- <p>This action allows you to block client headers for which no
- dedicated <span class="APPLICATION">Privoxy</span> action
- exists. <span class="APPLICATION">Privoxy</span> will remove
- every client header that contains the string you supplied as
- parameter.</p>
-
- <p>Regular expressions are <span class="emphasis"><i class=
- "EMPHASIS">not supported</i></span> and you can't use this
- action to block different headers in the same request, unless
- they contain the same string.</p>
-
- <p><tt class="LITERAL">crunch-client-header</tt> is only meant
- for quick tests. If you have to block several different
- headers, or only want to modify parts of them, you should use a
- <tt class="LITERAL"><a href=
- "actions-file.html#CLIENT-HEADER-FILTER">client-header
- filter</a></tt>.</p>
-
+ <p>This action allows you to block client headers for which no dedicated <span class=
+ "APPLICATION">Privoxy</span> action exists. <span class="APPLICATION">Privoxy</span> will remove every
+ client header that contains the string you supplied as parameter.</p>
+ <p>Regular expressions are <span class="emphasis"><i class="EMPHASIS">not supported</i></span> and you
+ can't use this action to block different headers in the same request, unless they contain the same
+ string.</p>
+ <p><tt class="LITERAL">crunch-client-header</tt> is only meant for quick tests. If you have to block
+ several different headers, or only want to modify parts of them, you should use a <tt class=
+ "LITERAL"><a href="actions-file.html#CLIENT-HEADER-FILTER">client-header filter</a></tt>.</p>
+ <div class="WARNING">
+ <table class="WARNING" border="1" width="90%">
+ <tr>
+ <td align="center"><b>Warning</b></td>
+ </tr>
+ <tr>
+ <td align="left">
+ <p>Don't block any header without understanding the consequences.</p>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </dd>
+ <dt>Example usage (section):</dt>
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN"># Block the non-existent "Privacy-Violation:" client header
+{ +crunch-client-header{Privacy-Violation:} }
+/</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="CRUNCH-IF-NONE-MATCH" id="CRUNCH-IF-NONE-MATCH">8.5.8. crunch-if-none-match</a></h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+ <dd>
+ <p>Prevent yet another way to track the user's steps between sessions.</p>
+ </dd>
+ <dt>Effect:</dt>
+ <dd>
+ <p>Deletes the <span class="QUOTE">"If-None-Match:"</span> HTTP client header.</p>
+ </dd>
+ <dt>Type:</dt>
+ <dd>
+ <p>Boolean.</p>
+ </dd>
+ <dt>Parameter:</dt>
+ <dd>
+ <p>N/A</p>
+ </dd>
+ <dt>Notes:</dt>
+ <dd>
+ <p>Removing the <span class="QUOTE">"If-None-Match:"</span> HTTP client header is useful for filter
+ testing, where you want to force a real reload instead of getting status code <span class=
+ "QUOTE">"304"</span> which would cause the browser to use a cached copy of the page.</p>
+ <p>It is also useful to make sure the header isn't used as a cookie replacement (unlikely but
+ possible).</p>
+ <p>Blocking the <span class="QUOTE">"If-None-Match:"</span> header shouldn't cause any caching problems,
+ as long as the <span class="QUOTE">"If-Modified-Since:"</span> header isn't blocked or missing as
+ well.</p>
+ <p>It is recommended to use this action together with <tt class="LITERAL"><a href=
+ "actions-file.html#HIDE-IF-MODIFIED-SINCE">hide-if-modified-since</a></tt> and <tt class=
+ "LITERAL"><a href="actions-file.html#OVERWRITE-LAST-MODIFIED">overwrite-last-modified</a></tt>.</p>
+ </dd>
+ <dt>Example usage (section):</dt>
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN"># Let the browser revalidate cached documents but don't
+# allow the server to use the revalidation headers for user tracking.
+{+hide-if-modified-since{-60} \
+ +overwrite-last-modified{randomize} \
+ +crunch-if-none-match}
+/</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="CRUNCH-INCOMING-COOKIES" id="CRUNCH-INCOMING-COOKIES">8.5.9.
+ crunch-incoming-cookies</a></h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+ <dd>
+ <p>Prevent the web server from setting HTTP cookies on your system</p>
+ </dd>
+ <dt>Effect:</dt>
+ <dd>
+ <p>Deletes any <span class="QUOTE">"Set-Cookie:"</span> HTTP headers from server replies.</p>
+ </dd>
+ <dt>Type:</dt>
+ <dd>
+ <p>Boolean.</p>
+ </dd>
+ <dt>Parameter:</dt>
+ <dd>
+ <p>N/A</p>
+ </dd>
+ <dt>Notes:</dt>
+ <dd>
+ <p>This action is only concerned with <span class="emphasis"><i class="EMPHASIS">incoming</i></span> HTTP
+ cookies. For <span class="emphasis"><i class="EMPHASIS">outgoing</i></span> HTTP cookies, use <tt class=
+ "LITERAL"><a href="actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a></tt>. Use
+ <span class="emphasis"><i class="EMPHASIS">both</i></span> to disable HTTP cookies completely.</p>
+ <p>It makes <span class="emphasis"><i class="EMPHASIS">no sense at all</i></span> to use this action in
+ conjunction with the <tt class="LITERAL"><a href=
+ "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a></tt> action, since it would prevent the
+ session cookies from being set. See also <tt class="LITERAL"><a href=
+ "actions-file.html#FILTER-CONTENT-COOKIES">filter-content-cookies</a></tt>.</p>
+ </dd>
+ <dt>Example usage:</dt>
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">+crunch-incoming-cookies</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="CRUNCH-SERVER-HEADER" id="CRUNCH-SERVER-HEADER">8.5.10.
+ crunch-server-header</a></h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+ <dd>
+ <p>Remove a server header <span class="APPLICATION">Privoxy</span> has no dedicated action for.</p>
+ </dd>
+ <dt>Effect:</dt>
+ <dd>
+ <p>Deletes every header sent by the server that contains the string the user supplied as parameter.</p>
+ </dd>
+ <dt>Type:</dt>
+ <dd>
+ <p>Parameterized.</p>
+ </dd>
+ <dt>Parameter:</dt>
+ <dd>
+ <p>Any string.</p>
+ </dd>
+ <dt>Notes:</dt>
+ <dd>
+ <p>This action allows you to block server headers for which no dedicated <span class=
+ "APPLICATION">Privoxy</span> action exists. <span class="APPLICATION">Privoxy</span> will remove every
+ server header that contains the string you supplied as parameter.</p>
+ <p>Regular expressions are <span class="emphasis"><i class="EMPHASIS">not supported</i></span> and you
+ can't use this action to block different headers in the same request, unless they contain the same
+ string.</p>
+ <p><tt class="LITERAL">crunch-server-header</tt> is only meant for quick tests. If you have to block
+ several different headers, or only want to modify parts of them, you should use a custom <tt class=
+ "LITERAL"><a href="actions-file.html#SERVER-HEADER-FILTER">server-header filter</a></tt>.</p>