-Privoxy Frequently Asked Questions
+ Privoxy Frequently Asked Questions
-Copyright © 2001-2006 by Privoxy Developers
+ [Copyright[ (c) 2001-2008 by Privoxy Developers]]
-$Id: faq.sgml,v 2.19 2006/09/22 10:54:32 hal9 Exp $
+ $Id: faq.txt,v 1.56 2008/01/19 21:41:36 hal9 Exp $
-This FAQ gives quick answers to frequently asked questions about Privoxy. It is
-not a substitute for the Privoxy User Manual.
+ This FAQ gives quick answers to frequently asked questions about Privoxy.
+ It is not a substitute for the Privoxy User Manual.
-What is Privoxy?
+ What is Privoxy?
-Privoxy is a web proxy with advanced filtering capabilities for protecting
-privacy, modifying web page data, managing cookies, controlling access, and
-removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a
-very flexible configuration and can be customized to suit individual needs and
-tastes. Privoxy has application for both stand-alone systems and multi-user
-networks.
+ Privoxy is a non-caching web proxy with advanced filtering capabilities
+ for enhancing privacy, modifying web page data, managing HTTP cookies,
+ controlling access, and removing ads, banners, pop-ups and other obnoxious
+ Internet junk. Privoxy has a flexible configuration and can be customized
+ to suit individual needs and tastes. Privoxy has application for both
+ stand-alone systems and multi-user networks.
-Privoxy is based on Internet Junkbuster (tm).
+ Privoxy is based on Internet Junkbuster (tm).
-Please note that this document is a work in progress. This copy represents the
-state at the release of version 3.0.5. You can find the latest version of the
-document at http://www.privoxy.org/faq/. Please see the Contact section if you
-want to contact the developers.
+ Please note that this document is a work in progress. This copy represents
+ the state at the release of version 3.0.8. You can find the latest version
+ of the document at http://www.privoxy.org/faq/. Please see the Contact
+ section if you want to contact the developers.
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
+
+ Table of Contents
+
+ 1. General Information
+
+ 1.1. Who should give Privoxy a try?
+
+ 1.2. Is Privoxy the best choice for me?
+
+ 1.3. What is a "proxy"? How does Privoxy work?
+
+ 1.4. Does Privoxy do anything more than ad blocking?
+
+ 1.5. What is this new version of "Junkbuster"?
+
+ 1.6. Why "Privoxy"? Why change the name from Junkbuster at
+ all?
+
+ 1.7. How does Privoxy differ from the old Junkbuster?
+
+ 1.8. How does Privoxy know what is an ad, and what is not?
+
+ 1.9. Can Privoxy make mistakes? This does not sound very
+ scientific.
+
+ 1.10. Will I have to configure Privoxy before I can use it?
+
+ 1.11. Can Privoxy run as a server on a network?
+
+ 1.12. My browser does the same things as Privoxy. Why should
+ I use Privoxy at all?
+
+ 1.13. Why should I trust Privoxy?
+
+ 1.14. Is there is a license or fee? What about a warranty?
+ Registration?
+
+ 1.15. Can Privoxy remove spyware? Adware? Viruses?
+
+ 1.16. Can I use Privoxy with other ad-blocking software?
+
+ 1.17. I would like to help you, what can I do?
+
+ 1.17.1. Would you like to participate?
+
+ 1.17.2. Contribute!
+
+ 1.17.3. Software
+
+ 2. Installation
+
+ 2.1. Which browsers are supported by Privoxy?
+
+ 2.2. Which operating systems are supported?
+
+ 2.3. Can I use Privoxy with my email client?
+
+ 2.4. I just installed Privoxy. Is there anything special I
+ have to do now?
+
+ 2.5. What is the proxy address of Privoxy?
+
+ 2.6. I just installed Privoxy, and nothing is happening. All
+ the ads are there. What's wrong?
+
+ 2.7. I get a "Privoxy is not being used" dummy page although
+ Privoxy is running and being used.
+
+ 3. Configuration
+
+ 3.1. What exactly is an "actions" file?
+
+ 3.2. The "actions" concept confuses me. Please list some of
+ these "actions".
+
+ 3.3. How are actions files configured? What is the easiest
+ way to do this?
+
+ 3.4. There are several different "actions" files. What are
+ the differences?
+
+ 3.5. Where can I get updated Actions Files?
+
+ 3.6. Can I use my old config files?
+
+ 3.7. Why is the configuration so complicated?
+
+ 3.8. How can I make my Yahoo/Hotmail/Gmail account work?
+
+ 3.9. What's the difference between the "Cautious", "Medium"
+ and "Advanced" defaults?
+
+ 3.10. Why can I change the configuration with a browser? Does
+ that not raise security issues?
+
+ 3.11. What is the default.filter file? What is a "filter"?
+
+ 3.12. How can I set up Privoxy to act as a proxy for my LAN?
+
+ 3.13. Instead of ads, now I get a checkerboard pattern. I
+ don't want to see anything.
+
+ 3.14. Why would anybody want to see a checkerboard pattern?
+
+ 3.15. I see some images being replaced with text instead of
+ the checkerboard image. Why and how do I get rid of this?
+
+ 3.16. Can Privoxy run as a service on Win2K/NT/XP?
+
+ 3.17. How can I make Privoxy work with other proxies like
+ Squid or Tor?
+
+ 3.18. Can I just set Privoxy to use port 80 and thus avoid
+ individual browser configuration?
+
+ 3.19. Can Privoxy run as a "transparent" proxy?
+
+ 3.20. Can Privoxy run as a "intercepting" proxy?
+
+ 3.21. How can I configure Privoxy for use with Outlook
+ Express?
+
+ 3.22. How can I have separate rules just for HTML mail?
+
+ 3.23. I sometimes notice cookies sneaking through. How?
+
+ 3.24. Are all cookies bad? Why?
+
+ 3.25. How can I allow permanent cookies for my trusted sites?
+
+ 3.26. Can I have separate configurations for different users?
+
+ 3.27. Can I set-up Privoxy as a whitelist of "good" sites?
+
+ 3.28. How can I turn off ad-blocking?
+
+ 3.29. How can I have custom template pages, like the BLOCKED
+ page?
+
+ 3.30. How can I remove the "Go There Anyway" link from the
+ BLOCKED page?
+
+ 4. Miscellaneous
+
+ 4.1. How much does Privoxy slow my browsing down? This has to
+ add extra time to browsing.
+
+ 4.2. I notice considerable delays in page requests. What's
+ wrong?
+
+ 4.3. What are "http://config.privoxy.org/" and "http://p.p/"?
+
+ 4.4. How can I submit new ads, or report problems?
+
+ 4.5. If I do submit missed ads, will they be included in
+ future updates?
+
+ 4.6. Why doesn't anyone answer my support request?
+
+ 4.7. How can I hide my IP address?
+
+ 4.8. Can Privoxy guarantee I am anonymous?
+
+ 4.9. A test site says I am not using a Proxy.
+
+ 4.10. How do I use Privoxy together with Tor?
+
+ 4.11. Might some things break because header information or
+ content is being altered?
+
+ 4.12. Can Privoxy act as a "caching" proxy to speed up web
+ browsing?
+
+ 4.13. What about as a firewall? Can Privoxy protect me?
+
+ 4.14. I have large empty spaces / a checkerboard pattern now
+ where ads used to be. Why?
+
+ 4.15. How can Privoxy filter Secure (HTTPS) URLs?
+
+ 4.16. Privoxy runs as a "server". How secure is it? Do I need
+ to take any special precautions?
+
+ 4.17. Can I temporarily disable Privoxy?
+
+ 4.18. When "disabled" is Privoxy totally out of the picture?
+
+ 4.19. How can I tell Privoxy to totally ignore certain sites?
+
+ 4.20. My logs show Privoxy "crunches" ads, but also its own
+ internal CGI pages. What is a "crunch"?
+
+ 4.21. Can Privoxy effect files that I download from a
+ webserver? FTP server?
+
+ 4.22. I just downloaded a Perl script, and Privoxy altered
+ it! Yikes, what is wrong!
+
+ 4.23. Should I continue to use a "HOSTS" file for
+ ad-blocking?
+
+ 4.24. Where can I find more information about Privoxy and
+ related issues?
+
+ 4.25. I've noticed that Privoxy changes "Microsoft" to
+ "MicroSuck"! Why are you manipulating my browsing?
+
+ 4.26. Does Privoxy produce "valid" HTML (or XHTML)?
+
+ 5. Troubleshooting
+
+ 5.1. I cannot connect to any websites. Or, I am getting
+ "connection refused" message with every web page. Why?
+
+ 5.2. Why am I getting a 503 Error (WSAECONNREFUSED) on every
+ page?
+
+ 5.3. I just added a new rule, but the steenkin ad is still
+ getting through. How?
+
+ 5.4. One of my favorite sites does not work with Privoxy.
+ What can I do?
+
+ 5.5. After installing Privoxy, I have to log in every time I
+ start IE. What gives?
+
+ 5.6. I cannot connect to any FTP sites. Privoxy is blocking
+ me.
+
+ 5.7. In Mac OSX, I can't configure Microsoft Internet
+ Explorer to use Privoxy as the HTTP proxy.
+
+ 5.8. In Mac OSX, I dragged the Privoxy folder to the trash in
+ order to uninstall it. Now the finder tells me I don't have
+ sufficient privileges to empty the trash.
+
+ 5.9. In Mac OSX Panther (10.3), images often fail to load
+ and/or I experience random delays in page loading. I'm using
+ localhost as my browser's proxy setting.
+
+ 5.10. I get a completely blank page at one site. "View
+ Source" shows only: <html><body></body></html>. Without
+ Privoxy the page loads fine.
+
+ 5.11. My logs show many "Unable to get my own hostname"
+ lines. Why?
+
+ 5.12. When I try to launch Privoxy, I get an error message
+ "port 8118 is already in use" (or similar wording). Why?
+
+ 5.13. Pages with UTF-8 fonts are garbled.
+
+ 5.14. Why are binary files (such as images) corrupted when
+ Privoxy is used?
+
+ 5.15. What is the "demoronizer" and why is it there?
+
+ 5.16. Why do I keep seeing "PrivoxyWindowOpen()" in raw
+ source code?
+
+ 5.17. I am getting too many DNS errors like "404 No Such
+ Domain". Why can't Privoxy do this better?
+
+ 5.18. At one site Privoxy just hangs, and starts taking all
+ CPU. Why is this?
+
+ 5.19. I just installed Privoxy, and all my browsing has
+ slowed to a crawl. What gives?
+
+ 5.20. Why do my filters work on some sites but not on others?
+
+ 6. Contacting the developers, Bug Reporting and Feature Requests
+
+ 6.1. Get Support
+
+ 6.2. Reporting Problems
+
+ 6.2.1. Reporting Ads or Other Configuration
+ Problems
+
+ 6.2.2. Reporting Bugs
+
+ 6.3. Request New Features
+
+ 6.4. Other
+
+ 7. Privoxy Copyright, License and History
+
+ 7.1. License
+
+ 7.2. History
-Table of Contents
1. General Information
-
- 1.1. Who should use Privoxy?
+
+ 1.1. Who should give Privoxy a try?
+
+ Anyone who is interested in security, privacy, or in finer-grained control
+ over their web and Internet experience.
+
+ --------------------------------------------------------------------------
+
1.2. Is Privoxy the best choice for me?
+
+ Privoxy is certainly a good choice, especially for those who want more
+ control and security. Those with the willingness to read the documentation
+ and the ability to fine-tune their installation will benefit the most.
+
+ One of Privoxy's strengths is that it is highly configurable giving you
+ the ability to completely personalize your installation. Being familiar
+ with, or at least having an interest in learning about HTTP and other
+ networking protocols, HTML, and "Regular Expressions" will be a big plus
+ and will help you get the most out of Privoxy. A new installation just
+ includes a very basic configuration. The user should take this as a
+ starting point only, and enhance it as he or she sees fit. In fact, the
+ user is encouraged, and expected to, fine-tune the configuration.
+
+ Much of Privoxy's configuration can be done with a Web browser. But there
+ are areas where configuration is done using a text editor to edit
+ configuration files. Also note that the web-based action editor doesn't
+ use authentication and should only be enabled in environments where all
+ clients with access to Privoxy listening port can be trusted.
+
+ --------------------------------------------------------------------------
+
1.3. What is a "proxy"? How does Privoxy work?
- 1.4. What is this new version of "Junkbuster"?
- 1.5. Why "Privoxy"? Why change the name from Junkbuster at all?
- 1.6. How does Privoxy differ from the old Junkbuster?
- 1.7. How does Privoxy know what is an ad, and what is not?
- 1.8. Can Privoxy make mistakes? This does not sound very scientific.
- 1.9. Will I have to configure Privoxy before I can use it?
- 1.10. My browser does the same things as Privoxy. Why should I use Privoxy
- at all?
- 1.11. Why should I trust Privoxy?
- 1.12. Is there is a license or fee? What about a warranty? Registration?
- 1.13. Can Privoxy remove spyware? Adware? Viruses?
- 1.14. Can I use Privoxy with other ad-blocking software?
- 1.15. I would like to help you, what can I do?
-
- 1.15.1. Would you like to participate?
- 1.15.2. Contribute!
- 1.15.3. Software
-
+
+ A web proxy is a service, based on a software such as Privoxy, that
+ clients (i.e. browsers) can use instead of connecting directly to web
+ servers on the Internet. The clients then ask the proxy to fetch the
+ objects they need (web pages, images, movies etc) on their behalf, and
+ when the proxy has done so, it hands the results back to the client. It is
+ a "go-between". See the Wikipedia proxy definition for more.
+
+ There are many reasons to use web proxies, such as security (firewalling),
+ efficiency (caching) and others, and there are any number of proxies to
+ accommodate those needs.
+
+ Privoxy is a proxy that is primarily focused on privacy protection, ad and
+ junk elimination and freeing the user from restrictions placed on his
+ activities. Sitting between your browser(s) and the Internet, it is in a
+ perfect position to filter outbound personal information that your browser
+ is leaking, as well as inbound junk. It uses a variety of techniques to do
+ this, all of which are under your complete control via the various
+ configuration files and options. Being a proxy also makes it easier to
+ share configurations among multiple browsers and/or users.
+
+ --------------------------------------------------------------------------
+
+ 1.4. Does Privoxy do anything more than ad blocking?
+
+ Yes, ad blocking is but one possible use. There are many, many ways
+ Privoxy can be used to sanitize and customize web browsing.
+
+ --------------------------------------------------------------------------
+
+ 1.5. What is this new version of "Junkbuster"?
+
+ A long time ago, there was the Internet Junkbuster, by Anonymous Coders
+ and Junkbusters Corporation. This saved many users a lot of pain in the
+ early days of web advertising and user tracking.
+
+ But the web, its protocols and standards, and with it, the techniques for
+ forcing ads on users, give up autonomy over their browsing, and for
+ tracking them, keeps evolving. Unfortunately, the Internet Junkbuster did
+ not. Version 2.0.2, published in 1998, was (and is) the last official
+ release available from Junkbusters Corporation. Fortunately, it had been
+ released under the GNU GPL, which allowed further development by others.
+
+ So Stefan Waldherr started maintaining an improved version of the
+ software, to which eventually a number of people contributed patches. It
+ could already replace banners with a transparent image, and had a first
+ version of pop-up killing, but it was still very closely based on the
+ original, with all its limitations, such as the lack of HTTP/1.1 support,
+ flexible per-site configuration, or content modification. The last release
+ from this effort was version 2.0.2-10, published in 2000.
+
+ Then, some developers picked up the thread, and started turning the
+ software inside out, upside down, and then reassembled it, adding many new
+ features along the way.
+
+ The result of this is Privoxy, whose first stable version, 3.0, was
+ released August, 2002.
+
+ --------------------------------------------------------------------------
+
+ 1.6. Why "Privoxy"? Why change the name from Junkbuster at all?
+
+ Though outdated, Junkbusters Corporation continues to offer their original
+ version of the Internet Junkbuster, so publishing our Junkbuster-derived
+ software under the same name led to confusion.
+
+ There are also potential legal complications from our use of the
+ Junkbuster name, which is a registered trademark of Junkbusters
+ Corporation. There are, however, no objections from Junkbusters
+ Corporation to the Privoxy project itself, and they, in fact, still share
+ our ideals and goals.
+
+ The developers also believed that there are so many improvements over the
+ original code, that it was time to make a clean break from the past and
+ make a name in their own right.
+
+ Privoxy is the "Privacy Enhancing Proxy". Also, its content modification
+ and junk suppression gives you, the user, more control, more freedom, and
+ allows you to browse your personal and "private edition" of the web.
+
+ --------------------------------------------------------------------------
+
+ 1.7. How does Privoxy differ from the old Junkbuster?
+
+ Privoxy picks up where Junkbuster left off. All the old features remain.
+ The new Privoxy still blocks ads and banners, still manages cookies, and
+ still helps protect your privacy. But, most of these features have been
+ enhanced, and many new ones have been added, all in the same vein.
+
+ Privoxy's new features include:
+
+ * Can be run as an "intercepting" proxy, which obviates the need to
+ configure browsers individually.
+
+ * Sophisticated actions and filters for manipulating both server and
+ client headers.
+
+ * Can be chained with other proxies.
+
+ * Integrated browser based configuration and control utility at
+ http://config.privoxy.org/ (shortcut: http://p.p/). Browser-based
+ tracing of rule and filter effects. Remote toggling.
+
+ * Web page filtering (text replacements, removes banners based on size,
+ invisible "web-bugs", JavaScript and HTML annoyances, pop-up windows,
+ etc.)
+
+ * Modularized configuration that allows for standard settings and user
+ settings to reside in separate files, so that installing updated
+ actions files won't overwrite individual user settings.
+
+ * Support for Perl Compatible Regular Expressions in the configuration
+ files, and a more sophisticated and flexible configuration syntax.
+
+ * Improved cookie management features (e.g. session based cookies).
+
+ * GIF de-animation.
+
+ * Bypass many click-tracking scripts (avoids script redirection).
+
+ * Multi-threaded (POSIX and native threads).
+
+ * User-customizable HTML templates for all proxy-generated pages (e.g.
+ "blocked" page).
+
+ * Auto-detection and re-reading of config file changes.
+
+ * Improved signal handling, and a true daemon mode (Unix).
+
+ * Every feature now controllable on a per-site or per-location basis,
+ configuration more powerful and versatile over-all.
+
+ * Many smaller new features added, limitations and bugs removed, and
+ security holes fixed.
+
+ --------------------------------------------------------------------------
+
+ 1.8. How does Privoxy know what is an ad, and what is not?
+
+ Privoxy's approach to blocking ads is twofold:
+
+ First, there are certain patterns in the locations (URLs) of banner
+ images. This applies to both the path (you wouldn't guess how many web
+ sites serve their banners from a directory called "banners"!) and the host
+ (blocking the big banner hosting services like doublecklick.net already
+ helps a lot). Privoxy takes advantage of this fact by using URL patterns
+ to sort out and block the requests for things that sound like they would
+ be ads or banners.
+
+ Second, banners tend to come in certain sizes. But you can't tell the size
+ of an image by its URL without downloading it, and if you do, it's too
+ late to save bandwidth. Therefore, Privoxy also inspects the HTML sources
+ of web pages while they are loaded, and replaces references to images with
+ standard banner sizes by dummy references, so that your browser doesn't
+ request them anymore in the first place.
+
+ Both of this involves a certain amount of guesswork and is, of course,
+ freely and readily configurable.
+
+ --------------------------------------------------------------------------
+
+ 1.9. Can Privoxy make mistakes? This does not sound very scientific.
+
+ Actually, it's a black art ;-) And yes, it is always possible to have a
+ broad rule accidentally block or change something by mistake. You will
+ almost surely run into such situations at some point. It is tricky writing
+ rules to cover every conceivable possibility, and not occasionally get
+ false positives.
+
+ But this should not be a big concern since the Privoxy configuration is
+ very flexible, and includes tools to help identify these types of
+ situations so they can be addressed as needed, allowing you to customize
+ your installation. (See the Troubleshooting section below.)
+
+ --------------------------------------------------------------------------
+
+ 1.10. Will I have to configure Privoxy before I can use it?
+
+ That depends on your expectations. The default installation should give
+ you a good starting point, and block most ads and unwanted content, but
+ many of the more advanced features are off by default, and require you to
+ activate them.
+
+ You do have to set up your browser to use Privoxy (see the Installation
+ section below).
+
+ And you will certainly run into situations where there are false
+ positives, or ads not being blocked that you may not want to see. In these
+ cases, you would certainly benefit by customizing Privoxy's configuration
+ to more closely match your individual situation. And we encourage you to
+ do this. This is where the real power of Privoxy lies!
+
+ --------------------------------------------------------------------------
+
+ 1.11. Can Privoxy run as a server on a network?
+
+ Yes, Privoxy runs as a server already, and can easily be configured to
+ "serve" more than one client. See How can I set up Privoxy to act as a
+ proxy for my LAN below.
+
+ --------------------------------------------------------------------------
+
+ 1.12. My browser does the same things as Privoxy. Why should I use Privoxy
+ at all?
+
+ Modern browsers do indeed have some of the same functionality as Privoxy.
+ Maybe this is adequate for you. But Privoxy is very versatile and
+ powerful, and can probably do a number of things your browser just can't.
+
+ In addition, a proxy is good choice if you use multiple browsers, or have
+ a LAN with multiple computers since Privoxy can run as a server
+ application. This way all the configuration is in one place, and you don't
+ have to maintain a similar configuration for possibly many browsers or
+ users.
