<!entity copyright SYSTEM "copyright.sgml">
<!entity license SYSTEM "license.sgml">
<!entity GPLv2 SYSTEM "../../LICENSE">
+<!entity GPLv3 SYSTEM "../../LICENSE.GPLv3">
<!entity p-authors SYSTEM "p-authors.sgml">
<!entity config SYSTEM "p-config.sgml">
<!entity changelog SYSTEM "changelog.sgml">
-<!entity p-version "3.0.27">
+<!entity p-version "3.0.33">
<!entity p-status "UNRELEASED">
<!entity % p-authors-formal "INCLUDE"> <!-- include additional text, etc -->
<!entity % p-not-stable "INCLUDE">
<!entity my-app "<application>Privoxy</application>">
]>
<!--
- File : $Source: /cvsroot/ijbswa/current/doc/source/user-manual.sgml,v $
+ File : doc/source/user-manual.sgml
Purpose : user manual
- This file belongs into
- ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
- Copyright (C) 2001-2017 Privoxy Developers https://www.privoxy.org/
+ Copyright (C) 2001-2021 Privoxy Developers https://www.privoxy.org/
See LICENSE.
========================================================================
<subscript>
<!-- Completely the wrong markup, but very little is allowed -->
<!-- in this part of an article. FIXME -->
- <link linkend="copyright">Copyright</link> &my-copy; 2001-2017 by
+ <link linkend="copyright">Copyright</link> &my-copy; 2001-2021 by
<ulink url="https://www.privoxy.org/">Privoxy Developers</ulink>
</subscript>
</pubdate>
-<pubdate>$Id: user-manual.sgml,v 2.221 2017/05/20 09:27:54 fabiankeil Exp $</pubdate>
-
<!--
Note: the following should generate a separate page, and a live link to it,
<para>
Since this is a &p-status; version, not all new features are well tested. This
documentation may be slightly out of sync as a result (especially with
- CVS sources). And there <emphasis>may be</emphasis> bugs, though hopefully
+ <ulink url="https://www.privoxy.org/gitweb/?p=privoxy.git;a=summary">git sources</ulink>).
+ And there <emphasis>may be</emphasis> bugs, though hopefully
not many!
</para>
]]>
<para>
In addition to the core
features of ad blocking and
- <ulink url="http://en.wikipedia.org/wiki/Browser_cookie">cookie</ulink> management,
+ <ulink url="https://en.wikipedia.org/wiki/Browser_cookie">cookie</ulink> management,
<application>Privoxy</application> provides many supplemental
features<![%p-not-stable;[, some of them currently under development]]>,
that give the end-user more control, more privacy and more freedom:
</sect3>
-<!-- ~~~~~ New section ~~~~~ -->
-<sect3 id="installation-os2"><title>OS/2</title>
-
-<para>
- First, make sure that no previous installations of
- <application>Junkbuster</application> and / or
- <application>Privoxy</application> are left on your
- system. Check that no <application>Junkbuster</application>
- or <application>Privoxy</application> objects are in
- your startup folder.
-</para>
-
-<para>
- Then, just double-click the WarpIN self-installing archive, which will
- guide you through the installation process. A shadow of the
- <application>Privoxy</application> executable will be placed in your
- startup folder so it will start automatically whenever OS/2 starts.
-</para>
-
-<para>
- The directory you choose to install <application>Privoxy</application>
- into will contain all of the configuration files.
-</para>
-</sect3>
-
<!-- ~~~~~ New section ~~~~~ -->
<sect3 id="installation-mac"><title>Mac OS X</title>
<para>
<sect2 id="installation-source"><title>Building from Source</title>
<para>
- The most convenient way to obtain the <application>Privoxy</application> sources
- is to download the source tarball from our
- <ulink url="https://sourceforge.net/projects/ijbswa/files/Sources/">project download
- page</ulink>.
-</para>
-
-<para>
- If you like to live on the bleeding edge and are not afraid of using
- possibly unstable development versions, you can check out the up-to-the-minute
- version directly from <ulink url="https://sourceforge.net/p/ijbswa/code/?source=navbar">the
- CVS repository</ulink>.
-<!--
- deprecated...out of business.
- or simply download <ulink
- url="http://cvs.sourceforge.net/cvstarballs/ijbswa-cvsroot.tar.bz2">the nightly CVS
- tarball.</ulink>
--->
+ The most convenient way to obtain the <application>Privoxy</application> source
+ code is to download the source tarball from our
+ <ulink url="https://sourceforge.net/projects/ijbswa/files/Sources/">
+ project download page</ulink>,
+ or you can get the up-to-the-minute, possibly unstable, development version from
+ <ulink url="https://www.privoxy.org/">https://www.privoxy.org/</ulink>.
</para>
<!-- include buildsource.sgml boilerplate: -->
&buildsource;
<!-- end boilerplate -->
+
+ <sect3 id="WINBUILD-CYGWIN"><title>Windows</title>
+
+ <sect4 id="WINBUILD-SETUP"><title>Setup</title>
+ <para>
+ Install the Cygwin utilities needed to build <application>Privoxy</application>.
+ If you have a 64 bit CPU (which most people do by now), get the
+ Cygwin setup-x86_64.exe program <ulink url="https://cygwin.com/setup-x86_64.exe">here</ulink>
+ (the .sig file is <ulink url="https://cygwin.com/setup-x86_64.exe.sig">here</ulink>).
+ </para>
+ <para>
+ Run the setup program and from View / Category select:
+ </para>
+ <screen>
+ Devel
+ autoconf 2.5
+ automake 1.15
+ binutils
+ cmake
+ gcc-core
+ gcc-g++
+ git
+ make
+ mingw64-i686-gcc-core
+ mingw64-i686-zlib
+ Editors
+ vim
+ Libs
+ libxslt: GNOME XSLT library (runtime)
+ Net
+ curl
+ openssh
+ Text
+ docbook-dssl
+ docbook-sgml31
+ docbook-utils
+ openjade
+ Utils
+ gnupg
+ Web
+ w3m
+</screen>
+
+ <para>
+ If you haven't already downloaded the Privoxy source code, get it now:
+ </para>
+ <screen>
+ mkdir <root-dir>
+ cd <root-dir>
+ git clone https://www.privoxy.org/git/privoxy.git
+</screen>
+
+ <para>
+ Get the source code (.zip or .tar.gz) for tidy from
+ <ulink url="https://github.com/htacg/tidy-html5/releases">
+ https://github.com/htacg/tidy-html5/releases</ulink>,
+ unzip into <root-dir> and build the software:
+ </para>
+ <screen>
+ cd <root-dir>
+ cd tidy-html5-x.y.z/build/cmake
+ cmake ../.. -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIB:BOOL=OFF -DCMAKE_INSTALL_PREFIX=/usr/local
+ make && make install
+</screen>
+
+ <para>
+ If you want to be able to make a Windows release package, get the NSIS .zip file from
+ <!-- FIXME: which version(s) are known to work? -->
+ <ulink url="https://sourceforge.net/projects/nsis/files/NSIS%203/">
+ https://sourceforge.net/projects/nsis/files/NSIS%203/</ulink>
+ and extract the NSIS directory to <literal>privoxy/windows</literal>.
+ Then edit the windows/GNUmakefile to set the location of the NSIS executable - eg:
+ </para>
+ <screen>
+# Path to NSIS
+MAKENSIS = ./nsis/makensis.exe
+</screen>
+
+ </sect4>
+
+ <sect4 id="WINBUILD-BUILD"><title>Build</title>
+
+ <para>
+ To build just the Privoxy executable and not the whole installation package, do:
+ </para>
+ <programlisting>
+ cd <root-dir>/privoxy
+ ./windows/MYconfigure && make
+</programlisting>
+
+ <para>
+ Privoxy uses the <ulink url="https://en.wikipedia.org/wiki/GNU_build_system">GNU Autotools</ulink>
+ for building software, so the process is:
+ </para>
+ <programlisting>
+ $ autoheader # creates config.h.in
+ $ autoconf # uses config.h.in to create the configure shell script
+ $ ./configure [options] # creates GNUmakefile
+ $ make [options] # builds the program
+</programlisting>
+
+ <para>
+ The usual <literal>configure</literal> options for building a native Windows application under cygwin are
+ </para>
+
+ <literallayout class="Monospaced">
+ --host=i686-w64-mingw32
+ --enable-mingw32
+ --enable-zlib
+ --enable-static-linking
+ --disable-pthread
+ --disable-dynamic-pcre
+</literallayout>
+
+ <para>
+ You can set the <literal>CFLAGS</literal> and <literal>LDFLAGS</literal> envars before
+ running <literal>configure</literal> to set compiler and linker flags. For example:
+ </para>
+
+ <programlisting>
+ $ export CFLAGS="-O2" # set gcc optimization level
+ $ export LDFLAGS="-Wl,--nxcompat" # Enable DEP
+ $ ./configure --host=i686-w64-mingw32 --enable-mingw32 --enable-zlib \
+ > --enable-static-linking --disable-pthread --disable-dynamic-pcre
+ $ make # build Privoxy
+</programlisting>
+
+ <para>
+ See the <ulink url="../developer-manual/newrelease.html#NEWRELEASE-WINDOWS">Developer's Manual</ulink>
+ for building a Windows release package.
