TITLE="Privoxy User Manual"
HREF="index.html"><LINK
REL="PREVIOUS"
-TITLE="Quickstart to Using Privoxy"
-HREF="quickstart.html"><LINK
+TITLE="Starting Privoxy"
+HREF="startup.html"><LINK
REL="NEXT"
-TITLE="Contacting the Developers, Bug Reporting and Feature
-Requests"
-HREF="contact.html"><LINK
+TITLE="The Main Configuration File"
+HREF="config.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
HREF="../p_doc.css"></HEAD
ALIGN="left"
VALIGN="bottom"
><A
-HREF="quickstart.html"
+HREF="startup.html"
>Prev</A
></TD
><TD
ALIGN="right"
VALIGN="bottom"
><A
-HREF="contact.html"
+HREF="config.html"
>Next</A
></TD
></TR
CLASS="SECT1"
><A
NAME="CONFIGURATION"
->5. <SPAN
+>6. <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
> Configuration</A
>Privoxy</SPAN
> can
also be controlled easily with a web browser.
-
</P
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN277"
->5.1. Controlling <SPAN
+NAME="AEN481"
+>6.1. Controlling <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
> with Your Web Browser</A
> <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> can be reached by the special
+>'s user interface can be reached through the special
URL <A
-HREF="http://p.p/"
-TARGET="_top"
->http://p.p/</A
-> (or alternately
- <A
HREF="http://config.privoxy.org/"
TARGET="_top"
>http://config.privoxy.org/</A
+>
+ (shortcut: <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/</A
>),
- which is an internal page. You will see the following section: </P
-><P
-> <TABLE
+ which is a built-in page and works without Internet access.
+ You will see the following section: </P
+><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TD
><PRE
CLASS="SCREEN"
-> Please choose from the following options:
-
- * Show information about the current configuration
- * Show the source code version numbers
- * Show the client's request headers.
- * Show which actions apply to a URL and why
- * Toggle Privoxy on or off
- * Edit the actions list
-
- </PRE
-></TD
+> <H3
+CLASS="BRIDGEHEAD"
+>Privoxy Menu</H3
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+> ▪ <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>View & change the current configuration</A
+>
+ </TD
+></TR
+><TR
+><TD
+> ▪ <A
+HREF="http://config.privoxy.org/show-version"
+TARGET="_top"
+>View the source code version numbers</A
+>
+ </TD
+></TR
+><TR
+><TD
+> ▪ <A
+HREF="http://config.privoxy.org/show-request"
+TARGET="_top"
+>View the request headers.</A
+>
+ </TD
+></TR
+><TR
+><TD
+> ▪ <A
+HREF="http://config.privoxy.org/show-url-info"
+TARGET="_top"
+>Look up which actions apply to a URL and why</A
+>
+ </TD
+></TR
+><TR
+><TD
+> ▪ <A
+HREF="http://config.privoxy.org/toggle"
+TARGET="_top"
+>Toggle Privoxy on or off</A
+>
+ </TD
></TR
+></TBODY
></TABLE
+><P
></P
+></PRE
+></TD
+></TR
+></TABLE
><P
-> This should be self-explanatory. Note the last item is an editor for the
- <SPAN
-CLASS="QUOTE"
->"actions list"</SPAN
->, which is where much of the ad, banner, cookie,
- and URL blocking magic is configured as well as other advanced features of
+> This should be self-explanatory. Note the first item leads to an editor for the
+ <A
+HREF="actions-file.html"
+>actions files</A
+>, which is where the ad, banner,
+ cookie, and URL blocking magic is configured as well as other advanced features of
<SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
> configuration. The actions
- file, and other configuration files, are explained in detail below.
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will automatically detect any changes
- to these files.</P
+ file, and other configuration files, are explained in detail below. </P
><P
> <SPAN
CLASS="QUOTE"
>"Toggle Privoxy On or Off"</SPAN
> is handy for sites that might
- have problems with your current actions and filters, or just to test if
- a site misbehaves, whether it is <SPAN
+ have problems with your current actions and filters. You can in fact use
+ it as a test to see whether it is <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
>
CLASS="APPLICATION"
>Privoxy</SPAN
> continues
- to run as a proxy in this case, but all filtering is disabled. </P
+ to run as a proxy in this case, but all manipulation is disabled, i.e.
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> acts like a normal forwarding proxy. There
+ is even a toggle <A
+HREF="appendix.html#BOOKMARKLETS"
+>Bookmarklet</A
+> offered, so
+ that you can toggle <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with one click from
+ your browser.</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN295"
->5.2. Configuration Files Overview</A
+NAME="CONFOVERVIEW"
+>6.2. Configuration Files Overview</A
></H2
><P
> For Unix, *BSD and Linux, all configuration files are located in
and number of configuration files has changed from previous versions, and is
subject to change as development progresses.</P
><P
-> The installed defaults provide a reasonable starting point, though possibly
- aggressive by some standards. For the time being, there are only three
- default configuration files (this may change in time):</P
+> The installed defaults provide a reasonable starting point, though
+ some settings may be aggressive by some standards. For the time being, the
+ principle configuration files are:</P
><P
> <P
></P
><UL
><LI
><P
-> The main configuration file is named <TT
+> The <A
+HREF="config.html"
+>main configuration file</A
+> is named <TT
CLASS="FILENAME"
>config</TT
>
CLASS="FILENAME"
>config.txt</TT
>
- on Windows.
+ on Windows. This is a required file.
</P
></LI
><LI
><P
-> The <TT
+> <TT
CLASS="FILENAME"
>default.action</TT
-> file is used to define various
- <SPAN
+> (the main <A
+HREF="actions-file.html"
+>actions file</A
+>)
+ is used to define which <SPAN
CLASS="QUOTE"
>"actions"</SPAN
-> relating to images, banners, pop-ups, access
- restrictions, banners and cookies. There is a CGI based editor for this
- file that can be accessed via <A
-HREF="http://p.p"
-TARGET="_top"
->http://p.p</A
->. (Other actions
- files are included as well with differing levels of filtering
- and blocking, e.g. <TT
-CLASS="FILENAME"
->basic.action</TT
->.)
+> relating to banner-blocking, images, pop-ups,
+ content modification, cookie handling etc should be applied by default. It also defines many
+ exceptions (both positive and negative) from this default set of actions that enable
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to selectively eliminate the junk, and only the junk, on
+ as many websites as possible.
</P
-></LI
-><LI
><P
-> The <TT
+> Multiple actions files may be defined in <TT
CLASS="FILENAME"
->default.filter</TT
-> file can be used to re-write the raw
- page content, including viewable text as well as embedded HTML and JavaScript,
- and whatever else lurks on any given web page.
- </P
-></LI
-></UL
-></P
-><P
-> <TT
+>config</TT
+>. These
+ are processed in the order they are defined. Local customizations and locally
+ preferred exceptions to the default policies as defined in
+ <TT
CLASS="FILENAME"
>default.action</TT
-> and <TT
+> (which you will most probably want
+ to define sooner or later) are probably best applied in
+ <TT
CLASS="FILENAME"
->default.filter</TT
->
- can use Perl style regular expressions for maximum flexibility. All files use
- the <SPAN
-CLASS="QUOTE"
->"<TT
-CLASS="LITERAL"
->#</TT
->"</SPAN
-> character to denote a comment. Such
- lines are not processed by <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->. After
- making any changes, there is no need to restart
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> in order for the changes to take
- effect. <SPAN
+>user.action</TT
+>, where you can preserve them across
+ upgrades. <TT
+CLASS="FILENAME"
+>standard.action</TT
+> is for
+ <SPAN
CLASS="APPLICATION"
->Privoxy</SPAN
-> should detect such changes
- automatically.</P
+>Privoxy's</SPAN
+> internal use.
+ </P
><P
-> While under development, the configuration content is subject to change.
- The below documentation may not be accurate by the time you read this.
- Also, what constitutes a <SPAN
-CLASS="QUOTE"
->"default"</SPAN
-> setting, may change, so
- please check all your configuration files on important issues.</P
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN326"
->5.3. The Main Configuration File</A
-></H2
+>
+ There is also a web based editor that can be accessed from
+ <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>http://config.privoxy.org/show-status</A
+>
+ (Shortcut: <A
+HREF="http://p.p/show-status"
+TARGET="_top"
+>http://p.p/show-status</A
+>) for the
+ various actions files.
+ </P
+></LI
+><LI
><P
-> Again, the main configuration file is named <TT
-CLASS="FILENAME"
->config</TT
-> on
- Linux/Unix/BSD and OS/2, and <TT
+> <TT
CLASS="FILENAME"
->config.txt</TT
-> on Windows.
- Configuration lines consist of an initial keyword followed by a list of
- values, all separated by whitespace (any number of spaces or tabs). For
- example:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->blockfile blocklist.ini</I
-><br>
- </P
->
- </TT
+>default.filter</TT
+> (the <A
+HREF="filter-file.html"
+>filter
+ file</A
+>) can be used to re-write the raw page content, including
+ viewable text as well as embedded HTML and JavaScript, and whatever else
+ lurks on any given web page. The filtering jobs are only pre-defined here;
+ whether to apply them or not is up to the actions files.
