*******************************************************************************
Config Control
*******************************************************************************

Contents:

  Header Filters Window
    1 Config Mode
    2 General
    3 Proxies
    4 Logging
    5 Cookie Handling
    6 Cache Handling
    7 Script Handling

  Web Filters Window
    Display I
    Window Handling
    Ads
    JavaScript - General
    JavaScript - Interception
    Various


*******************************************************************************
Header Filters Window
*******************************************************************************

-------------------------------------------------------------------------------
1	Config Mode (only enable one)
-------------------------------------------------------------------------------

Note:	Generally, mode dependent filters are marked with the lowest mode in
	which they are active.  For instance, "l.4" indicates "advanced and
	debug mode only".  The config mode can also be controlled via the
	Proxomitron menu or the IncludeExclude lists.


1.1	Minimal Mode (off)
...............................................................................

If active, only a minimal Proxomitron script gets inserted, and most filters
that don't deal with ads are disabled.  Not all bypassed filters are explicitly
marked as such.

Suited for new users, who expect Proxomitron to just block ads and popups.


1.2	Light Mode (off, "l.2")
...............................................................................

This is the "install and forget about Proxomitron" mode.  It offers more
protection than the minimal mode, and the Proxomitron menu is already
available.
However, filters that are likely to confuse new users - e.g. require any sort
of interaction - get bypassed.


1.3	Standard Mode (on, "l.3")
...............................................................................

The full set, except most informational and a few rather risky filters.
Hopefully suited for most users.


1.4	Advanced Mode (off, "l.4")
...............................................................................

For the most part the same as standard mode, but more information about the
current document is shown in the page footer, title, status bar, and
Proxomitron log window.  Also, a few experimental or potentially troublesome
filters are active here.

Corresponds to the default settings in previous config versions.  Intended for
advanced users.


1.5	Debug Mode (off, "l.5")
...............................................................................

This switch activates several verbose JavaScript and filter subroutines, as
well as the "Bottom Add: Display Variables - Debug" filter.
(Not to be confused with Prox' "dbug.." URL command.)


-------------------------------------------------------------------------------
2	General
-------------------------------------------------------------------------------

2.1	Never alter Page/Link Styles (on)
...............................................................................

The config comes with a number of filters that modify some aspects of the
original page layout.  That includes for instance dimmed white backgrounds, the
color of visited links, and links with certain protocols (ftp:, file:, mailto:,
etc.).

This option prevents such modifications, and the Proxomitron stylesheet that
controls the appearance of normal links doesn't get inserted.

Note:	Although defaulting to active by common request, this switch has a few
	drawbacks:

	The URLs that you've visited lately are theoretically accessible from
	other pages (risk is very low).

	Pages may force objectionable events by inserting multiple BODY tags
	(risk is low).

	Webmasters may give visited links the same color and style as normal
	ones (common practice).

Filters affected by this switch are marked with "style".  Also accessible from
the Proxomitron menu.


2.2	Use Half-SSL (off)
...............................................................................

If active, secure links (https://) get redirected or converted to a Proxomitron
URL command (http://https..).

Pro:	You may save some time because Proxomitron doesn't need to re-encrypt
	the document after filtering - and the browser doesn't need to decrypt
	it.
	You don't get a warning message in Mozilla and Opera, saying that
	Proxomitron's certificate doesn't match the site in question.

Contra:	The browser is completely unaware that it is dealing with a secure
	page.  All responsibility goes to Proxomitron.  You may not feel
	comfortable with this fact.

This option requires a URL-based Proxomitron command.
Do *not* check "Disable URL-based Proxomitron commands", under
"Config -> Access" in Proxomitron's main window.

Proxomitron *must* have access to the SSL DLLs.  The browser's HTTPS proxy
setting will not matter when this technique is in effect.

More info:
The "Installation" chapter in the ReadMe.
Scott R. Lemmon's thoughts in Proxomitron's ReadMe.


-------------------------------------------------------------------------------
3	Proxies
-------------------------------------------------------------------------------

3.1	Proxy Spoofing by Default (off)
...............................................................................

Enable this and Proxomitron will try to hide your real IP address from nosey
websites by pretending that your computer is a proxy server forwarding requests
for another (US) IP address.
The "spoofed" IP address will be constant per domain.
The "spoofed" IP address will change when the config is reloaded.

Note:	Your IP address isn't *really* hidden by this.  A webmaster with an
	average IQ will detect the spoof when inspecting the log.
	Also, you may have problems accessing some sites.

Also accessible from the Proxomitron menu.


3.2	Use Proxy by Default (off)
...............................................................................

As long as you use a standard proxy, there is no real difference between this
option and the "Use Remote Proxy" checkbox in Proxomitron's main window.

If your main proxy requires authentication and your proxy list contains more
than one entry, you *always* need to use this switch instead of the built-in
one.


