icaprb-filter 0.0.1

data/lib/icaprb/filter/service.rb

@@ -0,0 +1,107 @@
+require 'icaprb/server'
+require 'icaprb/filter'
+
+# nodoc
+module ICAPrb
+  # Server
+  module Server
+    # The filter service, reference in your startup script
+    class FilterService < ICAPrb::Server::Services::ServiceBase
+      # Load configuration for filter service
+      # +path+:: Path to the configuration file
+      def initialize(path, timeout=nil)
+        super('filter',[:request_mod, :response_mod],nil,60,nil,nil,nil,1000)
+        @timeout = timeout
+        @request_list, @response_list = ::ICAPrb::Filter.load_filters(path)
+      end
+      # Process a new filter request
+      # +icap_server+: ICAP server data
+      # +ip+:: IP
+      # +socket+:: Socket
+      # +data+:: Data for the current request
+      def process_request(icap_server,ip,socket,data)
+        logger = icap_server.logger
+        ICAPrb::Filter.set_logger(logger)
+        ICAPrb::Filters.set_logger(logger)
+        logger.debug '==========================================='
+        logger.debug 'Start processing data via filter service...'
+        logger.debug 'Request url: ' + data[:http_request_header]["Host"].to_s
+
+        #logger.debug data
+        # Go through all filters for resp or req
+        begin
+          response = ::ICAPrb::Server::Response.new
+          is_modified = false
+          if data[:icap_data][:request_line][:icap_method] == :request_mod
+            logger.debug('Event is REQUEST')
+            @request_list.each do |entry|
+              logger.debug('Executing filter: ' + entry[:name].to_s)
+              filter_return_value = entry[:object].plugin(data)
+              if [true, false].include? filter_return_value
+                is_modified = (filter_return_value || is_modified)
+                logger.debug("Filter return value: " + filter_return_value.to_s)
+              else
+                logger.error("Filter " + entry[:name] + ' has illegal return value')
+              end
+            end
+          elsif data[:icap_data][:request_line][:icap_method] == :response_mod
+            logger.debug('Event is RESPONSE')
+            @response_list.each  do |entry|
+              logger.debug('Executing plugin: ' + entry[:name].to_s)
+              plugin_return_value = entry[:object].plugin(data)
+              if [true, false].include? plugin_return_value
+                is_modified = (plugin_return_value || is_modified)
+                logger.debug("Plugin return value: " + plugin_return_value.to_s)
+              else
+                logger.error("Plugin " + entry[:name] + ' has illegal return value')
+              end
+            end
+          end
+          if is_modified
+            logger.debug('Data was modified, sending everything')
+          else
+            logger.debug('Data is unmodified, sending status code 204')
+          end
+          # Nothing changed
+          unless is_modified
+            # Send 204 (unmodified) flag, no content required
+            response.icap_status_code = 204
+            response.write_headers_to_socket socket
+            return
+          end
+          # Something changed
+          if data[:icap_data][:request_line][:icap_method] == :response_mod
+            http_header = data[:http_response_header]
+            if data[:http_response_body]
+              http_body = ICAPrb::Server::ResponseBody.new(data[:http_response_body])
+              http_header['Content-Length'] = http_body.length
+            end
+          else
+            http_header = data[:http_request_header]
+            if data[:http_request_body]
+              http_body = ICAPrb::Server::RequestBody.new(data[:http_request_body])
+              http_header['Content-Length'] = http_body.length
+            end
+          end
+
+          response.components << http_header
+          response.components << http_body if http_body
+          response.icap_status_code = 200
+          response.write_headers_to_socket socket
+          socket.write(http_body.to_chunk)
+          ::ICAPrb::Server::Response.send_last_chunk(socket,false)
+        rescue StandardError => error
+          logger.warn 'Error in filter framework'
+          logger.warn error.message
+          logger.warn error.backtrace
+          logger.warn error.backtrace_locations
+          # Don't anger the consumer
+          response = ::ICAPrb::Server::Response.new
+          response.icap_status_code = 204
