-Privoxy 3.0.1 User Manual
+Privoxy 3.0.0 User Manual
Copyright © 2001, 2002 by Privoxy Developers
-$Id: user-manual.sgml,v 1.123.2.27 2003/03/18 19:37:14 oes Exp $
+$Id: user-manual.sgml,v 1.123.2.18 2002/08/22 23:47:58 hal9 Exp $
The User Manual gives users information on how to install, configure and use
Privoxy.
1. Introduction
This documentation is included with the current stable version of Privoxy,
-v.3.0.1.
+v.3.0.0.
-------------------------------------------------------------------------------
2.1.1. Red Hat, SuSE and Conectiva RPMs
-RPMs can be installed with rpm -Uvh privoxy-3.0.1-1.rpm, and will use /etc/
+RPMs can be installed with rpm -Uvh privoxy-3.0.0-1.rpm, and will use /etc/
privoxy for the location of configuration files.
Note that on Red Hat, Privoxy will not be automatically started on system boot.
that SuSE will automatically start Privoxy in the boot process.
If you have problems with failed dependencies, try rebuilding the SRC RPM: rpm
---rebuild privoxy-3.0.1-1.src.rpm. This will use your locally installed
+--rebuild privoxy-3.0.0-1.src.rpm. This will use your locally installed
libraries and RPM version.
Also note that if you have a Junkbuster RPM installed on your system, you need
2.1.2. Debian
-DEBs can be installed with dpkg -i privoxy_3.0.1-1.deb, and will use /etc/
+DEBs can be installed with dpkg -i privoxy_3.0.0-1.deb, and will use /etc/
privoxy for the location of configuration files.
-------------------------------------------------------------------------------
latest version.
Configuration files are in /etc/privoxy, the documentation is in /usr/share/doc
-/privoxy-3.0.1 and the Log directory is in /var/log/privoxy.
+/privoxy-3.0.0 and the Log directory is in /var/log/privoxy.
-------------------------------------------------------------------------------
When building from a source tarball (either release version or nightly CVS
tarball), first unpack the source:
- tar xzvf privoxy-3.0.1-src* [.tgz or .tar.gz]
- cd privoxy-3.0.1
+ tar xzvf privoxy-3.0.0-src* [.tgz or .tar.gz]
+ cd privoxy-3.0.0
For retrieving the current CVS sources, you'll need CVS installed. Note that
sources from CVS are development quality, and may not be stable, or well
This will create a directory named current/, which will contain the source
tree.
-You can also check out any Privoxy "branch", just exchange the current name
-with the wanted branch name (Example: v_3_0_branch for the 3.0 cvs tree).
-
-It is also strongly recommended to not run Privoxy as root, and instead it is
-suggested to create a "privoxy" user and group for this purpose. See your local
-documentation for the correct command line to do this.
-
-/etc/passwd might then look like:
-
- privoxy:*:7777:7777:privoxy proxy:/no/home:/no/shell
-
-And then /etc/group, like:
-
- privoxy:*:7777:
-
-Some binary packages may do this for you.
-
-Then, to build from either unpacked tarball or CVS source:
+Then, in either case, to build from unpacked tarball or CVS source:
autoheader
autoconf
make # (the make from gnu, gmake for *BSD)
su
make -n install # (to see where all the files will go)
- make -s install # (to really install, -s to silence output)
+ make install # (to really install)
+
++-----------------------------------------------------------------------------+
+| Warning |
+|-----------------------------------------------------------------------------|
+|The "make install" target is temporary quite broken! It is recommended to use|
+|a binary package, or do a source build, and manually install the components. |
+|Sorry. |
++-----------------------------------------------------------------------------+
-If you have GNU make, you can have the first four steps automatically done for
+If you have gnu make, you can have the first four steps automatically done for
you by just typing:
make
in the freshly downloaded or unpacked source directory.
