X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=doc%2Fsource%2Fuser-manual.sgml;h=f2a3e81d04b4302b20a211a004ec9dae0ffc069e;hb=00dce4572952ae31c79989d101597271fc3d361d;hp=4cbf7e65c9194eabddfb1c3a070d4c5b54180bda;hpb=9191f5d733a8cb851bcaf65ac6d90ba6158709f5;p=privoxy.git diff --git a/doc/source/user-manual.sgml b/doc/source/user-manual.sgml index 4cbf7e65..f2a3e81d 100644 --- a/doc/source/user-manual.sgml +++ b/doc/source/user-manual.sgml @@ -25,7 +25,7 @@ This file belongs into ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/ - $Id: user-manual.sgml,v 1.92 2002/04/25 18:55:13 hal9 Exp $ + $Id: user-manual.sgml,v 1.98 2002/04/28 05:43:59 hal9 Exp $ Written by and Copyright (C) 2001 the SourceForge Privoxy team. http://www.privoxy.org/ @@ -46,7 +46,7 @@ Privoxy User Manual -$Id: user-manual.sgml,v 1.92 2002/04/25 18:55:13 hal9 Exp $ +$Id: user-manual.sgml,v 1.98 2002/04/28 05:43:59 hal9 Exp $ @@ -99,7 +99,6 @@ - Introduction This documentation is included with the current &p-status; version of @@ -123,15 +122,13 @@ ]]> - -New Features +Features In addition to Internet Junkbuster's traditional features of ad and banner blocking and cookie management, Privoxy provides new features: - &newfeatures; @@ -149,7 +146,9 @@ Privoxy is available both in convenient pre-compiled packages for a wide range of operating systems, and as raw source code. For most users, we recommend using the packages, which can be downloaded from our - Privoxy Project Page. + Privoxy Project + Page. For installing and compiling the source code, please look + into our Developer Manual. @@ -158,16 +157,13 @@ version directly from the CVS repository or simply download the nightly CVS - tarball. + tarball. Again, we refer you to the Developer Manual. &supported; - -Binary Packages - Note: If you have a previous Junkbuster or Privoxy installation on your system, you @@ -178,15 +174,12 @@ In any case be sure to backup your old configuration if it is valuable to you. See the - note to upgraders. - - - - How to install the binary packages depends on your operating system: + note to upgraders section + below. -Red Hat and SuSE RPMs +Red Hat and SuSE RPMs RPMs can be installed with rpm -Uvh privoxy-&p-version;-1.rpm, @@ -195,9 +188,11 @@ - Note that on Red Hat, Privoxy will not be - automatically started on system boot. You will need to enable that using - chkconfig, ntsysv, or similar method. + Note that on Red Hat, Privoxy will + not be automatically started on system boot. You will + need to enable that using chkconfig, + ntsysv, or similar methods. Note that SuSE will +automatically start Privoxy in the boot process. @@ -212,36 +207,38 @@ Otherwise, RPM will try to remove Junkbuster automatically, before installing Privoxy. - + -Debian +Debian FIXME. - + -Windows +Windows Just double-click the installer, which will guide you through - the installation process. + the installation process. You will find the configuration files + in the same directory as you installed Privoxy in. We do not + use the registry of Windows. - + -Solaris, NetBSD, FreeBSD, HP-UX +Solaris, NetBSD, FreeBSD, HP-UX Create a new directory, cd to it, then unzip and untar the archive. For the most part, you'll have to figure out where things go. FIXME. - + -OS/2 +OS/2 First, make sure that no previous installations of @@ -261,10 +258,10 @@ The directory you choose to install Privoxy into will contain all of the configuration files. - + -Max OSX +Max OSX Unzip the downloaded package (you can either double-click on the file in the finder, or on the desktop if you downloaded it there). Then, @@ -276,10 +273,10 @@ automatically on system bring-up via /System/Library/StartupItems/Privoxy. - + -AmigaOS +AmigaOS Copy and then unpack the lha archive to a suitable location. All necessary files will be installed into Privoxy @@ -295,29 +292,13 @@ TCP/IP stack (just ignore the harmless warning your TCP/IP stack may display that Privoxy is still running). - - - - -Building from Source - - - &buildsource; - - - - - -Quickstart to Using <application>Privoxy</application> - - - + Note to Upgraders There are very significant changes from older versions of @@ -327,15 +308,15 @@ configuration files will not migrate. The functionality of the old blockfile, cookiefile and imagelist, are now combined into the - actions files. default.action, - is the main actions file. Local exceptions should best be put into - user.action. + actions files. + default.action, is the main actions file. Local + exceptions should best be put into user.action. - A filter file (typically default.filter) - is new as of Privoxy 2.9.x, and provides some - of the new sophistication (explained below). config is - much the same as before. + A filter file (typically + default.filter) is new as of Privoxy + 2.9.x, and provides some of the new sophistication (explained + below). config is much the same as before. If upgrading from a 2.0.x version, you will have to use the new config @@ -378,9 +359,9 @@ The primary configuration file for cookie management, ad and banner blocking, and many other aspects of Privoxy - configuration is in the actions files. It is strongly - recommended to become familiar with the new actions concept below, - before modifying these files. Locally defined rules + configuration is in the actions + files. It is strongly recommended to become familiar with the new + actions concept below, before modifying these files. Locally defined rules should go into user.action. @@ -395,18 +376,56 @@ + - + +Quickstart to Using <application>Privoxy</application> + + + + + + Install Privoxy. See the section Installing. + + + + + + Start Privoxy. See the section Starting Privoxy. + + + + + + Change your browser's configuration to use the proxy localhost on port + 8118. See the section Starting Privoxy. + + + + + + Enjoy surfing with enhanced comfort and privacy. Please see the section + Contacting the Developers on how to report + bugs or problems with websites or to get help. You may