+          response.write_headers_to_socket socket
+        end
+        logger.debug '==========================================='
+      end
+    end
+  end
+end

data/lib/icaprb/filter/solution.rb

@@ -0,0 +1,954 @@
+require 'pdf/reader'
+require 'nokogiri'
+require 'icaprb/server'
+require 'rest-client'
+require 'json'
+require 'digest'
+require 'uirusu'
+
+# ICAPrb
+module ICAPrb
+  # Methods for filters
+  class Filters
+    # Set logger for filter
+    # +logger+:: Logger object
+    def self.set_logger(logger)
+      @logger = logger
+    end
+
+    # Get logger
+    def self.get_logger
+      @logger
+    end
+
+    # Generate class reference from string
+    #  +str+:: String to get the class from
+    def self.class_from_string(str)
+      str.split('::').inject(Object) do |mod, class_name|
+        mod.const_get(class_name)
+      end
+    end
+    # Get all available filters in the namespace ICAPrb::FilterSolutions::
+    def self.get_filters
+      filter_symbols = FilterSolutions.constants.select{ |c| FilterSolutions.const_get(c).is_a? Class }
+      filters = []
+      filter_symbols.each { |filter_symbol|
+        symbol_path = 'ICAPrb::FilterSolutions::' + filter_symbol.to_s
+        current_class = self.class_from_string(symbol_path)
+        filters << {:class => current_class, :name => current_class::FILTER_NAME, :modes => current_class::MODES}
+      }
+      filters
+    end
+
+    # Get all available plugins in the namespace ICAPrb::Plugins::
+    def self.get_plugins
+      plugin_symbols = Plugins.constants.select{ |c| Plugins.const_get(c).is_a? Class }
+      plugins = []
+      plugin_symbols.each { |plugin_symbol|
+        symbol_path = 'ICAPrb::Plugins::' + plugin_symbol.to_s
+        current_class = self.class_from_string(symbol_path)
+        plugins << {:class => current_class, :name => current_class::PLUGIN_NAME, :modes =>current_class::MODES}
+      }
+      plugins
+    end
+  end
+  # Contains block rule definitions
+  module FilterSolutions
+    # Check for hashes and block if anything matches
+    class HashedContent
+      # Name in the configuration file
+      FILTER_NAME = 'check_hashes'
+      # Available mod modes
+      MODES = [:response_mod]
+      # Constructor
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, parameters)
+        @params = []
+        file_path = parameters[0]
+        File.foreach(File.expand_path(file_path)) do |line|
+          line = line.chomp.gsub('\n', '').gsub('\r', '')
+          @params << line
+        end
+      end
+      # Execute plugin
+      # +data+:: ICAP data
+      def plugin(data)
+        if data[:http_response_body] == nil
+          ICAPrb::Filters.get_logger.debug('Nothing to hash')
+          return false
+        end
+        hash = Digest::SHA256.hexdigest(data[:http_response_body]).to_s
+        ICAPrb::Filters.get_logger.debug('Calculated hash: ' + hash.to_s)
+        @params.each do |other_hash|
+          if hash.eql? other_hash
+            # Block by telling the user that this is blocked
+            ICAPrb::Filters.get_logger.debug('Found match')
+            data[:http_response_body] = '<html><body>Blocked Hash</body></html>'
+            return true
+          end
+        end
+        false
+      end
+    end
+
+    # Check if the URL contains the given words
+    class URLContains
+      # Name in the configuration file
+      FILTER_NAME = 'url_contains'
+      # Available mod modes
+      MODES = [:response_mod]
+
+      # Constructor
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, parameters)
+        @params = parameters
+      end
+
+      # Execute plugin
+      # +data+:: ICAP data
+      def plugin(data)
+        uri = data[:http_request_header]['Host']
+        @params.each { |url|
+          if uri.include? url
+            # Block by telling the user that this is blocked
+            data[:http_response_body] = '<html><body>Blocked URI</body></html>'
+            return true
+          end
+        }
+        false
+      end
+    end
+
+    # Check in headers for regex
+    class Headers
+      # Name in the configuration file
+      FILTER_NAME = 'headers'
+      # Available mod modes
+      MODES = [:response_mod]
+      # Constructor
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, parameters)
+        @params = parameters
+      end
+      # Execute plugin
+      # +data+:: ICAP data
+      def plugin(data)
+        headers = data[:http_request_header]
+        headers.each { |header_name, header_content|
