The Proxomitron An Introduction Scott R. Lemmon and John Sankey 2002 An Introduction   Why would I want The Proxomitron?   System Requirements   Installation and Removal   The Main Screen   Web Page Filters - A hitchhikers guide   HTTP Header Filters   Distribution and Copyright Technical Details The Filter Language Filter Examples

The Proxomitron Keeping an eye on the Web. For You.

[A historical note: at Scott's request, I translated his original Microsoft Help files into HTML for the then-current version. Since it is the version I still use, I have not updated the following with the new features added afterward. Scott died on 1 May 2004, taking the source code with him.]

Why would I want The Proxomitron?

Do you ever wish you could stop blinking popups and banners that take forever to load, don't print properly, and cover up what you want to read? Does your back button or mouse seem like they don't work on some sites? Do you need to use large fonts or stop red characters on green backgrounds? In fact, is there ANYTHING that you don't like about how your browser works?

Then The Proxomitron is for you!   Download it here.

[Some released versions of The Proxomitron have been modified with undesireable patches. This is an original version I received personally from him, which he ensured was free of all viri and spyware. It has stood up to every check I have used on my systems since.]

The Proxomitron is not a firewall. The only software in your computer that will use it is software that you have told to use it. It's name comes from how it works - it uses a feature of the web known as a "HTTP Proxy". This allows a program (local or remote) to sit between your web browser and the Internet at large, to monitor everything and change it if you want to. All proper web browsers support a proxy interface, because it's part of the original specifications for the web. However, some 'free' service providers require that you use their proprietary browser. Some of these browsers are designed to be incompatible with any proxy or firewall.

System Requirements

Windows 95,98,Me,NT,2000 or XP, on any system that can run them. Scott developed it on Windows 95; John has fully tested the version above on NT4 SP3-6a and Me.

Installation and Removal

Create a new folder, place ProxN4.zip in it, and unzip it there. Put its icon (create shortcut) anywhere you want it. (The 'startup' folder is a handy place.)

To un-install it, just delete the folder and the icons you created. No further trace of it will be left anywhere else on your system. Also note that, at any time, you can click the taskbar icon with either a left or right mouse click and click bypass. The taskbar icon will grey, and The Proxomitron is totally bypassed until you wish to re-enable it. The Proxomitron is freedomware, not hassleware.

Upgrading from previous versions: simply copy the new files over top of the old (be sure to include the subdirectories). However first be sure that any config files you changed also exist with new names such as Myconfig.cfg, otherwise they'll be overwritten by the newer versions. (You should always do this with any program, of course.) To keep your changes copy your special config file to default.cfg after the upgrade.

Setting your web browser to use The Proxomitron

After installation you must configure your web browser to use the program. This involves setting the browser's proxy option. Although it varies from browser to browser, all browsers have this option somewhere. Note that in Windows high speed (Ethernet card) connections reach your browser through the local area network route, even if they first came through dialup, so you have to set both routes as below to use The Proxomitron with DSL or cable connection.

• Netscape: Go to the "Edit" menu. Select "Preferences / advanced / proxies". Click "Manual proxy configuration" then "View". Next under HTTP enter "localhost" and for port enter "8080". Leave the other proxy entries (FTP, Gopher, etc.) alone.
• Internet Explorer 3.x & 4.x: Select "View", "Internet Options", then click the "connections" tab. Click "Use proxy server" and click "advanced" or "settings" (for 4.0 and 3.0 respectively). Under HTTP enter "localhost" and for port "8080". Leave the other proxy entries (FTP, Gopher, etc.) alone. You can also set the proxy from the Control panel's Internet options.
• Internet Explorer 5.x: Select "Tools", "Internet Options", then "Connections", then the dial-up connection you use (or LAN if appropriate) click "Settings" then check "Use Proxy Server". Click "Advanced" and under the HTTP entry only, enter "localhost" for host and "8080" for port. Be sure you don't have autoconfig enabled - it will undo these changes!
• Opera 3.x: Go to the "Preferences" menu, and select "Proxy Servers". Check "http", then enter "localhost", and for port enter "8080". Leave the other proxy entries alone.
• Opera 4.x, 5.x: Go to "File", "Preferences", "Connections", "Proxy Servers" button. Check "http", enter "localhost", and for the port enter "8080". Leave the other proxy entries alone.
• Other browsers: The process should be similar to one of the above. First locate where to set the HTTP proxy entry. Once you find it, set it to "localhost" with the port of "8080".

