Proxomitron and Bad Behavior
December 13th, 2005 by Michael Hampton
If you’re one of the few people still using the Proxomitron proxy server, you’ve probably already noticed that you can’t access a large — and growing — number of sites on the Web.
Proxomitron was an HTTP proxy, primarily for Internet Explorer, which filtered out pop-up windows, malicious JavaScript and the like. Its author stopped supporting it two years ago, and one year ago its author died and took the source code with him, thus making future updates to the product impossible.
Unfortunately, Proxomitron contains a bug which causes it to be blocked by Bad Behavior, even when accessing a site placed on the program’s “bypass” whitelist. Under normal circumstances, I would contact the author and advise him of the problem, and a fix would be out shortly thereafter, but this isn’t possible for Proxomitron.
Unfortunately, Bad Behavior cannot detect the use of Proxomitron, and thus there is nothing I can do; Proxomitron users will, if they continue using it, continue being blocked by Bad Behavior, and continue to find themselves locked out of a growing number of sites.
Since the final release of the product two and a half years ago, a product has appeared on the Internet which makes Proxomitron obsolete. That product is called Firefox.
All users of Proxomitron should immediately stop using it — and Internet Explorer, which was the only reason to have Proxomitron in the first place — and install Firefox. Then look through its incredible list of extensions to find just the ones you need, like the JavaScript blocker, Adblock, Session Saver, and many more.
And if you still need an HTTP proxy, consider using Privoxy, which is open source, well-supported, and (when not deliberately misconfigured) passes Bad Behavior just fine.
LWC Says
Can you be more specific about the problem in Proxomitron?
I came to this topic after finding information for why I keep getting a “pragma:no-cache” header (which Bad Behavior doesn’t tolerate) . Eventually you made me realize Proxomitron keeps sending it – even in bypass mode!
Is this the only problem in Proxomitron that Bad Behavior can’t stand?
If so, I guess I can use a filter to block this header, but then I would also block it in sites that actually set it themselves.
Also, about Firefox and Privoxy, do they let me create my own filter and provide me a special programming language to do it – like Proxomitron does?
Thanks!
Dec 14th, 2005 at 2:18 pm
LWC Says
I’ve read about it and seems like this header is passe anyway (which, I guess, is why Bad Behavior can’t stand it) so I’ve just told Proxomitron to always block it and I can access sites that use Bad Behavior.
Who thought this whole mess could be fixed with a simple checkmark (block pragma header)…? It took me 2 seconds.
Is that it? Or is there something else with Proxomitron?
Dec 14th, 2005 at 3:24 pm
sidki Says
*sigh* I wished people would give facts when discriminating other’s work…
Dec 19th, 2005 at 3:01 am
Michael Hampton Says
LWC, I stand corrected with regard to Pragma. Though that doesn’t invalidate the rest of the argument.
And sidki, if you have something to say, just say it. Nothing at the URL you provided indicates what in the hell you’re talking about.
Dec 19th, 2005 at 3:24 am
LWC Says
I don’t understand what he’s talking about as well, but I also don’t understand what do you stand corrected about (although standing corrected is always good
)?
Be it as it may, is there anything else in Proxomitron that angers Bad Behavior? If not, maybe the folks at proxomitron.info could issue an artificial new version that has this filter enabled on default.cfg .
Dec 21st, 2005 at 11:16 am
Mona Says
Regarding:
| “Unfortunately, Proxomitron contains a bug which causes it to be
| blocked by Bad Behavior…”
I assume you “stand corrected” is acknowledging that it was not a “bug” but your user configuration which caused the problem (resolved by setting your filters to not send the ‘Pragma: no cache’ header).
Although Scott (the author of Proxomitron) is no longer with us, there are a number of Proxomitron support communities on several forums, as well as a mailing list. When faced with a problem, try asking for help in one of these support communities instead of giving up — certainly instead of drawing false conclusions, posting misinformation, and condemning the program outright.
Regarding your assertions and recommendation:
| “Since the final release of the product two and a half years ago, a
| product has appeared on the Internet which makes Proxomitron
| obsolete. That product is called Firefox.
|
| All users of Proxomitron should immediately stop using it — and
| Internet Explorer, which was the only reason to have Proxomitron
| in the first place — and install Firefox.”
First, Proxomitron was not written just for Internet Explorer. It’s a Universal Filter and the majority of “power users” use it with Firefox or Opera.
Second, Proxomitron is but a core engine of great capability and potential, doing nothing lacking instructions. It is the user who codes its final operating instructions via the configuration file. Your use of it is limited only by your imagination. What it does and how well it works (or not!) depends entirely on that user configuration file — the various filters and how well they are written.