+
+ Note, however, that it's recommended to leverage both your browser's and
+ Privoxy's privacy enhancing features at the same time. While your browser
+ probably lacks some features Privoxy offers, it should also be able to do
+ some things more reliable, for example restricting and suppressing
+ JavaScript.
+
+ --------------------------------------------------------------------------
+
+ 1.13. Why should I trust Privoxy?
+
+ The most important reason is because you have access to everything, and
+ you can control everything. You can check every line of every
+ configuration file yourself. You can check every last bit of source code
+ should you desire. And even if you can't read code, there should be some
+ comfort in knowing that other people can, and do read it. You can build
+ the software from scratch, if you want, so that you know the executable is
+ clean, and that it is yours. In fact, we encourage this level of scrutiny.
+ It is one reason we use Privoxy ourselves.
+
+ --------------------------------------------------------------------------
+
+ 1.14. Is there is a license or fee? What about a warranty? Registration?
+
+ Privoxy is free software and licensed under the GNU General Public License
+ (GPL) version 2. It is free to use, copy, modify or distribute as you wish
+ under the terms of this license. Please see the Copyright section for more
+ information on the license and copyright. Or the LICENSE file that should
+ be included.
+
+ There is no warranty of any kind, expressed, implied or otherwise. That is
+ something that would cost real money ;-) There is no registration either.
+
+ --------------------------------------------------------------------------
+
+ 1.15. Can Privoxy remove spyware? Adware? Viruses?
+
+ No, at least not reliably enough to trust it. Privoxy is not designed to
+ be a malware removal tool and the default configuration doesn't even try
+ to filter out any malware.
+
+ Privoxy could help prevent contact from (known) sites that use such
+ tactics with appropriate configuration rules, and thus could conceivably
+ prevent contamination from such sites. However, keeping such a
+ configuration up to date would require a lot of time and effort that would
+ be better spend on keeping your software itself up to date so it doesn't
+ have known vulnerabilities.
+
+ --------------------------------------------------------------------------
+
+ 1.16. Can I use Privoxy with other ad-blocking software?
+
+ Privoxy should work fine with other proxies and other software in general.
+
+ But it is probably not necessary to use Privoxy in conjunction with other
+ ad-blocking products, and this could conceivably cause undesirable
+ results. It might be better to choose one software or the other and work a
+ little to tweak its configuration to your liking.
+
+ Note that this is an advice specific to ad blocking.
+
+ --------------------------------------------------------------------------
+
+ 1.17. I would like to help you, what can I do?
+
+ 1.17.1. Would you like to participate?
+
+ Well, we always need help. There is something for everybody who wants to
+ help us. We welcome new developers, packagers, testers, documentation
+ writers or really anyone with a desire to help in any way. You DO NOT need
+ to be a "programmer". There are many other tasks available. In fact, the
+ programmers often can't spend as much time programming because of some of
+ the other, more mundane things that need to be done, like checking the
+ Tracker feedback sections.
+
+ So first thing, get an account on SourceForge.net and mail your id to the
+ developers mailing list. Then, please read the Developer's Manual, at
+ least the pertinent sections.
+
+ You can also start helping out without SourceForge.net account, simply by
+ showing up on the mailing list, helping out other users, providing general
+ feedback or reporting problems you noticed.
+
+ --------------------------------------------------------------------------
+
+ 1.17.2. Contribute!
+
+ We, of course, welcome donations and could use money for domain
+ registering, buying software to test Privoxy with, and, of course, for
+ regular world-wide get-togethers (hahaha). If you enjoy the software and
+ feel like helping us with a donation, just drop us a note and get your
+ name on the list of contributors.
+
+ --------------------------------------------------------------------------
+
+ 1.17.3. Software
+
+ If you are a vendor of a web-related software like a browser, web server
+ or proxy, and would like us to ensure that Privoxy runs smoothly with your
+ product, you might consider supplying us with a copy or license. We can't,
+ however, guarantee that we will fix all potential compatibility issues as
+ a result.
+
+ --------------------------------------------------------------------------
+
2. Installation
-
+
2.1. Which browsers are supported by Privoxy?
+
+ Any browser that can be configured to use a proxy, which should be
+ virtually all browsers, including Firefox, Internet Explorer, Opera, and
+ Safari among others. Direct browser support is not an absolute requirement
+ since Privoxy runs as a separate application and talks to the browser in
+ the standardized HTTP protocol, just like a web server does.
+
+ --------------------------------------------------------------------------
+
2.2. Which operating systems are supported?
+
+ At present, Privoxy is known to run on Windows(95, 98, ME, 2000, XP,
+ Vista), GNU/Linux (RedHat, SuSE, Debian, Fedora, Gentoo, Slackware and
+ others), Mac OSX, OS/2, AmigaOS, FreeBSD, NetBSD, OpenBSD, Solaris, and
+ various other flavors of Unix.
+
+ But any operating system that runs TCP/IP, can conceivably take advantage
+ of Privoxy in a networked situation where Privoxy would run as a server on
+ a LAN gateway. Then only the "gateway" needs to be running one of the
+ above operating systems.
+
+ Source code is freely available, so porting to other operating systems is
+ always a possibility.
+
+ --------------------------------------------------------------------------
+
2.3. Can I use Privoxy with my email client?
- 2.4. Can I install Privoxy over Junkbuster?
- 2.5. I just installed Privoxy. Is there anything special I have to do now?
- 2.6. What is the proxy address of Privoxy?
- 2.7. I just installed Privoxy, and nothing is happening. All the ads are
- there. What's wrong?
- 2.8. I get a "Privoxy is not being used" dummy page although Privoxy is
- running and being used.
-
-3. Configuration
-
- 3.1. Where can I get updated Actions Files?
- 3.2. Can I use my old config files?
- 3.3. What exactly is an "actions" file?
- 3.4. The "actions" concept confuses me. Please list some of these
- "actions".
- 3.5. How are actions files configured? What is the easiest way to do this?
- 3.6. There are several different "actions" files. What are the differences?
- 3.7. How can I make my Yahoo/Hotmail/Gmail account work?
- 3.8. What's the difference between the "Cautious", "Medium" and "Advanced"
- defaults?
- 3.9. Why can I change the configuration with a browser? Does that not raise
- security issues?
- 3.10. What is the default.filter file? What is a "filter"?
- 3.11. How can I set up Privoxy to act as a proxy for my LAN?
- 3.12. Instead of ads, now I get a checkerboard pattern. I don't want to see
- anything.
- 3.13. Why would anybody want to see a checkerboard pattern?
- 3.14. I see some images being replaced by a text instead of the
- checkerboard image. Why and how do I get rid of this?
- 3.15. Can Privoxy run as a service on Win2K/NT/XP?
- 3.16. How can I make Privoxy work with other proxies like Squid or Tor?
- 3.17. Can I just set Privoxy to use port 80 and thus avoid individual
- browser configuration?
- 3.18. Can Privoxy run as a "transparent" proxy?
- 3.19. How can I configure Privoxy for use with Outlook Express?
- 3.20. How can I have separate rules just for HTML mail?
- 3.21. I sometimes notice cookies sneaking through. How?
- 3.22. Are all cookies bad? Why?
- 3.23. How can I allow permanent cookies for my trusted sites?
- 3.24. Can I have separate configurations for different users?
- 3.25. Can I set-up Privoxy as a whitelist of "good" sites?
-
-4. Miscellaneous
-
- 4.1. How much does Privoxy slow my browsing down? This has to add extra
- time to browsing.
- 4.2. I notice considerable delays in page requests compared to the old
- Junkbuster. What's wrong?
- 4.3. What are "http://config.privoxy.org/" and "http://p.p/"?
- 4.4. How can I submit new ads, or report problems?
- 4.5. Why doesn't anyone answer my support request?
- 4.6. How can I hide my IP address?
- 4.7. Can Privoxy guarantee I am anonymous?
- 4.8. A test site says I am not using a Proxy.
- 4.9. How do I use Privoxy together with Tor?
- 4.10. Might some things break because header information or content is
- being altered?
- 4.11. Can Privoxy act as a "caching" proxy to speed up web browsing?
- 4.12. What about as a firewall? Can Privoxy protect me?
- 4.13. I have large empty spaces / a checkerboard pattern now where ads used
- to be. Why?
- 4.14. How can Privoxy filter Secure (HTTPS) URLs?
- 4.15. Privoxy runs as a "server". How secure is it? Do I need to take any
- special precautions?
- 4.16. How can I temporarily disable Privoxy?
- 4.17. When "disabled" is Privoxy totally out of the picture?
- 4.18. My logs show Privoxy "crunches" ads, but also its own internal CGI
- pages. What is a "crunch"?
- 4.19. Can Privoxy effect files that I download from a webserver? FTP
- server?
- 4.20. I just downloaded a Perl script, and Privoxy altered it! Yikes, what
- is wrong!
- 4.21. Should I continue to use a "HOSTS" file for ad-blocking?
- 4.22. Where can I find more information about Privoxy and related issues?
- 4.23. I've noticed that Privoxy changes "Microsoft" to "MicroSuck"! Why are
- you manipulating my browsing?
-
-5. Troubleshooting
-
- 5.1. I am getting "connection refused" with every web page?
- 5.2. I just added a new rule, but the steenkin ad is still getting through.
- How?
- 5.3. One of my favorite sites does not work with Privoxy. What can I do?
- 5.4. After installing Privoxy, I have to log in every time I start IE. What
- gives?
- 5.5. I cannot connect to any FTP sites. Privoxy is blocking me.
- 5.6. In Mac OSX, I can't configure Microsoft Internet Explorer to use
- Privoxy as the HTTP proxy.
- 5.7. In Mac OSX, I dragged the Privoxy folder to the trash in order to
- uninstall it. Now the finder tells me I don't have sufficient
- privileges to empty the trash.
- 5.8. In Mac OSX Panther (10.3), images often fail to load and/or I
- experience random delays in page loading. I'm using localhost as my
- browser's proxy setting.
- 5.9. I get a completely blank page at one site. "View Source" shows only:
- <html><body></body></html>. Without Privoxy the page loads fine.
- 5.10. Why am I getting a 503 Error (WSAECONNREFUSED) on every page?
- 5.11. My logs show many "Unable to get my own hostname" lines. Why?
- 5.12. When I try to launch Privoxy, I get an error message "port 8118 is
- already in use" (or similar wording). Why?
- 5.13. Pages with UTF-8 fonts are garbled.
- 5.14. Why are binary files (such as images) corrupted when Privoxy is used?
- 5.15. What is the "demoronizer" and why is it there?
- 5.16. Why do I keep seeing "PrivoxyWindowOpen()" in raw source code?
- 5.17. I am getting too many DNS errors like "404 No Such Domain". Why can't
- Privoxy do this better?
- 5.18. At one site Privoxy just hangs, and starts taking all CPU. Why is
- this?
- 5.19. I just installed Privoxy, and all my browsing has slowed to a crawl.
- What gives?
-
-6. Contacting the developers, Bug Reporting and Feature Requests
-
- 6.1. Get Support
- 6.2. Reporting Problems
-
- 6.2.1. Reporting Ads or Other Configuration Problems
- 6.2.2. Reporting Bugs
-
- 6.3. Request New Features
- 6.4. Other
-
-7. Privoxy Copyright, License and History
-
- 7.1. License
- 7.2. History
-
-1. General Information
-1.1. Who should use Privoxy?
+ As long as there is some way to set a HTTP proxy for the client, then yes,
+ any application can be used, whether it is strictly speaking a "browser"
+ or not. Though this may not be the best approach for dealing with some of
+ the common abuses of HTML in email. See How can I configure Privoxy with
+ Outlook Express? below for more on this.
+
+ Be aware that HTML email presents a number of unique security and privacy
+ related issues, that can require advanced skills to overcome. The
+ developers recommend using email clients that can be configured to convert
+ HTML to plain text for these reasons.
+
+ --------------------------------------------------------------------------
+
+ 2.4. I just installed Privoxy. Is there anything special I have to do now?
+
+ All browsers should be told to use Privoxy as a proxy by specifying the
+ correct proxy address and port number in the appropriate configuration
+ area for the browser. It's possible to combine Privoxy with a packet
+ filter to intercept HTTP requests even if the client isn't explicitly
+ configured to use Privoxy, but where possible, configuring the client is
+ recommended. See the User Manual for more details. You should also flush
+ your browser's memory and disk cache to get rid of any cached junk items,
+ and remove any stored cookies.
+
+ --------------------------------------------------------------------------
+
+ 2.5. What is the proxy address of Privoxy?
+
+ If you set up the Privoxy to run on the computer you browse from (rather
+ than your ISP's server or some networked computer on a LAN), the proxy
+ will be on 127.0.0.1 (sometimes referred to as "localhost", which is the
+ special name used by every computer on the Internet to refer to itself)
+ and the port will be 8118 (unless you used the listen-address config
+ option to tell Privoxy to run on a different port).
+
+ When configuring your browser's proxy settings you typically enter the
+ word "localhost" or the IP address "127.0.0.1" in the boxes next to "HTTP"
+ and "Secure" (HTTPS) and then the number "8118" for "port". This tells
+ your browser to send all web requests to Privoxy instead of directly to
+ the Internet.
+
+ Privoxy can also be used to proxy for a Local Area Network. In this case,
+ your would enter either the IP address of the LAN host where Privoxy is
+ running, or the equivalent hostname, e.g. 192.168.1.1. Port assignment
+ would be same as above. Note that Privoxy doesn't listen on any LAN
+ interfaces by default.
+
+ Privoxy does not currently handle any other protocols such as FTP, SMTP,
+ IM, IRC, ICQ, etc.
+
+ --------------------------------------------------------------------------
+
+ 2.6. I just installed Privoxy, and nothing is happening. All the ads are
+ there. What's wrong?
+
+ Did you configure your browser to use Privoxy as a proxy? It does not
+ sound like it. See above. You might also try flushing the browser's caches
+ to force a full re-reading of pages. You can verify that Privoxy is
+ running, and your browser is correctly configured by entering the special
+ URL: http://p.p/. This should take you to a page titled "This is
+ Privoxy.." with access to Privoxy's internal configuration. If you see
+ this, then you are good to go. If you receive a page saying "Privoxy is
+ not running", then the browser is not set up to use your Privoxy
+ installation. If you receive anything else (probably nothing at all), it
+ could either be that the browser is not set up correctly, or that Privoxy
+ is not running at all. Check the log file. For instructions on starting
+ Privoxy and browser configuration, see the chapter on starting Privoxy in
+ the User Manual.
+
+ --------------------------------------------------------------------------
+
+ 2.7. I get a "Privoxy is not being used" dummy page although Privoxy is
+ running and being used.
+
+ First, make sure that Privoxy is really running and being used by visiting
+ http://p.p/. You should see the Privoxy main page. If not, see the chapter
+ on starting Privoxy in the User Manual.
+
+ Now if http://p.p/ works for you, but other parts of Privoxy's web
+ interface show the dummy page, your browser has cached a redirection it
+ encountered before Privoxy was being used. You need to clear your
+ browser's cache. Note that shift-reloading the dummy page won't help,
+ since that'll only refresh the dummy page, not the redirection that lead
+ you there.
+
+ The procedure for clearing the cache varies from browser to browser. For
+ example, Mozilla/Netscape users would click Edit --> Preferences -->
+ Advanced --> Cache and then click both "Clear Memory Cache" and "Clear
+ Disk Cache". In some Firefox versions it's Tools --> Options --> Privacy
+ --> Cache and then click "Clear Cache Now".
+
+ --------------------------------------------------------------------------
-Anyone that is interested in security, privacy, or in finer-grained control
-over their web and Internet experience. Everyone is encouraged to try Privoxy.
+3. Configuration
--------------------------------------------------------------------------------
+ 3.1. What exactly is an "actions" file?
-1.2. Is Privoxy the best choice for me?
+ Privoxy utilizes the concept of " actions" that are used to manipulate and
+ control web page data. Actions files are where these actions that Privoxy
+ could take while processing a certain request, are configured. Typically,
+ you would define a set of default actions that apply globally to all URLs,
+ then add exceptions to these defaults where needed. There is a wide array
+ of actions available that give the user a high degree of control and
+ flexibility on how to process each and every web page.
-Privoxy is certainly a good choice, especially for those who want more control
-and security. Those that have the ability to fine-tune their installation will
-benefit the most. One of Privoxy's strength's is that it is highly configurable
-giving you the ability to completely personalize your installation. Being
-familiar with, or at least having an interest in learning about HTTP and other
-networking protocols, HTML, IP (Internet Protocol), and "Regular Expressions"
-will be a big plus and will help you get the most out of Privoxy.
+ Actions can be defined on a URL pattern basis, i.e. for single URLs, whole
+ web sites, groups or parts thereof etc. Actions can also be grouped
+ together and then applied to requests matching one or more patterns. There
+ are many possible actions that might apply to any given site. As an
+ example, if you are blocking cookies as one of your default actions, but
+ need to accept cookies from a given site, you would need to define an
+ exception for this site in one of your actions files, preferably in
+ user.action.
-Much of Privoxy's configuration can be done with a Web browser. But there are
-areas where configuration is done using a text editor to edit configuration
-files.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
-
-1.3. What is a "proxy"? How does Privoxy work?
-
-A web proxy is a service, based on a software such as Privoxy, that clients
-(i.e. browsers) can use instead of connecting directly to web servers on the
-Internet. The clients then ask the proxy to fetch the objects they need (web
-pages, images, movies etc) on their behalf, and when the proxy has done so, it
-hands the results back to the client. It is a "go-between". See the Wikipedia
-proxy definition for more.
-
-There are many reasons to use web proxies, such as security (firewalling),
-efficiency (caching) and others, and there are any number of proxies to
-accommodate those needs.
-
-Privoxy is a proxy that is primarily focused on privacy protection, ad and junk
-elimination and freeing the user from restrictions placed on his activities.
-Sitting between your browser(s) and the Internet, it is in a perfect position
-to filter outbound personal information that your browser is leaking, as well
-as inbound junk. It uses a variety of techniques to do this, all of which are
-under your complete control via the various configuration files and options.
-
--------------------------------------------------------------------------------
-
-1.4. What is this new version of "Junkbuster"?
-
-Along time ago, there was the Internet Junkbuster, by Anonymous Coders and
-Junkbusters Corporation. This saved many users a lot of pain in the early days
-of web advertising and user tracking.
-
-But the web, its protocols and standards, and with it, the techniques for
-forcing ads on users, give up autonomy over their browsing, and for tracking
-them, keeps evolving. Unfortunately, the Internet Junkbuster did not. Version
-2.0.2, published in 1998, was (and is) the last official release available from
-Junkbusters Corporation. Fortunately, it had been released under the GNU GPL,
-which allowed further development by others.
-
-So Stefan Waldherr started maintaining an improved version of the software, to
-which eventually a number of people contributed patches. It could already
-replace banners with a transparent image, and had a first version of pop-up
-killing, but it was still very closely based on the original, with all its
-limitations, such as the lack of HTTP/1.1 support, flexible per-site
-configuration, or content modification. The last release from this effort was
-version 2.0.2-10, published in 2000.
-
-Then, some developers picked up the thread, and started turning the software
-inside out, upside down, and then reassembled it, adding many new features
-along the way.
-
-The result of this is Privoxy, whose first stable version, 3.0, was released
-August, 2002.
-
--------------------------------------------------------------------------------
-
-1.5. Why "Privoxy"? Why change the name from Junkbuster at all?
-
-Junkbusters Corporation continues to offer their original version of the
-Internet Junkbuster, so publishing our Junkbuster-derived software under the
-same name led to confusion.
-
-There are also potential legal complications from the continued use of the
-Junkbuster name, which is a registered trademark of Junkbusters Corporation.
-There are, however, no objections from Junkbusters Corporation to the Privoxy
-project itself, and they, in fact, still share our ideals and goals.
-
-The developers also believed that there are so many improvements over the
-original code, that it was time to make a clean break from the past and make a
-name in their own right.
-
-Privoxy is the "Privacy Enhancing Proxy". Also, its content modification and
-junk suppression gives you, the user, more control, more freedom, and allows
-you to browse your personal and "private edition" of the web.
-
--------------------------------------------------------------------------------
-
-1.6. How does Privoxy differ from the old Junkbuster?
-
-Privoxy picks up where Junkbuster left off. All the old features remain. The
-new Privoxy still blocks ads and banners, still manages cookies, and still
-helps protect your privacy. But, these are all greatly enhanced, and many, many
-new features have been added, all in the same vein.
-
-The configuration has changed significantly as well. This is something that
-users will notice right off the bat if upgrading from Junkbuster 2.0.x. The
-"blocklist" "cookielist", "imagelist" and much more has been combined into the
-"actions" files, with a completely different syntax. See the What's New page
-for the latest updates.
-
-Privoxy's new features include:
-
- * Integrated browser based configuration and control utility at http://
- config.privoxy.org/ (shortcut: http://p.p/). Browser-based tracing of rule
- and filter effects. Remote toggling.
-
- * Web page content filtering (removes banners based on size, invisible
- "web-bugs", JavaScript and HTML annoyances, pop-up windows, etc.)
-
- * Modularized configuration that allows for standard settings and user
- settings to reside in separate files, so that installing updated actions
- files won't overwrite individual user settings.
-
- * HTTP/1.1 compliant (but not all optional 1.1 features are supported).
-
- * Support for Perl Compatible Regular Expressions in the configuration files,
- and generally a more sophisticated and flexible configuration syntax over
- previous versions.
-
- * Improved cookie management features (e.g. session based cookies).
-
- * GIF de-animation.
