<p>The default profiles, and their associated actions, as pre-defined in <tt class=
"FILENAME">default.action</tt> are:</p>
<div class="TABLE">
- <a name="AEN3105" id="AEN3105"></a>
+ <a name="DEFAULT-CONFIGURATIONS" id="DEFAULT-CONFIGURATIONS"></a>
<p><b>Table 1. Default Configurations</b></p>
<table border="1" frame="border" rules="all" class="CALSTABLE">
<col width="1*" title="C1">
already!</p>
<p>The pattern matching syntax is different for the host and path parts of the URL. The host part uses a simple
globbing type matching technique, while the path part uses more flexible <a href=
- "http://en.wikipedia.org/wiki/Regular_expressions" target="_top"><span class="QUOTE">"Regular
+ "https://en.wikipedia.org/wiki/Regular_expressions" target="_top"><span class="QUOTE">"Regular
Expressions"</span></a> (POSIX 1003.2).</p>
<p>The port part of a pattern is a decimal port number preceded by a colon (<tt class="LITERAL">:</tt>). If the
host part contains a numerical IPv6 address, it has to be put into angle brackets (<tt class="LITERAL"><</tt>,
</div>
<p>Additionally, there are wild-cards that you can use in the domain names themselves. These work similarly to
shell globbing type wild-cards: <span class="QUOTE">"*"</span> represents zero or more arbitrary characters
- (this is equivalent to the <a href="http://en.wikipedia.org/wiki/Regular_expressions" target=
+ (this is equivalent to the <a href="https://en.wikipedia.org/wiki/Regular_expressions" target=
"_top"><span class="QUOTE">"Regular Expression"</span></a> based syntax of <span class="QUOTE">".*"</span>),
<span class="QUOTE">"?"</span> represents any single character (this is equivalent to the regular expression
syntax of a simple <span class="QUOTE">"."</span>), and you can define <span class="QUOTE">"character
</dl>
</div>
<p>While flexible, this is not the sophistication of full regular expression based syntax.</p>
+ <p>When compiled with FEATURE_PCRE_HOST_PATTERNS patterns can be prefixed with <span class=
+ "QUOTE">"PCRE-HOST-PATTERN:"</span> in which case full regular expression (PCRE) can be used for the host
+ pattern as well.</p>
</div>
<div class="SECT3">
<h3 class="SECT3"><a name="PATH-PATTERN" id="PATH-PATTERN">8.4.2. The Path Pattern</a></h3>
<p><span class="APPLICATION">Privoxy</span> uses <span class="QUOTE">"modern"</span> POSIX 1003.2 <a href=
- "http://en.wikipedia.org/wiki/Regular_expressions" target="_top"><span class="QUOTE">"Regular
+ "https://en.wikipedia.org/wiki/Regular_expressions" target="_top"><span class="QUOTE">"Regular
Expressions"</span></a> for matching the path portion (after the slash), and is thus more flexible.</p>
<p>There is an <a href="appendix.html#REGEX">Appendix</a> with a brief quick-start into regular expressions,
you also might want to have a look at your operating system's documentation on regular expressions (try
<p>To detect a redirection URL, <tt class="LITERAL">fast-redirects</tt> only looks for the string
<span class="QUOTE">"http://"</span>, either in plain text (invalid but often used) or encoded as
<span class="QUOTE">"http%3a//"</span>. Some sites use their own URL encoding scheme, encrypt the address
- of the target server or replace it with a database id. In theses cases <tt class=
+ of the target server or replace it with a database id. In these cases <tt class=
"LITERAL">fast-redirects</tt> is fooled and the request reaches the redirection server where it probably
gets logged.</p>
</dd>
completely rendered doesn't change much, but it may be perceived as slower since the page is not
incrementally displayed.) This effect will be more noticeable on slower connections.</p>
<p><span class="QUOTE">"Rolling your own"</span> filters requires a knowledge of <a href=
- "http://en.wikipedia.org/wiki/Regular_expressions" target="_top"><span class="QUOTE">"Regular
- Expressions"</span></a> and <a href="http://en.wikipedia.org/wiki/Html" target="_top"><span class=