+ </P
+></LI
+></UL
></P
><P
-> Indicates that the blockfile is named <SPAN
-CLASS="QUOTE"
->"blocklist.ini"</SPAN
->. (A
- default installation does not use this.)</P
-><P
-> A <SPAN
-CLASS="QUOTE"
->"<TT
-CLASS="LITERAL"
->#</TT
->"</SPAN
-> indicates a comment. Any part of a
- line following a <SPAN
-CLASS="QUOTE"
->"<TT
-CLASS="LITERAL"
->#</TT
->"</SPAN
-> is ignored, except if
- the <SPAN
+> All files use the <SPAN
CLASS="QUOTE"
>"<TT
CLASS="LITERAL"
>#</TT
>"</SPAN
-> is preceded by a
- <SPAN
-CLASS="QUOTE"
->"<TT
+> character to denote a
+ comment (the rest of the line will be ignored) and understand line continuation
+ through placing a backslash ("<TT
CLASS="LITERAL"
>\</TT
->"</SPAN
->.</P
-><P
-> Thus, by placing a <SPAN
-CLASS="QUOTE"
->"<TT
+>") as the very last character
+ in a line. If the <TT
CLASS="LITERAL"
>#</TT
->"</SPAN
-> at the start of an
- existing configuration line, you can make it a comment and it will be treated
- as if it weren't there. This is called <SPAN
-CLASS="QUOTE"
->"commenting out"</SPAN
-> an
- option and can be useful to turn off features: If you comment out the
- <SPAN
-CLASS="QUOTE"
->"logfile"</SPAN
-> line, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will not
- log to a file at all. Watch for the <SPAN
-CLASS="QUOTE"
->"default:"</SPAN
-> section in each
- explanation to see what happens if the option is left unset (or commented
- out). </P
-><P
-> Long lines can be continued on the next line by using a
- <SPAN
-CLASS="QUOTE"
->"<TT
+> is preceded by a backslash, it looses
+ its special function. Placing a <TT
CLASS="LITERAL"
->\</TT
->"</SPAN
-> as the very last character.</P
-><P
-> There are various aspects of <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> behavior
- that can be tuned.</P
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN359"
->5.3.1. Defining Other Configuration Files</A
-></H3
-><P
-> <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> can use a number of other files to tell it
- what ads to block, what cookies to accept, and perform other functions. This
- section of the configuration file tells <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- where to find all those other files. </P
-><P
-> On <SPAN
-CLASS="APPLICATION"
->Windows</SPAN
-> and <SPAN
-CLASS="APPLICATION"
->AmigaOS</SPAN
->,
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> looks for these files in the same
- directory as the executable. On Unix and OS/2,
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> looks for these files in the current
- working directory. In either case, an absolute path name can be used to
- avoid problems.</P
+>#</TT
+> in front of an otherwise
+ valid configuration line to prevent it from being interpreted is called "commenting
+ out" that line.</P
><P
-> When development goes modular and multi-user, the blocker, filter, and
- per-user config will be stored in subdirectories of <SPAN
-CLASS="QUOTE"
->"confdir"</SPAN
->.
- For now, only <TT
+> The actions files and <TT
CLASS="FILENAME"
->confdir/templates</TT
-> is used for storing HTML
- templates for CGI results. </P
-><P
-> The location of the configuration files:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->confdir /etc/privoxy</I
-> # No trailing /, please.<br>
- </P
+>default.filter</TT
>
- </TT
-></P
+ can use Perl style <A
+HREF="appendix.html#REGEX"
+>regular expressions</A
+> for
+ maximum flexibility. </P
><P
-> The directory where all logging (i.e. <TT
-CLASS="FILENAME"
->logfile</TT
-> and
- <TT
-CLASS="FILENAME"
->jarfile</TT
->) takes place. No trailing
+> After making any changes, there is no need to restart
<SPAN
-CLASS="QUOTE"
->"<TT
-CLASS="LITERAL"
->/</TT
->"</SPAN
->, please: </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->logdir /var/log/privoxy</I
-><br>
- </P
->
- </TT
-></P
-><P
-> Note that all file specifications below are relative to
- the above two directories!</P
-><P
-> The <SPAN
-CLASS="QUOTE"
->"default.action"</SPAN
-> file contains patterns to specify the
- actions to apply to requests for each site. Default: Cookies to and from all
- destinations are kept only during the current browser session (i.e. they are
- not saved to disk). Pop-ups are disabled for all sites. All sites are
- filtered through selected sections of <SPAN
-CLASS="QUOTE"
->"default.filter"</SPAN
->. No sites
- are blocked. <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> displays a checkboard type
- pattern for filtered ads and other images. The syntax of this file is
- explained in detail <A
-HREF="configuration.html#ACTIONSFILE"
->below</A
->. Other
- <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
-> files are included, and you are free to use any of
- them. They have varying degrees of aggressiveness.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->actionsfile default.action</I
-><br>
- </P
->
- </TT
-></P
-><P
-> The <SPAN
-CLASS="QUOTE"
->"default.filter"</SPAN
-> file contains content modification rules
- that use <SPAN
-CLASS="QUOTE"
->"regular expressions"</SPAN
->. These rules permit powerful
- changes on the content of Web pages, e.g., you could disable your favorite
- JavaScript annoyances, re-write the actual displayed text, or just have some
- fun replacing <SPAN
-CLASS="QUOTE"
->"Microsoft"</SPAN
-> with <SPAN
-CLASS="QUOTE"
->"MicroSuck"</SPAN
-> wherever
- it appears on a Web page. Default: whatever the developers are playing with
- :-/</P
-><P
-> Filtering requires buffering the page content, which may appear to slow down
- page rendering since nothing is displayed until all content has passed
- the filters. (It does not really take longer, but seems that way since
- the page is not incrementally displayed.) This effect will be more noticeable
- on slower connections. </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->filterfile default.filter</I
-><br>
- </P
->
- </TT
-></P
-><P
-> The logfile is where all logging and error messages are written. The logfile
- can be useful for tracking down a problem with
- <SPAN
+> in order for the changes to take
+ effect. <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> (e.g., it's not blocking an ad you
- think it should block) but in most cases you probably will never look at it.</P
-><P
-> Your logfile will grow indefinitely, and you will probably want to
- periodically remove it. On Unix systems, you can do this with a cron job
- (see <SPAN
-CLASS="QUOTE"
->"man cron"</SPAN
->). For Redhat, a <B
-CLASS="COMMAND"
->logrotate</B
->
- script has been included.</P
-><P
-> On SuSE Linux systems, you can place a line like <SPAN
-CLASS="QUOTE"
->"/var/log/privoxy.*
- +1024k 644 nobody.nogroup"</SPAN
-> in <TT
-CLASS="FILENAME"
->/etc/logfiles</TT
->, with
- the effect that cron.daily will automatically archive, gzip, and empty the
- log, when it exceeds 1M size.</P
-><P
-> Default: Log to the a file named <TT
-CLASS="FILENAME"
->logfile</TT
->.
- Comment out to disable logging.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->logfile logfile</I
-><br>
- </P
->
- </TT
-></P
-><P
-> The <SPAN
-CLASS="QUOTE"
->"jarfile"</SPAN
-> defines where
- <SPAN
+> detects such changes
+ automatically. Note, however, that it may take one or two additional
+ requests for the change to take effect. When changing the listening address
+ of <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> stores the cookies it intercepts. Note
- that if you use a <SPAN
+>, these <SPAN
CLASS="QUOTE"
->"jarfile"</SPAN
->, it may grow quite large. Default:
- Don't store intercepted cookies.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
+>"wake up"</SPAN
+> requests
+ must obviously be sent to the <I
CLASS="EMPHASIS"
->#jarfile jarfile</I
-><br>
- </P
->
- </TT
-></P
+>old</I
+> listening address.</P
><P
-> If you specify a <SPAN
-CLASS="QUOTE"
->"trustfile"</SPAN
->,
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will only allow access to sites that
- are named in the trustfile. You can also mark sites as trusted referrers,
- with the effect that access to untrusted sites will be granted, if a link
- from a trusted referrer was used. The link target will then be added to the
- <SPAN
+> While under development, the configuration content is subject to change.
+ The below documentation may not be accurate by the time you read this.
+ Also, what constitutes a <SPAN
CLASS="QUOTE"
->"trustfile"</SPAN
->. This is a very restrictive feature that typical
- users most probably want to leave disabled. Default: Disabled, don't use the
- trust mechanism.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->#trustfile trust</I
-><br>
- </P
->
- </TT
-></P
-><P
-> If you use the trust mechanism, it is a good idea to write up some on-line
- documentation about your blocking policy and to specify the URL(s) here. They
- will appear on the page that your users receive when they try to access
- untrusted content. Use multiple times for multiple URLs. Default: Don't
- display links on the <SPAN
-CLASS="QUOTE"
->"untrusted"</SPAN
-> info page.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->trust-info-url http://www.example.com/why_we_block.html</I
-><br>
- <I
-CLASS="EMPHASIS"
->trust-info-url http://www.example.com/what_we_allow.html</I
-><br>
- </P
->
- </TT
-></P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN452"
->5.3.2. Other Configuration Options</A
-></H3
-><P
-> This part of the configuration file contains options that control how
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> operates.</P
-><P
-> <SPAN
-CLASS="QUOTE"
->"Admin-address"</SPAN
-> should be set to the email address of the proxy
- administrator. It is used in many of the proxy-generated pages. Default:
- fill@me.in.please.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->#admin-address fill@me.in.please</I
-><br>
- </P
->
- </TT
-></P
-><P
-> <SPAN
-CLASS="QUOTE"
->"Proxy-info-url"</SPAN
-> can be set to a URL that contains more info
- about this <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> installation, it's
- configuration and policies. It is used in many of the proxy-generated pages
- and its use is highly recommended in multi-user installations, since your
- users will want to know why certain content is blocked or modified. Default:
- Don't show a link to on-line documentation.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->proxy-info-url http://www.example.com/proxy.html</I
-><br>
- </P
->
- </TT
-></P
-><P
-> <SPAN
-CLASS="QUOTE"
->"Listen-address"</SPAN
-> specifies the address and port where
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will listen for connections from your
- Web browser. The default is to listen on the localhost port 8118, and
- this is suitable for most users. (In your web browser, under proxy
- configuration, list the proxy server as <SPAN
-CLASS="QUOTE"
->"localhost"</SPAN
-> and the
- port as <SPAN
-CLASS="QUOTE"
->"8118"</SPAN
->).</P
-><P
-> If you already have another service running on port 8118, or if you want to
- serve requests from other machines (e.g. on your local network) as well, you
- will need to override the default. The syntax is
- <SPAN
-CLASS="QUOTE"
->"listen-address [<ip-address>]:<port>"</SPAN
->. If you leave
- out the IP address, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will bind to all
- interfaces (addresses) on your machine and may become reachable from the
- Internet. In that case, consider using access control lists (acl's) (see
- <SPAN
-CLASS="QUOTE"
->"aclfile"</SPAN
-> above), or a firewall.</P
-><P
-> For example, suppose you are running <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> on
- a machine which has the address 192.168.0.1 on your local private network
- (192.168.0.0) and has another outside connection with a different address.