-
- * Bypass many click-tracking scripts (avoids script redirection).
-
- * Multi-threaded (POSIX and native threads).
-
- * User-customizable HTML templates for all proxy-generated pages (e.g.
- "blocked" page).
-
- * Auto-detection and re-reading of config file changes.
-
- * Improved signal handling, and a true daemon mode (Unix).
-
- * Every feature now controllable on a per-site or per-location basis,
- configuration more powerful and versatile over-all.
-
- * Many smaller new features added, limitations and bugs removed, and security
- holes fixed.
-
--------------------------------------------------------------------------------
-
-1.7. How does Privoxy know what is an ad, and what is not?
-
-Privoxy's approach to blocking ads is twofold:
-
-First, there are certain patterns in the locations (URLs) of banner images.
-This applies to both the path (you wouldn't guess how many web sites serve
-their banners from a directory called "banners"!) and the host (blocking the
-big banner hosting services like doublecklick.net already helps a lot). Privoxy
-takes advantage of this fact by using URL patterns to sort out and block the
-requests for things that sound like they would be ads or banners.
-
-Second, banners tend to come in certain sizes. But you can't tell the size of
-an image by its URL without downloading it, and if you do, it's too late to
-save bandwidth. Therefore, Privoxy also inspects the HTML sources of web pages
-while they are loaded, and replaces references to images with standard banner
-sizes by dummy references, so that your browser doesn't request them anymore in
-the first place.
-
-Both of this involves a certain amount of guesswork and is, of course, freely
-and readily configurable.
-
--------------------------------------------------------------------------------
-
-1.8. Can Privoxy make mistakes? This does not sound very scientific.
-
-Actually, it's a black art ;-) And yes, it is always possible to have a broad
-rule accidentally block or change something by mistake. You will almost surely
-run into such situations at some point. It is tricky writing rules to cover
-every conceivable possibility, and not occasionally get false positives.
-
-But this should not be a big concern since the Privoxy configuration is very
-flexible, and includes tools to help identify these types of situations so they
-can be addressed as needed, allowing you to customize your installation. (See
-the Troubleshooting section below.)
-
--------------------------------------------------------------------------------
-
-1.9. Will I have to configure Privoxy before I can use it?
-
-No, not really. The default installation should give you a good starting point,
-and block most unwanted content.
-
-But you will certainly run into situations where there are false positives, or
-ads not being blocked that you may not want to see. In these cases, you would
-certainly benefit by customizing Privoxy's configuration to more closely match
-your individual situation. And we would encourage you to do this. This is where
-the real power of Privoxy lies!
-
-You will have to tell your browser about Privoxy (see the Installation section
-below).
-
--------------------------------------------------------------------------------
-
-1.10. My browser does the same things as Privoxy. Why should I use Privoxy at
-all?
-
-Modern browsers do indeed have some of the same functionality as Privoxy. Maybe
-this is adequate for you. But Privoxy is much more versatile and powerful, and
-can do a number of things that browsers just can't.
-
-In addition, a proxy is good choice if you use multiple browsers, or have a LAN
-with multiple computers. This way all the configuration is in one place, and
-you don't have to maintain a similar configuration for possibly many browsers.
-
--------------------------------------------------------------------------------
+ 3.2. The "actions" concept confuses me. Please list some of these "actions".
-1.11. Why should I trust Privoxy?
+ For a comprehensive discussion of the actions concept, please refer to the
+ actions file chapter in the User Manual. It includes a list of all actions
+ and an actions file tutorial to get you started.
-The most important reason is because you have access to everything, and you can
-control everything. You can check every line of every configuration file
-yourself. You can check every last bit of source code should you desire. And
-even if you can't read code, there should be some comfort in knowing that
-thousands of other people can, and do read it. You can build the software from
-scratch, if you want, so that you know the executable is clean, and that it is
-yours. In fact, we encourage this level of scrutiny. It is one reason we use
-Privoxy ourselves.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 3.3. How are actions files configured? What is the easiest way to do this?
-1.12. Is there is a license or fee? What about a warranty? Registration?
+ Actions files are just text files in a special syntax and can be edited
+ with a text editor. But probably the easiest way is to access Privoxy's
+ user interface with your web browser at http://config.privoxy.org/
+ (Shortcut: http://p.p/) and then select "View & change the current
+ configuration" from the menu. Note that this feature must be explicitly
+ enabled in the main config file (see enable-edit-actions).
-Privoxy is licensed under the GNU General Public License (GPL). It is free to
-use, copy, modify or distribute as you wish under the terms of this license.
-Please see the Copyright section for more information on the license and
-copyright. Or the LICENSE file that should be included.
+ --------------------------------------------------------------------------
-There is no warranty of any kind, expressed, implied or otherwise. That is
-something that would cost real money ;-) There is no registration either.
-Privoxy really is free in every respect!
+ 3.4. There are several different "actions" files. What are the differences?
--------------------------------------------------------------------------------
+ Three actions files are being included by the developers, to be used for
+ different purposes: These are default.action, the "main" actions file
+ which is actively maintained by the Privoxy developers and typically sets
+ the default policies, user.action, where users are encouraged to make
+ their private customizations, and standard.action, which is for internal
+ Privoxy use only. Please see the actions chapter in the User Manual for a
+ more detailed explanation.
-1.13. Can Privoxy remove spyware? Adware? Viruses?
+ Earlier versions included three different versions of the default.action
+ file. The new scheme allows for greater flexibility of local
+ configuration, and for browser based selection of pre-defined
+ "aggressiveness" levels.
-No. Privoxy cannot remove anything. It is not a removal tool. It is a
-preventative. Privoxy can help prevent contact from sites that use such tactics
-with approriate configuration rules, and thus could conceivably prevent
-contamination from such sites.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 3.5. Where can I get updated Actions Files?
-1.14. Can I use Privoxy with other ad-blocking software?
+ Based on your feedback and the continuing development, updates of
+ default.action will be made available from time to time on the files
+ section of our project page.
-Privoxy should work fine with other proxies and other software in general.
+ If you wish to receive an email notification whenever we release updates
+ of Privoxy or the actions file, subscribe to our announce mailing list,
+ ijbswa-announce@lists.sourceforge.net.
-But it is probably not necessary to use Privoxy in conjunction with other
-ad-blocking products, and this could conceivably cause undesirable results. It
-would be better to choose one software or the other and work a little to tweak
-its configuration to your liking.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 3.6. Can I use my old config files?
-1.15. I would like to help you, what can I do?
+ The syntax and purpose of configuration files has remained roughly the
+ same throughout the 3.x series, but backwards compatibility is not
+ guaranteed. Also each release contains updated, "improved" versions and it
+ is therefore strongly recommended to install the newer configuration files
+ and merge back your modifications.
-1.15.1. Would you like to participate?
+ --------------------------------------------------------------------------
-Well, we always need help. There is something for everybody who wants to help
-us. We welcome new developers, packagers, testers, documentation writers or
-really anyone with a desire to help in any way. You DO NOT need to be a
-"programmer". There are many other tasks available. In fact, the programmers
-often can't spend as much time programming because of some of the other, more
-mundane things that need to be done, like checking the Tracker feedback
-sections.
+ 3.7. Why is the configuration so complicated?
-So first thing, get an account on SourceForge.net and mail your id to the
-developers mailing list. Then, please read the Developer's Manual, at least the
-pertinent sections.
+ "Complicated" is in the eye of the beholder. Those that are familiar with
+ some of the underlying concepts, such as regular expression syntax, take
+ to it like a fish takes to water. Also, software that tries hard to be
+ "user friendly", often lacks sophistication and flexibility. There is
+ always that trade-off there between power vs. easy-of-use. Furthermore,
+ anyone is welcome to contribute ideas and implementations to enhance
+ Privoxy.
-Once we have added you to the team, you'll have access to the CVS repository,
-and together we'll find a suitable task for you.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 3.8. How can I make my Yahoo/Hotmail/Gmail account work?
-1.15.2. Contribute!
+ The default configuration shouldn't impact the usability of any of these
+ services. It may, however, make all cookies temporary, so that your
+ browser will forget your login credentials in between browser sessions. If
+ you would like not to have to log in manually each time you access those
+ websites, simply turn off all cookie handling for them in the user.action
+ file. An example for yahoo might look like:
+
+ # Allow all cookies for Yahoo login:
+ #
+ { -crunch-incoming-cookies -crunch-outgoing-cookies -session-cookies-only }
+ .login.yahoo.com
+
+ These kinds of sites are often quite complex and heavy with Javascript and
+ thus "fragile". So if still a problem, we have an alias just for such
+ sticky situations:
-We, of course, welcome donations and could use money for domain registering,
-buying software to test Privoxy with, and, of course, for regular world-wide
-get-togethers (hahaha). If you enjoy the software and feel like helping us with
-a donation, just drop us a note.
+ # Gmail is a _fragile_ site:
+ #
+ { fragile }
+ # Gmail is ...
+ mail.google.com
--------------------------------------------------------------------------------
+ Be sure to flush your browser's caches whenever making these kinds of
+ changes, just to make sure the changes "take".
-1.15.3. Software
+ Make sure the domain, host and path are appropriate as well. Your browser
+ can tell you where you are specifically and you should use that
+ information for your configuration settings. Note that above it is not
+ referenced as gmail.com, which is a valid domain name.
-If you are a vendor of a web-related software like a browser, web server or
-proxy, and would like us to ensure that Privoxy runs smoothly with your
-product, you might consider supplying us with a copy or license. We can't,
-however, guarantee that we will fix all potential compatibility issues as a
-result.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 3.9. What's the difference between the "Cautious", "Medium" and "Advanced"
+ defaults?
-2. Installation
+ Configuring Privoxy is not entirely trivial. To help you get started, we
+ provide you with three different default action "profiles" in the web
+ based actions file editor at http://config.privoxy.org/show-status. See
+ the User Manual for a list of actions, and how the default profiles are
+ set.
-2.1. Which browsers are supported by Privoxy?
+ Where the defaults are likely to break some sites, exceptions for known
+ popular "problem" sites are included, but in general, the more aggressive
+ your default settings are, the more exceptions you will have to make
+ later. New users are best to start off in "Cautious" setting. This is
+ safest and will have the fewest problems. See the User Manual for a more
+ detailed discussion.
-Any browser that can be configured to use a proxy, which should be virtually
-all browsers, including Firefox, Internet Explorer, and Opera among others.
-Direct browser support is not an absolute requirement since Privoxy runs as a
-separate application and talks to the browser in the standardized HTTP
-protocol, just like a web server does.
+ It should be noted that the "Advanced" profile (formerly known as the
+ "Adventuresome" profile) is more aggressive, and will make use of some of
+ Privoxy's advanced features. Use at your own risk!
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
-2.2. Which operating systems are supported?
+ 3.10. Why can I change the configuration with a browser? Does that not raise
+ security issues?
-At present, Privoxy is known to run on Windows(95, 98, ME, 2000, XP), Linux
-(RedHat, SuSE, Debian, Fedora, Gentoo, Slackware and others), Mac OSX, OS/2,
-AmigaOS, FreeBSD, NetBSD, OpenBSD, Solaris, and various other flavors of Unix.
+ It may seem strange that regular users can edit the config files with
+ their browsers, although the whole /etc/privoxy hierarchy belongs to the
+ user "privoxy", with only 644 permissions.
-But any operating system that runs TCP/IP, can conceivably take advantage of
-Privoxy in a networked situation where Privoxy would run as a server on a LAN
-gateway. Then only the "gateway" needs to be running one of the above operating
-systems.
+ When you use the browser-based editor, Privoxy itself is writing to the
+ config files. Because Privoxy is running as the user "privoxy", it can
+ update its own config files.
-Source code is freely available, so porting to other operating systems is
-always a possibility.
+ If you run Privoxy for multiple untrusted users (e.g. in a LAN) or aren't
+ entirely in control of your own browser, you will probably want to make
+ sure that the the web-based editor and remote toggle features are "off" by
+ setting "enable-edit-actions 0" and "enable-remote-toggle 0" in the main
+ configuration file.
--------------------------------------------------------------------------------
+ As of Privoxy 3.0.7 these options are disabled by default.
-2.3. Can I use Privoxy with my email client?
+ --------------------------------------------------------------------------
-As long as there is some way to set a HTTP proxy for the client, then yes, any
-application can be used, whether it is strictly speaking a "browser" or not.
-Though this may not be the best approach for dealing with some of the common
-abuses of HTML in email. See How can I configure Privoxy with Outlook Express?
-below for more on this.
+ 3.11. What is the default.filter file? What is a "filter"?
-Be aware that HTML email presents a number of unique security and privacy
-related issues, that can require advanced skills to overcome. The developers
-recommend using email clients that can be configured to convert HTML to plain
-text for these reasons.
+ The default.filter file is where filters as supplied by the developers are
+ defined. Filters are a special subset of actions that can be used to
+ modify or remove web page content or headers on the fly. Content filters
+ can be applied to anything in the page source, header filters can be
+ applied to either server or client headers. Regular expressions are used
+ to accomplish this.
--------------------------------------------------------------------------------
+ There are a number of pre-defined filters to deal with common annoyances.
+ The filters are only defined here, to invoke them, you need to use the
+ filter action in one of the actions files. Content filtering is
+ automatically disabled for inappropriate MIME types, but if you now better
+ than Privoxy what should or should not be filtered you can filter any
+ content you like.
+
+ Filters should not be confused with blocks, which is a completely
+ different action, and is more typically used to block ads and unwanted
+ sites.
-2.4. Can I install Privoxy over Junkbuster?
+ If you are familiar with regular expressions, and HTML, you can look at
+ the provided default.filter with a text editor and define your own
+ filters. This is potentially a very powerful feature, but requires some
+ expertise in both regular expressions and HTML/HTTP. You should place any
+ modifications to the default filters, or any new ones you create in a
+ separate file, such as user.filter, so they won't be overwritten during
+ upgrades. The ability to define multiple filter files in config is a new
+ feature as of v. 3.0.5.
-We recommend you un-install Junkbuster first to minimize conflicts and
-confusion. You may want to save your old configuration files for future
-reference. The configuration files and syntax have substantially changed, so
-you will need to manually port your old patterns. See the note to upgraders and
-installation chapter in the User Manual for details.
+ There is no GUI editor option for this part of the configuration, but you
+ can disable/enable the various pre-defined filters of the included
+ default.filter file with the web-based actions file editor. Note that the
+ custom actions editor must be explicitly enabled in the main config file
+ (see enable-edit-actions).
-Note: Some installers may automatically un-install Junkbuster, if present!
+ If you intend to develop your own filters, you might want to have a look
+ at Privoxy-Filter-Test.
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
-2.5. I just installed Privoxy. Is there anything special I have to do now?
+ 3.12. How can I set up Privoxy to act as a proxy for my LAN?
-All browsers must be told to use Privoxy as a proxy by specifying the correct
-proxy address and port number in the appropriate configuration area for the
-browser. See below. You should also flush your browser's memory and disk cache
-to get rid of any cached junk items, and remove any stored cookies.
+ By default, Privoxy only responds to requests from 127.0.0.1 (localhost).
+ To have it act as a server for a network, this needs to be changed in the
+ main configuration file. Look for the listen-address option, which may be
+ commented out with a "#" symbol. Make sure it is uncommented, and assign
+ it the address of the LAN gateway interface, and port number to use.
+ Assuming your LAN address is 192.168.1.1 and you wish to run Privoxy on
+ port 8118, this line should look like:
--------------------------------------------------------------------------------
+ listen-address 192.168.1.1:8118
-2.6. What is the proxy address of Privoxy?
+ Save the file, and restart Privoxy. Configure all browsers on the network
+ then to use this address and port number.
-If you set up the Privoxy to run on the computer you browse from (rather than
-your ISP's server or some networked computer on a LAN), the proxy will be on
-127.0.0.1 (sometimes referred to as "localhost", which is the special name used
-by every computer on the Internet to refer to itself) and the port will be 8118
-(unless you have Privoxy to run on a different port with the listen-address
-config option).
+ Alternately, you can have Privoxy listen on all available interfaces:
-When configuring your browser's proxy settings you typically enter the word
-"localhost" or the IP address "127.0.0.1" in the boxes next to "HTTP" and
-"Secure" (HTTPS) and then the number "8118" for "port". This tells your browser
-to send all web requests to Privoxy instead of directly to the Internet.
+ listen-address :8118
-Privoxy can also be used to proxy for a Local Area Network. In this case, your
-would enter either the IP address of the LAN host where Privoxy is running, or
-the equivalent hostname. Port assignment would be same as above. Note that
-Privoxy doesn't listen on any LAN interfaces by default.
+ And then use Privoxy's permit-access feature to limit connections. A
+ firewall in this situation is recommended as well.
-Privoxy does not currently handle any other protocols such as FTP, SMTP, IM,
-IRC, ICQ, etc. Be sure that proxying any of these other protocols is not
-activated.
+ The above steps should be the same for any TCP network, regardless of
+ operating system.
--------------------------------------------------------------------------------
+ If you run Privoxy on a LAN with untrusted users, we recommend that you
+ double-check the access control and security options!
-2.7. I just installed Privoxy, and nothing is happening. All the ads are there.
-What's wrong?
+ --------------------------------------------------------------------------
-Did you configure your browser to use Privoxy as a proxy? It does not sound
-like it. See above. You might also try flushing the browser's caches to force a
-full re-reading of pages. You can verify that Privoxy is running, and your
-browser is correctly configured by entering the special URL: http://p.p/. This
-should take you to a page titled "This is Privoxy.." with access to Privoxy's
-internal configuration. If you see this, then you are good to go. If you
-receive a page saying "Privoxy is not running", then the browser is not set up
-to use your Privoxy installation. If you receive anything else (probably
-nothing at all), it could either be that the browser is not set up correctly,
-or that Privoxy is not running at all. Check the log file. For instructions on
-starting Privoxy and browser configuration, see the chapter on starting Privoxy
-in the User Manual.
+ 3.13. Instead of ads, now I get a checkerboard pattern. I don't want to see
+ anything.
--------------------------------------------------------------------------------
+ The replacement for blocked images can be controlled with the
+ set-image-blocker action. You have the choice of a checkerboard pattern, a
+ transparent 1x1 GIF image (aka "blank"), or a redirect to a custom image
+ of your choice. Note that this choice only has effect for images which are
+ blocked as images, i.e. whose URLs match both a handle-as-image and block
+ action.
-2.8. I get a "Privoxy is not being used" dummy page although Privoxy is running
-and being used.
+ If you want to see nothing, then change the set-image-blocker action to
+ "blank". This can be done by editing the user.action file, or through the
+ web-based actions file editor.
-First, make sure that Privoxy is really running and being used by visiting
-http://p.p/. You should see the Privoxy main page. If not, see the chapter on
-starting Privoxy in the User Manual.
+ --------------------------------------------------------------------------
-Now if http://p.p/ works for you, but other parts of Privoxy's web interface
-show the dummy page, your browser has cached a redirection it encountered
-before Privoxy was being used. You need to clear your browser's cache. Note
-that shift-reloading the dummy page won't help, since that'll only refresh the
-dummy page, not the redirection that lead you there.
+ 3.14. Why would anybody want to see a checkerboard pattern?
-The procedure for clearing the cache varies from browser to browser. For
-example, Mozilla/Netscape users would click Edit --> Preferences --> Advanced
---> Cache and then click both "Clear Memory Cache" and "Clear Disk Cache". And,
-Firefox users would click Tools --> Options --> Privacy --> Cache and then
-click "Clear Cache Now".
+ Remember that telling which image is an ad and which isn't, is an educated
+ guess. While we hope that the standard configuration is rather smart, it
+ will make occasional mistakes. The checkerboard image is visually decent,
+ and it shows you where images have been blocked, which can be very helpful
+ in case some navigation aid or otherwise innocent image was erroneously
+ blocked. It is recommended for new users so they can "see" what is
+ happening. Some people might also enjoy seeing how many banners they don't
+ have to see.
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
-3. Configuration
+ 3.15. I see some images being replaced with text instead of the checkerboard
+ image. Why and how do I get rid of this?
-3.1. Where can I get updated Actions Files?
+ This happens when the banners are not embedded in the HTML code of the
+ page itself, but in separate HTML (sub)documents that are loaded into
+ (i)frames or (i)layers, and these external HTML documents are blocked.
+ Being non-images they get replaced by a substitute HTML page rather than a
+ substitute image, which wouldn't work out technically, since the browser
+ expects and accepts only HTML when it has requested an HTML document.
-Based on your feedback and the continuing development, updates of
-default.action will be made available from time to time on the files section of
-our project page.
+ The substitute page adapts to the available space and shows itself as a
+ miniature two-liner if loaded into small frames, or full-blown with a
+ large red "BLOCKED" banner if space allows.
-If you wish to receive an email notification whenever we release updates of
-Privoxy or the actions file, subscribe to our announce mailing list,
-ijbswa-announce@lists.sourceforge.net.
+ If you prefer the banners to be blocked by images, you must see to it that
+ the HTML documents in which they are embedded are not blocked. Clicking
+ the "See why" link offered in the substitute page will show you which rule
+ blocked the page. After changing the rule and un-blocking the HTML
+ documents, the browser will try to load the actual banner images and the
+ usual image blocking will (hopefully!) kick in.
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
-3.2. Can I use my old config files?
+ 3.16. Can Privoxy run as a service on Win2K/NT/XP?
-The syntax and purpose of configuration files has remained the same throughout
-the 3.x series. Although each release contains updated, "improved" versions and
-it is recommended to use the newer configuration files. If upgrading from
-version prior to 3.0.4 the syntax for fast-redirects has changed. See the
-What's New section of the User Manual for details.
