1 <!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V3.1//EN" [
2 <!entity % dummy "INCLUDE">
3 <!entity supported SYSTEM "supported.sgml">
4 <!entity newfeatures SYSTEM "newfeatures.sgml">
5 <!entity p-intro SYSTEM "privoxy.sgml">
6 <!entity seealso SYSTEM "seealso.sgml">
7 <!entity buildsource SYSTEM "buildsource.sgml">
8 <!entity contacting SYSTEM "contacting.sgml">
9 <!entity history SYSTEM "history.sgml">
10 <!entity copyright SYSTEM "copyright.sgml">
11 <!entity p-version "2.9.14">
12 <!entity p-status "beta">
13 <!entity % p-not-stable "INCLUDE">
14 <!entity % p-stable "IGNORE">
15 <!entity % p-text "IGNORE"> <!-- define we are not a text only doc -->
16 <!entity % p-doc "INCLUDE"> <!-- and we are a formal doc -->
17 <!entity % p-readme "IGNORE">
18 <!entity % p-supp-userman "IGNORE"> <!-- Omit some from supported.sgml -->
21 File : $Source: /cvsroot/ijbswa/current/doc/source/user-manual.sgml,v $
24 This file belongs into
25 ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
27 $Id: user-manual.sgml,v 1.84 2002/04/18 21:17:13 hal9 Exp $
29 Written by and Copyright (C) 2001 the SourceForge
30 Privoxy team. http://www.privoxy.org/
32 Based on the Internet Junkbuster originally written
33 by and Copyright (C) 1997 Anonymous Coders and
34 Junkbusters Corporation. http://www.junkbusters.com
37 ========================================================================
38 NOTE: Please read developer-manual/documentation.html before touching
39 anything in this, or other Privoxy documentation.
40 ========================================================================
46 <title>Privoxy User Manual</title>
48 <pubdate>$Id: user-manual.sgml,v 1.84 2002/04/18 21:17:13 hal9 Exp $</pubdate>
53 <orgname>By: Privoxy Developers</orgname>
62 This is here to keep vim syntax file from breaking :/
63 If I knew enough to fix it, I would.
64 PLEASE DO NOT REMOVE! HB: hal@foobox.net
70 The user manual gives users information on how to install, configure and use
72 url="http://www.privoxy.org/"><application>Privoxy</application></ulink>.
75 <!-- Include privoxy.sgml boilerplate: -->
77 <!-- end privoxy.sgml -->
80 You can find the latest version of the user manual at <ulink
81 url="http://www.privoxy.org/user-manual/">http://www.privoxy.org/user-manual/</ulink>.
82 Please see the <ulink url="contact.html">Contact section</ulink> on how to
83 contact the developers.
87 <!-- Feel free to send a note to the developers at <email>ijbswa-developers@lists.sourceforge.net</email>. -->
93 <!-- ~~~~~ New section ~~~~~ -->
94 <sect1 id="intro" label=""><title></title>
95 <!-- dummy section to force TOC on page by itself -->
96 <!-- DO NOT REMOVE! please ;) -->
100 <!-- ~~~~~ New section ~~~~~ -->
102 <sect1 label="1" id="introduction"><title>Introduction</title>
104 This documentation is included with the current &p-status; version of
105 <application>Privoxy</application>, v.&p-version;<![%p-not-stable;[,
106 and is mostly complete at this point. The most up to date reference for the
107 time being is still the comments in the source files and in the individual
108 configuration files. Development of version 3.0 is currently nearing
109 completion, and includes many significant changes and enhancements over
110 earlier versions. The target release date for
111 stable v3.0 is <quote>soon</quote> ;-)]]>.
115 <!-- include only in non-stable versions -->
117 Since this is a &p-status; version, not all new features are well tested. This
118 documentation may be slightly out of sync as a result (especially with
119 CVS sources). And there <emphasis>may be</emphasis> bugs, though hopefully
124 <!-- ~~~~~ New section ~~~~~ -->
125 <sect2 id="newfeatures">
126 <title>New Features</title>
128 In addition to <application>Internet Junkbuster's</application> traditional
129 features of ad and banner blocking and cookie management,
130 <application>Privoxy</application> provides new features<![%p-not-stable;[,
131 some of them currently under development]]>:
134 <!-- Include newfeatures.sgml boilerplate here: -->
136 <!-- end boilerplate -->
141 <!-- ~ End section ~ -->
144 <!-- ~~~~~ New section ~~~~~ -->
145 <sect1 id="installation"><title>Installation</title>
148 <application>Privoxy</application> is available both in convenient pre-compiled
149 packages for a wide range of operating systems, and as raw source code.
150 For most users, we recommend using the packages, which can be downloaded from our
151 <ulink url="http://sourceforge.net/projects/ijbswa/">Privoxy Project Page</ulink>.
155 If you like to live on the bleeding edge and are not afraid of using
156 possibly unstable development versions, you can check out the up-to-the-minute
157 version directly from <ulink url="http://sourceforge.net/cvs/?group_id=11118">the
158 CVS repository</ulink> or simply download <ulink
159 url="http://cvs.sourceforge.net/cvstarballs/ijbswa-cvsroot.tar.gz">the nightly CVS
163 <!-- Include supported.sgml boilerplate -->
165 <!-- end boilerplate -->
167 <!-- ~~~~~ New section ~~~~~ -->
168 <sect2 id="installation-packages"><title>Binary Packages</title>
171 Note: If you have a previous <application>Junkbuster</application> or
172 <application>Privoxy</application> installation on your system, you
173 will either need to remove it, or that might be done by the setup
174 procedure. (See below for your platform).
178 In any case <emphasis>be sure to backup your old configuration
179 if it is valuable to you.</emphasis> In that case, also see the
180 <link linkend="upgradersnote">note to upgraders</link>.
184 How to install the binary packages depends on your operating system:
187 <!-- ~~~~~ New section ~~~~~ -->
188 <sect3 id="installation-pack-rpm"><title>Red Hat and SuSE RPMs</title>
191 RPMs can be installed with <literal>rpm -Uvh <name-of-rpm.rpm></literal>,
192 and will use <filename>/etc/privoxy</filename> for the location
193 of configuration files.
197 Note that if you have a <application>Junkbuster</application> RPM installed
198 on your system, you need to remove it first, because the packages conflict.
199 Otherwise, RPM will try to remove <application>Junkbuster</application>
200 automatically, before installing <application>Privoxy</application>.
204 <!-- ~~~~~ New section ~~~~~ -->
205 <sect3 id="installation-deb"><title>Debian</title>
211 <!-- ~~~~~ New section ~~~~~ -->
212 <sect3 id="installation-pack-win"><title>Windows</title>
215 Just double-click the installer, which will guide you through
216 the installation process.
220 <!-- ~~~~~ New section ~~~~~ -->
221 <sect3 id="installation-pack-bintgz"><title>Solaris, NetBSD, FreeBSD, HP-UX</title>
224 Create a new directory, <literal>cd</literal> to it, then unzip and
225 untar the archive. For the most part, you'll have to figure out where
230 <!-- ~~~~~ New section ~~~~~ -->
231 <sect3 id="installation-os2"><title>OS/2</title>
234 First, make sure that no previous installations of
235 <application>Junkbuster</application> and / or
236 <application>Privoxy</application> are left on your
241 Then, just double-click the WarpIN self-installing archive, which will
242 guide you through the installation process. A shadow of the
243 <application>Privoxy</application> executable will be placed in your
244 startup folder so it will start automatically whenever OS/2 starts.
248 The directory you choose to install <application>Privoxy</application>
249 into will contain all of the configuration files.
253 <!-- ~~~~~ New section ~~~~~ -->
254 <sect3 id="installation-mac"><title>Max OSX</title>
260 <!-- ~~~~~ New section ~~~~~ -->
261 <sect3 id="installation-amiga"><title>AmigaOS</title>
263 Unpack the <literal>.lha</literal> archive, then FIXME.
268 <!-- ~~~~~ New section ~~~~~ -->
269 <sect2 id="installation-source"><title>Building from Source</title>
271 <!-- include buildsource.sgml boilerplate: -->
273 <!-- end boilerplate -->
278 <!-- ~ End section ~ -->
281 <!-- ~~~~~ New section ~~~~~ -->
283 <sect1 id="quickstart"><title>Quickstart to Using <application>Privoxy</application></title>
286 <!-- ~~~~~ New section ~~~~~ -->
287 <sect2 id="upgradersnote">
288 <title>Note to Upgraders</title>
290 There are very significant changes from older versions of
291 <application>Junkbuster</application> to the current
292 <application>Privoxy</application>. Configuration is substantially
293 changed. <application>Junkbuster 2.0.x</application> and earlier
294 configuration files will not migrate. The functionality of the old
295 <filename>blockfile</filename>, <filename>cookiefile</filename> and
296 <filename>imagelist</filename>, are now combined into the
297 <quote>actions file</quote> (<filename>default.action</filename>
298 for most installations).
301 A <quote>filter file</quote> (typically <filename>default.filter</filename>)
302 is new with <application>Privoxy 2.9.x</application>, and provides some
303 of the new sophistication (explained below). <filename>config</filename> is
304 much the same as before.
307 If upgrading from a 2.0.x version, you will have to use the new config
308 files, and possibly adapt any personal rules from your older files.
309 When porting personal rules over from the old <filename>blockfile</filename>
310 to the new actions file, please note that even the pattern syntax has
312 If upgrading from 2.9.x development versions, it is still recommended
313 to use the new configuration files.
316 A quick list of things to be aware of before upgrading:
324 The default listening port is now 8118 due to a conflict with another
330 Some installers may remove earlier versions completely. Save any
331 important configuration files!