+ </para>
+
+ </sect4>
+ </sect3>
</sect2>
+
+
<!-- ~~~~~ New section ~~~~~ -->
<sect2 id="installation-keepupdated"><title>Keeping your Installation Up-to-Date</title>
versions of <application>Privoxy</application>:
</para>
-<para>
<itemizedlist>
<listitem>
that filtering does not work on compressed pages, so if you use, or want to
use, filtering, you will need to force compression off. Example:
</para>
- <para>
<screen>
{ +<link linkend="filter">filter</link>{google} +<link linkend="prevent-compression">prevent-compression</link> }
.google.</screen>
- </para>
<para>
Or if you use a number of filters, or filter many sites, you may just want
to turn off compression for all sites in
-->
</itemizedlist>
-</para>
</sect2>
</sect1>
<!-- ~~~~~ New section ~~~~~ -->
<sect1 id="quickstart"><title>Quickstart to Using Privoxy</title>
-<para>
+
<itemizedlist>
<listitem>
<listitem>
<para>
Set your browser to use <application>Privoxy</application> as HTTP and
- HTTPS (SSL) <ulink url="http://en.wikipedia.org/wiki/Proxy_server">proxy</ulink>
+ HTTPS (SSL) <ulink url="https://en.wikipedia.org/wiki/Proxy_server">proxy</ulink>
by setting the proxy configuration for address of
<literal>127.0.0.1</literal> and port <literal>8118</literal>.
<emphasis>DO NOT</emphasis> activate proxying for <literal>FTP</literal> or
<para>
Flush your browser's disk and memory caches, to remove any cached ad images.
If using <application>Privoxy</application> to manage
- <ulink url="http://en.wikipedia.org/wiki/Browser_cookie">cookies</ulink>,
+ <ulink url="https://en.wikipedia.org/wiki/Browser_cookie">cookies</ulink>,
you should remove any currently stored cookies too.
</para>
</listitem>
</listitem>
</itemizedlist>
-</para>
<!-- ~~~~~ New section ~~~~~ -->
<literal><link linkend="set-image-blocker">set-image-blocker</link></literal>:
</para>
-<para>
<itemizedlist>
<listitem>
</listitem>
</itemizedlist>
-</para>
<para>
Advanced users will eventually want to explore &my-app;
A quick and simple step by step example:
</para>
-<para>
<itemizedlist>
<listitem>
</para>
<!-- image of editor and actions files selections -->
- <para>
<figure pgwide="0" float="0"><title>Actions Files in Use</title>
<mediaobject>
<imageobject>
</textobject>
</mediaobject>
</figure>
- </para>
</listitem>
<listitem>
</listitem>
</itemizedlist>
-</para>
<para>
This is a very crude and simple example. There might be good reasons to use a
Before launching <application>Privoxy</application> for the first time, you
will want to configure your browser(s) to use
<application>Privoxy</application> as a HTTP and HTTPS (SSL)
- <ulink url="http://en.wikipedia.org/wiki/Proxy_server">proxy</ulink>. The default is
+ <ulink url="https://en.wikipedia.org/wiki/Proxy_server">proxy</ulink>. The default is
127.0.0.1 (or localhost) for the proxy address, and port 8118 (earlier versions
used port 8000). This is the one configuration step <emphasis>that must be done
</emphasis>!
</para>
<!-- image of Mozilla Proxy configuration -->
- <para>
<figure pgwide="0" float="0"><title>Proxy Configuration Showing
- Mozilla/Netscape HTTP and HTTPS (SSL) Settings</title>
+ Mozilla Firefox HTTP and HTTPS (SSL) Settings</title>
<mediaobject>
<imageobject>
<imagedata fileref="proxy_setup.jpg" format="jpg">
</imageobject>
<textobject>
- <phrase>[ Screenshot of Mozilla Proxy Configuration ]</phrase>
+ <phrase>[ Screenshot of Mozilla Firefox Proxy Configuration ]</phrase>
</textobject>
</mediaobject>
</figure>
- </para>
<para>
</para>
<literallayout>
- <guibutton>Tools</guibutton> -> <guibutton>Options</guibutton> -> <guibutton>Advanced</guibutton> -> <guibutton>Network</guibutton> -><guibutton>Connection</guibutton> -> <guibutton>Settings</guibutton>
+ <guibutton>Edit</guibutton> -> <guibutton>Preferences</guibutton> -> <guibutton>Network Settings</guibutton> -> <guibutton>Settings</guibutton>
</literallayout>
<para>
</para>
<!-- image of IE Proxy configuration -->
- <para>
<figure pgwide="0" float="0"><title>Proxy Configuration Showing
Internet Explorer HTTP and HTTPS (Secure) Settings</title>
<mediaobject>
</textobject>
</mediaobject>
</figure>
- </para>
<para>
After doing this, flush your browser's disk and memory caches to force a
re-reading of all pages and to get rid of any ads that may be cached. Remove
- any <ulink url="http://en.wikipedia.org/wiki/Browser_cookie">cookies</ulink>,
+ any <ulink url="https://en.wikipedia.org/wiki/Browser_cookie">cookies</ulink>,
if you want <application>Privoxy</application> to manage that. You are now
ready to start enjoying the benefits of using
<application>Privoxy</application>!
<filename>/etc/privoxy/config</filename> as its main configuration
file.
</para>
-<para>
<screen>
# /etc/init.d/privoxy start
</screen>
-</para>
</sect2>
<sect2 id="start-freebsd">
<para>
To start <application>Privoxy</application> manually, run:
</para>
-<para>
<screen>
# service privoxy onestart
</screen>
-</para>
</sect2>
<sect2 id="start-windows">
<para>
Example Unix startup command:
</para>
-<para>
<screen>
# /usr/sbin/privoxy --user privoxy /etc/privoxy/config
</screen>
-</para>
<para>
Note that if you installed <application>Privoxy</application> through
a package manager, the package will probably contain a platform-specific
</para>
</sect2>
-<sect2 id="start-os2">
-<title>OS/2</title>
-<para>
- During installation, <application>Privoxy</application> is configured to
- start automatically when the system restarts. You can start it manually by
- double-clicking on the <application>Privoxy</application> icon in the
- <application>Privoxy</application> folder.
-</para>
-</sect2>
-
<sect2 id="start-macosx">
<title>Mac OS X</title>
<para>
command-line options:
</para>
-<para>
<itemizedlist>
<listitem>
</listitem>
</itemizedlist>
-</para>
<para>
On <application>MS Windows</application> only there are two additional
</para>
<!-- Needs to be put in a table and colorized -->
-<screen>
+<screen><!-- want the background color that goes with screen -->
<msgtext>
<bridgehead renderas="sect2"> Privoxy Menu</bridgehead>
-
<simplelist>
<member>
▪ <ulink url="http://config.privoxy.org/show-status">View & change the current configuration</ulink>
</member>
<member>
- ▪ <ulink url="http://config.privoxy.org/show-version">View the source code version numbers</ulink>
+ ▪ <ulink url="http://config.privoxy.org/client-tags">View or toggle the tags that can be set based on the client's address</ulink>
</member>
<member>
▪ <ulink url="http://config.privoxy.org/show-request">View the request headers.</ulink>
<sect2 id="confoverview">
<title>Configuration Files Overview</title>
<para>
- For Unix, *BSD and Linux, all configuration files are located in
- <filename>/etc/privoxy/</filename> by default. For MS Windows, OS/2, and
- AmigaOS these are all in the same directory as the
+ For Unix, *BSD and GNU/Linux, all configuration files are located in
+ <filename>/etc/privoxy/</filename> by default. For MS Windows
+ these are all in the same directory as the
<application>Privoxy</application> executable. <![%p-not-stable;[ The name
and number of configuration files has changed from previous versions, and is
subject to change as development progresses.]]>
principle configuration files are:
</para>
-<para>
<itemizedlist>
<listitem>
<para>
The <link linkend="config">main configuration file</link> is named <filename>config</filename>
- on Linux, Unix, BSD, OS/2, and AmigaOS and <filename>config.txt</filename>
+ on GNU/Linux, Unix, BSD, and <filename>config.txt</filename>
on Windows. This is a required file.