3.3	Use Proxy with FTP and Gopher (off)
...............................................................................

This switch enables Proxomitron to filter documents that are located on FTP or
Gopher servers.  To make this possible, the address of an intermediate proxy
that translates the protocols into HTTP must be entered inside the filter.

See the "Installation" chapter in the ReadMe for further details.


3.4.a	Use Standard Proxy (on)
...............................................................................

Self-explanatory.


3.4.b	Use Auth Proxy (off)
...............................................................................

Check this option and uncheck the one above if your remote proxy requires
authentication.  See the "Installation" chapter in the ReadMe for additional
mandatory steps to get your remote proxy up and running.


-------------------------------------------------------------------------------
4	Logging
-------------------------------------------------------------------------------

4.1.a	Log to Main + Rare (off)
...............................................................................

Most filters can log their hits to files.  If this option is active, rare or
crucial hits are logged to Log-Rare.log.  These and all other hits also go
timestamped to Log-Main.log.


4.1.b	Log to Main (ctrl+shift key) + Rare (on)
...............................................................................

Same as above option, except that logging to Log-Main.log only happens, if you
press and hold CTRL+SHIFT.  Don't enable "a" *and* "b".


4.2	Log common Nuisances (on)
...............................................................................

If one of previous two options is activated as well, then attempts to launch
encrypted scripts, malware ActiveX controls, floating layers, etc. are logged
to Log-Rare.

Web hitchhikers may want to turn this switch off, as above practices are
popular and tend to flood the logs.


-------------------------------------------------------------------------------
5	Cookie Handling (only enable one or none)
-------------------------------------------------------------------------------

5.1  	Session Cookies by Default (on)
...............................................................................

All persistent cookies are converted to session cookies that will be lost, when
the current browser session ends.
*Except* cookies from sites listed in the default "AllowCookies" list.


5.2  	Block Cookies by Default (off)
...............................................................................
No cookies are allowed to arrive at or leave your browser.
*Except* cookies from sites listed in the default "AllowCookies" list.


-------------------------------------------------------------------------------
6	Cache Handling (only enable one or none)
-------------------------------------------------------------------------------

6.1  	Always Cache (off)
...............................................................................

Details:
- Everything is cached for 24 hours.

- Reload sends a conditional request to the server that asks if the document
  has changed since the last fetch.  If there was no such information
  (Last-Modified or ETag), the document is re-requested anyway.

- CTRL-Reload unconditionally re-requests the document, no matter if it has
  changed or not.

- This behavior is the same for all browsers and all documents - the HTML page
  and everything that is embedded, images, external scripts, stylesheets, etc..

Pro:	Browsing can be very fast.

Contra:	You may hit the reload button pretty often, for instance when logging
	into/out of an account or editing a post.

Always inactive while pressing the CTRL or SHIFT key.


6.2  	Always Cache except for HTML (on)
...............................................................................

This is a trade-off between options "a" and "c".

Details:
- When navigating back/forward in a browser window, everything is fetched
  from the cache.

- When revisiting a page, only the page itself (not images, ...) is
  conditionally re-requested - if supported by browser and server.

- Same as option "a" otherwise.

Always inactive while pressing the CTRL or SHIFT key.


6.3  	Always Fresh (off)
...............................................................................

All documents are re-fetched from the server in all situations.

Always active while pressing the CTRL key.
Always inactive while pressing the SHIFT key.


-------------------------------------------------------------------------------
7	Script Handling (only enable one or none)
-------------------------------------------------------------------------------

7.1	Block all Scripts (off)
...............................................................................

Self-explanatory.  Also accessible from the Proxomitron menu.


7.2  	Block all Third Party Scripts (off)
...............................................................................

All external scripts that come from another domain than the referring one get
blocked.


7.3  	Block specific Third Party Scripts (on)
...............................................................................

Activates a list of hosts that serve scripts to blogger and news sites.  These
"widgets" are harmless by nature, but made it into the list, because they are
either resource hungry or slow.


*******************************************************************************
Web Filters Window
*******************************************************************************

-------------------------------------------------------------------------------
Display I
-------------------------------------------------------------------------------

Add Proxomitron Menu (on)
...............................................................................

Activates the menu.  See "Prox_Menu.txt" for details.


.  + Open normal Links in new Windows (off)
...............................................................................

Activating this option will cause all normal links in the Proxomitron Menu to
open in a new window - except "Up" and "Top".


Add Style Selector (on)
...............................................................................

If a document contains alternate stylesheets (more exactly, titled links to
external stylesheets), you will see a "styles" link at the bottom of that page.

Clicking on it opens a small popup that shows you a list of styles to select
from and apply.

Gecko and Internet Explorer based browsers only.


Title:  Append Time, Snip Excess (on in advanced mode)
...............................................................................

Excessively long page titles are trimmed to 62 chars.  The current time is
displayed in the right part.