- You want it to serve requests from inside only:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->listen-address 192.168.0.1:8118</I
-><br>
- </P
->
- </TT
-></P
-><P
-> If you want it to listen on all addresses (including the outside
- connection):</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->listen-address :8118</I
-><br>
- </P
->
- </TT
-></P
-><P
-> If you do this, consider using ACLs (see <SPAN
-CLASS="QUOTE"
->"aclfile"</SPAN
-> above). Note:
- you will need to point your browser(s) to the address and port that you have
- configured here. Default: localhost:8118 (127.0.0.1:8118).</P
-><P
-> The debug option sets the level of debugging information to log in the
- logfile (and to the console in the Windows version). A debug level of 1 is
- informative because it will show you each request as it happens. Higher
- levels of debug are probably only of interest to developers.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> debug 1 # GPC = show each GET/POST/CONNECT request<br>
- debug 2 # CONN = show each connection status<br>
- debug 4 # IO = show I/O status<br>
- debug 8 # HDR = show header parsing<br>
- debug 16 # LOG = log all data into the logfile<br>
- debug 32 # FRC = debug force feature<br>
- debug 64 # REF = debug regular expression filter <br>
- debug 128 # = debug fast redirects<br>
- debug 256 # = debug GIF de-animation<br>
- debug 512 # CLF = Common Log Format<br>
- debug 1024 # = debug kill pop-ups<br>
- debug 4096 # INFO = Startup banner and warnings.<br>
- debug 8192 # ERROR = Non-fatal errors<br>
- </P
->
- </TT
-></P
-><P
-> It is <I
-CLASS="EMPHASIS"
->highly recommended</I
-> that you enable ERROR
- reporting (debug 8192), at least until v3.0 is released.</P
-><P
-> The reporting of FATAL errors (i.e. ones which crash
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->) is always on and cannot be disabled.</P
-><P
-> If you want to use CLF (Common Log Format), you should set <SPAN
-CLASS="QUOTE"
->"debug
- 512"</SPAN
-> ONLY, do not enable anything else.</P
-><P
-> Multiple <SPAN
-CLASS="QUOTE"
->"debug"</SPAN
-> directives, are OK - they're logical-OR'd
- together. </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->debug 15 # same as setting the first 4 listed above</I
-><br>
- </P
->
- </TT
-></P
-><P
-> Default:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->debug 1 # URLs</I
-><br>
- <I
-CLASS="EMPHASIS"
->debug 4096 # Info</I
-><br>
- <I
-CLASS="EMPHASIS"
->debug 8192 # Errors - *we highly recommended enabling this*</I
-><br>
- </P
->
- </TT
-></P
-><P
-> <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> normally uses
- <SPAN
-CLASS="QUOTE"
->"multi-threading"</SPAN
->, a software technique that permits it to
- handle many different requests simultaneously. In some cases you may wish to
- disable this -- particularly if you're trying to debug a problem. The
- <SPAN
-CLASS="QUOTE"
->"single-threaded"</SPAN
-> option forces
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> to handle requests sequentially.
- Default: Multi-threaded mode.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->#single-threaded</I
-><br>
- </P
->
- </TT
-></P
-><P
-> <SPAN
-CLASS="QUOTE"
->"toggle"</SPAN
-> allows you to temporarily disable all
- <SPAN
-CLASS="APPLICATION"
->Privoxy's</SPAN
-> filtering. Just set <SPAN
-CLASS="QUOTE"
->"toggle
- 0"</SPAN
->.</P
-><P
-> The Windows version of <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> puts an icon in
- the system tray, which also allows you to change this option. If you
- right-click on that icon (or select the <SPAN
-CLASS="QUOTE"
->"Options"</SPAN
-> menu), one
- choice is <SPAN
-CLASS="QUOTE"
->"Enable"</SPAN
->. Clicking on enable toggles
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> on and off. This is useful if you want
- to temporarily disable <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->, e.g., to access
- a site that requires cookies which you would otherwise have blocked. This can also
- be toggled via a web browser at the <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- internal address of <A
-HREF="http://p.p"
-TARGET="_top"
->http://p.p</A
-> on
- any platform.</P
-><P
-> <SPAN
-CLASS="QUOTE"
->"toggle 1"</SPAN
-> means <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> runs
- normally, <SPAN
-CLASS="QUOTE"
->"toggle 0"</SPAN
-> means that
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> becomes a non-anonymizing non-blocking
- proxy. Default: 1 (on). </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->toggle 1</I
-><br>
- </P
->
- </TT
-></P
-><P
-> For content filtering, i.e. the <SPAN
-CLASS="QUOTE"
->"+filter"</SPAN
-> and
- <SPAN
-CLASS="QUOTE"
->"+deanimate-gif"</SPAN
-> actions, it is necessary that
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> buffers the entire document body.
- This can be potentially dangerous, since a server could just keep sending
- data indefinitely and wait for your RAM to exhaust. With nasty consequences.</P
-><P
-> The <SPAN
-CLASS="APPLICATION"
->buffer-limit</SPAN
-> option lets you set the maximum
- size in Kbytes that each buffer may use. When the documents buffer exceeds
- this size, it is flushed to the client unfiltered and no further attempt to
- filter the rest of it is made. Remember that there may multiple threads
- running, which might require increasing the <SPAN
-CLASS="QUOTE"
->"buffer-limit"</SPAN
->
- Kbytes <I
-CLASS="EMPHASIS"
->each</I
->, unless you have enabled
- <SPAN
-CLASS="QUOTE"
->"single-threaded"</SPAN
-> above.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->buffer-limit 4069</I
-><br>
- </P
->
- </TT
-></P
-><P
-> To enable the web-based <TT
-CLASS="FILENAME"
->default.action</TT
-> file editor set
- <SPAN
-CLASS="APPLICATION"
->enable-edit-actions</SPAN
-> to 1, or 0 to disable. Note
- that you must have compiled <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> with
- support for this feature, otherwise this option has no effect. This
- internal page can be reached at <A
-HREF="http://p.p"
-TARGET="_top"
->http://p.p</A
->.
- </P
-><P
-> Security note: If this is enabled, anyone who can use the proxy
- can edit the actions file, and their changes will affect all users.
- For shared proxies, you probably want to disable this. Default: enabled.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->enable-edit-actions 1</I
-><br>
- </P
->
- </TT
-></P
-><P
-> Allow <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> to be toggled on and off
- remotely, using your web browser. Set <SPAN
-CLASS="QUOTE"
->"enable-remote-toggle"</SPAN
->to
- 1 to enable, and 0 to disable. Note that you must have compiled
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> with support for this feature,
- otherwise this option has no effect.</P
-><P
-> Security note: If this is enabled, anyone who can use the proxy can toggle
- it on or off (see <A
-HREF="http://p.p"
-TARGET="_top"
->http://p.p</A
->), and
- their changes will affect all users. For shared proxies, you probably want to
- disable this. Default: enabled.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->enable-remote-toggle 1</I
-><br>
- </P
->
- </TT
-></P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN589"
->5.3.3. Access Control List (ACL)</A
-></H3
-><P
-> Access controls are included at the request of some ISPs and systems
- administrators, and are not usually needed by individual users. Please note
- the warnings in the FAQ that this proxy is not intended to be a substitute
- for a firewall or to encourage anyone to defer addressing basic security
- weaknesses.</P
-><P
-> If no access settings are specified, the proxy talks to anyone that
- connects. If any access settings file are specified, then the proxy
- talks only to IP addresses permitted somewhere in this file and not
- denied later in this file.</P
-><P
-> Summary -- if using an ACL:</P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> Client must have permission to receive service.
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> LAST match in ACL wins.
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> Default behavior is to deny service.
