+</variablelist>
+</sect3>
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect4" id="limit-connect">
+<title><emphasis>+limit-connect</emphasis></title>
+
+<variablelist>
+ <varlistentry>
+ <term>Type:</term>
+ <!-- Boolean, Parameterized, Multi-value -->
+ <listitem>
+ <para>Parameterized.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Typical uses:</term>
+ <listitem>
+ <para>
+ By default, <application>Privoxy</application> only allows HTTP CONNECT
+ requests to port 443 (the standard, secure HTTPS port). Use
+ <quote>+limit-connect</quote> to disable this altogether, or to allow
+ more ports.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Possible values:</term>
+ <listitem>
+ <para>
+ Any valid port number, or port number range.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Example usages:</term>
+ <listitem>
+ <!-- I had trouble getting the spacing to look right in my browser -->
+ <!-- I probably have the wrong font setup, bollocks. -->
+ <!-- Apparently the emphasis tag uses a proportional font no matter what -->
+ <literallayout>
+ <emphasis>+limit-connect{443}</emphasis> # This is the default and need not be specified.
+ <emphasis>+limit-connect{80,443}</emphasis> # Ports 80 and 443 are OK.
+ <emphasis>+limit-connect{-3, 7, 20-100, 500-}</emphasis> # Port less than 3, 7, 20 to 100 and above 500 are OK.
+ </literallayout>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Notes:</term>
+ <listitem>
+ <para>
+ The CONNECT methods exists in HTTP to allow access to secure websites
+ (https:// URLs) through proxies. It works very simply: the proxy connects
+ to the server on the specified port, and then short-circuits its
+ connections to the client <emphasis>and</emphasis> to the remote proxy.
+ This can be a big security hole, since CONNECT-enabled proxies can be
+ abused as TCP relays very easily.
+ </para>
+ <para>
+ If you want to allow CONNECT for more ports than this, or want to forbid
+ CONNECT altogether, you can specify a comma separated list of ports and
+ port ranges (the latter using dashes, with the minimum defaulting to 0 and
+ max to 65K).
+ </para>
+ <para>
+ If you don't know what any of this means, there probably is no reason to
+ change this one.
+ </para>
+ </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect4" id="prevent-compression">
+<title><emphasis>+prevent-compression</emphasis></title>
+
+<variablelist>
+ <varlistentry>
+ <term>Type:</term>
+ <!-- Boolean, Parameterized, Multi-value -->
+ <listitem>
+ <para>Boolean.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Typical uses:</term>
+ <listitem>
+ <para>
+ Prevent the specified websites from compressing HTTP data.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Possible values:</term>
+ <listitem>
+ <para>
+ N/A
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Example usage:</term>
+ <listitem>
+ <literallayout>
+ <emphasis>{+prevent-compression}</emphasis>
+ <emphasis>.example.com</emphasis>
+ </literallayout>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Notes:</term>
+ <listitem>
+ <para>
+ Some websites do this, which can be a problem for
+ <application>Privoxy</application>, since
+ <ulink url="actions-file.html#FILTER"><quote>+filter</quote></ulink>,
+ <ulink url="actions-file.html#KILL-POPUPS"><quote>+kill-popups</quote></ulink>
+ and <ulink
+ url="actions-file.html#GIF-DEANIMATE"><quote>+gif-deanimate</quote></ulink>
+ will not work on compressed data. This will slow down connections to those
+ websites, though. Default typically is to turn
+ <quote>prevent-compression</quote> on.
+ </para>
+ </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect4" id="session-cookies-only">
+<title><emphasis>+session-cookies-only</emphasis></title>
+
+<variablelist>
+ <varlistentry>
+ <term>Type:</term>
+ <!-- Boolean, Parameterized, Multi-value -->
+ <listitem>
+ <para>Boolean.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Typical uses:</term>
+ <listitem>
+ <para>
+ Allow cookies for the current browser session <emphasis>only</emphasis>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Possible values:</term>
+ <listitem>
+ <para>
+ N/A
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Example usage (disabling):</term>
+ <listitem>
+ <literallayout>
+ <emphasis>{-session-cookies-only}</emphasis>
+ <emphasis>.example.com</emphasis>
+ </literallayout>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Notes:</term>
+ <listitem>
+ <para>
+ If websites set cookies, <quote>+session-cookies-only</quote> will make sure
+ they are erased when you exit and restart your web browser. This makes
+ profiling cookies useless, but won't break sites which require cookies so
+ that you can log in for transactions. This is generally turned on for all
+ sites, and is the recommended setting.
