<p>The default profiles, and their associated actions, as pre-defined in <tt class=
"FILENAME">default.action</tt> are:</p>
<div class="TABLE">
- <a name="AEN3088" id="AEN3088"></a>
+ <a name="DEFAULT-CONFIGURATIONS" id="DEFAULT-CONFIGURATIONS"></a>
<p><b>Table 1. Default Configurations</b></p>
<table border="1" frame="border" rules="all" class="CALSTABLE">
<col width="1*" title="C1">
already!</p>
<p>The pattern matching syntax is different for the host and path parts of the URL. The host part uses a simple
globbing type matching technique, while the path part uses more flexible <a href=
- "http://en.wikipedia.org/wiki/Regular_expressions" target="_top"><span class="QUOTE">"Regular
+ "https://en.wikipedia.org/wiki/Regular_expressions" target="_top"><span class="QUOTE">"Regular
Expressions"</span></a> (POSIX 1003.2).</p>
<p>The port part of a pattern is a decimal port number preceded by a colon (<tt class="LITERAL">:</tt>). If the
host part contains a numerical IPv6 address, it has to be put into angle brackets (<tt class="LITERAL"><</tt>,
</div>
<p>Additionally, there are wild-cards that you can use in the domain names themselves. These work similarly to
shell globbing type wild-cards: <span class="QUOTE">"*"</span> represents zero or more arbitrary characters
- (this is equivalent to the <a href="http://en.wikipedia.org/wiki/Regular_expressions" target=
+ (this is equivalent to the <a href="https://en.wikipedia.org/wiki/Regular_expressions" target=
"_top"><span class="QUOTE">"Regular Expression"</span></a> based syntax of <span class="QUOTE">".*"</span>),
<span class="QUOTE">"?"</span> represents any single character (this is equivalent to the regular expression
syntax of a simple <span class="QUOTE">"."</span>), and you can define <span class="QUOTE">"character
</dl>
</div>
<p>While flexible, this is not the sophistication of full regular expression based syntax.</p>
+ <p>When compiled with FEATURE_PCRE_HOST_PATTERNS patterns can be prefixed with <span class=
+ "QUOTE">"PCRE-HOST-PATTERN:"</span> in which case full regular expression (PCRE) can be used for the host
+ pattern as well.</p>
</div>
<div class="SECT3">
<h3 class="SECT3"><a name="PATH-PATTERN" id="PATH-PATTERN">8.4.2. The Path Pattern</a></h3>
<p><span class="APPLICATION">Privoxy</span> uses <span class="QUOTE">"modern"</span> POSIX 1003.2 <a href=
- "http://en.wikipedia.org/wiki/Regular_expressions" target="_top"><span class="QUOTE">"Regular
+ "https://en.wikipedia.org/wiki/Regular_expressions" target="_top"><span class="QUOTE">"Regular
Expressions"</span></a> for matching the path portion (after the slash), and is thus more flexible.</p>
<p>There is an <a href="appendix.html#REGEX">Appendix</a> with a brief quick-start into regular expressions,
you also might want to have a look at your operating system's documentation on regular expressions (try
</div>
</div>
<div class="SECT3">
- <h4 class="SECT3"><a name="ENABLE-HTTPS-FILTERING" id="ENABLE-HTTPS-FILTERING">8.5.15.