336 <application>Privoxy</application> is controllable with a web browser
337 at the special URL: <ulink
338 url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>
339 (Shortcut: <ulink url="http://p.p/">http://p.p/</ulink>). Many
340 aspects of configuration can be done here, including temporarily disabling
341 <application>Privoxy</application>.
346 The primary configuration file for cookie management, ad and banner
347 blocking, and many other aspects of <application>Privoxy</application>
348 configuration is <filename>default.action</filename>. It is strongly
349 recommended to become familiar with the new actions concept below,
350 before modifying this file.
355 <!-- I think it is best to keep this somewhat vague, in case -->
356 <!-- the situation changes under our feet. -->
357 Some installers may not automatically start
358 <application>Privoxy</application> after installation.
367 <!-- ~~~~~ New section ~~~~~ -->
369 <title>Starting <application>Privoxy</application></title>
371 Before launching <application>Privoxy</application> for the first time, you
372 will want to configure your browser(s) to use <application>Privoxy</application>
373 as a HTTP and HTTPS proxy. The default is localhost for the proxy address,
374 and port 8118 (earlier versions used port 8000). This is the one required
375 configuration that must be done!
379 With <application>Netscape</application> (and
380 <application>Mozilla</application>), this can be set under <literal>Edit
381 -> Preferences -> Advanced -> Proxies -> HTTP Proxy</literal>.
382 For <application>Internet Explorer</application>: <literal>Tools ->
383 Internet Properties -> Connections -> LAN Setting</literal>. Then,
384 check <quote>Use Proxy</quote> and fill in the appropriate info (Address:
385 localhost, Port: 8118). Include if HTTPS proxy support too.
389 After doing this, flush your browser's disk and memory caches to force a
390 re-reading of all pages and to get rid of any ads that may be cached. You
391 are now ready to start enjoying the benefits of using
392 <application>Privoxy</application>.
397 <application>Privoxy</application> is typically started by specifying the
398 main configuration file to be used on the command line. Example Unix startup
405 # /usr/sbin/privoxy /etc/privoxy/config
411 An init script is provided for SuSE and Red Hat.
415 For for SuSE: <command>rcprivoxy start</command>
419 For Red Hat: <command>/etc/rc.d/init.d/privoxy start</command>
424 If no configuration file is specified on the command line,
425 <application>Privoxy</application> will look for a file named
426 <filename>config</filename> in the current directory. Except on Win32 where
427 it will try <filename>config.txt</filename>. If no file is specified on the
428 command line and no default configuration file can be found,
429 <application>Privoxy</application> will fail to start.
434 The included default configuration files should give a reasonable starting
435 point. Most of the per site configuration is done in the
436 <quote>actions</quote> files. These are where various cookie actions are
437 defined, ad and banner blocking, and other aspects of
438 <application>Privoxy</application> configuration. There are several such
439 files included, with varying levels of aggressiveness.
443 You will probably want to keep an eye out for sites that require persistent
444 cookies, and add these to <filename>default.action</filename> as needed. By
445 default, most of these will be accepted only during the current browser
446 session (aka <quote>session cookies</quote>), until you add them to the
447 configuration. If you want the browser to handle this instead, you will need
448 to edit <filename>default.action</filename> and disable this feature. If you
449 use more than one browser, it would make more sense to let
450 <application>Privoxy</application> handle this. In which case, the
451 browser(s) should be set to accept all cookies.
455 Another feature where you will probably want to define exceptions for trusted
456 sites is the popup-killing (through the <literal>+popup</literal> and
457 <literal>+filter{popups}</literal> actions), because your favorite shopping,
458 banking, or leisure site may need popups.
462 <application>Privoxy</application> is HTTP/1.1 compliant, but not all of
463 the optional 1.1 features are as yet supported. In the unlikely event that
464 you experience inexplicable problems with browsers that use HTTP/1.1 per default
465 (like <application>Mozilla</application> or recent versions of I.E.), you might
466 try to force HTTP/1.0 compatibility. For Mozilla, look under <literal>Edit ->
467 Preferences -> Debug -> Networking</literal>.
468 Alternatively, set the <quote>+downgrade</quote> config option in
469 <filename>default.action</filename> which will downgrade your browser's HTTP
470 requests from HTTP/1.1 to HTTP/1.0 before processing them.
474 After running <application>Privoxy</application> for a while, you can
475 start to fine tune the configuration to suit your personal, or site,
476 preferences and requirements. There are many, many aspects that can
477 be customized. <quote>Actions</quote> (as specified in <filename>default.action</filename>)
478 can be adjusted by pointing your browser to
479 <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>
480 (shortcut: <ulink url="http://p.p/">http://p.p/</ulink>),
481 and then follow the link to <quote>edit the actions list</quote>.
482 (This is an internal page and does not require Internet access.)
486 In fact, various aspects of <application>Privoxy</application>
487 configuration can be viewed from this page, including
488 current configuration parameters, source code version numbers,
489 the browser's request headers, and <quote>actions</quote> that apply
490 to a given URL. In addition to the <filename>default.action</filename> file
491 editor mentioned above, <application>Privoxy</application> can also
492 be turned <quote>on</quote> and <quote>off</quote> (toggled) from this page.
496 If you encounter problems, try loading the page without
497 <application>Privoxy</application>. If that helps, enter the URL where
498 you have the problems into <ulink url="http://p.p/show-url-info">the browser
499 based rule tracing utility</ulink>. See which rules apply and why, and
500 then try turning them off for that site one after the other, until the problem
501 is gone. When you have found the culprit, you might want to turn the rest on
506 If the above paragraph sounds gibberish to you, you might want to <ulink
507 url="configuration.html#ACTIONSFILE">read more about the actions concept</ulink>
508 or even dive deep into the <ulink url="appendix.html#ACTIONSANAT">Appendix
513 If you can't get rid of the problem at all, think you've found a bug in
514 Privoxy, want to propose a new feature or smarter rules, please see the
515 chapter "Contacting the Developers, .." below.
521 <!-- ~~~~~ New section ~~~~~ -->
523 <title>Command Line Options</title>
525 <application>Privoxy</application> may be invoked with the following
526 command-line options:
534 <emphasis>--version</emphasis>
537 Print version info and exit, Unix only.
542 <emphasis>--help</emphasis>
545 Print a short usage info and exit, Unix only.
550 <emphasis>--no-daemon</emphasis>
553 Don't become a daemon, i.e. don't fork and become process group
554 leader, don't detach from controlling tty. Unix only.
559 <emphasis>--pidfile FILE</emphasis>
563 On startup, write the process ID to <emphasis>FILE</emphasis>. Delete the
564 <emphasis>FILE</emphasis> on exit. Failure to create or delete the
565 <emphasis>FILE</emphasis> is non-fatal. If no <emphasis>FILE</emphasis>
566 option is given, no PID file will be used. Unix only.
571 <emphasis>--user USER[.GROUP]</emphasis>
575 After (optionally) writing the PID file, assume the user ID of
576 <emphasis>USER</emphasis>, and if included the GID of GROUP. Exit if the
577 privileges are not sufficient to do so. Unix only.
582 <emphasis>configfile</emphasis>
585 If no <emphasis>configfile</emphasis> is included on the command line,
586 <application>Privoxy</application> will look for a file named
587 <quote>config</quote> in the current directory (except on Win32
588 where it will look for <quote>config.txt</quote> instead). Specify
589 full path to avoid confusion.
600 <!-- ~ End section ~ -->
603 <!-- ~~~~~ New section ~~~~~ -->
604 <sect1 id="configuration"><title><application>Privoxy</application> Configuration</title>
606 All <application>Privoxy</application> configuration is stored
607 in text files. These files can be edited with a text editor.
608 Many important aspects of <application>Privoxy</application> can
609 also be controlled easily with a web browser.
614 <!-- ~~~~~ New section ~~~~~ -->
617 <title>Controlling <application>Privoxy</application> with Your Web Browser</title>
619 <application>Privoxy</application>'s user interface can be reached through the special
620 URL <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>
621 (shortcut: <ulink url="http://p.p/">http://p.p/</ulink>),
622 which is a built-in page and works without Internet access.
623 You will see the following section:
630 Please choose from the following options:
633 * Show information about the current configuration
634 * Show the source code version numbers
635 * Show the request headers.
636 * Show which actions apply to a URL and why
637 * Toggle Privoxy on or off
638 * Edit the actions list
644 This should be self-explanatory. Note the last item is an editor for the
645 <quote>actions list</quote>, which is where much of the ad, banner, cookie,
646 and URL blocking magic is configured as well as other advanced features of
647 <application>Privoxy</application>. This is an easy way to adjust various
648 aspects of <application>Privoxy</application> configuration. The actions
649 file, and other configuration files, are explained in detail below.
653 <quote>Toggle Privoxy On or Off</quote> is handy for sites that might
654 have problems with your current actions and filters. You can in fact use
655 it as a test to see whether it is <application>Privoxy</application>
656 causing the problem or not. <application>Privoxy</application> continues
657 to run as a proxy in this case, but all filtering is disabled. There
658 is even a toggle Bookmarklet offered, so that you can toggle
659 <application>Privoxy</application> with one click from your browser.
665 <!-- ~ End section ~ -->
670 <!-- ~~~~~ New section ~~~~~ -->
673 <title>Configuration Files Overview</title>
675 For Unix, *BSD and Linux, all configuration files are located in
676 <filename>/etc/privoxy/</filename> by default. For MS Windows, OS/2, and
677 AmigaOS these are all in the same directory as the
678 <application>Privoxy</application> executable. <![%p-not-stable;[ The name
679 and number of configuration files has changed from previous versions, and is
680 subject to change as development progresses.]]>
684 The installed defaults provide a reasonable starting point, though possibly
685 aggressive by some standards. For the time being, there are only three
686 default configuration files (this may change in time):
694 The main configuration file is named <filename>config</filename>
695 on Linux, Unix, BSD, OS/2, and AmigaOS and <filename>config.txt</filename>
702 <filename>default.action</filename> (the actions file) is used to define
703 which of a set of various <quote>actions</quote> relating to images, banners,
704 pop-ups, access restrictions, banners and cookies are to be applied where.
