<!entity p-authors SYSTEM "p-authors.sgml">
<!entity config SYSTEM "p-config.sgml">
<!entity changelog SYSTEM "changelog.sgml">
-<!entity p-version "3.0.22">
+<!entity p-version "3.0.27">
<!entity p-status "UNRELEASED">
<!entity % p-authors-formal "INCLUDE"> <!-- include additional text, etc -->
<!entity % p-not-stable "INCLUDE">
<!entity my-app "<application>Privoxy</application>">
]>
<!--
- File : $Source: /cvsroot/ijbswa/current/doc/source/user-manual.sgml,v $
+ File : doc/source/user-manual.sgml
Purpose : user manual
- This file belongs into
- ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
- $Id: user-manual.sgml,v 2.193 2014/07/18 10:01:39 fabiankeil Exp $
-
- Copyright (C) 2001-2014 Privoxy Developers http://www.privoxy.org/
+ Copyright (C) 2001-2018 Privoxy Developers https://www.privoxy.org/
See LICENSE.
========================================================================
<subscript>
<!-- Completely the wrong markup, but very little is allowed -->
<!-- in this part of an article. FIXME -->
- <link linkend="copyright">Copyright</link> &my-copy; 2001-2014 by
- <ulink url="http://www.privoxy.org/">Privoxy Developers</ulink>
+ <link linkend="copyright">Copyright</link> &my-copy; 2001-2018 by
+ <ulink url="https://www.privoxy.org/">Privoxy Developers</ulink>
</subscript>
</pubdate>
-<pubdate>$Id: user-manual.sgml,v 2.193 2014/07/18 10:01:39 fabiankeil Exp $</pubdate>
-
<!--
Note: the following should generate a separate page, and a live link to it,
<para>
The <citetitle>Privoxy User Manual</citetitle> gives users information on how to
install, configure and use <ulink
- url="http://www.privoxy.org/">Privoxy</ulink>.
+ url="https://www.privoxy.org/">Privoxy</ulink>.
</para>
<!-- Include privoxy.sgml boilerplate: -->
<para>
You can find the latest version of the <citetitle>Privoxy User Manual</citetitle> at <ulink
- url="http://www.privoxy.org/user-manual/">http://www.privoxy.org/user-manual/</ulink>.
+ url="https://www.privoxy.org/user-manual/">https://www.privoxy.org/user-manual/</ulink>.
Please see the <link linkend="contact">Contact section</link> on how to
contact the developers.
</para>
-<!-- <para> -->
-<!-- Feel free to send a note to the developers at <email>ijbswa-developers@lists.sourceforge.net</email>. -->
-<!-- </para> -->
</abstract>
</artheader>
<application>Privoxy</application> is available both in convenient pre-compiled
packages for a wide range of operating systems, and as raw source code.
For most users, we recommend using the packages, which can be downloaded from our
- <ulink url="http://sourceforge.net/projects/ijbswa/">Privoxy Project
+ <ulink url="https://sourceforge.net/projects/ijbswa/">Privoxy Project
Page</ulink>.
</para>
system. Check that no <application>Junkbuster</application>
or <application>Privoxy</application> objects are in
your startup folder.
-
</para>
<para>
<sect2 id="installation-source"><title>Building from Source</title>
<para>
- The most convenient way to obtain the <application>Privoxy</application> sources
- is to download the source tarball from our
- <ulink url="http://sourceforge.net/project/showfiles.php?group_id=11118&package_id=10571">project download
- page</ulink>.
-</para>
-
-<para>
- If you like to live on the bleeding edge and are not afraid of using
- possibly unstable development versions, you can check out the up-to-the-minute
- version directly from <ulink url="http://sourceforge.net/cvs/?group_id=11118">the
- CVS repository</ulink>.
-<!--
- deprecated...out of business.
- or simply download <ulink
- url="http://cvs.sourceforge.net/cvstarballs/ijbswa-cvsroot.tar.bz2">the nightly CVS
- tarball.</ulink>
--->
+ The most convenient way to obtain the <application>Privoxy</application> source
+ code is to download the source tarball from our
+ <ulink url="https://sourceforge.net/projects/ijbswa/files/Sources/">
+ project download page</ulink>,
+ or you can get the up-to-the-minute, possibly unstable, development version from
+ <ulink url="https://www.privoxy.org/">https://www.privoxy.org/</ulink>.
</para>
<!-- include buildsource.sgml boilerplate: -->
&buildsource;
<!-- end boilerplate -->
+
+ <sect3 id="WINBUILD-CYGWIN"><title>Windows</title>
+
+ <sect4 id="WINBUILD-SETUP"><title>Setup</title>
+ <para>
+ Install the Cygwin utilities needed to build <application>Privoxy</application>.
+ If you have a 64 bit CPU (which most people do by now), get the
+ Cygwin setup-x86_64.exe program <ulink url="https://cygwin.com/setup-x86_64.exe">here</ulink>
+ (the .sig file is <ulink url="https://cygwin.com/setup-x86_64.exe.sig">here</ulink>).
+ </para>
+ <para>
+ Run the setup program and from View / Category select:
+ </para>
+ <screen>
+ Devel
+ autoconf 2.5
+ automake 1.15
+ binutils
+ cmake
+ gcc-core
+ gcc-g++
+ git
+ make
+ mingw64-i686-gcc-core
+ mingw64-i686-zlib
+ Editors
+ vim
+ Libs
+ libxslt: GNOME XSLT library (runtime)
+ Net
+ curl
+ openssh
+ Text
+ docbook-dssl
+ docbook-sgml31
+ docbook-utils
+ openjade
+ Utils
+ gnupg
+ Web
+ w3m
+</screen>
+
+ <para>
+ If you haven't already downloaded the Privoxy source code, get it now:
+ </para>
+ <screen>
+ mkdir <root-dir>
+ cd <root-dir>
+ git clone https://www.privoxy.org/git/privoxy.git
+</screen>
+
+ <para>
+ Get the source code (.zip or .tar.gz) for tidy from
+ <ulink url="https://github.com/htacg/tidy-html5/releases">
+ https://github.com/htacg/tidy-html5/releases</ulink>,
+ unzip into <root-dir> and build the software:
+ </para>
+ <screen>
+ cd <root-dir>
+ cd tidy-html5-x.y.z/build/cmake
+ cmake ../.. -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIB:BOOL=OFF -DCMAKE_INSTALL_PREFIX=/usr/local
+ make && make install
+</screen>
+
+ <para>
+ If you want to be able to make a Windows release package, get the NSIS .zip file from
+ <!-- FIXME: which version(s) are known to work? -->
+ <ulink url="https://sourceforge.net/projects/nsis/files/NSIS%203/">
+ https://sourceforge.net/projects/nsis/files/NSIS%203/</ulink>
+ and extract the NSIS directory to <literal>privoxy/windows</literal>.