- enable-https-filtering</a></h4>
- <div class="VARIABLELIST">
- <dl>
- <dt>Typical use:</dt>
- <dd>
- <p>Filter encrypted requests and responses</p>
- </dd>
- <dt>Effect:</dt>
- <dd>
- <p>Encrypted requests are decrypted, filtered and forwarded encrypted.</p>
- </dd>
- <dt>Type:</dt>
- <dd>
- <p>Boolean.</p>
- </dd>
- <dt>Parameter:</dt>
- <dd>
- <p>N/A</p>
- </dd>
- <dt>Notes:</dt>
- <dd>
- <p>This action allows <span class="APPLICATION">Privoxy</span> to filter encrypted requests and
- responses. For this to work <span class="APPLICATION">Privoxy</span> has to generate a certificate and
- send it to the client which has to accept it.</p>
- <p>Before this works the directives in the <a href="config.html">TLS section of the config</a> file have
- to be configured.</p>
- </dd>
- <dt>Example usage (section):</dt>
- <dd>
- <table border="0" bgcolor="#E0E0E0" width="90%">
- <tr>
- <td>
- <pre class="SCREEN">{+enable-https-filtering}
-www.example.com</pre>
- </td>
- </tr>
- </table>
- </dd>
- </dl>
- </div>
- </div>
- <div class="SECT3">
- <h4 class="SECT3"><a name="EXTERNAL-FILTER" id="EXTERNAL-FILTER">8.5.16. external-filter</a></h4>
+ <h4 class="SECT3"><a name="EXTERNAL-FILTER" id="EXTERNAL-FILTER">8.5.15. external-filter</a></h4>
<div class="VARIABLELIST">
<dl>
<dt>Typical use:</dt>
</div>
</div>
<div class="SECT3">
- <h4 class="SECT3"><a name="FAST-REDIRECTS" id="FAST-REDIRECTS">8.5.17. fast-redirects</a></h4>
+ <h4 class="SECT3"><a name="FAST-REDIRECTS" id="FAST-REDIRECTS">8.5.16. fast-redirects</a></h4>
<div class="VARIABLELIST">
<dl>
<dt>Typical use:</dt>
<p>To detect a redirection URL, <tt class="LITERAL">fast-redirects</tt> only looks for the string
<span class="QUOTE">"http://"</span>, either in plain text (invalid but often used) or encoded as
<span class="QUOTE">"http%3a//"</span>. Some sites use their own URL encoding scheme, encrypt the address
- of the target server or replace it with a database id. In theses cases <tt class=
+ of the target server or replace it with a database id. In these cases <tt class=
"LITERAL">fast-redirects</tt> is fooled and the request reaches the redirection server where it probably
gets logged.</p>
</dd>
</div>
</div>
<div class="SECT3">
- <h4 class="SECT3"><a name="FILTER" id="FILTER">8.5.18. filter</a></h4>
+ <h4 class="SECT3"><a name="FILTER" id="FILTER">8.5.17. filter</a></h4>
<div class="VARIABLELIST">
<dl>
<dt>Typical use:</dt>
completely rendered doesn't change much, but it may be perceived as slower since the page is not
incrementally displayed.) This effect will be more noticeable on slower connections.</p>
<p><span class="QUOTE">"Rolling your own"</span> filters requires a knowledge of <a href=
- "http://en.wikipedia.org/wiki/Regular_expressions" target="_top"><span class="QUOTE">"Regular
- Expressions"</span></a> and <a href="http://en.wikipedia.org/wiki/Html" target="_top"><span class=
+ "https://en.wikipedia.org/wiki/Regular_expressions" target="_top"><span class="QUOTE">"Regular
+ Expressions"</span></a> and <a href="https://en.wikipedia.org/wiki/Html" target="_top"><span class=
"QUOTE">"HTML"</span></a>. This is very powerful feature, and potentially very intrusive. Filters should
be used with caution, and where an equivalent <span class="QUOTE">"action"</span> is not available.</p>
<p>The amount of data that can be filtered is limited to the <tt class="LITERAL"><a href=
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse.</pre>
+ <pre class=
+ "SCREEN">+filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{js-events} # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).</pre>
+ <pre class=
+ "SCREEN">+filter{js-events} # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{html-annoyances} # Get rid of particularly annoying HTML abuse.</pre>
+ <pre class=
+ "SCREEN">+filter{html-annoyances} # Get rid of particularly annoying HTML abuse.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{content-cookies} # Kill cookies that come in the HTML or JS content.</pre>
+ <pre class=
+ "SCREEN">+filter{content-cookies} # Kill cookies that come in the HTML or JS content.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{refresh-tags} # Kill automatic refresh tags if refresh time is larger than 9 seconds.</pre>
+ <pre class=
+ "SCREEN">+filter{refresh-tags} # Kill automatic refresh tags if refresh time is larger than 9 seconds.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective.</pre>