+ </para>
+ <para>
+ <quote>+prevent-*-cookies</quote> actions should be turned off as well (see
+ below), for <quote>+session-cookies-only</quote> to work. Or, else no cookies
+ will get through at all. For, <quote>persistent</quote> cookies that survive
+ across browser sessions, see below as well.
+ </para>
+ </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect4" id="prevent-reading-cookies">
+<title><emphasis>+prevent-reading-cookies</emphasis></title>
+
+<variablelist>
+ <varlistentry>
+ <term>Type:</term>
+ <!-- Boolean, Parameterized, Multi-value -->
+ <listitem>
+ <para>Boolean.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Typical uses:</term>
+ <listitem>
+ <para>
+ Explicitly prevent the web server from reading any cookies on your
+ system.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Possible values:</term>
+ <listitem>
+ <para>
+ N/A
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Example usage:</term>
+ <listitem>
+ <literallayout>
+ <emphasis>{+prevent-reading-cookies}</emphasis>
+ <emphasis>.example.com</emphasis>
+ </literallayout>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Notes:</term>
+ <listitem>
+ <para>
+ Often used in conjunction with <quote>+prevent-setting-cookies</quote> to
+ disable cookies completely. Note that
+ <ulink url="actions-file.html#SESSION-COOKIES-ONLY"><quote>+session-cookies-only</quote></ulink>
+ requires these to both be disabled (or else it never gets any cookies to cache).
+ </para>
+ <para>
+ For <quote>persistent</quote> cookies to work (i.e. they survive across browser
+ sessions and reboots), all three cookie settings should be <quote>off</quote>
+ for the specified sites.
+ </para>
+ </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect4" id="prevent-setting-cookies">
+<title><emphasis>+prevent-setting-cookies</emphasis></title>
+
+<variablelist>
+ <varlistentry>
+ <term>Type:</term>
+ <!-- Boolean, Parameterized, Multi-value -->
+ <listitem>
+ <para>Boolean.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Typical uses:</term>
+ <listitem>
+ <para>
+ Explicitly block the web server from storing cookies on your
+ system.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Possible values:</term>
+ <listitem>
+ <para>
+ N/A
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Example usage:</term>
+ <listitem>
+ <literallayout>
+ <emphasis>{+prevent-setting-cookies}</emphasis>
+ <emphasis>.example.com</emphasis>
+ </literallayout>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Notes:</term>
+ <listitem>
+ <para>
+ Often used in conjunction with <quote>+prevent-reading-cookies</quote> to
+ disable cookies completely (see above).
+ </para>
+ </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect4" id="kill-popup">
+<title><emphasis>+kill-popups<anchor id="kill-popups"></emphasis></title>
+<variablelist>
+ <varlistentry>
+ <term>Type:</term>
+ <!-- Boolean, Parameterized, Multi-value -->
+ <listitem>
+ <para>Boolean.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Typical uses:</term>
+ <listitem>
+ <para>
+ Stop those annoying JavaScript pop-up windows!
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Possible values:</term>
+ <listitem>
+ <para>
+ N/A
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Example usage:</term>
+ <listitem>
+ <literallayout>
+ <emphasis>{+kill-popups}</emphasis>
+ <emphasis>.example.com</emphasis>
+ </literallayout>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Notes:</term>
+ <listitem>
+ <para>
+ <quote>+kill-popups</quote> uses a built in filter to disable pop-ups
+ that use the <literal>window.open()</literal> function, etc. This is
+ one of the first actions processed by <application>Privoxy</application>
+ as it contacts the remote web server. This action is not always 100% reliable,
+ and is supplemented by <quote>+filter{<emphasis>popups</emphasis>}</quote>.
