnsDomainIs(host, ".sexe-portail.com")
1265	|| dnsDomainIs(host, ".sextracker.com")
1266	|| dnsDomainIs(host, ".sexspy.com")
1267	|| dnsDomainIs(host, ".offshoreclicks.com")
1268	|| dnsDomainIs(host, ".exxxit.com")
1269	|| dnsDomainIs(host, "private-dailer.biz")
1270	|| shExpMatch(url, "*retestrak.nl/misc/reet.gif")
1271	|| shExpMatch(url, "*dontstayin.com/*.swf")
1272
1273	// debug
1274	// || (alertmatch("NOT:" + url) && 0)
1275
1276	) {
1277
1278	// alert("blackholing: " + url);
1279
1280	// deny this request
1281	return blackhole;
1282
1283    } else {
1284	// debug
1285	// alert("allowing: " + url);
1286
1287	// all other requests go direct and avoid any overhead
1288	return normal;
1289    }
1290}
1291
1292///////////////////////////////////////////////////////////////////////////////
1293//
1294// This line is just for testing; you can ignore it.  But, if you are having
1295// problems where you think this PAC file isn't being loaded, then change this
1296// to read "if (1)" and the alert box should appear when the browser loads this
1297// file.
1298//
1299// This works for IE4, IE5, IE5.5, IE6 and Netscape 2.x, 3.x, and 4.x.
1300// (For IE6, tested on Win2K)
1301// This does not work for Mozilla before 1.4 (and not for Netscape 6.x).
1302// In Mozilla 1.4+ and Fireox, this will write to the JavaScript console.
1303//
1304if (0) {
1305	alert("no-ads.pac: LOADED:\n" +
1306		"	version:	"+noadsver+"\n" +
1307		"	normal:		"+normal+"\n" +
1308		"	blackhole:	"+blackhole+"\n" +
1309		"	localproxy:	"+localproxy+"\n" +
1310		"	bypass:		"+bypass+"\n"
1311		// MSG
1312	);
1313}
1314
1315// The above should show you that this JavaScript is executed in an
1316// unprotected global context.  NEVER point at someone elses autoconfig file;
1317// always load from your own copy!
1318
1319// an alert that returns true
1320function alertmatch(str)
1321{
1322	// alert("match: "+str);
1323	return 1;
1324}
1325
1326///////////////////////////////////////////////////////////////////////////////
1327//
1328// Replacement function for dnsDomainIs().  This is to replace the
1329// prefix problem, which a leading '.' used to be used for.
1330//
1331//	dnsDomainIs("bar.com", "bar.com") => true
1332//	dnsDomainIs("www.bar.com", "bar.com") => true
1333//	dnsDomainIs("www.foobar.com", "bar.com") => true	<<< incorrect
1334//
1335//	isInDomain("bar.com", "bar.com") => true
1336//	isInDomain("www.bar.com", "bar.com") => true
1337//	isInDomain("www.foobar.com", "bar.com") => false	<<< correct
1338//
1339function isInDomain(host, domain) {
1340    if (host.length > domain.length) {
1341	return (host.substring(host.length - domain.length - 1) == "."+domain);
1342    }
1343    return (host == domain);
1344}
1345
1346///////////////////////////////////////////////////////////////////////////////
1347//
1348// Tired of reading boring comments?  Try reading today's comics:
1349//	http://www.schooner.com/~loverso/comics/
1350//
1351// or getting a quote from my collection:
1352//	http://www.schooner.com/~loverso/quote/
1353//
1354
1355// eof
1356	//intelliserv.net
1357	//intellisrv.net
1358	//rambler.ru
1359	//rightmedia.net
1360	//calloffate.com
1361	//fairmeasures.com
1362
1363