</para>
</listitem>
</listitem>
</itemizedlist>
-</para>
<para>
The syntax of the configuration and filter files may change between different
are three action files included with <application>Privoxy</application> with
differing purposes:
</para>
-<para>
<itemizedlist>
<listitem>
<para>
The default profiles, and their associated actions, as pre-defined in
<filename>default.action</filename> are:
</para>
- <para>
- <table frame=all><title>Default Configurations</title>
+ <table frame=all id="default-configurations"><title>Default Configurations</title>
<tgroup cols=4 align=left colsep=1 rowsep=1>
<colspec colname=c1>
<colspec colname=c2>
</tbody>
</tgroup>
</table>
- </para>
</listitem>
</itemizedlist>
-</para>
<para>
The list of actions files to be used are defined in the main configuration
might look like:
</para>
- <para>
<screen>
{ +<literal>handle-as-image</literal> +<literal>block{Banner ads.}</literal> }
# Block these as if they were images. Send no block page.
banners.example.com
media.example.com/.*banners
.example.com/images/ads/</screen>
- </para>
<para>
You can trace this process for URL patterns and any given URL by visiting <ulink
The pattern matching syntax is different for the host and path parts of
the URL. The host part uses a simple globbing type matching technique,
while the path part uses more flexible
- <ulink url="http://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
+ <ulink url="https://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
Expressions</quote></ulink> (POSIX 1003.2).
</para>
<para>
themselves. These work similarly to shell globbing type wild-cards:
<quote>*</quote> represents zero or more arbitrary characters (this is
equivalent to the
- <ulink url="http://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
+ <ulink url="https://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
Expression</quote></ulink> based syntax of <quote>.*</quote>),
<quote>?</quote> represents any single character (this is equivalent to the
regular expression syntax of a simple <quote>.</quote>), and you can define
While flexible, this is not the sophistication of full regular expression based syntax.
</para>
+<para>
+ When compiled with FEATURE_PCRE_HOST_PATTERNS patterns can be prefixed with
+ <quote>PCRE-HOST-PATTERN:</quote> in which case full regular expression
+ (PCRE) can be used for the host pattern as well.
+</para>
+
</sect3>
<!-- ~ End section ~ -->
<para>
<application>Privoxy</application> uses <quote>modern</quote> POSIX 1003.2
- <ulink url="http://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
+ <ulink url="https://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
Expressions</quote></ulink> for matching the path portion (after the slash),
and is thus more flexible.
</para>
Example:
</para>
-<para>
<screen>
# If the admin defined the client-specific-tag circumvent-blocks,
# and the request comes from a client that previously requested
# the previous one.
{+block{Nobody is supposed to request this.}}
example.org/blocked-example-page</screen>
-</para>
</sect3>
Actions fall into three categories:
</para>
-<para>
<itemizedlist>
<listitem>
<para>
Boolean, i.e the action can only be <quote>enabled</quote> or
<quote>disabled</quote>. Syntax:
</para>
- <para>
<screen>
+<replaceable class="function">name</replaceable> # enable action <replaceable class="parameter">name</replaceable>
-<replaceable class="function">name</replaceable> # disable action <replaceable class="parameter">name</replaceable></screen>
- </para>
<para>
Example: <literal>+handle-as-image</literal>
</para>
Parameterized, where some value is required in order to enable this type of action.
Syntax:
</para>
- <para>
<screen>
+<replaceable class="function">name</replaceable>{<replaceable class="parameter">param</replaceable>} # enable action and set parameter to <replaceable class="parameter">param</replaceable>,
# overwriting parameter from previous match if necessary
-<replaceable class="function">name</replaceable> # disable action. The parameter can be omitted</screen>
- </para>
<para>
Note that if the URL matches multiple positive forms of a parameterized action,
the last match wins, i.e. the params from earlier matches are simply ignored.
that can be executed for the same request repeatedly, like adding multiple
headers, or filtering through multiple filters. Syntax:
</para>
- <para>
<screen>
+<replaceable class="function">name</replaceable>{<replaceable class="parameter">param</replaceable>} # enable action and add <replaceable class="parameter">param</replaceable> to the list of parameters
-<replaceable class="function">name</replaceable>{<replaceable class="parameter">param</replaceable>} # remove the parameter <replaceable class="parameter">param</replaceable> from the list of parameters
# If it was the last one left, disable the action.
<replaceable class="parameter">-name</replaceable> # disable this action completely and remove all parameters from the list</screen>
- </para>
<para>
Examples: <literal>+add-header{X-Fun-Header: Some text}</literal> and
<literal>+filter{html-annoyances}</literal>
</listitem>
</itemizedlist>
-</para>
<para>
If nothing is specified in any actions file, no <quote>actions</quote> are
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen># Add a DNT ("Do not track") header to all requests,
# event to those that already have one.
#
# header may make user-tracking easier.
{+add-header{DNT: 1}}
/</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen>{+block{No nasty stuff for you.}}
# Block and replace with "blocked" page
.nasty-stuff.example.com
{+block{Layered ads.} +handle-as-empty-document}
# Block and then ignore
adserver.example.net/.*\.js$</screen>
- </para>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>+change-x-forwarded-for{block}</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
one. This can be used to rewrite the request destination behind the client's
back, for example to specify a Tor exit relay for certain requests.
</para>
+ <para>
+ Note that to change the destination host for
+ <link linkend="HTTPS-INSPECTION">https-inspected</link>
+ requests a protocol and host has to be added to the URI.
+ </para>
+ <para>
+ If <link linkend="HTTPS-INSPECTION">https inspection</link>
+ is enabled, the protocol can be downgraded from https to http
+ but upgrading a request from http to https is currently not
+ supported.
+ </para>
+ <para>
+ After detecting a rewrite, &my-app; does not update the actions
+ used for the request based on the new host.
+ </para>
<para>
Please refer to the <link linkend="filter-file">filter file chapter</link>
to learn which client-header filters are available by default, and how to
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen>
# Hide Tor exit notation in Host and Referer Headers
{+client-header-filter{hide-tor-exit-notation}}
/
- </screen>
+</screen>
+ </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect4" id="client-body-filter">
+<title>client-body-filter</title>
+
+<variablelist>
+ <varlistentry>
+ <term>Typical use:</term>
+ <listitem>
+ <para>
+ Rewrite or remove client request body.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Effect:</term>
+ <listitem>
+ <para>
+ All request bodies to which this action applies are filtered on-the-fly through
+ the specified regular expression based substitutions.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Type:</term>
+ <!-- boolean, parameterized, Multi-value -->
+ <listitem>
+ <para>Multi-value.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Parameter:</term>
+ <listitem>
+ <para>
+ The name of a client-body filter, as defined in one of the
+ <link linkend="filter-file">filter files</link>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Notes:</term>
+ <listitem>
+ <para>
+ Please refer to the <link linkend="filter-file">filter file chapter</link>
+ to learn how to create your own client-body filters.
+ </para>
+ <para>
+ The distribution <filename>default.filter</filename> file contains a selection of
+ client-body filters for example purposes.
+ </para>
+ <para>
+ The amount of data that can be filtered is limited by the
+ <literal><link linkend="buffer-limit">buffer-limit</link></literal>
+ option in the main <link linkend="config">config file</link>. The
+ default is 4096 KB (4 Megs). Once this limit is exceeded, the whole
+ request body is passed through unfiltered.
