X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=doc%2Fwebserver%2Fuser-manual%2Factions-file.html;h=db8dae24afd32b29e00265d8f294858d14cbc553;hb=57d8b0e0ca7e2d24bd29b3a4d3f5a648a38ae393;hp=68cf2b69e724511ac88b6217a43804cb9b50d3ea;hpb=f8dbc81f51ddf04121644ad5da727f94f3ad11a5;p=privoxy.git diff --git a/doc/webserver/user-manual/actions-file.html b/doc/webserver/user-manual/actions-file.html index 68cf2b69..db8dae24 100644 --- a/doc/webserver/user-manual/actions-file.html +++ b/doc/webserver/user-manual/actions-file.html @@ -3,104 +3,77 @@
Privoxy 3.0.27 User Manual | +Privoxy 3.0.29 User Manual | ||||
---|---|---|---|---|---|
Prev | +Prev | - | Next | +Next |
The actions files are used to define what actions Privoxy takes for which URLs, and thus determines - how ad images, cookies and various other aspects of HTTP content and - transactions are handled, and on which sites (or even parts thereof). - There are a number of such actions, with a wide range of functionality. - Each action does something a little different. These actions give us a - veritable arsenal of tools with which to exert our control, preferences - and independence. Actions can be combined so that their effects are - aggregated when applied against a given set of URLs.
-There are three action files included with Privoxy with differing purposes:
+The actions files are used to define what actions + Privoxy takes for which URLs, and thus determines how ad images, cookies and + various other aspects of HTTP content and transactions are handled, and on which sites (or even parts thereof). + There are a number of such actions, with a wide range of functionality. Each action does something a little + different. These actions give us a veritable arsenal of tools with which to exert our control, preferences and + independence. Actions can be combined so that their effects are aggregated when applied against a given set of + URLs.
+There are three action files included with Privoxy with differing purposes:
match-all.action - is used to define - which "actions" relating to - banner-blocking, images, pop-ups, content modification, cookie - handling etc should be applied by default. It should be the first - actions file loaded
+match-all.action - is used to define which "actions" + relating to banner-blocking, images, pop-ups, content modification, cookie handling etc should be applied by + default. It should be the first actions file loaded
default.action - defines many exceptions - (both positive and negative) from the default set of actions that's - configured in match-all.action. It is a set - of rules that should work reasonably well as-is for most users. This - file is only supposed to be edited by the developers. It should be - the second actions file loaded.
+default.action - defines many exceptions (both positive and negative) from the + default set of actions that's configured in match-all.action. It is a set of rules + that should work reasonably well as-is for most users. This file is only supposed to be edited by the + developers. It should be the second actions file loaded.
user.action - is intended to be for - local site preferences and exceptions. As an example, if your ISP or - your bank has specific requirements, and need special handling, this - kind of thing should go here. This file will not be upgraded.
+user.action - is intended to be for local site preferences and exceptions. As an + example, if your ISP or your bank has specific requirements, and need special handling, this kind of thing + should go here. This file will not be upgraded.
Edit Set to - Cautious Set to Medium - Set to Advanced
-These have increasing levels of aggressiveness and have no influence on your browsing - unless you select them explicitly in the editor. A default - installation should be pre-set to Cautious. - New users should try this for a while before adjusting the settings - to more aggressive levels. The more aggressive the settings, then the - more likelihood there is of problems such as sites not working as - they should.
-The Edit button allows you to turn - each action on/off individually for fine-tuning. The Cautious button changes the actions list to - low/safe settings which will activate ad blocking and a minimal set - of Privoxy's features, and - subsequently there will be less of a chance for accidental problems. - The Medium button sets the list to a - medium level of other features and a low level set of privacy - features. The Advanced button sets the - list to a high level of ad blocking and medium level of privacy. See - the chart below. The latter three buttons over-ride any changes via - with the Edit button. More fine-tuning - can be done in the lower sections of this internal page.
-While the actions file editor allows to enable these settings in - all actions files, they are only supposed to be enabled in the first - one to make sure you don't unintentionally overrule earlier - rules.
-The default profiles, and their associated actions, as pre-defined - in default.action are:
+Edit Set to Cautious Set to Medium Set to Advanced
+These have increasing levels of aggressiveness and have no + influence on your browsing unless you select them explicitly in the editor. A default installation + should be pre-set to Cautious. New users should try this for a while before adjusting + the settings to more aggressive levels. The more aggressive the settings, then the more likelihood there is of + problems such as sites not working as they should.
