0xD Presents bitFilter 1.0

bitFilter 1.0

bitFilter.com

Copyright © 2003-2006 Frank Pelliccio

bitFilter is an ISAPI filter for IIS that performs three functions :

Masks Email addresses to protect from email address harvesting
Compresses whitespace to eliminate unnecessary bandwidth usage
GZIP compresses response data to further reduce bandwidth

Email Masking

bitFilter was primarily designed to mask email addresses in web pages. When the filter encounters email addresses in the response body of an HTTP request, it performs some checks, and masks the email address accordingly.

Plain Text Email Addresses

bitFilter will mask all email addresses it finds in HTML tags with the exception of <TEXTAREA>, and <A> tags. When it finds a plain text email address in the page content, it replaces all "@" characters with the text " (at) " and all "." characters with the text " (dot) ". It then replaces all of the remaining characters with their HTML ASCII entity equivalents, which all modern browsers support. For example, if the address "email@domain.com" is encountered in a plain-text area, the filter converts it first into "email (at) domain (dot) com", then translates each character into its ASCII entity equivalent. This results in the original string being replaced with :

email (at) domain (dot) com

If bitFilter finds an email address anywhere within <TEXTAREA> and </TEXTAREA> tags, it will only perform the entity translation, but otherwise leaves the original email address in tact.

Email Addresses in <A> Tags Containing a MAILTO HREF

When bitFilter finds at least one email address in the response body that is a MAILTO HREF, a unique per-request javascript function is added to the page, and the email address is encoded by replacing all "." characters with "*" and the "@" with "^". Each MAILTO tag is then replaced with a link to the javascript function, passing the encoded version of the original MAILTO email address as a parameter. When the link is clicked, the email address is decoded, and the browser then navigates to a newly constructed MAILTO HREF with the decoded email address.

Whitespace Compression

The filter is capable of removing unnecessary whitespace from a page. It typically reduces page sizes between 5 and 15%. There are two whitespace compression algorithms available - FAST and SMART. The FAST method tends to be more than 50% faster than the SMART method. FAST mode also tends to be better suited for XML and Javascript, as there are no special whitespace compression rules...

FAST Whitespace Compression

In FAST compression mode, bitFilter blindly removes unneccessary whitespace [characters 9 [tab], 13 [cr], 32 [space], and all double-whitespace combinations], preserving only single spaces, and LF's preceeding textual data. It will remove extra LF's between HTML start and end tags.

In FAST mode, bitFIlter converts this input text :

<html>
	<body>
		<textarea>This
is
a
test</textarea>
		<b>
			this
			is
			also
			a
			test
		</b>
		<a href="http://bitFilter.com">
			<b>bitFilter.com</b>
		</a>
	</body>
</html>

into this output :

<html> <body> <textarea>This
is
a
test</textarea> <b>
this
is
also
a
test </b> <a href="http://bitFilter.com"> <b>bitFilter.com</b> </a> </body> </html>

SMART Whitespace Compression

In SMART whitespace compression mode, bitFilter is mindful to preserve whitespace in any HTML tags' parameters, and any whitespace it finds within <PRE> to </PRE>, <TEXTAREA> to </TEXTAREA>, and <SCRIPT> to </SCRIPT> tags.

In SMART mode, the above input text gets translated into :

<html> <body> <textarea>This
is
a
test</textarea> <b> this is also a test </b> <a href="http://bitFilter.com"> <b>bitFilter.com</b> </a> </body> </html>

It is possible [although not necessarily recommended] to add or remove Whitespace Rules by modifying the registry at :

HKEY_LOCAL_MACHINE\SOFTWARE\0xD\bitFilter\WhitespaceRules

Each new Whitespace Rule should be numbered sequentially with NO GAPS between numbers, starting at 1 :

HKEY_LOCAL_MACHINE\SOFTWARE\0xD\bitFilter\WhitespaceRules\1
HKEY_LOCAL_MACHINE\SOFTWARE\0xD\bitFilter\WhitespaceRules\2
.
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\0xD\bitFilter\WhitespaceRules\n

Each numeric subkey must contain two string values :

Open
Close

These string values represent the opening and closing tokens to bypass when encountered during whitespace processing.

On additional setting related to whitespace compression relates to the way that spaces between HTML tags are handled. Most web browsers respect whitespace that is found between two disparate HTML tags. By default, so does bitFilter. But with certain MIME types, it may be desirable to further strip any whitespace between ">" and "<" tags, as is the case with XML. SInce an XML parser will ignore the whitespace between tags, there is no reason to send it to the client. If stripping the whitespace between HTML tag is preferrable in a particular application or web page, it can be activated by either setting the "INNER" option using the BFCM program, or by specifying the "innertags" header option.

