- - Privoxy can (re)compress buffered content before delivering
- it to the client. Disabled by default as most users wouldn't
- benefit from it.
- - The +fast-redirects{check-decoded-url} action checks URL
- segments separately. If there are other parameters behind
- the redirect URL, this makes it unnecessary to cut them off
- by additionally using a +redirect{} pcrs command.
- Initial patch submitted by Jamie Zawinski in #3429848.
- - When loading action sections, verify that the referenced filters
- exist. Currently missing filters only result in an error message,
- but eventually the severity will be upgraded to fatal.
- - Allow to bind to multiple separate addresses.
- Patch set submitted by Petr Pisar in #3354485.
- - Set socket_error to errno if connecting fails in rfc2553_connect_to().
- Previously rejected direct connections could be incorrectly reported
- as DNS issues if Privoxy was compiled with IPv6 support.
- - Adjust url_code_map[] so spaces are replaced with %20 instead of '+'
- While '+' can be used by client's submitting form data, this is not
- actually what Privoxy is using the lookups for. This is more of a
- cosmetic issue and doesn't fix any known problems.
- - When compiled without FEATURE_FAST_REDIRECTS, do not silently
- ignore +fast-redirect{} directives
- - Added a workaround for GNU libc's strptime() reporting negative
- year values when the parsed year is only specified with two digits.
- On affected systems cookies with such a date would not be turned
- into session cookies by the +session-cookies-only action.
- Reported by Vaeinoe in #3403560
- - Fixed bind failures with certain GNU libc versions if no non-loopback
- IP address has been configured on the system. This is mainly an issue
- if the system is using DHCP and Privoxy is started before the network
- is completely configured.
- Reported by Raphael Marichez in #3349356.
- Additional insight from Petr Pisar.
- - Privoxy log messages now use the ISO 8601 date format %Y-%m-%d.
- It's only slightly longer than the old format, but contains
- the full date including the year and allows sorting by date
- (when grepping in multiple log files) without hassle.
- - In get_last_url(), do not bother trying to decode URLs that do
- not contain at least one '%' sign. It reduces the log noise and
- a number of unnecessary memory allocations.
- - In case of SOCKS5 failures, dump the socks response in the log message.
- - Simplify the signal setup in main().
- - Streamline socks5_connect() slightly.
- - In socks5_connect(), require a complete socks response from the server.
- Previously Privoxy didn't care how much data the server response
- contained as long as the first two bytes contained the expected
- values. While at it, shrink the buffer size so Privoxy can't read
- more than a whole socks response.
- - In chat(), do not bother to generate a client request in case of
- direct CONNECT requests. It will not be used anyway.
- - Reduce server_last_modified()'s stack size.
- - Shorten get_http_time() by using strftime().
- - Constify the known_http_methods pointers in unknown_method().
- - Constify the time_formats pointers in parse_header_time().
- - Constify the formerly_valid_actions pointers in action_used_to_be_valid().
- - Introduce a GNUMakefile MAN_PAGE variable that defaults to privoxy.1.
- The Debian package uses section 8 for the man page and this
- should simplify the patch.
- - Deduplicate the INADDR_NONE definition for Solaris by moving it to jbsockets.h
- - In block_url(), ditch the obsolete workaround for ancient Netscape versions
- that supposedly couldn't properly deal with status code 403.
- - Remove a useless NULL pointer check in load_trustfile().
- - Remove two useless NULL pointer checks in load_one_re_filterfile().
- - Change url_code_map[] from an array of pointers to an array of arrays
- It removes an unnecessary layer of indirection and on 64bit system reduces
- the size of the binary a bit.
- - Fix various typos. Fixes taken from Debian's 29_typos.dpatch by Roland Rosenfeld.
- - Add a dok-tidy GNUMakefile target to clean up the messy HTML
- generated by the other dok targets.
- - GNUisms in the GNUMakefile have been removed.
- - Change the HTTP version in static responses to 1.1
- - Synced config.sub and config.guess with upstream
- 2011-11-11/386c7218162c145f5f9e1ff7f558a3fbb66c37c5.
- - Add a dedicated function to parse the values of toggles. Reduces duplicated
- code in load_config() and provides better error handling. Invalid or missing
- toggle values are now a fatal error instead of being silently ignored.
- - Terminate HTML lines in static error messages with \n instead of \r\n.
- - Simplify cgi_error_unknown() a bit.
- - In LogPutString(), don't bother looking at pszText when not
- actually logging anything.
- - Change ssplit()'s fourth parameter from int to size_t.
- Fixes a clang complaint.
- - Add a warning that the statistics currently can't be trusted.
- Mention Privoxy-Log-Parser's --statistics option as
- an alternative for the time being.
- - In rfc2553_connect_to(), start setting cgi->error_message on error.
- - Change the expected status code returned for http://p.p/die depending
- on whether or not FEATURE_GRACEFUL_TERMINATION is available.
- - In cgi_die(), mark the client connection for closing.
- If the client will fetch the style sheet through another connection
- it gets the main thread out of the accept() state and should thus
- trigger the actual shutdown.