+ Then edit the windows/GNUmakefile to set the location of the NSIS executable - eg:
+ </para>
+ <screen>
+# Path to NSIS
+MAKENSIS = ./nsis/makensis.exe
+</screen>
+
+ </sect4>
+
+ <sect4 id="WINBUILD-BUILD"><title>Build</title>
+
+ <para>
+ To build just the Privoxy executable and not the whole installation package, do:
+ </para>
+ <programlisting>
+ cd <root-dir>/privoxy
+ ./windows/MYconfigure && make
+</programlisting>
+
+ <para>
+ Privoxy uses the <ulink url="https://en.wikipedia.org/wiki/GNU_build_system">GNU Autotools</ulink>
+ for building software, so the process is:
+ </para>
+ <programlisting>
+ $ autoheader # creates config.h.in
+ $ autoconf # uses config.h.in to create the configure shell script
+ $ ./configure [options] # creates GNUmakefile
+ $ make [options] # builds the program
+</programlisting>
+
+ <para>
+ The usual <literal>configure</literal> options for building a native Windows application under cygwin are
+ </para>
+
+ <literallayout class="Monospaced">
+ --host=i686-w64-mingw32
+ --enable-mingw32
+ --enable-zlib
+ --enable-static-linking
+ --disable-pthread
+ --disable-dynamic-pcre
+</literallayout>
+
+ <para>
+ You can set the <literal>CFLAGS</literal> and <literal>LDFLAGS</literal> envars before
+ running <literal>configure</literal> to set compiler and linker flags. For example:
+ </para>
+
+ <programlisting>
+ $ export CFLAGS="-O2" # set gcc optimization level
+ $ export LDFLAGS="-Wl,--nxcompat" # Enable DEP
+ $ ./configure --host=i686-w64-mingw32 --enable-mingw32 --enable-zlib \
+ > --enable-static-linking --disable-pthread --disable-dynamic-pcre
+ $ make # build Privoxy
+</programlisting>
+
+ <para>
+ See the <ulink url="../developer-manual/newrelease.html#NEWRELEASE-WINDOWS">Developer's Manual</ulink>
+ for building a Windows release package.
+ </para>
+
+ </sect4>
+ </sect3>
</sect2>
+
+
<!-- ~~~~~ New section ~~~~~ -->
<sect2 id="installation-keepupdated"><title>Keeping your Installation Up-to-Date</title>
<para>
If you wish to receive an email notification whenever we release updates of
<application>Privoxy</application> or the actions file, <ulink
- url="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce/">subscribe
- to our announce mailing list</ulink>, ijbswa-announce@lists.sourceforge.net.
+ url="https://lists.privoxy.org/mailman/listinfo/privoxy-announce">subscribe
+ to our announce mailing list</ulink>, privoxy-announce@lists.privoxy.org.
</para>
<para>
versions of <application>Privoxy</application>:
</para>
-<para>
<itemizedlist>
<listitem>
that filtering does not work on compressed pages, so if you use, or want to
use, filtering, you will need to force compression off. Example:
</para>
- <para>
<screen>
{ +<link linkend="filter">filter</link>{google} +<link linkend="prevent-compression">prevent-compression</link> }
.google.</screen>
- </para>
<para>
Or if you use a number of filters, or filter many sites, you may just want
to turn off compression for all sites in
-->
</itemizedlist>
-</para>
</sect2>
</sect1>
<!-- ~~~~~ New section ~~~~~ -->
<sect1 id="quickstart"><title>Quickstart to Using Privoxy</title>
-<para>
+
<itemizedlist>
<listitem>
</listitem>
</itemizedlist>
-</para>
<!-- ~~~~~ New section ~~~~~ -->
<literal><link linkend="set-image-blocker">set-image-blocker</link></literal>:
</para>
-<para>
<itemizedlist>
<listitem>
</listitem>
</itemizedlist>
-</para>
<para>
Advanced users will eventually want to explore &my-app;
A quick and simple step by step example:
</para>
-<para>
<itemizedlist>
<listitem>
</para>
<!-- image of editor and actions files selections -->
- <para>
<figure pgwide="0" float="0"><title>Actions Files in Use</title>
<mediaobject>
<imageobject>
</textobject>
</mediaobject>
</figure>
- </para>
</listitem>
<listitem>
</listitem>
</itemizedlist>
-</para>
<para>
This is a very crude and simple example. There might be good reasons to use a
</para>
<!-- image of Mozilla Proxy configuration -->
- <para>
<figure pgwide="0" float="0"><title>Proxy Configuration Showing
Mozilla/Netscape HTTP and HTTPS (SSL) Settings</title>
<mediaobject>
</textobject>
</mediaobject>
</figure>
- </para>
<para>
<literallayout>
<guibutton>Tools</guibutton> -> <guibutton>Options</guibutton> -> <guibutton>Advanced</guibutton> -> <guibutton>Network</guibutton> -><guibutton>Connection</guibutton> -> <guibutton>Settings</guibutton>
-
</literallayout>
<para>
<literallayout>
<guibutton>Edit</guibutton> -> <guibutton>Preferences</guibutton> -> <guibutton>General</guibutton> -> <guibutton>Connection Settings</guibutton> -> <guibutton>Manual Proxy Configuration</guibutton>
-
</literallayout>
<!-- Mix ascii and gui art, something for everybody -->
<!-- spacing on this is tricky -->
<guibutton>Edit</guibutton> -> <guibutton>Preferences</guibutton> -> <guibutton>Advanced</guibutton> -> <guibutton>Proxies</guibutton> -> <guibutton>HTTP Proxy</guibutton>
-
</literallayout>
<para>
</para>
<!-- image of IE Proxy configuration -->
- <para>
<figure pgwide="0" float="0"><title>Proxy Configuration Showing
Internet Explorer HTTP and HTTPS (Secure) Settings</title>
<mediaobject>
</textobject>
</mediaobject>
</figure>
- </para>
<para>
<filename>/etc/privoxy/config</filename> as its main configuration
file.
</para>
-<para>
<screen>
# /etc/init.d/privoxy start
</screen>
+</sect2>
+
+<sect2 id="start-freebsd">
+<title>FreeBSD and ElectroBSD</title>
+<para>
+ To start <application>Privoxy</application> upon booting, add
+ "privoxy_enable='YES'" to <filename>/etc/rc.conf</filename>.
+ <application>Privoxy</application> will use
+ <filename>/usr/local/etc/privoxy/config</filename> as its main
+ configuration file.
</para>
+<para>
+ If you installed <application>Privoxy</application> into a jail, the
+ paths above are relative to the jail root.
+</para>
+<para>
+ To start <application>Privoxy</application> manually, run:
+</para>
+ <screen>
+ # service privoxy onestart
+</screen>
</sect2>
<sect2 id="start-windows">
</sect2>
<sect2 id="start-unices">
-<title>Solaris, NetBSD, FreeBSD, HP-UX and others</title>
+<title>Generic instructions for Unix derivates (Solaris, NetBSD, HP-UX etc.)</title>
<para>
Example Unix startup command:
</para>
-<para>
<screen>
- # /usr/sbin/privoxy /etc/privoxy/config
+ # /usr/sbin/privoxy --user privoxy /etc/privoxy/config
</screen>
+<para>
+ Note that if you installed <application>Privoxy</application> through
+ a package manager, the package will probably contain a platform-specific
+ script or configuration file to start <application>Privoxy</application>
+ upon boot.
</para>
</sect2>
<sect2 id="start-macosx">
<title>Mac OS X</title>
<para>
- After downloading the privoxy software, unzip the downloaded file by
- double-clicking on the zip file icon. Then, double-click on the
- installer package icon and follow the installation process.
-</para>
-<para>
- The privoxy service will automatically start after a successful
- installation. In addition, the privoxy service will automatically
- start every time your computer starts up.
-</para>
-<para>
- To prevent the privoxy service from automatically starting when your
- computer starts up, remove or rename the folder named
- /Library/StartupItems/Privoxy.
-</para>
-<para>
- A simple application named Privoxy Utility has been created which
- enables administrators to easily start and stop the privoxy service.
+ The privoxy service will automatically start after a successful installation
+ (and thereafter every time your computer starts up) however you will need to
+ configure your web browser(s) to use it. To do so, configure them to use a
+ proxy for HTTP and HTTPS at the address 127.0.0.1:8118.
</para>
<para>
- In addition, the Privoxy Utility presents a simple way for
- administrators to edit the various privoxy config files. A method
- to uninstall the software is also available.
+ To prevent the privoxy service from automatically starting when your computer
+ starts up, remove or rename the file <literal>/Library/LaunchDaemons/org.ijbswa.privoxy.plist</literal>
+ (on OS X 10.5 and higher) or the folder named
+ <literal>/Library/StartupItems/Privoxy</literal> (on OS X 10.4 'Tiger').