</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>Example usage (section):</term>
+ <listitem>
+ <screen>
+# Remove "test" everywhere in the request body
+{+client-body-filter{remove-test}}
+/
+</screen>
+ </listitem>
+ </varlistentry>
+
</variablelist>
</sect3>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen>
# Tag every request with the User-Agent header
{+client-header-tagger{user-agent}}
TAG:^User-Agent: fetch libfetch/
TAG:^User-Agent: Ubuntu APT-HTTP/
TAG:^User-Agent: MPlayer/
- </screen>
- </para>
- <para>
+</screen>
+
<screen>
# Tag all requests with the Range header set
{+client-header-tagger{range-requests}}
# parts of multimedia files.
{-filter -deanimate-gifs}
TAG:^RANGE-REQUEST$
- </screen>
- </para>
- <para>
+</screen>
+
<screen>
# Tag all requests with the client IP address
#
# Change forwarding settings for requests coming from address 10.0.0.1
{+forward-override{forward-socks5 127.0.1.2:2222 .}}
TAG:^IP-ADDRESS: 10\.0\.0\.1$
- </screen>
- </para>
+</screen>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage (sections):</term>
<listitem>
- <para>
<screen># Check if www.example.net/ really uses valid XHTML
{ +content-type-overwrite{application/xml} }
www.example.net/
www.example.net/.*\.css$
www.example.net/.*style
</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen># Block the non-existent "Privacy-Violation:" client header
{ +crunch-client-header{Privacy-Violation:} }
/
- </screen>
- </para>
+</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen># Let the browser revalidate cached documents but don't
# allow the server to use the revalidation headers for user tracking.
{+hide-if-modified-since{-60} \
+overwrite-last-modified{randomize} \
+crunch-if-none-match}
-/ </screen>
- </para>
+/
+</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>+crunch-incoming-cookies</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen># Crunch server headers that try to prevent caching
{ +crunch-server-header{no-cache} }
-/ </screen>
- </para>
+/
+</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>+crunch-outgoing-cookies</screen>
- </para>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>+deanimate-gifs{last}</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
</sect3>
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect4" id="delay-response">
+<title>delay-response</title>
+
+<variablelist>
+ <varlistentry>
+ <term>Typical use:</term>
+ <listitem>
+ <para>Delay responses to the client to reduce the load</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Effect:</term>
+ <listitem>
+ <para>
+ Delays responses to the client by sending the response in ca. 10 byte chunks.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Type:</term>
+ <!-- boolean, parameterized, Multi-value -->
+ <listitem>
+ <para>Parameterized.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Parameter:</term>
+ <listitem>
+ <para>
+ <quote>Number of milliseconds</quote>
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Notes:</term>
+ <listitem>
+ <para>
+ Sometimes when JavaScript code is used to fetch advertisements
+ it doesn't respect Privoxy's blocks and retries to fetch the
+ same resource again causing unnecessary load on the client.
+ </para>
+ <para>
+ This action delays responses to the client and can be combined
+ with <literal><link linkend="block">blocks</link></literal>
+ to slow down the JavaScript code, thus reducing
+ the load on the client.
+ </para>
+ <para>
+ When used without <literal><link linkend="block">blocks</link></literal>
+ the action can also be used to simulate a slow internet connection.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Example usage:</term>
+ <listitem>
+ <screen>+delay-response{100}</screen>
+ </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
<!-- ~~~~~ New section ~~~~~ -->
<sect3 renderas="sect4" id="downgrade-http-version">
<title>downgrade-http-version</title>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen>{+downgrade-http-version}
problem-host.example.com</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
</sect3>
+
<!-- ~~~~~ New section ~~~~~ -->
<sect3 renderas="sect4" id="external-filter">
<title>external-filter</title>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>+external-filter{fancy-filter}</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
looks for the string <quote>http://</quote>, either in plain text
(invalid but often used) or encoded as <quote>http%3a//</quote>.
Some sites use their own URL encoding scheme, encrypt the address
- of the target server or replace it with a database id. In theses cases
+ of the target server or replace it with a database id. In these cases
<literal>fast-redirects</literal> is fooled and the request reaches the
redirection server where it probably gets logged.
</para>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>
{ +fast-redirects{simple-check} }
one.example.com
{ +fast-redirects{check-decoded-url} }
another.example.com/testing</screen>
- </para>
</listitem>
</varlistentry>
<para>
<quote>Rolling your own</quote>
filters requires a knowledge of
- <ulink url="http://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
+ <ulink url="https://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
Expressions</quote></ulink> and
- <ulink url="http://en.wikipedia.org/wiki/Html"><quote>HTML</quote></ulink>.
+ <ulink url="https://en.wikipedia.org/wiki/Html"><quote>HTML</quote></ulink>.
This is very powerful feature, and potentially very intrusive.
Filters should be used with caution, and where an equivalent
<quote>action</quote> is not available.
</para>
<para>
- The amount of data that can be filtered is limited to the
+ The amount of data that can be filtered is limited by the
<literal><link linkend="buffer-limit">buffer-limit</link></literal>
option in the main <link linkend="config">config file</link>. The
default is 4096 KB (4 Megs). Once this limit is exceeded, the buffered
<listitem>
<para>
<anchor id="filter-js-annoyances">
- <screen>+filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse.</screen>
</para>
+ <screen>+filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse.</screen>
<para>
<anchor id="filter-js-events">
- <screen>+filter{js-events} # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).</screen>
</para>
+ <screen>+filter{js-events} # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).</screen>
<para>
<anchor id="filter-html-annoyances">
- <screen>+filter{html-annoyances} # Get rid of particularly annoying HTML abuse.</screen>
</para>
+ <screen>+filter{html-annoyances} # Get rid of particularly annoying HTML abuse.</screen>
<para>
<anchor id="filter-content-cookies">
- <screen>+filter{content-cookies} # Kill cookies that come in the HTML or JS content.</screen>
</para>
+ <screen>+filter{content-cookies} # Kill cookies that come in the HTML or JS content.</screen>
<para>
<anchor id="filter-refresh-tags">
- <screen>+filter{refresh-tags} # Kill automatic refresh tags if refresh time is larger than 9 seconds.</screen>
</para>
+ <screen>+filter{refresh-tags} # Kill automatic refresh tags if refresh time is larger than 9 seconds.</screen>
<para>
<anchor id="filter-unsolicited-popups">
- <screen>+filter{unsolicited-popups} # Disable only unsolicited pop-up windows.</screen>
</para>
+ <screen>+filter{unsolicited-popups} # Disable only unsolicited pop-up windows.</screen>
<para>
<anchor id="filter-all-popups">
- <screen>+filter{all-popups} # Kill all popups in JavaScript and HTML.</screen>
</para>
+ <screen>+filter{all-popups} # Kill all popups in JavaScript and HTML.</screen>
<para>
<anchor id="filter-img-reorder">
- <screen>+filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective.</screen>
</para>
+ <screen>+filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective.</screen>
<para>
<anchor id="filter-banners-by-size">
- <screen>+filter{banners-by-size} # Kill banners by size.</screen>
</para>
+ <screen>+filter{banners-by-size} # Kill banners by size.</screen>
<para>
<anchor id="filter-banners-by-link">
- <screen>+filter{banners-by-link} # Kill banners by their links to known clicktrackers.</screen>
</para>
+ <screen>+filter{banners-by-link} # Kill banners by their links to known clicktrackers.</screen>
<para>
<anchor id="filter-webbugs">
- <screen>+filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking).</screen>
</para>
+ <screen>+filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking).</screen>
<para>
<anchor id="filter-tiny-textforms">
- <screen>+filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap.</screen>
</para>
+ <screen>+filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap.</screen>
<para>
<anchor id="filter-jumping-windows">
- <screen>+filter{jumping-windows} # Prevent windows from resizing and moving themselves.</screen>
</para>
+ <screen>+filter{jumping-windows} # Prevent windows from resizing and moving themselves.</screen>
<para>
<anchor id="filter-frameset-borders">
- <screen>+filter{frameset-borders} # Give frames a border and make them resizable.</screen>
</para>
+ <screen>+filter{frameset-borders} # Give frames a border and make them resizable.</screen>
<para>
<anchor id="filter-iframes">
- <screen>+filter{iframes} # Removes all detected iframes. Should only be enabled for individual sites.</screen>
</para>
+ <screen>+filter{iframes} # Removes all detected iframes. Should only be enabled for individual sites.</screen>
<para>
<anchor id="filter-demoronizer">
- <screen>+filter{demoronizer} # Fix MS's non-standard use of standard charsets.</screen>
</para>
+ <screen>+filter{demoronizer} # Fix MS's non-standard use of standard charsets.</screen>
<para>