+          @params.each { |header_target, regex_data|
+            if header_name == header_target
+              regex_data.each{ |current_regex|
+                if header_content.match(current_regex)
+                  data[:http_response_body] = '<html><body>Blocked header</body></html>'
+                  return true
+                end
+              }
+            end
+          }
+        }
+        false
+      end
+    end
+    # Check if any attribute keys matching
+    class ContentHasKey
+      # Name in the configuration file
+      FILTER_NAME = 'content_has_key'
+      # Available mod modes
+      MODES = [:response_mod]
+      # Constructor
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, parameters)
+        @params = parameters
+      end
+      # Execute plugin
+      # +data+:: ICAP data
+      def plugin(data)
+        doc = Nokogiri::HTML(data[:http_response_body])
+        doc.traverse do |node|
+          node.keys.each do |key|
+            @params.each do |attribute_key|
+              if key == attribute_key
+                data[:http_response_body] = '<html><body>Blocked attribute key</body></html>'
+                return true
+              end
+            end
+          end
+        end
+        false
+      end
+    end
+    # Check if the content of the tags includes any bad words
+    class ContentIncludes
+      # Name in the configuration file
+      FILTER_NAME = 'content_includes'
+      # Available mod modes
+      MODES = [:responese_mod]
+      # Constructor
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, parameters)
+        @params = parameters
+      end
+      # Execute plugin
+      # +data+:: ICAP data
+      def plugin(data)
+        doc = Nokogiri::HTML(data[:http_response_body])
+        doc.traverse do |node|
+          @params.each { |phrase|
+            if node.text and node.text.include? phrase
+              data[:http_response_body] = '<html><body>Blocked content</body></html>'
+              return true
+            end
+          }
+        end
+        false
+      end
+    end
+  end
+  # Plugins for modify
+  module Plugins
+    # Send URLs to Virustotal and log into file
+    class VirusTotalURL
+      # Name in the configuration file
+      PLUGIN_NAME = 'send_url_to_virustotal'
+      # Available mod modes
+      MODES = [:request_mod]
+
+      # Constructor
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, parameters)
+        @api_key = parameters[:api_key]
+        @log_file = File.expand_path(parameters[:log_file])
+      end
+
+      # Execute plugin
+      def plugin(data)
+        # Get address
+        uri = data[:http_request_header]['Host']
+        # Get result
+        ICAPrb::Filters.get_logger.debug("Sending uri #{uri.to_s} to Virustotal")
+        begin
+          results = Uirusu::VTUrl.query_report(@api_key, uri)
+          result = Uirusu::VTResult.new(uri, results)
+          # Write result
+          if result != nil
+            unless File.file?(@log_file)
+              FileUtils::touch @log_file
+            end
+            IO.write(@log_file, result.to_json.to_s.gsub('\n', '').gsub('\r', ''), mode: 'a')
+          end
+        rescue StandardError => e
+          ICAPrb::Filters.get_logger.warn('Virustotal error ' + e.message + e.backtrace.to_s)
+        end
+        false
+      end
+    end
+    # TODO at this time this should only work with request_mod
+    class ReplaceContent
+      # array of hashes in the form with the following fields
+      # match:: regular expression of url/
+      # content:: the content to use
+      # content_type:: 'set the content type'
+      attr_reader :replacement
+      # Constructor
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(mode, parameters)
+        super
+        @replacement = []
+      end
+
+      # Name in the configuration file
+      PLUGIN_NAME = 'replace_content'
+
+      # Available mod modes
+      MODES = [:response_mod,:request_mod]
+      # Execute plugin
+      # +data+:: ICAP data
+      def plugin(data)
+        matching_replacements = @replacement.select {|replacement| data =~ replacement[:match] }
+        if matching_replacements.count > 0
+          matching_replacement = matching_replacements.first
+          data[:http_response_body] = ::ICAPrb::Server::ResponseBody.new(matching_replacement[:content])
+          if data[:http_response_header]
+            data[:http_response_header] =