want to change the + file user.action to further tweak your new browsing + experience. + + + + + + + - + Starting <application>Privoxy</application> - Before launching Privoxy for the first time, you - will want to configure your browser(s) to use Privoxy - as a HTTP and HTTPS proxy. The default is localhost for the proxy address, - and port 8118 (earlier versions used port 8000). This is the one - configuration step that must be done! + Before launching Privoxy for the first time, you + will want to configure your browser(s) to use + Privoxy as a HTTP and HTTPS proxy. The default is + localhost for the proxy address, and port 8118 (earlier versions used port + 8000). This is the one configuration step that must be done! @@ -426,55 +445,102 @@ Privoxy! - Privoxy is typically started by specifying the - main configuration file to be used on the command line. Example Unix startup - command: + main configuration file to be used on the command line. If no configuration + file is specified on the command line, Privoxy + will look for a file named config in the current + directory. Except on Win32 where it will try config.txt. + +RedHat and Debian + +We use a script. Note that RedHat does not start Privoxy upon booting per +default. It will use the file /etc/privoxy/config as its +main configuration file. FIXME: Debian?? + - - # /usr/sbin/privoxy /etc/privoxy/config - - + # /etc/rc.d/init.d/privoxy start + + + + + +SuSE + +We use a script. It will use the file /etc/privoxy/config +as its main configuration file. Note that SuSE starts Privoxy upon booting +your PC. + + + + # rcprivoxy start + + + + + +Windows + +Click on the Privoxy Icon to start Privoxy. If no configuration file is + specified on the command line, Privoxy will look + for a file named config.txt. Note that Windows will + automatically start Privoxy upon booting you PC. + + +Solaris, NetBSD, FreeBSD, HP-UX and others - See below for other command line options. +Example Unix startup command: + + + # /usr/sbin/privoxy /etc/privoxy/config + + + + +OS/2 - An init script is provided for SuSE and Red Hat. +FIXME. + + +MAX OSX - For for SuSE: rcprivoxy start +FIXME. + + + +AmigaOS - For Red Hat and Debian: /etc/rc.d/init.d/privoxy start +FIXME. + + @@ -786,7 +854,7 @@ All files use the # character to denote a - comment (the rest of the line will be ignored) and understand line continuation + comment (the rest of the line will be ignored) angd understand line continuation through placing a backslash ("\") as the very last character in a line. If the # is preceded by a backslash, it looses its special function. Placing a # in front of an otherwise @@ -818,13 +886,17 @@ please check all your configuration files on important issues. ]]> + + + - + - + The Main Configuration File + Again, the main configuration file is named config on Linux/Unix/BSD and OS/2, and config.txt on Windows. @@ -864,18 +936,18 @@ - + Configuration and Log File Locations Privoxy can (and normally does) use a number of - other files for additional configuration and logging. + other files for additional configuration, help and logging. This section of the configuration file tells Privoxy where to find those other files. -confdir +confdir @@ -918,10 +990,10 @@ - + -logdir +logdir @@ -960,15 +1032,15 @@ - + - +<sect3 renderas="sect4" id="actionsfile"><title> +actionsfile + -actionsfile - - + Specifies: @@ -1012,23 +1084,27 @@ actionsfile Notes: - Multiple actionsfile lines are OK and are in fact recommended! + Multiple actionsfile lines are permitted, and are in fact recommended! The default values include standard.action, which is used for internal purposes and should be loaded, default.action, which is the main actions file maintained by the developers, and - user.action, where you can make your personal additions. + user.action, where you can make your personal additions. - There is no point in using Privoxy without an actions file. + Actions files are where all the per site and per URL configuration is done for + ad blocking, cookie management, privacy considerations, etc. + There is no point in using Privoxy without at + least one actions file. - + -<anchor id="default.filter">filterfile +filterfile + Specifies: @@ -1074,9 +1150,9 @@ actionsfile - + -logfile +logfile @@ -1135,9 +1211,9 @@ actionsfile - + -jarfile +jarfile @@ -1177,10 +1253,9 @@ actionsfile - - -trustfile + +trustfile Specifies: @@ -1232,17 +1307,66 @@ actionsfile - + +user-manual + + + Specifies: + + + Location of the Privoxy User Manual. + + + + + Type of value: + + A fully qualified URI + + + + Default value: + + http://www.privoxy.org/user-manual/ + + + + Effect if unset: + + + The default will be used. + + + + + Notes: + + + The User Manual is used for help hints from some of the internal CGI pages. + It is normally packaged with the binary distributions, and would make more + sense to have this pointed at a locally installed copy. + + + A more useful example (Unix): + + +   user-manual  file:///usr/share/doc/privoxy-&p-version;/user-manual/ + + + + + + - + Local Set-up Documentation @@ -1251,7 +1375,7 @@ actionsfile you, what you block and why you do that, your policies etc. -trust-info-url +trust-info-url @@ -1301,9 +1425,9 @@ actionsfile - + -admin-address +admin-address @@ -1345,9 +1469,9 @@ actionsfile - + -proxy-info-url +proxy-info-url @@ -1393,14 +1517,14 @@ actionsfile - - + + - + Debugging @@ -1410,7 +1534,7 @@ actionsfile command line option when debugging. -debug +debug @@ -1462,7 +1586,7 @@ actionsfile debug 1024 # debug kill pop-ups debug 4096 # Startup banner and warnings. debug 8192 # Non-fatal errors - + To select multiple debug levels, you can either add them or use @@ -1487,9 +1611,9 @@ actionsfile - + -single-threaded +single-threaded @@ -1531,13 +1655,13 @@ actionsfile - - + + - + Access Control and Security @@ -1545,7 +1669,7 @@ actionsfile of Privoxy's configuration. -listen-address +listen-address @@ -1563,6 +1687,7 @@ actionsfile [IP-Address]:Port + Default value: @@ -1610,14 +1735,14 @@ actionsfile listen-address 192.168.0.1:8118 - + - + -toggle +toggle @@ -1657,7 +1782,7 @@ actionsfile proxy. See enable-remote-toggle below. This is not really useful anymore, since toggling is much easier via the web - interface then via editing the conf file. + interface than via editing the conf file. The windows version will only display the toggle icon in the system tray @@ -1666,10 +1791,10 @@ actionsfile - + -enable-remote-toggle +enable-remote-toggle Specifies: @@ -1723,10 +1848,10 @@ actionsfile - + -enable-edit-actions +enable-edit-actions Specifies: @@ -1775,12 +1900,12 @@ actionsfile - + - +<sect3 renderas="sect4" id="acls"><title> +ACLs: permit-access and deny-access -ACLs: permit-access and deny-access @@ -1876,7 +2001,7 @@ ACLs: permit-access and deny-access permit-access localhost - + Allow any host on the same class C subnet as www.privoxy.org access to @@ -1885,7 +2010,7 @@ ACLs: permit-access and deny-access permit-access www.privoxy.org/24 www.example.com/32 - + Allow access from any host on the 26-bit subnet 192.168.45.64 to anywhere, @@ -1895,14 +2020,14 @@ ACLs: permit-access and deny-access permit-access 192.168.45.64/26 deny-access 192.168.45.73 www.dirty-stuff.example.com - + - + -buffer-limit +buffer-limit @@ -1955,16 +2080,16 @@ ACLs: permit-access and deny-access - - + + - + Forwarding @@ -1984,7 +2109,7 @@ ACLs: permit-access and deny-access supports the SOCKS 4 and SOCKS 4A protocols. -forward +forward Specifies: @@ -2048,7 +2173,7 @@ ACLs: permit-access and deny-access forward .* anon-proxy.example.org:8080 forward :443 . - + Everything goes to our example ISP's caching proxy, except for requests @@ -2058,17 +2183,17 @@ ACLs: permit-access and deny-access forward .*. caching-proxy.example-isp.net:8000 forward .example-isp.net . - + - + - +<sect3 renderas="sect4" id="socks"><title> +forward-socks4 and forward-socks4a -forward-socks4 and forward-socks4a @@ -2142,7 +2267,7 @@ forward-socks4 and forward-socks4a forward-socks4a .*. socks-gw.example.com:1080 www-cache.example-isp.net:8080 forward .example.com . - + A rule that uses a SOCKS 4 gateway for all destinations but no HTTP parent looks like this: @@ -2150,14 +2275,14 @@ forward-socks4 and forward-socks4a forward-socks4 .*. socks-gw.example.com:1080 . - + - + -Advanced Forwarding Examples +Advanced Forwarding Examples If you have links to multiple ISPs that provide various special content @@ -2180,7 +2305,7 @@ forward-socks4 and forward-socks4a forward .*. . forward .isp-b.net host-b:8118 - + @@ -2191,7 +2316,7 @@ forward-socks4 and forward-socks4a forward .*. . forward .isp-a.net host-a:8118 - + @@ -2223,8 +2348,7 @@ forward-socks4 and forward-socks4a always_direct allow ftp # Forward all the rest to Privoxy - never_direct allow all - + never_direct allow all @@ -2232,16 +2356,16 @@ forward-socks4 and forward-socks4a Squid normally uses port 3128. If unsure consult http_port in squid.conf. - - + + - + Windows GUI Options Privoxy has a number of options specific to the @@ -2413,21 +2537,22 @@ forward-socks4 and forward-socks4a - #hide-console + #hide-console - + - - -Actions Files + + + +Actions Files The actions files are used to define what actions @@ -2445,7 +2570,7 @@ forward-socks4 and forward-socks4a - Anything you want can blocked, including ads, banners, or just some obnoxious + Anything you want can be blocked, including ads, banners, or just some obnoxious URL that you would rather not see is done here. Cookies can be accepted or rejected, or accepted only during the current browser session (i.e. not written to disk), content can be modified, JavaScripts tamed, user-tracking fooled, and much more. @@ -2455,18 +2580,18 @@ forward-socks4 and forward-socks4a An actions file typically has sections. Near the top, aliases are optionally defined (discussed below), then the default set of rules + url="actions-file.html#ALIASES">below), then the default set of rules which will apply universally to all sites and pages. And then below that, exceptions to the defined universal policies. - + Finding the Right Mix - Note that some actions like cookie suppression - or script disabling may render some sites unusable, which rely on these - techniques to work properly. Finding the right mix of actions is not easy and + Note that some actions, like cookie suppression + or script disabling, may render some sites unusable that rely on these + techniques to work properly. Finding the right mix of actions is not always easy and certainly a matter of personal taste. In general, it can be said that the more aggressive your default settings (in the top section of the actions file) are, the more exceptions for trusted sites you @@ -2482,10 +2607,10 @@ forward-socks4 and forward-socks4a things. There just are too many variables, and sites are constantly changing. Sooner or later you will want to change the rules (and read this chapter again :). - + - + How to Edit The easiest way to edit the actions files is with a browser by @@ -2497,10 +2622,10 @@ forward-socks4 and forward-socks4a If you prefer plain text editing to GUIs, you can of course also directly edit the the actions files. - + - + How Actions are Applied to URLs Actions files are divided into sections. There are special sections, @@ -2518,8 +2643,8 @@ forward-socks4 and forward-socks4a of the section in which the pattern is located. If multiple matches for the same URL set the same action differently, the last match wins. If not, the effects are aggregated (e.g. a URL might match both the - +handle-as-image - and +block actions). + +handle-as-image + and +block actions). @@ -2532,10 +2657,10 @@ forward-socks4 and forward-socks4a More detail on this is provided in the Appendix, Anatomy of an Action. - + - + Patterns Generally, a pattern has the form <domain>/<path>, @@ -2591,7 +2716,9 @@ forward-socks4 and forward-socks4a -The Domain Pattern + + +The Domain Pattern The matching of the domain part offers some flexible options: if the @@ -2677,9 +2804,13 @@ forward-socks4 and forward-socks4a - + + + + -The Path Pattern + +The Path Pattern Privoxy uses Perl compatible regular expressions @@ -2711,16 +2842,16 @@ forward-socks4 and forward-socks4a documents whose path starts with PaTtErN in exactly this capitalization. - - + + - + Actions All actions are disabled by default, until they are explicitly enabled @@ -2809,12 +2940,13 @@ forward-socks4 and forward-socks4a Later defined actions always over-ride earlier ones. So exceptions - to any rules you make, should come in the latter part of the file. For - multi-valued actions, the actions are applied in the order they are - specified. Actions files are processed in the order they are defined - in config (the default installation has three - actions files). It also quite possible for any given URL pattern to - match more than one action! + to any rules you make, should come in the latter part of the file (or + in a file that is processed later when using multiple actions files). For + multi-valued actions, the actions are applied in the order they are specified. + Actions files are processed in the order they are defined in + config (the default installation has three actions + files). It also quite possible for any given URL pattern to match more than + one action! @@ -2832,8 +2964,8 @@ forward-socks4 and forward-socks4a - -<emphasis>+add-header{Name: value}</emphasis> + +<emphasis>+add-header</emphasis> @@ -2884,11 +3016,11 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+block</emphasis> @@ -2937,8 +3069,8 @@ forward-socks4 and forward-socks4a will intercept the URL and display its special BLOCKED page instead. If there is sufficient space, a large red banner will appear with a friendly message about why the page was blocked, and a way to go there - anyway. If there is insufficient space a smaller blocked page will appear - without the red banner. + anyway. If there is insufficient space a smaller BLOCKED + page will appear without the red banner. Click here to view the default blocked HTML page (Privoxy must be running for this to work as intended!). @@ -2947,15 +3079,15 @@ forward-socks4 and forward-socks4a A very important exception is if the URL matches both +block and +handle-as-image, + url="actions-file.html#HANDLE-AS-IMAGE">+handle-as-image, then it will be handled by - +set-image-blocker + +set-image-blocker (see below). It is important to understand this process, in order to understand how Privoxy is able to deal with ads and other objectionable content. - The +filter + The +filter action can also perform some of the same functionality as +block, but by virtue of very different programming techniques, and is most often used for different @@ -2965,11 +3097,11 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+deanimate-gifs</emphasis> @@ -3025,10 +3157,10 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+downgrade-http-version</emphasis> @@ -3082,10 +3214,10 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+fast-redirects</emphasis> @@ -3155,11 +3287,11 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+filter</emphasis> @@ -3199,61 +3331,73 @@ forward-socks4 and forward-socks4a + +filter{html-annoyances}: Get rid of particularly annoying HTML abuse. + +filter{js-annoyances}: Get rid of particularly annoying JavaScript abuse + +filter{content-cookies}: Kill cookies that come in the HTML or JS content + +filter{popups}: Kill all popups in JS and HTML + +filter{frameset-borders}: Give frames a border and make them resizable + +filter{webbugs}: Squish WebBugs (1x1 invisible GIFs used for user tracking) + +filter{refresh-tags}: Kill automatic refresh tags (for dial-on-demand setups) + +filter{fun}: Text replacements for subversive browsing fun! + +filter{nimda}: Remove Nimda (virus) code. + +filter{banners-by-size}: Kill banners by size (very efficient!) + +filter{shockwave-flash}: Kill embedded Shockwave Flash objects + +filter{crude-parental}: Kill all web pages that contain the words "sex" or "warez" @@ -3277,7 +3421,7 @@ forward-socks4 and forward-socks4a Filtering can achieve some of the effects as the - +block + +block action, i.e. it can be used to block ads and banners. In the overall scheme of things, filtering is one of the first things Privoxy does with a web page. So other most other actions are applied to the @@ -3287,11 +3431,11 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+hide-forwarded-for-headers</emphasis> @@ -3341,11 +3485,11 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+hide-from-header</emphasis> @@ -3392,7 +3536,7 @@ forward-socks4 and forward-socks4a The keyword block will completely remove the header (not to be confused with the +block action). + url="actions-file.html#BLOCK">+block action). Alternately, you can specify any value you prefer to send to the web server. @@ -3400,14 +3544,13 @@ forward-socks4 and forward-socks4a - + - -<emphasis><anchor id="hide-referrer">+hide-referer</emphasis> - - + +<emphasis>+hide-referer</emphasis> + Type: @@ -3466,11 +3609,11 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+hide-user-agent</emphasis> @@ -3523,10 +3666,10 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+handle-as-image</emphasis> @@ -3576,10 +3719,10 @@ forward-socks4 and forward-socks4a +blocked, in which case a user definable image can be sent rather than a HTML page. This is integral to the whole concept of ad blocking: the URL must match both a +block rule, + url="actions-file.html#BLOCK">+block rule, and +handle-as-image. (See +set-image-blocker + url="actions-file.html#SET-IMAGE-BLOCKER">+set-image-blocker below for control over what will actually be displayed by the browser.) @@ -3589,11 +3732,11 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+set-image-blocker</emphasis> @@ -3610,9 +3753,9 @@ forward-socks4 and forward-socks4a Decide what to do with URLs that end up tagged with both - +block + +block and +handle-as-image, + url="actions-file.html#HANDLE-AS-IMAGE">+handle-as-image, e.g