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-> The syntax for an entry in the Access Control List is:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> ACTION SRC_ADDR[/SRC_MASKLEN] [ DST_ADDR[/DST_MASKLEN] ]<br>
- </P
->
- </TT
-></P
-><P
-> Where the individual fields are:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->ACTION</I
-> = <SPAN
-CLASS="QUOTE"
->"permit-access"</SPAN
-> or <SPAN
-CLASS="QUOTE"
->"deny-access"</SPAN
-><br>
-<br>
- <I
-CLASS="EMPHASIS"
->SRC_ADDR</I
-> = client hostname or dotted IP address<br>
- <I
-CLASS="EMPHASIS"
->SRC_MASKLEN</I
-> = number of bits in the subnet mask for the source<br>
-<br>
- <I
-CLASS="EMPHASIS"
->DST_ADDR</I
-> = server or forwarder hostname or dotted IP address<br>
- <I
-CLASS="EMPHASIS"
->DST_MASKLEN</I
-> = number of bits in the subnet mask for the target<br>
- </P
->
- </TT
-></P
-><P
->
- The field separator (FS) is whitespace (space or tab).</P
-><P
-> IMPORTANT NOTE: If <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> is using a
- forwarder (see below) or a gateway for a particular destination URL, the
- <TT
-CLASS="LITERAL"
->DST_ADDR</TT
-> that is examined is the address of the forwarder
- or the gateway and <I
-CLASS="EMPHASIS"
->NOT</I
-> the address of the ultimate
- target. This is necessary because it may be impossible for the local
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> to determine the address of the
- ultimate target (that's often what gateways are used for).</P
-><P
-> Here are a few examples to show how the ACL features work:</P
-><P
-> <SPAN
-CLASS="QUOTE"
->"localhost"</SPAN
-> is OK -- no DST_ADDR implies that
- <I
-CLASS="EMPHASIS"
->ALL</I
-> destination addresses are OK:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->permit-access localhost</I
-><br>
- </P
->
- </TT
-></P
-><P
-> A silly example to illustrate permitting any host on the class-C subnet with
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> to go anywhere:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->permit-access www.privoxy.com/24</I
-><br>
- </P
->
- </TT
-></P
-><P
-> Except deny one particular IP address from using it at all:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->deny-access ident.privoxy.com</I
-><br>
- </P
->
- </TT
-></P
-><P
-> You can also specify an explicit network address and subnet mask.
- Explicit addresses do not have to be resolved to be used.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->permit-access 207.153.200.0/24</I
-><br>
- </P
->
- </TT
-></P
-><P
-> A subnet mask of 0 matches anything, so the next line permits everyone.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->permit-access 0.0.0.0/0</I
-><br>
- </P
->
- </TT
-></P
-><P
-> Note, you <I
-CLASS="EMPHASIS"
->cannot</I
-> say:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->permit-access .org</I
-><br>
- </P
->
- </TT
-></P
-><P
-> to allow all *.org domains. Every IP address listed must resolve fully.</P
-><P
-> An ISP may want to provide a <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> that is
- accessible by <SPAN
-CLASS="QUOTE"
->"the world"</SPAN
-> and yet restrict use of some of their
- private content to hosts on its internal network (i.e. its own subscribers).
- Say, for instance the ISP owns the Class-B IP address block 123.124.0.0 (a 16
- bit netmask). This is how they could do it:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->permit-access 0.0.0.0/0 0.0.0.0/0</I
-> # other clients can go anywhere <br>
- # with the following exceptions:<br>
- <br>
- <I
-CLASS="EMPHASIS"
->deny-access</I
-> 0.0.0.0/0 123.124.0.0/16 # block all external requests for<br>
- # sites on the ISP's network<br>
-<br>
- <I
-CLASS="EMPHASIS"
->permit 0.0.0.0/0 www.my_isp.com</I
-> # except for the ISP's main <br>
- # web site<br>
-<br>
- <I
-CLASS="EMPHASIS"
->permit 123.124.0.0/16 0.0.0.0/0</I
-> # the ISP's clients can go <br>
- # anywhere<br>
- </P
->
- </TT
-></P
-><P
-> Note that if some hostnames are listed with multiple IP addresses,
- the primary value returned by DNS (via gethostbyname()) is used. Default:
- Anyone can access the proxy.</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="FORWARDING"
->5.3.4. Forwarding</A
-></H3
-><P
-> This feature allows chaining of HTTP requests via multiple proxies.
- It can be used to better protect privacy and confidentiality when
- accessing specific domains by routing requests to those domains
- to a special purpose filtering proxy such as lpwa.com. Or to use
- a caching proxy to speed up browsing.</P
-><P
-> It can also be used in an environment with multiple networks to route
- requests via multiple gateways allowing transparent access to multiple
- networks without having to modify browser configurations.</P
-><P
-> Also specified here are SOCKS proxies. <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- SOCKS 4 and SOCKS 4A. The difference is that SOCKS 4A will resolve the target
- hostname using DNS on the SOCKS server, not our local DNS client.</P
-><P
-> The syntax of each line is:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->forward target_domain[:port] http_proxy_host[:port]</I
-><br>
- <I
-CLASS="EMPHASIS"
->forward-socks4 target_domain[:port] socks_proxy_host[:port] http_proxy_host[:port]</I
-><br>
- <I
-CLASS="EMPHASIS"
->forward-socks4a target_domain[:port] socks_proxy_host[:port] http_proxy_host[:port]</I
-><br>
- </P
->
- </TT
-></P
-><P
-> If http_proxy_host is <SPAN
-CLASS="QUOTE"
->"."</SPAN
->, then requests are not forwarded to a
- HTTP proxy but are made directly to the web servers.</P
-><P
-> Lines are checked in sequence, and the last match wins.</P
-><P
-> There is an implicit line equivalent to the following, which specifies that
- anything not finding a match on the list is to go out without forwarding
- or gateway protocol, like so:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->forward .* . </I
-># implicit<br>
- </P
->
- </TT
-></P
-><P
-> In the following common configuration, everything goes to Lucent's LPWA,
- except SSL on port 443 (which it doesn't handle):</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->forward .* lpwa.com:8000</I
-><br>
- <I
-CLASS="EMPHASIS"
->forward :443 .</I
-><br>
- </P
->
- </TT
-></P
-><P
->
- Some users have reported difficulties related to LPWA's use of
- <SPAN
-CLASS="QUOTE"
->"."</SPAN
-> as the last element of the domain, and have said that this
- can be fixed with this:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->forward lpwa. lpwa.com:8000</I
-><br>
- </P
->
- </TT
-></P
-><P
-> (NOTE: the syntax for specifying target_domain has changed since the
- previous paragraph was written -- it will not work now. More information
- is welcome.)</P
-><P
-> In this fictitious example, everything goes via an ISP's caching proxy,
- except requests to that ISP:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->forward .* caching.myisp.net:8000</I
-><br>
- <I
-CLASS="EMPHASIS"
->forward myisp.net .</I
-><br>
- </P
->
- </TT
-></P
-><P
-> For the @home network, we're told the forwarding configuration is this:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->forward .* proxy:8080</I
-><br>
- </P
->
- </TT
-></P
-><P
-> Also, we're told they insist on getting cookies and JavaScript, so you should
- allow cookies from home.com. We consider JavaScript a potential security risk.
- Java need not be enabled.</P
-><P
-> In this example direct connections are made to all <SPAN
-CLASS="QUOTE"
->"internal"</SPAN
->
- domains, but everything else goes through Lucent's LPWA by way of the
- company's SOCKS gateway to the Internet.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->forward-socks4 .* lpwa.com:8000 firewall.my_company.com:1080</I
-><br>
- <I
-CLASS="EMPHASIS"
->forward my_company.com .</I
-><br>
- </P
->
- </TT
-></P
-><P
-> This is how you could set up a site that always uses SOCKS but no forwarders:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->forward-socks4a .* . firewall.my_company.com:1080</I
-><br>
- </P
->
- </TT
-></P
-><P
-> An advanced example for network administrators:</P
-><P
-> If you have links to multiple ISPs that provide various special content to
- their subscribers, you can configure forwarding to pass requests to the
- specific host that's connected to that ISP so that everybody can see all
- of the content on all of the ISPs.</P
-><P
-> This is a bit tricky, but here's an example:</P
-><P
-> host-a has a PPP connection to isp-a.com. And host-b has a PPP connection to
- isp-b.com. host-a can run a <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> proxy with
- forwarding like this: </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->forward .* .</I
-><br>
- <I
-CLASS="EMPHASIS"
->forward isp-b.com host-b:8118</I
-><br>
- </P
->
- </TT
-></P
-><P
-> host-b can run a <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> proxy with forwarding
- like this: </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->forward .* .</I
-><br>
- <I
-CLASS="EMPHASIS"
->forward isp-a.com host-a:8118</I
-><br>
- </P
->
- </TT
-></P
-><P
-> Now, <I
-CLASS="EMPHASIS"
->anyone</I