705 There is a web based editor for this file that can be accessed at <ulink
706 url="http://config.privoxy.org/edit-actions/">http://config.privoxy.org/edit-actions/</ulink>
707 (Shortcut: <ulink url="http://p.p/edit-actions/">http://p.p/edit-actions/</ulink>).
708 (Other actions files are included as well with differing levels of filtering
709 and blocking, e.g. <filename>basic.action</filename>.)
715 <filename>default.filter</filename> (the filter file) can be used to re-write the raw
716 page content, including viewable text as well as embedded HTML and JavaScript,
717 and whatever else lurks on any given web page. The filtering jobs are only
718 pre-defined here; whether to apply them or not is up to the actions file.
726 All files use the <quote><literal>#</literal></quote> character to denote a
727 comment (the rest of the line will be ignored) and understand line continuation
728 through placing a backslash ("<literal>\</literal>") as the very last character
729 in a line. If the <literal>#</literal> is preceded by a backslash, it looses
730 its special function. Placing a <literal>#</literal> in front of an otherwise
731 valid configuration line to prevent it from being interpreted is called "commenting
736 <filename>default.action</filename> and <filename>default.filter</filename>
737 can use Perl style regular expressions for maximum flexibility.
741 After making any changes, there is no need to restart
742 <application>Privoxy</application> in order for the changes to take
743 effect. <application>Privoxy</application> detects such changes
744 automatically. Note, however, that it may take one or two additional
745 requests for the change to take effect. When changing the listening address
746 of <application>Privoxy</application>, these <quote>wake up</quote> requests
747 must obviously be sent to the <emphasis>old</emphasis> listening address.
752 While under development, the configuration content is subject to change.
753 The below documentation may not be accurate by the time you read this.
754 Also, what constitutes a <quote>default</quote> setting, may change, so
755 please check all your configuration files on important issues.
761 <!-- ~~~~~ New section ~~~~~ -->
764 <title>The Main Configuration File</title>
766 Again, the main configuration file is named <filename>config</filename> on
767 Linux/Unix/BSD and OS/2, and <filename>config.txt</filename> on Windows.
768 Configuration lines consist of an initial keyword followed by a list of
769 values, all separated by whitespace (any number of spaces or tabs). For
777 <emphasis>confdir /etc/privoxy</emphasis>
784 Assigns the value <literal>/etc/privoxy</literal> to the option
785 <literal>confdir</literal> and thus indicates that the configuration
786 directory is named <quote>/etc/privoxy/</quote>.
790 All options in the config file except for <literal>confdir</literal> and
791 <literal>logdir</literal> are optional. Watch out in the below description
792 for what happens if you leave them unset.
796 The main config file controls all aspects of <application>Privoxy</application>'s
797 operation that are not location dependent (i.e. they apply universally, no matter
798 where you may be surfing).
802 <!-- ~~~~~ New section ~~~~~ -->
805 <title>Configuration and Log File Locations</title>
808 <application>Privoxy</application> can (and normally does) use a number of
809 other files for additional configuration and logging.
810 This section of the configuration file tells <application>Privoxy</application>
811 where to find those other files.
815 <sect4><title>confdir</title>
819 <term>Specifies:</term>
821 <para>The directory where the other configuration files are located</para>
825 <term>Type of value:</term>
827 <para>Path name</para>
831 <term>Default value:</term>
833 <para>/etc/privoxy (Unix) <emphasis>or</emphasis> <application>Privoxy</application> installation dir (Windows) </para>
837 <term>Effect if unset:</term>
839 <para><emphasis>Mandatory</emphasis></para>
846 No trailing <quote><literal>/</literal></quote>, please
849 When development goes modular and multi-user, the blocker, filter, and
850 per-user config will be stored in subdirectories of <quote>confdir</quote>.
851 For now, the configuration directory structure is flat, except for
852 <filename>confdir/templates</filename>, where the HTML templates for CGI
853 output reside (e.g. <application>Privoxy's</application> 404 error page).
861 <sect4><title>logdir</title>
865 <term>Specifies:</term>
868 The directory where all logging takes place (i.e. where <filename>logfile</filename> and
869 <filename>jarfile</filename> are located)
874 <term>Type of value:</term>
876 <para>Path name</para>
880 <term>Default value:</term>
882 <para>/var/log/privoxy (Unix) <emphasis>or</emphasis> <application>Privoxy</application> installation dir (Windows) </para>
886 <term>Effect if unset:</term>
888 <para><emphasis>Mandatory</emphasis></para>
895 No trailing <quote><literal>/</literal></quote>, please
902 <sect4><title>actionsfile</title>
906 <term>Specifies:</term>
909 The actions file to use
914 <term>Type of value:</term>
916 <para>File name, relative to <literal>confdir</literal></para>
920 <term>Default value:</term>
922 <para>default.action (Unix) <emphasis>or</emphasis> default.action.txt (Windows)</para>
926 <term>Effect if unset:</term>
929 No action is taken at all. Simple neutral proxying.
937 There is no point in using <application>Privoxy</application> without
938 an actions file. There are three different actions files included in the
939 distribution, with varying degrees of aggressiveness:
940 <filename>default.action</filename>, <filename>intermediate.action</filename> and
941 <filename>advanced.action</filename>.
948 <sect4><title>filterfile</title>
952 <term>Specifies:</term>
955 The filter file to use
960 <term>Type of value:</term>
962 <para>File name, relative to <literal>confdir</literal></para>
966 <term>Default value:</term>
968 <para>default.filter (Unix) <emphasis>or</emphasis> default.filter.txt (Windows)</para>
972 <term>Effect if unset:</term>
975 No textual content filtering takes place, i.e. all
976 <literal>+filter{<replaceable class="parameter">name</replaceable>}</literal>
977 actions in the actions file are turned off
985 The <quote>default.filter</quote> file contains content modification rules
986 that use <quote>regular expressions</quote>. These rules permit powerful
987 changes on the content of Web pages, e.g., you could disable your favorite
988 JavaScript annoyances, re-write the actual displayed text, or just have some
989 fun replacing <quote>Microsoft</quote> with <quote>MicroSuck</quote> wherever
990 it appears on a Web page.
997 <sect4><title>logfile</title>
1001 <term>Specifies:</term>
1009 <term>Type of value:</term>
1011 <para>File name, relative to <literal>logdir</literal></para>
1015 <term>Default value:</term>
1017 <para>logfile (Unix) <emphasis>or</emphasis> privoxy.log (Windows)</para>
1021 <term>Effect if unset:</term>
1024 No log file is used, all log messages go to the console (<literal>stderr</literal>).
1032 The windows version will additionally log to the console.
1035 The logfile is where all logging and error messages are written. The level
1036 of detail and number of messages are set with the <literal>debug</literal>
1037 option (see below). The logfile can be useful for tracking down a problem with
1038 <application>Privoxy</application> (e.g., it's not blocking an ad you
1039 think it should block) but in most cases you probably will never look at it.
1042 Your logfile will grow indefinitely, and you will probably want to
1043 periodically remove it. On Unix systems, you can do this with a cron job
1044 (see <quote>man cron</quote>). For Red Hat, a <command>logrotate</command>
1045 script has been included.
1048 On SuSE Linux systems, you can place a line like <quote>/var/log/privoxy.*
1049 +1024k 644 nobody.nogroup</quote> in <filename>/etc/logfiles</filename>, with
1050 the effect that cron.daily will automatically archive, gzip, and empty the
1051 log, when it exceeds 1M size.
1058 <sect4><title>jarfile</title>
1062 <term>Specifies:</term>
1065 The file to store intercepted cookies in
1070 <term>Type of value:</term>
1072 <para>File name, relative to <literal>logdir</literal></para>
1076 <term>Default value:</term>
1078 <para>jarfile (Unix) <emphasis>or</emphasis> privoxy.jar (Windows)</para>
1082 <term>Effect if unset:</term>
1085 Intercepted cookies are not stored at all.
1093 The jarfile may grow to ridiculous sizes over time.
1100 <sect4><title>trustfile</title>
1104 <term>Specifies:</term>
1107 The trust file to use
1112 <term>Type of value:</term>
1114 <para>File name, relative to <literal>confdir</literal></para>
1118 <term>Default value:</term>
1120 <para><emphasis>Unset (commented out)</emphasis>. When activated: trust (Unix) <emphasis>or</emphasis> trust.txt (Windows)</para>
1124 <term>Effect if unset:</term>
1127 The whole trust mechanism is turned off.
1135 The trust mechanism is an experimental feature for building white-lists and should
1136 be used with care. It is <emphasis>NOT</emphasis> recommended for the casual user.
1139 If you specify a trust file, <application>Privoxy</application> will only allow
1140 access to sites that are named in the trustfile.
1141 You can also mark sites as trusted referrers (with <literal>+</literal>), with
1142 the effect that access to untrusted sites will be granted, if a link from a
1143 trusted referrer was used.
1144 The link target will then be added to the <quote>trustfile</quote>.
1145 Possible applications include limiting Internet access for children.
1148 If you use <literal>+</literal> operator in the trust file, it may grow considerably over time.
1157 <!-- ~ End section ~ -->
1161 <!-- ~~~~~ New section ~~~~~ -->
1164 <title>Local Set-up Documentation</title>
1167 If you intend to operate <application>Privoxy</application> for more users
1168 that just yourself, it might be a good idea to let them know how to reach
1169 you, what you block and why you do that, your policies etc.