+ Yes. Version 3.0.5 introduces full Windows service functionality. See the
+ User Manual for details on how to install and configure Privoxy as a
+ service.
-But all configuration files have substantially changed from the Junkbuster
-days, and early versions of Privoxy 2.x. The old files, like blocklist will not
-work at all.
+ Earlier 3.x versions could run as a system service using srvany.exe. See
+ the discussion at
+ http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118,
+ for details, and a sample configuration.
-Refer to the What's New page for information on configuration changes that may
-occur from one release to another.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 3.17. How can I make Privoxy work with other proxies like Squid or Tor?
-3.3. What exactly is an "actions" file?
+ This can be done and is often useful to combine the benefits of Privoxy
+ with those of a another proxy. See the forwarding chapter in the User
+ Manual which describes how to do this, and the How do I use Privoxy
+ together with Tor section below.
-Actions files are where various actions that Privoxy could take while
-processing a certain request, are configured. Typically, you would define a set
-of default actions that apply to all URLs, then add exceptions to these
-defaults where needed. There is a wide array of actions available that give the
-user a high degree of control and flexibility on how to process each and every
-web page.
+ --------------------------------------------------------------------------
-Actions can be defined on a URL pattern basis, i.e. for single URLs, whole web
-sites, groups or parts thereof etc. Actions can also be grouped together and
-then applied to requests matching one or more patterns. There are many possible
-actions that might apply to any given site. As an example, if you are blocking
-cookies as one of your default actions, but need to accept cookies from a given
-site, you would need to define an exception for this site in one of your
-actions files, preferably in user.action.
+ 3.18. Can I just set Privoxy to use port 80 and thus avoid individual
+ browser configuration?
--------------------------------------------------------------------------------
+ No, its more complicated than that. This only works with special kinds of
+ proxies known as "intercepting" proxies (see below).
-3.4. The "actions" concept confuses me. Please list some of these "actions".
+ --------------------------------------------------------------------------
-For a comprehensive discussion of the actions concept, please refer to the
-actions file chapter in the user manual. It includes a list of all actions and
-an actions file tutorial to get you started.
+ 3.19. Can Privoxy run as a "transparent" proxy?
--------------------------------------------------------------------------------
+ The whole idea of Privoxy is to modify client requests and server
+ responses in all sorts of ways and therefore it's not a transparent proxy
+ as described in RFC 2616.
-3.5. How are actions files configured? What is the easiest way to do this?
+ However, some people say "transparent proxy" when they mean "intercepting
+ proxy". If you are one of them, please read the next entry.
-Actions files are just text files in a special syntax and can be edited with a
-text editor. But probably the easiest way is to access Privoxy's user interface
-with your web browser at http://config.privoxy.org/ (Shortcut: http://p.p/) and
-then select "View & change the current configuration" from the menu.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 3.20. Can Privoxy run as a "intercepting" proxy?
-3.6. There are several different "actions" files. What are the differences?
+ Privoxy can't intercept traffic itself, but it can handle requests that
+ where intercepted and redirected with a packet filter (like PF or
+ iptables), as long as the Host header is present.
-As of Privoxy v2.9.15, three actions files are being included, to be used for
-different purposes: These are default.action, the "main" actions file which is
-actively maintained by the Privoxy developers, user.action, where users are
-encouraged to make their private customizations, and standard.action, which is
-for internal Privoxy use only. Please see the actions chapter in the User
-Manual for a more detailed explanation.
+ As the Host header is required by HTTP/1.1 and as most web sites rely on
+ it anyway, this limitation shouldn't be a problem.
-Earlier versions included three different versions of the default.action file.
-The new scheme allows for greater flexibility of local configuration, and for
-browser based selection of pre-defined "aggressiveness" levels.
+ Please refer to your packet filter's documentation to learn how to
+ intercept and redirect traffic into Privoxy. Afterward you just have to
+ configure Privoxy to accept intercepted requests.
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
-3.7. How can I make my Yahoo/Hotmail/Gmail account work?
+ 3.21. How can I configure Privoxy for use with Outlook Express?
-The default configuration shouldn't impact the usability of any of these
-services. It will, however, make all cookies temporary, so that your browser
-will forget your login credentials in between browser sessions. If you would
-like not to have to log in manually each time you access those websites, simply
-turn off all cookie handling for them in the user.action file. An example for
-yahoo might look like:
+ Outlook Express uses Internet Explorer components to both render HTML, and
+ fetch any HTTP requests that may be embedded in an HTML email. So however
+ you have Privoxy configured to work with IE, this configuration should
+ automatically be shared.
-# Allow all cookies for Yahoo login:
-#
-{ -crunch-incoming-cookies -crunch-outgoing-cookies -session-cookies-only }
-.login.yahoo.com
+ --------------------------------------------------------------------------
-These kinds of sites are often quite complex and heavy with Javascript and thus
-"fragile". So if still a problem, we have an alias just for such sticky
-situations:
+ 3.22. How can I have separate rules just for HTML mail?
-# Gmail is a _fragile_ site:
-#
-{ fragile }
- mail.google.com
+ The short answer is, you can't. Privoxy has no way of knowing which
+ particular application makes a request, so there is no way to distinguish
+ between web pages and HTML mail. Privoxy just blindly proxies all
+ requests. In the case of Outlook Express (see above), OE uses IE anyway,
+ and there is no way for Privoxy to ever be able to distinguish between
+ them (nor could any other proxy type application for that matter).
-Be sure to flush your browser's caches whenever making these kinds of changes,
-just to make sure the changes "take".
+ For a good discussion of some of the issues involved (including privacy
+ and security issues), see
+ http://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118.
-Make sure the domain, host and path are appropriate as well. Your browser can
-tell you where you are specifically and you should use that information for
-your configuration settings. Note that above it is not referenced as gmail.com,
-which is a valid domain name.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 3.23. I sometimes notice cookies sneaking through. How?
-3.8. What's the difference between the "Cautious", "Medium" and "Advanced"
-defaults?
+ Cookies can be set in several ways. The classic method is via the
+ Set-Cookie HTTP header. This is straightforward, and an easy one to
+ manipulate, such as the Privoxy concept of session-cookies-only. There is
+ also the possibility of using Javascript to set cookies (Privoxy calls
+ these content-cookies). This is trickier because the syntax can vary
+ widely, and thus requires a certain amount of guesswork. It is not
+ realistic to catch all of these short of disabling Javascript, which would
+ break many sites. And lastly, if the cookies are embedded in a HTTPS/SSL
+ secure session via Javascript, they are beyond Privoxy's reach.
-Configuring Privoxy is not entirely trivial. To help you get started, we
-provide you with three different default action "profiles" in the web based
-actions file editor at http://config.privoxy.org/show-status. See the User
-Manual for a list of actions, and how the default profiles are set.
+ All in all, Privoxy can help manage cookies in general, can help minimize
+ the loss of privacy posed by cookies, but can't realistically stop all
+ cookies.
-Where the defaults are likely to break some sites, exceptions for known popular
-"problem" sites are included, but in general, the more aggressive your default
-settings are, the more exceptions you will have to make later. See the User
-Manual for a more detailed discussion.
+ --------------------------------------------------------------------------
-It should be noted that the "Advanced" profile (formerly known as the
-"Adventuresome" profile) is more aggressive, and will make use of some of
-Privoxy's advanced features. Use at your own risk!
+ 3.24. Are all cookies bad? Why?
--------------------------------------------------------------------------------
+ No, in fact there are many beneficial uses of cookies. Cookies are just a
+ method that browsers can use to store data between pages, or between
+ browser sessions. Sometimes there is a good reason for this, and the
+ user's life is a bit easier as a result. But there is a long history of
+ some websites taking advantage of this layer of trust, and using the data
+ they glean from you and your browsing habits for their own purposes, and
+ maybe to your potential detriment. Such sites are using you and storing
+ their data on your system. That is why the privacy conscious watch from
+ whom those cookies come, and why they really need to be there.
-3.9. Why can I change the configuration with a browser? Does that not raise
-security issues?
+ See the Wikipedia cookie definition for more.
-It may seem strange that regular users can edit the config files with their
-browsers, although the whole /etc/privoxy hierarchy belongs to the user
-"privoxy", with only 644 permissions.
+ --------------------------------------------------------------------------
-When you use the browser-based editor, Privoxy itself is writing to the config
-files. Because Privoxy is running as the user "privoxy", it can update the
-config files.
+ 3.25. How can I allow permanent cookies for my trusted sites?
-If you run Privoxy for multiple untrusted users (e.g. in a LAN), you will
-probably want to turn the web-based editor and remote toggle features off by
-setting "enable-edit-actions 0" and "enable-remote-toggle 0" in the main
-configuration file.
+ There are several actions that relate to cookies. The default behavior is
+ to allow only "session cookies", which means the cookies only last for the
+ current browser session. This eliminates most kinds of abuse related to
+ cookies. But there may be cases where you want cookies to last.
-Note that in the default configuration, only local users (i.e. those on
-"localhost") can connect to Privoxy, so this is not (normally) a security
-problem.
+ To disable all cookie actions, so that cookies are allowed unrestricted,
+ both in and out, for example.com:
--------------------------------------------------------------------------------
+ { -crunch-incoming-cookies -crunch-outgoing-cookies -session-cookies-only -filter{content-cookies} }
+ .example.com
-3.10. What is the default.filter file? What is a "filter"?
+ Place the above in user.action. Note that some of these may be off by
+ default anyway, so this might be redundant, but there is no harm being
+ explicit in what you want to happen. user.action includes an alias for
+ this situation, called allow-all-cookies.
-The default.filter file is where filters as supplied by the developers are
-defined. Filters are a special subset of actions that can be used to modify or
-remove, web page content on the fly. Filters apply to anything in the page
-source (and optionally both client and server headers), including HTML tags,
-and JavaScript. Regular expressions are used to accomplish this. There are a
-number of pre-defined filters to deal with common annoyances. The filters are
-only defined here, to invoke them, you need to use the filter action in one of
-the actions files. Filtering is automatically disabled for inappropriate MIME
-types.
+ --------------------------------------------------------------------------
-If you are familiar with regular expressions, and HTML, you can look at the
-provided default.filter with a text editor and define your own filters. This is
-potentially a very powerful feature, but requires some expertise in both
-regular expressions and HTML/HTTP. You should place any modifications to the
-default filters, or any new ones you create in a separate file, such as
-user.filter, so they won't be overwritten during upgrades. The ability to
-define multiple filter files in config is a new feature as of v. 3.0.5.
+ 3.26. Can I have separate configurations for different users?
-There is no GUI editor option for this part of the configuration, but you can
-disable/enable the various pre-defined filters of the included default.filter
-file with the web-based actions file editor.
+ Each instance of Privoxy has its own configuration, including such
+ attributes as the TCP port that it listens on. What you can do is run
+ multiple instances of Privoxy, each with a unique listen-address
+ configuration setting, and configuration path, and then each of these can
+ have their own configurations. Think of it as per-port configuration.
--------------------------------------------------------------------------------
+ Simple enough for a few users, but for large installations, consider
+ having groups of users that might share like configurations.
-3.11. How can I set up Privoxy to act as a proxy for my LAN?
+ --------------------------------------------------------------------------
-By default, Privoxy only responds to requests from 127.0.0.1 (localhost). To
-have it act as a server for a network, this needs to be changed in the main
-configuration file. Look for the listen-address option, which may be commented
-out with a "#" symbol. Make sure it is uncommented, and assign it the address
-of the LAN gateway interface, and port number to use. Assuming your LAN address
-is 192.168.1.1 and you wish to run Privoxy on port 8118, this line should look
-like:
+ 3.27. Can I set-up Privoxy as a whitelist of "good" sites?
- listen-address 192.168.1.1:8118
+ Sure. There are a couple of things you can do for simple white-listing.
+ Here's one real easy one:
-Save the file, and restart Privoxy. Configure all browsers on the network then
-to use this address and port number.
+ ############################################################
+ # Blacklist
+ ############################################################
+ { +block }
+ / # Block *all* URLs
-Alternately, you can have Privoxy listen on all available interfaces:
+ ############################################################
+ # Whitelist
+ ############################################################
+ { -block }
+ kids.example.com
+ toys.example.com
+ games.example.com
- listen-address :8118
+ This allows access to only those three sites by first blocking all URLs,
+ and then subsequently allowing three specific exceptions.
-And then use Privoxy's permit-access feature to limit connections. A firewall
-in this situation is recommended as well.
+ Another approach is Privoxy's trustfile concept, which incorporates the
+ notion of "trusted referrers". See the Trust documentation for details.
-The above steps should be the same for any TCP network, regardless of operating
-system.
+ These are fairly simple approaches and are not completely foolproof. There
+ are various other configuration options that should be disabled (described
+ elsewhere here and in the User Manual) so that users can't modify their
+ own configuration and easily circumvent the whitelist.
-If you run Privoxy on a LAN with untrusted users, we recommend that you
-double-check the access control and security options!
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 3.28. How can I turn off ad-blocking?
-3.12. Instead of ads, now I get a checkerboard pattern. I don't want to see
-anything.
+ Ad blocking is achieved through a complex application of various Privoxy
+ actions. These actions are deployed against simple images, banners, flash
+ animations, text pages, JavaScript, pop-ups and pop-unders, etc., so its
+ not as simple as just turning one or two actions off. The various actions
+ that make up Privoxy ad blocking are hard-coded into the default
+ configuration files. It has been assumed that everyone using Privoxy is
+ interested in this particular feature.
-The replacement for blocked images can be controlled with the set-image-blocker
-action. You have the choice of a checkerboard pattern, a transparent 1x1 GIF
-image (aka "blank"), or a redirect to a custom image of your choice. Note that
-this choice only has effect for images which are blocked as images, i.e. whose
-URLs match both a handle-as-image and block action.
+ If you want to do without this, there are several approaches you can take:
+ You can manually undo the many block rules in default.action. Or even
+ easier, just create your own default.action file from scratch without the
+ many ad blocking rules, and corresponding exceptions. Or lastly, if you
+ are not concerned about the additional blocks that are done for privacy
+ reasons, you can very easily over-ride all blocking with the following
+ very simple rule in your user.action:
-If you want to see nothing, then change the set-image-blocker action to
-"blank". This can be done by editing the default.action file, or trough the
-web-based actions file editor.
+ # Unblock everybody, everywhere
+ { -block }
+ / # UN-Block *all* URLs
--------------------------------------------------------------------------------
+ Or even a more comprehensive reversing of various ad related actions:
-3.13. Why would anybody want to see a checkerboard pattern?
+ # Unblock everybody, everywhere, and turn off appropriate filtering, etc
+ { -block \
+ -filter{banners-by-size} \
+ -filter{banners-by-link} \
+ allow-popups \
+ }
+ / # UN-Block *all* URLs and allow ads
-Remember that telling which image is an ad and which isn't, is mostly
-guesswork. While we hope that the standard configuration is rather smart, it
-can and will make errors. The checkerboard image is visually decent, but it
-shows you that and where images were blocked, which can be very helpful in case
-some navigation aid or otherwise innocent image was erroneously blocked. Some
-people might also enjoy seeing how many banners they don't have to see..
+ This last "action" in this compound statement, allow-popups, is an alias
+ that disables various pop-up blocking features.
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
-3.14. I see some images being replaced by a text instead of the checkerboard
-image. Why and how do I get rid of this?
+ 3.29. How can I have custom template pages, like the BLOCKED page?
-This happens when the banners are not embedded in the HTML code of the page
-itself, but in separate HTML (sub)documents that are loaded into (i)frames or
-(i)layers, and these external HTML documents are blocked. Being non-images they
-get replaced by a substitute HTML page rather than a substitute image, which
-wouldn't work out technically, since the browser expects and accepts only HTML
-when it has requested an HTML document.
+ Privoxy "templates" are specialized text files utilized by Privoxy for
+ various purposes and can easily be modified using any text editor. All the
+ template pages are installed in a sub-directory appropriately named:
+ templates. Knowing something about HTML syntax will of course be helpful.
-The substitute page adapts to the available space and shows itself as a
-miniature two-liner if loaded into small frames, or full-blown with a large red
-"BLOCKED" banner if space allows.
+ Be forewarned that the default templates are subject to being overwritten
+ during upgrades. You can, however, create completely new templates, place
+ them in another directory and specify the alternate path in the main
+ config. For details, have a look at the templdir option.
-If you prefer the banners to be blocked by images, you must see to it that the
-HTML documents in which they are embedded are not blocked. Clicking the "See
-why" link offered in the substitute page will show you which rule blocked the
-page. After changing the rule and un-blocking the HTML documents, the browser
-will try to load the actual banner images and the usual image blocking will
-(hopefully!) kick in.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 3.30. How can I remove the "Go There Anyway" link from the BLOCKED page?
-3.15. Can Privoxy run as a service on Win2K/NT/XP?
+ There is more than one way to do it (although Perl is not involved).
-Yes. Version 3.0.5 introduces full Windows service functionality. See the User
-Manual for details on how to install and configure Privoxy as a service.
+ Editing the BLOCKED template page (see above) may dissuade some users, but
+ this method is easily circumvented. Where you need this level of control,
+ you might want to build Privoxy from source, and disable various features
+ that are available as compile-time options. You should configure the
+ sources as follows:
-Earlier 3.x versions could run as a system service using srvany.exe. See the
-discussion at http://sourceforge.net/tracker/?func=detail&atid=361118&aid=
-485617&group_id=11118, for details, and a sample configuration.
+ ./configure --disable-toggle --disable-editor --disable-force
--------------------------------------------------------------------------------
+ This will create an executable with hard-coded security features so that
+ Privoxy does not allow easy bypassing of blocked sites, or changing the
+ current configuration via any connected user's web browser.
-3.16. How can I make Privoxy work with other proxies like Squid or Tor?
+ Finally, all of these features can also be toggled on/off via options in
+ Privoxy's main config file which means you don't have to recompile
+ anything.
-This can be done and is often useful to combine the benefits of Privoxy with
-those of a another proxy. See the forwarding chapter in the User Manual which
-describes how to do this, and the How do I use Privoxy together with Tor
-section below.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+4. Miscellaneous
-3.17. Can I just set Privoxy to use port 80 and thus avoid individual browser
-configuration?
+ 4.1. How much does Privoxy slow my browsing down? This has to add extra time
+ to browsing.
+
+ How much of an impact depends on many things, including the CPU of the
+ host system, how aggressive the configuration is, which specific actions
+ are being triggered, the size of the page, the bandwidth of the
+ connection, etc.
+
+ Overall, it should not slow you down any in real terms, and may actually
+ help speed things up since ads, banners and other junk are not typically
+ being retrieved and displayed. The actual processing time required by
+ Privoxy itself for each page, is relatively small in the overall scheme of
+ things, and happens very quickly. This is typically more than offset by
+ time saved not downloading and rendering ad images and other junk content
+ (if ad blocking is being used).
+
+ "Filtering" content via the filter or deanimate-gifs actions may cause a
+ perceived slowdown, since the entire document needs to be buffered before
+ displaying. And on very large documents, filtering may have some
+ measurable impact. How much depends on the page size, the actual
+ definition of the filter(s), etc. See below. Most other actions have
+ little to no impact on speed.
+
+ Also, when filtering is enabled but zlib support isn't available,
+ compression is often disabled (see prevent-compression). This can have an
+ impact on speed as well, although it's probably smaller than you might
+ think. Again, the page size, etc. will determine how much of an impact.
+
+ --------------------------------------------------------------------------
+
+ 4.2. I notice considerable delays in page requests. What's wrong?
+
+ If you use any filter action, such as filtering banners by size, web-bugs
+ etc, or the deanimate-gifs action, the entire document must be loaded into
+ memory in order for the filtering mechanism to work, and nothing is sent
+ to the browser during this time.
+
+ The loading time typically does not really change much in real numbers,
+ but the feeling is different, because most browsers are able to start
+ rendering incomplete content, giving the user a feeling of "it works".
+ This effect is more noticeable on slower dialup connections. Extremely
+ large documents may have some impact on the time to load the page where
+ there is filtering being done. But overall, the difference should be very
+ minimal. If there is a big impact, then probably some other situation is
+ contributing (like anti-virus software).
+
+ Filtering is automatically disabled for inappropriate MIME types. But note
+ that if the web server mis-reports the MIME type, then content that should
+ not be filtered, could be. Privoxy only knows how to differentiate
+ filterable content because of the MIME type as reported by the server, or
+ because of some configuration setting that enables/disables filtering.
+
+ --------------------------------------------------------------------------
-No, its more complicated than that. This only works with special kinds of
-proxies known as "transparent" proxies (see below).
+ 4.3. What are "http://config.privoxy.org/" and "http://p.p/"?
--------------------------------------------------------------------------------
+ http://config.privoxy.org/ is the address of Privoxy's built-in user
+ interface, and http://p.p/ is a shortcut for it.
-3.18. Can Privoxy run as a "transparent" proxy?
+ Since Privoxy sits between your web browser and the Internet, it can
+ simply intercept requests for these addresses and answer them with its
+ built-in "web server".
-No, Privoxy currently does not have this ability, though it may be added in a
-future release. Transparent proxies require special handling of the request
-headers beyond what Privoxy is now capable of.
+ This also makes for a good test for your browser configuration: If
+ entering the URL http://config.privoxy.org/ takes you to a page saying
+ "This is Privoxy ...", everything is OK. If you get a page saying "Privoxy
+ is not working" instead, then your browser didn't use Privoxy for the
+ request, hence it could not be intercepted, and you have accessed the real
+ web site at config.privoxy.org.