After the browser is configured, run The Proxomitron. An eye in a green triangle appears in the system tray right next to your clock so you can always find it when you are browsing. Now any connections your browser makes must go through, and be filtered by, The Proxomitron. When you want to change anything it does, click the triangle and the Main Screen pops up. If you hit the bypass button of The Proxomitron, the system tray icon goes gray.

After configuring your browser for use with The Proxomitron, it won't be able to find web pages unless The Proxomitron is running also! To bypass The Proxomitron entirely and return your browser to normal operation, set your browser to not use a proxy server (or "direct connection to the Internet" as Netscape puts it). Both Netscape and Internet Explorer allow you to switch between these two settings with a simple checkbox in their proxy configuration screens. And, if you are already connecting through another proxy, you must set The Proxomitron to use the proxy settings that your browser currently uses before you tell your browser to use The Proxomitron.

The Main Screen

File: manage configuration files. When The Proxomitron first loads, it grabs a file named "default.cfg" in its own directory. You can load or save modified config files under different names to quickly switch between various setups. Use the file menu (or right click over the main window) to bring up options to load and save the config files. The configuration files are simple text files and can be edited by any text editor (like Notepad). Filters from one config file can be merged into the current config file by selecting "Merge config files" from the main screen's "File" menu, or, of course, by using Notepad to merge them.

If you run The Proxomitron at startup/login and let your computer automatically stop it at shutdown/logout, any changes you make to the last-active configuration file will not be saved. You must save your changes using this menu if you want them to apply to your next session.

Help: open the help file system (similar to this set of pages)

Active filters: The Proxomitron has several categories of filters

• Web Page Filters affect the HTML of loading web pages.
• Outgoing Header Filters affect request HTTP header messages sent from your browser to the Internet.
• Incoming Header Filters affect reply HTTP header messages sent from the Internet to your browser.
• The Freeze GIF animation filter loads only the first image of an animated .GIF
• Check Use Remote Proxy only if you use one.

Each complete set of filters can be quickly enabled or disabled by clicking the corresponding Active Filters check box.

Edit filters: This is where you enable or disable each filter individually. When you get advanced, this is also where you edit filters and create new ones.

Config: Many useful things here, mostly covered in Technical Details:

• Visuals: changes the colour scheme of The Proxomitron.
• Startup: This lets you run a program whenever The Proxomitron starts up, such as your browser; lets you decide whether or not The Proxomitron appears in the system tray; and lets you bypass The Proxomitron for any URL you specify. (To bypass more than one URL, use a list.)
• Access: allows other computers networked to yours to use your version of The Proxomitron, and optionally disables URL-based commands as required with some networks/firewalls.
• Blockfile: allows you to create/modify The Proxomitron's lists.
• HTTP: lets you change the port which The Proxomitron uses so you can use The Proxomitron along with another local proxy and, if you are adventurous, filter secure pages.

Bypass: this button toggles all filters on or off. By pressing Bypass then forcing your browser to reload a web page, you can see the page in its original unfiltered form. When the filters are bypassed, The Proxomitron's icon in the system tray turns gray. Note: to force a browser reload:
Netscape: Hold down SHIFT while you click reload, or press SHIFT+CTRL+R
Internet Explorer 4.x and above: press CTRL+F5
Opera: press CTRL+F5

Abort: stops all current action and resets The Proxomitron. It works like the stop button on your browser but stops The Proxomitron as well as your browser. Normally you only need use this button if an overly inventive JavaScript has been launched that refuses to die, or you have written an infinite loop into a filter - the browser stop button gets sensible things.

Log Window: This is used when you want to study exactly what each site is doing to you. It's great when you are advanced enough to modify or design your own Proxomitron filters.

Web Page Filters - A hitchhikers guide

Here is what the web filters provided with The Proxomitron do. Remember that you can customise any of them for specific ads, URL's etc. if you learn The Proxomitron's filter language.