1172 <sect4><title>trust-info-url</title>
1176 <term>Specifies:</term>
1179 A URL to be displayed in the error page that users will see if access to an untrusted page is denied.
1184 <term>Type of value:</term>
1190 <term>Default value:</term>
1192 <para>Two example URL are provided</para>
1196 <term>Effect if unset:</term>
1199 No links are displayed on the "untrusted" error page.
1207 The value of this option only matters if the experimental trust mechanism has been
1208 activated. (See <literal>trustfile</literal> above.)
1211 If you use the trust mechanism, it is a good idea to write up some on-line
1212 documentation about your trust policy and to specify the URL(s) here.
1213 Use multiple times for multiple URLs.
1216 The URL(s) should be added to the trustfile as well, so users don't end up
1217 locked out from the information on why they were locked out in the first place!
1224 <sect4><title>admin-address</title>
1228 <term>Specifies:</term>
1231 An email address to reach the proxy administrator.
1236 <term>Type of value:</term>
1238 <para>Email address</para>
1242 <term>Default value:</term>
1244 <para><emphasis>Unset</emphasis></para>
1248 <term>Effect if unset:</term>
1251 No email address is displayed on error pages and the CGI user interface.
1259 If both <literal>admin-address</literal> and <literal>proxy-info-url</literal>
1260 are unset, the whole "Local Privoxy Support" box on all generated pages will
1268 <sect4><title>proxy-info-url</title>
1272 <term>Specifies:</term>
1275 A URL to documentation about the local <application>Privoxy</application> setup,
1276 configuration or policies.
1281 <term>Type of value:</term>
1287 <term>Default value:</term>
1289 <para><emphasis>Unset</emphasis></para>
1293 <term>Effect if unset:</term>
1296 No link to local documentation is displayed on error pages and the CGI user interface.
1304 If both <literal>admin-address</literal> and <literal>proxy-info-url</literal>
1305 are unset, the whole "Local Privoxy Support" box on all generated pages will
1309 This URL shouldn't be blocked ;-)
1317 <!-- ~ End section ~ -->
1319 <!-- ~~~~~ New section ~~~~~ -->
1322 <title>Debugging</title>
1325 These options are mainly useful when tracing a problem.
1326 Note that you might also want to invoke
1327 <application>Privoxy</application> with the <literal>--no-daemon</literal>
1328 command line option when debugging.
1331 <sect4><title>debug</title>
1335 <term>Specifies:</term>
1338 Key values that determine what information gets logged.
1343 <term>Type of value:</term>
1345 <para>Integer values</para>
1349 <term>Default value:</term>
1351 <para>12289 (i.e.: URLs plus informational and warning messages)</para>
1355 <term>Effect if unset:</term>
1358 Nothing gets logged.
1366 The available debug levels are:
1370 debug 1 # show each GET/POST/CONNECT request
1371 debug 2 # show each connection status
1372 debug 4 # show I/O status
1373 debug 8 # show header parsing
1374 debug 16 # log all data into the logfile
1375 debug 32 # debug force feature
1376 debug 64 # debug regular expression filter
1377 debug 128 # debug fast redirects
1378 debug 256 # debug GIF de-animation
1379 debug 512 # Common Log Format
1380 debug 1024 # debug kill pop-ups
1381 debug 4096 # Startup banner and warnings.
1382 debug 8192 # Non-fatal errors
1386 To select multiple debug levels, you can either add them or use
1387 multiple <literal>debug</literal> lines.
1390 A debug level of 1 is informative because it will show you each request
1391 as it happens. <emphasis>1, 4096 and 8192 are highly recommended</emphasis>
1392 so that you will notice when things go wrong. The other levels are probably
1393 only of interest if you are hunting down a specific problem. They can produce
1394 a hell of an output (especially 16).
1398 The reporting of <emphasis>fatal</emphasis> errors (i.e. ones which crash
1399 <application>Privoxy</application>) is always on and cannot be disabled.
1402 If you want to use CLF (Common Log Format), you should set <quote>debug
1403 512</quote> <emphasis>ONLY</emphasis> and not enable anything else.
1410 <sect4><title>single-threaded</title>
1414 <term>Specifies:</term>
1417 Whether to run only one server thread
1422 <term>Type of value:</term>
1424 <para><emphasis>None</emphasis></para>
1428 <term>Default value:</term>
1430 <para><emphasis>Unset</emphasis></para>
1434 <term>Effect if unset:</term>
1437 Multi-threaded (or, where unavailable: forked) operation, i.e. the ability to
1438 serve multiple requests simultaneously.
1446 This option is only there for debug purposes and you should never
1447 need to use it. <emphasis>It will drastically reduce performance.</emphasis>
1456 <!-- ~~~~~ New section ~~~~~ -->
1459 <title>Access Control and Security</title>
1462 This section of the config file controls the security-relevant aspects
1463 of <application>Privoxy</application>'s configuration.
1466 <sect4><title>listen-address</title>
1470 <term>Specifies:</term>
1473 The IP address and TCP port on which <application>Privoxy</application> will
1474 listen for client requests.
1479 <term>Type of value:</term>
1481 <para>[<replaceable class="parameter">IP-Address</replaceable>]:<replaceable class="parameter">Port</replaceable></para>
1485 <term>Default value:</term>
1487 <para>localhost:8118</para>
1491 <term>Effect if unset:</term>
1494 Bind to localhost (127.0.0.1), port 8118. This is suitable and recommended for
1495 home users who run <application>Privoxy</application> on the same machine as
1504 You will need to configure your browser(s) to this proxy address and port.
1507 If you already have another service running on port 8118, or if you want to
1508 serve requests from other machines (e.g. on your local network) as well, you
1509 will need to override the default.
1512 If you leave out the IP address, <application>Privoxy</application> will
1513 bind to all interfaces (addresses) on your machine and may become reachable
1514 from the Internet. In that case, consider using access control lists (acl's)
1515 (see <quote>ACLs</quote> below), or a firewall.
1520 <term>Example:</term>
1523 Suppose you are running <application>Privoxy</application> on
1524 a machine which has the address 192.168.0.1 on your local private network
1525 (192.168.0.0) and has another outside connection with a different address.
1526 You want it to serve requests from inside only:
1530 listen-address 192.168.0.1:8118
1538 <sect4><title>toggle</title>
1542 <term>Specifies:</term>
1545 Initial state of "toggle" status
1550 <term>Type of value:</term>
1556 <term>Default value:</term>
1562 <term>Effect if unset:</term>
1565 Act as if toggled on
1573 If set to 0, <application>Privoxy</application> will start in
1574 <quote>toggled off</quote> mode, i.e. behave like a normal, content-neutral
1575 proxy. See <literal>enable-remote-toggle</literal>
1576 below. This is not really useful anymore, since toggling is much easier
1577 via <ulink url="http://config.privoxy.org/toggle">the web
1578 interface</ulink> then via editing the <filename>conf</filename> file.
1581 The windows version will only display the toggle icon in the system tray
1582 if this option is present.
1590 <sect4><title>enable-remote-toggle</title>
1593 <term>Specifies:</term>
1596 Whether or not the <ulink url="http://config.privoxy.org/toggle">web-based toggle
1597 feature</ulink> may be used
1602 <term>Type of value:</term>
1608 <term>Default value:</term>
1614 <term>Effect if unset:</term>
1617 The web-based toggle feature is disabled.
1625 When toggled off, <application>Privoxy</application> acts like a normal,
1626 content-neutral proxy, i.e. it acts as if none of the actions applied to
1630 For the time being, access to the toggle feature can <emphasis>not</emphasis> be
1631 controlled separately by <quote>ACLs</quote> or HTTP authentication,
1632 so that everybody who can access <application>Privoxy</application> (see
1633 <quote>ACLs</quote> and <literal>listen-address</literal> above) can
1634 toggle it for all users. So this option is <emphasis>not recommended</emphasis>
1635 for multi-user environments with untrusted users.
1638 Note that you must have compiled <application>Privoxy</application> with
1639 support for this feature, otherwise this option has no effect.
1647 <sect4><title>enable-edit-actions</title>
1650 <term>Specifies:</term>
1653 Whether or not the <ulink url="http://config.privoxy.org/edit-actions">web-based actions
1654 file editor</ulink> may be used
1659 <term>Type of value:</term>
1665 <term>Default value:</term>
1671 <term>Effect if unset:</term>
1674 The web-based actions file editor is disabled.
1682 For the time being, access to the editor can <emphasis>not</emphasis> be
1683 controlled separately by <quote>ACLs</quote> or HTTP authentication,
1684 so that everybody who can access <application>Privoxy</application> (see
1685 <quote>ACLs</quote> and <literal>listen-address</literal> above) can
1686 modify its configuration for all users. So this option is <emphasis>not
1687 recommended</emphasis> for multi-user environments with untrusted users.
1690 Note that you must have compiled <application>Privoxy</application> with
1691 support for this feature, otherwise this option has no effect.
1698 <sect4><title>ACLs: permit-access and deny-access</title>
1701 <term>Specifies:</term>
1704 Who can access what.
1709 <term>Type of value:</term>
1712 <replaceable class="parameter">src_addr</replaceable>[/<replaceable class="parameter">src_masklen</replaceable>]
1713 [<replaceable class="parameter">dst_addr</replaceable>[/<replaceable class="parameter">dst_masklen</replaceable>]]
1716 Where <replaceable class="parameter">src_addr</replaceable> and
1717 <replaceable class="parameter">dst_addr</replaceable> are IP addresses in dotted decimal notation or valid
1718 DNS names, and <replaceable class="parameter">src_masklen</replaceable> and
1719 <replaceable class="parameter">dst_masklen</replaceable> are subnet masks in CIDR notation, i.e. integer
1720 values from 2 to 30 representing the length (in bits) of the network address. The masks and the whole
1721 destination part are optional.