-> on the Internet (including users on host-a
- and host-b) can set their browser's proxy to <I
-CLASS="EMPHASIS"
->either</I
->
- host-a or host-b and be able to browse the content on isp-a or isp-b.</P
-><P
-> Here's another practical example, for University of Kent at
- Canterbury students with a network connection in their room, who
- need to use the University's Squid web cache.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->forward *. ssbcache.ukc.ac.uk:3128</I
-> # Use the proxy, except for:<br>
- <I
-CLASS="EMPHASIS"
->forward .ukc.ac.uk . </I
-> # Anything on the same domain as us<br>
- <I
-CLASS="EMPHASIS"
->forward * . </I
-> # Host with no domain specified<br>
- <I
-CLASS="EMPHASIS"
->forward 129.12.*.* . </I
-> # A dotted IP on our /16 network.<br>
- <I
-CLASS="EMPHASIS"
->forward 127.*.*.* . </I
-> # Loopback address<br>
- <I
-CLASS="EMPHASIS"
->forward localhost.localdomain . </I
-> # Loopback address<br>
- <I
-CLASS="EMPHASIS"
->forward www.ukc.mirror.ac.uk . </I
-> # Specific host<br>
- </P
->
- </TT
-></P
-><P
-> If you intend to chain <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> and
- <SPAN
-CLASS="APPLICATION"
->squid</SPAN
-> locally, then chain as
- <TT
-CLASS="LITERAL"
->browser -> squid -> privoxy</TT
-> is the recommended way. </P
-><P
->Your squid configuration could then look like this (assuming that the IP
-address of the box is <TT
-CLASS="LITERAL"
->192.168.0.1</TT
-> ):</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Define Privoxy as parent cache <br>
- <br>
- cache_peer 192.168.0.1 parent 8118 0 no-query<br>
-<br>
- # don't listen to the whole world<br>
- http_port 192.168.0.1:3128<br>
-<br>
- # define the local lan<br>
- acl mylocallan src 192.168.0.1-192.168.0.5/255.255.255.255<br>
-<br>
- # grant access for http to local lan<br>
- http_access allow mylocallan<br>
- <br>
- # Define ACL for protocol FTP <br>
- acl FTP proto FTP <br>
-<br>
- # Do not forward ACL FTP to privoxy<br>
- always_direct allow FTP <br>
-<br>
- # Do not forward ACL CONNECT (https) to privoxy<br>
- always_direct allow CONNECT <br>
-<br>
- # Forward the rest to privoxy<br>
- never_direct allow all <br>
- </P
->
- </TT
-></P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN787"
->5.3.5. Windows GUI Options</A
-></H3
-><P
-> <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> has a number of options specific to the
- Windows GUI interface:</P
-><P
-> If <SPAN
-CLASS="QUOTE"
->"activity-animation"</SPAN
-> is set to 1, the
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> icon will animate when
- <SPAN
-CLASS="QUOTE"
->"Privoxy"</SPAN
-> is active. To turn off, set to 0.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->activity-animation 1</I
-><br>
- </P
->
- </TT
-></P
-><P
-> If <SPAN
-CLASS="QUOTE"
->"log-messages"</SPAN
-> is set to 1,
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will log messages to the console
- window:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-messages 1</I
-><br>
- </P
->
- </TT
-></P
-><P
->
- If <SPAN
-CLASS="QUOTE"
->"log-buffer-size"</SPAN
-> is set to 1, the size of the log buffer,
- i.e. the amount of memory used for the log messages displayed in the
- console window, will be limited to <SPAN
-CLASS="QUOTE"
->"log-max-lines"</SPAN
-> (see below).</P
-><P
-> Warning: Setting this to 0 will result in the buffer to grow infinitely and
- eat up all your memory!</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-buffer-size 1</I
-><br>
- </P
->
- </TT
-></P
-><P
-> <SPAN
-CLASS="APPLICATION"
->log-max-lines</SPAN
-> is the maximum number of lines held
- in the log buffer. See above.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-max-lines 200</I
-><br>
- </P
->
- </TT
-></P
-><P
-> If <SPAN
-CLASS="QUOTE"
->"log-highlight-messages"</SPAN
-> is set to 1,
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will highlight portions of the log
- messages with a bold-faced font:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-highlight-messages 1</I
-><br>
- </P
->
- </TT
-></P
-><P
-> The font used in the console window:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-font-name Comic Sans MS</I
-><br>
- </P
->
- </TT
-></P
-><P
-> Font size used in the console window:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-font-size 8</I
-><br>
- </P
->
- </TT
-></P
-><P
->
- <SPAN
-CLASS="QUOTE"
->"show-on-task-bar"</SPAN
-> controls whether or not
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will appear as a button on the Task bar
- when minimized:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->show-on-task-bar 0</I
-><br>
- </P
->
- </TT
-></P
-><P
-> If <SPAN
-CLASS="QUOTE"
->"close-button-minimizes"</SPAN
-> is set to 1, the Windows close
- button will minimize <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> instead of closing
- the program (close with the exit option on the File menu).</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->close-button-minimizes 1</I
-><br>
- </P
->
- </TT
-></P
-><P
-> The <SPAN
-CLASS="QUOTE"
->"hide-console"</SPAN
-> option is specific to the MS-Win console
- version of <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->. If this option is used,
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will disconnect from and hide the
- command console.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> #hide-console<br>
- </P
->
- </TT
-></P
-></DIV
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="ACTIONSFILE"
->5.4. The Actions File</A
-></H2
-><P
-> The <SPAN
-CLASS="QUOTE"
->"default.action"</SPAN
-> file (formerly
- <TT
-CLASS="FILENAME"
->actionsfile</TT
-> or <TT
-CLASS="FILENAME"
->ijb.action</TT
->) is used
- to define what actions <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> takes, and thus
- determines how ad images, cookies and various other aspects of HTTP content
- and transactions are handled. These can be accepted or rejected for all
- sites, or just those sites you choose. See below for a complete list of
- actions. </P
-><P
->
- Anything you want can blocked, including ads, banners, or just some obnoxious
- URL that you would rather not see. Cookies can be accepted or rejected, or
- accepted only during the current browser session (i.e. not written to disk).
- Changes to <TT
-CLASS="FILENAME"
->default.action</TT
-> should be immediately visible
- to <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> without the need to restart.</P
-><P
-> Note that some sites may misbehave, or possibly not work at all with some
- actions. This may require some tinkering with the rules to get the most
- mileage of <SPAN
-CLASS="APPLICATION"
->Privoxy's</SPAN
-> features, and still be
- able to see and enjoy just what you want to. There is no general rule of
- thumb on these things. There just are too many variables, and sites are
- always changing. </P
-><P
-> The easiest way to edit the <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
-> file is with a browser by
- loading <A
-HREF="http://p.p/"
-TARGET="_top"
->http://p.p/</A
->, and then select
- <SPAN
-CLASS="QUOTE"
->"Edit Actions List"</SPAN
->. A text editor can also be used.</P
-><P
-> To determine which actions apply to a request, the URL of the request is
- compared to all patterns in this file. Every time it matches, the list of
- applicable actions for the URL is incrementally updated. You can trace
- this process by visiting <A
-HREF="http://p.p/show-url-info"
-TARGET="_top"
->http://p.p/show-url-info</A
->. </P
-><P
-> There are four types of lines in this file: comments (begin with a
- <SPAN
-CLASS="QUOTE"
->"#"</SPAN
-> character), actions, aliases and patterns, all of which are
- explained below, as well as the configuration file syntax that
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> understands. </P
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN889"
->5.4.1. URL Domain and Path Syntax</A
-></H3
-><P
-> Generally, a pattern has the form <domain>/<path>, where both the
- <domain> and <path> part are optional. If you only specify a
- domain part, the <SPAN
-CLASS="QUOTE"
->"/"</SPAN
-> can be left out:</P
-><P
-> <I
-CLASS="EMPHASIS"
->www.example.com</I
-> - is a domain only pattern and will match any request to
- <SPAN
-CLASS="QUOTE"
->"www.example.com"</SPAN
->.</P
-><P
-> <I
-CLASS="EMPHASIS"
->www.example.com/</I
-> - means exactly the same.</P
-><P
-> <I
-CLASS="EMPHASIS"
->www.example.com/index.html</I
-> - matches only the single
- document <SPAN
-CLASS="QUOTE"
->"/index.html"</SPAN
-> on <SPAN
-CLASS="QUOTE"
->"www.example.com"</SPAN
->.</P
-><P
-> <I
-CLASS="EMPHASIS"
->/index.html</I
-> - matches the document <SPAN
-CLASS="QUOTE"
->"/index.html"</SPAN
->,
- regardless of the domain. So would match any page named <SPAN
-CLASS="QUOTE"
->"index.html"</SPAN
->
- on any site.</P
-><P
-> <I
-CLASS="EMPHASIS"
->index.html</I
-> - matches nothing, since it would be
- interpreted as a domain name and there is no top-level domain called
- <SPAN
-CLASS="QUOTE"
->".html"</SPAN
->.</P
-><P
-> The matching of the domain part offers some flexible options: if the
- domain starts or ends with a dot, it becomes unanchored at that end.