• Banner Blasters. These wipe out any image that looks like an advertisement. They start by checking the AdList, which by default is also the list used by the URL Killer (but you can make the lists different if you wish). Then they check for words in the URL like banner, ad, click, sponsor, adver, promo, redirect... Finally, they wipe out images in two size ranges that are common for ads.
  • Banner Replacer: replace banners with a transparent .GIF image surrounded by a border. It keeps the layout of the page close to the original.
  • Banner Blaster: Same as the banner replacer but replaces ads with a plain text link (using any original ALT text the image may have had). Since ads remain clickable, it keeps a web page's over-all function.
  • Banner Blaster (limit text): Same as the banner blaster, but limits the amount of text to the first four words. Useful if sites you visit often cram in pages of ALT text.
  • Area Map Ad Blaster parts 1 & 2: This is a two part filter designed to eliminate ads that use area maps. Area maps are different from normal banners in that they can contain several links. The first rule acts a bit like the banner blaster converting the first link it finds into text. If used alone, only the first link will be converted. The second part, when used with part 1, will continue to convert all additional links within the area map to text - retaining its full functionality. Usually, the Banner Replacer is the way to go.
• Background Blasters
  • Webpage Background Killer: Removes the main web page background, but leaves other background images (like those inside a table) intact. (Note that this can leave weird coloured text unreadable because web designers often forget to set a default background colour when they use a background image.)
  • Webpage Background Replacer: Changes all web pages to use a background of your own.
  • Kill All Backgrounds: Gets rid of any background image it finds, even those in tables.
• Sound Blasters. If you turn off your loudspeakers, you don't need any of these.
  • Sounds to links: Changes any <embed ... > or <bgsound ... > tags to a links. Stops many background sounds, but still lets you download them.
  • Sound Silencer: More aggressive, eliminates most sounds and MIDI files.
  • Embedded MIDI Silencer: Attempts to make all autoplay and hidden embedded MIDI files both visible and non-autoplay.
• Script Blasters. If you turn off scripts in your browser, you don't need any of these. Remember that scripts and applets are two different things. Applets are much more dangerous - you should turn off Java (applets) and active scripting (and ActiveX if you have IE) in your browser if you are at all security conscious.
  • Disable JavaScript: Removes scripts. Not just JavaScripts - all of them. If you use this filter, you don't need any of the others in this section.
  • Kill JavaScript Banners: JavaScript banners that use dynamic HTML have a unique "signature" that this rule picks up on. This rule will almost never filter anything that's not an actual ad, and although the banner blaster often works with JavaScript ads anyway, having this rule enabled gives a little extra protection.
  • Onload unloader: Onload is one method used to autorun scripts. This filter will disable it.
  • OnUnload unloader: OnUnload runs a script whenever you leave a web page. It can be used to "trap" you in an unclosable chain of pop-ups: for every window you close, a new window opens. When this rule is used with the "Kill All pop-up windows" and "Restore pop-up windows after page loads" rules below, almost all "spam" pop-up windows will be killed while still allowing more appropriate pop-up windows to work.
  • Kill All pop-up windows: Say bye bye to JavaScript pop up windows. Enabling this rule by itself will completely disable the JavaScript "window.open" command. Even better, when used with the rule below, most useful pop-ups will still work.
  • Restore pop-up windows after page loads: When used with the previous rule, this filter will re-enable pop-up windows once a page has finished loading. Useful for getting rid of only those windows that pop-up when you first visit a page, while allowing windows that pop-up when you click a link or press a button to still work. It can be a good alternative to completely disabling pop-up windows entirely as it allows pages that use them properly to still work.
  • Kill add-on JavaScripts: this tries to get rid of any JavaScript tacked on to the end of a web page. These scripts are added by free web space providers to pop-open advertising windows or "brand" a web page with their logo.
  • Suppress all JavaScript errors: Stops all JavaScript error messages. This is a nice rule to use at all times since so many JavaScripts seem to fail of their own accord. Also it's added protection in case another rule stops a JavaScript from working properly. Note: there appears not to be a way to do this on I.E. 3.0.
  • Kill alert/confirm boxes: Stops those JavaScript pop-up message boxes asking you to press OK to continue. Often used for disclaimers of one type or another.
  • Kill Nosey JavaScripts: Kills JavaScripts that usually ask the wrong questions! Contains a list of "naughty" functions and properties that no JavaScript should use in polite company (including referrer, cookies, history, etc). Use it to stop JavaScripts from revealing personal information about you or your computer.
  • Stop status bar scrollers: Disables the JavaScript command to send text to the status bar. Eliminates scrollers and other such beasts.
  • Kill Dynamic HTML JavaScripts: Often Dynamic HTML is used to do nothing more than push fresh ads and other annoyances your direction, this rule stops it. However, Yahoo! used it for WebRing navbars. Maybe other sites use it for something useful too...