Title: Append Last-Modified or ETag (on in advanced mode)
...............................................................................

If the server sends a Last-Modified header with the document, the GMT (UTC)
time will be displayed in the right part of the title.  This also indicates
that the document is easily cacheable.

Sometimes only an ETag header is sent, making caching just as easy.  In this
case "ETag" is displayed instead.


Title: Prepend Proxy Indicator (on in advanced mode)
...............................................................................

If you are connecting thru a proxy, the indicator "[Proxy]" will be prepended
to the page title.

This works for IncludeExclude-U list entries with a "i_proxy:1" keyword, or if
you activate above mentioned "Use Proxy by Default" header filter.  You won't
see the indicator, if you use Proxomitron's built-in "Use Remote Proxy" option
instead.


Display Important Info (on)
...............................................................................

Important things like exploit attempts or site-specific actions are displayed
as a flyover, if you hover over the respective links at the bottom of the page.


Display Kills (off)
...............................................................................

Information about almost all blocked or removed code is displayed in the page.
You can always show/hide this information with the "Toggle Kills" bookmarklet
or the "Toggle Kills" link in the Proxomitron Menu.
Always active while in Debug Mode.


iFrame Toggle: Extend to Onsite URLs (off)
...............................................................................

By default, just third-party (i.e. off-domain) iFrames are converted to a
load/unload toggle.  This switch extends that feature to all iFrames.


Flash & Media Toggle: Show/Play by Default (off)
...............................................................................

By default background sounds, Flash, and movies don't start or show up until
you click a "toggle" link.  This switch reverses that principle: Everything is
displayed until you click the respective link.


-------------------------------------------------------------------------------
Window Handling
-------------------------------------------------------------------------------

Popups: Block (on)
...............................................................................

Unrequested popups get blocked.  These are windows that try to open, although
you didn't click the mouse within the last two seconds.


. + Icon Notification (on)
...............................................................................

Shows a little image at the page bottom for each blocked popup.  If the popup
location was passed as a function argument, the image is blue and clicking it
opens the blocked page in the current window.  Else, the image is light red.


. + Sound Notification (on)
...............................................................................

Makes a sound for each blocked popup.


. + Force normal Browser Controls (on)
...............................................................................

Requested popups are forced to be resizable and to have addressbar, statusbar,
and scrollbars if needed.


. + Force all Browser Controls (off)
...............................................................................

Beyond above mentioned controls, requested popups will also have menubar, and
toolbars if supported by your browser.


Resizing: Block all but Popups (on)
...............................................................................

Blocks all "moveTo" and "resizeTo" calls to the main browser window, but not to
requested popup windows.  In Normal Config Mode and above the blocked x/y
co-ordinates are shown at the page bottom.


-------------------------------------------------------------------------------
Ads
-------------------------------------------------------------------------------

Block Ads by URL (on)
...............................................................................

Blocks a variety of HTML tag blocks and script code, containing links that
either point to known ad servers or have popular ad strings in their path name.
Can be fine-tuned by the switches given below.


. + On-Domain Banners (off)
...............................................................................

The string "banner", localizations like "banniere", "baner", as well as words
like "affiliates", "marketplace", "promotion", "sponsor" are controversial.

By default they are only considered as ad indicator for links that point to
hosts on another domain.  This switch will use above strings also for local
links.


.  - Off-Domain Banners (off)
...............................................................................

Above strings won't be used for ad blocking by path name.


.  - On-Domain Ad Hosts (off)
...............................................................................

HTML and JavaScript blocks that contain links pointing to an adserver on the
current domain won't get blocked.


.  - On-Domain Ad Paths (off)
...............................................................................

Local links won't be compared with the "AdPaths" list.  However, off-domain
links are still checked.


.  - Don't target Image HREFs (off)
...............................................................................

Usually both, the link and the image location of clickable pictures are scanned
for ad strings.  The first test is a bit riskier and is skipped if this option
is active.


.  - Treat Off-Domain Links like local Links (off)
...............................................................................

Local URLs are handled differently than off-domain ones.  Certain entries in
the ad lists are excluded, certain filter subroutines are turned off.  This
option extends non-restrictive URL checking to all links.


Don't block Ads by Keyword - HTML (off)
...............................................................................

By default, class/id/name/alt/title attributes of HTML tags are scanned for
ad'ish strings.  This switch turns that off - the "AdKeys" list is off duty.


Don't block Ads by Keyword - JS (off)
...............................................................................

Deactivates blocking/removal of scripts and JavaScript functions that contain
keywords listed in "AdKeys-J".


Don't block Ads by Dimension (off)
...............................................................................

Normally, linked images and container tags like iframes or objects are also
blocked, if their specified width and height match an "AdDimensions" list
entry.  But not with this option active.


(to be continued...)
*EOF*