- For example:</P
-><P
-> <I
-CLASS="EMPHASIS"
->.example.com</I
-> - matches any domain or sub-domain that
- <I
-CLASS="EMPHASIS"
->ENDS</I
-> in <SPAN
-CLASS="QUOTE"
->".example.com"</SPAN
->.</P
-><P
-> <I
-CLASS="EMPHASIS"
->www.</I
-> - matches any domain that <I
-CLASS="EMPHASIS"
->STARTS</I
-> with
- <SPAN
-CLASS="QUOTE"
->"www"</SPAN
->.</P
-><P
-> Additionally, there are wild-cards that you can use in the domain names
- themselves. They work pretty similar to shell wild-cards: <SPAN
-CLASS="QUOTE"
->"*"</SPAN
->
- stands for zero or more arbitrary characters, <SPAN
-CLASS="QUOTE"
->"?"</SPAN
-> stands for
- any single character. And you can define character classes in square
- brackets and they can be freely mixed:</P
-><P
-> <I
-CLASS="EMPHASIS"
->ad*.example.com</I
-> - matches <SPAN
-CLASS="QUOTE"
->"adserver.example.com"</SPAN
->,
- <SPAN
-CLASS="QUOTE"
->"ads.example.com"</SPAN
->, etc but not <SPAN
-CLASS="QUOTE"
->"sfads.example.com"</SPAN
->.</P
-><P
-> <I
-CLASS="EMPHASIS"
->*ad*.example.com</I
-> - matches all of the above, and then some.</P
-><P
-> <I
-CLASS="EMPHASIS"
->.?pix.com</I
-> - matches <SPAN
-CLASS="QUOTE"
->"www.ipix.com"</SPAN
->,
- <SPAN
-CLASS="QUOTE"
->"pictures.epix.com"</SPAN
->, <SPAN
-CLASS="QUOTE"
->"a.b.c.d.e.upix.com"</SPAN
->, etc. </P
-><P
-> <I
-CLASS="EMPHASIS"
->www[1-9a-ez].example.com</I
-> - matches <SPAN
-CLASS="QUOTE"
->"www1.example.com"</SPAN
->,
- <SPAN
-CLASS="QUOTE"
->"www4.example.com"</SPAN
->, <SPAN
-CLASS="QUOTE"
->"wwwd.example.com"</SPAN
->,
- <SPAN
-CLASS="QUOTE"
->"wwwz.example.com"</SPAN
->, etc., but <I
-CLASS="EMPHASIS"
->not</I
->
- <SPAN
-CLASS="QUOTE"
->"wwww.example.com"</SPAN
->.</P
-><P
-> If <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> was compiled with
- <SPAN
-CLASS="QUOTE"
->"pcre"</SPAN
-> support (the default), Perl compatible regular expressions
- can be used. These are more flexible and powerful than other types
- of <SPAN
-CLASS="QUOTE"
->"regular expressions"</SPAN
->. See the <TT
-CLASS="FILENAME"
->pcre/docs/</TT
-> directory or <SPAN
-CLASS="QUOTE"
->"man
- perlre"</SPAN
-> (also available on <A
-HREF="http://www.perldoc.com/perl5.6/pod/perlre.html"
-TARGET="_top"
->http://www.perldoc.com/perl5.6/pod/perlre.html</A
->)
- for details. A brief discussion of regular expressions is in the
- <A
-HREF="appendix.html#REGEX"
->Appendix</A
->. For instance:</P
-><P
-> <I
-CLASS="EMPHASIS"
->/.*/advert[0-9]+\.jpe?g</I
-> - would match a URL from any
- domain, with any path that includes <SPAN
-CLASS="QUOTE"
->"advert"</SPAN
-> followed
- immediately by one or more digits, then a <SPAN
-CLASS="QUOTE"
->"."</SPAN
-> and ending in
- either <SPAN
-CLASS="QUOTE"
->"jpeg"</SPAN
-> or <SPAN
-CLASS="QUOTE"
->"jpg"</SPAN
->. So we match
- <SPAN
-CLASS="QUOTE"
->"example.com/ads/advert2.jpg"</SPAN
->, and
- <SPAN
-CLASS="QUOTE"
->"www.example.com/ads/banners/advert39.jpeg"</SPAN
->, but not
- <SPAN
-CLASS="QUOTE"
->"www.example.com/ads/banners/advert39.gif"</SPAN
-> (no gifs in the
- example pattern).</P
-><P
-> Please note that matching in the path is case
- <I
-CLASS="EMPHASIS"
->INSENSITIVE</I
-> by default, but you can switch to case
- sensitive at any point in the pattern by using the
- <SPAN
-CLASS="QUOTE"
->"(?-i)"</SPAN
-> switch:</P
-><P
-> <I
-CLASS="EMPHASIS"
->www.example.com/(?-i)PaTtErN.*</I
-> - will match only
- documents whose path starts with <SPAN
-CLASS="QUOTE"
->"PaTtErN"</SPAN
-> in
- <I
-CLASS="EMPHASIS"
->exactly</I
-> this capitalization.</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN965"
->5.4.2. Actions</A
-></H3
-><P
-> Actions are enabled if preceded with a <SPAN
-CLASS="QUOTE"
->"+"</SPAN
->, and disabled if
- preceded with a <SPAN
-CLASS="QUOTE"
->"-"</SPAN
->. Actions are invoked by enclosing the
- action name in curly braces (e.g. {+some_action}), followed by a list of
- URLs to which the action applies. There are three classes of actions:</P
-><P
-> <P
-></P
-><UL
-><LI
-><P
->
- Boolean (e.g. <SPAN
-CLASS="QUOTE"
->"+/-block"</SPAN
->):
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+name}</I
-> # enable this action<br>
- <I
-CLASS="EMPHASIS"
->{-name}</I
-> # disable this action<br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- parameterized (e.g. <SPAN
-CLASS="QUOTE"
->"+/-hide-user-agent"</SPAN
->):
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+name{param}}</I
-> # enable action and set parameter to <SPAN
-CLASS="QUOTE"
->"param"</SPAN
-><br>
- <I
-CLASS="EMPHASIS"
->{-name}</I
-> # disable action<br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- Multi-value (e.g. <SPAN
-CLASS="QUOTE"
->"{+/-add-header{Name: value}}"</SPAN
->, <SPAN
-CLASS="QUOTE"
->"{+/-wafer{name=value}}"</SPAN
->):
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+name{param}}</I
-> # enable action and add parameter <SPAN
-CLASS="QUOTE"
->"param"</SPAN
-><br>
- <I
-CLASS="EMPHASIS"
->{-name{param}}</I
-> # remove the parameter <SPAN
-CLASS="QUOTE"
->"param"</SPAN
-><br>
- <I
-CLASS="EMPHASIS"
->{-name}</I
-> # disable this action totally<br>
- </P
->
- </TT
->
- </P
-></LI
-></UL
-></P
-><P
-> If nothing is specified in this file, no <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
-> are taken.
- So in this case <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> would just be a
- normal, non-blocking, non-anonymizing proxy. You must specifically
- enable the privacy and blocking features you need (although the
- provided default <TT
-CLASS="FILENAME"
->default.action</TT
-> file will
- give a good starting point).</P
-><P
-> Later defined actions always over-ride earlier ones. So exceptions
- to any rules you make, should come in the latter part of the file. For
- multi-valued actions, the actions are applied in the order they are
- specified.</P
-><P
-> The list of valid <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
-> are:</P
-><P
-> <P
-></P
-><UL
-><LI
-><P
->
- Add the specified HTTP header, which is not checked for validity.
- You may specify this many times to specify many different headers:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+add-header{Name: value}</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- Block this URL totally. In a default installation, a <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
->
- URL will result in bright red banner that says <SPAN
-CLASS="QUOTE"
->"BLOCKED"</SPAN
->,
- with a reason why it is being blocked, and an option to see it anyway.
- The page displayed for this is the <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
-> template
- file.
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+block</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- De-animate all animated GIF images, i.e. reduce them to their last frame.
- This will also shrink the images considerably (in bytes, not pixels!). If
- the option <SPAN
-CLASS="QUOTE"
->"first"</SPAN
-> is given, the first frame of the animation
- is used as the replacement. If <SPAN
-CLASS="QUOTE"
->"last"</SPAN
-> is given, the last frame
- of the animation is used instead, which probably makes more sense for most
- banner animations, but also has the risk of not showing the entire last
- frame (if it is only a delta to an earlier frame).
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+deanimate-gifs{last}</I
-><br>
- <I
-CLASS="EMPHASIS"
->+deanimate-gifs{first}</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
-> <SPAN
-CLASS="QUOTE"
->"+downgrade"</SPAN
-> will downgrade HTTP/1.1 client requests to
- HTTP/1.0 and downgrade the responses as well. Use this action for servers
- that use HTTP/1.1 protocol features that
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> doesn't handle well yet. HTTP/1.1
- is only partially implemented. Default is not to downgrade requests.
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+downgrade</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- Many sites, like yahoo.com, don't just link to other sites. Instead, they
- will link to some script on their own server, giving the destination as a
- parameter, which will then redirect you to the final target. URLs resulting
- from this scheme typically look like:
- <I
-CLASS="EMPHASIS"
->http://some.place/some_script?http://some.where-else</I
->.
- </P
-><P
-> Sometimes, there are even multiple consecutive redirects encoded in the
- URL. These redirections via scripts make your web browsing more traceable,
- since the server from which you follow such a link can see where you go to.
- Apart from that, valuable bandwidth and time is wasted, while your browser
- ask the server for one redirect after the other. Plus, it feeds the
- advertisers.
- </P
-><P
-> The <SPAN
-CLASS="QUOTE"
->"+fast-redirects"</SPAN
-> option enables interception of these
- types of requests by <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->, who will cut off
- all but the last valid URL in the request and send a local redirect back to
- your browser without contacting the intermediate site(s).
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+fast-redirects</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- Apply the filters in the <TT
-CLASS="LITERAL"
->section_header</TT
->
- section of the <TT
-CLASS="FILENAME"
->default.filter</TT
-> file to the site(s).
- <TT
-CLASS="FILENAME"
->default.filter</TT
-> sections are grouped according to like
- functionality. <SPAN
-CLASS="APPLICATION"
->Filters</SPAN
-> can be used to
- re-write any of the raw page content. This is a potentially a
- very powerful feature!
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+filter{section_header}</I
-><br>
- </P
->
- </TT
->
- </P
-><P
->
- Filter sections that are pre-defined in the supplied
- <TT
-CLASS="FILENAME"
->default.filter</TT
-> include:
- </P
-><A
-NAME="AEN1075"
-></A
-><BLOCKQUOTE
-CLASS="BLOCKQUOTE"
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->html-annoyances</I
->: Get rid of particularly annoying HTML abuse.
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->js-annoyances</I
->: Get rid of particularly annoying JavaScript abuse
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->no-poups</I
->: Kill all popups in JS and HTML
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->frameset-borders</I
->: Give frames a border
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->webbugs</I
->: Squish WebBugs (1x1 invisible GIFs used for user tracking)
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->no-refresh</I
->: Automatic refresh sucks on auto-dialup lines
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->fun</I
->: Text replacements for subversive browsing fun!
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->nimda</I
->: Remove (virus) Nimda code.
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->banners-by-size</I
->: Kill banners by size
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->crude-parental</I
->: Kill all web pages that contain the words "sex" or "warez"
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-></BLOCKQUOTE
-></LI
-><LI
-><P
->
- Block any existing X-Forwarded-for header, and do not add a new one:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+hide-forwarded</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- If the browser sends a <SPAN
-CLASS="QUOTE"
->"From:"</SPAN
-> header containing your e-mail
- address, this either completely removes the header (<SPAN
-CLASS="QUOTE"
->"block"</SPAN
->), or
- changes it to the specified e-mail address.
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+hide-from{block}</I
-><br>
- <I
-CLASS="EMPHASIS"
->+hide-from{spam@sittingduck.xqq}</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- Don't send the <SPAN
-CLASS="QUOTE"
->"Referer:"</SPAN
-> (sic) header to the web site. You
- can block it, forge a URL to the same server as the request (which is
- preferred because some sites will not send images otherwise) or set it to a
- constant, user defined string of your choice.