<anchor id="filter-shockwave-flash">
- <screen>+filter{shockwave-flash} # Kill embedded Shockwave Flash objects.</screen>
</para>
+ <screen>+filter{shockwave-flash} # Kill embedded Shockwave Flash objects.</screen>
<para>
<anchor id="filter-quicktime-kioskmode">
- <screen>+filter{quicktime-kioskmode} # Make Quicktime movies saveable.</screen>
</para>
+ <screen>+filter{quicktime-kioskmode} # Make Quicktime movies saveable.</screen>
<para>
<anchor id="filter-fun">
- <screen>+filter{fun} # Text replacements for subversive browsing fun!</screen>
</para>
+ <screen>+filter{fun} # Text replacements for subversive browsing fun!</screen>
<para>
<anchor id="filter-crude-parental">
- <screen>+filter{crude-parental} # Crude parental filtering. Note that this filter doesn't work reliably.</screen>
</para>
+ <screen>+filter{crude-parental} # Crude parental filtering. Note that this filter doesn't work reliably.</screen>
<para>
<anchor id="filter-ie-exploits">
- <screen>+filter{ie-exploits} # Disable some known Internet Explorer bug exploits.</screen>
</para>
+ <screen>+filter{ie-exploits} # Disable some known Internet Explorer bug exploits.</screen>
<para>
<anchor id="filter-site-specifics">
- <screen>+filter{site-specifics} # Cure for site-specific problems. Don't apply generally!</screen>
</para>
+ <screen>+filter{site-specifics} # Cure for site-specific problems. Don't apply generally!</screen>
<para>
<anchor id="filter-no-ping">
+ </para>
<screen>+filter{no-ping} # Removes non-standard ping attributes in <a> and <area> tags.</screen>
+ <para>
+ <anchor id="filter-github">
</para>
+ <screen>+filter{github} # Removes the annoying "Sign-Up" banner and the Cookie disclaimer.</screen>
<para>
<anchor id="filter-google">
+ </para>
<screen>+filter{google} # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.</screen>
+ <para>
+ <anchor id="filter-imdb">
</para>
+ <screen>+filter{imdb} # Removes some ads on IMDb.</screen>
<para>
<anchor id="filter-yahoo">
- <screen>+filter{yahoo} # CSS-based block for Yahoo text ads. Also removes a width limitation.</screen>
</para>
+ <screen>+filter{yahoo} # CSS-based block for Yahoo text ads. Also removes a width limitation.</screen>
<para>
<anchor id="filter-msn">
- <screen>+filter{msn} # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.</screen>
</para>
+ <screen>+filter{msn} # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.</screen>
<para>
<anchor id="filter-blogspot">
+ </para>
<screen>+filter{blogspot} # Cleans up some Blogspot blogs. Read the fine print before using this.</screen>
+ <para>
+ <anchor id="filter-sourceforge">
</para>
+ <screen>+filter{sourceforge} # Reduces the amount of ads for proprietary software on SourceForge.</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>
+force-text-mode
- </screen>
- </para>
+</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>
# Use an ssh tunnel for requests previously tagged as
# <quote>User-Agent: fetch libfetch/2.0</quote> and make sure
-overwrite-last-modified \
}
TAG:^User-Agent: fetch libfetch/2\.0$
- </screen>
- </para>
+</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen># Block all documents on example.org that end with ".js",
# but send an empty document instead of the usual HTML message.
{+block{Blocked JavaScript} +handle-as-empty-document}
example.org/.*\.js$
- </screen>
- </para>
+</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (sections):</term>
<listitem>
- <para>
<screen># Generic image extensions:
#
{+handle-as-image}
{+block{Nasty banners.} +handle-as-image}
nasty-banner-server.example.com/junk.cgi\?output=trash
</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen># Pretend to use Canadian language settings.
{+hide-accept-language{en-ca} \
+hide-user-agent{Mozilla/5.0 (X11; U; OpenBSD i386; en-CA; rv:1.8.0.4) Gecko/20060628 Firefox/1.5.0.4} \
}
-/ </screen>
- </para>
+/
+</screen>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen># Disarm the download link in Sourceforge's patch tracker
{ -filter \
+content-type-overwrite{text/plain}\
+hide-content-disposition{block} }
.sourceforge.net/tracker/download\.php</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen># Let the browser revalidate but make tracking based on the time less likely.
{+hide-if-modified-since{-60} \
+overwrite-last-modified{randomize} \
+crunch-if-none-match}
/</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
- <screen>+hide-from-header{block}</screen> or
+ <screen>+hide-from-header{block}</screen>
+ <para>or</para>
<screen>+hide-from-header{spam-me-senseless@sittingduck.example.com}</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
- <screen>+hide-referrer{forge}</screen> or
+ <screen>+hide-referrer{forge}</screen>
+ <para>or</para>
<screen>+hide-referrer{http://www.yahoo.com/}</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
More information on known user-agent strings can be found at
<ulink url="http://www.user-agents.org/">http://www.user-agents.org/</ulink>
and
- <ulink url="http://en.wikipedia.org/wiki/User_agent">http://en.wikipedia.org/wiki/User_agent</ulink>.
+ <ulink url="https://en.wikipedia.org/wiki/User_agent">http://en.wikipedia.org/wiki/User_agent</ulink>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage:</term>
+ <listitem>
+ <screen>+hide-user-agent{Mozilla/5.0 (X11; ElectroBSD i386; rv:78.0) Gecko/20100101 Firefox/78.0}</screen>
+ </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect4" id="https-inspection">
+<title>https-inspection</title>
+
+<variablelist>
+ <varlistentry>
+ <term>Typical use:</term>
+ <listitem>
+ <para>Filter encrypted requests and responses</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Effect:</term>
+ <listitem>
+ <para>
+ Encrypted requests are decrypted, filtered and forwarded encrypted.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Type:</term>
+ <!-- boolean, parameterized, Multi-value -->
+ <listitem>
+ <para>Boolean.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Parameter:</term>
<listitem>
<para>
- <screen>+hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}</screen>
+ N/A
</para>
</listitem>
</varlistentry>
+
+<varlistentry>
+ <term>Notes:</term>
+ <listitem>
+ <para>
+ This action allows &my-app; to filter encrypted requests and responses.
+ For this to work &my-app; has to generate a certificate and send it
+ to the client which has to accept it.
+ </para>
+ <para>
+ Before this works the directives in the
+ <literal><ulink url="config.html#HTTPS-INSPECTION-DIRECTIVES">HTTPS inspection section</ulink></literal>
+ of the config file have to be configured.
+ </para>
+ <para>
+ Note that the action has to be enabled based on the CONNECT
+ request which doesn't contain a path. Enabling it based on
+ a pattern with path doesn't work as the path is only seen
+ by &my-app; if the action is already enabled.
+ </para>
+ <para>
+ This is an experimental feature.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Example usage (section):</term>
+ <listitem>
+ <screen>{+https-inspection}
+www.example.com</screen>
+ </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect4" id="ignore-certificate-errors">
+<title>ignore-certificate-errors</title>
+
+<variablelist>
+ <varlistentry>
+ <term>Typical use:</term>
+ <listitem>
+ <para>Filter encrypted requests and responses without verifying the certificate</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Effect:</term>
+ <listitem>
+ <para>
+ Encrypted requests are forwarded to sites without verifying the certificate.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Type:</term>
+ <!-- Boolean, Parameterized, Multi-value -->
+ <listitem>
+ <para>Boolean.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Parameter:</term>
+ <listitem>
+ <para>
+ N/A
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Notes:</term>
+ <listitem>
+ <para>
+ When the
+ <link linkend="HTTPS-INSPECTION"><quote>+https-inspection</quote></link>
+ action is used &my-app; by default verifies that the remote site uses a valid
+ certificate.
+ </para>
+ <para>
+ If the certificate can't be validated by &my-app; the connection is aborted.
+ </para>
+ <para>
+ This action disables the certificate check so requests to sites
+ with certificates that can't be validated are allowed.
+ </para>
+ <para>
+ Note that enabling this action allows Man-in-the-middle attacks.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Example usage:</term>
+ <listitem>
+ <screen>
+ {+ignore-certificate-errors}
+ www.example.org
+ </screen>
+ </listitem>
+ </varlistentry>
</variablelist>
</sect3>
<!-- I had trouble getting the spacing to look right in my browser -->
<!-- I probably have the wrong font setup, bollocks. -->
<!-- Apparently the emphasis tag uses a proportional font no matter what -->
- <para>
<screen>+limit-connect{443} # Port 443 is OK.
+limit-connect{80,443} # Ports 80 and 443 are OK.
+limit-connect{-3, 7, 20-100, 500-} # Ports less than 3, 7, 20 to 100 and above 500 are OK.
+limit-connect{-} # All ports are OK
+limit-connect{,} # No HTTPS/SSL traffic is allowed</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usages:</term>
<listitem>
- <para>
- <screen>+limit-cookie-lifetime{60}
- </screen>
- </para>
+ <screen>+limit-cookie-lifetime{60}</screen>
</listitem>
</varlistentry>
</variablelist>
<para>
Note that some (rare) ill-configured sites don't handle requests for uncompressed
documents correctly. Broken PHP applications tend to send an empty document body,
- some IIS versions only send the beginning of the content. If you enable
- <literal>prevent-compression</literal> per default, you might want to add
- exceptions for those sites. See the example for how to do that.
