X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=doc%2Fwebserver%2Fuser-manual%2Fwhatsnew.html;h=65f29e531851f93f976ceab26a1deb23cf8bccb3;hb=ae4ff5fcb1cfe4c42e6decdda9ec92cfc565e276;hp=4d385c78e0937562186c1a68884a1a095583c90a;hpb=b5e73ac8341d223fe496f3496f292973ce5034bb;p=privoxy.git diff --git a/doc/webserver/user-manual/whatsnew.html b/doc/webserver/user-manual/whatsnew.html index 4d385c78..65f29e53 100644 --- a/doc/webserver/user-manual/whatsnew.html +++ b/doc/webserver/user-manual/whatsnew.html @@ -1,1100 +1,704 @@ -
Privoxy 3.0.21 User Manual | +Privoxy 3.0.32 User Manual | ||||
---|---|---|---|---|---|
Prev | - +Prev | - - | Next | +Next |
Privoxy 3.0.21 stable is a bug-fix - release for Privoxy 3.0.20 beta. It addresses two security issues that - affect all previous Privoxy versions. The changes since 3.0.20 beta - are:
- +Privoxy 3.0.31 fixes two security issues that were discovered while preparing + the 3.0.30 release. The issues also affect earlier Privoxy releases.
+Changes in Privoxy 3.0.31 stable:
Bug fixes:
- +Security/Reliability:
On POSIX-like platforms, network sockets with file descriptor - values above FD_SETSIZE are properly rejected. Previously they - could cause memory corruption in configurations that allowed the - limit to be reached.
+Prevent an assertion from getting triggered by a crafted CGI request. Commit 5bba5b89193fa. + OVE-20210130-0001. Reported by: Joshua Rogers (Opera)
Proxy authentication headers are removed unless the new - directive enable-proxy-authentication-forwarding is used. - Forwarding the headers potentially allows malicious sites to - trick the user into providing them with login information. - Reported by Chris John Riley.
+Fixed a memory leak when decompression fails "unexpectedly". Commit f431d61740cc0. + OVE-20210128-0001.
Bug fixes:
+Compiles on OS/2 again now that unistd.h is only included on - platforms that have it.
+Fixed detection of insufficient data for decompression. Previously Privoxy could try to decompress a + partly uninitialized buffer.
Changes in Privoxy 3.0.30 stable:
+General improvements:
- +Bug fixes:
The show-status page shows the FEATURE_STRPTIME_SANITY_CHECKS - status.
+Check the actual URL for redirects when https inspecting requests. Previously Privoxy would only check + the path which resulted in rewrite results being rejected as invalid URLs. Reported by withoutname in + #1736.
A couple of assert()s that could theoretically dereference - NULL pointers in debug builds have been relocated.
+Let the hide-referrer code tolerate Referer headers with https:// URLs. Previously they would always be + treated like a changed host.
Added an LSB info block to the generic start script. Based on - a patch from Natxo Asenjo.
+Use the https headers if the show-request handler is reached through https://. Previously Privoxy would + use the http headers which may be empty on a reused connection.
The max-client-connections default has been changed to 128 - which should be more than enough for most setups.
+Make CGI_PREFIX protocol-relative when building with FEATURE_HTTPS_INSPECTION. This unbreaks (at least) + https://config.privoxy.org/client-tags whose buttons would previously use a http:// URL resulting in + browser warnings.
Action file improvements:
- -Block rover.ebay./ar.*\&adtype= instead of - "/.*\&adtype=" which caused too man false positives. Reported - by u302320 in #360284, additional feedback from Adam Piggott.
+Support using https-inspection and client-header-order at the same time. Previously Privoxy would crash. + Reported by: Kai Raven
Unblock '.advrider.com/' and '/.*ADVrider'. Anonymously - reported in #3603636.
+Properly reject rewrites from http to https as they currently aren't supported. Previously Privoxy would + wait for the client to establish an encrypted connection which obviously would not happen.
Stop blocking '/js/slider\.js'. Reported by Adam Piggott in - #3606635 and _lvm in #2791160.
+When https inspection is enabled and Privoxy has been compiled with FEATURE_GRACEFUL_TERMINATION (not + recommended for production builds), the TLS backend resources are free'd later on and only if no active + connections are left. Prevents crashes when exiting "gracefully" at the wrong time.