+              ::ICAPrb::Server::ResponseHeader.new(data[:http_response_header].http_version, 200)
+          elsif data[:http_request_header]
+            data[:http_response_header] =
+                ::ICAPrb::Server::ResponseHeader.new(data[:http_request_header].http_version, 200)
+          else
+            data[:http_response_header] = ::ICAPrb::Server::ResponseHeader.new('1.1', 200)
+          end
+
+          data[:http_response_header]['Content-Type'] = matching_replacement[:content_type]
+          data[:http_response_header]['Content-Length'] = matching_replacement[:content].length
+          data.delete(:http_request_header) if data[:http_request_header]
+          return true
+        end
+        false
+      end
+    end
+
+    #This class is used to delete common implementations of facebook buttons
+    class RemoveFB
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, _)
+      end
+
+      # class name
+      PLUGIN_NAME = 'remove_fb'
+
+      # Available mod modes
+      MODES = [:response_mod]
+
+      #execute the plug in
+      def plugin(data)
+        doc = Nokogiri::HTML(data[:http_response_body])
+        mod = false
+
+        # removes all iframes where the source matches
+        doc.search('iframe').each do |iframe|
+          if iframe['src'].match(/facebook\.com\/.*like\.php/i)
+            iframe.remove
+            mod = true
+          end
+        end
+
+        # removes all matching links
+        doc.search('a').each do |a|
+          if a['href'].to_s.match(/www\.facebook\.com\/sharer\.php|www\.facebook\.com\/sharer\/sharer\.php/)
+            a.remove
+            mod = true
+          end
+        end
+
+        # removes the facebook like-button element
+        doc.search('div.fb-like').each do |src|
+          src.remove
+          mod = true
+        end
+
+        # removes the facebook share-button element
+        doc.search('div.fb-share-button').each do |src|
+          src.remove
+          mod = true
+        end
+
+        # removes the facebook comments element
+        doc.search('div.fb-comments').each do |src|
+          src.remove
+          mod = true
+        end
+
+        # removes all scripts where the content matches
+        doc.css('script').each do |script|
+          if script.content.match(/connect\.facebook\.net\//i)
+            script.remove
+            mod = true
+          end
+        end
+
+
+        data[:http_response_body] = doc.to_s if mod
+        mod
+      end
+    end
+
+    #This class is used to delete common implementations of the Twitter-Share-Button
+    class RemoveRetweetButton
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, _)
+      end
+
+      #class name
+      PLUGIN_NAME = 'remove_retweet_button'
+
+      # Available mod modes
+      MODES = [:response_mod]
+      # Execute plugin
+      # +data+:: ICAP data
+      def plugin(data)
+        mod = false
+        doc = Nokogiri::HTML(data[:http_response_body])
+
+        # removes twitter share button elements
+        doc.search('a.twitter-share-button').each do |src|
+          src.remove
+          mod = true
+        end
+
+        # removes twitter timeline elements
+        doc.search('a.twitter-timeline').each do |src|
+          src.remove
+          mod = true
+        end
+
+        # removes all matching links
+        doc.search('a').each do |a|
+          if a['href'].to_s.match(/twitter\.com\/share\?/i)
+            a.remove
+            mod = true
+          end
+          if a['href'].to_s.match(/twitter\.com\/intent\//i)
+            a.remove
+            mod = true
+          end
+        end
+
+        # removes all scripts where the content matches
+        doc.css('script').each do |script|
+          if script.content.match(/\/\/platform\.twitter\.com\/widgets\.js/i)
+            script.remove
+            mod = true
+          end
+        end
+
+        # removes all iframes where the source matches
+        doc.search('iframe').each do |iframe|
+          if iframe['src'].match(/platform\.twitter\.com\/widgets/i)
+            iframe.remove
+            mod = true
+          end
+        end
+
+        data[:http_response_body] = doc.to_s if mod
+        mod
+      end
+    end
+
+    #Plug in to remove the Google PlusOne Button
+    class RemovePlusOneButton
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, _)
+      end
+
+      # class name
+      PLUGIN_NAME = 'remove_plusone_button'
+
+      # Available mod modes
+      MODES = [:response_mod]
+
+      # execute the plug in