+The Edit button allows you to turn each action on/off individually for + fine-tuning. The Cautious button changes the actions list to low/safe settings + which will activate ad blocking and a minimal set of Privoxy's features, and + subsequently there will be less of a chance for accidental problems. The Medium + button sets the list to a medium level of other features and a low level set of privacy features. The + Advanced button sets the list to a high level of ad blocking and medium level of + privacy. See the chart below. The latter three buttons over-ride any changes via with the Edit button. More fine-tuning can be done in the lower sections of this internal page.
+While the actions file editor allows to enable these settings in all actions files, they are only supposed + to be enabled in the first one to make sure you don't unintentionally overrule earlier rules.
+The default profiles, and their associated actions, as pre-defined in default.action are:
Table 1. Default Configurations
- { +handle-as-image + { +handle-as-image +block{Banner ads.} } # Block these as if they were images. Send no block page. banners.example.com @@ -316,83 +251,63 @@ |
You can trace this process for URL patterns and any given URL by - visiting http://config.privoxy.org/show-url-info.
-Examples and more detail on this is provided in the Appendix, - Troubleshooting: Anatomy of an - Action section.
+You can trace this process for URL patterns and any given URL by visiting http://config.privoxy.org/show-url-info.
+Examples and more detail on this is provided in the Appendix, Troubleshooting: Anatomy of an Action section.
As mentioned, Privoxy uses - "patterns" to determine what actions might apply to which - sites and pages your browser attempts to access. These "patterns" use wild card type pattern matching to achieve a - high degree of flexibility. This allows one expression to be expanded - and potentially match against many similar patterns.
-Generally, an URL pattern has the form <host><port>/<path>, where the - <host>, the <port> and the <path> are optional. (This is why the special - / pattern matches all URLs). Note that the - protocol portion of the URL pattern (e.g. http://) should not be included in the pattern. This is assumed +
As mentioned, Privoxy uses "patterns" to determine + what actions might apply to which sites and pages your + browser attempts to access. These "patterns" use wild card type pattern matching to achieve a high degree of flexibility. This allows + one expression to be expanded and potentially match against many similar patterns.
+Generally, an URL pattern has the form <host><port>/<path>, where + the <host>, the <port> and the <path> are optional. (This is why the special / pattern matches all + URLs). Note that the protocol portion of the URL pattern (e.g. http://) should + not be included in the pattern. This is assumed already!
-The pattern matching syntax is different for the host and path parts - of the URL. The host part uses a simple globbing type matching - technique, while the path part uses more flexible "Regular Expressions" (POSIX - 1003.2).
-The port part of a pattern is a decimal port number preceded by a - colon (:). If the host part contains a - numerical IPv6 address, it has to be put into angle brackets - (<, >).
+The pattern matching syntax is different for the host and path parts of the URL. The host part uses a simple + globbing type matching technique, while the path part uses more flexible "Regular + Expressions" (POSIX 1003.2).
+The port part of a pattern is a decimal port number preceded by a colon (:). If the + host part contains a numerical IPv6 address, it has to be put into angle brackets (<, + >).
is a host-only pattern and will match any request to - www.example.com, regardless of which - document on that server is requested. So ALL pages in this domain - would be covered by the scope of this action. Note that a simple - example.com is different and would NOT - match.
+is a host-only pattern and will match any request to www.example.com, + regardless of which document on that server is requested. So ALL pages in this domain would be covered by + the scope of this action. Note that a simple example.com is different and would + NOT match.
means exactly the same. For host-only patterns, the trailing - / may be omitted.
+means exactly the same. For host-only patterns, the trailing / may be + omitted.
matches all the documents on www.example.com whose name starts with matches all the documents on www.example.com whose name starts with /index.html.
matches only the single document /index.html on matches only the single document /index.html on www.example.com.
matches the document /index.html, - regardless of the domain, i.e. on any web server - anywhere.
+matches the document /index.html, regardless of the domain, i.e. on + any web server anywhere.
Matches any URL because there's no requirement for either the - domain or the path to match anything.
+Matches any URL because there's no requirement for either the domain or the path to match anything.
Matches any URL with the host address 10.0.0.1. (Note that the real URL uses plain - brackets, not angle brackets.)