Filter file improvements:
- -Added an iframes filter.
+Let the uninstall target remove the config file even if DESTDIR is set and properly announce the + deletion of the configuration files.
Documentation improvements:
- +General improvements:
The whole GPLv2 text is included in the user manual now, so - Privoxy can serve it itself and the user can read it without - having to wade through GPLv3 ads first.
+Allow to rewrite the request destination for https-inspected requests behind the client's back. The + documentation already sort of claimed that it was supported by not especially mentioning that it didn't + work for https-inspected requests. Fixes SF bug #923 reported by withoutname.
Properly numbered and underlined a couple of section titles in - the config that where previously overlooked due to a flaw in the - conversion script. Reported by Ralf Jungblut.
+Add support for filtering client request bodies by using CLIENT-BODY-FILTER filters which can be enabled + with the client-body-filter action. Patch submitted by Maxim Antonov. Sponsored by: Robert Klemme
Improved the support instruction to hopefully make it harder - to unintentionally provide insufficient information when - requesting support. Previously it wasn't obvious that the - information we need in bug reports is usually also required in - support requests.
+Add the new action suppress-tag{} which can be used to prevent a tagger from adding a tag. Patch + submitted by Maxim Antonov. Sponsored by: Robert Klemme
Removed documentation about packages that haven't been - provided in years.
+Gracefully handle existing website keys without matching certificates. This can happen if Privoxy was + previously running with an invalid TLS configuration that didn't allow it to create a certificate.
Privoxy-Regression-Test:
- -Only log the test number when not running in verbose mode The - position of the test is rarely relevant and it previously wasn't - exactly obvious which one of the numbers was useful to repeat the - test with --test-number.
+Recycle debug bit 4 for Tagging-related messages.
GNUmakefile improvements:
- -Factor generate-config-file out of config-file to make testing - more convenient.
-The clean target now also takes care of patch leftovers.
+Improve the message shown when the client-tags CGI page is requested with no tags configured.
Privoxy 3.0.20 beta contained the - following changes compared to the previous stable release:
- -Bug fixes:
- -Client sockets are now properly shutdown and drained before - being closed. This fixes page truncation issues with clients that - aggressively pipeline data on platforms that otherwise discard - already written data. The issue mainly affected Opera users and - was initially reported by Kevin in #3464439, szotsaki provided - additional information to track down the cause.
+Shorten the 'donate' and 'participate' links used by templates using redirects. Currently the redirects + lead to the FAQ entries but in the future we may want to relocate the content and using redirects makes + this more convenient.
Fix latency calculation for shared connections (disabled by - default). It was broken since their introduction in 2009. The - calculated latency for most connections would be 0 in which case - the timeout detection failed to account for the real latency.
+Log an error when a PCRE-HOST-PATTERN is used with FEATURE_PCRE_HOST_PATTERNS disabled. Don't treat this + a fatal error so the regression tests can be used with and without FEATURE_PCRE_HOST_PATTERNS.
Reject URLs with invalid port. Previously they were parsed - incorrectly and characters between the port number and the first - slash were silently dropped as shown by curl test 187.
+The code compiles with older C compilers again.
The default-server-timeout and socket-timeout directives - accept 0 as valid value.
+The chdir() return code is checked to fix a compiler warning.
Fix a race condition on Windows that could cause Privoxy to - become unresponsive after toggling it on or off through the - taskbar icon. Reported by Tim H. in #3525694.
+The packages feed has been removed from the source tarball. It's usually out of date when the source + tarball is generated for the release.
Fix the compilation on Windows when configured without IPv6 - support.
+Fixed harmless compiler warnings from GCC9 with -D_FORTIFY_SOURCE=2.
Fix an assertion that could cause debug builds to abort() in - case of socks5 connection failures with "debug 2" enabled.
+windows: Remove obsolete '$(DEST)/doc/images' target.
Fix an assertion that could cause debug builds to abort() if a - filter contained nul bytes in the replacement text.
+windows: Install the images referenced in the user manual.
General improvements:
- -Significantly improved keep-alive support for both client and - server connections.
+Remove obsolete 'gnu_regex.@OBJEXT@' target.
New debug log level 65536 which logs all actions that were - applied to the request.