-Chaining Privoxy behind another proxy that has this ability should work though.
-See the forwarding chapter in the User Manual. As a transparent proxy to be
-used for chaining we recommend Transproxy (http://transproxy.sourceforge.net/).
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 4.4. How can I submit new ads, or report problems?
-3.19. How can I configure Privoxy for use with Outlook Express?
+ Please see the Contact section for various ways to interact with the
+ developers.
-Outlook Express uses Internet Explorer components to both render HTML, and
-fetch any HTTP requests that may be embedded in an HTML email. So however you
-have Privoxy configured to work with IE, this configuration should
-automatically be shared.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 4.5. If I do submit missed ads, will they be included in future updates?
-3.20. How can I have separate rules just for HTML mail?
+ Whether such submissions are eventually included in the default.action
+ configuration file depends on how significant the issue is. We of course
+ want to address any potential problem with major, high-profile sites such
+ as Google, Yahoo, etc. Any site with global or regional reach, has a good
+ chance of being a candidate. But at the other end of the spectrum are any
+ number of smaller, low-profile sites such as for local clubs or schools.
+ Since their reach and impact are much less, they are best handled by
+ inclusion in the user's user.action, and thus would be unlikely to be
+ included.
-The short answer is, you can't. Privoxy has no way of knowing which particular
-application makes a request, so there is no way to distinguish between web
-pages and HTML mail. Privoxy just blindly proxies all requests. In the case of
-Outlook Express (see above), OE uses IE anyway, and there is no way for Privoxy
-to ever be able to distinguish between them (nor could any other proxy type
-application for that matter).
+ --------------------------------------------------------------------------
-For a good discussion of some of the issues involved (including privacy and
-security issues), see http://sourceforge.net/tracker/?func=detail&atid=211118&
-aid=629518&group_id=11118.
+ 4.6. Why doesn't anyone answer my support request?
--------------------------------------------------------------------------------
+ Rest assured that it has been read and considered. Why it is not answered,
+ could be for various reasons, including no one has a good answer for it,
+ no one has had time to yet investigate it thoroughly, it has been reported
+ numerous times already, or because not enough information was provided to
+ help us help you. Your efforts are not wasted, and we do appreciate them.
-3.21. I sometimes notice cookies sneaking through. How?
+ --------------------------------------------------------------------------
-Cookies can be set in several ways. The classic method is via the Set-Cookie
-HTTP header. This is straightforward, and an easy one to manipulate, such as
-the Privoxy concept of session-cookies-only. There is also the possibility of
-using Javascript to set cookies (Privoxy calls these content-cookies). This is
-trickier because the syntax can vary widely, and thus requires a certain amount
-of guesswork. It is not realistic to catch all of these short of disabling
-Javascript, which would break many sites. And lastly, if the cookies are
-embedded in a HTTPS/SSL secure session via Javascript, they are beyond
-Privoxy's reach.
+ 4.7. How can I hide my IP address?
-All in all, Privoxy can help manage cookies in general, can help minimize the
-loss of privacy posed by cookies, but can't realistically stop all cookies.
+ If you run both the browser and Privoxy locally, you cannot hide your IP
+ address with Privoxy or ultimately any other software alone. The server
+ needs to know your IP address so that it knows where to send the responses
+ back.
--------------------------------------------------------------------------------
+ There are many publicly usable "anonymous" proxies out there, which
+ provide a further level of indirection between you and the web server.
-3.22. Are all cookies bad? Why?
+ However, these proxies are called "anonymous" because you don't need to
+ authenticate, not because they would offer any real anonymity. Most of
+ them will log your IP address and make it available to the authorities in
+ case you violate the law of the country they run in. In fact you can't
+ even rule out that some of them only exist to *collect* information on
+ (those suspicious) people with a more than average preference for privacy.
-No, in fact there are many beneficial uses of cookies. Cookies are just a
-method that browsers can use to store data between pages, or between browser
-sessions. Sometimes there is a good reason for this, and the user's life is a
-bit easier as a result. But there is a long history of some websites taking
-advantage of this layer of trust, and using the data they glean from you and
-your browsing habits for their own purposes, and maybe to your potential
-detriment. Such sites are using you and storing their data on your system. That
-is why the security conscious watch from whom those cookies come, and why they
-really need to be there.
+ If you want to hide your IP address from most adversaries, you should
+ consider chaining Privoxy with Tor. The configuration details can be found
+ in How do I use Privoxy together with Tor section just below.
-See the Wikipedia cookie definition for more.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 4.8. Can Privoxy guarantee I am anonymous?
-3.23. How can I allow permanent cookies for my trusted sites?
+ No. Your chances of remaining anonymous are improved, but unless you chain
+ Privoxy with Tor or a similar proxy and know what you're doing when it
+ comes to configuring the rest of your system, you should assume that
+ everything you do on the Web can be traced back to you.
-There are several actions that relate to cookies. The default behavior is to
-allow only "session cookies", which means the cookies only last for the current
-browser session. This eliminates most kinds of abuse related to cookies. But
-there may be cases where we want cookies to last.
+ Privoxy can remove various information about you, and allows you more
+ freedom to decide which sites you can trust, and what details you want to
+ reveal. But it neither hides your IP address, nor can it guarantee that
+ the rest of the system behaves correctly. There are several possibilities
+ how a web sites can find out who you are, even if you are using a strict
+ Privoxy configuration and chained it with Tor.
-To disable all cookie actions, so that cookies are allowed unrestricted, both
-in and out, for example.com:
+ Most of Privoxy's privacy-enhancing features can be easily subverted by an
+ insecure browser configuration, therefore you should use a browser that
+ can be configured to only execute code from trusted sites, and be careful
+ which sites you trust. For example there is no point in having Privoxy
+ modify the User-Agent header, if websites can get all the information they
+ want through JavaScript, ActiveX, Flash, Java etc.
- { -crunch-incoming-cookies -crunch-outgoing-cookies -session-cookies-only -filter{content-cookies} }
- .example.com
+ A few browsers disclose the user's email address in certain situations,
+ such as when transferring a file by FTP. Privoxy does not filter FTP. If
+ you need this feature, or are concerned about the mail handler of your
+ browser disclosing your email address, you might consider products such as
+ NSClean.
-Place the above in user.action. Note some of these may be off by default
-anyway, so this might be redundant, but there is no harm being explicit in what
-you want to happen. user.action includes an alias for this situation, called
-allow-all-cookies.
+ Browsers available only as binaries could use non-standard headers to give
+ out any information they can have access to: see the manufacturer's
+ license agreement. It's impossible to anticipate and prevent every breach
+ of privacy that might occur. The professionally paranoid prefer browsers
+ available as source code, because anticipating their behavior is easier.
+ Trust the source, Luke!
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
+
+ 4.9. A test site says I am not using a Proxy.
-3.24. Can I have separate configurations for different users?
+ Good! Actually, they are probably testing for some other kinds of proxies.
+ Hiding yourself completely would require additional steps.
-Each instance of Privoxy has its own configuration, including such attributes
-as the TCP port that it listens on. What you can do is run multiple instances
-of Privoxy, each with a unique listen-address and configuration path, and then
-each of these can have their own configurations. Think of it as per-port
-configuration.
+ --------------------------------------------------------------------------
+
+ 4.10. How do I use Privoxy together with Tor?
-Simple enough for a few users, but for large installations, consider having
-groups of users that might share like configurations.
+ Before you configure Privoxy to use Tor, please follow the User Manual
+ chapters 2. Installation and 5. Startup to make sure Privoxy itself is
+ setup correctly.
--------------------------------------------------------------------------------
+ If it is, refer to Tor's extensive documentation to learn how to install
+ Tor, and make sure Tor's logfile says that "Tor has successfully opened a
+ circuit" and it "looks like client functionality is working".
-3.25. Can I set-up Privoxy as a whitelist of "good" sites?
+ If either Tor or Privoxy isn't working, their combination most likely will
+ neither. Testing them on their own will also help you to direct problem
+ reports to the right audience. If Privoxy isn't working, don't bother the
+ Tor developers. If Tor isn't working, don't send bug reports to the
+ Privoxy Team.
-Sure. There are a couple of things you can do for simple whitelisting. Here's
-one real easy one:
+ If you verified that Privoxy and Tor are working, it is time to connect
+ them. As far as Privoxy is concerned, Tor is just another proxy that can
+ be reached by socks4 or socks4a. Most likely you are interested in Tor to
+ increase your anonymity level, therefore you should use socks4a, to make
+ sure DNS requests are done through Tor and thus invisible to your local
+ network.
- ############################################################
- # Blacklist
- ############################################################
- { +block }
- / # Block *all* URLs
-
- ############################################################
- # Whitelist
- ############################################################
- { -block }
- kids.example.com
- toys.example.com
- games.example.com
+ Since Privoxy 3.0.5, its main configuration file is already prepared for
+ Tor, if you are using a default Tor configuration and run it on the same
+ system as Privoxy, you just have to edit the forwarding section and
+ uncomment the line:
-This allows access to only those three sites.
+ # forward-socks4a / 127.0.0.1:9050 .
-A more interesting approach is Privoxy's trustfile concept, which incorporates
-the notion of "trusted referrers". See the User Manual Trust documentation.
-These are fairly simple approaches and are not completely foolproof. There are
-various other configuration options that should be disabled (described
-elsewhere here and in the User Manual) so that users can't modify their own
-configuration and easily circumvent the whitelist.
+ This is enough to reach the Internet, but additionally you might want to
+ uncomment the following forward rules, to make sure your local network is
+ still reachable through Privoxy:
--------------------------------------------------------------------------------
+ # forward 192.168.*.*/ .
+ # forward 10.*.*.*/ .
+ # forward 127.*.*.*/ .
-4. Miscellaneous
-4.1. How much does Privoxy slow my browsing down? This has to add extra time to
-browsing.
+ Unencrypted connections to systems in these address ranges will be as
+ (un)secure as the local network is, but the alternative is that your
+ browser can't reach the network at all. Then again, that may actually be
+ desired and if you don't know for sure that your browser has to be able to
+ reach the local network, there's no reason to allow it.
-How much of an impact depends on many things, including the CPU of the host
-system, how aggressive the configuration is, which specific actions are being
-triggered, the size of the page, etc.
+ If you want your browser to be able to reach servers in your local network
+ by using their names, you will need additional exceptions that look like
+ this:
-Overall, it should not slow you down any in real terms, and may actually help
-speed things up since ads, banners and other junk are not typically being
-retrieved and displayed. The actual processing time required by Privoxy itself
-for each page, is relatively small in the overall scheme of things, and happens
-very quickly. This is typically more than offset by time saved not downloading
-and rendering ad images (if ad blocking is being used).
+ # forward localhost/ .
-"Filtering" content via the filter or deanimate-gifs actions will certainly
-cause a perceived slowdown, since the entire document needs to be buffered
-before displaying. And on very large documents, there may be some impact. How
-much depends on the page size, the actual definition of the filter(s), etc. See
-below. Most other actions have little to no impact on speed.
--------------------------------------------------------------------------------
+ Save the modified configuration file and open
+ http://config.privoxy.org/show-status/ in your browser, confirm that
+ Privoxy has reloaded its configuration and that there are no other forward
+ lines, unless you know that you need them. If everything looks good, refer
+ to Tor Faq 4.2 to learn how to verify that you are really using Tor.
-4.2. I notice considerable delays in page requests compared to the old
-Junkbuster. What's wrong?
+ Afterward, please take the time to at least skim through the rest of Tor's
+ documentation. Make sure you understand what Tor does, why it is no
+ replacement for application level security, and why you probably don't
+ want to use it for unencrypted logins.
-If you use any filter action, such as filtering banners by size, web-bugs etc,
-or the deanimate-gifs action, the entire document must be loaded into memory in
-order for the filtering mechanism to work, and nothing is sent to the browser
-during this time.
+ --------------------------------------------------------------------------
+
+ 4.11. Might some things break because header information or content is being
+ altered?
-The loading time typically does not really change much in real numbers, but the
-feeling is different, because most browsers are able to start rendering
-incomplete content, giving the user a feeling of "it works". This effect is
-more noticeable on slower dialup connections. Extremely large documents may
-have some impact on the time to load the page where there is filtering being
-done. But overall, the difference should be very minimal. If there is a big
-impact, then probably some other problem is contributing.
+ Definitely. It is common for sites to use browser type, browser version,
+ HTTP header content, and various other techniques in order to dynamically
+ decide what to display and how to display it. What you see, and what I
+ see, might be very different. There are many, many ways that this can be
+ handled, so having hard and fast rules, is tricky.
-Filtering is automatically disabled for inappropriate MIME types. But note that
-if the web server mis-reports the MIME type, then content that should not be
-filtered, could be. Privoxy only knows how to differentiate filterable content
-because of the MIME type as reported by the server, or because of some
-configuration setting that enables/disables filtering.
-
--------------------------------------------------------------------------------
+ The "User-Agent" is sometimes used in this way to identify the browser,
+ and adjust content accordingly.
-4.3. What are "http://config.privoxy.org/" and "http://p.p/"?
+ Also, different browsers use different encodings of non-English
+ characters, certain web servers convert pages on-the-fly according to the
+ User Agent header. Giving a "User Agent" with the wrong operating system
+ or browser manufacturer causes some sites in these languages to be
+ garbled; Surfers to Eastern European sites should change it to something
+ closer. And then some page access counters work by looking at the
+ "Referer" header; they may fail or break if unavailable. The weather maps
+ of Intellicast have been blocked by their server when no "Referer" or
+ cookie is provided, is another example. (But you can forge both headers
+ without giving information away). There are many other ways things can go
+ wrong when trying to fool a web server. The results of which could
+ inadvertently cause pages to load incorrectly, partially, or even not at
+ all. And there may be no obvious clues as to just what went wrong, or why.
+ Nowhere will there be a message that says "Turn off fast-redirects or
+ else! "
-http://config.privoxy.org/ is the address of Privoxy's built-in user interface,
-and http://p.p/ is a shortcut for it.
+ Similar thoughts apply to modifying JavaScript, and, to a lesser degree,
+ HTML elements.
-Since Privoxy sits between your web browser and the Internet, it can simply
-intercept requests for these addresses and answer them with its built-in "web
-server".
+ If you have problems with a site, you will have to adjust your
+ configuration accordingly. Cookies are probably the most likely adjustment
+ that may be required, but by no means the only one.
-This also makes for a good test for your browser configuration: If entering the
-URL http://config.privoxy.org/ takes you to a page saying "This is Privoxy
-...", everything is OK. If you get a page saying "Privoxy is not working"
-instead, then your browser didn't use Privoxy for the request, hence it could
-not be intercepted, and you have accessed the real web site at
-config.privoxy.org.
+ --------------------------------------------------------------------------
-With recent versions of Privoxy (version 2.9.x and later), the user interface
-features information on the run time status, the configuration, and even a
-built-in editor for the actions files.
+ 4.12. Can Privoxy act as a "caching" proxy to speed up web browsing?
-Note that the built-in URLs from earlier versions of Junkbuster / Privoxy,
-http://example.com/show-proxy-args and http://i.j.b/, are no longer supported.
-If you still use such an old version, you should really consider upgrading to
-3.0.5.
+ No, it does not have this ability at all. You want something like Squid or
+ Polipo for this. And, yes, before you ask, Privoxy can co-exist with other
+ kinds of proxies like Squid. See the forwarding chapter in the user manual
+ for details.
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
-4.4. How can I submit new ads, or report problems?
+ 4.13. What about as a firewall? Can Privoxy protect me?
-Please see the Contact section for various ways to interact with the
-developers.
+ Not in the way you mean, or in the way some firewall vendors claim they
+ can. Privoxy can help protect your privacy, but can't protect your system
+ from intrusion attempts. It is, of course, perfectly possible to use both.
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
-4.5. Why doesn't anyone answer my support request?
+ 4.14. I have large empty spaces / a checkerboard pattern now where ads used
+ to be. Why?
-Rest assured that it has been read and considered. Why it is not answered,
-could be for various reasons, including no one has a good answer for it, no one
-has had time to yet investigate it thoroughly, it has been reported numerous
-times already, or because not enough information was provided to help us help
-you. Your efforts are not wasted, and we do appreciate them.
+ It is technically possible to eliminate banners and ads in a way that
+ frees their allocated page space. This could easily be done by blocking
+ with Privoxy's filters, and eliminating the entire image references from
+ the HTML page source.
--------------------------------------------------------------------------------
+ But, this would consume considerably more CPU resources (IOW, slow things
+ down), would likely destroy the layout of some web pages which rely on the
+ banners utilizing a certain amount of page space, and might fail in other
+ cases, where the screen space is reserved (e.g. by HTML tables for
+ instance). Also, making ads and banners disappear without any trace
+ complicates troubleshooting, and would sooner or later be problematic.
-4.6. How can I hide my IP address?
+ The better alternative is to instead let them stay, and block the
+ resulting requests for the banners themselves as is now the case. This
+ leaves either empty space, or the familiar checkerboard pattern.
-If you run both the browser and the proxy locally, you cannot hide your IP
-address with Privoxy or ultimately any other software. The server needs to know
-your IP address so that it knows where to send the responses back.
+ So the developers won't support this in the default configuration, but you
+ can of course define appropriate filters yourself to achieve this.
-There are many publicly usable "anonymous" proxies out there, which provide a
-further level of indirection between you and the web server.
+ --------------------------------------------------------------------------
-However, these proxies are called "anonymous" because you don't need a
-password, not because they would offer any real anonymity. Most of them will
-log your IP address and make it available to the authorities in case you
-violate the law of the country they run in. In fact you can't even rule out
-that some of them only exist to *collect* information on (those suspicious)
-people with a more than average preference for privacy.
+ 4.15. How can Privoxy filter Secure (HTTPS) URLs?
-Your best bet is to chain Privoxy with Tor, an EFF supported onion routing
-system. The configuration details can be found in How do I use Privoxy together
-with Tor section just below.
-
--------------------------------------------------------------------------------
+ Since secure HTTP connections are encrypted SSL sessions between your
+ browser and the secure site, and are meant to be reliably secure, there is
+ little that Privoxy can do but hand the raw gibberish data though from one
+ end to the other unprocessed.
-4.7. Can Privoxy guarantee I am anonymous?
+ The only exception to this is blocking by host patterns, as the client
+ needs to tell Privoxy the name of the remote server, so that Privoxy can
+ establish the connection. If that name matches a host-only pattern, the
+ connection will be blocked.
-No. Your chances of remaining anonymous are greatly improved, but unless you
-chain Privoxy with Tor or a similar system and know what you're doing when it
-comes to configuring the rest of your system, it would be safest to assume that
-everything you do on the Web can be traced back to you.
+ As far as ad blocking is concerned, this is less of a restriction than it
+ may seem, since ad sources are often identifiable by the host name, and
+ often the banners to be placed in an encrypted page come unencrypted
+ nonetheless for efficiency reasons, which exposes them to the full power
+ of Privoxy's ad blocking.
+
+ "Content cookies" (those that are embedded in the actual HTML or JS page
+ content, see filter{content-cookies}), in an SSL transaction will be
+ impossible to block under these conditions. Fortunately, this does not
+ seem to be a very common scenario since most cookies come by traditional
+ means.
+
+ --------------------------------------------------------------------------
+
+ 4.16. Privoxy runs as a "server". How secure is it? Do I need to take any
+ special precautions?
+
+ On Unix-like systems, Privoxy can run as a non-privileged user, which is
+ how we recommend it be run. Also, by default Privoxy listens to requests
+ from "localhost" only.
+
+ The server aspect of Privoxy is not itself directly exposed to the
+ Internet in this configuration. If you want to have Privoxy serve as a LAN
+ proxy, this will have to be opened up to allow for LAN requests. In this
+ case, we'd recommend you specify only the LAN gateway address, e.g.
+ 192.168.1.1, in the main Privoxy configuration file and check all access
+ control and security options. All LAN hosts can then use this as their
+ proxy address in the browser proxy configuration, but Privoxy will not
+ listen on any external interfaces. ACLs can be defined in addition, and
+ using a firewall is always good too. Better safe than sorry.
-Privoxy can remove various information about you, and allows you more freedom
-to decide which sites you can trust, and what details you want to reveal. But
-it neither hides your ip address, nor can it guarantee that the rest of the
-system behaves correctly. There are several possibilities how a web sites can
-find out who you are, even if you are using a strict Privoxy configuration and
-chained it with Tor.
+ --------------------------------------------------------------------------
-Most of Privoxy's protection can be easily subverted by an insecure browser
-configuration, therefore you should use a browser that can be configured to
-only execute code from trusted sites, and be careful which sites you trust. For
-example there is no point in having Privoxy modify the User-Agent header, if
-websites can get all the information they want through JavaScript, ActiveX,
-Flash, Java etc.
-
-A few browsers disclose the user's email address in certain situations, such as
-when transferring a file by FTP. Privoxy does not filter FTP. If you need this
-feature, or are concerned about the mail handler of your browser disclosing
-your email address, you might consider products such as NSClean.
+ 4.17. Can I temporarily disable Privoxy?
-Browsers available only as binaries could use non-standard headers to give out
-any information they can have access to: see the manufacturer's license
-agreement. It's impossible to anticipate and prevent every breach of privacy
-that might occur. The professionally paranoid prefer browsers available as
-source code, because anticipating their behavior is easier. Trust the source,
-Luke!
+ Privoxy doesn't have a transparent proxy mode, but you can toggle off
+ blocking and content filtering.