+ </para>
+ <!--
+ <para>
+ An alternate spelling is <quote>+kill-popup</quote>, which is
+ interchangeable.
+ </para>
+ -->
+ </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect4" id="send-vanilla-wafer">
+<title><emphasis>+send-vanilla-wafer</emphasis></title>
+
+<variablelist>
+ <varlistentry>
+ <term>Type:</term>
+ <!-- Boolean, Parameterized, Multi-value -->
+ <listitem>
+ <para>Boolean.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Typical uses:</term>
+ <listitem>
+ <para>
+ Sends a cookie for every site stating that you do not accept any copyright
+ on cookies sent to you, and asking them not to track you.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Possible values:</term>
+ <listitem>
+ <para>
+ N/A
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Example usage:</term>
+ <listitem>
+ <literallayout>
+ <emphasis>{+send-vanilla-wafer}</emphasis>
+ <emphasis>.example.com</emphasis>
+ </literallayout>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Notes:</term>
+ <listitem>
+ <para>
+ This action only applies if you are using a <filename>jarfile</filename>
+ for saving cookies. Of course, this is a (relatively) unique header and
+ could conceivably be used to track you.
+ </para>
+ </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect4" id="send-wafer">
+<title><emphasis>+send-wafer</emphasis></title>
+
+<variablelist>
+ <varlistentry>
+ <term>Type:</term>
+ <!-- Boolean, Parameterized, Multi-value -->
+ <listitem>
+ <para>Multi-value.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Typical uses:</term>
+ <listitem>
+ <para>
+ This allows you to send an arbitrary, user definable cookie.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Possible values:</term>
+ <listitem>
+ <para>
+ User specified cookie name and corresponding value.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Example usage:</term>
+ <listitem>
+ <literallayout>
+ <emphasis>{+send-wafer{name=value}}</emphasis>
+ <emphasis>.example.com</emphasis>
+ </literallayout>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Notes:</term>
+ <listitem>
+ <para>
+ This can be specified multiple times in order to add as many cookies as you
+ like.
+ </para>
+ </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3>
+<title>Summary</title>
+<para>
+ Note that many of these actions have the potential to cause a page to
+ misbehave, possibly even not to display at all. There are many ways
+ a site designer may choose to design his site, and what HTTP header
+ content, and other criteria, he may depend on. There is no way to have hard
+ and fast rules for all sites. See the <link
+ linkend="ACTIONSANAT">Appendix</link> for a brief example on troubleshooting
+ actions.
+</para>
+</sect3>
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect2" id="act-examples">
+<title>Sample Actions Files</title>
+<para>
+ Remember that the meaning of any of the above references is reversed by preceding
+ the action with a <quote>-</quote>, in place of the <quote>+</quote>. Also,
+ that some actions are turned on in the default section of the actions file,
+ and require little to no additional configuration. These are just <quote>on</quote>.
+</para>
+
+<para>
+ But, other actions that are turned on in the default section <emphasis>do
+ typically require</emphasis> exceptions to be listed in the latter sections of
+ one of our actions file. For instance, by default no URLs are
+ <quote>blocked</quote> (i.e. in the default definitions of
+ <filename>default.action</filename>). We need exceptions to this in order to
+ <emphasis>enable</emphasis> ad blocking in the lower sections. But we need to
+ be very selective about what we do block. Thus, the default is <quote>off</quote>
+ for blocking.
+</para>
+
+<para>
+ Below is a liberally commented sample <filename>default.action</filename> file
+ to demonstrate how all the pieces come together. And to show how exceptions
+ to the default policies can be handled. This is followed by a brief
+ <filename>user.action</filename> with similar examples.
+</para>
+
+<para>
+ <literal>
+ <msgtext>
+ <literallayout>
+# Sample default.action file <developers@privoxy.org>
+
+# Settings -- Don't change! For internal Privoxy use ONLY.
+{{settings}}
+for-privoxy-version=3.0
+
+
+##########################################################################
+# <ulink url="actions-file.html#ALIASES">Aliases</ulink> must be defined *before* they are used. These are
+# easier to remember, and can combine several actions into one. Once
+# defined they can be used just like any built-in action -- but within
+# this file only! Aliases do not require a + or - sign.