+When installing from the GNUMAkefile, don't create an 'images' directory which is no longer used. The + images were relocated to the user-manual directory years ago.
New directive client-header-order to forward client headers in - a different order than the one in which they arrived.
+Add new FEATURES to the show-status page and resort list.
New directive tolerate-pipelining to allow client-side - pipelining. If enabled (3.0.20 beta enables it by default), - Privoxy will keep pipelined client requests around to deal with - them once the current request has been served.
+Remove unused variable in the OpenSSL-specific code.
New --config-test option to let Privoxy exit after checking - whether or not the configuration seems valid. The limitations - noted in TODO #22 and #23 still apply. Based on a patch by - Ramkumar Chinchani.
+Update bug tracker URL in cgi_error_unknown().
New limit-cookie-lifetime{} action to let cookies expire - before the end of the session. Suggested by Rick Sykes in - #1049575.
+Saved a couple of memory allocations when sorting client headers.
Increase the hard-coded maximum number of actions and filter - files from 10 to 30 (each). It doesn't significantly affect - Privoxy's memory usage and recompiling wasn't an option for all - Privoxy users that reached the limit.
+Improved a couple of error messages.
Add support for chunk-encoded client request bodies. - Previously chunk-encoded request bodies weren't guaranteed to be - forwarded correctly, so this can also be considered a bug fix - although chunk-encoded request bodies aren't commonly used in the - real world.
+Saved memory allocations when using OpenSSL and checking if a key already exists.
Add support for Tor's optimistic-data SOCKS extension, which - can reduce the latency for requests on newly created connections. - Currently only the headers are sent optimistically and only if - the client request has already been read completely which rules - out requests with large bodies.
+The configure script will bail out if OpenSSL and mbedTLS are enabled at the same time.
After preventing the client from pipelining, don't signal - keep-alive intentions. When looking at the response headers - alone, it previously wasn't obvious from the client's perspective - that no additional responses should be expected.
+Log a message right before exiting gracefully.
Stop considering client sockets tainted after receiving a - request with body. It hasn't been necessary for a while now and - unnecessarily causes test failures when using curl's test - suite.
+A couple of structures have been rearranged to require slightly less memory.
Allow HTTP/1.0 clients to signal interest in keep-alive - through the Proxy-Connection header. While such client are rare - in the real world, it doesn't hurt and couple of curl tests rely - on it.
+When https inspection is enabled and the certificate is invalid the error message is now sent with + status code 403 instead of 200.
Only remove duplicated Content-Type headers when filters are - enabled. If they are not it doesn't cause ill effects and the - user might not want it. Downgrade the removal message to - LOG_LEVEL_HEADER to clarify that it's not an error in Privoxy and - is unlikely to cause any problems in general. Anonymously - reported in #3599335.
+The Slackware rc script template has been renamed to slackware/rc.privoxy.in to silence complaints when + building Debian packages.
Set the socket option SO_LINGER for the client socket.
+When building with MbedTLS support, mbedtls_md5_ret() is used instead of mbedtls_md5() which is + deprecated and causes a warning on Debian GNU/Linux.
Action file improvements:
+Move several variable declarations to the beginning of their - code block. It's required when compiling with gcc 2.95 which is - still used on some platforms. Initial patch submitted by Simon - South in #3564815.
+Block requests to eu-tlp03.kameleoon.com/.
Optionally try to sanity-check strptime() results before - trusting them. Broken strptime() implementations have caused - problems in the past and the most recent offender seems to be - FreeBSD's libc (standards/173421).
+Unblock metrics.sr.ht/.
When filtering is enabled, let Range headers pass if the range - starts at the beginning. This should work around (or at least - reduce) the video playback issues with various Apple clients as - reported by Duc in #3426305.
+Disable fast-redirects for .fsf.org/.
Do not confuse a client hanging up with a connection time out. - If a client closes its side of the connection without sending a - request line, do not send the CLIENT_CONNECTION_TIMEOUT_RESPONSE, - but report the condition properly.
+Disable fast-redirects for .gravater.com/.
Allow closing curly braces as part of action values as long as - they are escaped.
+Disable fast-redirects for .ksta.de/.
On Windows, the logfile is now written before showing the GUI - error message which blocks until the user acknowledges it. - Reported by Adriaan in #3593603.