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+hide-referer{block}</I
-><br>
- <I
-CLASS="EMPHASIS"
->+hide-referer{forge}</I
-><br>
- <I
-CLASS="EMPHASIS"
->+hide-referer{http://nowhere.com}</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- Alternative spelling of <SPAN
-CLASS="QUOTE"
->"+hide-referer"</SPAN
->. It has the same
- parameters, and can be freely mixed with, <SPAN
-CLASS="QUOTE"
->"+hide-referer"</SPAN
->.
- (<SPAN
-CLASS="QUOTE"
->"referrer"</SPAN
-> is the correct English spelling, however the HTTP
- specification has a bug - it requires it to be spelled <SPAN
-CLASS="QUOTE"
->"referer"</SPAN
->.)
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+hide-referrer{...}</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- Change the <SPAN
-CLASS="QUOTE"
->"User-Agent:"</SPAN
-> header so web servers can't tell your
- browser type. Warning! This breaks many web sites. Specify the
- user-agent value you want. Example, pretend to be using Netscape on
- Linux:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+hide-user-agent{Mozilla (X11; I; Linux 2.0.32 i586)}</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- Treat this URL as an image. This only matters if it's also <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
->ed,
- in which case a <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
-> image can be sent rather than a HTML page.
- See <SPAN
-CLASS="QUOTE"
->"+image-blocker{}"</SPAN
-> below for the control over what is actually sent.
- If you want <I
-CLASS="EMPHASIS"
->invisible</I
-> ads, they should be defined as
- <I
-CLASS="EMPHASIS"
->images</I
-> and <I
-CLASS="EMPHASIS"
->blocked</I
->. And also,
- <SPAN
-CLASS="QUOTE"
->"image-blocker"</SPAN
-> should be set to <SPAN
-CLASS="QUOTE"
->"blank"</SPAN
->. Note you
- cannot treat HTML pages as images in most cases. For instance, frames
- require an HTML page to display. So a frame that is an ad, cannot be
- treated as an image. Forcing an <SPAN
-CLASS="QUOTE"
->"image"</SPAN
-> in this
- situation just will not work.
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+image</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
-> Decides what to do with URLs that end up tagged with <SPAN
-CLASS="QUOTE"
->"{+block
- +image}"</SPAN
->, e.g an advertizement. There are five options.
- <SPAN
-CLASS="QUOTE"
->"-image-blocker"</SPAN
-> will send a HTML <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
-> page,
- usually resulting in a <SPAN
-CLASS="QUOTE"
->"broken image"</SPAN
-> icon.
-<SPAN
-CLASS="QUOTE"
->"+image-blocker{blank}"</SPAN
-> will send a 1x1 transparent GIF
-image. And finally, <SPAN
-CLASS="QUOTE"
->"+image-blocker{http://xyz.com}"</SPAN
-> will send a
-HTTP temporary redirect to the specified image. This has the advantage of the
-icon being being cached by the browser, which will speed up the display.
-<SPAN
-CLASS="QUOTE"
->"+image-blocker{pattern}"</SPAN
-> will send a checkboard type pattern
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+image-blocker{blank}</I
-><br>
- <I
-CLASS="EMPHASIS"
->+image-blocker{pattern}</I
-><br>
- <I
-CLASS="EMPHASIS"
->+image-blocker{http://p.p/send-banner}</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- By default (i.e. in the absence of a <SPAN
-CLASS="QUOTE"
->"+limit-connect"</SPAN
->
- action), <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will only allow CONNECT
- requests to port 443, which is the standard port for https as a
- precaution.
- </P
-><P
-> The CONNECT methods exists in HTTP to allow access to secure websites
- (https:// URLs) through proxies. It works very simply: the proxy
- connects to the server on the specified port, and then short-circuits
- its connections to the client <I
-CLASS="EMPHASIS"
->and</I
-> to the remote proxy.
- This can be a big security hole, since CONNECT-enabled proxies can
- be abused as TCP relays very easily.
- </P
-><P
->
- If you want to allow CONNECT for more ports than this, or want to forbid
- CONNECT altogether, you can specify a comma separated list of ports and
- port ranges (the latter using dashes, with the minimum defaulting to 0 and
- max to 65K):
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+limit-connect{443} # This is the default and need no be specified.</I
-><br>
- <I
-CLASS="EMPHASIS"
->+limit-connect{80,443} # Ports 80 and 443 are OK.</I
-><br>
- <I
-CLASS="EMPHASIS"
->+limit-connect{-3, 7, 20-100, 500-} # Port less than 3, 7, 20 to 100</I
-><br>
- <I
-CLASS="EMPHASIS"
-> #and above 500 are OK.</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
-> <SPAN
-CLASS="QUOTE"
->"+no-compression"</SPAN
-> prevents the website from compressing the
- data. Some websites do this, which can be a problem for
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->, since <SPAN
-CLASS="QUOTE"
->"+filter"</SPAN
->,
- <SPAN
-CLASS="QUOTE"
->"+no-popup"</SPAN
-> and <SPAN
-CLASS="QUOTE"
->"+gif-deanimate"</SPAN
-> will not work on
- compressed data. This will slow down connections to those websites,
- though. Default is <SPAN
-CLASS="QUOTE"
->"no-compression"</SPAN
-> is turned on.
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+nocompression</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- If the website sets cookies, <SPAN
-CLASS="QUOTE"
->"no-cookies-keep"</SPAN
-> will make sure
- they are erased when you exit and restart your web browser. This makes
- profiling cookies useless, but won't break sites which require cookies so
- that you can log in for transactions. Default: on.
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+no-cookies-keep</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- Prevent the website from reading cookies:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+no-cookies-read</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- Prevent the website from setting cookies:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+no-cookies-set</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- Filter the website through a built-in filter to disable those obnoxious
- JavaScript pop-up windows via window.open(), etc. The two alternative
- spellings are equivalent.
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+no-popup</I
-><br>
- <I
-CLASS="EMPHASIS"
->+no-popups</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- This action only applies if you are using a <TT
-CLASS="FILENAME"
->jarfile</TT
->
- for saving cookies. It sends a cookie to every site stating that you do not
- accept any copyright on cookies sent to you, and asking them not to track
- you. Of course, this is a (relatively) unique header they could use to
- track you.
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+vanilla-wafer</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- This allows you to add an arbitrary cookie. It can be specified multiple
- times in order to add as many cookies as you like.
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+wafer{name=value}</I
-><br>
- </P
->
- </TT
->
- </P
-></LI
-></UL
-></P
-><P
-> The meaning of any of the above is reversed by preceding the action with a
- <SPAN
-CLASS="QUOTE"
->"-"</SPAN
->, in place of the <SPAN
-CLASS="QUOTE"
->"+"</SPAN
->.</P
-><P
-> Some examples:</P
-><P
-> Turn off cookies by default, then allow a few through for specified sites:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Turn off all persistent cookies<br>
- { +no-cookies-read }<br>
- { +no-cookies-set }<br>
- # Allow cookies for this browser session ONLY<br>
- { +no-cookies-keep }<br>
-<br>
- # Exceptions to the above, sites that benefit from persistent cookies<br>
- { -no-cookies-read }<br>
- { -no-cookies-set }<br>
- { -no-cookies-keep }<br>
- .javasoft.com<br>
- .sun.com<br>
- .yahoo.com<br>
- .msdn.microsoft.com<br>
- .redhat.com<br>
-<br>
- # Alternative way of saying the same thing<br>
- {-no-cookies-set -no-cookies-read -no-cookies-keep}<br>
- .sourceforge.net<br>
- .sf.net<br>
- </P
->
- </TT
-></P
-><P
-> Now turn off <SPAN
-CLASS="QUOTE"
->"fast redirects"</SPAN
->, and then we allow two exceptions:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Turn them off!<br>
- {+fast-redirects}<br>
- <br>
- # Reverse it for these two sites, which don't work right without it.<br>
- {-fast-redirects}<br>
- www.ukc.ac.uk/cgi-bin/wac\.cgi\?<br>
- login.yahoo.com<br>
- </P
->
- </TT
-></P
-><P
-> Turn on page filtering according to rules in the defined sections
- of <TT
-CLASS="FILENAME"
->refilterfile</TT
->, and make one exception for
- sourceforge:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Run everything through the filter file, using only the<br>
- # specified sections:<br>
- +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}\<br>
- +filter{webbugs} +filter{nimda} +filter{banners-by-size}<br>
- <br>
- # Then disable filtering of code from sourceforge!<br>
- {-filter}<br>
- .cvs.sourceforge.net<br>
- </P
->
- </TT
-></P
-><P
-> Now some URLs that we want <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
-> (normally generates
- the <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
-> banner). Many of these use regular expressions
- that will expand to match multiple URLs:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Blocklist:<br>
- {+block}<br>
- /.*/(.*[-_.])?ads?[0-9]?(/|[-_.].*|\.(gif|jpe?g))<br>
- /.*/(.*[-_.])?count(er)?(\.cgi|\.dll|\.exe|[?/])<br>
- /.*/(ng)?adclient\.cgi<br>
- /.*/(plain|live|rotate)[-_.]?ads?/<br>
- /.*/(sponsor)s?[0-9]?/<br>
- /.*/_?(plain|live)?ads?(-banners)?/<br>
- /.*/abanners/<br>
- /.*/ad(sdna_image|gifs?)/<br>
- /.*/ad(server|stream|juggler)\.(cgi|pl|dll|exe)<br>
- /.*/adbanners/<br>
- /.*/adserver<br>
- /.*/adstream\.cgi<br>
- /.*/adv((er)?ts?|ertis(ing|ements?))?/<br>
- /.*/banner_?ads/<br>
- /.*/banners?/<br>
- /.*/banners?\.cgi/<br>
- /.*/cgi-bin/centralad/getimage<br>
- /.*/images/addver\.gif<br>
- /.*/images/marketing/.*\.(gif|jpe?g)<br>
- /.*/popupads/<br>
- /.*/siteads/<br>
- /.*/sponsor.*\.gif<br>
- /.*/sponsors?[0-9]?/<br>
- /.*/advert[0-9]+\.jpg<br>
- /Media/Images/Adds/<br>
- /ad_images/<br>
- /adimages/<br>
- /.*/ads/<br>
- /bannerfarm/<br>
- /grafikk/annonse/<br>
- /graphics/defaultAd/<br>
- /image\.ng/AdType<br>
- /image\.ng/transactionID<br>
- /images/.*/.*_anim\.gif # alvin brattli<br>
- /ip_img/.*\.(gif|jpe?g)<br>
- /rotateads/<br>
- /rotations/ <br>
- /worldnet/ad\.cgi<br>
- /cgi-bin/nph-adclick.exe/<br>
- /.*/Image/BannerAdvertising/<br>
- /.*/ad-bin/<br>
- /.*/adlib/server\.cgi<br>
- /autoads/<br>
- </P
->
- </TT
-></P
-><P
-> Note that many of these actions have the potential to cause a page to
- misbehave, possibly even not to display at all. There are many ways
- a site designer may choose to design his site, and what HTTP header
- content he may depend on. There is no way to have hard and fast rules
- for all sites. See the <A
-HREF="appendix.html#ACTIONSANAT"
->Appendix</A
->
- for a brief example on troubleshooting actions.</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN1287"
->5.4.3. Aliases</A
-></H3
-><P
-> Custom <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
->, known to <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- as <SPAN
-CLASS="QUOTE"
->"aliases"</SPAN
->, can be defined by combining other <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
->.