+##########################################################################
+
+# Some useful aliases.
+# Alias to turn off cookie handling, ie allow all cookies unmolested.
+ -prevent-cookies = -prevent-setting-cookies -prevent-reading-cookies \
+ -session-cookies-only
+
+# Alias to both block and treat as if an image for ad blocking
+# purposes.
+ +imageblock = +block +handle-as-image
+
+# Fragile sites should have the minimum changes:
+ fragile = -block -deanimate-gifs -fast-redirects -filter -hide-referer \
+ -prevent-cookies -kill-popups
+
+# Shops should be allowed to set persistent cookies
+ shop = -filter -prevent-cookies -session-cookies-only
+
+
+##########################################################################
+# Begin default action settings. Anything in this section will match
+# all URLs -- UNLESS we have exceptions that also match, defined below this
+# section. We will show all potential actions here whether they are on
+# or off. We could omit any disabled action if we wanted, since all
+# actions are 'off' by default anyway. Shown for completeness only.
+# Actions are enabled if preceded by a '+', otherwise they are disabled
+# (unless an alias has been defined without this).
+##########################################################################
+ { \
+ <ulink url="actions-file.html#ADD-HEADER">-add-header</ulink> \
+ <ulink url="actions-file.html#BLOCK">-block</ulink> \
+ <ulink url="actions-file.html#DEANIMATE-GIFS">-deanimate-gifs</ulink> \
+ <ulink url="actions-file.html#DOWNGRADE-HTTP-VERSION">-downgrade-http-version</ulink> \
+ <ulink url="actions-file.html#FAST-REDIRECTS">+fast-redirects</ulink> \
+ <ulink url="actions-file.html#FILTER-HTML-ANNOYANCES">+filter{html-annoyances}</ulink> \
+ <ulink url="actions-file.html#FILTER-JS-ANNOYANCES">+filter{js-annoyances}</ulink> \
+ <ulink url="actions-file.html#FILTER-CONTENT-COOKIES">-filter{content-cookies}</ulink> \
+ <ulink url="actions-file.html#FILTER-POPUPS">-filter{popups}</ulink> \
+ <ulink url="actions-file.html#FILTER-WEBBUGS">+filter{webbugs}</ulink> \
+ <ulink url="actions-file.html#FILTER-REFRESH-TAGS">-filter{refresh-tags}</ulink> \
+ <ulink url="actions-file.html#FILTER-FUN">-filter{fun}</ulink> \
+ <ulink url="actions-file.html#FILTER-NIMDA">+filter{nimda}</ulink> \
+ <ulink url="actions-file.html#FILTER-BANNERS-BY-SIZE">+filter{banners-by-size}</ulink> \
+ <ulink url="actions-file.html#FILTER-SHOCKWAVE-FLASH">-filter{shockwave-flash}</ulink> \
+ <ulink url="actions-file.html#FILTER-CRUDE-PARENTAL">-filter{crude-prental}</ulink> \
+ <ulink url="actions-file.html#HIDE-FORWARDED-FOR-HEADERS">+hide-forwarded-for-headers</ulink> \
+ <ulink url="actions-file.html#HIDE-FROM-HEADER">+hide-from-header{block}</ulink> \
+ <ulink url="actions-file.html#HIDE-REFERER">-hide-referrer</ulink> \
+ <ulink url="actions-file.html#HIDE-USER-AGENT">-hide-user-agent</ulink> \
+ <ulink url="actions-file.html#HANDLE-AS-IMAGE">-handle-as-image</ulink> \
+ <ulink url="actions-file.html#SET-IMAGE-BLOCKER">+set-image-blocker{pattern}</ulink> \
+ <ulink url="actions-file.html#LIMIT-CONNECT">-limit-connect</ulink> \
+ <ulink url="actions-file.html#PREVENT-COMPRESSION">+prevent-compression</ulink> \
+ <ulink url="actions-file.html#SESSION-COOKIES-ONLY">-session-cookies-only</ulink> \
+ <ulink url="actions-file.html#PREVENT-READING-COOKIES">-prevent-reading-cookies</ulink> \
+ <ulink url="actions-file.html#PREVENT-SETTING-COOKIES">-prevent-setting-cookies</ulink> \
+ <ulink url="actions-file.html#KILL-POPUPS">-kill-popups</ulink> \
+ <ulink url="actions-file.html#SEND-VANILLA-WAFER">-send-vanilla-wafer</ulink> \
+ <ulink url="actions-file.html#SEND-WAFER">-send-wafer</ulink> \
+ }
+ / # forward slash will match *all* potential URL patterns.