1726 <term>Default value:</term>
1728 <para><emphasis>Unset</emphasis></para>
1732 <term>Effect if unset:</term>
1735 Don't restrict access further than implied by <literal>listen-address</literal>
1743 Access controls are included at the request of ISPs and systems
1744 administrators, and <emphasis>are not usually needed by individual users</emphasis>.
1745 For a typical home user, it will normally suffice to ensure that
1746 <application>Privoxy</application> only listens on the localhost or internal (home)
1747 network address by means of the <literal>listen-address</literal> option.
1750 Please see the warnings in the FAQ that this proxy is not intended to be a substitute
1751 for a firewall or to encourage anyone to defer addressing basic security
1755 Multiple ACL lines are OK.
1756 If any ACLs are specified, then the <application>Privoxy</application>
1757 talks only to IP addresses that match at least one <literal>permit-access</literal> line
1758 and don't match any subsequent <literal>deny-access</literal> line. In other words, the
1759 last match wins, with the default being <literal>deny-access</literal>.
1762 If <application>Privoxy</application> is using a forwarder (see <literal>forward</literal> below)
1763 for a particular destination URL, the <replaceable class="parameter">dst_addr</replaceable>
1764 that is examined is the address of the forwarder and <emphasis>NOT</emphasis> the address
1765 of the ultimate target. This is necessary because it may be impossible for the local
1766 <application>Privoxy</application> to determine the IP address of the
1767 ultimate target (that's often what gateways are used for).
1770 You should prefer using IP addresses over DNS names, because the address lookups take
1771 time. All DNS names must resolve! You can <emphasis>not</emphasis> use domain patterns
1772 like <quote>*.org</quote> or partial domain names. If a DNS name resolves to multiple
1773 IP addresses, only the first one is used.
1776 Denying access to particular sites by ACL may have undesired side effects
1777 if the site in question is hosted on a machine which also hosts other sites.
1782 <term>Examples:</term>
1785 Explicitly define the default behavior if no ACL and
1786 <literal>listen-address</literal> are set: <quote>localhost</quote>
1787 is OK. The absence of a <replaceable class="parameter">dst_addr</replaceable> implies that
1788 <emphasis>all</emphasis> destination addresses are OK:
1792 permit-access localhost
1796 Allow any host on the same class C subnet as www.privoxy.org access to
1797 nothing but www.example.com:
1801 permit-access www.privoxy.org/24 www.example.com/32
1805 Allow access from any host on the 26-bit subnet 192.168.45.64 to anywhere,
1806 with the exception that 192.168.45.73 may not access www.dirty-stuff.example.com:
1810 permit-access 192.168.45.64/26
1811 deny-access 192.168.45.73 www.dirty-stuff.example.com
1819 <sect4><title>buffer-limit</title>
1823 <term>Specifies:</term>
1826 Maximum size of the buffer for content filtering.
1831 <term>Type of value:</term>
1833 <para>Size in Kbytes</para>
1837 <term>Default value:</term>
1843 <term>Effect if unset:</term>
1846 Use a 4MB (4096 KB) limit.
1854 For content filtering, i.e. the <literal>+filter</literal> and
1855 <literal>+deanimate-gif</literal> actions, it is necessary that
1856 <application>Privoxy</application> buffers the entire document body.
1857 This can be potentially dangerous, since a server could just keep sending
1858 data indefinitely and wait for your RAM to exhaust -- with nasty consequences.
1862 When a document buffer size reaches the <literal>buffer-limit</literal>, it is
1863 flushed to the client unfiltered and no further attempt to
1864 filter the rest of the document is made. Remember that there may be multiple threads
1865 running, which might require up to <literal>buffer-limit</literal> Kbytes
1866 <emphasis>each</emphasis>, unless you have enabled <quote>single-threaded</quote>
1876 <!-- ~ End section ~ -->
1879 <!-- ~~~~~ New section ~~~~~ -->
1881 <sect3 id="forwarding">
1882 <title>Forwarding</title>
1885 This feature allows routing of HTTP requests through a chain of
1887 It can be used to better protect privacy and confidentiality when
1888 accessing specific domains by routing requests to those domains
1889 through an anonymous public proxy (see e.g. <ulink
1890 url="http://www.multiproxy.org/anon_list.htm">http://www.multiproxy.org/anon_list.htm</ulink>)
1891 Or to use a caching proxy to speed up browsing. Or chaining to a parent
1892 proxy may be necessary because the machine that <application>Privoxy</application>
1893 runs on has no direct Internet access.
1897 Also specified here are SOCKS proxies. <application>Privoxy</application>
1898 supports the SOCKS 4 and SOCKS 4A protocols.
1901 <sect4><title>forward</title>
1904 <term>Specifies:</term>
1907 To which parent HTTP proxy specific requests should be routed.
1912 <term>Type of value:</term>
1915 <replaceable class="parameter">target_domain</replaceable>[:<replaceable class="parameter">port</replaceable>]
1916 <replaceable class="parameter">http_parent</replaceable>[/<replaceable class="parameter">port</replaceable>]
1919 Where <replaceable class="parameter">target_domain</replaceable> is a domain name pattern (see the
1920 chapter on domain matching in the actions file),
1921 <replaceable class="parameter">http_parent</replaceable> is the address of the parent HTTP proxy
1922 as an IP addresses in dotted decimal notation or as a valid DNS name (or <quote>.</quote> to denote
1923 <quote>no forwarding</quote>, and the optional
1924 <replaceable class="parameter">port</replaceable> parameters are TCP ports, i.e. integer
1925 values from 1 to 64535
1930 <term>Default value:</term>
1932 <para><emphasis>Unset</emphasis></para>
1936 <term>Effect if unset:</term>
1939 Don't use parent HTTP proxies.
1947 If <replaceable class="parameter">http_parent</replaceable> is <quote>.</quote>, then requests are not
1948 forwarded to another HTTP proxy but are made directly to the web servers.
1951 Multiple lines are OK, they are checked in sequence, and the last match wins.
1956 <term>Examples:</term>
1959 Everything goes to an example anonymizing proxy, except SSL on port 443 (which it doesn't handle):
1963 forward .* anon-proxy.example.org:8080
1968 Everything goes to our example ISP's caching proxy, except for requests
1969 to that ISP's sites:
1973 forward .*. caching-proxy.example-isp.net:8000
1974 forward .example-isp.net .
1982 <sect4><title>forward-socks4 and forward-socks4a</title>
1985 <term>Specifies:</term>
1988 Through which SOCKS proxy (and to which parent HTTP proxy) specific requests should be routed.
1993 <term>Type of value:</term>
1996 <replaceable class="parameter">target_domain</replaceable>[:<replaceable class="parameter">port</replaceable>]
1997 <replaceable class="parameter">socks_proxy</replaceable>[/<replaceable class="parameter">port</replaceable>]
1998 <replaceable class="parameter">http_parent</replaceable>[/<replaceable class="parameter">port</replaceable>]
2001 Where <replaceable class="parameter">target_domain</replaceable> is a domain name pattern (see the
2002 chapter on domain matching in the actions file),
2003 <replaceable class="parameter">http_parent</replaceable> and <replaceable class="parameter">socks_proxy</replaceable>
2004 are IP addresses in dotted decimal notation or valid DNS names (<replaceable class="parameter">http_parent</replaceable>
2005 may be <quote>.</quote> to denote <quote>no HTTP forwarding</quote>), and the optional
2006 <replaceable class="parameter">port</replaceable> parameters are TCP ports, i.e. integer values from 1 to 64535
2011 <term>Default value:</term>
2013 <para><emphasis>Unset</emphasis></para>
2017 <term>Effect if unset:</term>
2020 Don't use SOCKS proxies.
2028 Multiple lines are OK, they are checked in sequence, and the last match wins.
2031 The difference between <literal>forward-socks4</literal> and <literal>forward-socks4a</literal>
2032 is that in the SOCKS 4A protocol, the DNS resolution of the target hostname happens on the SOCKS
2033 server, while in SOCKS 4 it happens locally.
2036 If <replaceable class="parameter">http_parent</replaceable> is <quote>.</quote>, then requests are not
2037 forwarded to another HTTP proxy but are made (HTTP-wise) directly to the web servers, albeit through
2043 <term>Examples:</term>
2046 From the company example.com, direct connections are made to all
2047 <quote>internal</quote> domains, but everything outbound goes through
2048 their ISP's proxy by way of example.com's corporate SOCKS 4A gateway to
2053 forward-socks4a .*. socks-gw.example.com:1080 www-cache.example-isp.net:8080
2054 forward .example.com .
2058 A rule that uses a SOCKS 4 gateway for all destinations but no HTTP parent looks like this:
2062 forward-socks4 .*. socks-gw.example.com:1080 .
2070 <sect4><title>Advanced Forwarding Examples</title>
2073 If you have links to multiple ISPs that provide various special content
2074 only to their subscribers, you can configure multiple <application>Privoxies</application>
2075 which have connections to the respective ISPs to act as forwarders to each other, so that
2076 <emphasis>your</emphasis> users can see the internal content of all ISPs.
2080 Assume that host-a has a PPP connection to isp-a.net. And host-b has a PPP connection to
2081 isp-b.net. Both run <application>Privoxy</application>. Their forwarding
2082 configuration can look like this:
2092 forward .isp-b.net host-b:8118
2103 forward .isp-a.net host-a:8118
2108 Now, your users can set their browser's proxy to use either
2109 host-a or host-b and be able to browse the internal content
2110 of both isp-a and isp-b.