GZIP Compression

When an HTTP request specifies in its Accept-Encoding header that it is capable of handling GZIP responses, bitFilter compresses the response. It is also careful to add a VARY tag to accomodate proxy caching issues, where necessary.

bitFilter Configuration

Using BFCM.exe [bitFilter Configuration Manager], it is simple to manage bitFilter's settings. The global settings affect all requests, and are used to disable certain features, regardless of the settings of any particular MIME types. The configuration manager allows managing the settings for individual MIME types. By default, bitFilter will not handle any requests for which it does not have a MIME setting. For instance, if a setting does not exist for a MIME type of audio/mp3, then the filter will bypass handling of that MIME type.

Live Options using the X-bitFilter Response Header

Every response can be individually tailored to set any of the options by sending a custom X-bitFilter header. The values are not case sensitive, and should be separated by a comma. Possible values are :

NOFILTER
bypass bitFilter's processing of this response

NOEMAIL
do not mask email addresses in this response

NOCOMPRESS
do not GZIP compress this response

NOWHITESPACE
do not compress the whitespace in this response

INNERTAGS
compress additional whitespace found between ">" and "<" tags in the response payload

DEBUG
append a comment at the end of the response body displaying the current options

If the global or MIME-specific setting suppresses a certain feature, then the X-bitFilter header will have no effect.

Managing Individual Website Domains on a Shared Virtual Host

Although bitFilter does not intrinsically support individual "Host:" header configuration options at this time, one way to implement the equivalent of individual domain handling options is to enforce a custom header using the website's property pages under the "HTTP Headers" tab in IIS's website configuration manager. By setting-up a "X-bitFilter" header with the desired global options for that domain, each domain on a single server can enforce their own bitFilter settings.

Interaction with different HTTP Response Conditions

Obviously, bitFilter processes requests where the HTTP status is reported as 200 [OK]. It also handles 100 [Continue] status, which is returned during a POST, letting the client know it is OK to send the request payload.

bitFilter will bypass processing of *any* response that contains either a Content-Length: 0 header, or a response which omits a Content-Length header. Additionally, bitFilter generates its own Connection: Close and Content-Length: 0 response headers when it encounters a 204 [No Data] HTTP response. This is because bitFilter requires a known Content-Length to properly process its filtered response.

DEBUG Options

bitFilter can provide debugging information for each request. By adding the DEBUG option to a response's X-bitFilter header, the filter will append an HTML comment to the end of the response, and add a X-bitFilter-Debug response header. The HTML comment contains the following information :

EMAIL

ON / OFF
Email masking is enabled

WHITESPACE

OFF or FAST / SMART
Whitespace compression method, if enabled

INNERTAGS

ON / OFF
InnerTags option is enabled

COMPRESSION

ON / OFF
GZIP compression is enabled

The X-bitFilter-Debug header contains the following information :

Original
The original size of the response data in bytes

Whitespace
The size of the response data after applying Whitespace Compression.
[Returns 0 if Whitespace compression is disabled]

GZIP
The size of the response data after applying GZIP compression.
[Returns 0 if GZIP compression is disabled]

PreProc
Total time pre-processing of the request took in milliseconds.
[This should *usually* be 0.00]

LocateTokens
Total time the filter took to locate all HTML tokens.
[Returns 0.00 if SMART Whitespace compression is disabled]

Email
Total time the filter took to process and mask all email addresses.
[Returns 0.00 if Email masking is disabled]

GZIP
Total time GZIP compression took.
[Returns 0.00 if GZIP compression is disabled]

Whitespace
Total time to perform Whitespace compression.
[Returns 0.00 is Whitespace compression is disabled]

Total
Total aggregate processing time.

Compatibility

This ISAPI filter was written with IIS 5 in mind. It has only been tested on Windows 2000 Server and Windows XP Professional. It *may* work with other platforms, but bear in mind that it has not been confirmed to work with any webservers other than 5, and 5.1. Installing bitFilter on IIS6 will most likely require that IIS 5 compatibility mode be set for the filter to function properly.

This filter does not work as a global ISAPI filter. It needs to be individually installed for any website that requires it.

Installation

First, enter the registry data the bitFilter requires by double-clicking on the bitFilter.reg file that should have accompanied this package. Then, the filter can be installed for any website in an IIS installation using the MMC manager. Once the ISAPI filter has been specified for a website, it's ready to go...That's it.

Before setting-up any websites to use bitFilter, it may be a good idea to configure it, using the BFCM.exe program. This step is optional.

Warranty

While this application is presumed to be free of defects, and is hopefully stable, the author makes no guarantees as to its fitness for any particular purpose, and will not be held liable for any damages caused either directly or indirectly from the use or misuse of the bitFilter software. Use this application at your own risk. Thorough testing of this ISAPI filter in a controlled environment is recommended prior to launching it on any live server.

If you have any questions, comments, bug reports, or want to send large monetary gifts to the author, please feel free to do so at :

Enjoy!

info (at) 0xD (dot) com
Frank Pelliccio

0xD media / design / development

Last Updated 10.28.06