It would be wonderful if there was an easier way to specify permitted domains.
For example, let's say I wanted to allow any web access to arbitrary.com, including:
http://arbitrary.com
https://anything-here.arbitrary.com
http://1.2.3.arbitrary.com
Most of my whitelisted items are of this nature. Right now, as I understand it, I'd need to use convoluted regular expressions to add these, such as:
+^(https?)://[A-Za-z0-9\-\.]+\.arbitrary.com
And I'd need at least two entries, to account for the case that it's just a TLD. So how about a shortcut way to specify "any http or https access to a domain ending in this TLD?" Such as:
++arbitrary.com
Which would match the three examples above (but not "somewhatarbitrary.com"). It would sure be easier to edit, read, and maintain the URL file.
The second suggestion is to allow us to specify a way to silently blacklist something. Let's say there's a particular allowed web page that always embeds an element that is going to trigger a rejection. We don't want to whitelist that element, but we don't want the patron to have to endure the rejection pop-up that obscures the primary, permitted site. So there could be a special code that acts the same way as the '-', but which doesn't cause any pop-ups, such as:
=-facebook.com
Easier blacklisting/whitelisting
Re: Easier blacklisting/whitelisting
The following regular expression will match the URL starting with either "http://" or "https://", with "www", "WWW" or "", followed by "arbitrary.com".
^http?.:\/\/[w,W,\.]*arbitrary\.com
For the second part, starting with PWB v3.04.1 CEF you can use the following setting to only filter the page main frame URL.
[Security]
CheckURLMainFrameOnly=True
Clicking on the a denied URL will trigger the denied message.
--Scott
^http?.:\/\/[w,W,\.]*arbitrary\.com
For the second part, starting with PWB v3.04.1 CEF you can use the following setting to only filter the page main frame URL.
[Security]
CheckURLMainFrameOnly=True
Clicking on the a denied URL will trigger the denied message.
--Scott
Re: Easier blacklisting/whitelisting
Yes, but my point is that that is difficult for humans to parse and maintain. Plus it isn't actually sufficient, since the above also matches, for example:The following regular expression will match the URL starting with either "http://" or "https://", with "www", "WWW" or "", followed by "arbitrary.com".
^http?.:\/\/[w,W,\.]*arbitrary\.com
httpz://warbitrary.com
and doesn't match:
http://test.arbitrary.com
Honestly, I don't even know what the proper regex is, and would love to see it.
So what I'm suggesting is that there should be an easier way to do this very, very common thing that doesn't involve a mass of strange characters as a prefix.
I was aware of that option, but I'm not sure it does what I need. First of all, I do want all URLs checked everywhere, all the time. It's just that there are a handful of select URLs that, if they are denied, I do not want them to produce a message that the patron sees. I simply want their content to not load.For the second part, starting with PWB v3.04.1 CEF you can use the following setting to only filter the page main frame URL.
[Security]
CheckURLMainFrameOnly=True
Re: Easier blacklisting/whitelisting
This regular expression matches http, https, subdomains + dot, www + dot, or nothing specified before domain.
^https?:\/\/[A-Za-z0-9.-]+\.arbitrary\.com|^https?:\/\/arbitrary\.com
This satisfies the original example:
http://arbitrary.com
https://anything-here.arbitrary.com
http://1.2.3.arbitrary.com
--Scott
^https?:\/\/[A-Za-z0-9.-]+\.arbitrary\.com|^https?:\/\/arbitrary\.com
This satisfies the original example:
http://arbitrary.com
https://anything-here.arbitrary.com
http://1.2.3.arbitrary.com
--Scott
Re: Easier blacklisting/whitelisting
PWB 3.04.3 now available on the Beta Downloads page has the following addition.
Version 3.04.4 Basic 07-13-2015
Added:
[Files] FilterDLL=
Path to Filter DLL for URL filtering.
DLL needs to export "HRESULT PWBFilterFunction(LPCTSTR pszURL)" function.
Function return S_OK (0) if URL is allowed.
Function return S_FALSE (1) if URL is disallowed.
Function return PWB_CONTINUE (2) to continue to use PWB filter.
Please see the "PWBAddonExample" also available on the Beta Downloads page for an example of a PWB addon with the PWB Filter Function included.
This will allow anyone to extended the PWB filter functionality to meet their specific needs.
--Scott
Version 3.04.4 Basic 07-13-2015
Added:
[Files] FilterDLL=
Path to Filter DLL for URL filtering.
DLL needs to export "HRESULT PWBFilterFunction(LPCTSTR pszURL)" function.
Function return S_OK (0) if URL is allowed.
Function return S_FALSE (1) if URL is disallowed.
Function return PWB_CONTINUE (2) to continue to use PWB filter.
Please see the "PWBAddonExample" also available on the Beta Downloads page for an example of a PWB addon with the PWB Filter Function included.
This will allow anyone to extended the PWB filter functionality to meet their specific needs.
--Scott
Re: Easier blacklisting/whitelisting
Thank you, Scott!
-Alan
-Alan
Re: Easier blacklisting/whitelisting
Please feel free to email me if you need any help.
You are going to share right?
--Scott
You are going to share right?
--Scott
Re: Easier blacklisting/whitelisting
The syntax from that example above doesn't work (and gives an error in the URL Filter Check). I believe this almost does the trick, though:
^(https?://[A-Za-z0-9\.\-]+\.arbitrary\.com)|(https?://arbitrary\.com)
...however that will match http://arbitrary.comx
^(https?://[A-Za-z0-9\.\-]+\.arbitrary\.com)|(https?://arbitrary\.com)
...however that will match http://arbitrary.comx