+ <pre class=
+ "SCREEN">+filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{banners-by-link} # Kill banners by their links to known clicktrackers.</pre>
+ <pre class=
+ "SCREEN">+filter{banners-by-link} # Kill banners by their links to known clicktrackers.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking).</pre>
+ <pre class=
+ "SCREEN">+filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking).</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap.</pre>
+ <pre class=
+ "SCREEN">+filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{jumping-windows} # Prevent windows from resizing and moving themselves.</pre>
+ <pre class=
+ "SCREEN">+filter{jumping-windows} # Prevent windows from resizing and moving themselves.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{frameset-borders} # Give frames a border and make them resizable.</pre>
+ <pre class=
+ "SCREEN">+filter{frameset-borders} # Give frames a border and make them resizable.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{iframes} # Removes all detected iframes. Should only be enabled for individual sites.</pre>
+ <pre class=
+ "SCREEN">+filter{iframes} # Removes all detected iframes. Should only be enabled for individual sites.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{demoronizer} # Fix MS's non-standard use of standard charsets.</pre>
+ <pre class=
+ "SCREEN">+filter{demoronizer} # Fix MS's non-standard use of standard charsets.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{fun} # Text replacements for subversive browsing fun!</pre>
+ <pre class=
+ "SCREEN">+filter{fun} # Text replacements for subversive browsing fun!</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{crude-parental} # Crude parental filtering. Note that this filter doesn't work reliably.</pre>
+ <pre class=
+ "SCREEN">+filter{crude-parental} # Crude parental filtering. Note that this filter doesn't work reliably.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{ie-exploits} # Disable some known Internet Explorer bug exploits.</pre>
+ <pre class=
+ "SCREEN">+filter{ie-exploits} # Disable some known Internet Explorer bug exploits.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{site-specifics} # Cure for site-specific problems. Don't apply generally!</pre>
+ <pre class=
+ "SCREEN">+filter{site-specifics} # Cure for site-specific problems. Don't apply generally!</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{no-ping} # Removes non-standard ping attributes in <a> and <area> tags.</pre>
+ <pre class=
+ "SCREEN">+filter{no-ping} # Removes non-standard ping attributes in <a> and <area> tags.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{google} # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.</pre>
+ <pre class=
+ "SCREEN">+filter{google} # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{yahoo} # CSS-based block for Yahoo text ads. Also removes a width limitation.</pre>
+ <pre class=
+ "SCREEN">+filter{yahoo} # CSS-based block for Yahoo text ads. Also removes a width limitation.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{msn} # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.</pre>
+ <pre class=
+ "SCREEN">+filter{msn} # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.</pre>
</td>
</tr>
</table>
<table border="0" bgcolor="#E0E0E0" width="90%">
<tr>
<td>
- <pre class="SCREEN">
- +filter{blogspot} # Cleans up some Blogspot blogs. Read the fine print before using this.</pre>
+ <pre class=
+ "SCREEN">+filter{blogspot} # Cleans up some Blogspot blogs. Read the fine print before using this.</pre>
</td>
</tr>
</table>
</div>
</div>
<div class="SECT3">
- <h4 class="SECT3"><a name="FORCE-TEXT-MODE" id="FORCE-TEXT-MODE">8.5.19. force-text-mode</a></h4>
+ <h4 class="SECT3"><a name="FORCE-TEXT-MODE" id="FORCE-TEXT-MODE">8.5.18. force-text-mode</a></h4>
<div class="VARIABLELIST">
<dl>
<dt>Typical use:</dt>
</div>
</div>
<div class="SECT3">
- <h4 class="SECT3"><a name="FORWARD-OVERRIDE" id="FORWARD-OVERRIDE">8.5.20. forward-override</a></h4>
+ <h4 class="SECT3"><a name="FORWARD-OVERRIDE" id="FORWARD-OVERRIDE">8.5.19. forward-override</a></h4>
<div class="VARIABLELIST">
<dl>
<dt>Typical use:</dt>
</div>
</div>
<div class="SECT3">
- <h4 class="SECT3"><a name="HANDLE-AS-EMPTY-DOCUMENT" id="HANDLE-AS-EMPTY-DOCUMENT">8.5.21.