</para>
<para>
- An administrator username and password must be supplied in order for
- the Privoxy Utility to perform any of the tasks.
+ To manually start or stop the privoxy service, use the scripts startPrivoxy.sh
+ and stopPrivoxy.sh supplied in /Applications/Privoxy. They must be run from an
+ administrator account, using sudo.
</para>
</sect2>
command-line options:
</para>
-<para>
<itemizedlist>
<listitem>
</listitem>
</itemizedlist>
-</para>
<para>
On <application>MS Windows</application> only there are two additional
<!-- ~~~~~ New section ~~~~~ -->
-<sect2>
+<sect2 id="control-with-webbrowser">
<title>Controlling Privoxy with Your Web Browser</title>
<para>
<application>Privoxy</application>'s user interface can be reached through the special
(shortcut: <ulink url="http://p.p/">http://p.p/</ulink>),
which is a built-in page and works without Internet access.
You will see the following section:
-
</para>
<!-- Needs to be put in a table and colorized -->
-<screen>
+<screen><!-- want the background color that goes with screen -->
<msgtext>
<bridgehead renderas="sect2"> Privoxy Menu</bridgehead>
-
<simplelist>
<member>
▪ <ulink url="http://config.privoxy.org/show-status">View & change the current configuration</ulink>
</member>
<member>
▪ <ulink
- url="http://www.privoxy.org/&p-version;/user-manual/">Documentation</ulink>
+ url="https://www.privoxy.org/&p-version;/user-manual/">Documentation</ulink>
</member>
</simplelist>
</msgtext>
principle configuration files are:
</para>
-<para>
<itemizedlist>
<listitem>
</listitem>
</itemizedlist>
-</para>
<para>
The syntax of the configuration and filter files may change between different
are three action files included with <application>Privoxy</application> with
differing purposes:
</para>
-<para>
<itemizedlist>
<listitem>
<para>
The default profiles, and their associated actions, as pre-defined in
<filename>default.action</filename> are:
</para>
- <para>
<table frame=all><title>Default Configurations</title>
<tgroup cols=4 align=left colsep=1 rowsep=1>
<colspec colname=c1>
</tbody>
</tgroup>
</table>
- </para>
</listitem>
</itemizedlist>
-</para>
<para>
The list of actions files to be used are defined in the main configuration
</para>
<!-- ~~~~~ New section ~~~~~ -->
-<sect2>
+<sect2 id="right-mix">
<title>Finding the Right Mix</title>
<para>
Note that some <link linkend="actions">actions</link>, like cookie suppression
</sect2>
<!-- ~~~~~ New section ~~~~~ -->
-<sect2>
+<sect2 id="how-to-edit">
<title>How to Edit</title>
<para>
The easiest way to edit the actions files is with a browser by
might look like:
</para>
- <para>
<screen>
{ +<literal>handle-as-image</literal> +<literal>block{Banner ads.}</literal> }
# Block these as if they were images. Send no block page.
banners.example.com
media.example.com/.*banners
.example.com/images/ads/</screen>
- </para>
<para>
You can trace this process for URL patterns and any given URL by visiting <ulink
<!-- ~~~~~ New section ~~~~~ -->
-<sect3><title>The Path Pattern</title>
+<sect3 id="path-pattern"><title>The Path Pattern</title>
<para>
<application>Privoxy</application> uses <quote>modern</quote> POSIX 1003.2
This regular expression is conditional so it will match any page
named <quote>index.html</quote> regardless of path which in this case can
have one or more <quote>/'s</quote>. And this one must contain exactly
- <quote>.html</quote> (but does not have to end with that!).
+ <quote>.html</quote> (and end with that!).
</para>
</listitem>
</varlistentry>
that contains any of the words <quote>ads</quote>, <quote>banner</quote>,
<quote>banners</quote> (because of the <quote>?</quote>) or <quote>junk</quote>.
The path does not have to end in these words, just contain them.
+ The path has to contain at least two slashes (including the one at the beginning).
</para>
</listitem>
</varlistentry>
<!-- ~~~~~ New section ~~~~~ -->
-<sect3 id="tag-pattern"><title>The Tag Pattern</title>
+<sect3 id="tag-pattern"><title>The Request Tag Pattern</title>
<para>
- Tag patterns are used to change the applying actions based on the
- request's tags. Tags can be created with either the
- <link linkend="CLIENT-HEADER-TAGGER">client-header-tagger</link>
+ Request tag patterns are used to change the applying actions based on the
+ request's tags. Tags can be created based on HTTP headers with either
+ the <link linkend="CLIENT-HEADER-TAGGER">client-header-tagger</link>
or the <link linkend="SERVER-HEADER-TAGGER">server-header-tagger</link> action.
</para>
<para>
- Tag patterns have to start with <quote>TAG:</quote>, so &my-app;
- can tell them apart from URL patterns. Everything after the colon
+ Request tag patterns have to start with <quote>TAG:</quote>, so &my-app;
+ can tell them apart from other patterns. Everything after the colon
including white space, is interpreted as a regular expression with
path pattern syntax, except that tag patterns aren't left-anchored
automatically (&my-app; doesn't silently add a <quote>^</quote>,
</para>
<para>
- Sections can contain URL and tag patterns at the same time,
- but tag patterns are checked after the URL patterns and thus
+ Sections can contain URL and request tag patterns at the same time,
+ but request tag patterns are checked after the URL patterns and thus
always overrule them, even if they are located before the URL patterns.
</para>
<para>
- Once a new tag is added, Privoxy checks right away if it's matched by one
- of the tag patterns and updates the action settings accordingly. As a result
- tags can be used to activate other tagger actions, as long as these other
+ Once a new request tag is added, Privoxy checks right away if it's matched by one
+ of the request tag patterns and updates the action settings accordingly. As a result
+ request tags can be used to activate other tagger actions, as long as these other
taggers look for headers that haven't already be parsed.
</para>
</sect3>
<!-- ~~~~~ New section ~~~~~ -->
-<sect3 id="negative-tag-patterns"><title>The Negative Tag Patterns</title>
+<sect3 id="negative-tag-patterns"><title>The Negative Request Tag Patterns</title>
<para>
- To match requests that do not have a certain tag, specify a negative tag pattern
+ To match requests that do not have a certain request tag, specify a negative tag pattern
by prefixing the tag pattern line with either <quote>NO-REQUEST-TAG:</quote>
or <quote>NO-RESPONSE-TAG:</quote> instead of <quote>TAG:</quote>.
</para>
<para>
- Negative tag patterns created with <quote>NO-REQUEST-TAG:</quote> are checked
+ Negative request tag patterns created with <quote>NO-REQUEST-TAG:</quote> are checked
after all client headers are scanned, the ones created with <quote>NO-RESPONSE-TAG:</quote>
are checked after all server headers are scanned. In both cases all the created
tags are considered.
</para>
+</sect3>
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 id="client-tag-pattern"><title>The Client Tag Pattern</title>
+
+<!-- XXX: This section contains duplicates content from the
+ client-specific-tag documentation. -->
+
+<warning>
+<para>
+ This is an experimental feature. The syntax is likely to change in future versions.
+</para>
+</warning>
+
+<para>
+ Client tag patterns are not set based on HTTP headers but based on
+ the client's IP address. Users can enable them themselves, but the
+ Privoxy admin controls which tags are available and what their effect
+ is.
+</para>
+
+<para>
+ After a client-specific tag has been defined with the
+ <link linkend="client-specific-tag">client-specific-tag</link>,
+ directive, action sections can be activated based on the tag by using a
+ CLIENT-TAG pattern. The CLIENT-TAG pattern is evaluated at the same priority
+ as URL patterns, as a result the last matching pattern wins. Tags that
+ are created based on client or server headers are evaluated later on
+ and can overrule CLIENT-TAG and URL patterns!