--------------------------------------------------------------------------------
+ The easiest way to do that is to point your browser to the remote toggle
+ URL: http://config.privoxy.org/toggle.
-4.8. A test site says I am not using a Proxy.
+ See the Bookmarklets section of the User Manual for an easy way to access
+ this feature. Note that this is a feature that may need to be enabled in
+ the main config file.
-Good! Actually, they are probably testing for some other kinds of proxies.
-Hiding yourself completely would require additional steps.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 4.18. When "disabled" is Privoxy totally out of the picture?
-4.9. How do I use Privoxy together with Tor?
+ No, this just means all optional filtering and actions are disabled.
+ Privoxy is still acting as a proxy, but just doing less of the things that
+ Privoxy would normally be expected to do. It is still a "middle-man" in
+ the interaction between your browser and web sites. See below to bypass
+ the proxy.
-Before you configure Privoxy to use Tor (http://tor.eff.org/), please follow
-the User Manual chapters 2. Installation and 5. Startup to make sure Privoxy
-itself is setup correctly.
+ --------------------------------------------------------------------------
+
+ 4.19. How can I tell Privoxy to totally ignore certain sites?
+
+ Bypassing a proxy, or proxying based on arbitrary criteria, is purely a
+ browser configuration issue, not a Privoxy issue. Modern browsers
+ typically do have settings for not proxying certain sites. Check your
+ browser's help files.
-If it is, refer to Tor's extensive documentation to learn how to install Tor,
-and make sure Tor's logfile says that "Tor has successfully opened a circuit"
-and it "looks like client functionality is working".
+ --------------------------------------------------------------------------
-If either Tor or Privoxy isn't working, their combination most likely will
-neither. Testing them on their own will also help you to direct problem reports
-to the right audience. If Privoxy isn't working, don't bother the Tor
-developers. If Tor isn't working, don't send bug reports to the Privoxy Team.
+ 4.20. My logs show Privoxy "crunches" ads, but also its own internal CGI
+ pages. What is a "crunch"?
-If you verified that Privoxy and Tor are working, it is time to connect them.
-As far as Privoxy is concerned, Tor is just another proxy that can be reached
-by socks4 or socks4a. Most likely you are interested in Tor to increase your
-anonymity level, therefore you should use socks4a, to make sure Privoxy's DNS
-requests are done through Tor and thus invisible to your local network.
+ A "crunch" simply means Privoxy intercepted something, nothing more. Often
+ this is indeed ads or banners, but Privoxy uses the same mechanism for
+ trapping requests for its own internal pages. For instance, a request for
+ Privoxy's configuration page at: http://config.privoxy.org, is intercepted
+ (i.e. it does not go out to the 'net), and the familiar CGI configuration
+ is returned to the browser, and the log consequently will show a "crunch".
-Since Privoxy 3.0.5, its configuration (section 5.2) is already prepared for
-Tor, if you are using a default Tor configuration and run it on the same system
-as Privoxy, you just have to uncomment the line:
+ Since version 3.0.7, Privoxy will also log the crunch reason. If you are
+ using an older version you might want to upgrade.
-# forward-socks4a / 127.0.0.1:9050 .
-
+ --------------------------------------------------------------------------
-This is enough to reach the Internet, but additionally you should uncomment the
-following forward rules, to make sure your local network is still reachable
-through Privoxy:
+ 4.21. Can Privoxy effect files that I download from a webserver? FTP server?
-# forward 192.168.*.*/ .
-# forward 10.*.*.*/ .
-# forward 127.*.*.*/ .
-
+ From the webserver's perspective, there is no difference between viewing a
+ document (i.e. a page), and downloading a file. The same is true of
+ Privoxy. If there is a match for a block pattern, it will still be
+ blocked, and of course this is obvious.
-Unencrypted connections to systems in these address ranges will be as (un)
-secure as the local network is, but the alternative is that you can't reach the
-network at all. If you also want to be able to reach servers in your local
-network by using their names, you will need additional exceptions that look
-like this:
-
-# forward localhost/ .
-
-
-Save the modified configuration file and open http://config.privoxy.org/
-show-status/ in your browser, confirm that Privoxy has reloaded its
-configuration and that there are no other forward lines, unless you know that
-you need them. I everything looks good, refer to Tor Faq 4.2 to learn how to
-verify that you are really using Tor.
+ Filtering is potentially more of a concern since the results are not
+ always so obvious, and the effects of filtering are there whether the file
+ is simply viewed, or downloaded. And potentially whether the content is
+ some obnoxious advertisement, or Mr. Jimmy's latest/greatest source code
+ jewel. Of course, one of these presumably is "bad" content that we don't
+ want, and the other is "good" content that we do want. Privoxy is blind to
+ the differences, and can only distinguish "good from bad" by the
+ configuration parameters we give it.
-Afterward, please take the time to at least skim through the rest of Tor's
-documentation. Make sure you understand what Tor does, why it is no replacement
-for application level security, and why you shouldn't use it for unencrypted
-logins.
+ Privoxy knows the differences in files according to the "Content Type" as
+ reported by the webserver. If this is reported accurately (e.g.
+ "application/zip" for a zip archive), then Privoxy knows to ignore these
+ where appropriate. Privoxy potentially can filter HTML as well as plain
+ text documents, subject to configuration parameters of course. Also,
+ documents that are of an unknown type (generally assumed to be
+ "text/plain") can be filtered, as will those that might be incorrectly
+ reported by the webserver. If such a file is a downloaded file that is
+ intended to be saved to disk, then any content that might have been
+ altered by filtering, will be saved too, for these (probably rare) cases.
--------------------------------------------------------------------------------
-
-4.10. Might some things break because header information or content is being
-altered?
-
-Definitely. More and more sites use HTTP header content to decide what to
-display and how to display it. There is many ways that this can be handled, so
-having hard and fast rules, is tricky.
-
-"User-Agent" in particular is often used in this way to identify the browser,
-and adjust content accordingly. Changing this now (at least not further than
-removing the OS information) is not recommended, since so many sites do look
-for it. You may get undesirable results by changing this.
-
-For instance, different browsers use different encodings of Russian and Czech
-characters, certain web servers convert pages on-the-fly according to the User
-Agent header. Giving a "User Agent" with the wrong operating system or browser
-manufacturer causes some sites in these languages to be garbled; Surfers to
-Eastern European sites should change it to something closer. And then some page
-access counters work by looking at the "Referer" header; they may fail or break
-if unavailable. The weather maps of Intellicast have been blocked by their
-server when no "Referer" or cookie is provided, is another example. (But you
-can forge both headers without giving information away). There are many other
-ways things can go wrong when trying to fool a web server.
+ Note that versions later than 3.0.2 do NOT filter document types reported
+ as "text/plain". Prior to this, Privoxy did filter this document type.
-Similar thoughts apply to modifying JavaScript, and, to a lesser degree, HTML
-elements.
+ In short, filtering is "ON" if a) the content type as reported by the
+ webserver is appropriate and b) the configuration allows it (or at least
+ does not disallow it). That's it. There is no magic cookie anywhere to say
+ this is "good" and this is "bad". It's the configuration that lets it all
+ happen or not.
-If you have problems with a site, you will have to adjust your configuration
-accordingly. Cookies are probably the most likely adjustment that may be
-required, but by no means the only one.
+ If you download text files, you probably do not want these to be filtered,
+ particularly if the content is source code, or other critical content.
+ Source code sometimes might be mistaken for Javascript (i.e. the kind that
+ might open a pop-up window). It is recommended to turn off filtering for
+ download sites (particularly if the content may be plain text files and
+ you are using version 3.0.2 or earlier) in your user.action file. And
+ also, for any site or page where making any changes at all to the content
+ is to be avoided.
--------------------------------------------------------------------------------
+ Privoxy does not do FTP at all, only HTTP and HTTPS (SSL) protocols, so
+ please don't try.
-4.11. Can Privoxy act as a "caching" proxy to speed up web browsing?
+ --------------------------------------------------------------------------
-No, it does not have this ability at all. You want something like Squid for
-this. And, yes, before you ask, Privoxy can co-exist with other kinds of
-proxies like Squid. See the forwarding chapter in the user manual for details.
+ 4.22. I just downloaded a Perl script, and Privoxy altered it! Yikes, what
+ is wrong!
--------------------------------------------------------------------------------
+ Please read above.
-4.12. What about as a firewall? Can Privoxy protect me?
+ --------------------------------------------------------------------------
-Not in the way you mean, or in the way a true firewall can. Privoxy can help
-protect your privacy, but not protect you from intrusion attempts. It is, of
-course, perfectly possible and recommended to use both.
+ 4.23. Should I continue to use a "HOSTS" file for ad-blocking?
--------------------------------------------------------------------------------
+ One time-tested technique to defeat common ads is to trick the local DNS
+ system by giving a phony IP address for the ad generator in the local
+ HOSTS file, typically using 127.0.0.1, aka localhost. This effectively
+ blocks the ad.
-4.13. I have large empty spaces / a checkerboard pattern now where ads used to
-be. Why?
+ There is no reason to use this technique in conjunction with Privoxy.
+ Privoxy does essentially the same thing, much more elegantly and with much
+ more flexibility. A large HOSTS file, in fact, not only duplicates effort,
+ but may get in the way and seriously slow down your system. It is
+ recommended to remove such entries from your HOSTS file. If you think your
+ hosts list is neglected by Privoxy's configuration, consider adding your
+ list to your user.action file:
-It would be technically possible eliminate the banners in a way that frees
-their screen estate in many cases, by doing all banner blocking with filters,
-i.e. eliminating the whole image references from the HTML pages instead of
-letting them stay in, and blocking the resulting requests for the banners
-themselves.
-
-But this would consume considerable CPU resources, would likely destroy the
-layout of many web pages which rely on the banners consuming a certain amount
-of screen space, and would fail in other cases, where the screen space is
-reserved e.g. by tables anyway. Also, making the banners disappear without a
-visual trace complicates troubleshooting.
-
-So we won't support this in the default configuration, but you can of course
-define appropriate filters yourself.
-
--------------------------------------------------------------------------------
-
-4.14. How can Privoxy filter Secure (HTTPS) URLs?
-
-Since secure HTTP connections are encrypted SSL sessions between your browser
-and the secure site, and are meant to be reliably secure, there is little that
-Privoxy can do but hand the raw gibberish data though from one end to the other
-unprocessed.
-
-The only exception to this is blocking by host patterns, as the client needs to
-tell Privoxy the name of the remote server, so that Privoxy can establish the
-connection. If that name matches a host-only pattern, the connection will be
-blocked.
-
-As far as ad blocking is concerned, this is less of a restriction than it may
-seem, since ad sources are often identifiable by the host name, and often the
-banners to be placed in an encrypted page come unencrypted nonetheless for
-efficiency reasons, which exposes them to the full power of Privoxy's ad
-blocking.
-
-"Content cookies" (those that are embedded in the actual HTML or JS page
-content, see filter{content-cookies}), in an SSL transaction will be impossible
-to block under these conditions. Fortunately, this does not seem to be a very
-common scenario since most cookies come by traditional means.
-
--------------------------------------------------------------------------------
+ { +block }
+ www.ad.example1.com
+ ad.example2.com
+ ads.galore.example.com
+ etc.example.com
-4.15. Privoxy runs as a "server". How secure is it? Do I need to take any
-special precautions?
+ --------------------------------------------------------------------------
-There are no known exploits that might affect Privoxy. On Unix-like systems,
-Privoxy can run as a non-privileged user, which is how we recommend it be run.
-Also, by default Privoxy only listens to requests from "localhost" only. The
-server aspect of Privoxy is not itself directly exposed to the Internet in this
-configuration. If you want to have Privoxy serve as a LAN proxy, this will have
-to be opened up to allow for LAN requests. In this case, we'd recommend you
-specify only the LAN gateway address, e.g. 192.168.1.1, in the main Privoxy
-configuration file and check all access control and security options. All LAN
-hosts can then use this as their proxy address in the browser proxy
-configuration, but Privoxy will not listen on any external interfaces. ACLs can
-be defined in addition, and using a firewall is always good too. Better safe
-than sorry.
-
--------------------------------------------------------------------------------
-
-4.16. How can I temporarily disable Privoxy?
-
-The easiest way is to access Privoxy with your browser by using the remote
-toggle URL: http://config.privoxy.org/toggle. See the Bookmarklets section of
-the User Manual for an easy way to access this feature.
+ 4.24. Where can I find more information about Privoxy and related issues?
--------------------------------------------------------------------------------
+ Other references and sites of interest to Privoxy users:
-4.17. When "disabled" is Privoxy totally out of the picture?
+ http://www.privoxy.org/, the Privoxy Home page.
-No, this just means all filtering and actions are disabled. Privoxy is still
-acting as a proxy, but just not doing any of the things that Privoxy would
-normally be expected to do. It is still a "middle-man" in the interaction
-between your browser and web sites.
+ http://www.privoxy.org/faq/, the Privoxy FAQ.
--------------------------------------------------------------------------------
+ http://sourceforge.net/projects/ijbswa/, the Project Page for Privoxy on
+ SourceForge.
-4.18. My logs show Privoxy "crunches" ads, but also its own internal CGI pages.
-What is a "crunch"?
+ http://config.privoxy.org/, the web-based user interface. Privoxy must be
+ running for this to work. Shortcut: http://p.p/
-A "crunch" simply means Privoxy intercepted something, nothing more. Often this
-is indeed ads or banners, but Privoxy uses the same mechanism for trapping
-requests for its own internal pages. For instance, a request for Privoxy's
-configuration page at: http://config.privoxy.org, is intercepted (i.e. it does
-not go out to the 'net), and the familiar CGI configuration is returned to the
-browser, and the log consequently will show a "crunch".
+ http://sourceforge.net/tracker/?group_id=11118&atid=460288, to submit
+ "misses" and other configuration related suggestions to the developers.
--------------------------------------------------------------------------------
+ http://www.junkbusters.com/ht/en/cookies.html, an explanation how cookies
+ are used to track web users.
-4.19. Can Privoxy effect files that I download from a webserver? FTP server?
+ http://www.junkbusters.com/ijb.html, the original Internet Junkbuster.
-From the webserver's perspective, there is no difference between viewing a
-document (i.e. a page), and downloading a file. The same is true of Privoxy. If
-there is a match for a block pattern, it will still be blocked, and of course
-this is obvious.
+ http://privacy.net/, a useful site to check what information about you is
+ leaked while you browse the web.
-Filtering is potentially more of a concern since the results are not always so
-obvious, and the effects of filtering are there whether the file is simply
-viewed, or downloaded. And potentially whether the content is some obnoxious
-advertisement, or Mr. Jimmy's latest/greatest source code jewel. Of course, one
-of these presumably is "bad" content that we don't want, and the other is
-"good" content that we do want. Privoxy is blind to the differences, and can
-only distinguish "good from bad" by the configuration parameters we give it.
+ http://www.squid-cache.org/, a popular caching proxy, which is often used
+ together with Privoxy.
-Privoxy knows the differences in files according to the "Document Type" as
-reported by the webserver. If this is reported accurately (e.g. "application/
-zip" for a zip archive), then Privoxy knows to ignore these where appropriate.
-Privoxy potentially can filter HTML as well as plain text documents, subject to
-configuration parameters of course. Also, documents that are of an unknown type
-(generally assumed to be "text/plain") can be filtered, as will those that
-might be incorrectly reported by the webserver. If such a file is a downloaded
-file that is intended to be saved to disk, then any content that might have
-been altered by filtering, will be saved too, for these (probably rare) cases.
+ http://www.pps.jussieu.fr/~jch/software/polipo/, Polipo is a caching proxy
+ with advanced features like pipelining, multiplexing and caching of
+ partial instances. In many setups it can be used as Squid replacement.
-Note that versions later than 3.0.2 do NOT filter document types reported as
-"text/plain". Prior to this, Privoxy did filter this document type.
+ http://tor.eff.org/, Tor can help anonymize web browsing, web publishing,
+ instant messaging, IRC, SSH, and other applications.
-In short, filtering is "ON" if a) the Document Type as reported by the
-webserver is appropriate and b) the configuration allows it (or at least does
-not disallow it). That's it. There is no magic cookie anywhere to say this is
-"good" and this is "bad". It's the configuration that let's it all happen or
-not.
+ http://www.privoxy.org/developer-manual/, the Privoxy developer manual.
-If you download text files, you probably do not want these to be filtered,
-particularly if the content is source code, or other critical content. Source
-code sometimes might be mistaken for Javascript (i.e. the kind that might open
-a pop-up window). It is recommended to turn off filtering for download sites
-(particularly if the content may be plain text files and you are using version
-3.0.2 or earlier) in your user.action file. And also, for any site or page
-where making any changes at all to the content is to be avoided.
+ --------------------------------------------------------------------------
-Privoxy does not do FTP at all, only HTTP and HTTPS (SSL) protocols, so please
-don't try.
+ 4.25. I've noticed that Privoxy changes "Microsoft" to "MicroSuck"! Why are
+ you manipulating my browsing?
--------------------------------------------------------------------------------
+ We're not. The text substitutions that you are seeing are disabled in the
+ default configuration as shipped. You have either manually activated the
+ "fun" filter which is clearly labeled "Text replacements for subversive
+ browsing fun!" or you are using an older Privoxy version and have
+ implicitly activated it by choosing the "Adventuresome" profile in the
+ web-based editor. Please upgrade.
-4.20. I just downloaded a Perl script, and Privoxy altered it! Yikes, what is
-wrong!
+ --------------------------------------------------------------------------
-Please read above.
+ 4.26. Does Privoxy produce "valid" HTML (or XHTML)?
--------------------------------------------------------------------------------
+ Privoxy generates HTML in both its own "templates", and possibly whenever
+ there are text substitutions via a Privoxy filter. While this should
+ always conform to the HTML 4.01 specifications, it has not been validated
+ against this or any other standard.
-4.21. Should I continue to use a "HOSTS" file for ad-blocking?
+ --------------------------------------------------------------------------
-One time-tested technique to defeat common ads is to trick the local DNS system
-by giving a phony IP address for the ad generator in the local HOSTS file,
-typically using 127.0.0.1, aka localhost. This effectively blocks the ad.
+5. Troubleshooting
-There is no reason to use this technique in conjunction with Privoxy. Privoxy
-does essentially the same thing, much more elegantly and with much more
-flexibility. A large HOSTS file, in fact, not only duplicates effort, but may
-get in the way. It is recommended to remove such entries from your HOSTS file.
-If you think your hosts list is neglected by Privoxy's configuration, consider
-adding your list to your user.action file:
+ 5.1. I cannot connect to any websites. Or, I am getting "connection refused"
+ message with every web page. Why?
+
+ There are several possibilities:
+
+ * Privoxy is not running. Solution: verify that Privoxy is installed
+ correctly, has not crashed, and is indeed running. Turn on Privoxy's
+ logging, and look at the logs to see what they say.
+
+ * Or your browser is configured for a different port than what Privoxy
+ is using. Solution: verify that Privoxy and your browser are set to
+ the same port (listen-address).
+
+ * Or if using a forwarding rule, you have a configuration problem or a
+ problem with a host in the forwarding chain. Solution: temporarily
+ alter your configuration and take the forwarders out of the equation.
+
+ * Or you have a firewall that is interfering and blocking you. Solution:
+ try disabling or removing the firewall as a simple test.
+
+ --------------------------------------------------------------------------
+
+ 5.2. Why am I getting a 503 Error (WSAECONNREFUSED) on every page?
+
+ More than likely this is a problem with your TCP/IP networking. ZoneAlarm
+ has been reported to cause this symptom -- even if not running! The
+ solution is to either fight the ZA configuration, or uninstall ZoneAlarm,
+ and then find something better behaved in its place. Other personal
+ firewall type products may cause similar type problems if not configured
+ correctly.
+
+ --------------------------------------------------------------------------
+
+ 5.3. I just added a new rule, but the steenkin ad is still getting through.
+ How?
+
+ If the ad had been displayed before you added its URL, it will probably be
+ held in the browser's cache for some time, so it will be displayed without
+ the need for any request to the server, and Privoxy will not be involved.
+ Flush the browser's caches, and then try again.
+
+ If this doesn't help, you probably have an error in the rule you applied.
+ Try pasting the full URL of the offending ad into
+ http://config.privoxy.org/show-url-info and see if it really matches your
+ new rule. Blocking ads is like blocking spam: a lot of tinkering is
+ required to stay ahead of the game. And remember you need to block the URL
+ of the ad in question, which may be entirely different from the site URL
+ itself. Most ads are hosted on different servers than the main site
+ itself. If you right-click on the ad, you should be able to get all the
+ relevant information you need. Alternately, you can find the correct URL
+ by looking at Privoxy's logs (you may need to enable logging in the main
+ config file if its disabled).
+
+ Below is a slightly modified real-life log snippet that originates with
+ one requested URL: www.example.com (name of site was changed for this
+ example, the number of requests is real). You can see in this the
+ complexity of what goes into making up this one "page". There are eight
+ different domains involved here, with thirty two separate URLs requested
+ in all, making up all manner of images, Shockwave Flash, JavaScript, CSS
+ stylesheets, scripts, and other related content. Some of this content is
+ obviously "good" or "bad", but not all. Many of the more questionable
+ looking requests, are going to outside domains that seem to be identifying
+ themselves with suspicious looking names, making our job a little easier.
+ Privoxy has "crunched" (meaning caught and BLOCKED) quite a few items in
+ this example, but perhaps missed a few as well.