While Firefox (and other feature-rich browsers such as Opera) have added new features and capabilities rendering a variety of types of Proxomitron filters redundant, this does not mean the Proxomitron program itself is obsolete. Yes, it’s been used to block popups and javascript, but did you know it’s also used by many to sniff out and block exploits before they even have a chance to hit the browser?
The fact is, the Proxomitron’s potential is still being explored. It’s an ever-evolving program because skillful users of great imagination keep finding new ways to use it, and then write the code to do it.
Instead of condemning the Proxomitron to the wastebasket, why not join a support group or two …and explore the possibilities?
Jan 4th, 2006 at 8:55 am
Michael Hampton Says
Because I’m not stupid enough to use Windows.
Jan 4th, 2006 at 2:34 pm
pchelp Says
Kinda sat on a tack there, didn’tcha big boy?
Jan 4th, 2006 at 8:04 pm
JJoe Says
http://www.winehq.com/
http://kyeu.info/proxo/forums/viewtopic.php?t=624
HTH
Jan 8th, 2006 at 6:08 pm
LWC Says
Even though Micheal ignores my later questions, I’ll defend him in one thing – Proxomitron does have a bug where it insists on sending that Pragma header.
I could only fix it by changing the default filter list to ENABLE a filter that DISABLES that header. Yes, you need to enable a filter that filters Proxomitron itself…
So it’s not like it’s his fault for messing with his filter list. He simply tried the default filter list and when it failed, instead of having enough patience to figure out like I did (or by asking in forums) to turn that filter on, he just buried the program.
His “crime” was that he messed with Proxomitron too little, not too much!
Jan 8th, 2006 at 11:45 pm
Michael Hampton Says
This thread has gotten way too much attention for its relative importance.
Jan 9th, 2006 at 4:28 am
splib Says
if i understand the problem, you could also put the pragma sites into the URL with the “not” char (caret)
or create a new list AllowPragma.lst then in URL ^$LST(AllowPragma)
i’ve converted a few of the standard filters to LST dependent filters, because i didn’t like the all-or-none aspect. many of my own filters use new or existing LSTs.
btw, wtf is ‘bad behavior’?
adblock and hosts and other methods will do only *some* of what proxo will do…
Jan 9th, 2006 at 6:02 am
splib Says
“This thread has gotten way too much attention for its relative importance.”
)
don’t mess with proxo users! (and don’t mess with the babysitter
Jan 9th, 2006 at 6:04 am
splib Says
“Killing blog spam”
oh, ok. commendable, imo
Jan 9th, 2006 at 6:10 am
LWC Says
Ok, then just please tell us if there’s anything else in Proxomitron that bothers Bad Behavior except that header.
Jan 9th, 2006 at 3:58 pm
Michael Hampton Says
No, that’s it.
Jan 9th, 2006 at 4:40 pm
sidki Says
LWC:
Even though Micheal ignores my later questions, I’ll defend him in one thing – Proxomitron does have a bug where it insists on sending that Pragma header.
I could only fix it by changing the default filter list to ENABLE a filter that DISABLES that header. Yes, you need to enable a filter that filters Proxomitron itself…
That’s incorrect. It doesn’t have anything to do with Proxomitron, but IE is sending different headers for an unconditional request (CTRL-key) when using a proxy. You can verify that by setting IE to use an external (remote) proxy, and then watch the traffic with a packet sniffer:
Direct connect:
HTTP
Version: HTTP/1.1
Method: GET
URI: /cgi-bin/env.cgi
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, a
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; MSN 2.5; Windows NT 5.0; .NET CLR 1
Host: inet-police.com
Connection: Keep-Alive
Cache-Control: no-cache
External proxy:
HTTP
Version: HTTP/1.1
Method: GET
URI: http://inet-police.com/cgi-bin/env.cgi
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, a
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; MSN 2.5; Windows NT 5.0; .NET CLR 1
Host: inet-police.com
Proxy-Connection: Keep-Alive
Pragma: no-cache
Jan 11th, 2006 at 5:49 pm
hpguru Says
“7. Michael Hampton – January 4, 2006
Because I’m not stupid enough to use Windows.”
Or not smart enough to know how to secure it.
Jan 30th, 2006 at 12:51 am
Michael Hampton Says
I’ll venture to say I have much more experience with Windows than you do. I do indeed know how to “secure” it. Even so, I will always avoid using Windows whenever possible, and that’s because I have experience with it.
In any case, it’s pretty irrelevant to the topic at hand, which is long since dead.
Jan 30th, 2006 at 4:59 am
Brett Blatchley Says
Well Michael, “It’s hard to be humble when you’re so great.” isn’t it?
This is my first and LAST visit to your sight — grow up.
Oct 30th, 2007 at 3:46 pm