+Matches any URL with the host address 10.0.0.1. (Note that the real URL uses + plain brackets, not angle brackets.)
Matches any URL with the host address 2001:db8::1. (Note that the real URL uses plain - brackets, not angle brackets.)
+Matches any URL with the host address 2001:db8::1. (Note that the real URL uses + plain brackets, not angle brackets.)
matches nothing, since it would be interpreted as a domain - name and there is no top-level domain called .html. So its a mistake.
+matches nothing, since it would be interpreted as a domain name and there is no top-level domain called + .html. So its a mistake.
The matching of the host part offers some flexible options: if the - host pattern starts or ends with a dot, it becomes unanchored at that - end. The host pattern is often referred to as domain pattern as it is - usually used to match domain names and not IP addresses. For - example:
+The matching of the host part offers some flexible options: if the host pattern starts or ends with a dot, + it becomes unanchored at that end. The host pattern is often referred to as domain pattern as it is usually + used to match domain names and not IP addresses. For example:
matches any domain with first-level domain com and second-level domain example. For example www.example.com, example.com and foo.bar.baz.example.com. Note that it wouldn't - match if the second-level domain was another-example.
+matches any domain with first-level domain com and second-level domain + example. For example www.example.com, example.com and foo.bar.baz.example.com. Note that it wouldn't + match if the second-level domain was another-example.
matches any domain that STARTS with www. - (It also matches the domain www but - most of the time that doesn't matter.)
+matches any domain that STARTS with www. (It also matches the domain www but most of the time that + doesn't matter.)
matches any domain that CONTAINS .example.. And, by the way, also included would - be any files or documents that exist within that domain since - no path limitations are specified. (Correctly speaking: It - matches any FQDN that contains example - as a domain.) This might be www.example.com, news.example.de, or www.example.net/cgi/testing.pl for instance. All - these cases are matched.
+matches any domain that CONTAINS .example.. And, by the way, also included would be any files or documents that exist + within that domain since no path limitations are specified. (Correctly speaking: It matches any FQDN that + contains example as a domain.) This might be www.example.com, news.example.de, or www.example.net/cgi/testing.pl for instance. All these cases are matched.
Additionally, there are wild-cards that you can use in the domain - names themselves. These work similarly to shell globbing type - wild-cards: "*" represents zero or more - arbitrary characters (this is equivalent to the "Regular Expression" based - syntax of ".*"), "?" represents any single character (this is - equivalent to the regular expression syntax of a simple "."), and you can define "character classes" in square brackets which is - similar to the same regular expression technique. All of this can be - freely mixed:
+Additionally, there are wild-cards that you can use in the domain names themselves. These work similarly to + shell globbing type wild-cards: "*" represents zero or more arbitrary characters + (this is equivalent to the "Regular Expression" based syntax of ".*"), + "?" represents any single character (this is equivalent to the regular expression + syntax of a simple "."), and you can define "character + classes" in square brackets which is similar to the same regular expression technique. All of this can + be freely mixed:
matches "adserver.example.com", - "ads.example.com", etc but not - "sfads.example.com"
+matches "adserver.example.com", "ads.example.com", etc but not "sfads.example.com"
matches www.ipix.com, pictures.epix.com, matches www.ipix.com, pictures.epix.com, a.b.c.d.e.upix.com etc.
matches www1.example.com, - www4.example.cc, wwwd.example.cy, wwwz.example.com etc., but not wwww.example.com.
+matches www1.example.com, www4.example.cc, + wwwd.example.cy, wwwz.example.com etc., but + not wwww.example.com.
While flexible, this is not the sophistication of full regular - expression based syntax.
+While flexible, this is not the sophistication of full regular expression based syntax.
Privoxy uses "modern" POSIX 1003.2 "Regular Expressions" for - matching the path portion (after the slash), and is thus more - flexible.
-There is an Appendix with a - brief quick-start into regular expressions, you also might want to - have a look at your operating system's documentation on regular - expressions (try man re_format).
-Note that the path pattern is automatically left-anchored at the - "/", i.e. it matches as if it would start - with a "^" (regular expression speak for - the beginning of a line).
-Please also note that matching in the path is CASE INSENSITIVE by - default, but you can switch to case sensitive at any point in the - pattern by using the "(?-i)" switch: - www.example.com/(?-i)PaTtErN.* will match - only documents whose path starts with PaTtErN in exactly this capitalization.