+ <h4 class="SECT3"><a name="HANDLE-AS-EMPTY-DOCUMENT" id="HANDLE-AS-EMPTY-DOCUMENT">8.5.20.
handle-as-empty-document</a></h4>
<div class="VARIABLELIST">
<dl>
</div>
</div>
<div class="SECT3">
- <h4 class="SECT3"><a name="HANDLE-AS-IMAGE" id="HANDLE-AS-IMAGE">8.5.22. handle-as-image</a></h4>
+ <h4 class="SECT3"><a name="HANDLE-AS-IMAGE" id="HANDLE-AS-IMAGE">8.5.21. handle-as-image</a></h4>
<div class="VARIABLELIST">
<dl>
<dt>Typical use:</dt>
</div>
</div>
<div class="SECT3">
- <h4 class="SECT3"><a name="HIDE-ACCEPT-LANGUAGE" id="HIDE-ACCEPT-LANGUAGE">8.5.23.
+ <h4 class="SECT3"><a name="HIDE-ACCEPT-LANGUAGE" id="HIDE-ACCEPT-LANGUAGE">8.5.22.
hide-accept-language</a></h4>
<div class="VARIABLELIST">
<dl>
</div>
</div>
<div class="SECT3">
- <h4 class="SECT3"><a name="HIDE-CONTENT-DISPOSITION" id="HIDE-CONTENT-DISPOSITION">8.5.24.
+ <h4 class="SECT3"><a name="HIDE-CONTENT-DISPOSITION" id="HIDE-CONTENT-DISPOSITION">8.5.23.
hide-content-disposition</a></h4>
<div class="VARIABLELIST">
<dl>
</div>
</div>
<div class="SECT3">
- <h4 class="SECT3"><a name="HIDE-IF-MODIFIED-SINCE" id="HIDE-IF-MODIFIED-SINCE">8.5.25.
+ <h4 class="SECT3"><a name="HIDE-IF-MODIFIED-SINCE" id="HIDE-IF-MODIFIED-SINCE">8.5.24.
hide-if-modified-since</a></h4>
<div class="VARIABLELIST">
<dl>
</div>
</div>
<div class="SECT3">
- <h4 class="SECT3"><a name="HIDE-FROM-HEADER" id="HIDE-FROM-HEADER">8.5.26. hide-from-header</a></h4>
+ <h4 class="SECT3"><a name="HIDE-FROM-HEADER" id="HIDE-FROM-HEADER">8.5.25. hide-from-header</a></h4>
<div class="VARIABLELIST">
<dl>
<dt>Typical use:</dt>
</div>
</div>
<div class="SECT3">
- <h4 class="SECT3"><a name="HIDE-REFERRER" id="HIDE-REFERRER">8.5.27. hide-referrer</a></h4><a name=
+ <h4 class="SECT3"><a name="HIDE-REFERRER" id="HIDE-REFERRER">8.5.26. hide-referrer</a></h4><a name=
"HIDE-REFERER" id="HIDE-REFERER"></a>
<div class="VARIABLELIST">
<dl>
</div>
</div>
<div class="SECT3">
- <h4 class="SECT3"><a name="HIDE-USER-AGENT" id="HIDE-USER-AGENT">8.5.28. hide-user-agent</a></h4>
+ <h4 class="SECT3"><a name="HIDE-USER-AGENT" id="HIDE-USER-AGENT">8.5.27. hide-user-agent</a></h4>
<div class="VARIABLELIST">
<dl>
<dt>Typical use:</dt>
occasionally useful to forge this in order to access sites that won't let you in otherwise (though there
may be a good reason in some cases).</p>
<p>More information on known user-agent strings can be found at <a href="http://www.user-agents.org/"
- target="_top">http://www.user-agents.org/</a> and <a href="http://en.wikipedia.org/wiki/User_agent"
+ target="_top">http://www.user-agents.org/</a> and <a href="https://en.wikipedia.org/wiki/User_agent"
target="_top">http://en.wikipedia.org/wiki/User_agent</a>.</p>
</dd>
<dt>Example usage:</dt>
</dl>
</div>
</div>
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="HTTPS-INSPECTION" id="HTTPS-INSPECTION">8.5.28. https-inspection</a></h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+ <dd>
+ <p>Filter encrypted requests and responses</p>
+ </dd>
+ <dt>Effect:</dt>
+ <dd>
+ <p>Encrypted requests are decrypted, filtered and forwarded encrypted.</p>
+ </dd>
+ <dt>Type:</dt>
+ <dd>
+ <p>Boolean.</p>
+ </dd>
+ <dt>Parameter:</dt>
+ <dd>
+ <p>N/A</p>
+ </dd>
+ <dt>Notes:</dt>
+ <dd>
+ <p>This action allows <span class="APPLICATION">Privoxy</span> to filter encrypted requests and
+ responses. For this to work <span class="APPLICATION">Privoxy</span> has to generate a certificate and
+ send it to the client which has to accept it.</p>
+ <p>Before this works the directives in the <tt class="LITERAL"><a href=
+ "config.html#HTTPS-INSPECTION-DIRECTIVES" target="_top">HTTPS inspection section</a></tt> of the config
+ file have to be configured.</p>
+ <p>Note that the action has to be enabled based on the CONNECT request which doesn't contain a path.