+ "https://en.wikipedia.org/wiki/Regular_expressions" target="_top"><span class="QUOTE">"Regular
+ Expressions"</span></a> and <a href="https://en.wikipedia.org/wiki/Html" target="_top"><span class=
"QUOTE">"HTML"</span></a>. This is very powerful feature, and potentially very intrusive. Filters should
be used with caution, and where an equivalent <span class="QUOTE">"action"</span> is not available.</p>
<p>The amount of data that can be filtered is limited to the <tt class="LITERAL"><a href=
occasionally useful to forge this in order to access sites that won't let you in otherwise (though there
may be a good reason in some cases).</p>
<p>More information on known user-agent strings can be found at <a href="http://www.user-agents.org/"
- target="_top">http://www.user-agents.org/</a> and <a href="http://en.wikipedia.org/wiki/User_agent"
+ target="_top">http://www.user-agents.org/</a> and <a href="https://en.wikipedia.org/wiki/User_agent"
target="_top">http://en.wikipedia.org/wiki/User_agent</a>.</p>
</dd>
<dt>Example usage:</dt>
<p>This action allows <span class="APPLICATION">Privoxy</span> to filter encrypted requests and
responses. For this to work <span class="APPLICATION">Privoxy</span> has to generate a certificate and
send it to the client which has to accept it.</p>
- <p>Before this works the directives in the <tt class="LITERAL"><a href="config.html#TLS" target=
- "_top">TLS section</a></tt> of the config file have to be configured.</p>
+ <p>Before this works the directives in the <tt class="LITERAL"><a href=
+ "config.html#HTTPS-INSPECTION-DIRECTIVES" target="_top">HTTPS inspection section</a></tt> of the config
+ file have to be configured.</p>
<p>Note that the action has to be enabled based on the CONNECT request which doesn't contain a path.
Enabling it based on a pattern with path doesn't work as the path is only seen by <span class=
"APPLICATION">Privoxy</span> if the action is already enabled.</p>
+ <p>This is an experimental feature.</p>
</dd>
<dt>Example usage (section):</dt>
<dd>
<p>When the <a href="actions-file.html#HTTPS-INSPECTION"><span class=
"QUOTE">"+https-inspection"</span></a> action is used <span class="APPLICATION">Privoxy</span> by default
verifies that the remote site uses a valid certificate.</p>
- <p>If the certificate is invalid the connection is aborted.</p>
- <p>This action disabled the certificate check allowing requests to sites with invalid certificates.</p>
+ <p>If the certificate can't be validated by <span class="APPLICATION">Privoxy</span> the connection is
+ aborted.</p>
+ <p>This action disables the certificate check so requests to sites with certificates that can't be
+ validated are allowed.</p>
+ <p>Note that enabling this action allows Man-in-the-middle attacks.</p>
</dd>
<dt>Example usage:</dt>
<dd>
action settings.</p>
<p>Note that some (rare) ill-configured sites don't handle requests for uncompressed documents correctly.
Broken PHP applications tend to send an empty document body, some IIS versions only send the beginning of
- the content. If you enable <tt class="LITERAL">prevent-compression</tt> per default, you might want to
- add exceptions for those sites. See the example for how to do that.</p>
+ the content and some content delivery networks let the connection time out. If you enable <tt class=
+ "LITERAL">prevent-compression</tt> per default, you might want to add exceptions for those sites. See the
+ example for how to do that.</p>
</dd>
<dt>Example usage (sections):</dt>
<dd>
# Redirect Destination = https://www.illumos.org/issues/4974
i[0-9][0-9][0-9][0-9]*/
+# Redirect requests for the old Tor Hidden Service of the Privoxy website to the new one
+{+redirect{s@^http://jvauzb4sb3bwlsnc.onion/@http://l3tczdiiwoo63iwxty4lhs6p7eaxop5micbn7vbliydgv63x5zrrrfyd.onion/@}}
+jvauzb4sb3bwlsnc.onion/
+
# Redirect remote requests for this manual
# to the local version delivered by Privoxy
{+redirect{s@^http://www@http://config@}}