+
+##########################################################################
+# Default behavior is now set. Now we will define some exceptions to our
+# default action policies.
+##########################################################################
+
+# These sites are very complex and require very minimal interference.
+# We'll disable most actions with our 'fragile' alias:
+ { fragile }
+ .office.microsoft.com # surprise, surprise!
+ .windowsupdate.microsoft.com
+
+
+# Shopping sites - not as fragile but require some special
+# handling. We still want to block ads, and we will allow
+# persistant cookies via the 'shop' alias:
+ { shop }
+ .quietpc.com
+ .worldpay.com # for quietpc.com
+ .jungle.com
+ .scan.co.uk
+
+
+# These sites require pop-ups too :( We'll combine our 'shop'
+# alias with two other actions into one rule to allow all popups.
+ { shop <ulink url="actions-file.html#KILL-POPUPS">-kill-popups</ulink> <ulink url="actions-file.html#FILTER-POPUPS">-filter{popups}</ulink> }
+ .dabs.com
+ .overclockers.co.uk
+
+
+# The 'Fast-redirects' action breaks some sites. Disable this action
+# for these known sensitive sites:
+ { <ulink url="actions-file.html#FAST-REDIRECTS">-fast-redirects</ulink> }
+ login.yahoo.com
+ edit.europe.yahoo.com
+ .google.com
+ .altavista.com/.*(like|url|link):http
+ .altavista.com/trans.*urltext=http
+ .nytimes.com
+
+
+# Define which file types will be treated as images. Important
+# for ad blocking.
+ { <ulink url="actions-file.html#HANDLE-AS-IMAGE">+handle-as-image</ulink> }
+ /.*\.(gif|jpe?g|png|bmp|ico)
+
+
+# Now lets list some domains that are known ad generators. And
+# our alias that we use here will block these as well as force
+# them to be treated as images. This combination of actions is
+# important for ad blocking. What the browser will show instead is
+# determined by the setting of <ulink url="actions-file.html#SET-IMAGE-BLOCKER"><quote>+set-image-blocker</quote></ulink>
+ { +imageblock }
+ ar.atwola.com
+ .ad.doubleclick.net
+ .a.yimg.com/(?:(?!/i/).)*$
+ .a[0-9].yimg.com/(?:(?!/i/).)*$
+ bs*.gsanet.com
+ bs*.einets.com
+ .qkimg.net
+ ad.*.doubleclick.net
+
+
+# These will just simply be blocked. They will generate the BLOCKED
+# banner page, if matched. Heavy use of wildcards and regular
+# expressions in this example. Enable block action:
+ { <ulink url="actions-file.html#BLOCK">+block</ulink> }
+ ad*.
+ .*ads.
+ banner?.
+ count*.
+ /.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?)
+ /(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/
+ .hitbox.com
+
+
+# The above block section will probably inadvertantly catch some
+# sites we DO NOT want blocked via the wildcards and regular expressions.
+# Now let's set exceptions to the exceptions so the good guys get better
+# treatment. Disable block action:
+ { <ulink url="actions-file.html#BLOCK">-block</ulink> }
+ advogato.org
+ adsl.
+ ad[ud]*.
+ advice.
+# Let's just trust all .edu top level domains.
+ .edu
+ www.ugu.com/sui/ugu/adv
+# We'll need to access to path names containing 'download'
+ .*downloads.
+ /downloads/
+# 'adv' is for globalintersec and means advanced, not advertisement
+ www.globalintersec.com/adv
+
+
+# Don't filter *anything* from our friends at sourceforge.
+# Notice we don't have to name the individual filter
+# identifiers -- we just turn them all off in one fell swoop.