an advertisement. @@ -3664,10 +3807,10 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+limit-connect</emphasis> @@ -3739,10 +3882,10 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+prevent-compression</emphasis> @@ -3788,10 +3931,10 @@ forward-socks4 and forward-socks4a Some websites do this, which can be a problem for Privoxy, since - +filter, - +kill-popups + +filter, + +kill-popups and +gif-deanimate + url="actions-file.html#GIF-DEANIMATE">+gif-deanimate will not work on compressed data. This will slow down connections to those websites, though. Default typically is to turn prevent-compression on. @@ -3800,10 +3943,10 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+session-cookies-only</emphasis> @@ -3863,11 +4006,11 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+prevent-reading-cookies</emphasis> @@ -3914,7 +4057,7 @@ forward-socks4 and forward-socks4a Often used in conjunction with +prevent-setting-cookies to disable cookies completely. Note that - +session-cookies-only + +session-cookies-only requires these to both be disabled (or else it never gets any cookies to cache). @@ -3926,11 +4069,11 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+prevent-setting-cookies</emphasis> @@ -3982,11 +4125,11 @@ forward-socks4 and forward-socks4a - + - - + + <emphasis>+kill-popups<anchor id="kill-popups"></emphasis> @@ -4045,11 +4188,11 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+send-vanilla-wafer</emphasis> @@ -4102,11 +4245,11 @@ forward-socks4 and forward-socks4a - + - + <emphasis>+send-wafer</emphasis> @@ -4157,162 +4300,312 @@ forward-socks4 and forward-socks4a - + - -Actions Examples + +Summary - Note that the meaning of any of the above examples is reversed by preceding + Note that many of these actions have the potential to cause a page to + misbehave, possibly even not to display at all. There are many ways + a site designer may choose to design his site, and what HTTP header + content, and other criteria, he may depend on. There is no way to have hard + and fast rules for all sites. See the Appendix for a brief example on troubleshooting + actions. + + + + + + +Sample Actions Files + + Remember that the meaning of any of the above references is reversed by preceding the action with a -, in place of the +. Also, that some actions are turned on in the default section of the actions file, and require little to no additional configuration. These are just on. - But, other actions that are turned on the default section do - typically require exceptions to be listed in the lower sections of - actions file. E.g. by default no URLs are blocked (i.e. in - the default definitions of default.action). We need - exceptions to this in order to enable ad blocking. - Some examples: + But, other actions that are turned on in the default section do + typically require exceptions to be listed in the latter sections of + one of our actions file. For instance, by default no URLs are + blocked (i.e. in the default definitions of + default.action). We need exceptions to this in order to + enable ad blocking in the lower sections. But we need to + be very selective about what we do block. Thus, the default is off + for blocking. - Turn off cookies by default, then allow a few through for specified sites - (showing an excerpt from the default section of an actions - file ONLY): + Below is a liberally commented sample default.action file + to demonstrate how all the pieces come together. And to show how exceptions + to the default policies can be handled. This is followed by a brief + user.action with similar examples. - + - # Excerpt only: - # Allow cookies to and from the server, but - # for this browser session ONLY - { - # other actions normally listed here... - -prevent-setting-cookies \ - -prevent-reading-cookies \ - +session-cookies-only \ +# Sample default.action file <developers@privoxy.org> + +# Settings -- Don't change! For internal Privoxy use ONLY. +{{settings}} +for-privoxy-version=3.0 + + +########################################################################## +# Aliases must be defined *before* they are used. These are +# easier to remember, and can combine several actions into one. Once +# defined they can be used just like any built-in action -- but within +# this file only! Aliases do not require a + or - sign. +########################################################################## + +# Some useful aliases. +# Alias to turn off cookie handling, ie allow all cookies unmolested. + -prevent-cookies = -prevent-setting-cookies -prevent-reading-cookies \ + -session-cookies-only + +# Alias to both block and treat as if an image for ad blocking +# purposes. + +imageblock = +block +handle-as-image + +# Fragile sites should have the minimum changes: + fragile = -block -deanimate-gifs -fast-redirects -filter -hide-referer \ + -prevent-cookies -kill-popups + +# Shops should be allowed to set persistent cookies + shop = -filter -prevent-cookies -session-cookies-only + + +########################################################################## +# Begin default action settings. Anything in this section will match +# all URLs -- UNLESS we have exceptions that also match, defined below this +# section. We will show all potential actions here whether they are on +# or off. We could omit any disabled action if we wanted, since all +# actions are 'off' by default anyway. Shown for completeness only. +# Actions are enabled if preceded by a '+', otherwise they are disabled +# (unless an alias has been defined without this). +########################################################################## + { \ + -add-header \ + -block \ + -deanimate-gifs \ + -downgrade-http-version \ + +fast-redirects \ + +filter{html-annoyances} \ + +filter{js-annoyances} \ + -filter{content-cookies} \ + -filter{popups} \ + +filter{webbugs} \ + -filter{refresh-tags} \ + -filter{fun} \ + +filter{nimda} \ + +filter{banners-by-size} \ + -filter{shockwave-flash} \ + -filter{crude-prental} \ + +hide-forwarded-for-headers \ + +hide-from-header{block} \ + -hide-referrer \ + -hide-user-agent \ + -handle-as-image \ + +set-image-blocker{pattern} \ + -limit-connect \ + +prevent-compression \ + -session-cookies-only \ + -prevent-reading-cookies \ + -prevent-setting-cookies \ + -kill-popups \ + -send-vanilla-wafer \ + -send-wafer \ } - / # match all URLs + / # forward slash will match *all* potential URL patterns. - # Exceptions to the above, sites that benefit from persistent cookies - # that are saved from one browser session to the next. - { -session-cookies-only } - .javasoft.com - .sun.com - .yahoo.com - .msdn.microsoft.com - .redhat.com +########################################################################## +# Default behavior is now set. Now we will define some exceptions to our +# default action policies. +########################################################################## - - - - +# These sites are very complex and require very minimal interference. +# We'll disable most actions with our 'fragile' alias: + { fragile } + .office.microsoft.com # surprise, surprise! + .windowsupdate.microsoft.com - - Now turn off fast redirects, and then we allow two exceptions: - - - - - - # Turn them off (excerpt only)! - { - # other actions normally listed here... - +fast-redirects - } - / # match all URLs - - # Reverse it for these two sites, which don't work right without it. - {-fast-redirects} - www.ukc.ac.uk/cgi-bin/wac\.cgi\? - login.yahoo.com +# Shopping sites - not as fragile but require some special +# handling. We still want to block ads, and we will allow +# persistant cookies via the 'shop' alias: + { shop } + .quietpc.com + .worldpay.com # for quietpc.com + .jungle.com + .scan.co.uk + + +# These sites require pop-ups too :( We'll combine our 'shop' +# alias with two other actions into one rule to allow all popups. + { shop -kill-popups -filter{popups} } + .dabs.com + .overclockers.co.uk + + +# The 'Fast-redirects' action breaks some sites. Disable this action +# for these known sensitive sites: + { -fast-redirects } + login.yahoo.com + edit.europe.yahoo.com + .google.com + .altavista.com/.*(like|url|link):http + .altavista.com/trans.*urltext=http + .nytimes.com + + +# Define which file types will be treated as images. Important +# for ad blocking. + { +handle-as-image } + /.*\.(gif|jpe?g|png|bmp|ico) + + +# Now lets list some domains that are known ad generators. And +# our alias that we use here will block these as well as force +# them to be treated as images. This combination of actions is +# important for ad blocking. What the browser will show instead is +# determined by the setting of +set-image-blocker + { +imageblock } + ar.atwola.com + .ad.doubleclick.net + .a.yimg.com/(?:(?!/i/).)*$ + .a[0-9].yimg.com/(?:(?!/i/).)*$ + bs*.gsanet.com + bs*.einets.com + .qkimg.net + ad.*.doubleclick.net + + +# These will just simply be blocked. They will generate the BLOCKED +# banner page, if matched. Heavy use of wildcards and regular +# expressions in this example. Enable block action: + { +block } + ad*. + .*ads. + banner?. + count*. + /.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?) + /(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/ + .hitbox.com + + +# The above block section will probably inadvertantly catch some +# sites we DO NOT want blocked via the wildcards and regular expressions. +# Now let's set exceptions to the exceptions so the good guys get better +# treatment. Disable block action: + { -block } + advogato.org + adsl. + ad[ud]*. + advice. +# Let's just trust all .edu top level domains. + .edu + www.ugu.com/sui/ugu/adv +# We'll need to access to path names containing 'download' + .*downloads. + /downloads/ +# 'adv' is for globalintersec and means advanced, not advertisement + www.globalintersec.com/adv + + +# Don't filter *anything* from our friends at sourceforge. +# Notice we don't have to name the individual filter +# identifiers -- we just turn them all off in one fell swoop. +# Disable all filters for this one site: + { -filter } + .sourceforge.net - Turn on page filtering according to rules in the defined sections - of default.filter, and make one exception for - Sourceforge: - + So far we are painting with a broad brush by setting general policies. + The above would be a reasonable starting point for many situations. Now, + we want to be more specific and have customized rules that are more suitable + to our personal habits and preferences. These would be for narrowly defined + situations like your ISP or your bank, and should be placed in + user.action, which is parsed after all other + actions files and should not be clobbered by upgrades. So any settings here, + will have the last word and over-ride any previously defined actions. + - - - - # Run everything through the filter file, using only certain - # specified sections: - { - # other actions normally listed here... - +filter{html-annoyances} +filter{js-annoyances} +filter{kill-popups}\ - +filter{webbugs} +filter{nimda} +filter{banners-by-size} - } - / #match all URLs - - # Then disable filtering of code from all sourceforge domains! - {-filter} - .sourceforge.net - - - + Now a few examples of some things that one might do with a + user.action file. - - Now some URLs that we want blocked (normally generates - the blocked banner). Typically, the block - action is off by default in the upper section of an actions file, then enabled - against certain URLs and patterns in the lower part of the file. Many of these use regular expressions that will expand to match multiple - URLs: + - # Blocklist: - {+block} - ad*. - .*ads. - banner?. - count*. - /.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?) - /(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/ - .hitbox.com - /.*/(ng)?adclient\.cgi - /.*/(plain|live|rotate)[-_.]?ads?/ - /.