Dienstag, 31. Mai 2016

WebCleaner --- A filtering HTTP proxy


Why should I use WebCleaner?

The first feature that sets WebCleaner apart from other proxies is exact HTML filtering, and this removes a lot of advertisings. The filter does not just replace some strings, the proxy parses all HTML data. The parser is fast (written in C) and can cope with every broken HTML page out there; if the parser does not recognize HTML structures, it just passes the data over to the proxy until it recognizes a tag again. No valid HTML data is ever discarded or dropped.

Another feature is the JavaScript filtering: JavaScript data is executed in the integrated Spidermonkey JavaScript engine which is also used by the Mozilla browser suite. This eliminates all JavaScript obfuscation, popups, and document.write() stuff, but the other JavaScript functions still work as usual.

Exact HTML filtering has another good side-effect: it is possible to detect and prevent known security flaws in HTML processors. Several known (but not all) buffer overflow exploits or Denial of Service attacks are detected and fixed by the HtmlSecurity class.

If you find an HTML exploit that is not covered by the security filter, please let me know.

Furthermore, WebCleaner can filter SSL traffic used in https:// URLs. See the SSL gateway documentation for more info.