+ some IIS versions only send the beginning of the content and some content delivery
+ networks let the connection time out.
+ If you enable <literal>prevent-compression</literal> per default, you might
+ want to add exceptions for those sites. See the example for how to do that.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage (sections):</term>
<listitem>
- <para>
<screen>
# Selectively turn off compression, and enable a filter
#
#
{ -prevent-compression }
.compusa.com/</screen>
- </para>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen># Let the browser revalidate without being tracked across sessions
{ +hide-if-modified-since{-60} \
+overwrite-last-modified{randomize} \
+crunch-if-none-match}
/</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<varlistentry>
<term>Example usages:</term>
<listitem>
- <para>
<screen># Replace example.com's style sheet with another one
{ +redirect{http://localhost/css-replacements/example.com.css} }
example.com/stylesheet\.css
# Redirect Destination = https://www.illumos.org/issues/4974
i[0-9][0-9][0-9][0-9]*/
+# Redirect requests for the old Tor Hidden Service of the Privoxy website to the new one
+{+redirect{s@^http://jvauzb4sb3bwlsnc.onion/@http://l3tczdiiwoo63iwxty4lhs6p7eaxop5micbn7vbliydgv63x5zrrrfyd.onion/@}}
+jvauzb4sb3bwlsnc.onion/
+
# Redirect remote requests for this manual
# to the local version delivered by Privoxy
{+redirect{s@^http://www@http://config@}}
www.privoxy.org/user-manual/</screen>
- </para>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen>
{+server-header-filter{html-to-xml}}
example.org/xml-instance-that-is-delivered-as-html
{+server-header-filter{xml-to-html}}
example.org/instance-that-is-delivered-as-xml-but-is-not
- </screen>
- </para>
+</screen>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage (section):</term>
<listitem>
- <para>
<screen>
# Tag every request with the content type declared by the server
{+server-header-tagger{content-type}}
# <literal><link linkend="external-filter-syntax">silly example</link></literal>.
{+external-filter{rotate-image} +force-text-mode}
TAG:^image/
- </screen>
- </para>
+</screen>
+ </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!-- ~~~~~ New section ~~~~~ -->
+<sect3 renderas="sect4" id="suppress-tag">
+<title>suppress-tag</title>
+
+<variablelist>
+ <varlistentry>
+ <term>Typical use:</term>
+ <listitem>
+ <para>
+ Suppress client or server tag.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Effect:</term>
+ <listitem>
+ <para>
+ Server or client tags to which this action applies are not added to the request,
+ thus making all actions that are specific to these request tags inactive.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Type:</term>
+ <!-- boolean, parameterized, Multi-value -->
+ <listitem>
+ <para>Multi-value.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Parameter:</term>
+ <listitem>
+ <para>
+ The result tag of a server-header or client-header tagger, as defined in one of the
+ <link linkend="filter-file">filter files</link>.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Example usage (section):</term>
+ <listitem>
+ <screen>
+# Suppress tag produced by range-requests client-header tagger for requests coming from address 10.0.0.1
+{+suppress-tag{RANGE-REQUEST}}
+TAG:^IP-ADDRESS: 10\.0\.0\.1$
+</screen>
</listitem>
</varlistentry>
<varlistentry>
<term>Example usage:</term>
<listitem>
- <para>
<screen>+session-cookies-only</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
<para>
Built-in pattern:
</para>
- <para>
<screen>+set-image-blocker{pattern}</screen>
- </para>
<para>
Redirect to the BSD daemon:
</para>
- <para>
<screen>+set-image-blocker{http://www.freebsd.org/gifs/dae_up3.gif}</screen>
- </para>
<para>
Redirect to the built-in pattern for better caching:
</para>
- <para>
<screen>+set-image-blocker{http://config.privoxy.org/send-banner?type=pattern}</screen>
- </para>
</listitem>
</varlistentry>
</variablelist>
Now let's define some aliases...
</para>
-<para>
<screen>
# Useful custom aliases we can use later.
#
#
c0 = +crunch-all-cookies
c1 = -crunch-all-cookies</screen>
-</para>
<para>
...and put them to use. These sections would appear in the lower part of an
up for the <quote>/</quote> pattern):
</para>
-<para>
<screen>
# These sites are either very complex or very keen on
# user data and require minimal interference to work:
{-filter{all-popups} -filter{unsolicited-popups}}
.dabs.com
.overclockers.co.uk</screen>
-</para>
<para>
Aliases like <quote>shop</quote> and <quote>fragile</quote> are typically used for
multiple lines with line continuation.
</para>
-<para>
<screen>
{ \
+<link linkend="CHANGE-X-FORWARDED-FOR">change-x-forwarded-for{block}</link> \
+<link linkend="SET-IMAGE-BLOCKER">set-image-blocker{pattern}</link> \
}
/ # Match all URLs
- </screen>
-</para>
+</screen>
<para>
The default behavior is now set.
that prevents older &my-app; versions from reading the file:
</para>
-<para>
<screen>
##########################################################################
# Settings -- Don't change! For internal Privoxy use ONLY.
##########################################################################
{{settings}}
for-privoxy-version=3.0.11</screen>
-</para>
<para>
After that comes the (optional) alias section. We'll use the example
that also explains why and how aliases are used:
</para>
-<para>
<screen>
##########################################################################
# Aliases
#
fragile = -<link linkend="BLOCK">block</link> -<link linkend="FILTER">filter</link> -crunch-all-cookies -<link linkend="FAST-REDIRECTS">fast-redirects</link> -<link linkend="HIDE-REFERER">hide-referrer</link>
shop = -crunch-all-cookies -<link linkend="FILTER-ALL-POPUPS">filter{all-popups}</link></screen>
-</para>
<para>
The first of our specialized sections is concerned with <quote>fragile</quote>
of actions explicitly:
</para>
-<para>
<screen>
##########################################################################
# Exceptions for sites that'll break under the default action set:
.office.microsoft.com # surprise, surprise!
.windowsupdate.microsoft.com
mail.google.com</screen>
-</para>
<para>
Shopping sites are not as fragile, but they typically
carts or item details. Again, we'll use a pre-defined alias:
</para>
-<para>
<screen>
# Shopping sites:
#
.worldpay.com # for quietpc.com
.jungle.com
.scan.co.uk</screen>
-</para>
<para>
The <literal><link linkend="FAST-REDIRECTS">fast-redirects</link></literal>
breaks some sites. So disable it for popular sites where we know it misbehaves:
</para>
-<para>
<screen>
{ -<link linkend="FAST-REDIRECTS">fast-redirects</link> }
login.yahoo.com
.altavista.com/.*(like|url|link):http
.altavista.com/trans.*urltext=http
.nytimes.com</screen>
-</para>
<para>
It is important that <application>Privoxy</application> knows which
good start:
</para>
-<para>
<screen>
##########################################################################
# Images:
#
{ +<link linkend="HANDLE-AS-IMAGE">handle-as-image</link> }
/.*\.(gif|jpe?g|png|bmp|ico)$</screen>
-</para>
<para>
And then there are known banner sources. They often use scripts to
action before, it still applies and needn't be repeated:
</para>
-<para>
<screen>
# Known ad generators:
#
.a[0-9].yimg.com/(?:(?!/i/).)*$
bs*.gsanet.com
.qkimg.net</screen>
-</para>
<para>
One of the most important jobs of <application>Privoxy</application>
to keep the example short:
</para>
-<para>
<screen>
##########################################################################
# Block these fine banners:
# Site-specific patterns (abbreviated):
#
.hitbox.com</screen>
-</para>
<para>
It's quite remarkable how many advertisers actually call their banner
with no <literal><link linkend="BLOCK">block</link></literal> action applying.
</para>
-<para>
<screen>
##########################################################################
# Save some innocent victims of the above generic block patterns:
#
www.globalintersec.com/adv # (adv = advanced)
www.ugu.com/sui/ugu/adv</screen>
-</para>
<para>
Filtering source code can have nasty side effects,
disables <emphasis>all</emphasis> filters in one fell swoop!
</para>
-<para>
<screen>
# Don't filter code!
#
developer.
wiki.