+Block requests to tag.crsspxl.com/.
Remove an unreasonable parameter limit in the CGI interface. - The new parameter limit depends on the memory available and is - currently unlikely to be reachable, due to other limits in both - Privoxy and common clients. Reported by Andrew on - ijbswa-users@.
+Block requests to analytics.slashdotmedia.com/.
Decrease the chances of parse failures after requests with - unsupported methods were sent to the CGI interface.
+Block requests to ml314.com/.
Action file improvements:
- -Remove the comment that indicated that updated default.action - versions are released on their own.
+Block requests to .adroll.com/.
Block 'optimize.indieclick.com/' and - 'optimized-by.rubiconproject.com/'
+Block requests to fastlane.rubiconproject.com/.
Unblock 'adjamblog.wordpress.com/' and - 'adjamblog.files.wordpress.com/'. Reported by Ryan Farmer in - #3496116.
+Block requests to api.theadex.com/.
Unblock '/.*Bugtracker'. Reported by pwhk in #3522341.
+Block requests to ih.adscale.de/.
Add test URLs for '.freebsd.org' and '.watson.org'.
+Block requests to .s400.meetrics.net/.
Unblock '.urbandictionary.com/popular'.
+Block requests for pp.lp4.io/.
Block '.adnxs.com/'.
+Block requests for trc-events.taboola.com/.
Filter file improvements:
+Block 'farm.plista.com/widgetdata.php'.
+A allow-autocompletion filter has been added which changes autocomplete="off" to "on" on input fields to + allow autocompletion. Requested by Jamie Zawinski in #370. Filter based on a submission by Aaron + Linville.
Block 'rotation.linuxnewmedia.com/'.
+Added an imdb filter.
Block 'reklamy.sfd.pl/'. Reported by kacperdominik in - #3399948.
+Added a sourceforge filter that reduces the amount of ads for proprietary software.
Block 'g.adspeed.net/'.
+Added a github filter that removes the annoying "Sign-Up" banner and the Cookie disclaimer.
Unblock 'websupport.wdc.com/'. Reported by Adam Piggot in - #3577851.
+Removed a duplicated pcrs command from the js-annoyances filter.
Block '/openx/www/delivery/'.
+The crude-parental filter now provides a short reason when blocking, inserts a link to Privoxy's + webinterface and adds a new line at the end of the generated page.
Privoxy-Log-Parser:
+Disable fast-redirects for '.googleapis.com/'.
+Highlight a few more messages.
Block 'imp.double.net/'. Reported by David Bo in #3070411.
+Add a handler for tagging messages.
Block 'gm-link.com/' which is used for email tracking. - Reported by David Bo in #1812733.
+Properly deal with 'Certificate error' crunches Previously the error description was highlighted as + 'host'.
Verify that requests to "bwp." are blocked. URL taken from - #1736879 submitted by Francois Marier.
+Log truncated LOG_LEVEL_CLF messages more gracefully and note that the statistics will be imprecise.
Block '/.*bannerid='. Reported by Adam Piggott in - #2975779.
+Fixed perldoc typo.
Block 'cltomedia.info/delivery/' and '.adexprt.com/'. - Anonymously reported in #2965254.
+Bump version to 0.9.2.
Privoxy-Regression-Test:
+Block 'de17a.com/'. Reported by David Bo in #3061472.
+Use http://127.0.0.1:8118/ as default Privoxy address unless http_proxy is set through the + environment.
Block 'oskar.tradera.com/'. Reported by David Bo in - #3060596.
+Add a --privoxy-cgi-prefix option that specifies the prefix to use when building URLs that are supposed + to reach Privoxy's CGI interface. If it's not set, http://p.p/ is used, which is supposed to work with the + default Privoxy configuration. If Privoxy has been built with FEATURE_HTTPS_INSPECTION enabled, and if + https inspection is activated with the +https-inspection action, this option can be used with + "https://p.p/" provided the system running Privoxy-Regression-Test has been configured to trust the + certificate used by Privoxy. Note that there are currently two tests in the official + regression-tests.action file that are expected to fail when using "https://p.p/" as privoxy-cgi-prefix.
Block '/scripts/webtrends\.js'. Reported by johnd16 in - #3002729.
+Skip the connection-established response in get_status_code() when looking for the status code with a + CGI prefix that starts with https://. We care about the status code sent by the impersonated web + server.