+# Disable all filters for this one site:
+ { <ulink url="actions-file.html#FILTER">-filter</ulink> }
+ .sourceforge.net
+ </literallayout>
+ </msgtext>
+ </literal>
+</para>
+
+<para>
+ So far we are painting with a broad brush by setting general policies.
+ The above would be a reasonable starting point for many situations. Now,
+ we want to be more specific and have customized rules that are more suitable
+ to our personal habits and preferences. These would be for narrowly defined
+ situations like your ISP or your bank, and should be placed in
+ <filename>user.action</filename>, which is parsed after all other
+ actions files and should not be clobbered by upgrades. So any settings here,
+ will have the last word and over-ride any previously defined actions.
+</para>
+
+<para>
+ Now a few examples of some things that one might do with a
+ <filename>user.action</filename> file.
+</para>
+
+<!-- brief sample user.action here -->
+
+<para>
+ <literal>
+ <msgtext>
+ <literallayout>
+# Sample user.action file.
+
+# Any aliases you want to use need to be re-defined here.
+# Alias to turn off cookie handling, ie allow all cookies unmolested.
+ -prevent-cookies = -prevent-setting-cookies -prevent-reading-cookies \
+ -session-cookies-only
+
+# Fragile sites should have the minimum changes:
+ fragile = -block -deanimate-gifs -fast-redirects -filter -hide-referer \
+ -prevent-cookies -kill-popups
+
+# Allow persistent cookies for a few regular sites that we
+# trust via our above alias. These will be saved from one browser session
+# to the next. We are explicity turning off any and all cookie handling,
+# even though the prevent-*-cookie settings were disabled in our above
+# default.action anyway. So cookies from these domains will come through
+# unmolested.
+ { -prevent-cookies }
+ .sun.com
+ .yahoo.com
+ .msdn.microsoft.com
+ .redhat.com
+
+
+# My ISP uses obnoxious self promoting images on many pages.
+# Nuke them :) Note that <ulink url="actions-file.html#HANDLE-AS-IMAGE"><quote>+handle-as-image</quote></ulink> need not be specified,
+# since all URLs ending in .gif will be tagged as images by the
+# general rules in default.action anyway.
+ { <ulink url="actions-file.html#BLOCK">+block</ulink> }
+ www.my-isp-example.com/logo[0-9].gif
+
+
+# Say the site where you do your homebanking needs to open
+# popup windows, but you have chosen to kill popups by
+# default. This will allow it for your-example-bank.com:
+#
+ { <ulink url="actions-file.html#FILTER-POPUPS">-filter{popups}</ulink> <ulink url="actions-file.html#KILL-POPUPS">-kill-popups</ulink> }
+ .my-example-bank.com
+
+
+# This site is delicate, and requires kid-glove
+# treatment.
+ { fragile }
+ .forbes.com
+ </literallayout>
+ </msgtext>
+ </literal>
+</para>
+
+</sect3>
+</sect2>
+
+<!-- ~ End section ~ -->
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect2 id="aliases">
+<title>Aliases</title>
+<para>
+ Custom <quote>actions</quote>, known to <application>Privoxy</application>
+ as <quote>aliases</quote>, can be defined by combining other <quote>actions</quote>.
+ These can in turn be invoked just like the built-in <quote>actions</quote>.
+ Currently, an alias can contain any character except space, tab, <quote>=</quote>,
+ <quote>{</quote> or <quote>}</quote>. But please use only <quote>a</quote>-
+ <quote>z</quote>, <quote>0</quote>-<quote>9</quote>, <quote>+</quote>, and
+ <quote>-</quote>. Alias names are not case sensitive, and
+ <emphasis>must be defined before other actions</emphasis> in the
+ actions file! And there can only be one set of <quote>aliases</quote>
+ defined per file. Each actions file may have its own aliases, but they are
+ only visible within that file. Aliases do not requir a <quote>+</quote> or
+ <quote>-</quote> sign in front, since they are merely expanded.
+</para>
+
+<para>
+ Now let's define a few aliases:
+</para>
+
+<para>
+ <literal>
+ <msgtext>
+ <literallayout>
+ # Useful custom aliases we can use later. These must come first!