*/abanners/ - /autoads/ +# Sample user.action file. + +# Any aliases you want to use need to be re-defined here. +# Alias to turn off cookie handling, ie allow all cookies unmolested. + -prevent-cookies = -prevent-setting-cookies -prevent-reading-cookies \ + -session-cookies-only + +# Fragile sites should have the minimum changes: + fragile = -block -deanimate-gifs -fast-redirects -filter -hide-referer \ + -prevent-cookies -kill-popups + +# Allow persistent cookies for a few regular sites that we +# trust via our above alias. These will be saved from one browser session +# to the next. We are explicity turning off any and all cookie handling, +# even though the prevent-*-cookie settings were disabled in our above +# default.action anyway. So cookies from these domains will come through +# unmolested. + { -prevent-cookies } + .sun.com + .yahoo.com + .msdn.microsoft.com + .redhat.com + + +# My ISP uses obnoxious self promoting images on many pages. +# Nuke them :) Note that +handle-as-image need not be specified, +# since all URLs ending in .gif will be tagged as images by the +# general rules in default.action anyway. + { +block } + www.my-isp-example.com/logo[0-9].gif + +# Say the site where you do your homebanking needs to open +# popup windows, but you have chosen to kill popups by +# default. This will allow it for your-example-bank.com: +# + { -filter{popups} -kill-popups } + .my-example-bank.com + +# This site is delicate, and requires kid-glove +# treatment. + { fragile } + .forbes.com - - Note that many of these actions have the potential to cause a page to - misbehave, possibly even not to display at all. There are many ways - a site designer may choose to design his site, and what HTTP header - content, and other criteria, he may depend on. There is no way to have hard - and fast rules for all sites. See the Appendix for a brief example on troubleshooting - actions. - - - + - + Aliases Custom actions, known to Privoxy @@ -4325,7 +4618,8 @@ forward-socks4 and forward-socks4a must be defined before other actions in the actions file! And there can only be one set of aliases defined per file. Each actions file may have its own aliases, but they are - only visible within that file. + only visible within that file. Aliases do not requir a + or + - sign in front, since they are merely expanded. @@ -4394,20 +4688,23 @@ forward-socks4 and forward-socks4a - + - - + + + + The Filter File Any web page can be dynamically modified with the filter file. This modification can be removal, or re-writing, of any web page content, including tags and non-visible content. The default filter file is - default.filter, located in the config directory. + oddly enough default.filter, located in the config + directory. @@ -4500,32 +4797,58 @@ forward-socks4 and forward-socks4a + + + +The <emphasis>+filter</emphasis> Action + + Filters are enabled with the +filter action from within + one of the actions files. +filter requires one parameter, which + should match one of the section identifiers in the filter file itself. Example: + + + + +filter{html-annoyances} + + + + This would activate that particular filter. Similarly, +filter + can be turned off for selected sites as: + -filter{html-annoyances}. Remember too, all actions are off by + default, unless they are explicity enabled in one of the actions files. + + + + - + Templates When Privoxy displays one of its internal - pages, such as a 404 Not Found error page, it uses the appropriate template. - On Linux, BSD, and Unix, these are located in - /etc/privoxy/templates by default. These may be - customized, if desired. cgi-style.css is - used to control the HTML attributes (fonts, etc). - - - The default Blocked banner page with the bright red top + pages, such as a 404 Not Found error page + (Privoxy must be running for link to work as + intended), it uses the appropriate template. On Linux, BSD, and Unix, these + are located in /etc/privoxy/templates by default. These + may be customized, if desired. cgi-style.css is used to + control the HTML attributes (fonts, etc). + + + The default +Blocked +(Privoxy needs to be running for page to display) + banner page with the bright red top banner, is called just blocked. This may be customized or replaced with something else if desired. - - @@ -4541,35 +4864,6 @@ Requests &contacting; - - - -Submitting Ads and <quote>Action</quote> Problems - - Ads and banners that are not stopped by Privoxy - can be submitted to the developers by accessing a special page and filling - out the brief, required form. Conversely, you can also report pages, images, - etc. that Privoxy is blocking, but should not. - The form itself does require Internet access. - - - To do this, point your browser to Privoxy - at http://config.privoxy.org/ - (shortcut: http://p.p/), and then select - Actions file feedback system, - near the bottom of the page. Paste in the URL that is the cause of the - unwanted behavior, and follow the prompts. The developers will - try to incorporate a fix for the problem you reported into future versions. - - - - New, improved default.action files will occasionally be made - available based on your feedback. These will be announced on the ijbswa-announce - list. - - - @@ -4992,31 +5286,35 @@ Requests - Enable Privoxy + Privoxy - Enable - Disable Privoxy + Privoxy - Disable - Toggle Privoxy (Toggles between enabled and disabled) + Privoxy - Toggle Privoxy (Toggles between enabled and disabled) - View Privoxy Status + Privoxy- View Status - Actions file feedback system + Privoxy - Submit Filter Feedback @@ -5065,13 +5363,13 @@ Requests Next, Privoxy checks to see if the URL matches any +block patterns. If + url="actions-file.html#BLOCK">+block patterns. If so, the URL is then blocked, and the remote web server will not be contacted. - +handle-as-image + +handle-as-image is then checked and if it does not match, an HTML BLOCKED page is sent back. Otherwise, if it does match, an image is returned. The type of image depends on the setting of +set-image-blocker + url="actions-file.html#SET-IMAGE-BLOCKER">+set-image-blocker (blank, checkerboard