Block requests for 'pool.*.adhese.com/'. Reported by johnd16 - in #3002716.
+Use --proxy-header when using a CGI prefix with https:// and a "Host:" header.
Update path pattern for Coremetrics and add tests. Pattern and - URLs submitted by Adam Piggott #3168443.
+Allow '|' in tokens and values to allow tag patterns like + "TAG:^(application|text)/(x-)?javascript$".
Enable +fast-redirects{check-decoded-url} for 'tr.anp.se/'. - Reported by David Bo in #3268832.
+When get_cgi_page_or_else() fails, include the URL of the requested page in the log message.
Unblock '.conrad.se/newsletter/banners/'. Reported by David Bo - in #3413824.
+Added a --check-bad-ssl option that can be used to verify that Privoxy detects certificate problems when + accessing the test sites from badssl.com.
Block '.tynt.com/'. Reported by Dan Stahlke in #3421767.
+Bumped version to 0.7.2
uagen:
+Unblock '.bbci.co.uk/radio/'. Reported by Adam Piggott in - #3569603.
+Update example output.
Block requests to 'service.maxymiser.net/'. Reported by - johnd16 in #3118401 (with a previous URL).
+Recommend the use of the https-inspection action in the documentation.
Disable fast-redirects for Google's "let's pretend your - computer is infected" page.
+Upgrade a couple of URLs to https://.
Unblock '/.*download' to resolve actionsfile feedback - #3498129. Submitted by Steven Kolins (soundcloud.com not - working).
+Add ElectroBSD to the list of operating systems.
Unblock '.wlxrs.com/' which is required by hotmail.com. Fixes - #3413827 submitted by David Bo.
+Bumped generated Firefox version to 78 (ESR).
Add two unblock patterns for popup radio and TV players. - Submitted by Adam Piggott in #3596089.
+Bumped version to 1.2.2.
Filter file improvements & bug fixes:
- +User documentation:
Add a referer tagger.
+Remove reference to 'How to Report Bugs Effectively'. It was only rendered as text without URL in the + README anyway and there's no indication that users read it ...
Reduce the likelihood that the google filter messes up - HTML-generating JavaScript. Reported by Zeno Kugy in - #3520260.
+Let the dok-readme target fix the location embedded into the README file. This used to be done by CVS + but since the git migration it has to be done through other means.
Documentation improvements:
- -Revised all OS X sections due to new packaging module - (OSXPackageBuilder).
+Remove 'experimental' warning for client-specific-tag-related directives. They seem to work reliably and + there is no obvious reason why we would change the syntax in the near future.
Update the list of supported operating systems to clarify that - all Windows versions after 95 are expected to work and note that - the platform-specific code for AmigaOS and QNX currently isn't - maintained.
+Describe how to check if Privoxy has been built with FEATURE_HTTPS_INSPECTION.
Update 'Signals' section, the only explicitly handled signals - are SIGINT, SIGTERM and SIGHUP.
+Add a link to the trusted-cas-file documentation that explains how the user can create the file + herself.
Add Haiku to the list of operating systems on which Privoxy is - known to run.
+Don't explicitly mention the license for the code coming from 'Anonymous Coders' and Junkbusters. It's + obviously licensed under the GNU GPL like the rest of Privoxy or we wouldn't be allowed to distribute + it.
Add DragonFly to the list of BSDs on which Privoxy is known to - run.
+Update the +hide-user-agent example with uagen output.
Removed references to redhat-specific documentation set since - it no longer exists.
+Slightly improve the wording of the ca-key-file documentation.
Removed references to building PDFs since we no longer do - so.
+Explicitly mention Windows 10 as supported so search engines and users looking for it can find it.
Multiple listen-address directives are supported since 3.0.18, - correct the documentation to say so.
+Import a bunch of contributors from the ChangeLog.
Remove bogus section about long and short being preferable to - int.
+Remove obsolete doc/gpl.html.
Corrected some Internet JunkBuster references to Privoxy.
+Upgrade a couple of links to https://.
Removed references to www.junkbusters.com since it is no - longer maintained. Reported by Angelina Matson.
+Don't prefer the SourceForge patch tracker over the privoxy-devel mailing list. While at it, link to the + SourceForge patch tracker.