+
+Request: www.example.com/
+Request: www.example.com/favicon.ico
+Request: img.example.com/main.css
+Request: img.example.com/sr.js
+Request: example.betamarker.com/example.html
+Request: www.lik-sang.com/Banners/bestsellers/skyscraper.php?likref=BSellers
+Request: img.example.com/pb.png
+Request: www.google-analytics.com/urchin.js crunch! (Blocked)
+Request: www.advertising-department.com/ats/switch.ps.php?26856 crunch! (Blocked)
+Request: img.example.com/p.gif
+Request: www.popuptraffic.com/assign.php?l=example&mode=behind crunch! (Blocked)
+Request: www.popuptraffic.com/scripts/popup.php?hid=5c3cf&tmpl=PBa.tmpl crunch! (Blocked)
+Request: www.popuptraffic.com/assign.php?l=example crunch! (Blocked)
+Request: www.lik-sang.com/Banners/best_sellers/best_sellers.css
+Request: www.adtrak.net/adx.js crunch! (Blocked)
+Request: img.example.com/hbg.gif
+Request: img.example.com/example.jpg
+Request: img.example.com/mt.png
+Request: img.example.com/mm.png
+Request: img.example.com/mb.png
+Request: www.popuptraffic.com/scripts/popup.php?hid=a71b91fa5&tmpl=Ua.tmp crunch! (Blocked)
+Request: www.example.com/tracker.js
+Request: www.lik-sang.com/Banners/best_sellers/lsi_head.gif
+Request: www.adtrak.net/adjs.php?n=020548130&what=zone:61 crunch! (Blocked)
+Request: www.adtrak.net/adjs.php?n=463594413&what=zone:58&source=Ua crunch! (Blocked)
+Request: www.lik-sang.com/Banners/best_sellers/bottomani.swf
+Request: mmm.elitemediagroup.net/install.php?allowpop=no&popupmincook=0&allowsp2=1 crunch! (Blocked)
+Request: www.example.com/tracker.js?screen=1400x1050&win=962x693
+Request: www.adtrak.net/adlog.php?bannerid=1309&clientid=439&zoneid=61 crunch! (Blocked)
+Request: 66.70.21.80/scripts/click.php?hid=5c3cf599a9efd0320d26&si
+Request: 66.70.21.80/img/pixel.gif
+Request: www.adtrak.net/adlog.php?bannerid=1309&clientid=439&zoneid=58&source=Ua&block=86400 crunch! (Blocked)
+Request: 66.70.21.80/scripts/click.php?hid=a71b9f6504b0c5681fa5&si=Ua
+
+ Despite 12 out of 32 requests being blocked, the page looked, and seemed
+ to behave perfectly "normal" (minus some ads, of course).
+
+ --------------------------------------------------------------------------
+
+ 5.4. One of my favorite sites does not work with Privoxy. What can I do?
+
+ First verify that it is indeed a Privoxy problem, by toggling off Privoxy
+ through http://config.privoxy.org/toggle (the toggle feature may need to
+ be enabled in the main config), and then shift-reloading the problem page
+ (i.e. holding down the shift key while clicking reload. Alternatively,
+ flush your browser's disk and memory caches).
+
+ If the problem went away, we know we have a configuration related problem.
+ Now go to http://config.privoxy.org/show-url-info and paste the full URL
+ of the page in question into the prompt. See which actions are being
+ applied to the URL, and which matches in which actions files are
+ responsible for that. It might be helpful also to look at your logs for
+ this site too, to see what else might be happening (note: logging may need
+ to be enabled in the main config file). Many sites are complex and require
+ a number of related pages to help present their content. Look at what else
+ might be used by the page in question, and what of that might be required.
+ Now, armed with this information, go to
+ http://config.privoxy.org/show-status and select the appropriate actions
+ files for editing.
+
+ You can now either look for a section which disables the actions that you
+ suspect to cause the problem and add a pattern for your site there, or
+ make up a completely new section for your site. In any case, the
+ recommended way is to disable only the prime suspect, reload the problem
+ page, and only if the problem persists, disable more and more actions
+ until you have identified the culprit. You may or may not want to turn the
+ other actions on again. Remember to flush your browser's caches in between
+ any such changes!
+
+ Alternately, if you are comfortable with a text editor, you can accomplish
+ the same thing by editing the appropriate actions file. Probably the
+ easiest way to deal with such problems when editing by hand is to add your
+ site to a { fragile } section in user.action, which is an alias that turns
+ off most "dangerous" actions, but is also likely to turn off more actions
+ then needed, and thus lower your privacy and protection more than
+ necessary,
+
+ Troubleshooting actions is discussed in more detail in the User Manual
+ appendix, Troubleshooting: the Anatomy of an Action. There is also an
+ actions tutorial with general configuration information and examples.
+
+ As a last resort, you can always see if your browser has a setting that
+ will bypass the proxy setting for selective sites. Modern browsers can do
+ this.
+
+ --------------------------------------------------------------------------
+
+ 5.5. After installing Privoxy, I have to log in every time I start IE. What
+ gives?
+
+ This is a quirk that effects the installation of Privoxy, in conjunction
+ with Internet Explorer and Internet Connection Sharing on Windows 2000 and
+ Windows XP. The symptoms may appear to be corrupted or invalid DUN
+ settings, or passwords.
+
+ When setting up an NT based Windows system with Privoxy you may find that
+ things do not seem to be doing what you expect. When you set your system
+ up you will probably have set up Internet Connection Sharing (ICS) with
+ Dial up Networking (DUN) when logged in with administrator privileges. You
+ will probably have made this DUN connection available to other accounts
+ that you may have set-up on your system. E.g. Mum or Dad sets up the
+ system and makes accounts suitably configured for the kids.
+
+ When setting up Privoxy in this environment you will have to alter the
+ proxy set-up of Internet Explorer (IE) for the specific DUN connection on
+ which you wish to use Privoxy. When you do this the ICS DUN set-up becomes
+ user specific. In this instance you will see no difference if you change
+ the DUN connection under the account used to set-up the connection.
+ However when you do this from another user you will notice that the DUN
+ connection changes to make available to "Me only". You will also find that
+ you have to store the password under each different user!
+
+ The reason for this is that each user's set-up for IE is user specific.
+ Each set-up DUN connection and each LAN connection in IE store the
+ settings for each user individually. As such this enforces individual
+ configurations rather than common ones. Hence the first time you use a DUN
+ connection after re-booting your system it may not perform as you expect,
+ and prompt you for the password. Just set and save the password again and
+ all should be OK.
+
+ [Thanks to Ray Griffith for this submission.]
+
+ --------------------------------------------------------------------------
+
+ 5.6. I cannot connect to any FTP sites. Privoxy is blocking me.
+
+ Privoxy cannot act as a proxy for FTP traffic, so do not configure your
+ browser to use Privoxy as an FTP proxy. The same is true for any protocol
+ other than HTTP or HTTPS (SSL).
+
+ Most browsers understand FTP as well as HTTP. If you connect to a site,
+ with a URL like ftp://ftp.example.com, your browser is making an FTP
+ connection, and not a HTTP connection. So while your browser may speak
+ FTP, Privoxy does not, and cannot proxy such traffic.
+
+ To complicate matters, some systems may have a generic "proxy" setting,
+ which will enable various protocols, including both HTTP and FTP proxying!
+ So it is possible to accidentally enable FTP proxying in these cases. And
+ of course, if this happens, Privoxy will indeed cause problems since it
+ does not know FTP. Newer version will give a sane error message if a FTP
+ connection is attempted. Just disable the FTP setting and all will be well
+ again.
+
+ Will Privoxy ever proxy FTP traffic? Unlikely. There just is not much
+ reason, and the work to make this happen is more than it may seem.
+
+ --------------------------------------------------------------------------
+
+ 5.7. In Mac OSX, I can't configure Microsoft Internet Explorer to use
+ Privoxy as the HTTP proxy.
+
+ Microsoft Internet Explorer (in versions like 5.1) respects system-wide
+ network settings. In order to change the HTTP proxy, open System
+ Preferences, and click on the Network icon. In the settings pane that
+ comes up, click on the Proxies tab. Ensure the "Web Proxy (HTTP)" checkbox
+ is checked and enter 127.0.0.1 in the entry field. Enter 8118 in the Port
+ field. The next time you start IE, it should reflect these values.
+
+ --------------------------------------------------------------------------
+
+ 5.8. In Mac OSX, I dragged the Privoxy folder to the trash in order to
+ uninstall it. Now the finder tells me I don't have sufficient privileges to
+ empty the trash.
+
+ Just dragging the Privoxy folder to the trash is not enough to delete it.
+ Privoxy supplies an uninstall.command file that takes care of these
+ details. Open the trash, drag the uninstall.command file out of the trash
+ and double-click on it. You will be prompted for confirmation and the
+ administration password.
+
+ The trash may still appear full after this command; emptying the trash
+ from the desktop should make it appear empty again.
- { +block }
- www.ad.example1.com
- ad.example2.com
- ads.galore.example.com
- etc.example.com
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 5.9. In Mac OSX Panther (10.3), images often fail to load and/or I
+ experience random delays in page loading. I'm using localhost as my
+ browser's proxy setting.
-4.22. Where can I find more information about Privoxy and related issues?
+ We believe this is due to an IPv6-related bug in OSX, but don't fully
+ understand the issue yet. In any case, changing the proxy setting to
+ 127.0.0.1 instead of localhost works around the problem.
-Other references and sites of interest to Privoxy users:
+ --------------------------------------------------------------------------
-http://www.privoxy.org/, the Privoxy Home page.
+ 5.10. I get a completely blank page at one site. "View Source" shows only:
+ <html><body></body></html>. Without Privoxy the page loads fine.
+
+ Chances are that the site suffers from a bug in PHP, which results in
+ empty pages being sent if the client explicitly requests an uncompressed
+ page, like Privoxy does. This bug has been fixed in PHP 4.2.3.
+
+ To find out if this is in fact the source of the problem, try adding the
+ site to a -prevent-compression section in user.action:
-http://www.privoxy.org/faq/, the Privoxy FAQ.
+ # Make exceptions for ill-behaved sites:
+ #
+ {-prevent-compression}
+ .example.com
-http://sourceforge.net/projects/ijbswa/, the Project Page for Privoxy on
-SourceForge.
+ If that works, you may also want to report the problem to the site's
+ webmasters, telling them to use zlib.output_compression instead of
+ ob_gzhandler in their PHP applications (workaround) or upgrade to PHP
+ 4.2.3 or later (fix).
-http://config.privoxy.org/, the web-based user interface. Privoxy must be
-running for this to work. Shortcut: http://p.p/
+ --------------------------------------------------------------------------
-http://sourceforge.net/tracker/?group_id=11118&atid=460288, to submit "misses"
-and other configuration related suggestions to the developers.
+ 5.11. My logs show many "Unable to get my own hostname" lines. Why?
-http://www.junkbusters.com/ht/en/cookies.html, an explanation how cookies are
-used to track web users.
+ Privoxy tries to get the hostname of the system its running on from the IP
+ address of the system interface it is bound to (from the config file
+ listen-address setting). If the system cannot supply this information,
+ Privoxy logs this condition.
-http://www.junkbusters.com/ijb.html, the original Internet Junkbuster.
+ Typically, this would be considered a minor system configuration error. It
+ is not a fatal error to Privoxy however, but may result in a much slower
+ response from Privoxy on some platforms due to DNS timeouts.
-http://privacy.net/, a useful site to check what information about you is
-leaked while you browse the web.
+ This can be caused by a problem with the local HOSTS file. If this file
+ has been changed from the original, try reverting it to see if that helps.
+ Make sure whatever name(s) are used for the local system, that they
+ resolve both ways.
-http://www.squid-cache.org/, a very popular caching proxy, which is often used
-together with Privoxy.
+ --------------------------------------------------------------------------
-http://tor.eff.org/, Tor can help anonymize web browsing, web publishing,
-instant messaging, IRC, SSH, and other applications.
+ 5.12. When I try to launch Privoxy, I get an error message "port 8118 is
+ already in use" (or similar wording). Why?
-http://www.privoxy.org/developer-manual/, the Privoxy developer manual.
+ Port 8118 is Privoxy's default TCP "listening" port. Typically this
+ message would mean that there is already one instance of Privoxy running,
+ and your system is actually trying to start a second Privoxy on the same
+ port, which will not work. (You can have multiple instances but they must
+ be assigned different ports.) How and why this might happen varies from
+ platform to platform, but you need to check your installation and start-up
+ procedures.
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
-4.23. I've noticed that Privoxy changes "Microsoft" to "MicroSuck"! Why are you
-manipulating my browsing?
+ 5.13. Pages with UTF-8 fonts are garbled.
-We're not. The text substitutions that you are seeing are disabled in the
-default configuration as shipped. You have either manually activated the "fun"
-filter which is clearly labeled "Text replacements for subversive browsing fun!
-" or you are using an older Privoxy version and have implicitly activated it by
-choosing the "Adventuresome" profile in the web-based editor. Please upgrade!
+ This is caused by the "demoronizer" filter. You should either upgrade
+ Privoxy, or at least upgrade to the most recent default.action file
+ available from SourceForge. Or you can simply disable the demoronizer
+ filter.
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
-5. Troubleshooting
+ 5.14. Why are binary files (such as images) corrupted when Privoxy is used?
-5.1. I am getting "connection refused" with every web page?
-
-Either Privoxy is not running, or your browser is configured for a different
-port than what Privoxy is using, or, if using a forwarding rule, you have a
-configuration problem or a problem with a host in the forwarding chain.
-
-You should verify that Privoxy is indeed running and that the correct port is
-set, and matches what your browser is set to. See listen-address option in
-Privoxy's main configuration file. If using any forwarding rules, disable those
-to make sure the problem is not with a forwarder.
-
--------------------------------------------------------------------------------
-
-5.2. I just added a new rule, but the steenkin ad is still getting through.
-How?
-
-If the ad had been displayed before you added its URL, it will probably be held
-in the browser's cache for some time, so it will be displayed without the need
-for any request to the server, and Privoxy will not be in the picture. The best
-thing to do is try flushing the browser's caches. And then try again.
-
-If this doesn't help, you probably have an error in the rule you applied. Try
-pasting the full URL of the offending ad into http://config.privoxy.org/
-show-url-info and see if it really matches your new rule. Blocking ads is like
-blocking spam: a lot of tinkering is required to stay ahead of the game.
-
--------------------------------------------------------------------------------
-
-5.3. One of my favorite sites does not work with Privoxy. What can I do?
-
-First verify that it is indeed a Privoxy problem, by toggling off Privoxy
-through http://config.privoxy.org/toggle, and then shift-reloading the problem
-page (i.e. holding down the shift key while clicking reload. Alternatively,
-flush your browser's disk and memory caches).
-
-If still a problem, go to http://config.privoxy.org/show-url-info and paste the
-full URL of the page in question into the prompt. See which actions are being
-applied to the URL, and which matches in which actions files are responsible
-for that. Now, armed with this information, go to http://config.privoxy.org/
-show-status and select the appropriate actions files for editing.
-
-You can now either look for a section which disables the actions that you
-suspect to cause the problem and add a pattern for your site there, or make up
-a completely new section for your site. In any case, the recommended way is to
-disable only the prime suspect, reload the problem page, and only if the
-problem persists, disable more and more actions until you have identified the
-culprit. You may or may not want to turn the other actions on again. Remember
-to flush your browser's caches in between any such changes!
-
-Alternately, if you are comfortable with a text editor, you can accomplish the
-same thing by editing the appropriate actions file. Probably the easiest way to
-deal with such problems when editing by hand is to add your site to a { fragile
-} section in user.action, which is an alias that turns off most "dangerous"
-actions, but is also likely to turn off more actions then needed, and thus
-lower your privacy and protection more than necessary,
-
-Troubleshooting actions is discussed in more detail in the User Manual
-appendix, Troubleshooting: the Anatomy of an Action. There is also an actions
-tutorial with general configuration information and examples.
-
--------------------------------------------------------------------------------
+ This may also be caused by the "demoronizer" filter, in conjunction with a
+ web server that is misreporting the content type. Binary files are
+ exempted from Privoxy's filtering (unless the web server by mistake says
+ the file is something else). Either upgrade Privoxy, or go to the most
+ recent default.action file available from SourceForge.
-5.4. After installing Privoxy, I have to log in every time I start IE. What
-gives?
+ --------------------------------------------------------------------------
-This is a quirk that effects the installation of Privoxy, in conjunction with
-Internet Explorer and Internet Connection Sharing on Windows 2000 and Windows
-XP. The symptoms may appear to be corrupted or invalid DUN settings, or
-passwords.
+ 5.15. What is the "demoronizer" and why is it there?
-When setting up an NT based Windows system with Privoxy you may find that
-things do not seem to be doing what you expect. When you set your system up you
-will probably have set up Internet Connection Sharing (ICS) with Dial up
-Networking (DUN) when logged in with administrator privileges. You will
-probably have made this DUN connection available to other accounts that you may
-have set-up on your system. E.g. Mum or Dad sets up the system and makes
-accounts suitably configured for the kids.
+ The original demoronizer was a Perl script that cleaned up HTML pages
+ which were created with certain Microsoft products. MS has used
+ proprietary extensions to standardized font encodings (ISO 8859-1), which
+ has caused problems for pages that are viewed with non-Microsoft products
+ (and are expecting to see a standard set of fonts). The demoronizer
+ corrected these errors so the pages displayed correctly. Privoxy borrowed
+ from this script, introducing a filter based on the original demoronizer,
+ which in turn could correct these errors on the fly.
-When setting up Privoxy in this environment you will have to alter the proxy
-set-up of Internet Explorer (IE) for the specific DUN connection on which you
-wish to use Privoxy. When you do this the ICS DUN set-up becomes user specific.
-In this instance you will see no difference if you change the DUN connection
-under the account used to set-up the connection. However when you do this from
-another user you will notice that the DUN connection changes to make available
-to "Me only". You will also find that you have to store the password under each
-different user!
+ But this is only needed in some situations, and will cause serious
+ problems in some other situations.
-The reason for this is that each user's set-up for IE is user specific. Each
-set-up DUN connection and each LAN connection in IE store the settings for each
-user individually. As such this enforces individual configurations rather than
-common ones. Hence the first time you use a DUN connection after re-booting
-your system it may not perform as you expect, and prompt you for the password.
-Just set and save the password again and all should be OK.
+ If you are using Microsoft products, you do not need it. If you need to
+ view pages with UTF-8 characters (such as Cyrillic or Chinese), then it
+ will cause corruption of the fonts, and thus should not be on.
-[Thanks to Ray Griffith for this submission.]
+ On the other hand, if you use non-Microsoft products, and you occasionally
+ notice weird characters on pages, you might want to try it.
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
-5.5. I cannot connect to any FTP sites. Privoxy is blocking me.
+ 5.16. Why do I keep seeing "PrivoxyWindowOpen()" in raw source code?
-Privoxy cannot act as a proxy for FTP traffic, so do not configure your browser
-to use Privoxy as an FTP proxy. The same is true for any protocol other than
-HTTP or HTTPS (SSL).
+ Privoxy is attempting to disable malicious Javascript in this case, with
+ the unsolicited-popups filter. Privoxy cannot tell very well "good" code
+ snippets from "bad" code snippets.
-Most browsers understand FTP as well as HTTP. If you connect to a site, with a
-URL like ftp://ftp.example.com, your browser is making an FTP connection, and
-not a HTTP connection. So while your browser may speak FTP, Privoxy does not,
-and cannot proxy such traffic.
+ If you see this in HTML source, and the page displays without problems,
+ then this is good, and likely some pop-up window was disabled. If you see
+ this where it is causing a problem, such as a downloaded program source
+ code file, then you should set an exception for this site or page such
+ that the integrity of the page stays in tact by disabling all filtering.
-To complicate matters, some systems may have a generic "proxy" setting, which
-will silently enable various protocols, including both HTTP and FTP proxying!
-So it is possible to accidentally enable FTP proxying in these cases. And of
-course, if this happens, Privoxy will indeed cause problems since it does not
-know FTP. Newer version will give a sane error message if a FTP connection is
-attempted. Just disable the FTP setting and all will be well again.
+ --------------------------------------------------------------------------
-Will Privoxy ever proxy FTP traffic? Unlikely. There just is not much reason,
-and the work to make this happen is more than it may seem.
+ 5.17. I am getting too many DNS errors like "404 No Such Domain". Why can't
+ Privoxy do this better?
--------------------------------------------------------------------------------
+ There are potentially several factors here. First of all, the DNS
+ resolution is done by the underlying operating system -- not Privoxy
+ itself. Privoxy merely initiates the process and hands it off, and then
+ later reports whatever the outcome was. And tries to give a coherent
+ message if there seems to be a problem. In some cases, this might
+ otherwise be mitigated by the browser itself which might try some
+ work-arounds and alternate approaches (e.g adding "www." to the URL).
-5.6. In Mac OSX, I can't configure Microsoft Internet Explorer to use Privoxy
-as the HTTP proxy.
+ In other cases, if Privoxy is being chained with another proxy, this could
+ complicate the issue, and cause undue delays and timeouts. In the case of
+ a "socks4a" proxy, the socks server handles all the DNS. Privoxy would
+ just be the "messenger" which is reporting whatever problem occurred
+ downstream, and not the root cause of the error.
-Microsoft Internet Explorer (in versions like 5.1) respects system-wide network
-settings. In order to change the HTTP proxy, open System Preferences, and click
-on the Network icon. In the settings pane that comes up, click on the Proxies
-tab. Ensure the "Web Proxy (HTTP)" checkbox is checked and enter 127.0.0.1 in
-the entry field. Enter 8118 in the Port field. The next time you start IE, it
-should reflect these values.