+</para>
+<para>
+ The tag is set for all requests that come from clients that requested
+ it to be set. Note that "clients" are differentiated by IP address,
+ if the IP address changes the tag has to be requested again.
+</para>
+<para>
+ Clients can request tags to be set by using the CGI interface <ulink
+ url="http://config.privoxy.org/client-tags">http://config.privoxy.org/client-tags</ulink>.
+</para>
+
+<para>
+ Example:
+</para>
+
+ <screen>
+# If the admin defined the client-specific-tag circumvent-blocks,
+# and the request comes from a client that previously requested
+# the tag to be set, overrule all previous +block actions that
+# are enabled based on URL to CLIENT-TAG patterns.
+{-block}
+CLIENT-TAG:^circumvent-blocks$
+
+# This section is not overruled because it's located after
+# the previous one.
+{+block{Nobody is supposed to request this.}}
+example.org/blocked-example-page</screen>
+</sect3>
</sect2>
following patterns</quote>, and <literal>-block</literal> means <quote>don't
block URLs that match the following patterns, even if <literal>+block</literal>
previously applied.</quote>
-
</para>
<para>
Actions fall into three categories:
</para>
-<para>
<itemizedlist>
<listitem>
<para>
Boolean, i.e the action can only be <quote>enabled</quote> or
<quote>disabled</quote>. Syntax:
</para>
- <para>
<screen>
+<replaceable class="function">name</replaceable> # enable action <replaceable class="parameter">name</replaceable>
-<replaceable class="function">name</replaceable> # disable action <replaceable class="parameter">name</replaceable></screen>
- </para>
<para>
Example: <literal>+handle-as-image</literal>
</para>
Parameterized, where some value is required in order to enable this type of action.
Syntax:
</para>
- <para>
<screen>
+<replaceable class="function">name</replaceable>{<replaceable class="parameter">param</replaceable>} # enable action and set parameter to <replaceable class="parameter">param</replaceable>,
# overwriting parameter from previous match if necessary
-<replaceable class="function">name</replaceable> # disable action. The parameter can be omitted</screen>
- </para>
<para>
Note that if the URL matches multiple positive forms of a parameterized action,
the last match wins, i.e. the params from earlier matches are simply ignored.
that can be executed for the same request repeatedly, like adding multiple
headers, or filtering through multiple filters. Syntax:
</para>
- <para>
<screen>
+<replaceable class="function">name</replaceable>{<replaceable class="parameter">param</replaceable>} # enable action and add <replaceable class="parameter">param</replaceable> to the list of parameters
-<replaceable class="function">name</replaceable>{<replaceable class="parameter">param</replaceable>} # remove the parameter <replaceable class="parameter">param</replaceable> from the list of parameters
# If it was the last one left, disable the action.
<replaceable class="parameter">-name</replaceable> # disable this action completely and remove all parameters from the list</screen>
- </para>
<para>
Examples: <literal>+add-header{X-Fun-Header: Some text}</literal> and
<literal>+filter{html-annoyances}</literal>
</listitem>
</itemizedlist>
-</para>
<para>
If nothing is specified in any actions file, no <quote>actions</quote> are
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
- <screen>+add-header{X-User-Tracking: sucks}</screen>
- </para>
+ <screen># Add a DNT ("Do not track") header to all requests,
+# event to those that already have one.
+#
+# This is just an example, not a recommendation.
+#
+# There is no reason to believe that user-tracking websites care
+# about the DNT header and depending on the User-Agent, adding the
+# header may make user-tracking easier.
+{+add-header{DNT: 1}}
+/</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen>{+block{No nasty stuff for you.}}
# Block and replace with "blocked" page
.nasty-stuff.example.com
{+block{Layered ads.} +handle-as-empty-document}
# Block and then ignore
adserver.example.net/.*\.js$</screen>
- </para>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>+change-x-forwarded-for{block}</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<term>Type:</term>
<!-- boolean, parameterized, Multi-value -->
<listitem>
- <para>Parameterized.</para>
+ <para>Multi-value.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen>
# Hide Tor exit notation in Host and Referer Headers
{+client-header-filter{hide-tor-exit-notation}}
/
- </screen>
- </para>
+</screen>
</listitem>
</varlistentry>
<term>Type:</term>
<!-- boolean, parameterized, Multi-value -->
<listitem>
- <para>Parameterized.</para>
+ <para>Multi-value.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen>
# Tag every request with the User-Agent header
{+client-header-tagger{user-agent}}
TAG:^User-Agent: fetch libfetch/
TAG:^User-Agent: Ubuntu APT-HTTP/
TAG:^User-Agent: MPlayer/
- </screen>
- </para>
- <para>
+</screen>
+
<screen>
# Tag all requests with the Range header set
{+client-header-tagger{range-requests}}
# parts of multimedia files.
{-filter -deanimate-gifs}
TAG:^RANGE-REQUEST$
- </screen>
- </para>
+</screen>
+
+ <screen>
+# Tag all requests with the client IP address
+#
+# (Technically the client IP address isn't included in the
+# client headers but client-header taggers can set it anyway.
+# For details see the tagger in default.filter)
+{+client-header-tagger{client-ip-address}}
+/
+
+# Change forwarding settings for requests coming from address 10.0.0.1
+{+forward-override{forward-socks5 127.0.1.2:2222 .}}
+TAG:^IP-ADDRESS: 10\.0\.0\.1$
+</screen>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage (sections):</term>
<listitem>
- <para>
<screen># Check if www.example.net/ really uses valid XHTML
{ +content-type-overwrite{application/xml} }
www.example.net/
www.example.net/.*\.css$
www.example.net/.*style
</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen># Block the non-existent "Privacy-Violation:" client header
{ +crunch-client-header{Privacy-Violation:} }
/
- </screen>
- </para>
+</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen># Let the browser revalidate cached documents but don't