+ {{alias}}
+ +prevent-cookies = +prevent-setting-cookies +prevent-reading-cookies
+ -prevent-cookies = -prevent-setting-cookies -prevent-reading-cookies
+ fragile = -block -prevent-cookies -filter -fast-redirects -hide-referer -kill-popups
+ shop = -prevent-cookies -filter -fast-redirects
+ +imageblock = +block +handle-as-image
+
+ # Aliases defined from other aliases, for people who don't like to type
+ # too much: ;-)
+ c0 = +prevent-cookies
+ c1 = -prevent-cookies
+ #... etc. Customize to your heart's content.
+ </literallayout>
+ </msgtext>
+ </literal>
+</para>
+
+<para>
+ Some examples using our <quote>shop</quote> and <quote>fragile</quote>
+ aliases from above. These would appear in the lower sections of an
+ actions file as exceptions to the default actions (as defined in the
+ upper section):
+</para>
+
+<para>
+ <literal>
+ <msgtext>
+ <literallayout>
+ # These sites are very complex and require
+ # minimal interference.
+ {fragile}
+ .office.microsoft.com
+ .windowsupdate.microsoft.com
+ .nytimes.com
+
+ # Shopping sites - but we still want to block ads.
+ {shop}
+ .quietpc.com
+ .worldpay.com # for quietpc.com
+ .scan.co.uk
+
+ # These shops require pop-ups also
+ {shop -kill-popups}
+ .dabs.com
+ .overclockers.co.uk
+ </literallayout>
+ </msgtext>
+ </literal>
+</para>
+
+<para>
+ The <quote>shop</quote> and <quote>fragile</quote> aliases are often used for
+ <quote>problem</quote> sites that require most actions to be disabled
+ in order to function properly.
+
+</para>
+
+</sect2>
+</sect1>
+
+<!-- ~ End section ~ -->
+
+
+
+<!-- ~~~~~~~~ New section Header ~~~~~~~~~ -->
+
+<sect1 id="filter-file">
+<title>The Filter File</title>
+<para>
+ Any web page can be dynamically modified with the filter file. This
+ modification can be removal, or re-writing, of any web page content,
+ including tags and non-visible content. The default filter file is
+ oddly enough <filename>default.filter</filename>, located in the config
+ directory.
+</para>
+
+<para>
+ This is potentially a very powerful feature, and requires knowledge of both
+ <quote>regular expression</quote> and HTML in order create custom
+ filters. But, there are a number of useful filters included with
+ <application>Privoxy</application> for many common situations.
+</para>
+
+<para>
+ The included example file is divided into sections. Each section begins
+ with the <literal>FILTER</literal> keyword, followed by the identifier
+ for that section, e.g. <quote>FILTER: webbugs</quote>. Each section performs
+ a similar type of filtering, such as <quote>html-annoyances</quote>.
+</para>
+
+<para>
+ This file uses regular expressions to alter or remove any string in the
+ target page. The expressions can only operate on one line at a time. Some
+ examples from the included default <filename>default.filter</filename>:
+</para>
+
+<para>
+ Stop web pages from displaying annoying messages in the status bar by
+ deleting such references:
+</para>
+
+<para>
+ <literal>
+ <msgtext>
+ <literallayout>
+ FILTER: html-annoyances
+
+ # New browser windows should be resizeable and have a location and status
+ # bar. Make it so.
+ #
+ s/resizable="?(no|0)"?/resizable=1/ig s/noresize/yesresize/ig
+ s/location="?(no|0)"?/location=1/ig s/status="?(no|0)"?/status=1/ig
+ s/scrolling="?(no|0|Auto)"?/scrolling=1/ig
+ s/menubar="?(no|0)"?/menubar=1/ig
+
+ # The <BLINK> tag was a crime!
+ #
+ s*<blink>|</blink>**ig
+
+ # Is this evil?
+ #
+ #s/framespacing="?(no|0)"?//ig
+ #s/margin(height|width)=[0-9]*//gi
+ </literallayout>
+ </msgtext>
+ </literal>