2114 If you intend to chain <application>Privoxy</application> and
2115 <application>squid</application> locally, then chain as
2116 <literal>browser -> squid -> privoxy</literal> is the recommended way.
2120 Assuming that <application>Privoxy</application> and <application>squid</application>
2121 run on the same box, your squid configuration could then look like this:
2126 # Define Privoxy as parent proxy (without ICP)
2127 cache_peer 127.0.0.1 parent 8118 7 no-query
2129 # Define ACL for protocol FTP
2132 # Do not forward FTP requests to Privoxy
2133 always_direct allow ftp
2135 # Forward all the rest to Privoxy
2136 never_direct allow all
2141 You would then need to change your browser's proxy settings to <application>squid</application>'s address and port.
2142 Squid normally uses port 3128. If unsure consult <literal>http_port</literal> in <filename>squid.conf</filename>.
2149 <!-- ~ End section ~ -->
2152 <!-- ~~~~~ New section ~~~~~ -->
2155 <title>Windows GUI Options</title>
2157 Removed references to Win32. HB 09/23/01
2160 <application>Privoxy</application> has a number of options specific to the
2161 Windows GUI interface:
2165 If <quote>activity-animation</quote> is set to 1, the
2166 <application>Privoxy</application> icon will animate when
2167 <quote>Privoxy</quote> is active. To turn off, set to 0.
2174 <emphasis>activity-animation 1</emphasis>
2181 If <quote>log-messages</quote> is set to 1,
2182 <application>Privoxy</application> will log messages to the console
2190 <emphasis>log-messages 1</emphasis>
2197 If <quote>log-buffer-size</quote> is set to 1, the size of the log buffer,
2198 i.e. the amount of memory used for the log messages displayed in the
2199 console window, will be limited to <quote>log-max-lines</quote> (see below).
2203 Warning: Setting this to 0 will result in the buffer to grow infinitely and
2204 eat up all your memory!
2211 <emphasis>log-buffer-size 1</emphasis>
2218 <application>log-max-lines</application> is the maximum number of lines held
2219 in the log buffer. See above.
2226 <emphasis>log-max-lines 200</emphasis>
2233 If <quote>log-highlight-messages</quote> is set to 1,
2234 <application>Privoxy</application> will highlight portions of the log
2235 messages with a bold-faced font:
2242 <emphasis>log-highlight-messages 1</emphasis>
2249 The font used in the console window:
2256 <emphasis>log-font-name Comic Sans MS</emphasis>
2263 Font size used in the console window:
2270 <emphasis>log-font-size 8</emphasis>
2277 <quote>show-on-task-bar</quote> controls whether or not
2278 <application>Privoxy</application> will appear as a button on the Task bar
2286 <emphasis>show-on-task-bar 0</emphasis>
2293 If <quote>close-button-minimizes</quote> is set to 1, the Windows close
2294 button will minimize <application>Privoxy</application> instead of closing
2295 the program (close with the exit option on the File menu).
2302 <emphasis>close-button-minimizes 1</emphasis>
2309 The <quote>hide-console</quote> option is specific to the MS-Win console
2310 version of <application>Privoxy</application>. If this option is used,
2311 <application>Privoxy</application> will disconnect from and hide the
2328 <!-- ~ End section ~ -->
2331 <!-- ~~~~~ New section ~~~~~ -->
2332 <sect2 id="actionsfile">
2333 <title>The Actions File</title>
2336 The actions file (<filename>default.action</filename>, formerly:
2337 <filename>actionsfile</filename> or <filename>ijb.action</filename>) is used
2338 to define what actions <application>Privoxy</application> takes for which
2339 URLs, and thus determines how ad images, cookies and various other aspects
2340 of HTTP content and transactions are handled on which sites (or even parts
2345 Anything you want can blocked, including ads, banners, or just some obnoxious
2346 URL that you would rather not see. Cookies can be accepted or rejected, or
2347 accepted only during the current browser session (i.e. not written to disk),
2348 content can be modified, JavaScripts tamed, user-tracking fooled, and much more.
2349 See below for a complete list of available actions.
2352 <!-- ~~~~~ New section ~~~~~ -->
2354 <title>Finding the Right Mix</title>
2356 Note that some actions like cookie suppression or script disabling may
2357 render some sites unusable, which rely on these techniques to work properly.
2358 Finding the right mix of actions is not easy and certainly a matter of personal
2359 taste. In general, it can be said that the more <quote>aggressive</quote>
2360 your default settings (in the top section of the actions file) are,
2361 the more exceptions for <quote>trusted</quote> sites you will have to
2362 make later. If, for example, you want to kill popup windows per default, you'll
2363 have to make exceptions from that rule for sites that you regularly use
2364 and that require popups for actually useful content, like maybe your bank,
2365 favorite shop, or newspaper.
2369 We have tried to provide you with reasonable rules to start from in the
2370 distribution actions file. But there is no general rule of thumb on these
2371 things. There just are too many variables, and sites are constantly changing.
2372 Sooner or later you will want to change the rules (and read this chapter).
2376 <!-- ~~~~~ New section ~~~~~ -->
2378 <title>How to Edit</title>
2380 The easiest way to edit the <quote>actions</quote> file is with a browser by
2381 using our browser-based editor, which is available at <ulink
2382 url="http://config.privoxy.org/edit-actions">http://config.privoxy.org/edit-actions</ulink>.
2386 If you prefer plain text editing to GUIs, you can of course also directly edit the
2387 <filename>default.action</filename> file.
2393 <title>How Actions are Applied to URLs</title>
2395 The actions file is divided into sections. There are special sections,
2396 like the alias sections which will be discussed later. For now let's
2397 concentrate on regular sections: They have a heading line (often split
2398 up to multiple lines for readability) which consist of a list of actions,
2399 separated by whitespace and enclosed in curly braces. Below that, there
2400 is a list of URL patterns, each on a separate line.
2404 To determine which actions apply to a request, the URL of the request is
2405 compared to all patterns in this file. Every time it matches, the list of
2406 applicable actions for the URL is incrementally updated, using the heading
2407 of the section in which the pattern is located. If multiple matches for
2408 the same URL set the same action differently, the last match wins.
2412 You can trace this process by visiting <ulink
2413 url="http://config.privoxy.org/show-url-info">http://config.privoxy.org/show-url-info</ulink>.
2417 More detail on this is provided in the Appendix, <link linkend="ACTIONSANAT">
2418 Anatomy of an Action</link>.
2422 <!-- ~~~~~ New section ~~~~~ -->
2424 <title>Patterns</title>
2426 Generally, a pattern has the form <literal><domain>/<path></literal>,
2427 where both the <literal><domain></literal> and <literal><path></literal>
2428 are optional. (This is why the pattern <literal>/</literal> matches all URLs).
2433 <term><literal>www.example.com/</literal></term>
2436 is a domain-only pattern and will match any request to <literal>www.example.com</literal>,
2437 regardless of which document on that server is requested.
2442 <term><literal>www.example.com</literal></term>
2445 means exactly the same. For domain-only patterns, the trailing <literal>/</literal> may
2451 <term><literal>www.example.com/index.html</literal></term>
2454 matches only the single document <literal>/index.html</literal>
2455 on <literal>www.example.com</literal>.
2460 <term><literal>/index.html</literal></term>
2463 matches the document <literal>/index.html</literal>, regardless of the domain,
2464 i.e. on <emphasis>any</emphasis> web server.
2469 <term><literal>index.html</literal></term>
2472 matches nothing, since it would be interpreted as a domain name and
2473 there is no top-level domain called <literal>.html</literal>.
2479 <sect4><title>The Domain Pattern</title>
2482 The matching of the domain part offers some flexible options: if the
2483 domain starts or ends with a dot, it becomes unanchored at that end.
2489 <term><literal>.example.com</literal></term>
2492 matches any domain that <emphasis>ENDS</emphasis> in
2493 <literal>.example.com</literal>
2498 <term><literal>www.</literal></term>
2501 matches any domain that <emphasis>STARTS</emphasis> with
2502 <literal>www.</literal>
2507 <term><literal>.example.</literal></term>
2510 matches any domain that <emphasis>CONTAINS</emphasis> <literal>.example.</literal>
2511 (Correctly speaking: It matches any FQDN that contains <literal>example</literal> as a domain.)
2518 Additionally, there are wild-cards that you can use in the domain names
2519 themselves. They work pretty similar to shell wild-cards: <quote>*</quote>
2520 stands for zero or more arbitrary characters, <quote>?</quote> stands for
2521 any single character, you can define character classes in square
2522 brackets and all of that can be freely mixed:
2527 <term><literal>ad*.example.com</literal></term>
2530 matches <quote>adserver.example.com</quote>,
2531 <quote>ads.example.com</quote>, etc but not <quote>sfads.example.com</quote>
2536 <term><literal>*ad*.example.com</literal></term>
2539 matches all of the above, and then some.
2544 <term><literal>.?pix.com</literal></term>
2547 matches <literal>www.ipix.com</literal>,
2548 <literal>pictures.epix.com</literal>, <literal>a.b.c.d.e.upix.com</literal> etc.
2553 <term><literal>www[1-9a-ez].example.c*</literal></term>
2556 matches <literal>www1.example.com</literal>,
2557 <literal>www4.example.cc</literal>, <literal>wwwd.example.cy</literal>,
2558 <literal>wwwz.example.com</literal> etc., but <emphasis>not</emphasis>
2559 <literal>wwww.example.com</literal>.