-WARNING: If installing as root, the install will fail unless another user is
-specified. configure accepts --with-user and --with-group options for setting
-user and group ownership of the configuration files (which need to be writable
-by the daemon). The specified user must already exist. Or if there is already a
-privoxy user on the system, and no user was specified during configure, make
-install then will use the privoxy user. When starting Privoxy, it should be run
-as this same user that owns the configuration and log files.
-
-Alternately, you can specify user and group on the make command line, but be
-sure both already exist:
-
- make -s install USER=privoxy GROUP=privoxy
-
-If no group is specified, the install will assume a group exists with the same
-name as the specified user.
-
-The default installation path for make install is /usr/local. This may of
-course be customized with the various ./configure path options. If you are
-doing a root install to anywhere else besides /usr/local, be sure to set the
-appropriate paths with the correct configure options (./configure --help).
-
-If you do install to /usr/local, the install will use sysconfdir=$prefix/etc/
-privoxy by default. All other destinations, and the direct usage of
---sysconfdir flag behave like normal, i.e. will not add the extra privoxy
-directory. This is for a safer install, as there may already exist another
-program that uses a file with the "config" name, and thus makes /usr/local/etc
-cleaner.
-
-If installing to /usr/local, the docs will go by default to $prefix/share/doc.
-But if this directory doesn't exist, it will then try $prefix/doc and install
-there before creating a new $prefix/share/doc just for Privoxy.
-
-Again, if the installs goes to /usr/local, the localstatedir (ie: var/) will
-default to /var instead of $prefix/var so the logs will go to /var/log/privoxy
-/, and the pid file will be created in /var/run/privoxy.pid.
-
-make install will attempt to set the correct values in config (main
-configuration file). You may want to check this to make sure all values are
-correct. If appropriate, an init script will be installed, but it is up to the
-user to determine how and where to start Privoxy. The init script should be
-checked for correct paths and values, if anything other than a default install
-is done.
-
-If install finds previous versions of any configuration files, these will not
-be overwritten, and the new ones will be installed with a "new" extension. You
-will then need to manually update the installed configuration files as needed.
-All template files will be overwritten. If you have customized, local
-templates, you should save these first. If a previous version of Privoxy is
-already running, you will have to restart it manually.
-
For more detailed instructions on how to build Redhat and SuSE RPMs, Windows
self-extracting installers, building on platforms with special requirements
etc, please consult the developer manual.
* Start Privoxy, if the installation program has not done this already (may
vary according to platform). See the section Starting Privoxy.
- * Set your browser to use Privoxy as HTTP and HTTPS (SSL) proxy by setting
- the proxy configuration for address of 127.0.0.1 and port 8118. (Junkbuster
- and earlier versions of Privoxy used port 8000.) See the section Starting
+ * Set your browser to use Privoxy as HTTP and HTTPS proxy by setting the
+ proxy configuration for address of 127.0.0.1 and port 8118. (Junkbuster and
+ earlier versions of Privoxy used port 8000.) See the section Starting
Privoxy below for more details on this.
* Flush your browser's disk and memory caches, to remove any cached ad
- images. If using Privoxy to manage cookies, you should remove any currently
- stored cookies too.
+ images.
* A default installation should provide a reasonable starting point for most.
There will undoubtedly be occasions where you will want to adjust the
included the GID of GROUP. Exit if the privileges are not sufficient to do
so. Unix only.
- * --chroot
-
- Before changing to the user ID given in the --user option, chroot to that
- user's home directory, i.e. make the kernel pretend to the Privoxy process
- that the directory tree starts there. If set up carefully, this can limit
- the impact of possible vulnerabilities in Privoxy to the files contained in
- that hierarchy. Unix only.
-
* configfile
If no configfile is included on the command line, Privoxy will look for a
Notes:
+ The windows version will additionally log to the console.
+
The logfile is where all logging and error messages are written. The level
of detail and number of messages are set with the debug option (see below).
The logfile can be useful for tracking down a problem with Privoxy (e.g.,
Effect if unset:
- The entire trust mechanism is turned off.
+ The whole trust mechanism is turned off.
Notes:
should be used with care. It is NOT recommended for the casual user.