+      def plugin(data)
+        mod = false
+        doc = Nokogiri::HTML(data[:http_response_body])
+
+        # removes all g-plusone elements
+        doc.search('div.g-plusone').each do |src|
+          src.remove
+          mod = true
+        end
+
+        # removes all matching links
+        doc.search('a').each do |a|
+          if a['href'].to_s.match(/plus\.google\.com\/share\?/i)
+          end
+        end
+
+        # removes all scripts where the source or the content matches
+        doc.css('script').each do |script|
+          if script['src'] == 'https://apis.google.com/js/platform.js' || script.content.match(/apis\.google\.com/i)
+            script.remove
+            mod = true
+          end
+        end
+
+        # removes all iframes where the source matches
+        doc.search('iframe').each do |iframe|
+          if iframe['src'].match(/apis\.google\.com/i)
+            iframe.remove
+            mod = true
+          end
+        end
+
+        data[:http_response_body] = doc.to_s if mod
+        mod
+      end
+    end
+
+    # remove the two click solution provided by heise.de
+    class RemoveSocialSharePrivacy
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, _)
+      end
+
+      # class name
+      PLUGIN_NAME = 'remove_social_share_privacy'
+
+      # Available mod modes
+      MODES = [:response_mod]
+
+      # execute the plug in
+      def plugin(data)
+        mod = false
+        doc = Nokogiri::HTML(data[:http_response_body])
+
+        # removes all socialshareprivacy elements
+        doc.css('#socialshareprivacy').each do |src|
+          src.remove
+          mod = true
+        end
+
+        # removes all scripts where the source or the content matches
+        doc.css('script').each do |script|
+          if script.content.match(/socialshareprivacy\.css/i) || (script['src'] == 'jquery.socialshareprivacy.js')
+            script.remove
+            mod = true
+          end
+        end
+        data[:http_response_body] = doc.to_s if mod
+        mod
+      end
+    end
+
+    #Plug in to remove all Google AdWords
+    class RemoveGoogleAdWords
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, _)
+      end
+
+      # class name
+      PLUGIN_NAME = 'remove_google_ad_words'
+
+      # Available mod modes
+      MODES = [:response_mod]
+
+      # execute the plug in
+      # google AdWords are loaded with JSON files
+      # the plugin looks for the source record of google Adwords in those
+      # files and deletes them
+      def plugin(data)
+        mod = false
+        joined = ''
+
+        if data[:icap_data][:request_line][:uri].to_s.match(/www\.google\..*/i)
+          if data[:http_response_header]['Content-Type']=='application/json'
+            splitted = data[:http_response_body].split('/*""*/')
+            parsed = splitted.map {|x| JSON.parse x if x.length > 2}
+            parsed.each do |x|
+              if x && ( x['d'].include? 'www.googleadservices.com')
+                x['d'] = ''
+                mod = true
+              end
+            end
+            if mod
+              parsed.each do |x|
+                joined = joined + x.to_json + '/*""*/'
+              end
+              data[:http_response_body] = joined
+            end
+          end
+        end
+        mod
+      end
+    end
+
+    # Plug in to remove the Google Webads
+    class RemoveGoogleWebAds
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, _)
+      end
+
+      # class name
+      PLUGIN_NAME = 'remove_google_web_ads'
+
+      # Available mod modes
+      MODES = [:response_mod]
+
+      # execute the plug in
+      def plugin(data)
+        mod = false
+
+        #stops loading from specific hosts
+        if data[:http_request_header]['Host'].to_s.match(/googleads|googlesyndicat|googleadservice|\.doubleclick\./i)
+            data[:http_response_body] = ''
+            mod = true
+        end
+
+        doc = Nokogiri::HTML(data[:http_response_body])
+
+        #ICAPrb::Filters.get_logger.debug('content: ' + content = data[:http_response_body].to_s)
+
+        #delete divs where div.class contains keyword
+        doc.search('div').each do |src|
+          if src['class'].to_s.match(/ads|google_ads|google_companion|google-companion|googlesyndicat/i) || src['id'].to_s.match(/google_ads/i)
+            src.remove
+            mod = true
+          end
+        end
+
+        #delete hyperlinks where href contains keyword
+        doc.search('a').each do |a|