+Privoxy uses "modern" POSIX 1003.2 "Regular + Expressions" for matching the path portion (after the slash), and is thus more flexible.
+There is an Appendix with a brief quick-start into regular expressions, + you also might want to have a look at your operating system's documentation on regular expressions (try + man re_format).
+Note that the path pattern is automatically left-anchored at the "/", i.e. it + matches as if it would start with a "^" (regular expression speak for the beginning + of a line).
+Please also note that matching in the path is CASE + INSENSITIVE by default, but you can switch to case sensitive at any point in the pattern by using + the "(?-i)" switch: www.example.com/(?-i)PaTtErN.* will + match only documents whose path starts with PaTtErN in exactly this capitalization.
Is equivalent to just ".example.com", since any documents within that - domain are matched with or without the ".*" regular expression. This is redundant
+Is equivalent to just ".example.com", since any documents within that + domain are matched with or without the ".*" regular expression. This is + redundant
Will match any page in the domain of "example.com" that is named "index.html", and that is part of some path. For - example, it matches "www.example.com/testing/index.html" but NOT - "www.example.com/index.html" because - the regular expression called for at least two "/'s", thus the path requirement. It also would - match "www.example.com/testing/index_html", because of - the special meta-character ".".
+Will match any page in the domain of "example.com" that is named + "index.html", and that is part of some path. For example, it matches + "www.example.com/testing/index.html" but NOT "www.example.com/index.html" because the regular expression called for at least two + "/'s", thus the path requirement. It also would match "www.example.com/testing/index_html", because of the special meta-character ".".
This regular expression is conditional so it will match any - page named "index.html" regardless - of path which in this case can have one or more "/'s". And this one must contain exactly - ".html" (but does not have to end - with that!).
-This regular expression will match any path of "example.com" that contains any of the words - "ads", "banner", "banners" - (because of the "?") or "junk". The path does not have to end in these - words, just contain them.
-This is very much the same as above, except now it must end - in either ".jpg", ".jpeg", ".gif" or - ".png". So this one is limited to - common image formats.
+This regular expression is conditional so it will match any page named "index.html" regardless of path which in this case can have one or more "/'s". And this one must contain exactly ".html" (and end with + that!).
+This regular expression will match any path of "example.com" that contains + any of the words "ads", "banner", "banners" (because of the "?") or "junk". The path does not have to end in these words, just contain them. The path has to + contain at least two slashes (including the one at the beginning).
+This is very much the same as above, except now it must end in either ".jpg", ".jpeg", ".gif" or + ".png". So this one is limited to common image formats.
There are many, many good examples to be found in default.action, and more tutorials below in Appendix on regular expressions.
+There are many, many good examples to be found in default.action, and more + tutorials below in Appendix on regular expressions.
Request tag patterns are used to change the applying actions based - on the request's tags. Tags can be created based on HTTP headers with - either the client-header-tagger or - the server-header-tagger - action.
-Request tag patterns have to start with "TAG:", so Privoxy - can tell them apart from other patterns. Everything after the colon - including white space, is interpreted as a regular expression with - path pattern syntax, except that tag patterns aren't left-anchored - automatically (Privoxy doesn't - silently add a "^", you have to do it - yourself if you need it).
-To match all requests that are tagged with "foo" your pattern line should be "TAG:^foo$", "TAG:foo" - would work as well, but it would also match requests whose tags - contain "foo" somewhere. "TAG: foo" wouldn't work as it requires white - space.
-Sections can contain URL and request tag patterns at the same - time, but request tag patterns are checked after the URL patterns and - thus always overrule them, even if they are located before the URL - patterns.
-Once a new request tag is added, Privoxy checks right away if it's - matched by one of the request tag patterns and updates the action - settings accordingly. As a result request tags can be used to - activate other tagger actions, as long as these other taggers look - for headers that haven't already be parsed.
-For example you could tag client requests which use the POST method, then use this tag to activate another - tagger that adds a tag if cookies are sent, and then use a block - action based on the cookie tag. This allows the outcome of one - action, to be input into a subsequent action. However if you'd - reverse the position of the described taggers, and activated the - method tagger based on the cookie tagger, no method tags would be - created. The method tagger would look for the request line, but at - the time the cookie tag is created, the request line has already been - parsed.
-While this is a limitation you should be aware of, this kind of - indirection is seldom needed anyway and even the example doesn't make - too much sense.