+ In any case, versions newer than 3.0.3 include various improvements to
+ help Privoxy better handle these cases.
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
-5.7. In Mac OSX, I dragged the Privoxy folder to the trash in order to
-uninstall it. Now the finder tells me I don't have sufficient privileges to
-empty the trash.
+ 5.18. At one site Privoxy just hangs, and starts taking all CPU. Why is
+ this?
-Just dragging the Privoxy folder to the trash is not enough to delete it.
-Privoxy supplies an uninstall.command file that takes care of these details.
-Open the trash, drag the uninstall.command file out of the trash and
-double-click on it. You will be prompted for confirmation and the
-administration password.
+ This is probably a manifestation of the "100% cpu" problem that occurs on
+ pages containing many (thousands upon thousands) of blank lines. The blank
+ lines are in the raw HTML source of the page, and the browser just ignores
+ them. But the pattern matching in Privoxy's page filtering mechanism is
+ trying to match against absurdly long strings and this becomes very
+ CPU-intensive, taking a long, long time to complete. Until a better
+ solution comes along, disable filtering on these pages, particularly the
+ js-annoyances and unsolicited-popups filters.
-The trash may still appear full after this command; emptying the trash from the
-desktop should make it appear empty again.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 5.19. I just installed Privoxy, and all my browsing has slowed to a crawl.
+ What gives?
-5.8. In Mac OSX Panther (10.3), images often fail to load and/or I experience
-random delays in page loading. I'm using localhost as my browser's proxy
-setting.
+ This should not happen, and for the overwhelming number of users
+ world-wide, it does not happen. I would suspect some inadvertent
+ interaction of software components such as anti-virus software, spyware
+ protectors, personal firewalls or similar components. Try disabling (or
+ uninstalling) these one at a time and see if that helps.
-We believe this is due to an IPv6-related bug in OSX, but don't fully
-understand the issue yet. In any case, changing the proxy setting to 127.0.0.1
-instead of localhost works around the problem.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 5.20. Why do my filters work on some sites but not on others?
-5.9. I get a completely blank page at one site. "View Source" shows only:
-<html><body></body></html>. Without Privoxy the page loads fine.
+ It's probably due to compression. It is a common practice for web servers
+ to send their content "compressed" in order to speed things up, and then
+ let the browser "uncompress" them. When compiled with zlib support Privoxy
+ can decompress content before filtering, otherwise you may want to enable
+ prevent-compression.
-Chances are that the site suffers from a bug in PHP, which results in empty
-pages being sent if the client explicitly requests an uncompressed page, like
-Privoxy does. This bug has been fixed in PHP 4.2.3.
+ --------------------------------------------------------------------------
-To find out if this is in fact the source of the problem, try adding the site
-to a -prevent-compression section in user.action:
+6. Contacting the developers, Bug Reporting and Feature Requests
- # Make exceptions for ill-behaved sites:
- #
- {-prevent-compression}
- .example.com
+ We value your feedback. In fact, we rely on it to improve Privoxy and its
+ configuration. However, please note the following hints, so we can provide
+ you with the best support:
-If that works, you may also want to report the problem to the site's
-webmasters, telling them to use zlib.output_compression instead of ob_gzhandler
-in their PHP applications (workaround) or upgrade to PHP 4.2.3 or later (fix).
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 6.1. Get Support
-5.10. Why am I getting a 503 Error (WSAECONNREFUSED) on every page?
+ For casual users, our support forum at SourceForge is probably best
+ suited: http://sourceforge.net/tracker/?group_id=11118&atid=211118
-More than likely this is a problem with your TCP/IP networking. ZoneAlarm has
-been reported to cause this symptom -- even if not running. The solution is to
-either fight the ZA configuration, or uninstall ZoneAlarm, and then find
-something better behaved in its place. Other personal firewall type products
-may cause similar type problems if not configured correctly.
+ All users are of course welcome to discuss their issues on the users
+ mailing list, where the developers also hang around.
--------------------------------------------------------------------------------
+ Note that the Privoxy mailing lists are moderated. Posts from unsubscribed
+ addresses have to be accepted manually by a moderator. This may cause a
+ delay of several days and if you use a subject that doesn't clearly
+ mention Privoxy or one of its features, your message may be accidentally
+ discarded as spam.
-5.11. My logs show many "Unable to get my own hostname" lines. Why?
+ If you aren't subscribed, you should therefore spend a few seconds to come
+ up with a proper subject. Additionally you should make it clear that you
+ want to get CC'd. Otherwise some responses will be directed to the mailing
+ list only, and you won't see them.
-Privoxy tries to get the hostname of the system its running on from the IP
-address of the system interface it is bound to (from the config file
-listen-address setting). If the system cannot supply this information, Privoxy
-logs this condition.
+ --------------------------------------------------------------------------
-Typically, this would be considered a minor system configuration error. It is
-not a fatal error to Privoxy however, but may result in a much slower response
-from Privoxy on some platforms due to DNS timeouts.
+ 6.2. Reporting Problems
-This can be caused by a problem with the local HOSTS file. If this file has
-been changed from the original, try reverting it to see if that helps.
+ "Problems" for our purposes, come in two forms:
--------------------------------------------------------------------------------
+ * Configuration issues, such as ads that slip through, or sites that
+ don't function properly due to one Privoxy "action" or another being
+ turned "on".
-5.12. When I try to launch Privoxy, I get an error message "port 8118 is
-already in use" (or similar wording). Why?
+ * "Bugs" in the programming code that makes up Privoxy, such as that
+ might cause a crash.
-Port 8118 is Privoxy's default TCP "listening" port. Typically this message
-would mean that there is already one instance of Privoxy running, and you are
-actually trying to start a second Privoxy on the same port, which will not
-work. (You can have multiple instances but they must be assigned different
-ports.) How and why this might happen varies from platform to platform, but you
-need to check your installation and start-up procedures.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 6.2.1. Reporting Ads or Other Configuration Problems
-5.13. Pages with UTF-8 fonts are garbled.
+ Please send feedback on ads that slipped through, innocent images that
+ were blocked, sites that don't work properly, and other configuration
+ related problem of default.action file, to
+ http://sourceforge.net/tracker/?group_id=11118&atid=460288, the Actions
+ File Tracker.
-This is caused by the "demoronizer" filter. You should either upgrade Privoxy,
-or at least upgrade to the most recent default.action file available from
-SourceForge. Or you can simply disable the demoronizer filter.
+ New, improved default.action files may occasionally be made available
+ based on your feedback. These will be announced on the ijbswa-announce
+ list and available from our the files section of our project page.
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
-5.14. Why are binary files (such as images) corrupted when Privoxy is used?
+ 6.2.2. Reporting Bugs
-This may also be caused by the "demoronizer" filter, in conjunction with a web
-server that is misreporting a file type. Binary files are exempted from
-Privoxy's filtering (unless the web server by mistake says the file is
-something else). Either upgrade Privoxy, or go to the most recent
-default.action file available from SourceForge.
+ Please report all bugs through our bug tracker:
+ http://sourceforge.net/tracker/?group_id=11118&atid=111118.
--------------------------------------------------------------------------------
+ Before doing so, please make sure that the bug has not already been
+ submitted and observe the additional hints at the top of the submit form.
+ If already submitted, please feel free to add any info to the original
+ report that might help to solve the issue.
-5.15. What is the "demoronizer" and why is it there?
+ Please try to verify that it is a Privoxy bug, and not a browser or site
+ bug or documented behaviour that just happens to be different than what
+ you expected. If unsure, try toggling off Privoxy, and see if the problem
+ persists.
-The original demoronizer was a Perl script that cleaned up HTML pages which
-were created with certain Microsoft products. MS has used proprietary
-extensions to standardized font encodings (ISO 8859-1), which has caused
-problems for pages that are viewed with non-Microsoft products (and are
-expecting to see a standard set of fonts). The demoronizer corrected these
-errors so the pages displayed correctly. Privoxy borrowed from this script,
-introducing a filter based on the original demoronizer, which in turn could
-correct these errors on the fly.
+ If you are using your own custom configuration, please try the stock
+ configs to see if the problem is configuration related. If you're having
+ problems with a feature that is disabled by default, please ask around on
+ the mailing list if others can reproduce the problem.
-But this is only needed in some situations, and will cause serious problems in
-some other situations.
+ If you aren't using the latest Privoxy version, the bug may have been
+ found and fixed in the meantime. We would appreciate if you could take the
+ time to upgrade to the latest version (or even the latest CVS snapshot)
+ and verify that your bug still exists.
-If you are using Microsoft products, you do not need it. If you need to view
-pages with UTF-8 characters (such as Cyrillic or Chinese), then it will cause
-corruption of the fonts, and thus should not be on.
+ Please be sure to provide the following information:
-On the other hand, if you use non-Microsoft products, and you occasionally
-notice wierd characters on pages, you might want to try it.
+ * The exact Privoxy version you are using (if you got the source from
+ CVS, please also provide the source code revisions as shown in
+ http://config.privoxy.org/show-version).
--------------------------------------------------------------------------------
+ * The operating system and versions you run Privoxy on, (e.g. Windows XP
+ SP2), if you are using a Unix flavor, sending the output of "uname -a"
+ should do, in case of GNU/Linux, please also name the distribution.
-5.16. Why do I keep seeing "PrivoxyWindowOpen()" in raw source code?
+ * The name, platform, and version of the browser you were using (e.g.
+ Internet Explorer v5.5 for Mac).
-Privoxy is attempting to disable malicious Javascript in this case, with the
-unsolicited-popups filter. Privoxy cannot tell very well "good" code snippets
-from "bad" code snippets.
+ * The URL where the problem occurred, or some way for us to duplicate
+ the problem (e.g. http://somesite.example.com/?somethingelse=123).
-If you see this in HTML source, and the page displays without problems, then
-this is good, and likely some pop-up window was disabled. If you see this where
-it is causing a problem, such as a downloaded program source code file, then
-you should set an exception for this site or page such that the integrity of
-the page stays in tact by disabling all filtering.
+ * Whether your version of Privoxy is one supplied by the Privoxy
+ developers via SourceForge, or if you got your copy somewhere else.
--------------------------------------------------------------------------------
+ * Whether you are using Privoxy in tandem with another proxy such as
+ Tor. If so, please temporary disable the other proxy to see if the
+ symptoms change.
-5.17. I am getting too many DNS errors like "404 No Such Domain". Why can't
-Privoxy do this better?
+ * Whether you are using a personal firewall product. If so, does Privoxy
+ work without it?
-There are potentially several factors here. First of all, the DNS resolution is
-done by the underlying operating system -- not Privoxy itself. Privoxy merely
-initiates the process and hands it off, and then later reports whatever the
-outcome was. And tries to give a coherent message if there seems to be a
-problem. In some cases, this might otherwise be mitigated by the browser itself
-which might try some work-arounds and alternate approaches (e.g adding "www."
-to the URL). In other cases, if Privoxy is being chained with another proxy,
-this could complicate the issue, and cause undue delays and timeouts. In the
-case of a "socks4a" proxy, the socks server handles all the DNS. Privoxy would
-just be the "messenger" which is reporting whatever problem occurred
-downstream, and not the root cause of the error.
+ * Any other pertinent information to help identify the problem such as
+ config or log file excerpts (yes, you should have log file entries for
+ each action taken).
-In any case, v. 3.0.5 includes various improvements to help Privoxy better
-handle these cases.
+ You don't have to tell us your actual name when filing a problem report,
+ but please use a nickname so we can differentiate between your messages
+ and the ones entered by other "anonymous" users that may respond to your
+ request if they have the same problem or already found a solution.
--------------------------------------------------------------------------------
+ Please also check the status of your request a few days after submitting
+ it, as we may request additional information. If you use a SF id, you
+ should automatically get a mail when someone responds to your request.
-5.18. At one site Privoxy just hangs, and starts taking all CPU. Why is this?
+ The appendix of the Privoxy User Manual also has helpful information on
+ understanding actions, and action debugging.
-This is probably a manifestation of the "100% cpu" problem that occurs on pages
-containing many (thousands upon thousands) of blank lines. The blank lines are
-in the raw HTML source of the page, and the browser just ignores them. But the
-pattern matching in Privoxy's page filtering mechanism is trying to match
-against absurdly long strings and this becomes very CPU-intensive, taking a
-long, long time to complete. Until a better solution comes along, disable
-filtering on these pages, particularly the js-annoyances and unsolicited-popups
-filters.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 6.3. Request New Features
-5.19. I just installed Privoxy, and all my browsing has slowed to a crawl. What
-gives?
+ You are welcome to submit ideas on new features or other proposals for
+ improvement through our feature request tracker at
+ http://sourceforge.net/tracker/?atid=361118&group_id=11118.
-This should not happen, and for the overwhelming number of users world-wide, it
-does not happen. I would suspect some inadvertent interaction of software
-components such as anti-virus software, spyware protectors, personal firewalls
-or similar components. Try disabling (or uninstalling) these one at a time and
-see if that helps.
+ --------------------------------------------------------------------------
--------------------------------------------------------------------------------
+ 6.4. Other
-6. Contacting the developers, Bug Reporting and Feature Requests
+ For any other issues, feel free to use the mailing lists. Technically
+ interested users and people who wish to contribute to the project are also
+ welcome on the developers list! You can find an overview of all
+ Privoxy-related mailing lists, including list archives, at:
+ http://sourceforge.net/mail/?group_id=11118.
-We value your feedback. In fact, we rely on it to improve Privoxy and its
-configuration. However, please note the following hints, so we can provide you
-with the best support:
-
--------------------------------------------------------------------------------
-
-6.1. Get Support
-
-For casual users, our support forum at SourceForge is probably best suited:
-http://sourceforge.net/tracker/?group_id=11118&atid=211118
-
-All users are of course welcome to discuss their issues on the users mailing
-list, where the developers also hang around.
-
--------------------------------------------------------------------------------
-
-6.2. Reporting Problems
-
-"Problems" for our purposes, come in two forms:
-
- * Configuration issues, such as ads that slip through, or sites that don't
- function properly due to one Privoxy "action" or another being turned "on".
-
- * "Bugs" in the programming code that makes up Privoxy, such as that might
- cause a crash.
-
--------------------------------------------------------------------------------
-
-6.2.1. Reporting Ads or Other Configuration Problems
-
-Please send feedback on ads that slipped through, innocent images that were
-blocked, sites that don't work properly, and other configuration related
-problem of default.action file, to http://sourceforge.net/tracker/?group_id=
-11118&atid=460288, the Actions File Tracker.
-
-New, improved default.action files may occasionally be made available based on
-your feedback. These will be announced on the ijbswa-announce list and
-available from our the files section of our project page.
-
--------------------------------------------------------------------------------
-
-6.2.2. Reporting Bugs
-
-Please report all bugs only through our bug tracker: http://sourceforge.net/
-tracker/?group_id=11118&atid=111118.
-
-Before doing so, please make sure that the bug has not already been submitted
-and observe the additional hints at the top of the submit form. If already
-submitted, please feel free to add any info to the original report that might
-help to solve the issue.
-
-Please try to verify that it is a Privoxy bug, and not a browser or site bug
-first. If unsure, try toggling off Privoxy, and see if the problem persists. If
-you are using your own custom configuration, please try the stock configs to
-see if the problem is configuration related.
-
-If not using the latest version, the bug may have been found and fixed in the
-meantime. We would appreciate if you could take the time to upgrade to the
-latest version (or even the latest CVS snapshot) and verify your bug.
-
-Please be sure to provide the following information:
-
- * The exact Privoxy version of the proxy software (if you got the source from
- CVS, please also provide the source code revisions as shown in http://
- config.privoxy.org/show-version).
-
- * The operating system and versions you run Privoxy on, (e.g. Windows XP
- SP2), if you are using some kind of Unix flavour, sending the output of
- "uname -a" should do.
-
- * The name, platform, and version of the browser you were using (e.g.
- Internet Explorer v5.5 for Mac).
-
- * The URL where the problem occurred, or some way for us to duplicate the
- problem (e.g. http://somesite.example.com/?somethingelse=123).
-
- * Whether your version of Privoxy is one supplied by the developers of
- Privoxy via SourceForge, or somewhere else.
-
- * Whether you are using Privoxy in tandem with another proxy such as Tor. If
- so, please try disabling the other proxy.
-
- * Whether you are using a personal firewall product. If so, does Privoxy work
- without it?
-
- * Any other pertinent information to help identify the problem such as config
- or log file excerpts (yes, you should have log file entries for each action
- taken).
-
- * Please provide your SF login, or email address, in case we need to contact
- you.
-
-The appendix of the Privoxy User Manual also has helpful information on
-understanding actions, and action debugging.
-
--------------------------------------------------------------------------------
-
-6.3. Request New Features
-
-You are welcome to submit ideas on new features or other proposals for
-improvement through our feature request tracker at http://sourceforge.net/
-tracker/?atid=361118&group_id=11118.
-
--------------------------------------------------------------------------------
-
-6.4. Other
-
-For any other issues, feel free to use the mailing lists. Technically
-interested users and people who wish to contribute to the project are also
-welcome on the developers list! You can find an overview of all Privoxy-related
-mailing lists, including list archives, at: http://sourceforge.net/mail/?
-group_id=11118.
-
--------------------------------------------------------------------------------
+ --------------------------------------------------------------------------
7. Privoxy Copyright, License and History
-Copyright © 2001 - 2006 by Privoxy Developers <
-ijbswa-developers@lists.sourceforge.net>
-
-Some source code is based on code Copyright © 1997 by Anonymous Coders and
-Junkbusters, Inc. and licensed under the GNU General Public License.
+ Copyright (c) 2001-2008 by Privoxy Developers
+ <ijbswa-developers@lists.sourceforge.net>
-Portions of this document are "borrowed" from the original Junkbuster (tm) FAQ,
-and modified as appropriate for Privoxy.
+ Some source code is based on code Copyright (c) 1997 by Anonymous Coders
+ and Junkbusters, Inc. and licensed under the GNU General Public License.
--------------------------------------------------------------------------------
+ Portions of this document are "borrowed" from the original Junkbuster (tm)
+ FAQ, and modified as appropriate for Privoxy.
-7.1. License
+ --------------------------------------------------------------------------
-Privoxy is free software; you can redistribute it and/or modify it under the
-terms of the GNU General Public License, version 2, as published by the Free
-Software Foundation.
+ 7.1. License
-This program is distributed in the hope that it will be useful, but WITHOUT ANY
-WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-PARTICULAR PURPOSE. See the GNU General Public License for more details, which
-is available from the Free Software Foundation, Inc, 51 Franklin Street, Fifth
-Floor, Boston, MA 02110-1301, USA
+ Privoxy is free software; you can redistribute it and/or modify it under
+ the terms of the GNU General Public License, version 2, as published by
+ the Free Software Foundation.
-You should have received a copy of the GNU General Public License along with
-this program; if not, write to the
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ for more details, which is available from the Free Software Foundation,
+ Inc, 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
- Free Software
- Foundation, Inc. 51 Franklin Street, Fifth Floor
- Boston, MA 02110-1301
- USA
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the
--------------------------------------------------------------------------------
+ Free Software
+ Foundation, Inc. 51 Franklin Street, Fifth Floor
+ Boston, MA 02110-1301
+ USA
-7.2. History
+ --------------------------------------------------------------------------
-Along time ago, there was the Internet Junkbuster, by Anonymous Coders and
-Junkbusters Corporation. This saved many users a lot of pain in the early days
-of web advertising and user tracking.
+ 7.2. History
-But the web, its protocols and standards, and with it, the techniques for
-forcing ads on users, give up autonomy over their browsing, and for tracking
-them, keeps evolving. Unfortunately, the Internet Junkbuster did not. Version
-2.0.2, published in 1998, was (and is) the last official release available from
-Junkbusters Corporation. Fortunately, it had been released under the GNU GPL,
-which allowed further development by others.
+ A long time ago, there was the Internet Junkbuster, by Anonymous Coders
+ and Junkbusters Corporation. This saved many users a lot of pain in the
+ early days of web advertising and user tracking.
-So Stefan Waldherr started maintaining an improved version of the software, to
-which eventually a number of people contributed patches. It could already
-replace banners with a transparent image, and had a first version of pop-up
-killing, but it was still very closely based on the original, with all its
-limitations, such as the lack of HTTP/1.1 support, flexible per-site
-configuration, or content modification. The last release from this effort was
-version 2.0.2-10, published in 2000.
+ But the web, its protocols and standards, and with it, the techniques for
+ forcing ads on users, give up autonomy over their browsing, and for
+ tracking them, keeps evolving. Unfortunately, the Internet Junkbuster did
+ not. Version 2.0.2, published in 1998, was (and is) the last official
+ release available from Junkbusters Corporation. Fortunately, it had been
+ released under the GNU GPL, which allowed further development by others.
-Then, some developers picked up the thread, and started turning the software
-inside out, upside down, and then reassembled it, adding many new features
-along the way.
+ So Stefan Waldherr started maintaining an improved version of the
+ software, to which eventually a number of people contributed patches. It
+ could already replace banners with a transparent image, and had a first
+ version of pop-up killing, but it was still very closely based on the
+ original, with all its limitations, such as the lack of HTTP/1.1 support,
+ flexible per-site configuration, or content modification. The last release
+ from this effort was version 2.0.2-10, published in 2000.
-The result of this is Privoxy, whose first stable version, 3.0, was released
-August, 2002.
+ Then, some developers picked up the thread, and started turning the
+ software inside out, upside down, and then reassembled it, adding many new
+ features along the way.
+ The result of this is Privoxy, whose first stable version, 3.0, was
+ released August, 2002.