# allow the server to use the revalidation headers for user tracking.
{+hide-if-modified-since{-60} \
+overwrite-last-modified{randomize} \
+crunch-if-none-match}
-/ </screen>
- </para>
+/
+</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>+crunch-incoming-cookies</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen># Crunch server headers that try to prevent caching
{ +crunch-server-header{no-cache} }
-/ </screen>
- </para>
+/
+</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>+crunch-outgoing-cookies</screen>
- </para>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>+deanimate-gifs{last}</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen>{+downgrade-http-version}
problem-host.example.com</screen>
- </para>
</listitem>
</varlistentry>
<term>Type:</term>
<!-- boolean, parameterized, Multi-value -->
<listitem>
- <para>Parameterized.</para>
+ <para>Multi-value.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>+external-filter{fancy-filter}</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>
{ +fast-redirects{simple-check} }
one.example.com
{ +fast-redirects{check-decoded-url} }
another.example.com/testing</screen>
- </para>
</listitem>
</varlistentry>
<term>Type:</term>
<!-- boolean, parameterized, Multi-value -->
<listitem>
- <para>Parameterized.</para>
+ <para>Multi-value.</para>
</listitem>
</varlistentry>
<listitem>
<para>
<anchor id="filter-js-annoyances">
- <screen>+filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse.</screen>
</para>
+ <screen>+filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse.</screen>
<para>
<anchor id="filter-js-events">
- <screen>+filter{js-events} # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).</screen>
</para>
+ <screen>+filter{js-events} # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).</screen>
<para>
<anchor id="filter-html-annoyances">
- <screen>+filter{html-annoyances} # Get rid of particularly annoying HTML abuse.</screen>
</para>
+ <screen>+filter{html-annoyances} # Get rid of particularly annoying HTML abuse.</screen>
<para>
<anchor id="filter-content-cookies">
- <screen>+filter{content-cookies} # Kill cookies that come in the HTML or JS content.</screen>
</para>
+ <screen>+filter{content-cookies} # Kill cookies that come in the HTML or JS content.</screen>
<para>
<anchor id="filter-refresh-tags">
- <screen>+filter{refresh-tags} # Kill automatic refresh tags if refresh time is larger than 9 seconds.</screen>
</para>
+ <screen>+filter{refresh-tags} # Kill automatic refresh tags if refresh time is larger than 9 seconds.</screen>
<para>
<anchor id="filter-unsolicited-popups">
- <screen>+filter{unsolicited-popups} # Disable only unsolicited pop-up windows.</screen>
</para>
+ <screen>+filter{unsolicited-popups} # Disable only unsolicited pop-up windows.</screen>
<para>
<anchor id="filter-all-popups">
- <screen>+filter{all-popups} # Kill all popups in JavaScript and HTML.</screen>
</para>
+ <screen>+filter{all-popups} # Kill all popups in JavaScript and HTML.</screen>
<para>
<anchor id="filter-img-reorder">
- <screen>+filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective.</screen>
</para>
+ <screen>+filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective.</screen>
<para>
<anchor id="filter-banners-by-size">
- <screen>+filter{banners-by-size} # Kill banners by size.</screen>
</para>
+ <screen>+filter{banners-by-size} # Kill banners by size.</screen>
<para>
<anchor id="filter-banners-by-link">
- <screen>+filter{banners-by-link} # Kill banners by their links to known clicktrackers.</screen>
</para>
+ <screen>+filter{banners-by-link} # Kill banners by their links to known clicktrackers.</screen>
<para>
<anchor id="filter-webbugs">
- <screen>+filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking).</screen>
</para>
+ <screen>+filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking).</screen>
<para>
<anchor id="filter-tiny-textforms">
- <screen>+filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap.</screen>
</para>
+ <screen>+filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap.</screen>
<para>
<anchor id="filter-jumping-windows">
- <screen>+filter{jumping-windows} # Prevent windows from resizing and moving themselves.</screen>
</para>
+ <screen>+filter{jumping-windows} # Prevent windows from resizing and moving themselves.</screen>
<para>
<anchor id="filter-frameset-borders">
- <screen>+filter{frameset-borders} # Give frames a border and make them resizable.</screen>
</para>
+ <screen>+filter{frameset-borders} # Give frames a border and make them resizable.</screen>
<para>
<anchor id="filter-iframes">
- <screen>+filter{iframes} # Removes all detected iframes. Should only be enabled for individual sites.</screen>
</para>
+ <screen>+filter{iframes} # Removes all detected iframes. Should only be enabled for individual sites.</screen>
<para>
<anchor id="filter-demoronizer">
- <screen>+filter{demoronizer} # Fix MS's non-standard use of standard charsets.</screen>
</para>
+ <screen>+filter{demoronizer} # Fix MS's non-standard use of standard charsets.</screen>
<para>
<anchor id="filter-shockwave-flash">
- <screen>+filter{shockwave-flash} # Kill embedded Shockwave Flash objects.</screen>
</para>
+ <screen>+filter{shockwave-flash} # Kill embedded Shockwave Flash objects.</screen>
<para>
<anchor id="filter-quicktime-kioskmode">
- <screen>+filter{quicktime-kioskmode} # Make Quicktime movies saveable.</screen>
</para>
+ <screen>+filter{quicktime-kioskmode} # Make Quicktime movies saveable.</screen>
<para>
<anchor id="filter-fun">
- <screen>+filter{fun} # Text replacements for subversive browsing fun!</screen>
</para>
+ <screen>+filter{fun} # Text replacements for subversive browsing fun!</screen>
<para>
<anchor id="filter-crude-parental">
- <screen>+filter{crude-parental} # Crude parental filtering. Note that this filter doesn't work reliably.</screen>
</para>
+ <screen>+filter{crude-parental} # Crude parental filtering. Note that this filter doesn't work reliably.</screen>
<para>
<anchor id="filter-ie-exploits">
- <screen>+filter{ie-exploits} # Disable some known Internet Explorer bug exploits.</screen>
</para>
+ <screen>+filter{ie-exploits} # Disable some known Internet Explorer bug exploits.</screen>
<para>
<anchor id="filter-site-specifics">
- <screen>+filter{site-specifics} # Cure for site-specific problems. Don't apply generally!</screen>
</para>
+ <screen>+filter{site-specifics} # Cure for site-specific problems. Don't apply generally!</screen>
<para>
<anchor id="filter-no-ping">
- <screen>+filter{no-ping} # Removes non-standard ping attributes in <a> and <area> tags.</screen>
</para>
+ <screen>+filter{no-ping} # Removes non-standard ping attributes in <a> and <area> tags.</screen>
<para>
<anchor id="filter-google">
- <screen>+filter{google} # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.</screen>
</para>
+ <screen>+filter{google} # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.</screen>
<para>
<anchor id="filter-yahoo">
- <screen>+filter{yahoo} # CSS-based block for Yahoo text ads. Also removes a width limitation.</screen>
</para>
+ <screen>+filter{yahoo} # CSS-based block for Yahoo text ads. Also removes a width limitation.</screen>
<para>
<anchor id="filter-msn">
- <screen>+filter{msn} # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.</screen>
</para>
+ <screen>+filter{msn} # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.</screen>
<para>
<anchor id="filter-blogspot">
- <screen>+filter{blogspot} # Cleans up some Blogspot blogs. Read the fine print before using this.</screen>
</para>
+ <screen>+filter{blogspot} # Cleans up some Blogspot blogs. Read the fine print before using this.</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>
+force-text-mode
- </screen>
- </para>
+</screen>
</listitem>
</varlistentry>
</variablelist>
<term>Type:</term>
<!-- Boolean, Parameterized, Multi-value -->
<listitem>
- <para>Multi-value.</para>
+ <para>Parameterized.</para>
</listitem>
</varlistentry>
for socks5 connections (with remote DNS resolution).
</para>
</listitem>
+ <listitem>
+ <para>
+ <quote>forward-webserver 127.0.0.1:80</quote> to use the HTTP
+ server listening at 127.0.0.1 port 80 without adjusting the
+ request headers.
+ </para>
+ <para>
+ This makes it more convenient to use Privoxy to make
+ existing websites available as onion services as well.
+ </para>
+ <para>
+ Many websites serve content with hardcoded URLs and
+ can't be easily adjusted to change the domain based
+ on the one used by the client.
+ </para>
+ <para>
+ Putting Privoxy between Tor and the webserver (or an stunnel
+ that forwards to the webserver) allows to rewrite headers and
+ content to make client and server happy at the same time.
+ </para>
+ <para>
+ Using Privoxy for webservers that are only reachable through
+ onion addresses and whose location is supposed to be secret
+ is not recommended and should not be necessary anyway.
+ </para>
+ </listitem>
</itemizedlist>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>
# Use an ssh tunnel for requests previously tagged as
# <quote>User-Agent: fetch libfetch/2.0</quote> and make sure
-overwrite-last-modified \
}
TAG:^User-Agent: fetch libfetch/2\.0$
- </screen>
- </para>
+</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen># Block all documents on example.org that end with ".js",
# but send an empty document instead of the usual HTML message.
{+block{Blocked JavaScript} +handle-as-empty-document}
example.org/.*\.js$
- </screen>
- </para>
+</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (sections):</term>
<listitem>
- <para>
<screen># Generic image extensions:
#
{+handle-as-image}
{+block{Nasty banners.} +handle-as-image}
nasty-banner-server.example.com/junk.cgi\?output=trash
</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen># Pretend to use Canadian language settings.
{+hide-accept-language{en-ca} \
+hide-user-agent{Mozilla/5.0 (X11; U; OpenBSD i386; en-CA; rv:1.8.0.4) Gecko/20060628 Firefox/1.5.0.4} \
}
-/ </screen>
- </para>
+/
+</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen># Disarm the download link in Sourceforge's patch tracker
{ -filter \
+content-type-overwrite{text/plain}\
+hide-content-disposition{block} }
.sourceforge.net/tracker/download\.php</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen># Let the browser revalidate but make tracking based on the time less likely.