+Request tag patterns are used to change the applying actions based on the request's tags. Tags can be + created based on HTTP headers with either the client-header-tagger or the server-header-tagger action.
+Request tag patterns have to start with "TAG:", so Privoxy can tell them apart from other patterns. Everything after the colon including + white space, is interpreted as a regular expression with path pattern syntax, except that tag patterns aren't + left-anchored automatically (Privoxy doesn't silently add a "^", you have to do it yourself if you need it).
+To match all requests that are tagged with "foo" your pattern line should be + "TAG:^foo$", "TAG:foo" would work as well, but it would + also match requests whose tags contain "foo" somewhere. "TAG: + foo" wouldn't work as it requires white space.
+Sections can contain URL and request tag patterns at the same time, but request tag patterns are checked + after the URL patterns and thus always overrule them, even if they are located before the URL patterns.
+Once a new request tag is added, Privoxy checks right away if it's matched by one of the request tag + patterns and updates the action settings accordingly. As a result request tags can be used to activate other + tagger actions, as long as these other taggers look for headers that haven't already be parsed.
+For example you could tag client requests which use the POST method, then use this + tag to activate another tagger that adds a tag if cookies are sent, and then use a block action based on the + cookie tag. This allows the outcome of one action, to be input into a subsequent action. However if you'd + reverse the position of the described taggers, and activated the method tagger based on the cookie tagger, no + method tags would be created. The method tagger would look for the request line, but at the time the cookie tag + is created, the request line has already been parsed.
+While this is a limitation you should be aware of, this kind of indirection is seldom needed anyway and even + the example doesn't make too much sense.
To match requests that do not have a certain request tag, specify - a negative tag pattern by prefixing the tag pattern line with either - "NO-REQUEST-TAG:" or "NO-RESPONSE-TAG:" instead of "TAG:".
-Negative request tag patterns created with "NO-REQUEST-TAG:" are checked after all client headers - are scanned, the ones created with "NO-RESPONSE-TAG:" are checked after all server - headers are scanned. In both cases all the created tags are - considered.
+To match requests that do not have a certain request tag, specify a negative tag pattern by prefixing the + tag pattern line with either "NO-REQUEST-TAG:" or "NO-RESPONSE-TAG:" instead of "TAG:".
+Negative request tag patterns created with "NO-REQUEST-TAG:" are checked after + all client headers are scanned, the ones created with "NO-RESPONSE-TAG:" are checked + after all server headers are scanned. In both cases all the created tags are considered.
- This is an experimental feature. The syntax is likely to - change in future versions. +This is an experimental feature. The syntax is likely to change in future versions. |
Client tag patterns are not set based on HTTP headers but based on - the client's IP address. Users can enable them themselves, but the - Privoxy admin controls which tags are available and what their effect - is.
+Client tag patterns are not set based on HTTP headers but based on the client's IP address. Users can enable + them themselves, but the Privoxy admin controls which tags are available and what their effect is.
After a client-specific tag has been defined with the client-specific-tag, directive, - action sections can be activated based on the tag by using a - CLIENT-TAG pattern. The CLIENT-TAG pattern is evaluated at the same - priority as URL patterns, as a result the last matching pattern wins. - Tags that are created based on client or server headers are evaluated - later on and can overrule CLIENT-TAG and URL patterns!
-The tag is set for all requests that come from clients that - requested it to be set. Note that "clients" are differentiated by IP - address, if the IP address changes the tag has to be requested - again.
-Clients can request tags to be set by using the CGI interface - http://config.privoxy.org/client-tags.
+ "config.html#CLIENT-SPECIFIC-TAG">client-specific-tag, directive, action sections can be activated based on + the tag by using a CLIENT-TAG pattern. The CLIENT-TAG pattern is evaluated at the same priority as URL + patterns, as a result the last matching pattern wins. Tags that are created based on client or server headers + are evaluated later on and can overrule CLIENT-TAG and URL patterns! +The tag is set for all requests that come from clients that requested it to be set. Note that "clients" are + differentiated by IP address, if the IP address changes the tag has to be requested again.
+Clients can request tags to be set by using the CGI interface http://config.privoxy.org/client-tags.
