NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
-TITLE="Privoxy 3.0.9 User Manual"
+TITLE="Privoxy 3.0.12 User Manual"
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="Installation"
><TH
COLSPAN="3"
ALIGN="center"
->Privoxy 3.0.9 User Manual</TH
+>Privoxy 3.0.12 User Manual</TH
></TR
><TR
><TD
>3. What's New in this Release</A
></H1
><P
-> There are many improvements and new features since <SPAN
+> <SPAN
CLASS="APPLICATION"
->Privoxy 3.0.8</SPAN
->, the last stable release:</P
+>Privoxy 3.0.12</SPAN
+> is mainly a bugfix release:</P
><P
> <P
></P
><UL
><LI
><P
-> Added SOCKS5 support (with address resolution done by
- the SOCKS5 server). Patch provided by Eric M. Hopper.
+> The socket-timeout option now also works on platforms whose
+ select() implementation modifies the timeout structure.
+ Previously the timeout was triggered even if the connection
+ didn't stall. Reported by cyberpatrol.
</P
></LI
><LI
><P
-> The "blocked" CGI pages include a block reason that was
- provided as argument to the last-applying block action.
+> The Connection: keep-alive code properly deals with files
+ larger than 2GB. Previously the connection was closed too
+ early.
</P
></LI
><LI
><P
-> If enable-edit-actions is disabled (the default since 3.0.7 beta)
- the show-status page hides the edit buttons and explains why.
- Previously the user would get the "this feature has been disabled"
- message after using the edit button.
+> The content length for files above 2GB is logged correctly.
</P
></LI
><LI
><P
-> Forbidden CONNECT requests are treated like blocks by default.
- The now-pointless treat-forbidden-connects-like-blocks action
- has been removed.
+> The user-manual directive on the show-status page links to
+ the documentation location specified with the directive,
+ not to the Privoxy website.
</P
></LI
><LI
><P
-> Not enabling limit-connect now allows CONNECT requests to all ports.
- In previous versions it would only allow CONNECT requests to port 443.
- Use +limit-connect{443} if you think you need the old default behaviour.
+> When running in daemon mode, Privoxy doesn't log anything
+ to the console unless there are errors before the logfile
+ has been opened.
</P
></LI
><LI
><P
-> The CGI editor gets turned off after three edit requests with invalid
- file modification timestamps. This makes life harder for attackers
- who can leverage browser bugs to send fake Referers and intend to
- brute-force edit URLs.
+> The show-status page prints warnings about invalid directives
+ on the same line as the directives themselves.
</P
></LI
><LI
><P
-> Action settings for multiple patterns in the same section are
- shared in memory. As a result these sections take up less space
- (and are loaded slightly faster). Problem reported by Franz Schwartau.
+> Fixed several justified (but harmless) compiler warnings,
+ mostly on 64 bit platforms.
</P
></LI
><LI
><P
-> Linear white space in HTTP headers will be normalized to single
- spaces before parsing the header's content, headers split across
- multiple lines get merged first.
+> The mingw32 version explicitly requests the default charset
+ to prevent display problems with some fonts available on more
+ recent Windows versions. Patch by Burberry.
</P
></LI
><LI
><P
-> Host information is gathered outside the main thread so it's less
- likely to delay other incoming connections if the host is misconfigured.
+> The mingw32 version uses the Privoxy icon in the alt-tab
+ windows. Patch by Burberry.
</P
></LI
><LI
><P
-> New config option "hostname" to use a hostname other than
- the one returned by the operating system. Useful to speed-up responses
- for CGI requests on misconfigured systems. Requested by Max Khon.
+> The timestamp and the thread id is omitted in the "Fatal error"
+ message box on mingw32.
</P
></LI
><LI
><P
-> The CGI editor supports the "disable all filters of this type"
- directives "-client-header-filter", "-server-header-filter",
- "-client-header-tagger" and "-server-header-tagger".
+> Fixed two related mingw32-only buffer overflows. Triggering
+ them required control over the configuration file, therefore
+ this isn't seen as a security issue.
</P
></LI
><LI
><P
-> Fixed false-positives with the link-by-url filter and URLs that
- contain the pattern "/jump/".
- </P
-></LI
-><LI
-><P
-> The less-download-windows filter no longer messes
- "Content-Type: application/x-shockwave-flash" headers up.
- </P
-></LI
-><LI
-><P
-> In the show-url-info page's "Final results" section active and
- inactive actions are listed separately. Patch provided by Lee.
- </P
-></LI
-><LI
-><P
-> The GNUmakefile supports the DESTDIR variable. Patch for
- the install target submitted by Radoslaw Zielinski.
- </P
-></LI
-><LI
-><P
-> Embedding the content of configuration files in the show-status
- page is significantly faster now. For a largish action file (1 MB)
- a speedup of about 2450 times has been measured. This is mostly
- interesting if you are using large action files or regularly use
- Privoxy-Regression-Test while running Privoxy through Valgrind,
- for stock configuration files it doesn't really matter.
- </P
-></LI
-><LI
-><P
-> If zlib support is unavailable and there are content
- filters active but the prevent-compression action is disabled,
- the show-url-info page includes a warning that compression
- might prevent filtering.
- </P
-></LI
-><LI
-><P
-> The show-url-info page provides an OpenSearch Description that
- allows to access the page through browser search plugins.
- </P
-></LI
-><LI
-><P
-> The obsolete kill-popups action has been removed as the
- PCRS-based popup filters can do the same and are slightly
- less unreliable.
- </P
-></LI
-><LI
-><P
-> The inspect-jpegs action has been removed.
- </P
-></LI
-><LI
-><P
-> The send-wafer and send-vanilla-wafer actions have been removed.
- They weren't particular useful and their behaviour could be emulated
- with add-header anyway.
- </P
-></LI
-><LI
-><P
-> Privoxy-Regression-Test has been significantly improved.
- </P
-></LI
-><LI
-><P
-> Most sections in the default.action file contain tests for
- Privoxy-Regression-Test to verify that they are working as intended.
- </P
-></LI
-><LI
-><P
-> Parts of Privoxy have been refactored to increase maintainability.
- </P
-></LI
-><LI
-><P
-> Building with zlib (if available) is done by default.
+> In verbose mode, or if the new option --show-skipped-tests
+ is used, Privoxy-Regression-Test logs skipped tests and the
+ skip reason.
</P
></LI
></UL
></P
-><P
-> For a more detailed list of changes please have a look at the ChangeLog.</P
><DIV
CLASS="SECT2"
><H2
<TT
CLASS="FILENAME"
>standard.action</TT
-> now only includes the enabled actions.
- Not all actions as before.
+> has been merged into
+ the <TT
+CLASS="FILENAME"
+>default.action</TT
+> file.
</P
></LI
><LI
be aware of the security issues involved.
</P
></LI
-><LI
-><P
-> The <SPAN
-CLASS="QUOTE"
->"filter-client-headers"</SPAN
-> and
- <SPAN
-CLASS="QUOTE"
->"filter-server-headers"</SPAN
-> actions that were introduced with
- <SPAN
-CLASS="APPLICATION"
->Privoxy 3.0.5</SPAN
-> to apply content filters to
- the headers have been removed and replaced with new actions.
- See the <A
-HREF="whatsnew.html"
->What's New section</A
-> above.
- </P
-></LI
></UL
></P
></DIV