{+hide-if-modified-since{-60} \
+overwrite-last-modified{randomize} \
+crunch-if-none-match}
/</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
- <screen>+hide-from-header{block}</screen> or
+ <screen>+hide-from-header{block}</screen>
+ <para>or</para>
<screen>+hide-from-header{spam-me-senseless@sittingduck.example.com}</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
- <screen>+hide-referrer{forge}</screen> or
+ <screen>+hide-referrer{forge}</screen>
+ <para>or</para>
<screen>+hide-referrer{http://www.yahoo.com/}</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>+hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<!-- I had trouble getting the spacing to look right in my browser -->
<!-- I probably have the wrong font setup, bollocks. -->
<!-- Apparently the emphasis tag uses a proportional font no matter what -->
- <para>
<screen>+limit-connect{443} # Port 443 is OK.
+limit-connect{80,443} # Ports 80 and 443 are OK.
+limit-connect{-3, 7, 20-100, 500-} # Ports less than 3, 7, 20 to 100 and above 500 are OK.
+limit-connect{-} # All ports are OK
+limit-connect{,} # No HTTPS/SSL traffic is allowed</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usages:</term>
<listitem>
- <para>
- <screen>+limit-cookie-lifetime{60}
- </screen>
- </para>
+ <screen>+limit-cookie-lifetime{60}</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (sections):</term>
<listitem>
- <para>
<screen>
# Selectively turn off compression, and enable a filter
#
#
{ -prevent-compression }
.compusa.com/</screen>
- </para>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen># Let the browser revalidate without being tracked across sessions
{ +hide-if-modified-since{-60} \
+overwrite-last-modified{randomize} \
+crunch-if-none-match}
/</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usages:</term>
<listitem>
- <para>
<screen># Replace example.com's style sheet with another one
{ +redirect{http://localhost/css-replacements/example.com.css} }
example.com/stylesheet\.css
# Create a short, easy to remember nickname for a favorite site
# (relies on the browser to accept and forward invalid URLs to &my-app;)
-{ +redirect{http://www.privoxy.org/user-manual/actions-file.html} }
+{ +redirect{https://www.privoxy.org/user-manual/actions-file.html} }
a
# Always use the expanded view for Undeadly.org articles
# to the local version delivered by Privoxy
{+redirect{s@^http://www@http://config@}}
www.privoxy.org/user-manual/</screen>
- </para>
</listitem>
</varlistentry>
<term>Type:</term>
<!-- boolean, parameterized, Multi-value -->
<listitem>
- <para>Parameterized.</para>
+ <para>Multi-value.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen>
{+server-header-filter{html-to-xml}}
example.org/xml-instance-that-is-delivered-as-html
{+server-header-filter{xml-to-html}}
example.org/instance-that-is-delivered-as-xml-but-is-not
- </screen>
- </para>
+</screen>
</listitem>
</varlistentry>
<term>Type:</term>
<!-- boolean, parameterized, Multi-value -->
<listitem>
- <para>Parameterized.</para>
+ <para>Multi-value.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen>
# Tag every request with the content type declared by the server
{+server-header-tagger{content-type}}
# <literal><link linkend="external-filter-syntax">silly example</link></literal>.
{+external-filter{rotate-image} +force-text-mode}
TAG:^image/
- </screen>
- </para>
+</screen>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>+session-cookies-only</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<para>
Built-in pattern:
</para>
- <para>
<screen>+set-image-blocker{pattern}</screen>
- </para>
<para>
Redirect to the BSD daemon:
</para>
- <para>
<screen>+set-image-blocker{http://www.freebsd.org/gifs/dae_up3.gif}</screen>
- </para>
<para>
Redirect to the built-in pattern for better caching:
</para>
- <para>
<screen>+set-image-blocker{http://config.privoxy.org/send-banner?type=pattern}</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<!-- ~~~~~ New section ~~~~~ -->
-<sect3>
+<sect3 id="summary">
<title>Summary</title>
<para>
Note that many of these actions have the potential to cause a page to
Now let's define some aliases...
</para>
-<para>
<screen>
# Useful custom aliases we can use later.
#
#
c0 = +crunch-all-cookies
c1 = -crunch-all-cookies</screen>
-</para>
<para>
...and put them to use. These sections would appear in the lower part of an
up for the <quote>/</quote> pattern):
</para>
-<para>
<screen>
# These sites are either very complex or very keen on
# user data and require minimal interference to work:
{-filter{all-popups} -filter{unsolicited-popups}}
.dabs.com
.overclockers.co.uk</screen>
-</para>
<para>
Aliases like <quote>shop</quote> and <quote>fragile</quote> are typically used for
and <filename>user.action</filename> file and see how all these pieces come together:
</para>
-<sect3>
+<sect3 id="match-all">
<title>match-all.action</title>
<para>
Remember <emphasis>all actions are disabled when matching starts</emphasis>,
multiple lines with line continuation.
</para>
-<para>
<screen>
{ \
+<link linkend="CHANGE-X-FORWARDED-FOR">change-x-forwarded-for{block}</link> \
+<link linkend="SET-IMAGE-BLOCKER">set-image-blocker{pattern}</link> \
}
/ # Match all URLs
- </screen>
-</para>
+</screen>
<para>
The default behavior is now set.
</para>
</sect3>
-<sect3>
+<sect3 id="default-action">
<title>default.action</title>
<para>
that prevents older &my-app; versions from reading the file:
</para>
-<para>
<screen>
##########################################################################
# Settings -- Don't change! For internal Privoxy use ONLY.
##########################################################################
{{settings}}
for-privoxy-version=3.0.11</screen>
-</para>
<para>
After that comes the (optional) alias section. We'll use the example
that also explains why and how aliases are used:
</para>
-<para>
<screen>
##########################################################################
# Aliases
#
fragile = -<link linkend="BLOCK">block</link> -<link linkend="FILTER">filter</link> -crunch-all-cookies -<link linkend="FAST-REDIRECTS">fast-redirects</link> -<link linkend="HIDE-REFERER">hide-referrer</link>
shop = -crunch-all-cookies -<link linkend="FILTER-ALL-POPUPS">filter{all-popups}</link></screen>
-</para>
<para>
The first of our specialized sections is concerned with <quote>fragile</quote>
sites, i.e. sites that require minimum interference, because they are either
very complex or very keen on tracking you (and have mechanisms in place that
- make them unusable for people who avoid being tracked). We will simply use
+ make them unusable for people who avoid being tracked). We will use
our pre-defined <literal>fragile</literal> alias instead of stating the list
of actions explicitly:
</para>
-<para>
<screen>
##########################################################################
# Exceptions for sites that'll break under the default action set:
.office.microsoft.com # surprise, surprise!
.windowsupdate.microsoft.com
mail.google.com</screen>
-</para>
<para>
Shopping sites are not as fragile, but they typically
carts or item details. Again, we'll use a pre-defined alias:
</para>
-<para>
<screen>
# Shopping sites:
#
.worldpay.com # for quietpc.com
.jungle.com
.scan.co.uk</screen>
-</para>
<para>
The <literal><link linkend="FAST-REDIRECTS">fast-redirects</link></literal>
breaks some sites. So disable it for popular sites where we know it misbehaves:
</para>
-<para>
<screen>
{ -<link linkend="FAST-REDIRECTS">fast-redirects</link> }
login.yahoo.com
.altavista.com/.*(like|url|link):http
.altavista.com/trans.*urltext=http
.nytimes.com</screen>
-</para>
<para>
It is important that <application>Privoxy</application> knows which
good start:
</para>
-<para>
<screen>
##########################################################################
# Images:
#
{ +<link linkend="HANDLE-AS-IMAGE">handle-as-image</link> }
/.*\.(gif|jpe?g|png|bmp|ico)$</screen>
-</para>
<para>
And then there are known banner sources. They often use scripts to
action before, it still applies and needn't be repeated:
</para>
-<para>
<screen>
# Known ad generators:
#
.a[0-9].yimg.com/(?:(?!/i/).)*$
bs*.gsanet.com
.qkimg.net</screen>
-</para>
<para>
One of the most important jobs of <application>Privoxy</application>
to keep the example short:
</para>
-<para>
<screen>
##########################################################################
# Block these fine banners:
# Site-specific patterns (abbreviated):
#
.hitbox.com</screen>
-</para>
<para>
It's quite remarkable how many advertisers actually call their banner
servers ads.<replaceable>company</replaceable>.com, or call the directory
- in which the banners are stored simply <quote>banners</quote>. So the above
+ in which the banners are stored literally <quote>banners</quote>. So the above
generic patterns are surprisingly effective.