Various grammar and spelling corrections
+Mention http-inspection in the 'my browser warns me about unauthenticated content' FAQ entry.
Add a client-header-tagger{} example for disabling filtering - for range requests.
+Simplify the 'Is there is a license or fee?' FAQ entry.
Correct a URL in the "Privoxy with Tor" FAQ.
+Add another +redirect{} example.
Spell 'refresh-tags' correctly. Reported by Don in - #3571927.
+Explicitly mention that interested sponsors should include the link target in their first mail.
Sort manpage options alphabetically.
+Clarify that only Privoxy team members can object to new sponsors and link to the list of current team + members.
Remove an incorrect sentence in the toggle section. The toggle - state doesn't affect whether or not the Windows version uses the - tray icon. Reported by Zeno Kugy in #3596395.
+Note that sponsor URLs may not contain keyword spam.
Add new contributors since 3.0.19.
+Garbage collect doc/webserver/images which isn't referenced anymore.
Log message improvements:
- -When stopping to watch a client socket due to pipelining, - additionally log the socket number.
+Update the method to reach the proxy settings in Firefox.
Log the client socket and its condition before closing it. - This makes it more obvious that the socket actually gets closed - and should help when diagnosing problems like #3464439.
+Update proxy_setup.jpg description to refer to Firefox.
In case of SOCKS5 failures, do not explicitly log the server's - response. It hasn't helped so far and the response can already be - logged by enabling "debug 32768" anyway. This reverts v1.81 and - the follow-up bug fix v1.84.
+Regenerate proxy_setup.jpg with a more recent Firefox (78.0).
Relocate the connection-accepted message from listen_loop() to - serve(). This way it's printed by the thread that is actually - serving the connection which is nice when grepping for thread ids - in log files.
+Regenerate files-in-use.jpg without obsolete standard.action with modern colors and a slightly better + quality.
Code cleanups:
- -Remove compatibility layer for versions prior to 3.0 since it - has been obsolete for more than 10 years now.
+Update URL to the actionsfile tracker.
Remove the ijb_isupper() and ijb_tolower() macros from - parsers.c since they aren't used in this file.
+Update a support request URL.
Removed the 'Functions declared include:' comment sections - since they tend to be incomplete, incorrect and out of date and - the benefit seems questionable.
+Rephrase the 'Can Privoxy run as service' FAQ entry and remove an obsolete paragraph.
Various comment grammar and comprehensibility - improvements.
+Let the 'Where can I get updated Actions Files?' entry link to the gitweb version of + default.action.master.
Remove a pointless fflush() call in chat(). Flushing all - streams pretty much all the time for no obvious reason is - ridiculous.
+Update a link to the default.action file.
Relocate ijb_isupper()'s definition to project.h and get the - ijb_tolower() definition from there, too.
+Update URLs for trackers and mailing lists.
Relocate ijb_isdigit()'s definition to project.h.
+Replace CVS reference with git.
Rename ijb_foo macros to privoxy_foo.
+Mention regression-tests.action in the config file.
Add malloc_or_die() which will allow to simplify code paths - where malloc() failures don't need to be handled gracefully.
+Explicitly mention in the config file that access to the CA key should be limited to Privoxy.
Add strdup_or_die() which will allow to simplify code paths - where strdup() failures don't need to be handled gracefully.
+List more client-specific-tag examples for inspiration.
Replace strdup() calls with strdup_or_die() calls where it's - safe and simplifies the code.
+Add additional headers to the client-header-order example.
Fix white-space around parentheses.
+Note that actions aren't updated after rewrites.
Add missing white-space behind if's and the following - parentheses.
+Explicitly mention that upgrading from http to https with a client-header filter is not supported
Unwrap a memcpy() call in resolve_hostname_to_ip().
+Note that protocol and host have to be added when rewriting the destination host for https-inspected + requests.
Declare pcrs_get_delimiter()'s delimiters[] static const.
+Explicitly mention that the CA key is used to sign certificates.
Various optimisations to remove dead code and merge - inefficient code structures for improved clarity, performance or - code compactness.
+Put openssl command in 'command' tags.
Various data type corrections.
+The man page has been moved from section 1 to man section 8.
Developer manual:
+Change visibility of several code segments when compiling - without FEATURE_CONNECTION_KEEP_ALIVE enabled for clarity.