  • Stop JavaScript Timers: Stops any timed JavaScript events. This is another way to effectively stop status bar scrollers and periodic ad updating.
  • Disable JavaScript cookies and meta-cookies: Prevents JavaScripts from sending or receiving cookie information. Use with a URL match to allow JavaScript cookies at given sites if you wish.
  • Hide Browser's Referrer from JavaScripts: The "referrer" is by far the most revealing data your browser sends out. By looking at referrer lists, webmasters can tell not only the site you visited last, but if you clicked a link from email or a page on your hard drive, possibly more personal information as well! This is normally revealed in a HTTP header named "Referer" but JavaScript can be used to grab this information too.
  • Hide Browser's Version from JavaScripts: Make JavaScripts think you're using an earlier version of your web browser - can often prevent a JavaScript from attempting more "advanced" ways of annoying you. Good for stopping the loading of images that change when the mouse is over them.
  • Hide Browser's Identity from JavaScripts: Change the name reported by your browser to JavaScripts.
  • Allow right mouse click: For use with sites who use a JavaScript function to screw up your mouse so you can't add links to your favourites list or reload images that didn't load the first time.
  • Kill window.external methods: These JavaScript commands refer to things outside the web page. They can do many nasty things like change your bookmarks and worse. This filter helps to protect you from their tampering.
  • Stop OnMouseOver events: Stops things that happen when your mouse moves over a link. Saves time, and these things tend to be mostly cosmetic anyway. (Note that most browsers display the ALT text of an image on mouseover - this is built into the browser, it's not a JavaScript function.)
  • Link De-Obfuscator: If you hate pages that "hide" the real URL a link is pointing to, this rule will "unhide" those links.
• Miscellaneous Blasters
  • Kill Hyper Banner: Stops a particularly annoying Java applet animated banner
  • Counter Killer: Kills many web page counters - counters slow down the loading of a page because the browser must wait for the counter to update.
  • Kill Off-site images: If an image comes from a different site than the main text, this stops them. (Mostly, they are ads. If they aren't, they are often stolen) However, as distributed this filter also kills on-site images that are surrounded by an external link. Many sites use local images to pretty-up external links, so activate this filter with caution.
  • Kill all images on selected pages: You edit this filter to put in the addresses of the pages that get your goat with huge images.
  • Blink Buster (Blink to Bold): Converts blink tags to bold ones instead. Saves some eyestrain!
  • Freeze font's face: Removes the "face" attribute from the font tag: helps keeps pages from using fonts you may not like or have installed.
  • Anti-Auto-Refresher: Stops pages from "Auto Refreshing". Sometimes used to forward you automatically to a new page, but more often by pages with frames to load a new ad every so often. This rule also creates a link allowing you to refresh manually if needed.
  • Wordwrap all form text boxes: Makes sure all text entry forms have word-wrap enabled. A must for posting to some web message boards.
  • Stop browser window resizing: makes browsing much more predictable.
  • Frame Jumper-Outer: stops you getting stuck in someone else's frames. This rule usually takes care of this problem quite effectively, but it also prevent links from opening in a new window if you prefer this.
  • Kill Style Sheets: For those who aren't dedicated followers of fashion - this will disable style sheets (but not individual style tags).
  • Kill Layers: Stop Netscape layers.
  • iFrame/iLayer to link: Convert Internet Explorer inline frames to normal links so you can access them in other browsers.
  • Frame Exploder: On pages with frames, opens each frame in a new window. Useful if your browser insists on saving only the outside frame rather than the frame with the information in it.
  • Kill top-of-page frame: usually these are just ads
  • Kill bottom-of-page frame: usually these are just legal mumbo jumbo that no one can enforce anyway.
  • Allow for frame resizing: this makes all frames "resizeable" allowing you finally see half-obscured frames or reclaim the screen space wasted by advertising frames.
  • DeFramer: Makes your browser act like it doesn't support frames at all. Will gives you the no-frames version of a page if it exists.
  • Convert Frames to Links: Creates a link for each frame window. Use with the above rule to still navigate pages with frames. Allows a non-frames browser to use a "frames only" site.
  • DeTabler: Removes all tables from a web page. Not something you'll want to use all the time since it can drastically alter a page's layout, but it can come in handy on pages where tables make a lengthy list of items take forever to appear.
  • Table width unlimiter: Removes any large fixed width limits from a table - useful sometimes when viewing pages at less than their intended screen size.
  • Kill meta tags that prevent page caching.
  • Skinnier Table Border: Prevents pages from using really fat table borders. Just a cosmetic touch.
  • Web page comment viewer: lets you see comments that web page creation programs put in their pages. Messes up layout of course.
  • Foreign content viewer: for web pages in several languages, this tells your browser that everything is in the standard ISO characterset so you can see all the versions.