If you specify a trust file, Privoxy will only allow access to sites that
- are specified in the trustfile. Sites can be listed in one of two ways:
-
- Prepending a ~ character limits access to this site only (and any sub-paths
- within this site), e.g. ~www.example.com.
+ are named in the trustfile. You can also mark sites as trusted referrers
+ (with +), with the effect that access to untrusted sites will be granted,
+ if a link from a trusted referrer was used. The link target will then be
+ added to the "trustfile". Possible applications include limiting Internet
+ access for children.
- Or, you can designate sites as trusted referrers, by prepending the name
- with a + character. The effect is that access to untrusted sites will be
- granted -- but only if a link from this trusted referrer was used. The link
- target will then be added to the "trustfile" so that future, direct
- accesses will be granted. Sites added via this mechanism do not become
- trusted referrers themselves (i.e. they are added with a ~ designation).
-
- If you use the + operator in the trust file, it may grow considerably over
+ If you use + operator in the trust file, it may grow considerably over
time.
- It is recommended that Privoxy be compiled with the --disable-force,
- --disable-toggle and --disable-editor options, if this feature is to be
- used.
-
- Possible applications include limiting Internet access for children.
-
-------------------------------------------------------------------------------
7.2. Local Set-up Documentation
Unix, in local filesystem:
- user-manual file:///usr/share/doc/privoxy-3.0.1/user-manual/
-
- Windows, in local filesystem, must use forward slash notation:
-
- user-manual file:/c:/some-dir/privoxy-3.0.1/user-manual/
-
- Windows, UNC notation (with forward slashes):
-
- user-manual file://///some-server/some-path/privoxy-3.0.1/user-manual/
+ user-manual file:///usr/share/doc/privoxy-3.0.0/user-manual/
Any platform, on local webserver (called "local-webserver"):
- user-manual http://local-webserver/privoxy-user-manual/
+ user-manual http://local-webserver/privoxy-user-manual/
+-----------------------------------------------------------------+
| Warning |
The actions files are used to define what actions Privoxy takes for which URLs,
and thus determine how ad images, cookies and various other aspects of HTTP
content and transactions are handled, and on which sites (or even parts
-thereof). There are three such files included with Privoxy with differing
-purposes:
+thereof). There are three such files included with Privoxy (as of version
+2.9.15), with differing purposes:
* default.action - is the primary action file that sets the initial values
for all actions. It is intended to provide a base level of functionality
influence on your browsing unless you select them explicitly in the editor.
It is not recommend to edit this file.
- The default profiles, and their associated actions, as pre-defined in
- standard.action are:
-
- Table 1. Default Configurations
-
- +-------------------------------------------------------------------------+
- |Feature |Cautious |Medium |Adventuresome |
- |------------------+-----------------+-----------------+------------------|
- |Ad-blocking by URL|yes |yes |yes |
- |------------------+-----------------+-----------------+------------------|
- |Ad-filtering by |yes |yes |yes |
- |size | | | |
- |------------------+-----------------+-----------------+------------------|
- |GIF de-animation |no |yes |yes |
- |------------------+-----------------+-----------------+------------------|
- |Referer forging |no |yes |yes |
- |------------------+-----------------+-----------------+------------------|
- |Cookie handling |none |session-only |kill |
- |------------------+-----------------+-----------------+------------------|
- |Pop-up killing |unsolicited |unsolicited |all |
- |------------------+-----------------+-----------------+------------------|
- |Fast redirects |no |no |yes |
- |------------------+-----------------+-----------------+------------------|
- |HTML taming |yes |yes |yes |
- |------------------+-----------------+-----------------+------------------|
- |JavaScript taming |yes |yes |yes |
- |------------------+-----------------+-----------------+------------------|
- |Web-bug killing |yes |yes |yes |
- |------------------+-----------------+-----------------+------------------|
- |Fun text |no |no |yes |
- |replacements | | | |
- |------------------+-----------------+-----------------+------------------|
- |Image tag |no |no |yes |
- |reordering | | | |
- |------------------+-----------------+-----------------+------------------|
- |Ad-filtering by |no |no |yes |
- |link | | | |
- |------------------+-----------------+-----------------+------------------|
- |Demoronizer |no |yes |yes |
- +-------------------------------------------------------------------------+
-
The list of actions files to be used are defined in the main configuration
-file, and are processed in the order they are defined (e.g. default.action is
-typically process before user.action). The content of these can all be viewed
-and edited from http://config.privoxy.org/show-status.