+Flesh out the build instructions for Debian.
In pcrs_get_delimiter(), do not use delimiters outside the - ASCII range. Fixes a clang complaint.
+Remove the packaging instructions for RPM-based systems. They don't work and we don't release RPM + packages anymore anyway.
Fix an error message in get_last_url() nobody is supposed to - see. Reported by Matthew Fischer in #3507301.
+Remove the packaging instructions for Solaris. They don't work and we don't release Solaris packages + anymore anyway.
Fix a typo in the no-zlib-support complaint. Patch submitted - by Matthew Fischer in #3507304.
+Update the suggested subject for the announce mails.
Shorten ssplit()'s prototype by removing the last two - arguments. We always want to skip empty fields and ignore leading - delimiters, so having parameters for this only complicates the - API.
+Update upload instructions. ftp://upload.sourceforge.net is no longer functional.
Use an enum for the type of the action value.
+Remove a couple of package-dependent upload instructions that don't actually work.
Rename action_name's member takes_value to value_type as it - isn't used as boolean.
+Remove 'cd current' that no longer works.
Turn family mismatches in match_sockaddr() into fatal - errors.
+Add regression-tests.action to the list of files that should be installed.
Let enlist_unique_header() verify that the caller didn't pass - a header containing either \r or \n.
+Stop claiming that there are text versions of the manuals. We stopped building them in 2008 + (9ed36a3c5e6f12).
Change the hashes used in load_config() to unsigned int. - That's what hash_string() actually returns and using a - potentially larger type is at best useless.
+Note that the 'webserver' target creates the link needed for the user-manual.
Use privoxy_tolower() instead of vanilla tolower() with manual - casting of the argument.
+Suggest to use the master branch as reference when creating the ChangeLog so the steps work when the + current branch differs from master which is likely as the developer manual suggests to use a local branch + for development.
Catch ssplit() failures in parse_cgi_parameters().
+Add the -s flag to the suggested 'git tag' command. We prefer signed tags.
Privoxy-Regression-Test:
- -Add an 'Overwrite condition' directive to skip any matching - tests before it. As it has a global scope, using it is more - convenient than clowning around with the Ignore directive.
+Mention that merges into 'master' should be avoided.
Log to STDOUT instead of STDERR.
+Add git commands that should result in a merge-free history.
Include the Privoxy version in the output.
+Mention Privoxy-Regression-Test.
Various grammar and spelling corrections in documentation and - code.
+Add a section id to reduce link churn.
Additional tests for range requests with filtering - enabled.
+Recommend the dok-tidy target when building docs for the webserver.
Tests with mostly invalid range request.
+Add another plug for the privoxy-devel mailing list.
Add a couple of hide-if-modified-since{} tests with different - date formats.
+Let the intro link the copyright section in the user manual instead of giving an incomplete summary of + the license status.
Cleaned up the format of the regression-tests.action file to - match the format of default.action.
+Clarify that the webserver target uploads to the SourceForge webserver.
Remove the "Copyright" line from print_version(). When using - --help, every line of screen space matters and thus shouldn't be - wasted on things the user doesn't care about.
+Mark the documentation for the Mac OS X installers as out of date and change the SCM name back to + CVS.
Privoxy-Log-Parser:
- -Improve the --statistics performance by skipping sanity checks - for input that shouldn't affect the results anyway. Add a - --strict-checks option that enables some of the checks again, - just in case anybody cares.
+Fix the location of the installer modules for Mac OS X. They are not actually available through git + (yet).
The distribution of client requests per connection is included - in the --statistic output.
+Don't speak of Privoxy version 3 in the past tense.
The --accept-unknown-messages option has been removed and the - behavior is now the default.
+Update the list of programs required for the release process.
Accept and (mostly) highlight new log messages introduced with - Privoxy 3.0.20.
+Update description of the webserver target which uses ssh, not scp.
uagen:
- -Bump generated Firefox version to 17.
+Remove obsolete reference to config.new.
GNUmakefile improvements:
- +Tests:
The dok-tidy target no longer taints documents with a - tidy-mark
+Add another hide-referrer{conditional-block} test.
Change RA_MODE from 0664 to 0644. Suggested by Markus Dittrich - in #3505445.