2567 <sect4><title>The Path Pattern</title>
2570 <application>Privoxy</application> uses Perl compatible regular expressions
2571 (through the <ulink url="http://www.pcre.org/">PCRE</ulink> library) for
2576 There is an <link linkend="regex">Appendix</link> with a brief quick-start into regular
2577 expressions, and full (very technical) documentation on PCRE regex syntax is available on-line
2578 at <ulink url="http://www.pcre.org/man.txt">http://www.pcre.org/man.txt</ulink>.
2579 You might also find the Perl man page on regular expressions (<literal>man perlre</literal>)
2580 useful, which is available on-line at <ulink
2581 url="http://www.perldoc.com/perl5.6/pod/perlre.html">http://www.perldoc.com/perl5.6/pod/perlre.html</ulink>.
2585 Note that the path pattern is automatically left-anchored at the <quote>/</quote>,
2586 i.e. it matches as if it would start with a <quote>^</quote>.
2590 Please also note that matching in the path is case
2591 <emphasis>INSENSITIVE</emphasis> by default, but you can switch to case
2592 sensitive at any point in the pattern by using the
2593 <quote>(?-i)</quote> switch:
2594 <literal>www.example.com/(?-i)PaTtErN.*</literal> will match only
2595 documents whose path starts with <literal>PaTtErN</literal> in
2596 <emphasis>exactly</emphasis> this capitalization.
2602 <!-- ~ End section ~ -->
2606 <!-- ~~~~~ New section ~~~~~ -->
2609 <title>Actions</title>
2611 Actions are enabled if preceded with a <quote>+</quote>, and disabled if
2612 preceded with a <quote>-</quote>. Actions are invoked by enclosing the
2613 action name in curly braces (e.g. {+some_action}), followed by a list of
2614 URLs to which the action applies. There are three classes of actions:
2622 Boolean (e.g. <quote>+/-block</quote>):
2628 <emphasis>{+name}</emphasis> # enable this action
2629 <emphasis>{-name}</emphasis> # disable this action
2639 parameterized (e.g. <quote>+/-hide-user-agent</quote>):
2645 <emphasis>{+name{param}}</emphasis> # enable action and set parameter to <quote>param</quote>
2646 <emphasis>{-name}</emphasis> # disable action
2655 Multi-value (e.g. <quote>{+/-add-header{Name: value}}</quote>, <quote>{+/-wafer{name=value}}</quote>):
2661 <emphasis>{+name{param}}</emphasis> # enable action and add parameter <quote>param</quote>
2662 <emphasis>{-name{param}}</emphasis> # remove the parameter <quote>param</quote>
2663 <emphasis>{-name}</emphasis> # disable this action totally
2674 If nothing is specified in this file, no <quote>actions</quote> are taken.
2675 So in this case <application>Privoxy</application> would just be a
2676 normal, non-blocking, non-anonymizing proxy. You must specifically
2677 enable the privacy and blocking features you need (although the
2678 provided default <filename>default.action</filename> file will
2679 give a good starting point).
2683 Later defined actions always over-ride earlier ones. So exceptions
2684 to any rules you make, should come in the latter part of the file. For
2685 multi-valued actions, the actions are applied in the order they are
2690 The list of valid <application>Privoxy</application> <quote>actions</quote> are:
2698 Add the specified HTTP header, which is not checked for validity.
2699 You may specify this many times to specify many different headers:
2705 <emphasis>+add-header{Name: value}</emphasis>
2715 Block this URL totally. In a default installation, a <quote>blocked</quote>
2716 URL will result in bright red banner that says <quote>BLOCKED</quote>,
2717 with a reason why it is being blocked, and an option to see it anyway.
2718 The page displayed for this is the <quote>blocked</quote> template
2725 <emphasis>+block</emphasis>
2735 De-animate all animated GIF images, i.e. reduce them to their last frame.
2736 This will also shrink the images considerably (in bytes, not pixels!). If
2737 the option <quote>first</quote> is given, the first frame of the animation
2738 is used as the replacement. If <quote>last</quote> is given, the last frame
2739 of the animation is used instead, which probably makes more sense for most
2740 banner animations, but also has the risk of not showing the entire last
2741 frame (if it is only a delta to an earlier frame).
2747 <emphasis>+deanimate-gifs{last}</emphasis>
2748 <emphasis>+deanimate-gifs{first}</emphasis>
2757 <quote>+downgrade</quote> will downgrade HTTP/1.1 client requests to
2758 HTTP/1.0 and downgrade the responses as well. Use this action for servers
2759 that use HTTP/1.1 protocol features that
2760 <application>Privoxy</application> doesn't handle well yet. HTTP/1.1
2761 is only partially implemented. Default is not to downgrade requests.
2767 <emphasis>+downgrade</emphasis>
2776 Many sites, like yahoo.com, don't just link to other sites. Instead, they
2777 will link to some script on their own server, giving the destination as a
2778 parameter, which will then redirect you to the final target. URLs resulting
2779 from this scheme typically look like:
2780 <emphasis>http://some.place/some_script?http://some.where-else</emphasis>.
2783 Sometimes, there are even multiple consecutive redirects encoded in the
2784 URL. These redirections via scripts make your web browsing more traceable,
2785 since the server from which you follow such a link can see where you go to.
2786 Apart from that, valuable bandwidth and time is wasted, while your browser
2787 ask the server for one redirect after the other. Plus, it feeds the
2791 The <quote>+fast-redirects</quote> option enables interception of these
2792 types of requests by <application>Privoxy</application>, who will cut off
2793 all but the last valid URL in the request and send a local redirect back to
2794 your browser without contacting the intermediate site(s).
2800 <emphasis>+fast-redirects</emphasis>
2809 Apply the filters in the <literal>section_header</literal>
2810 section of the <filename>default.filter</filename> file to the site(s).
2811 <filename>default.filter</filename> sections are grouped according to like
2812 functionality. <application>Filters</application> can be used to
2813 re-write any of the raw page content. This is a potentially a
2814 very powerful feature!
2821 <emphasis>+filter{section_header}</emphasis>
2828 Filter sections that are pre-defined in the supplied
2829 <filename>default.filter</filename> include:
2835 <emphasis>html-annoyances</emphasis>: Get rid of particularly annoying HTML abuse.
2840 <emphasis>js-annoyances</emphasis>: Get rid of particularly annoying JavaScript abuse
2845 <emphasis>content-cookies</emphasis>: Kill cookies that come in the HTML or JS content
2850 <emphasis>popups</emphasis>: Kill all popups in JS and HTML
2855 <emphasis>frameset-borders</emphasis>: Give frames a border and make them resizable
2860 <emphasis>webbugs</emphasis>: Squish WebBugs (1x1 invisible GIFs used for user tracking)
2865 <emphasis>refresh-tags</emphasis>: Kill automatic refresh tags (for dial-on-demand setups)
2870 <emphasis>fun</emphasis>: Text replacements for subversive browsing fun!
2875 <emphasis>nimda</emphasis>: Remove Nimda (virus) code.
2880 <emphasis>banners-by-size</emphasis>: Kill banners by size (<emphasis>very</emphasis> efficient!)
2885 <emphasis>shockwave-flash</emphasis>: Kill embedded Shockwave Flash objects
2890 <emphasis>crude-parental</emphasis>: Kill all web pages that contain the words "sex" or "warez"
2897 Note: Filtering requires buffering the page content, which may appear to slow down
2898 page rendering since nothing is displayed until all content has passed
2899 the filters. (It does not really take longer, but seems that way since
2900 the page is not incrementally displayed.) This effect will be more noticeable
2901 on slower connections.
2908 Block any existing X-Forwarded-for header, and do not add a new one:
2914 <emphasis>+hide-forwarded</emphasis>
2923 If the browser sends a <quote>From:</quote> header containing your e-mail
2924 address, this either completely removes the header (<quote>block</quote>), or
2925 changes it to the specified e-mail address.
2931 <emphasis>+hide-from{block}</emphasis>
2932 <emphasis>+hide-from{spam@sittingduck.xqq}</emphasis>
2941 Don't send the <quote>Referer:</quote> (sic) header to the web site. You
2942 can block it, forge a URL to the same server as the request (which is
2943 preferred because some sites will not send images otherwise) or set it to a
2944 constant, user defined string of your choice.
2950 <emphasis>+hide-referer{block}</emphasis>
2951 <emphasis>+hide-referer{forge}</emphasis>
2952 <emphasis>+hide-referer{http://nowhere.com}</emphasis>
2961 Alternative spelling of <quote>+hide-referer</quote>. It has the same
2962 parameters, and can be freely mixed with, <quote>+hide-referer</quote>.
2963 (<quote>referrer</quote> is the correct English spelling, however the HTTP
2964 specification has a bug - it requires it to be spelled <quote>referer</quote>.)
2970 <emphasis>+hide-referrer{...}</emphasis>
2979 Change the <quote>User-Agent:</quote> header so web servers can't tell your
2980 browser type. Warning! This breaks many web sites. Specify the
2981 user-agent value you want. Example, pretend to be using Netscape on
2988 <emphasis>+hide-user-agent{Mozilla (X11; I; Linux 2.0.32 i586)}</emphasis>
2995 Or to identify yourself explicitly as a <application>Privoxy</application> user:
3001 <emphasis>+hide-user-agent{Privoxy/1.0}</emphasis>
3006 (Don't change the version number from 1.0 - after all, why tell them?)
3013 <emphasis>+hide-user-agent{browser-type}</emphasis>
3023 Treat this URL as an image. This only matters if it's also <quote>+block</quote>ed,
3024 in which case a <quote>blocked</quote> image can be sent rather than a HTML page.