</para>
<para>
with no <literal><link linkend="BLOCK">block</link></literal> action applying.
</para>
-<para>
<screen>
##########################################################################
# Save some innocent victims of the above generic block patterns:
#
www.globalintersec.com/adv # (adv = advanced)
www.ugu.com/sui/ugu/adv</screen>
-</para>
<para>
Filtering source code can have nasty side effects,
disables <emphasis>all</emphasis> filters in one fell swoop!
</para>
-<para>
<screen>
# Don't filter code!
#
developer.
wiki.
.sourceforge.net</screen>
-</para>
<para>
The actual <filename>default.action</filename> is of course much more
</sect3>
-<sect3><title>user.action</title>
+<sect3 id="user-action"><title>user.action</title>
<para>
So far we are painting with a broad brush by setting general policies,
<!-- brief sample user.action here -->
-<para>
<screen>
# My user.action file. <fred@example.com></screen>
-</para>
<para>
As <link linkend="aliases">aliases</link> are local to the actions
<filename>default.action</filename>, unless you repeat them here:
</para>
-<para>
<screen>
# Aliases are local to the file they are defined in.
# (Re-)define aliases for this file:
# MIME types. We want the browser to force these to be text documents.
handle-as-text = -<link linkend="FILTER">filter</link> +-<link linkend="content-type-overwrite">content-type-overwrite{text/plain}</link> +-<link linkend="FORCE-TEXT-MODE">force-text-mode</link> -<link linkend="HIDE-CONTENT-DISPOSITION">hide-content-disposition</link></screen>
-</para>
-
<para>
Say you have accounts on some sites that you visit regularly, and
you don't want to have to log in manually each time. So you'd like
processing of cookies to make them only temporary.
</para>
-<para>
<screen>
{ allow-all-cookies }
sourceforge.net
.yahoo.com
.msdn.microsoft.com
.redhat.com</screen>
-</para>
<para>
Your bank is allergic to some filter, but you don't know which, so you disable them all:
</para>
-<para>
<screen>
{ -<link linkend="FILTER">filter</link> }
.your-home-banking-site.com</screen>
-</para>
<para>
Some file types you may not want to filter for various reasons:
</para>
-<para>
<screen>
# Technical documentation is likely to contain strings that might
# erroneously get altered by the JavaScript-oriented filters:
# so that Privoxy thinks it is getting HTML and starts filtering:
#
stupid-server.example.com/</screen>
-</para>
<para>
Example of a simple <link linkend="BLOCK">block</link> action. Say you've
in default.action anyway:
</para>
-<para>
<screen>
{ +<link linkend="BLOCK">block</link>{Nasty ads.} }
www.example.com/nasty-ads/sponsor\.gif
another.example.net/more/junk/here/</screen>
-</para>
<para>
The URLs of dynamically generated banners, especially from large banner
browser. Use cautiously.
</para>
-<para>
<screen>
{ +block-as-image }
.doubleclick.net
.fastclick.net
/Realmedia/ads/
ar.atwola.com/</screen>
-</para>
<para>
Now you noticed that the default configuration breaks Forbes Magazine,
that misbehave, and add those to our personalized list of troublemakers:
</para>
-<para>
<screen>
{ fragile }
.forbes.com
webmail.example.com
.mybank.com</screen>
-</para>
<para>
You like the <quote>fun</quote> text replacements in <filename>default.filter</filename>,
update-safe config, once and for all:
</para>
-<para>
<screen>
{ +<link linkend="filter-fun">filter{fun}</link> }
/ # For ALL sites!</screen>
-</para>
<para>
Note that the above is not really a good idea: There are exceptions
sites that you feel provide value to you:
</para>
-<para>
<screen>
{ allow-ads }
.sourceforge.net
.slashdot.org
.osdn.net</screen>
-</para>
<para>
Note that <literal>allow-ads</literal> has been aliased to
it should I choose to.
</para>
-<para>
<screen>
{ handle-as-text }
/.*\.sh$</screen>
-</para>
<para>
<filename>user.action</filename> is generally the best place to define
paths and patterns:
</para>
-<para>
<screen>
{ +<link linkend="set-image-blocker">set-image-blocker{blank}</link> }
/ # ALL sites</screen>
-</para>
</sect3>
</sect2>
like this:
</para>
-<para>
<screen>FILTER: foo Replace all "foo" with "bar"</screen>
-</para>
<para>
Below that line, and up to the next header line, come the jobs that
<para>
The non-standard option letter <literal>D</literal> (dynamic) allows
to use the variables $host, $origin (the IP address the request came from),
- $path and $url. They will be replaced with the value they refer to before
- the filter is executed.
+ $path, $url and $listen-address (the address on which Privoxy accepted the
+ client request. Example: 127.0.0.1:8118).
+ They will be replaced with the value they refer to before the filter
+ is executed.
</para>
<para>
<!-- ~~~~~~~~ New section Header ~~~~~~~~~ -->
-<sect2><title>Filter File Tutorial</title>
+<sect2 id="filter-file-tut"><title>Filter File Tutorial</title>
<para>
Now, let's complete our <quote>foo</quote> content filter. We have already defined
the heading, but the jobs are still missing. Since all it does is to replace
needed:
</para>
-<para>
<screen>s/foo/bar/</screen>
-</para>
<para>
But wait! Didn't the comment say that <emphasis>all</emphasis> occurrences
we'll need to add the <literal>g</literal> option:
</para>
-<para>
<screen>s/foo/bar/g</screen>
-</para>
<para>
Our complete filter now looks like this:
</para>
-<para>
+
<screen>FILTER: foo Replace all "foo" with "bar"
s/foo/bar/g</screen>
-</para>
<para>
Let's look at some real filters for more interesting examples. Here you see
</para>
-<para>
<screen>
FILTER: js-annoyances Get rid of particularly annoying JavaScript abuse
# Get rid of JavaScript referrer tracking. Test page: http://www.randomoddness.com/untitled.htm
#
s|(<script.*)document\.referrer(.*</script>)|$1"Not Your Business!"$2|Usg</screen>
-</para>
<para>
Following the header line and a comment, you see the job. Note that it uses
this time only point out the constructs of special interest:
</para>
-<para>
<screen>
# The status bar is for displaying link targets, not pointless blahblah
#
s/window\.status\s*=\s*(['"]).*?\1/dUmMy=1/ig</screen>
-</para>
<para>
<literal>\s</literal> stands for whitespace characters (space, tab, newline,
you move your mouse over links.
</para>
-<para>
<screen>
# Kill OnUnload popups. Yummy. Test: http://www.zdnet.com/zdsubs/yahoo/tree/yfs.html
#
s/(<body [^>]*)onunload(.*>)/$1never$2/iU</screen>
-</para>
<para>
Including the
The last example is from the fun department:
</para>
-<para>
<screen>
FILTER: fun Fun text replacements
# Spice the daily news:
#
s/microsoft(?!\.com)/MicroSuck/ig</screen>
-</para>
<para>
Note the <literal>(?!\.com)</literal> part (a so-called negative lookahead)
still replacing the word everywhere else.