+file, and are processed in the order they are defined. The content of these can
+all be viewed and edited from http://config.privoxy.org/show-status.
An actions file typically has multiple sections. If you want to use "aliases"
in an actions file, you have to place the (optional) alias section at the top
right mix of actions is not always easy and certainly a matter of personal
taste. In general, it can be said that the more "aggressive" your default
settings (in the top section of the actions file) are, the more exceptions for
-"trusted" sites you will have to make later. If, for example, you want to
-crunch all cookies per default, you'll have to make exceptions from that rule
-for sites that you regularly use and that require cookies for actually useful
-puposes, like maybe your bank, favorite shop, or newspaper.
+"trusted" sites you will have to make later. If, for example, you want to kill
+popup windows per default, you'll have to make exceptions from that rule for
+sites that you regularly use and that require popups for actually useful
+content, like maybe your bank, favorite shop, or newspaper.
We have tried to provide you with reasonable rules to start from in the
distribution actions files. But there is no general rule of thumb on these
browser-based editor, which can be reached from http://config.privoxy.org/
show-status. The editor allows both fine-grained control over every single
feature on a per-URL basis, and easy choosing from wholesale sets of defaults
-like "Cautious", "Medium" or "Adventuresome". Warning: the "Adventuresome"
-setting is not only more aggressive, but includes settings that are fun and
-subversive, and which some may find of dubious merit!
+like "Cautious", "Medium" or "Advanced".
If you prefer plain text editing to GUIs, you can of course also directly edit
the the actions files. Look at default.action which is richly commented.
8.4. Patterns
-As mentioned, Privoxy uses "patterns" to determine what actions might apply to
-which sites and pages your browser attempts to access. These "patterns" use
-wild card type pattern matching to achieve a high degree of flexibility. This
-allows one expression to be expanded and potentially match against many similar
-patterns.
-
-Generally, a Privoxy pattern has the form <domain>/<path>, where both the
-<domain> and <path> are optional. (This is why the special / pattern matches
-all URLs). Note that the protocol portion of the URL pattern (e.g. http://)
-should not be included in the pattern. This is assumed already!
+Generally, a pattern has the form <domain>/<path>, where both the <domain> and
+<path> are optional. (This is why the pattern / matches all URLs).
www.example.com/
It makes no sense at all to use this action in conjunction with the
session-cookies-only action, since it would prevent the session cookies
- from being set. See also filter-content-cookies.
+ from being set.
Example usage:
The amount of data that can be filtered is limited to the buffer-limit
option in the main config file. The default is 4096 KB (4 Megs). Once this
limit is exceeded, the buffered data, and all pending data, is passed
- through unfiltered.
-
- Inappropriate MIME types, such as zipped files, are not filtered at all.
- Encrypted SSL data (from HTTPS servers) cannot be filtered either since
- this would violate the integrity of the secure transaction.
+ through unfiltered. Inappropriate MIME types are not filtered.
At this time, Privoxy cannot (yet!) uncompress compressed documents. If you
want filtering to work on all documents, even those that would normally be
Example usage (with filters from the distribution default.filter file):
- +filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse
+ +filter{html-annoyances} # Get rid of particularly annoying HTML abuse.
- +filter{js-events} # Kill all JS event bindings (Radically destructive! Only for extra nasty sites)
-
- +filter{html-annoyances} # Get rid of particularly annoying HTML abuse
-
- +filter{content-cookies} # Kill cookies that come in the HTML or JS content
-
- +filter{refresh-tags} # Kill automatic refresh tags (for dial-on-demand setups)
+ +filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse
- +filter{unsolicited-popups} # Disable only unsolicited pop-up windows
+ +filter{banners-by-size} # Kill banners based on their size for this page (very efficient!)