- - Add a proper CGI message for cgi_die().
- - Don't enforce a logical line length limit in read_config_line().
- - Slightly refactor server_last_modified() to remove useless gmtime*() calls.
- - In get_content_type(), also recognize '.jpeg' as JPEG extension.
- - Add '.png' to the list of recognized file extensions in get_content_type().
- - In block_url(), consistently use the block reason "Request blocked by Privoxy"
- In two places the reason was "Request for blocked URL" which hides the
- fact that the request got blocked by Privoxy and isn't necessarily
- correct as the block may be due to tags.
- - In listen_loop(), reload the configuration files after accepting
- a new connection instead of before.
- Previously the first connection that arrived after a configuration
- change would still be handled with the old configuration.
- - In chat()'s receive-data loop, skip a client socket check if
- the socket will be written to right away anyway. This can
- increase the transfer speed for unfiltered content on fast
- network connections.
- - The socket timeout is used for SOCKS negotiations as well which
- previously couldn't timeout.
- - Don't keep the client connection alive if any configuration file
- changed since the time the connection came in. This is closer to
- Privoxy's behaviour before keep-alive support for client connection
- has been added and also less confusing in general.
- - Treat all Content-Type header values containing the pattern
- 'script' as a sign of text. Reported by pribog in #3134970.
+ - Significantly improved keep-alive support for both client and server
+ connections.
+ - New debug log level 65536 which logs all actions that were applied to
+ the request.
+ - New directive client-header-order to forward client headers in a
+ different order than the one in which they arrived.
+ - New directive tolerate-pipelining to allow client-side pipelining.
+ If enabled (3.0.20 beta enables it by default), Privoxy will keep
+ pipelined client requests around to deal with them once the current
+ request has been served.
+ - New --config-test option to let Privoxy exit after checking whether or not
+ the configuration seems valid. The limitations noted in TODO #22 and #23
+ still apply. Based on a patch by Ramkumar Chinchani.
+ - New limit-cookie-lifetime{} action to let cookies expire before the end
+ of the session. Suggested by Rick Sykes in #1049575.
+ - Increase the hard-coded maximum number of actions and filter files from
+ 10 to 30 (each). It doesn't significantly affect Privoxy's memory usage
+ and recompiling wasn't an option for all Privoxy users that reached the
+ limit.
+ - Add support for chunk-encoded client request bodies. Previously
+ chunk-encoded request bodies weren't guaranteed to be forwarded correctly,
+ so this can also be considered a bug fix although chunk-encoded request
+ bodies aren't commonly used in the real world.
+ - Add support for Tor's optimistic-data SOCKS extension, which can reduce the
+ latency for requests on newly created connections. Currently only the
+ headers are sent optimistically and only if the client request has already
+ been read completely which rules out requests with large bodies.
+ - After preventing the client from pipelining, don't signal keep-alive
+ intentions. When looking at the response headers alone, it previously
+ wasn't obvious from the client's perspective that no additional responses
+ should be expected.
+ - Stop considering client sockets tainted after receiving a request with body.
+ It hasn't been necessary for a while now and unnecessarily causes test
+ failures when using curl's test suite.
+ - Allow HTTP/1.0 clients to signal interest in keep-alive through the
+ Proxy-Connection header. While such client are rare in the real world, it
+ doesn't hurt and couple of curl tests rely on it.
+ - Only remove duplicated Content-Type headers when filters are enabled.
+ If they are not it doesn't cause ill effects and the user might not want it.
+ Downgrade the removal message to LOG_LEVEL_HEADER to clarify that it's not
+ an error in Privoxy and is unlikely to cause any problems in general.
+ Anonymously reported in #3599335.
+ - Set the socket option SO_LINGER for the client socket.
+ - Move several variable declarations to the beginning of their code block.
+ It's required when compiling with gcc 2.95 which is still used on some
+ platforms. Initial patch submitted by Simon South in #3564815.
+ - Optionally try to sanity-check strptime() results before trusting them.
+ Broken strptime() implementations have caused problems in the past and
+ the most recent offender seems to be FreeBSD's libc (standards/173421).
+ - When filtering is enabled, let Range headers pass if the range starts at
+ the beginning. This should work around (or at least reduce) the video
+ playback issues with various Apple clients as reported by Duc in #3426305.
+ - Do not confuse a client hanging up with a connection time out. If a client
+ closes its side of the connection without sending a request line, do not
+ send the CLIENT_CONNECTION_TIMEOUT_RESPONSE, but report the condition
+ properly.
+ - Allow closing curly braces as part of action values as long as they are
+ escaped.
+ - On Windows, the logfile is now written before showing the GUI error
+ message which blocks until the user acknowledges it.
+ Reported by Adriaan in #3593603.
+ - Remove an unreasonable parameter limit in the CGI interface. The new
+ parameter limit depends on the memory available and is currently unlikely
+ to be reachable, due to other limits in both Privoxy and common clients.
+ Reported by Andrew on ijbswa-users@.
+ - Decrease the chances of parse failures after requests with unsupported
+ methods were sent to the CGI interface.