+          if a['href'].to_s.match(/googleads|googleadservice|googlesyndicat|\.doubleclick\./i)
+            a.remove
+            mod = true
+          end
+        end
+
+        #delete scripts where src or content matches keyword
+        doc.search('script').each do |script|
+          if script.content.match(/googleads|.*googlesyndicat.*|googleadservice|\.doubleclick\./i) || script['src'].to_s.match(/googleads|googlesyndicat|googleadservice|\.doubleclick\./i)
+            script.remove
+            mod = true
+          end
+        end
+
+        #delete images where the source matches
+        doc.search('img').each do |img|
+          if img['src'].to_s.match(/googleads\.|\.doubleclick\./i)
+            img.remove
+            mod = true
+          end
+        end
+
+        # removes google Ad Elements
+        doc.search('gwd-doubleclick').each do |gwd|
+          gwd.remove
+          mod = true
+        end
+
+        # removes google Ad Elements
+        doc.search('gwd-genericad').each do |gwd|
+          gwd.remove
+          mod = true
+        end
+
+        data[:http_response_body] = doc.to_s if mod
+
+        mod
+      end
+    end
+
+    # Plug in to remove the Adition Webads
+    class RemoveAditionWebAds
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, _)
+      end
+
+      # class name
+      PLUGIN_NAME = 'remove_adition_web_ads'
+
+      # Available mod modes
+      MODES = [:response_mod]
+
+      # execute the plug in
+      # removes all links and scripts where the source or the content matches
+      def plugin(data)
+        mod = false
+
+        #stops loading from specific hosts
+        if data[:http_request_header]['Host'].to_s.match(/\.adfarm[0-9]+\.adition/i)
+          data[:http_response_body] = ''
+          mod = true
+        end
+
+        doc = Nokogiri::HTML(data[:http_response_body])
+
+        doc.search('a').each do |a|
+          if a['href'].to_s.match(/\.adfarm[0-9]+\.adition\.com/i)
+            a.remove
+            mod = true
+          end
+        end
+
+        doc.search('script').each do |script|
+          if script['src'].to_s.match(/\.adfarm[0-9]+\.adition/i) || script.content.to_s.match(/adition|imagesrv\.adition\.com\/js\/srp\.js/i)
+            script.remove
+            mod = true
+          end
+        end
+        data[:http_response_body] = doc.to_s if mod
+        mod
+      end
+    end
+
+    # Plug in to remove the Nuggad Webads
+    class RemoveNuggadWebAds
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, _)
+      end
+
+      # class name
+      PLUGIN_NAME = 'remove_nuggad_web_ads'
+
+      # Available mod modes
+      MODES = [:response_mod]
+
+      # execute the plug in
+      # removes all scripts where the source or the content matches
+      def plugin(data)
+        mod = false
+
+        #stops loading from specific host
+        if data[:http_request_header]['Host'].to_s.match(/\.nuggad\.net/i)
+          data[:http_response_body] = ''
+          mod = true
+        end
+
+        doc = Nokogiri::HTML(data[:http_response_body])
+
+        doc.search('script').each do |script|
+          if script['src'].to_s.match(/\.nuggad\.net/i) || script.content.match(/\.nuggad\.net/i)
+            script.remove
+            mod = true
+          end
+        end
+        data[:http_response_body] = doc.to_s if mod
+        mod
+      end
+    end
+
+    # Plug in to remove the Google Tag Manager
+    class RemoveGoogleTagManager
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, _)
+      end
+
+      # class name
+      PLUGIN_NAME = 'remove_google_tag_manager'
+
+      # Available mod modes
+      MODES = [:response_mod]
+
+      # execute the plug in
+      # removes all scripts where the source or the content matches
+      def plugin(data)
+        mod = false
+
+        #stops loading from specific hosts
+        if data[:http_request_header]['Host'].to_s.match(/googletagservices\.com/i)
+          data[:http_response_body] = ''
+          mod = true
+        end
+
+        doc = Nokogiri::HTML(data[:http_response_body])
+
+        doc.search('script').each do |script|
+          if script['src'].to_s.match(/www\.googletagservices\.com\/tag\/js\/gpt\.js/i) || script.content.match(/googletagservices|googletag/i)
+            script.remove
+            mod = true
+          end
+        end
+        data[:http_response_body] = doc.to_s if mod
+        mod
+      end
+    end
+
+    # Plug in to remove OEWA tracker.