- These can in turn be invoked just like the built-in <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
->.
- Currently, an alias can contain any character except space, tab, <SPAN
-CLASS="QUOTE"
->"="</SPAN
->,
- <SPAN
-CLASS="QUOTE"
->"{"</SPAN
-> or <SPAN
-CLASS="QUOTE"
->"}"</SPAN
->. But please use only <SPAN
-CLASS="QUOTE"
->"a"</SPAN
->-
- <SPAN
-CLASS="QUOTE"
->"z"</SPAN
->, <SPAN
-CLASS="QUOTE"
->"0"</SPAN
->-<SPAN
-CLASS="QUOTE"
->"9"</SPAN
->, <SPAN
-CLASS="QUOTE"
->"+"</SPAN
->, and
- <SPAN
-CLASS="QUOTE"
->"-"</SPAN
->. Alias names are not case sensitive, and
- <I
-CLASS="EMPHASIS"
->must be defined before anything</I
-> else in the
- <TT
-CLASS="FILENAME"
->default.action</TT
->file! And there can only be one set of
- <SPAN
-CLASS="QUOTE"
->"aliases"</SPAN
-> defined.</P
-><P
-> Now let's define a few aliases:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Useful custom aliases we can use later. These must come first!<br>
- {{alias}}<br>
- +no-cookies = +no-cookies-set +no-cookies-read<br>
- -no-cookies = -no-cookies-set -no-cookies-read<br>
- fragile = -block -no-cookies -filter -fast-redirects -hide-referer -no-popups<br>
- shop = -no-cookies -filter -fast-redirects<br>
- +imageblock = +block +image<br>
-<br>
- #For people who don't like to type too much: ;-)<br>
- c0 = +no-cookies<br>
- c1 = -no-cookies<br>
- c2 = -no-cookies-set +no-cookies-read<br>
- c3 = +no-cookies-set -no-cookies-read<br>
- #... etc. Customize to your heart's content.<br>
- </P
->
- </TT
-></P
-><P
-> Some examples using our <SPAN
-CLASS="QUOTE"
->"shop"</SPAN
-> and <SPAN
-CLASS="QUOTE"
->"fragile"</SPAN
->
- aliases from above:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # These sites are very complex and require<br>
- # minimal interference.<br>
- {fragile}<br>
- .office.microsoft.com<br>
- .windowsupdate.microsoft.com<br>
- .nytimes.com<br>
-<br>
- # Shopping sites - still want to block ads.<br>
- {shop}<br>
- .quietpc.com<br>
- .worldpay.com # for quietpc.com<br>
- .jungle.com<br>
- .scan.co.uk<br>
-<br>
- # These shops require pop-ups<br>
- {shop -no-popups}<br>
- .dabs.com<br>
- .overclockers.co.uk<br>
- </P
->
- </TT
-></P
-><P
-> The <SPAN
-CLASS="QUOTE"
->"shop"</SPAN
-> and <SPAN
-CLASS="QUOTE"
->"fragile"</SPAN
-> aliases are often used for
- <SPAN
-CLASS="QUOTE"
->"problem"</SPAN
-> sites that require most actions to be disabled
- in order to function properly. </P
-></DIV
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="FILTERFILE"
->5.5. The Filter File</A
-></H2
-><P
-> Any web page can be dynamically modified with the filter file. This
- modification can be removal, or re-writing, of any web page content,
- including tags and non-visible content. The default filter file is
- <TT
-CLASS="FILENAME"
->default.filter</TT
->, located in the config directory. </P
-><P
-> This is potentially a very powerful feature, and requires knowledge of both
- <SPAN
-CLASS="QUOTE"
->"regular expression"</SPAN
-> and HTML in order create custom
- filters. But, there are a number of useful filters included with
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> for many common situations.</P
-><P
-> The included example file is divided into sections. Each section begins
- with the <TT
-CLASS="LITERAL"
->FILTER</TT
-> keyword, followed by the identifier
- for that section, e.g. <SPAN
-CLASS="QUOTE"
->"FILTER: webbugs"</SPAN
->. Each section performs
- a similar type of filtering, such as <SPAN
-CLASS="QUOTE"
->"html-annoyances"</SPAN
->.</P
-><P
-> This file uses regular expressions to alter or remove any string in the
- target page. The expressions can only operate on one line at a time. Some
- examples from the included default <TT
-CLASS="FILENAME"
->default.filter</TT
->:</P
-><P
-> Stop web pages from displaying annoying messages in the status bar by
- deleting such references:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> FILTER: html-annoyances<br>
-<br>
- # New browser windows should be resizeable and have a location and status<br>
- # bar. Make it so.<br>
- #<br>
- s/resizable="?(no|0)"?/resizable=1/ig s/noresize/yesresize/ig<br>
- s/location="?(no|0)"?/location=1/ig s/status="?(no|0)"?/status=1/ig<br>
- s/scrolling="?(no|0|Auto)"?/scrolling=1/ig<br>
- s/menubar="?(no|0)"?/menubar=1/ig <br>
-<br>
- # The <BLINK> tag was a crime!<br>
- #<br>
- s*<blink>|</blink>**ig<br>
-<br>
- # Is this evil? <br>
- #<br>
- #s/framespacing="?(no|0)"?//ig<br>
- #s/margin(height|width)=[0-9]*//gi<br>
- </P
->
- </TT
-></P
-><P
-> Just for kicks, replace any occurrence of <SPAN
-CLASS="QUOTE"
->"Microsoft"</SPAN
-> with
- <SPAN
-CLASS="QUOTE"
->"MicroSuck"</SPAN
->, and have a little fun with topical buzzwords: </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> FILTER: fun<br>
-<br>
- s/microsoft(?!.com)/MicroSuck/ig<br>
-<br>
- # Buzzword Bingo:<br>
- #<br>
- s/industry-leading|cutting-edge|award-winning/<font color=red><b>BINGO!</b></font>/ig<br>
- </P
->
- </TT
-></P
-><P
-> Kill those pesky little web-bugs:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)<br>
- FILTER: webbugs<br>
-<br>
- s/<img\s+[^>]*?(width|height)\s*=\s*['"]?1\D[^>]*?(width|height)\s*=\s*['"]?1(\D[^>]*?)?>/<!-- Squished WebBug -->/sig<br>
- </P
->
- </TT
-></P
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN1353"
->5.6. Templates</A
-></H2
-><P
-> When <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> displays one of its internal
- pages, such as a 404 Not Found error page, it uses the appropriate template.
- On Linux, BSD, and Unix, these are located in
- <TT
-CLASS="FILENAME"
->/etc/privoxy/templates</TT
-> by default. These may be
- customized, if desired. <TT
-CLASS="FILENAME"
->cgi-style.css</TT
-> is
- used to control the HTML attributes (fonts, etc).</P
-><P
-> The default <SPAN
-CLASS="QUOTE"
->"Blocked"</SPAN
-> banner page with the bright red top
- banner, is called just <SPAN
-CLASS="QUOTE"
->"<TT
-CLASS="FILENAME"
->blocked</TT
->"</SPAN
->. This
- may be customized or replaced with something else if desired. </P
+>"default"</SPAN
+> setting, may change, so
+ please check all your configuration files on important issues.</P
></DIV
></DIV
><DIV
ALIGN="left"
VALIGN="top"
><A
-HREF="quickstart.html"
+HREF="startup.html"
>Prev</A
></TD
><TD
ALIGN="right"
VALIGN="top"
><A
-HREF="contact.html"
+HREF="config.html"
>Next</A
></TD
></TR
WIDTH="33%"
ALIGN="left"
VALIGN="top"
->Quickstart to Using <SPAN
+>Starting <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
></TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
->Contacting the Developers, Bug Reporting and Feature
-Requests</TD
+>The Main Configuration File</TD
></TR
></TABLE
></DIV