Example:
- - # If the admin defined the client-specific-tag circumvent-blocks, +# If the admin defined the client-specific-tag circumvent-blocks, # and the request comes from a client that previously requested # the tag to be set, overrule all previous +block actions that # are enabled based on URL to CLIENT-TAG patterns. @@ -711,77 +541,60 @@ example.org/blocked-example-page | |||||||||||||||||||||||||||||||||||||||||||||
- This can lead to problems on web sites that depend - on looking at this header in order to customize their - content for different browsers (which, by the way, is - NOT the right thing to do: good - web sites work browser-independently). +This can lead to problems on web sites that depend on looking at this header in order to + customize their content for different browsers (which, by the way, is NOT the right thing to do: good web sites work + browser-independently). |
Using this action in multi-user setups or wherever different - types of browsers will access the same Privoxy is not recommended. In - single-user, single-browser setups, you might use it to delete - your OS version information from the headers, because it is an - invitation to exploit known bugs for your OS. It is also - occasionally useful to forge this in order to access sites that - won't let you in otherwise (though there may be a good reason - in some cases).
-More information on known user-agent strings can be found at - http://www.user-agents.org/ and http://en.wikipedia.org/wiki/User_agent.
+Using this action in multi-user setups or wherever different types of browsers will access the same + Privoxy is not + recommended. In single-user, single-browser setups, you might use it to delete your OS version + information from the headers, because it is an invitation to exploit known bugs for your OS. It is also + occasionally useful to forge this in order to access sites that won't let you in otherwise (though there + may be a good reason in some cases).
+More information on known user-agent strings can be found at http://www.user-agents.org/ and http://en.wikipedia.org/wiki/User_agent.
- - +hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}+ +hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)} |
Prevent abuse of Privoxy as - a TCP proxy relay or disable SSL for untrusted sites
+Filter encrypted requests and responses without verifying the certificate
Specifies to which ports HTTP CONNECT requests are - allowable.
+Encrypted requests are forwarded to sites without verifying the certificate.
+Boolean.
+N/A
+When the "+enable-https-filtering" action is used Privoxy by + default verifies that the remote site uses a valid certificate.
+If the certificate is invalid the connection is aborted.
+This action disabled the certificate check allowing requests to sites with invalid certificates.
+
+ {+ignore-certificate-errors} + www.example.org ++ |
+
Prevent abuse of Privoxy as a TCP proxy relay or disable SSL for + untrusted sites
+Specifies to which ports HTTP CONNECT requests are allowable.
A comma-separated list of ports or port ranges (the latter - using dashes, with the minimum defaulting to 0 and the maximum - to 65K).
+A comma-separated list of ports or port ranges (the latter using dashes, with the minimum defaulting + to 0 and the maximum to 65K).
By default, i.e. if no limit-connect action applies, Privoxy allows HTTP CONNECT requests to - all ports. Use limit-connect if - fine-grained control is desired for some or all - destinations.
-The CONNECT methods exists in HTTP to allow access to secure - websites ("https://" URLs) through - proxies. It works very simply: the proxy connects to the server - on the specified port, and then short-circuits its connections - to the client and to the remote server. This means - CONNECT-enabled proxies can be used as TCP relays very - easily.
-Privoxy relays HTTPS - traffic without seeing the decoded content. Websites can - leverage this limitation to circumvent Privoxy's filters. By specifying an - invalid port range you can disable HTTPS entirely.
+By default, i.e. if no limit-connect action applies, Privoxy allows HTTP CONNECT requests to all ports. Use limit-connect if fine-grained control is desired for some or all destinations.
+The CONNECT methods exists in HTTP to allow access to secure websites ("https://" URLs) through proxies. It works very simply: the proxy connects to the server + on the specified port, and then short-circuits its connections to the client and to the remote server. + This means CONNECT-enabled proxies can be used as TCP relays very easily.
+Privoxy relays HTTPS traffic without seeing the decoded content. + Websites can leverage this limitation to circumvent Privoxy's filters. + By specifying an invalid port range you can disable HTTPS entirely.
- - +limit-connect{443} # Port 443 is OK. ++limit-connect{443} # Port 443 is OK. +limit-connect{80,443} # Ports 80 and 443 are OK. +limit-connect{-3, 7, 20-100, 500-} # Ports less than 3, 7, 20 to 100 and above 500 are OK. +limit-connect{-} # All ports are OK @@ -3032,19 +2638,17 @@ nasty-banner-server.example.com/junk.cgi\?output=trash |