+    class RemoveOewaTracker
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, _)
+      end
+
+      # class name
+      PLUGIN_NAME = 'remove_oewa_tracker'
+
+      # Available mod modes
+      MODES = [:response_mod]
+
+      # execute the plug in
+      # removes all scripts where the source or the content matches
+      def plugin(data)
+        mod = false
+
+        #stops loading from specific host
+        if data[:http_request_header]['Host'].to_s.match(/oewabox\.at/i)
+          data[:http_response_body] = ''
+          mod = true
+        end
+
+        doc = Nokogiri::HTML(data[:http_response_body])
+
+        doc.search('script').each do |script|
+          if script['src'].to_s.match(/oewabox\.at\/oewa\.js/i) || script.content.match(/oewabox\.at\/oewa\.js/i)
+            script.remove
+            mod = true
+          end
+        end
+        data[:http_response_body] = doc.to_s if mod
+        mod
+      end
+    end
+
+    # Plug in to remove the Piwik Tracker
+    class RemovePiwikTracker
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, _)
+      end
+
+      # class name
+      PLUGIN_NAME = 'remove_piwik_tracker'
+
+      # Available mod modes
+      MODES = [:response_mod]
+
+      # execute the plug in
+      # removes all scripts where the source or the content matches
+      def plugin(data)
+        mod = false
+
+        #stops loading from specific host
+        if data[:http_request_header]['Host'].to_s.match(/demo[0-9]+\.piwik\.org/i)
+          data[:http_response_body] = ''
+          mod = true
+        end
+
+        doc = Nokogiri::HTML(data[:http_response_body])
+
+        doc.search('script').each do |script|
+          if script['src'].to_s.match(/piwik\.js/i) || script.content.match(/piwik\.js/i)
+            script.remove
+            mod = true
+          end
+        end
+        data[:http_response_body] = doc.to_s if mod
+        mod
+      end
+    end
+
+    # Plug in to remove the Google Analytics tracker
+    class RemoveGoogleAnaytics
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, _)
+      end
+
+      # class name
+      PLUGIN_NAME = 'remove_google_analytics'
+
+      # Available mod modes
+      MODES = [:response_mod]
+
+      # execute the plug in
+      # removes all scripts where the source or the content matches
+      def plugin(data)
+        mod = false
+
+        doc = Nokogiri::HTML(data[:http_response_body])
+
+        doc.search('script').each do |script|
+          if script['src'].to_s.match(/\/analytics\.js/i) || script.content.match(/\/analytics\.js/i)
+            script.remove
+            mod = true
+          end
+        end
+        data[:http_response_body] = doc.to_s if mod
+        mod
+      end
+    end
+
+    # Plug in to remove the ioam.de tracker.
+    class RemoveIoam
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, _)
+      end
+
+      # class name
+      PLUGIN_NAME = 'remove_ioam'
+
+      # Available mod modes
+      MODES = [:response_mod]
+
+      # execute the plug in
+      # removes all scripts where the source or the content matches
+      def plugin(data)
+        mod = false
+
+        #stops loading from specific host
+        if data[:http_request_header]['Host'].to_s.match(/script\.ioam.de/i)
+          data[:http_response_body] = ''
+          mod = true
+        end
+
+        doc = Nokogiri::HTML(data[:http_response_body])
+
+        doc.search('script').each do |script|
+          if script['src'].to_s.match(/script\.ioam.de\/iam\.js/i) || script.content.match(/ioam.de\/iam\.js/i)
+            script.remove
+            mod = true
+          end
+        end
+        data[:http_response_body] = doc.to_s if mod
+        mod
+      end
+    end
+
+    # Plug in to remove the Webtrekk Tracker
+    class RemoveWebtrekk# Constructor
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, _)
+      end
+
+      # class name
+      PLUGIN_NAME = 'remove_webtrekk'
+
+      # Available mod modes
+      MODES = [:response_mod]
+
+      # execute the plug in
+      # removes all scripts where the source or the content matches
+      def plugin(data)
+        mod = false
+        doc = Nokogiri::HTML(data[:http_response_body])
+
+        doc.search('script').each do |script|
+          if script['src'].to_s.match(/webtrekk[\S]*\.js/i) || script.content.match(/webtrekk[\S]*\.js/i)
+            script.remove
+            mod = true
+          end
+        end
+        data[:http_response_body] = doc.to_s if mod
+        mod
+      end
+    end
+
+    # Plug in to remove the Visual Revenue Tracker
+    class RemoveVisualRevenue
+      # Constructor
+      # +mode+:: resp or req mod
+      # +parameters+:: All parameters given in the configuration file
+      def initialize(_, _)
+      end
+
+      # class name
+      PLUGIN_NAME = 'remove_visual_revenue'
+
+      # Available mod modes
+      MODES = [:response_mod]
+
+      # execute the plug in
+      # removes all scripts where the source or the content matches
+      def plugin(data)
+        mod = false
+        doc = Nokogiri::HTML(data[:http_response_body])
+
+        doc.search('script').each do |script|
+          if script['src'].to_s.match(/visualrevenue\.com\/vrs\.js/i) || script.content.match(/visualrevenue\.com\/vrs\.js/i)
+            script.remove
+            mod = true
+          end
+        end
+        data[:http_response_body] = doc.to_s if mod
+        mod
+      end
+    end
+  end
+end