- +filter{all-popups} # Kill all popups in JavaScript and HTML
+ +filter{banners-by-link} # Kill banners based on the link they are contained in (experimental)
+filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective
- +filter{banners-by-size} # Kill banners by size
+ +filter{content-cookies} # Kill cookies that come sneaking in the HTML or JS content
- +filter{banners-by-link} # Kill banners by their links to known clicktrackers
+ +filter{popups} # Kill all popups in JS and HTML
+filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking)
- +filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap
+ +filter{fun} # Text replacements for subversive browsing fun!
- +filter{jumping-windows} # Prevent windows from resizing and moving themselves
+ +filter{frameset-borders} # Give frames a border and make them resizeable
- +filter{frameset-borders} # Give frames a border and make them resizable
+ +filter{refresh-tags} # Kill automatic refresh tags (for dial-on-demand setups)
- +filter{demoronizer} # Fix MS's non-standard use of standard charsets
+ +filter{nimda} # Remove Nimda (virus) code.
+filter{shockwave-flash} # Kill embedded Shockwave Flash objects
- +filter{quicktime-kioskmode} # Make Quicktime movies saveable
-
- +filter{fun} # Text replacements for subversive browsing fun!
+ +filter{crude-parental} # Kill all web pages that contain the words "sex" or "warez"
- +filter{crude-parental} # Crude parental filtering (demo only)
-
- +filter{ie-exploits} # Disable some known Internet Explorer bug exploits
+ +filter{js-events} # Kill all JS event bindings (Radically destructive! Only for extra nasty sites)
-------------------------------------------------------------------------------
Typical use:
- Eliminate those annoying pop-up windows (deprecated)
+ Eliminate those annoying pop-up windows
Effect:
Notes:
- This action is basically a built-in, hardwired special-purpose filter
- action, but there are important differences: For kill-popups, the document
- need not be buffered, so it can be incrementally rendered while
- downloading. But kill-popups doesn't catch as many pop-ups as filter
- {all-popups} does and is not as smart as filter{unsolicited-popups} is.
+ This action is easily confused with the built-in, hardwired filter action,
+ but there are important differences: For kill-popups, the document need not
+ be buffered, so it can be incrementally rendered while downloading. But
+ kill-popups doesn't catch as many pop-ups as filter{popups} does.
Think of it as a fast and efficient replacement for a filter that you can
use if you don't want any filtering at all. Note that it doesn't make sense
the whole document needs to be buffered anyway, which destroys the
advantage of the kill-popups action over its filter equivalent.
- Killing all pop-ups unconditionally is problematic. Many shops and banks
- rely on pop-ups to display forms, shopping carts etc, and the filter
- {unsolicited-popups} does a fairly good job of catching only the unwanted
- ones.
-
- If the only kind of pop-ups that you want to kill are exit consoles (those
- really nasty windows that appear when you close an other one), you might
- want to use filter{js-annoyances} instead.
+ Killing all pop-ups is a dangerous business. Many shops and banks rely on
+ pop-ups to display forms, shopping carts etc, and killing only the unwanted
+ pop-ups would require artificial intelligence in Privoxy. If the only kind
+ of pop-ups that you want to kill are exit consoles (those really nasty
+ windows that appear when you close an other one), you might want to use
+ filter{js-annoyances} instead.
Example usage:
"expires" field. If you use an exotic browser, you might want to try it out
to be sure.
- This setting also has no effect on cookies that may have been stored
- previously by the browser before starting Privoxy. These would have to be
- removed manually.
-
- Privoxy also uses the content-cookies filter to block some types of
- cookies. Content cookies are not effected by session-cookies-only.
-
Example usage:
+session-cookies-only
Now let's define some aliases...
- # Useful custom aliases we can use later.
- #
- # Note the (required!) section header line and that this section
- # must be at the top of the actions file!
- #
- {{alias}}
-
- # These aliases just save typing later:
- # (Note that some already use other aliases!)