+ Enabling it based on a pattern with path doesn't work as the path is only seen by <span class=
+ "APPLICATION">Privoxy</span> if the action is already enabled.</p>
+ <p>This is an experimental feature.</p>
+ </dd>
+ <dt>Example usage (section):</dt>
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">{+https-inspection}
+www.example.com</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
<div class="SECT3">
<h4 class="SECT3"><a name="IGNORE-CERTIFICATE-ERRORS" id="IGNORE-CERTIFICATE-ERRORS">8.5.29.
ignore-certificate-errors</a></h4>
</dd>
<dt>Notes:</dt>
<dd>
- <p>When the <a href="actions-file.html#ENABLE-HTTPS-FILTERING"><span class=
- "QUOTE">"+enable-https-filtering"</span></a> action is used <span class="APPLICATION">Privoxy</span> by
- default verifies that the remote site uses a valid certificate.</p>
- <p>If the certificate is invalid the connection is aborted.</p>
- <p>This action disabled the certificate check allowing requests to sites with invalid certificates.</p>
+ <p>When the <a href="actions-file.html#HTTPS-INSPECTION"><span class=
+ "QUOTE">"+https-inspection"</span></a> action is used <span class="APPLICATION">Privoxy</span> by default
+ verifies that the remote site uses a valid certificate.</p>
+ <p>If the certificate can't be validated by <span class="APPLICATION">Privoxy</span> the connection is
+ aborted.</p>
+ <p>This action disables the certificate check so requests to sites with certificates that can't be
+ validated are allowed.</p>
+ <p>Note that enabling this action allows Man-in-the-middle attacks.</p>
</dd>
<dt>Example usage:</dt>
<dd>
action settings.</p>
<p>Note that some (rare) ill-configured sites don't handle requests for uncompressed documents correctly.
Broken PHP applications tend to send an empty document body, some IIS versions only send the beginning of
- the content. If you enable <tt class="LITERAL">prevent-compression</tt> per default, you might want to
- add exceptions for those sites. See the example for how to do that.</p>
+ the content and some content delivery networks let the connection time out. If you enable <tt class=
+ "LITERAL">prevent-compression</tt> per default, you might want to add exceptions for those sites. See the
+ example for how to do that.</p>
</dd>
<dt>Example usage (sections):</dt>
<dd>
# Redirect Destination = https://www.illumos.org/issues/4974
i[0-9][0-9][0-9][0-9]*/
+# Redirect requests for the old Tor Hidden Service of the Privoxy website to the new one
+{+redirect{s@^http://jvauzb4sb3bwlsnc.onion/@http://l3tczdiiwoo63iwxty4lhs6p7eaxop5micbn7vbliydgv63x5zrrrfyd.onion/@}}
+jvauzb4sb3bwlsnc.onion/
+
# Redirect remote requests for this manual
# to the local version delivered by Privoxy
{+redirect{s@^http://www@http://config@}}