pattern, or an HTTP redirect to an image elsewhere). @@ -5084,7 +5382,7 @@ Requests If the URL pattern matches the +fast-redirects action, + url="actions-file.html#FAST-REDIRECTS">+fast-redirects action, it is then processed. Unwanted parts of the requested URL are stripped. @@ -5092,7 +5390,7 @@ Requests Now the rest of the client browser's request headers are processed. If any of these match any of the relevant actions (e.g. +hide-user-agent, + url="actions-file.html#HIDE-USER-AGENT">+hide-user-agent, etc.), headers are suppressed or forged as determined by these actions and their parameters. @@ -5108,24 +5406,24 @@ Requests First, the server headers are read and processed to determine, among other things, the MIME type (document type) and encoding. The headers are then filtered as deterimed by the - +prevent-setting-cookies, - +session-cookies-only, - and +downgrade-http-version + +prevent-setting-cookies, + +session-cookies-only, + and +downgrade-http-version actions. - If the +kill-popups + If the +kill-popups action applies, and it is an HTML or JavaScript document, the popup-code in the response is filtered on-the-fly as it is received. - If a +filter + If a +filter or +deanimate-gifs + url="actions-file.html#DEANIMATE-GIFS">+deanimate-gifs action applies (and the document type fits the action), the rest of the page is read into memory (up to a configurable limit). Then the filter rules (from default.filter) are processed against the buffered @@ -5136,9 +5434,9 @@ Requests Privoxy back to your browser. - If neither +filter + If neither +filter or +deanimate-gifs + url="actions-file.html#DEANIMATE-GIFS">+deanimate-gifs matches, then Privoxy passes the raw data through to the client browser as it becomes available. @@ -5166,8 +5464,8 @@ Requests The way Privoxy applies - actions - and filters + actions + and filters to any given URL can be complex, and not always so easy to understand what is happening. And sometimes we need to be able to see just what Privoxy is @@ -5197,7 +5495,7 @@ Requests Privoxy will tell us how the current configuration will handle it. This will not help with filtering effects (i.e. the +filter action) from + url="actions-file.html#FILTER">+filter action) from the default.filter file since this is handled very differently and not so easy to trap! It also will not tell you about any other URLs that may be embedded within the URL you are testing. For instance, images @@ -5241,13 +5539,12 @@ Requests --- File user --- (no matches in this file) - This tells us how we have defined our - actions, and + actions, and which ones match for our example, google.com. The first listing is any matches for the standard.action file. No hits at all here on standard. Then next is default, or @@ -5265,11 +5562,11 @@ Requests apply to. Last match wins. Just below this then are two explicit matches for .google.com. The first is negating our previous cookie setting, which was for +session-cookies-only + url="actions-file.html#SESSION-COOKIES-ONLY">+session-cookies-only (i.e. not persistent). So we will allow persistent cookies for google. The second turns off any +fast-redirects + url="actions-file.html#FAST-REDIRECTS">+fast-redirects action, allowing this to take place unmolested. Note that there is a leading dot here -- .google.com. This will match any hosts and sub-domains, in the google.com domain also, such as @@ -5301,9 +5598,8 @@ Requests +hide-forwarded-for-headers +hide-from-header{block} +hide-referer{forge} -hide-user-agent -handle-as-image +set-image-blocker{pattern} -limit-connect +prevent-compression -session-cookies-only -prevent-reading-cookies - -prevent-setting-cookies -kill-popups -send-vanilla-wafer -send-wafer - - + -prevent-setting-cookies -kill-popups -send-vanilla-wafer -send-wafer + @@ -5326,8 +5622,7 @@ Requests { +block +handle-as-image } .doubleclick.net - - + @@ -5335,7 +5630,7 @@ Requests matched three different times. Each as an +block +handle-as-image, which is the expanded form of one of our aliases that had been defined as: +imageblock. (Aliases are defined in + url="actions-file.html#ALIASES">Aliases are defined in the first section of the actions file and typically used to combine more than one action.) @@ -5347,10 +5642,10 @@ Requests though ;-) Note that if you want an ad or obnoxious URL to be invisible, it should be defined as ad.doubleclick.net is done here -- as both a +block + url="actions-file.html#BLOCK">+block and an +handle-as-image. + url="actions-file.html#HANDLE-AS-IMAGE">+handle-as-image. The custom alias +imageblock just simplifies the process and make it more readable. @@ -5376,8 +5671,7 @@ Requests { +block +handle-as-image } /ads - - + @@ -5393,8 +5687,7 @@ Requests { -block } /adsl - - + @@ -5412,8 +5705,7 @@ Requests { +block +handle-as-image } /ads - - + @@ -5434,8 +5726,7 @@ Requests .jungle.com .scan.co.uk .forbes.com - - + @@ -5450,8 +5741,7 @@ Requests {-filter} .forbes.com - - + @@ -5491,6 +5781,25 @@ Requests Temple Place - Suite 330, Boston, MA 02111-1307, USA. $Log: user-manual.sgml,v $ + Revision 1.98 2002/04/28 05:43:59 hal9 + This is the break up of configuration.html into multiple files. This + will probably break links elsewhere :( + + Revision 1.97 2002/04/27 21:04:42 hal9 + -Rewrite of Actions File example. + -Add section for user-manual directive in config. + + Revision 1.96 2002/04/27 05:32:00 hal9 + -Add short section to Filter Files to tie in with +filter action. + -Start rewrite of examples in Actions Examples (not finished). + + Revision 1.95 2002/04/26 17:23:29 swa + bookmarks cleaned, changed structure of user manual, screen and programlisting cleanups, and numerous other changes that I forgot + + Revision 1.94 2002/04/26 05:24:36 hal9 + -Add most of Andreas suggestions to Chain of Events section. + -A few other minor corrections and touch up. + Revision 1.92 2002/04/25 18:55:13 hal9 More catchups on new actions files, and new actions names. Other assorted cleanups, and minor modifications.