- #
- +crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
- -crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
- block-as-image = +block +handle-as-image
- mercy-for-cookies = -crunch-all-cookies -session-cookies-only -filter{content-cookies}
-
- # These aliases define combinations of actions
- # that are useful for certain types of sites:
- #
- fragile = -block -filter -crunch-all-cookies -fast-redirects -hide-referrer -kill-popups
- shop = -crunch-all-cookies -filter{all-popups} -kill-popups
-
- # Short names for other aliases, for really lazy people ;-)
- #
- c0 = +crunch-all-cookies
- c1 = -crunch-all-cookies
+ # Useful custom aliases we can use later.
+ #
+ # Note the (required!) section header line and that this section
+ # must be at the top of the actions file!
+ #
+ {{alias}}
+
+ # These aliases just save typing later:
+ # (Note that some already use other aliases!)
+ #
+ +crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
+ -crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
+ block-as-image = +block +handle-as-image
+ mercy-for-cookies = -crunch-all-cookies -session-cookies-only
+
+ # These aliases define combinations of actions
+ # that are useful for certain types of sites:
+ #
+ fragile = -block -crunch-all-cookies -filter -fast-redirects -hide-referer -kill-popups
+ shop = -crunch-all-cookies -filter{popups} -kill-popups
+
+ # Short names for other aliases, for really lazy people ;-)
+ #
+ c0 = +crunch-all-cookies
+ c1 = -crunch-all-cookies
...and put them to use. These sections would appear in the lower part of an
actions file and define exceptions to the default actions (as specified further
# These shops require pop-ups:
#
- {shop -kill-popups -filter{all-popups}}
+ {shop -kill-popups -filter{popups}}
.dabs.com
.overclockers.co.uk
from the above chapter on aliases, that also explains why and how aliases are
used:
-##########################################################################
-# Aliases
-##########################################################################
-{{alias}}
-
- # These aliases just save typing later:
- # (Note that some already use other aliases!)
- #
- +crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
- -crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
- block-as-image = +block +handle-as-image
- mercy-for-cookies = -crunch-all-cookies -session-cookies-only -filter{content-cookies}
-
- # These aliases define combinations of actions
- # that are useful for certain types of sites:
- #
- fragile = -block -filter -crunch-all-cookies -fast-redirects -hide-referrer -kill-popups
- shop = -crunch-all-cookies -filter{all-popups} -kill-popups
+##########################################################################
+# Aliases
+##########################################################################
+{{alias}}
+
+# These aliases just save typing later:
+# (Note that some already use other aliases!)
+#
++crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
+-crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
+block-as-image = +block +handle-as-image
+mercy-for-cookies = -crunch-all-cookies -session-cookies-only
+
+# These aliases define combinations of actions
+# that are useful for certain types of sites:
+#
+fragile = -block -crunch-all-cookies -filter -fast-redirects -hide-referer -kill-popups
+shop = mercy-for-cookies -filter{popups} -kill-popups
Now come the regular sections, i.e. sets of actions, accompanied by URL
patterns to which they apply. Remember all actions are disabled when matching
+deanimate-gifs \
-downgrade-http-version \
+fast-redirects \
- +filter{js-annoyances} \
- -filter{js-events} \
+filter{html-annoyances} \
+ +filter{js-annoyances} \
-filter{content-cookies} \
- +filter{refresh-tags} \
- +filter{unsolicited-popups} \
- -filter{all-popups} \
- +filter{img-reorder} \
+ +filter{popups} \
+ +filter{webbugs} \
+ -filter{refresh-tags} \
+ -filter{fun} \
+ +filter{nimda} \
+filter{banners-by-size} \
-filter{banners-by-link} \
- +filter{webbugs} \
- -filter{tiny-textforms} \
- +filter{jumping-windows} \
- -filter{frameset-borders} \
- +filter{demoronizer} \
+ -filter{img-reorder} \
-filter{shockwave-flash} \
- -filter{quicktime-kioskmode} \
- -filter{fun} \
-filter{crude-parental} \
- +filter{ie-exploits} \
+ -filter{js-events} \
-handle-as-image \
+hide-forwarded-for-headers \
+hide-from-header{block} \
user agent, are part of a "general policy" that applies universally and won't
get any exceptions defined later. Other choices, like not blocking (which is
understandably the default!) need exceptions, i.e. we need to specify
-explicitly what we want to block in later sections.
