+152) Fix CSS references in the website documentation.
+ For many pages p_doc.css is specified twice using different paths.
+ Usually at least one works, but not all of them do and the
+ duplicated requests are pointless even if they don't end up with
+ a 404.
+
+153) Catch SIGINT and use it to close the listen socket, serve
+ remaining connections and shut down. This would allow higher
+ uptime and make testing more convenient.
+
+154) Underline links in docs and cgi pages. More precisely,
+ don't mess with the browser defaults for link underlining.
+
+155) The sig_handler() shouldn't call log_error().
+ While it isn't known to cause actual problems in normal operation,
+ it's technically incorrect and causes crashes when running in
+ valgrind.
+
+156) Reject socks requests with an explicit error message similar
+ to the one used for ftp. Motivation:
+ https://lists.privoxy.org/pipermail/privoxy-users/2017-March/000195.html
+
+158) Use a single thread to wait for new requests on reused client connections.
+ Currently the thread that handles the first request on a connection
+ stays responsible for the client connect until it gets closed.
+ In case of lots of idle connections lots of waiting threads are used.
+ While it's conceivable that this ineffiency is irrelevant from a
+ performance point of view, using a single thread should reduce Privoxy's
+ memory footprint a bit which may be noticeable in case of multi-user setups
+ with hundreds of idle connections.
+
+161) Properly support requests with chunked transfer-encoding with https inspection.
+
+162) When https inspecting, delete generated keys and certificates if
+ the connection to the destination could not be established.
+ Makes silly DoS attacks slightly more complicated.
+
+163) Use subdirectories in the certificate-directory to lower the number
+ of files per directory.
+
+164) Evaluate switching from pcreposix(3) to pcre's native api
+ for URL matching which allows to compile the patterns once
+ at load-time.
+
+165) Add a max-connections-per-client directive.
+
+166) Figure out how to ship Windows binaries with external libraries
+ like pcre and MbedTLS. Required for #142. Somewhat related:
+ https://lists.privoxy.org/pipermail/privoxy-devel/2020-November/000400.html
+
+167) Set up a public Privoxy-Filter-Test instance.
+
+168) Add a privacy policy.
+
+169) Preserve all relevant copyright and license statements in binary
+ packages we distribute.
+
+170) Serve the ca-cert-file through the CGI interface so client's
+ can conveniently import it (insecurely).
+
+171) Create a "view page using Privoxy" website where users can input
+ an URL and get a screenshot of a browser fetching the URL
+ through Privoxy.
+
+172) Create a public git repository for Privoxy-Filter-Test.
+
+173) Document Privoxy's governance model.
+
+174) Let the Tor Onion Service for the privoxy website
+ serve gitweb and the git repository as well.
+
+175) Add more screenshots to the documentation and website.
+
+176) Find a new fiduciary sponsor as a replacement for Zwiebelfreunde e.V.,
+ so that we can continue to receive tax-deductible donations in Europe.
+
+177) Support https-inspection for intercepted requests.
+
+178) Warn on http://config.privoxy.org/client-tags if a Tag name
+ has't at least one matching action section.
+
+179) Add a add-server-header{} action to add headers to the response
+ sent to the client (including responses generated by Privoxy itself).
+
+180) Add support for GnuTLS.
+
+181) Allow to upgrade an http request to https behind the
+ client's back using a client-header filter.
+
+182) Before enforcing the client-header-order, check that the
+ client headers actually need sorting. Should reduce log
+ messages and memory allocations.
+
+183) Properly deal with proxy responses that arrive in multiple pieces
+ when https inspecting while using a forwarding proxy.
+
+184) Add support for wolfSSL. Work in progress, expected to be
+ committed after the 3.0.30 release.
+
+185) The mbedTLS and OpenSSL version of generate_host_certificate()
+ should only be called when necessary and the check should be
+ done without holding the certificate mutex.
+