.sourceforge.net</screen>
-</para>
<para>
The actual <filename>default.action</filename> is of course much more
<!-- brief sample user.action here -->
-<para>
<screen>
# My user.action file. <fred@example.com></screen>
-</para>
<para>
As <link linkend="aliases">aliases</link> are local to the actions
<filename>default.action</filename>, unless you repeat them here:
</para>
-<para>
<screen>
# Aliases are local to the file they are defined in.
# (Re-)define aliases for this file:
# Alias for specific file types that are text, but might have conflicting
# MIME types. We want the browser to force these to be text documents.
handle-as-text = -<link linkend="FILTER">filter</link> +-<link linkend="content-type-overwrite">content-type-overwrite{text/plain}</link> +-<link linkend="FORCE-TEXT-MODE">force-text-mode</link> -<link linkend="HIDE-CONTENT-DISPOSITION">hide-content-disposition</link></screen>
-</para>
<para>
Say you have accounts on some sites that you visit regularly, and
processing of cookies to make them only temporary.
</para>
-<para>
<screen>
{ allow-all-cookies }
sourceforge.net
.yahoo.com
.msdn.microsoft.com
.redhat.com</screen>
-</para>
<para>
Your bank is allergic to some filter, but you don't know which, so you disable them all:
</para>
-<para>
<screen>
{ -<link linkend="FILTER">filter</link> }
.your-home-banking-site.com</screen>
-</para>
<para>
Some file types you may not want to filter for various reasons:
</para>
-<para>
<screen>
# Technical documentation is likely to contain strings that might
# erroneously get altered by the JavaScript-oriented filters:
# so that Privoxy thinks it is getting HTML and starts filtering:
#
stupid-server.example.com/</screen>
-</para>
<para>
Example of a simple <link linkend="BLOCK">block</link> action. Say you've
in default.action anyway:
</para>
-<para>
<screen>
{ +<link linkend="BLOCK">block</link>{Nasty ads.} }
www.example.com/nasty-ads/sponsor\.gif
another.example.net/more/junk/here/</screen>
-</para>
<para>
The URLs of dynamically generated banners, especially from large banner
browser. Use cautiously.
</para>
-<para>
<screen>
{ +block-as-image }
.doubleclick.net
.fastclick.net
/Realmedia/ads/
ar.atwola.com/</screen>
-</para>
<para>
Now you noticed that the default configuration breaks Forbes Magazine,
that misbehave, and add those to our personalized list of troublemakers:
</para>
-<para>
<screen>
{ fragile }
.forbes.com
webmail.example.com
.mybank.com</screen>
-</para>
<para>
You like the <quote>fun</quote> text replacements in <filename>default.filter</filename>,
update-safe config, once and for all:
</para>
-<para>
<screen>
{ +<link linkend="filter-fun">filter{fun}</link> }
/ # For ALL sites!</screen>
-</para>
<para>
Note that the above is not really a good idea: There are exceptions
sites that you feel provide value to you:
</para>
-<para>
<screen>
{ allow-ads }
.sourceforge.net
.slashdot.org
.osdn.net</screen>
-</para>
<para>
Note that <literal>allow-ads</literal> has been aliased to
it should I choose to.
</para>
-<para>
<screen>
{ handle-as-text }
/.*\.sh$</screen>
-</para>
<para>
<filename>user.action</filename> is generally the best place to define
paths and patterns:
</para>
-<para>
<screen>
{ +<link linkend="set-image-blocker">set-image-blocker{blank}</link> }
/ # ALL sites</screen>
-</para>
</sect3>
</sect2>
</para>
<para>
- &my-app; supports three different pcrs-based filter actions:
+ &my-app; supports four different pcrs-based filter actions:
<literal><link linkend="filter">filter</link></literal> to
rewrite the content that is send to the client,
<literal><link linkend="client-header-filter">client-header-filter</link></literal>
- to rewrite headers that are send by the client, and
+ to rewrite headers that are send by the client,
<literal><link linkend="server-header-filter">server-header-filter</link></literal>
- to rewrite headers that are send by the server.
+ to rewrite headers that are send by the server, and
+ <literal><link linkend="client-body-filter">client-body-filter</link></literal>
+ to rewrite client request body.
</para>
<para>
filter file is organized in sections, which are called <emphasis>filters</emphasis>
here. Each filter consists of a heading line, that starts with one of the
<emphasis>keywords</emphasis> <literal>FILTER:</literal>,
- <literal>CLIENT-HEADER-FILTER:</literal> or <literal>SERVER-HEADER-FILTER:</literal>
+ <literal>CLIENT-HEADER-FILTER:</literal>, <literal>SERVER-HEADER-FILTER:</literal> or
+ <literal>CLIENT-BODY-FILTER:</literal>
followed by the filter's <emphasis>name</emphasis>, and a short (one line)
<emphasis>description</emphasis> of what it does. Below that line
come the <emphasis>jobs</emphasis>, i.e. lines that define the actual
like this:
</para>
-<para>
<screen>FILTER: foo Replace all "foo" with "bar"</screen>
-</para>
<para>
Below that line, and up to the next header line, come the jobs that
<para>
If you are new to
- <ulink url="http://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
+ <ulink url="https://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
Expressions</quote></ulink>, you might want to take a look at
the <link linkend="regex">Appendix on regular expressions</link>, and
see the <ulink url="http://perldoc.perl.org/perlre.html">Perl
needed:
</para>
-<para>
<screen>s/foo/bar/</screen>
-</para>
<para>
But wait! Didn't the comment say that <emphasis>all</emphasis> occurrences
we'll need to add the <literal>g</literal> option:
</para>
-<para>
<screen>s/foo/bar/g</screen>
-</para>
<para>
Our complete filter now looks like this:
</para>
-<para>
+
<screen>FILTER: foo Replace all "foo" with "bar"
s/foo/bar/g</screen>
-</para>
<para>
Let's look at some real filters for more interesting examples. Here you see
</para>
-<para>
<screen>
FILTER: js-annoyances Get rid of particularly annoying JavaScript abuse
# Get rid of JavaScript referrer tracking. Test page: http://www.randomoddness.com/untitled.htm
#
s|(<script.*)document\.referrer(.*</script>)|$1"Not Your Business!"$2|Usg</screen>
-</para>
<para>
Following the header line and a comment, you see the job. Note that it uses
this time only point out the constructs of special interest:
</para>
-<para>
<screen>
# The status bar is for displaying link targets, not pointless blahblah
#
s/window\.status\s*=\s*(['"]).*?\1/dUmMy=1/ig</screen>
-</para>
<para>
<literal>\s</literal> stands for whitespace characters (space, tab, newline,
you move your mouse over links.
</para>
-<para>
<screen>
# Kill OnUnload popups. Yummy. Test: http://www.zdnet.com/zdsubs/yahoo/tree/yfs.html
#
s/(<body [^>]*)onunload(.*>)/$1never$2/iU</screen>
-</para>
<para>
Including the
The last example is from the fun department:
</para>
-<para>
<screen>
FILTER: fun Fun text replacements
# Spice the daily news:
#
s/microsoft(?!\.com)/MicroSuck/ig</screen>
-</para>
<para>
Note the <literal>(?!\.com)</literal> part (a so-called negative lookahead)
still replacing the word everywhere else.
</para>
-<para>
<screen>
# Buzzword Bingo (example for extended regex syntax)
#
| unrivalled \
*<font color="red"><b>BINGO!</b></font> \
*igx</screen>
-</para>
<para>
The <literal>x</literal> option in this job turns on extended syntax, and allows for
<para>
The purpose of this filter is to get rid of particularly annoying JavaScript abuse.
To that end, it
+ </para>
<itemizedlist>
<listitem>
<para>
</para>
</listitem>
</itemizedlist>
- </para>
<para>
Use with caution. This is an aggressive filter, and can break sites that
rely heavily on JavaScript.
sometimes appear on some pages, or user agents that don't correct for this on
the fly.
<!--
- My version of Mozilla (ancient) shows litte square boxes for quote
+ My version of Mozilla (ancient) shows little square boxes for quote
characters, and apostrophes on moronized pages. So many pages have this, I
can read them fine now. HB 08/27/06
-->
&my-app; will temporary store the content to filter in the
<literal><link linkend="temporary-directory">temporary-directory</link></literal>.
</para>
-<para>
+
<screen>
EXTERNAL-FILTER: cat Pointless example filter that doesn't actually modify the content
/bin/cat
EXTERNAL-FILTER: citation-needed Adds a "[citation needed]" tag to an image. The coordinates may need adjustment.