+explicitly what we want to block in later sections. We will also want to make
+exceptions from our general pop-up-killing, and use our defined aliases for
+that.
The first of our specialized sections is concerned with "fragile" sites, i.e.
sites that require minimum interference, because they are either very complex
.jungle.com
.scan.co.uk
+Then, there are sites which rely on pop-up windows (yuck!) to work. Since we
+made pop-up-killing our default above, we need to make exceptions now. Mozilla
+users, who can turn on smart handling of unwanted pop-ups in their browsers,
+can safely choose -filter{popups} (and -kill-popups) above and hence don't need
+this section. Anyway, disabling an already disabled action doesn't hurt, so
+we'll define our exceptions regardless of what was chosen in the defaults
+section:
+
+# These sites require pop-ups too :(
+#
+{ -kill-popups -filter{popups} }
+.dabs.com
+.overclockers.co.uk
+.deutsche-bank-24.de
+
The fast-redirects action, which we enabled per default above, breaks some
sites. So disable it for popular sites where we know it misbehaves:
As aliases are local to the actions file that they are defined in, you can't
use the ones from default.action, unless you repeat them here:
-# Aliases are local to the file they are defined in.
# (Re-)define aliases for this file:
#
{{alias}}
-#
-# These aliases just save typing later, and the alias names should
-# be self explanatory.
-#
-+crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
-crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
- allow-all-cookies = -crunch-all-cookies -session-cookies-only
- allow-popups = -filter{all-popups} -kill-popups
-+block-as-image = +block +handle-as-image
--block-as-image = -block
-
-# These aliases define combinations of actions that are useful for
-# certain types of sites:
-#
+mercy-for-cookies = -crunch-all-cookies -session-cookies-only
fragile = -block -crunch-all-cookies -filter -fast-redirects -hide-referer -kill-popups
-shop = -crunch-all-cookies allow-popups
-
-# Allow ads for selected useful free sites:
-#
-allow-ads = -block -filter{banners-by-size} -filter{banners-by-link}
+shop = mercy-for-cookies -filter{popups} -kill-popups
+allow-ads = -block -filter{banners-by-size} # (see below)
Say you have accounts on some sites that you visit regularly, and you don't
want to have to log in manually each time. So you'd like to allow persistent
-cookies for these sites. The allow-all-cookies alias defined above does exactly
-that, i.e. it disables crunching of cookies in any direction, and the
-processing of cookies to make them only temporary.
+cookies for these sites. The mercy-for-cookies alias defined above does exactly
+that, i.e. it disables crunching of cookies in any direction, and processing of
+cookies to make them temporary.
-{ allow-all-cookies }
+{ mercy-for-cookies }
sunsolve.sun.com
slashdot.org
.yahoo.com
.msdn.microsoft.com
.redhat.com
-Your bank is allergic to some filter, but you don't know which, so you disable
-them all:
+Your bank needs popups and is allergic to some filter, but you don't know
+which, so you disable them all:
-{ -filter }
+{ -filter -kill-popups }
.your-home-banking-site.com
-Some file types you may not want to filter. Privoxy makes no distinctions
-between regular web pages and downloads done via your web browser if it is an
-html or text type document.
-
-# A list of common file extensions that are likely to indicate raw text, and best
-# if unfiltered.
-/(.*/)?.*\.(pl|(s|p)?h|c(c|xx|pp)?|tcl|am|init?|cfg?|conf(ig)?|txt|rc|bat)$
-
-# Documentation should not need filtering (at least on some sites).