There are a few special filter sets also provided in The Proxomitron distribution. You can select one by choosing "Load config file" from The Proxomitron's main menu.

HTTP Header Filters
or, the mysterious HTTP Headers Revealed...

HTTP Headers are messages sent between your browser and Internet web servers whenever you request a page. These messages contain all sorts of information - some necessary, some merely informational. This includes, among other things, the infamous cookies you may have heard about. Normally these messages are never seen, but using The Proxomitron's Log Window, you can see what your browser has to say.

Headers come in two flavours - Request Headers are outgoing messages from your browser to the web server, while Reply Headers are incoming messages from the web server back to your browser. The log window shows these in different color, green and yellow respectively. Headers can be arranged in any order and the same header may even appear twice (though this is unusual). Headers your browser or the web server doesn't understand are supposed to be ignored. Reply headers can be produced directly by a remote server or by a <meta http-equiv="..."> in the web page.

Using The Proxomitron's header filters, you can add, delete, or change headers based on their content. Here are the common ones that you might want to change. Two notes: You should click enable in both the In and Out boxes for all filters, in order to ensure that they are applied whenever they can be. And, header names are case insensitive.

• Accept-Language: the languages you can read (2-letter codes)
• Cache-Control: basically these all tell your browser to not cache the page. Delete it if you prefer to make your own decisions.
• Content-Length: contains the length of a transmission. This currently is only used on output for POST operations, so its presence can be used to bypass remote anonymous proxies whose output is blocked by many servers for security reasons.
• Content-Type: Web servers use the "Content-Type:" header to tell your browser what it's loading. A web page should be "text/html" while a .jpeg file should be "image/jpeg". However, some servers use "text/plain" for everything, then your browser, thinking it's reading a text file, can corrupt the data by adding extraneous CR/LF pairs where none should be. You may even meet up with a server that totally omits this header, so The Proxomitron doesn't know that it can filter it at all. The Proxomitron comes with several filters to assign the correct content type to a "text/plain" file based on the URL's extension (which is what the web server should have done in the first place), to display some types of files, to turn some into links, and to modify the character set used.
• Cookie: Send the cookie stored on your computer by this URL. Some sites block access to you if you tell your browser to not accept cookies. The Proxomitron filters give you the option of pretending to accept cookies from them but, instead of returning what the remote site wants you to return so they can spy on you, return either a fake cookie (like, "None of your business") or return nothing at all.
• Expires: the date/time after which the remote site wants your browser to reload the page again even if it is in your cache.
• From: sends your email address to the remote site.
• If-Modified-Since: This tells the remote site the last date/time your browser fetched this web page. Basically it says to the web server "only send me the page if it's been changed since this date". Deleting this header will force a web page to reload even if it's already in your browser's cache. (With IE you'll also need to delete the "Last-Modified" header to do this.)
• Last-Modified: This tells your browser the last datetime this page was modified. IE refuses to reload the page with F5 if the date of the file in its cache matches this date - you have to use Ctrl/F5 to force a reload.
• Pragma: This tells your browser that the remote site does not want your browser to cache the page at all.
• Referer: This contains the URL of the web page you previously viewed. Originally intended to allow servers to keep track of where erroneous requests came from, it is in fact almost entirely used as a spy and counter tool. The Proxomitron allows you to just send a page its own URL.
• Set-cookie: The demand by a remote site for your browser to store a cookie. If this header is deleted, no cookies will be seen by your browser.
• Status-code:: 100 continue 200-299 OK, 300-399 moved, 400-499 file error, 500-599 server error.
• URI: The URI of the file to be retrieved. When a match is made to a URI in killfile.txt in The Proxomitron's program directory (once that file has been added to the list of blockfiles), the remote web server won't even be contacted. (Note that you will see the offending filename in the status bar - that only shows what your browser thinks it is getting, not what it actually gets from The Proxomitron.) The default file contains a fairly extensive list, but you can modify the file as you wish. Remember, unlike a hosts.txt file, The Proxomitron allows wildcards: *doubleclick* gets all their variants in one swoop. For image URLs The Proxomitron gives your browser killed.gif (by default a blank, transparent .gif file) to use in place of the original image. For any other type of URL the Proxomitron gives the contents of killed.html to your browser instead. Both killed.gif and killed.html are located in The Proxomitron's program directory under "html" and can be changed to whatever you wish.
• User-Agent: This contains information about your web browser and usually your operating system as well. Some sites use this to decide what to send you; a few, Google in particular, even refuse to even talk to you if you don't use their approved browsers or operating systems! But, this is also the first place a hacker looks to plan how to get into your computer. You can delete this header, or send your own information here if you like (such as AnyBrowser).

Distribution and Copyright

The Proxomitron is Copyright © 1999 by Scott R. Lemmon You can use it as often as you like for as long as you like. The detailed permission for use is distributed with the program.

Technical Details