/usr/local/bin/convert - -pointsize 16 -fill white -annotate +17+418 "[citation needed]" -
</screen>
-</para>
<warning>
<para>
is in an alpha or beta development stage:
</para>
-<para>
<screen>
<!-- @if-unstable-start -->
... beta warning HTML code goes here ...
<!-- if-unstable-end@ --></screen>
-</para>
<para>
If the "unstable" symbol is set, everything in between and including
will disappear, leaving nothing but an empty comment:
</para>
-<para>
<screen><!-- --></screen>
-</para>
<para>
There's also an if-then-else construct and an <literal>#include</literal>
<para>
<application>Privoxy</application> is free software; you can
- redistribute it and/or modify it under the terms of the
- <citetitle>GNU General Public License</citetitle>, version 2,
- as published by the Free Software Foundation and included in
- the next section.
+ redistribute and/or modify its source code under the terms
+ of the <citetitle>GNU General Public License</citetitle>
+ as published by the Free Software Foundation, either version 2
+ of the license, or (at your option) any later version.
+</para>
+
+<para>
+ The same is true for <application>Privoxy</application> binaries
+ unless they are linked with a
+ <ulink url="https://tls.mbed.org/">mbed TLS</ulink> version
+ that is licensed under the Apache 2.0 license in which
+ case you can redistribute and/or modify the <application>Privoxy</application>
+ binaries under the terms of the <citetitle>GNU General Public License</citetitle>
+ as published by the Free Software Foundation, either version 3
+ of the license, or (at your option) any later version.
+</para>
+
+<para>
+ Both licenses are included in the next section.
</para>
<!-- ~~~~~ New section ~~~~~ -->
<sect2 id="license"><title>License</title>
-<para>
+
+<sect3 id="gplv2"><title>GNU General Public License version 2</title>
<screen><![ RCDATA [ &GPLv2; ]]></screen>
+</sect3>
+
+<sect3 id="gplv3"><title>GNU General Public License version 3</title>
+ <screen><![ RCDATA [ &GPLv3; ]]></screen>
+</sect3>
+
+<sect3 id="third-party-licenses"><title>Third-party licenses and copyrights</title>
+<para>
+ Privoxy depends on a couple of third-party libraries which have seperate licenses.
+ Please refer to the third-party websites for up-to-date license and copyright
+ information.
</para>
+<para>
+ Privoxy depends on <ulink url="https://pcre.org/">pcre</ulink>.
+</para>
+<para>
+ When compiled with FEATURE_BROTLI (optional), Privoxy depends on
+ <ulink url="https://www.brotli.org/">brotli</ulink>.
+</para>
+<para>
+ When compiled with FEATURE_HTTPS_INSPECTION (optional),
+ Privoxy depends on a TLS library. The supported libraries are
+ <ulink url="https://www.openssl.org/">LibreSSL</ulink>,
+ <ulink url="https://tls.mbed.org/">mbed TLS</ulink> and
+ <ulink url="https://www.openssl.org/">OpenSSL</ulink>.
+</para>
+<para>
+ When compiled with FEATURE_ZLIB (optional),
+ Privoxy depends on <ulink url="https://zlib.net/">zlib</ulink>.
+</para>
+</sect3>
</sect2>
<!-- ~ End section ~ -->
and then some examples:
</para>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>.</emphasis> - Matches any single character, e.g. <quote>a</quote>,
<quote>A</quote>, <quote>4</quote>, <quote>:</quote>, or <quote>@</quote>.
</member>
-</simplelist></para>
+</simplelist>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>?</emphasis> - The preceding character or expression is matched ZERO or ONE
times. Either/or.
</member>
-</simplelist></para>
+</simplelist>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>+</emphasis> - The preceding character or expression is matched ONE or MORE
times.
</member>
-</simplelist></para>
+</simplelist>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>*</emphasis> - The preceding character or expression is matched ZERO or MORE
times.
</member>
-</simplelist></para>
+</simplelist>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>\</emphasis> - The <quote>escape</quote> character denotes that
the following character should be taken literally. This is used where one of the
sure the period is recognized only as a period (and not expanded to its
meta-character meaning of any single character).
</member>
-</simplelist></para>
+</simplelist>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>[ ]</emphasis> - Characters enclosed in brackets will be matched if
any of the enclosed characters are encountered. For instance, <quote>[0-9]</quote>
matches any numeric digit (zero through nine). As an example, we can combine
this with <quote>+</quote> to match any digit one of more times: <quote>[0-9]+</quote>.
</member>
-</simplelist></para>
+</simplelist>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>( )</emphasis> - parentheses are used to group a sub-expression,
or multiple sub-expressions.
</member>
-</simplelist></para>
+</simplelist>
-<para><simplelist>
+<simplelist>
<member>
<emphasis>|</emphasis> - The <quote>bar</quote> character works like an
<quote>or</quote> conditional statement. A match is successful if the
and would match either <quote>this example</quote> or <quote>that
example</quote>, and nothing else.
</member>
-</simplelist></para>
+</simplelist>
<para>
These are just some of the ones you are likely to use when matching URLs with
necessary either.
</para>
-<para>
<itemizedlist>
<listitem>
<listitem>
<para>
- Show information about the current configuration, including viewing and
- editing of actions files:
+ View and toggle client tags:
</para>
<blockquote>
<para>
- <ulink url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status</ulink>
+ <ulink url="http://config.privoxy.org/client-tags">http://config.privoxy.org/client-tags</ulink>
</para>
</blockquote>
</listitem>
<listitem>
<para>
- Show the source code version numbers:
+ Show information about the current configuration, including viewing and
+ editing of actions files:
</para>
- <blockquote>
+ <blockquote>
<para>
- <ulink url="http://config.privoxy.org/show-version">http://config.privoxy.org/show-version</ulink>
+ <ulink url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status</ulink>
</para>
</blockquote>
</listitem>
</listitem>
</itemizedlist>
-</para>
</sect2>
page is requested by your browser:
</para>
-<para>
<itemizedlist>
<listitem>
<para>
</listitem>
</itemizedlist>
-</para>
+
<para>
NOTE: This is somewhat of a simplistic overview of what happens with each URL
request. For the sake of brevity and simplicity, we have focused on
configuration may vary):
</para>
-<para>
<screen>
Matches for http://www.google.com:
In file: user.action <guibutton>[ View ]</guibutton> <guibutton>[ Edit ]</guibutton>
(no matches in this file)
</screen>
-</para>
<para>
This is telling us how we have defined our
to <quote>google.com</quote>:
</para>
-<para>
<screen>
Final results:
-server-header-filter{xml-to-html}
-server-header-filter{html-to-xml}
-session-cookies-only
- +set-image-blocker {pattern} </screen>
-</para>
+ +set-image-blocker {pattern}
+</screen>
<para>
Notice the only difference here to the previous listing, is to
Now another example, <quote>ad.doubleclick.net</quote>:
</para>
-<para>
<screen>
{ +block{Domains starts with "ad"} }
ad*.
{ +block{Doubleclick banner server} +handle-as-image }
.[a-vx-z]*.doubleclick.net
</screen>
-</para>
<para>
We'll just show the interesting part here - the explicit matches. It is
This one is giving us problems. We are getting a blank page. Hmmm ...
</para>
-<para>
<screen>
Matches for http://www.example.net/adsl/HOWTO/:
{ +block{Path contains "ads".} +handle-as-image }
/ads
</screen>
-</para>
<para>
Ooops, the <quote>/adsl/</quote> is matching <quote>/ads</quote> in our
wins). There are various ways to handle such exceptions. Example:
</para>
-<para>
<screen>
{ -block }
/adsl
</screen>
-</para>
<para>
Now the page displays ;-)
we did with:
</para>
-<para>
<screen>
{ +block{Path starts with "ads".} +handle-as-image }
/ads
</screen>
-</para>
<para>
That actually was very helpful and pointed us quickly to where the problem
<link linkend="FILTER"><quote>+filter</quote></link>:
</para>
-<para>
<screen>
{ shop }
.quietpc.com
.scan.co.uk
.forbes.com
</screen>
-</para>
<para>
<quote><literal>{ shop }</literal></quote> is an <quote>alias</quote> that expands to
Or you could do your own exception to negate filtering:
</para>
-<para>
<screen>
{ -filter }
# Disable ALL filter actions for sites in this section
developer.ibm.com
localhost
</screen>
-</para>
<para>
This would turn off all filtering for these sites. This is best
actions that are the most likely to cause trouble. This can be used as a
last resort for problem sites.
</para>
-<para>
+
<screen>
{ fragile }
# Handle with care: easy to break
mail.google.
mybank.example.com</screen>
-</para>
<para>