+
+79) Evaluate pcre alternatives.
+
+80) Change FEATURE_EXTENDED_HOST_PATTERNS to support both
+ extended and vanilla host patterns at the same time.
+
+ Note that the requirement is to allow the user to decide
+ if the domain pattern should be interpreted as regex or
+ traditional host pattern and if it's not obvious that the
+ user made any decision, default to the latter.
+
+ Possible solutions would be:
+
+ 1. An always-use-regex-domain-patterns config option
+ 2. An enable-regex-domain-patterns-for-this-action-file option
+ 3. An enable-regex-domain-patterns-for-this-action-file-until-the-user-says-otherwise option
+ 4. A treat-the-domain-pattern-in-this-line-as-regex(-or-not) option
+ 5. Combinations of the options above
+
+ With 2+4, 3+4 or 2+3+4 being the preferences until
+ further discussion.
+
+82) Detect if the system time goes back in time let the user
+ know if it caused any connections to get closed.
+
+84) Flesh out the user-manual delivery to serve pages from
+ other directories, too.
+
+85) Once #84 is done, write a script that populates a directory with
+ various common third-party icons (stumbleupon.png, facebook.png ...)
+ and redirect requests for them to Privoxy.
+
+86) Add a server-body-tagger action. This is trivial as as all the
+ functionality required to do it already exists.
+
+87) Add a client-body-tagger action. This is less trivial as we currently
+ don't buffer client bodies. After 14) is implemented it would be
+ trivial, though.
+
+88) Investigate if there's a Perl module that Privoxy-Regression-Test
+ could optionally use to keep connections alive, preferably while
+ requiring less forks at the same time.
+
+89) When multiple block actions apply, consider showing all the block
+ reasons on the blocked page that haven't been overruled, not just
+ the last one.
+
+91) Add an optional limit for internal redirects. It would probably
+ be reasonable to default to a limit of one and showing an error
+ message if the request for the redirect URL would be redirected
+ again.
+
+92) The statistics currently aren't calculated correctly by Privoxy
+ as each thread is only counted as one request which is no longer
+ correct. This should be fixed, or the statistic code removed.
+ Privoxy-Log-Parser's provides more detailed statistics, anyway.
+
+93) Add a config directive to let Privoxy explicitly request either
+ IPv4 (or IPv6) addresses, even if the system supports both.
+ Could be useful as a workaround for misconfigured setups where the
+ libc returns IPv6 addresses even if there's no IPv6 connectivity.
+
+94) Add a config directive to let Privoxy prefer either IPv4 (or IPv6)
+ addresses, instead of trusting the libc to return them in an order
+ that makes sense. Like #93, this could be useful as a workaround
+ for misconfigured setups.
+
+95) Support a non-standard client header in CONNECT requests that
+ contains the URL of the requested resource, which is then treated
+ like the request URL.
+
+ This way the client could opt-in for path-based blocking of https
+ requests. Given that the headers from the CONNECT request aren't
+ forwarded to the destination server, an unencrypted URL should be
+ acceptable if the client and Privoxy are running on the same system
+ or in a trusted environment.
+
+96) Filters should be easier to look up. Currently get_filter() has to
+ go through all filters and skip the filter types the caller isn't
+ interested in.
+
+98) When showing action section on the CGI pages, properly escape
+ line breaks so they can be copy&pasted into action files without
+ adjustments.
+
+99) Figure out a mechanism through which a user can easily enable
+ site-specific action sections that are too aggressive to be
+ enabled by default. This could be similar to the presettings
+ in default.action, but could also be just another action file
+ that isn't used by default.
+
+100) Create a cross-platform Privoxy control program and retire
+ the win32 GUI. Integrate support for Privoxy-Regression-Test,
+ Privoxy-Log-Parser, Privoxy-Filter-Test, uagen and similar tools.
+
+102) Add an include directive to split the config file into several parts.
+
+103) Potential performance improvement for large action files:
+ when figuring out which actions apply, check the action bit mask
+ before pattern matching and skip section that wouldn't modify the
+ actions already set. To increase the impact the sections would have
+ to be applied in reverse.
+
+104) The code to modify global_toggle_state should be factored out into
+ a separate function. Currently we mess with it in three different
+ files, but only in w32log.c the tray icon is explicitly set.
+ The logging is inconsistent as well. For details see #3525694.
+
+105) Add support for socks authentication.
+
+106) actionlist.h should be embedded in a way that causes less text
+ segment bloat.
+
+107) Support more pcrs variables, for example $destination-ip-address
+ and $source-ip-address.
+
+108) Allow to use a somewhat random string instead of PRIVOXY-FORCE.
+
+109) Let log_error() support the format specifier %S which should
+ work like %s but escape new lines like %N. This would be useful
+ to log the result of header filters which may inject new lines.
+
+110) Add a global-buffer-limit directive that roughly limits how
+ much malloc'ed memory Privoxy will use and can potentially
+ be smaller than (buffer-limit * max-client-connections).
+
+111) Reject requests if hosts and ports in request line and Host
+ header don't match (before filters have been applied).
+
+112) If a header filter is used to inject another header by inserting
+ a \r\n (undocumented feature), detect it and split the headers so
+ following header actions do not treat them as a single string.
+ Alternatively add another header injection mechanism.
+
+113) Log statistics upon receiving a certain signal (SIGINFO or SIGUSR1).
+
+114) Properly deal with status code 100. The current "Continue hack"
+ can cause problems for gpg when uploading keys through Privoxy.
+
+115) Add ICAP (RFC 3507) support. FR #3615158.
+
+116) Due to the use of sscanf(), Privoxy currently will fail to properly
+ parse chunks whose size can't be represented with 32 bit. This is
+ unlikely to cause problems in the real world, but should eventually
+ be fixed anyway. See also:
+ https://bugzilla.mozilla.org/show_bug.cgi?id=959100
+
+117) Dynamic variables are documented poorly.
+
+118) There should be "escaped" dynamic variables that are guaranteed
+ not to break filters.
+
+119) Evaluate using pcre's jit mode.
+
+120) Add an option to limit pcre's recursion limit below the default.
+ On some platforms the recursion limit doesn't prevent pcre from
+ running out of stack space, causing the kernel to kill Privoxy
+ ungracefully.
+
+121) Add HTTP/2 support. As a first step, incomming HTTP/1.x requests
+ should be translated to outgoing HTTP/2 requests where possible
+ (and if desired by the user).
+
+122) Allow customized log messages.