</para>
-<para>
<screen>
# Buzzword Bingo (example for extended regex syntax)
#
| unrivalled \
*<font color="red"><b>BINGO!</b></font> \
*igx</screen>
-</para>
<para>
The <literal>x</literal> option in this job turns on extended syntax, and allows for
<para>
The purpose of this filter is to get rid of particularly annoying JavaScript abuse.
To that end, it
+ </para>
<itemizedlist>
<listitem>
<para>
</para>
</listitem>
</itemizedlist>
- </para>
<para>
Use with caution. This is an aggressive filter, and can break sites that
rely heavily on JavaScript.
</para>
<para>
External filters read the content from STDIN and write the rewritten
- content to STDOUT. The environment variables PRIVOXY_URL, PRIVOXY_PATH,
- PRIVOXY_HOST, PRIVOXY_ORIGIN can be used to get some details about the
- client request.
+ content to STDOUT.
+ The environment variables PRIVOXY_URL, PRIVOXY_PATH, PRIVOXY_HOST,
+ PRIVOXY_ORIGIN, PRIVOXY_LISTEN_ADDRESS can be used to get some details
+ about the client request.
</para>
<para>
&my-app; will temporary store the content to filter in the
<literal><link linkend="temporary-directory">temporary-directory</link></literal>.
</para>
-<para>
+
<screen>
EXTERNAL-FILTER: cat Pointless example filter that doesn't actually modify the content
/bin/cat
EXTERNAL-FILTER: citation-needed Adds a "[citation needed]" tag to an image. The coordinates may need adjustment.
/usr/local/bin/convert - -pointsize 16 -fill white -annotate +17+418 "[citation needed]" -
</screen>
-</para>
<warning>
<para>
is in an alpha or beta development stage:
</para>
-<para>
<screen>
<!-- @if-unstable-start -->
... beta warning HTML code goes here ...
<!-- if-unstable-end@ --></screen>
-</para>
<para>
If the "unstable" symbol is set, everything in between and including
will disappear, leaving nothing but an empty comment:
</para>
-<para>
<screen><!-- --></screen>
-</para>
<para>
There's also an if-then-else construct and an <literal>#include</literal>
<!-- ~~~~~ New section ~~~~~ -->
<sect2 id="license"><title>License</title>
-<para>
+
<screen><![ RCDATA [ &GPLv2; ]]></screen>
-</para>
</sect2>
<!-- ~ End section ~ -->
and then some examples:
</para>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>.</emphasis> - Matches any single character, e.g. <quote>a</quote>,
<quote>A</quote>, <quote>4</quote>, <quote>:</quote>, or <quote>@</quote>.
</member>
-</simplelist></para>
+</simplelist>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>?</emphasis> - The preceding character or expression is matched ZERO or ONE
times. Either/or.
</member>
-</simplelist></para>
+</simplelist>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>+</emphasis> - The preceding character or expression is matched ONE or MORE
times.
</member>
-</simplelist></para>
+</simplelist>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>*</emphasis> - The preceding character or expression is matched ZERO or MORE
times.
</member>
-</simplelist></para>
+</simplelist>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>\</emphasis> - The <quote>escape</quote> character denotes that
the following character should be taken literally. This is used where one of the
sure the period is recognized only as a period (and not expanded to its
meta-character meaning of any single character).
</member>
-</simplelist></para>
+</simplelist>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>[ ]</emphasis> - Characters enclosed in brackets will be matched if
any of the enclosed characters are encountered. For instance, <quote>[0-9]</quote>
matches any numeric digit (zero through nine). As an example, we can combine
this with <quote>+</quote> to match any digit one of more times: <quote>[0-9]+</quote>.
</member>
-</simplelist></para>
+</simplelist>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>( )</emphasis> - parentheses are used to group a sub-expression,
or multiple sub-expressions.
</member>
-</simplelist></para>
+</simplelist>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>|</emphasis> - The <quote>bar</quote> character works like an
<quote>or</quote> conditional statement. A match is successful if the
and would match either <quote>this example</quote> or <quote>that
example</quote>, and nothing else.
</member>
-</simplelist></para>
+</simplelist>
<para>
These are just some of the ones you are likely to use when matching URLs with
<!-- ~~~~~ New section ~~~~~ -->
-<sect2>
+<sect2 id="internal-pages">
<title>Privoxy's Internal Pages</title>
<para>
rules and other configuration options, and even turn
<application>Privoxy's</application> filtering off, all with
a web browser.
-
</para>
<para>
necessary either.
</para>
-<para>
<itemizedlist>
<listitem>
</listitem>
</itemizedlist>
-</para>
</sect2>
page is requested by your browser:
</para>
-<para>
<itemizedlist>
<listitem>
<para>
</listitem>
</itemizedlist>
-</para>
+
<para>
NOTE: This is somewhat of a simplistic overview of what happens with each URL
request. For the sake of brevity and simplicity, we have focused on
configuration may vary):
</para>
-<para>
<screen>
Matches for http://www.google.com:
In file: user.action <guibutton>[ View ]</guibutton> <guibutton>[ Edit ]</guibutton>
(no matches in this file)
</screen>
-</para>
<para>
This is telling us how we have defined our
And finally we pull it all together in the bottom section and summarize how
<application>Privoxy</application> is applying all its <quote>actions</quote>
to <quote>google.com</quote>:
-
</para>
-<para>
<screen>
-
Final results:
-add-header
-server-header-filter{xml-to-html}
-server-header-filter{html-to-xml}
-session-cookies-only
- +set-image-blocker {pattern} </screen>
-</para>
+ +set-image-blocker {pattern}
+</screen>
<para>
Notice the only difference here to the previous listing, is to
Now another example, <quote>ad.doubleclick.net</quote>:
</para>
-<para>
<screen>
-
{ +block{Domains starts with "ad"} }
ad*.
{ +block{Doubleclick banner server} +handle-as-image }
.[a-vx-z]*.doubleclick.net
</screen>
-</para>
<para>
We'll just show the interesting part here - the explicit matches. It is
This one is giving us problems. We are getting a blank page. Hmmm ...
</para>
-<para>
<screen>
-
Matches for http://www.example.net/adsl/HOWTO/:
In file: default.action <guibutton>[ View ]</guibutton> <guibutton>[ Edit ]</guibutton>
{ +block{Path contains "ads".} +handle-as-image }
/ads
</screen>
-</para>
<para>
Ooops, the <quote>/adsl/</quote> is matching <quote>/ads</quote> in our
wins). There are various ways to handle such exceptions. Example:
</para>
-<para>
<screen>
-
{ -block }
/adsl
</screen>
-</para>
<para>
Now the page displays ;-)
we did with:
</para>
-<para>
<screen>
-
{ +block{Path starts with "ads".} +handle-as-image }
/ads
</screen>
-</para>
<para>
That actually was very helpful and pointed us quickly to where the problem
<link linkend="FILTER"><quote>+filter</quote></link>:
</para>
-<para>
<screen>
-
{ shop }
.quietpc.com
.worldpay.com # for quietpc.com
.scan.co.uk
.forbes.com
</screen>
-</para>
<para>
<quote><literal>{ shop }</literal></quote> is an <quote>alias</quote> that expands to
<quote><literal>{ -filter -session-cookies-only }</literal></quote>.
Or you could do your own exception to negate filtering:
-
</para>
-<para>
<screen>
-
{ -filter }
# Disable ALL filter actions for sites in this section
.forbes.com
developer.ibm.com
localhost
</screen>
-</para>
<para>
This would turn off all filtering for these sites. This is best
actions that are the most likely to cause trouble. This can be used as a
last resort for problem sites.
</para>
-<para>
- <screen>
+ <screen>
{ fragile }
# Handle with care: easy to break
mail.google.
mybank.example.com</screen>
-</para>
<para>