+Add another hide-referrer{conditional-forge} test.
Remove tidy's clean flag as it changes the scope of - attributes. Link-specific colors end up being applied to all - text. Reported by Adam Piggott in #3569551.
+Fix a hide-referrer{conditional-forge} test that expected an acceptable header to be forged.
Leave it up to the user whether or not smart tags are - inserted.
+Fix a hide-referrer{conditional-block} test that expected an acceptable Referer to be removed.
Let w3m itself do the line wrapping for the config file. It - works better than fmt as it can honour pre tags causing less - unintentional line breaks.
+Explain why the "Set Header = Host: whatever.example.org" test is expected to fail when using a CGI + prefix that starts with "https://".
Ditch a pointless '-r' passed to rm to delete files.
+Explain why a connection-sharing test is known to fail when using "https://p.p/" as CGI prefix.
The config-file target now requires less manual intervention - and updates the original config.
+Add a link to Privoxy-Regression-Test to regression-tests.action in case it isn't packaged.
Change WDUMP to generate ASCII. Add WDUMP_UTF8 to allow UTF-8 - in the AUTHORS file so the names are right.
+Add regression tests for pcre host patterns.
Stop pretending that lynx and links are supported for the - documentation.
+Fixed a regression test that is executed when FEATURE_GRACEFUL_TERMINATION is enabled.
configure improvements:
- +Privoxy infrastructure:
On Haiku, do not pass -lpthread to the compiler. Haiku's - pthreads implementation is contained in its system library, - libroot, so no additional library needs to be searched. Patch - submitted by Simon South in #3564815.
+Import a Privoxy logo for the website.
+Update Tor onion service to HiddenServiceVersion 3.
+Display the "model" photos in a single row and remove placeholder images.
+Regenerate homepage with updated sponsor list.
+Use the '/sponsor' redirect for the link to the sponsor page.
Additional Haiku-specific improvements. Disable checks - intended for multi-user systems as Haiku is presently - single-user. Group Haiku-specific settings in their own section, - following the pattern for Solaris, OS/2 and AmigaOS. Add - additional library-related settings to remove the need for - providing configure with custom LDFLAGS. Submitted by Simon South - in #3574538.
+Git commit messages are sent to the Privoxy-commits mailing list.
A quick list of things to be aware of before upgrading from earlier - versions of Privoxy:
- +A quick list of things to be aware of before upgrading from earlier versions of Privoxy:
The recommended way to upgrade Privoxy is to backup your old configuration - files, install the new ones, verify that Privoxy is working correctly and finally merge - back your changes using diff and - maybe patch.
- -There are a number of new features in each Privoxy release and most of them have to be - explicitly enabled in the configuration files. Old configuration - files obviously don't do that and due to syntax changes using old - configuration files with a new The recommended way to upgrade Privoxy is to backup your old + configuration files, install the new ones, verify that Privoxy is working + correctly and finally merge back your changes using diff and maybe + patch.
+There are a number of new features in each Privoxy release and most of + them have to be explicitly enabled in the configuration files. Old configuration files obviously don't do + that and due to syntax changes using old configuration files with a new Privoxy isn't always possible anyway.
Note that some installers remove earlier versions completely, - including configuration files, therefore you should really save any - important configuration files!
+Note that some installers remove earlier versions completely, including configuration files, therefore you + should really save any important configuration files!
On the other hand, other installers don't overwrite existing - configuration files, thinking you will want to do that - yourself.
+On the other hand, other installers don't overwrite existing configuration files, thinking you will want + to do that yourself.
In the default configuration only fatal errors are logged now. - You can change that in the debug - section of the configuration file. You may also want to enable - more verbose logging until you verified that the new Privoxy version is working as expected.
+In the default configuration only fatal errors are logged now. You can change that in the debug section of the configuration file. You may also want to enable more verbose + logging until you verified that the new Privoxy version is working as + expected.
Three other config file settings are now off by default: - enable-remote-toggle, - enable-remote-http-toggle, - and enable-edit-actions. If you - use or want these, you will need to explicitly enable them, and be - aware of the security issues involved.
+Three other config file settings are now off by default: enable-remote-toggle, enable-remote-http-toggle, and enable-edit-actions. If you use or want these, you will need to + explicitly enable them, and be aware of the security issues involved.