firewall Autor: Jirka Justra

[manual]

Requested resources have origin url (site's address) and target url.

Default origin is set to .* (all sites).

Please note, that there cannot be used semicolon in text tokens, because it works like line breaker
and asterisk as first character of word (it translate variable name to its value).
When this is needed, please use base64 version of value and b64d (base 64 decode) function
in program (see example).

- request blocking -
Firewall works by testing currently loading site's url (origin) against url-reg-exp
given in command origin. If it matches, then ALL rules of given set will be tested
one by one. Every rule can decide if target is allowed or blocked. At the end,
final result of those iterations is used.

- header alteration -
Header alteration rules are evaluated immediately.


/commands:

origin url-reg-exp - create new rule set for given url (regular expression form)
disable - disable current rule set

block url-reg-exp - add blocking rule for target url (blacklist)
allow url-reg-exp - whitelist all that matches

requestHeader Header-Name [value] - alter request header value for current origin
responseHeader Header-Name [value] - alter response header value for current origin

(if value is omitted, header is discarded)


/example:

# discard all X-Frame-Options headers on all loaded sites
responseHeader X-Frame-Options

# block [anything].google(-analytics, etc.) on steam
origin steampowered
block \.google

# semicolon usage
origin mozilla\.org
block \.png; block \.svg; block \.css

# using previous origin (mozilla.org)
# allowing \.css again
# base64 for \.css is XC5jc3M= ... in dev console: btoa('\\.css')
b64d XC5jc3M=
allow *