-.tldp.org
-
-Example of a simple block action. Say you've seen an ad on your favourite page
-on example.com that you want to get rid of. You have right-clicked the image,
-selected "copy image location" and pasted the URL below while removing the
-leading http://, into a { +block } section. Note that { +handle-as-image } need
-not be specified, since all URLs ending in .gif will be tagged as images by the
-general rules as set in default.action anyway:
+While browsing the web with Privoxy you noticed some ads that sneaked through,
+but you were too lazy to report them through our fine and easy feedback system,
+so you have added them here:
{ +block }
-www.example.com/nasty-ads/sponsor.gif
+www.a-popular-site.com/some/unobvious/path
another.popular.site.net/more/junk/here/
-
-# Here we found one that is not in Privoxy's default blocked list:
-.adfactory.net
-
-To force URLs that tend to have ad images, but it is difficult for Privoxy to
-know this since the ultimate returned object is obscured for one reason or
-another, we can try to force these to be treated as images (and thus avoid
-Privoxy's "BLOCKED" banner page). Note that if what is returned by the server
-turns out NOT to be an image, then your browser typically will display a broken
-icon image. Use cautiously.
-
-{ +block-as-image }
-# A shockwave ad, very annoying.
-.trip.com/.*\.swf
-.doubleclick.net
-/Realmedia/ads/
-adremote.
-
-Now you noticed that the default configuration breaks Forbes Magazine, but you
+
+Note that, assuming the banners in the above example have regular image
+extensions (most do), +handle-as-image need not be specified, since all URLs
+ending in these extensions will already have been tagged as images in the
+relevant section of default.action by now.
+
+Then you noticed that the default configuration breaks Forbes Magazine, but you
were too lazy to find out which action is the culprit, and you were again too
lazy to give feedback, so you just used the fragile alias on the site, and --
-whoa! -- it worked. The fragile aliases disables those actions that are most
-likely to break a site. Also, good for testing purposes to see if it is Privoxy
-that is causing the problem or not.
+whoa! -- it worked:
{ fragile }
.forbes.com
code on CVS->Web interfaces. Since user.action has the last word, these
exceptions won't be valid for the "fun" filtering specified here.
-You might also worry about how your favourite free websites are funded, and
+Finally, you might think about how your favourite free websites are funded, and
find that they rely on displaying banner advertisements to survive. So you
might want to specifically allow banners for those sites that you feel provide
value to you:
.slashdot.org
.osdn.net
-Note that allow-ads has been aliased to -block, -filter{banners-by-size}, and -
-filter{banners-by-link} above.
-
-user.action is generally the best place to define exceptions and additions to
-the default policies of default.action. Some actions are safe to have their
-default policies set here though. So let's set a default policy to have a
-"blank" image as opposed to the checkerboard pattern for ALL sites. "/" of
-course matches all URL paths and patterns:
-
-{ +set-image-blocker{blank} }
-/ # ALL sites
+Note that allow-ads has been aliased to -block -filter{banners-by-size} above.
-------------------------------------------------------------------------------
Current Project Contributors:
- Johny Agotnes
Rodrigo Barbosa (RPM specfiles)
Moritz Barsnick
Hal Burgiss (docs)
- Mattes Dolak
Karsten Hopp (Red Hat)
Alexander Lazic
- Daniel Leite
Gábor Lipták
- Andrew Lock (Win32)
- Guy Laroche
+ Guy
Haroon Rafique
Roland Rosenfeld (Debian)
Georg Sauthoff (Gentoo)
David Schmidt (OS/2, Mac OSX ports)
Joerg Strohmayer (Amiga)
- Sviatoslav Sviridov
Sarantis Paskalis
Based in part on code originally developed by:
Andrew J. Caines
Clifford Caoile
Michael T. Davis
- Brian Dessent
Peter E
Aaron Hamid
Magnus Holmgren
- Don Libes
+ Daniel Leite
Paul Lieverse
- David Mediavilla
- Oliver Stoeneberg
Roberto Ragusa
Maynard Riley
Bart Schelstraete
Darren Wiebe
- Jamie Zawinski
+ jwz
-------------------------------------------------------------------------------