There are many improvements and new features since Privoxy 3.0.8, the last stable release:
Added SOCKS5 support (with address resolution done by the SOCKS5 server). Patch provided by Eric M. Hopper.
The "blocked" CGI pages include a block reason that was provided as argument to the last-applying block action.
If enable-edit-actions is disabled (the default since 3.0.7 beta) the show-status page hides the edit buttons and explains why. Previously the user would get the "this feature has been disabled" message after using the edit button.
Forbidden CONNECT requests are treated like blocks by default. The now-pointless treat-forbidden-connects-like-blocks action has been removed.
Not enabling limit-connect now allows CONNECT requests to all ports. In previous versions it would only allow CONNECT requests to port 443. Use +limit-connect{443} if you think you need the old default behaviour.
The CGI editor gets turned off after three edit requests with invalid file modification timestamps. This makes life harder for attackers who can leverage browser bugs to send fake Referers and intend to brute-force edit URLs.
Action settings for multiple patterns in the same section are shared in memory. As a result these sections take up less space (and are loaded slightly faster). Problem reported by Franz Schwartau.
Linear white space in HTTP headers will be normalized to single spaces before parsing the header's content, headers split across multiple lines get merged first.
Host information is gathered outside the main thread so it's less likely to delay other incoming connections if the host is misconfigured.
New config option "hostname" to use a hostname other than the one returned by the operating system. Useful to speed-up responses for CGI requests on misconfigured systems. Requested by Max Khon.
The CGI editor supports the "disable all filters of this type" directives "-client-header-filter", "-server-header-filter", "-client-header-tagger" and "-server-header-tagger".
Fixed false-positives with the link-by-url filter and URLs that contain the pattern "/jump/".
The less-download-windows filter no longer messes "Content-Type: application/x-shockwave-flash" headers up.
In the show-url-info page's "Final results" section active and inactive actions are listed separately. Patch provided by Lee.
The GNUmakefile supports the DESTDIR variable. Patch for the install target submitted by Radoslaw Zielinski.
Embedding the content of configuration files in the show-status page is significantly faster now. For a largish action file (1 MB) a speedup of about 2450 times has been measured. This is mostly interesting if you are using large action files or regularly use Privoxy-Regression-Test while running Privoxy through Valgrind, for stock configuration files it doesn't really matter.
If zlib support is unavailable and there are content filters active but the prevent-compression action is disabled, the show-url-info page includes a warning that compression might prevent filtering.
The show-url-info page provides an OpenSearch Description that allows to access the page through browser search plugins.
The obsolete kill-popups action has been removed as the PCRS-based popup filters can do the same and are slightly less unreliable.
The inspect-jpegs action has been removed.
The send-wafer and send-vanilla-wafer actions have been removed. They weren't particular useful and their behaviour could be emulated with add-header anyway.
Privoxy-Regression-Test has been significantly improved.
Most sections in the default.action file contain tests for Privoxy-Regression-Test to verify that they are working as intended.
Parts of Privoxy have been refactored to increase maintainability.
Building with zlib (if available) is done by default.
For a more detailed list of changes please have a look at the ChangeLog.
A quick list of things to be aware of before upgrading from earlier versions of Privoxy:
The recommended way to upgrade Privoxy is to backup your old configuration files, install the new ones, verify that Privoxy is working correctly and finally merge back your changes using diff and maybe patch.
There are a number of new features in each Privoxy release and most of them have to be explicitly enabled in the configuration files. Old configuration files obviously don't do that and due to syntax changes using old configuration files with a new Privoxy isn't always possible anyway.
Note that some installers remove earlier versions completely, including configuration files, therefore you should really save any important configuration files!
On the other hand, other installers don't overwrite existing configuration files, thinking you will want to do that yourself.
standard.action now only includes the enabled actions. Not all actions as before.
In the default configuration only fatal errors are logged now. You can change that in the debug section of the configuration file. You may also want to enable more verbose logging until you verified that the new Privoxy version is working as expected.
Three other config file settings are now off by default: enable-remote-toggle, enable-remote-http-toggle, and enable-edit-actions. If you use or want these, you will need to explicitly enable them, and be aware of the security issues involved.
The "filter-client-headers" and "filter-server-headers" actions that were introduced with Privoxy 3.0.5 to apply content filters to the headers have been removed and replaced with new actions. See the What's New section above.