3025 See <quote>+image-blocker{}</quote> below for the control over what is actually sent.
3026 If you want <emphasis>invisible</emphasis> ads, they should be defined as
3027 <emphasis>images</emphasis> and <emphasis>blocked</emphasis>. And also,
3028 <quote>image-blocker</quote> should be set to <quote>blank</quote>. Note you
3029 cannot treat HTML pages as images in most cases. For instance, frames
3030 require an HTML page to display. So a frame that is an ad, cannot be
3031 treated as an image. Forcing an <quote>image</quote> in this
3032 situation just will not work.
3038 <emphasis>+image</emphasis>
3046 <para> Decides what to do with URLs that end up tagged with <quote>{+block
3047 +image}</quote>, e.g an advertisement. There are four options.
3048 <quote>-image-blocker</quote> will send a HTML <quote>blocked</quote> page,
3049 usually resulting in a <quote>broken image</quote> icon.
3050 <!-- <quote>+image-blocker{logo}</quote> will send a -->
3051 <!-- <application>Privoxy</application> logo -->
3053 <quote>+image-blocker{blank}</quote> will send a 1x1 transparent GIF
3054 image. And finally, <quote>+image-blocker{http://xyz.com}</quote> will send a
3055 HTTP temporary redirect to the specified image. This has the advantage of the
3056 icon being being cached by the browser, which will speed up the display.
3057 <quote>+image-blocker{pattern}</quote> will send a checkerboard type pattern:
3059 <!-- which scales better than the logo (which can get blocky if the browser -->
3060 <!-- enlarges it too much). -->
3066 <!-- <emphasis>+image-blocker{logo}</emphasis> -->
3067 <emphasis>+image-blocker{blank}</emphasis>
3068 <emphasis>+image-blocker{pattern}</emphasis>
3069 <emphasis>+image-blocker{http://p.p/send-banner}</emphasis>
3078 By default (i.e. in the absence of a <quote>+limit-connect</quote>
3079 action), <application>Privoxy</application> will only allow CONNECT
3080 requests to port 443, which is the standard port for https as a
3085 The CONNECT methods exists in HTTP to allow access to secure websites
3086 (https:// URLs) through proxies. It works very simply: the proxy
3087 connects to the server on the specified port, and then short-circuits
3088 its connections to the client <emphasis>and</emphasis> to the remote proxy.
3089 This can be a big security hole, since CONNECT-enabled proxies can
3090 be abused as TCP relays very easily.
3094 If you want to allow CONNECT for more ports than this, or want to forbid
3095 CONNECT altogether, you can specify a comma separated list of ports and
3096 port ranges (the latter using dashes, with the minimum defaulting to 0 and
3104 <emphasis>+limit-connect{443} # This is the default and need no be specified.</emphasis>
3105 <emphasis>+limit-connect{80,443} # Ports 80 and 443 are OK.</emphasis>
3106 <emphasis>+limit-connect{-3, 7, 20-100, 500-} # Port less than 3, 7, 20 to 100</emphasis>
3107 <emphasis> #and above 500 are OK.</emphasis>
3117 <quote>+no-compression</quote> prevents the website from compressing the
3118 data. Some websites do this, which can be a problem for
3119 <application>Privoxy</application>, since <quote>+filter</quote>,
3120 <quote>+no-popup</quote> and <quote>+gif-deanimate</quote> will not work on
3121 compressed data. This will slow down connections to those websites,
3122 though. Default is <quote>no-compression</quote> is turned on.
3129 <emphasis>+nocompression</emphasis>
3138 If the website sets cookies, <quote>no-cookies-keep</quote> will make sure
3139 they are erased when you exit and restart your web browser. This makes
3140 profiling cookies useless, but won't break sites which require cookies so
3141 that you can log in for transactions. Default: on.
3147 <emphasis>+no-cookies-keep</emphasis>
3156 Prevent the website from reading cookies:
3162 <emphasis>+no-cookies-read</emphasis>
3171 Prevent the website from setting cookies:
3177 <emphasis>+no-cookies-set</emphasis>
3186 Filter the website through a built-in filter to disable those obnoxious
3187 JavaScript pop-up windows via window.open(), etc. The two alternative
3188 spellings are equivalent.
3194 <emphasis>+no-popup</emphasis>
3195 <emphasis>+no-popups</emphasis>
3204 This action only applies if you are using a <filename>jarfile</filename>
3205 for saving cookies. It sends a cookie to every site stating that you do not
3206 accept any copyright on cookies sent to you, and asking them not to track
3207 you. Of course, this is a (relatively) unique header they could use to
3214 <emphasis>+vanilla-wafer</emphasis>
3223 This allows you to add an arbitrary cookie. It can be specified multiple
3224 times in order to add as many cookies as you like.
3230 <emphasis>+wafer{name=value}</emphasis>
3241 The meaning of any of the above is reversed by preceding the action with a
3242 <quote>-</quote>, in place of the <quote>+</quote>.
3250 Turn off cookies by default, then allow a few through for specified sites:
3257 # Turn off all persistent cookies
3258 { +no-cookies-read }
3260 # Allow cookies for this browser session ONLY
3261 { +no-cookies-keep }
3263 # Exceptions to the above, sites that benefit from persistent cookies
3264 { -no-cookies-read }
3266 { -no-cookies-keep }
3273 # Alternative way of saying the same thing
3274 {-no-cookies-set -no-cookies-read -no-cookies-keep}
3283 Now turn off <quote>fast redirects</quote>, and then we allow two exceptions:
3293 # Reverse it for these two sites, which don't work right without it.
3295 www.ukc.ac.uk/cgi-bin/wac\.cgi\?
3303 Turn on page filtering according to rules in the defined sections
3304 of <filename>default.filter</filename>, and make one exception for
3312 # Run everything through the filter file, using only the
3313 # specified sections:
3314 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}\
3315 +filter{webbugs} +filter{nimda} +filter{banners-by-size}
3317 # Then disable filtering of code from sourceforge!
3319 .cvs.sourceforge.net
3326 Now some URLs that we want <quote>blocked</quote> (normally generates
3327 the <quote>blocked</quote> banner). Many of these use regular expressions
3328 that will expand to match multiple URLs:
3337 /.*/(.*[-_.])?ads?[0-9]?(/|[-_.].*|\.(gif|jpe?g))
3338 /.*/(.*[-_.])?count(er)?(\.cgi|\.dll|\.exe|[?/])
3339 /.*/(ng)?adclient\.cgi
3340 /.*/(plain|live|rotate)[-_.]?ads?/
3341 /.*/(sponsor)s?[0-9]?/
3342 /.*/_?(plain|live)?ads?(-banners)?/
3344 /.*/ad(sdna_image|gifs?)/
3345 /.*/ad(server|stream|juggler)\.(cgi|pl|dll|exe)
3349 /.*/adv((er)?ts?|ertis(ing|ements?))?/
3353 /.*/cgi-bin/centralad/getimage
3354 /.*/images/addver\.gif
3355 /.*/images/marketing/.*\.(gif|jpe?g)
3359 /.*/sponsors?[0-9]?/
3360 /.*/advert[0-9]+\.jpg
3367 /graphics/defaultAd/
3369 /image\.ng/transactionID
3370 /images/.*/.*_anim\.gif # alvin brattli
3371 /ip_img/.*\.(gif|jpe?g)
3375 /cgi-bin/nph-adclick.exe/
3376 /.*/Image/BannerAdvertising/
3378 /.*/adlib/server\.cgi
3386 Note that many of these actions have the potential to cause a page to
3387 misbehave, possibly even not to display at all. There are many ways
3388 a site designer may choose to design his site, and what HTTP header
3389 content he may depend on. There is no way to have hard and fast rules
3390 for all sites. See the <link linkend="ACTIONSANAT">Appendix</link>
3391 for a brief example on troubleshooting actions.
3396 <!-- ~ End section ~ -->
3399 <!-- ~~~~~ New section ~~~~~ -->
3401 <title>Aliases</title>
3403 Custom <quote>actions</quote>, known to <application>Privoxy</application>
3404 as <quote>aliases</quote>, can be defined by combining other <quote>actions</quote>.
3405 These can in turn be invoked just like the built-in <quote>actions</quote>.
3406 Currently, an alias can contain any character except space, tab, <quote>=</quote>,
3407 <quote>{</quote> or <quote>}</quote>. But please use only <quote>a</quote>-
3408 <quote>z</quote>, <quote>0</quote>-<quote>9</quote>, <quote>+</quote>, and
3409 <quote>-</quote>. Alias names are not case sensitive, and
3410 <emphasis>must be defined before anything</emphasis> else in the
3411 <filename>default.action</filename>file! And there can only be one set of
3412 <quote>aliases</quote> defined.
3416 Now let's define a few aliases:
3423 # Useful custom aliases we can use later. These must come first!
3425 +no-cookies = +no-cookies-set +no-cookies-read
3426 -no-cookies = -no-cookies-set -no-cookies-read
3427 fragile = -block -no-cookies -filter -fast-redirects -hide-referer -no-popups
3428 shop = -no-cookies -filter -fast-redirects
3429 +imageblock = +block +image
3431 #For people who don't like to type too much: ;-)
3434 c2 = -no-cookies-set +no-cookies-read
3435 c3 = +no-cookies-set -no-cookies-read
3436 #... etc. Customize to your heart's content.
3443 Some examples using our <quote>shop</quote> and <quote>fragile</quote>
3451 # These sites are very complex and require
3452 # minimal interference.
3454 .office.microsoft.com
3455 .windowsupdate.microsoft.com
3458 # Shopping sites - still want to block ads.
3461 .worldpay.com # for quietpc.com
3465 # These shops require pop-ups
3475 The <quote>shop</quote> and <quote>fragile</quote> aliases are often used for
3476 <quote>problem</quote> sites that require most actions to be disabled
3477 in order to function properly.
3484 <!-- ~ End section ~ -->
3487 <!-- ~~~~~ New section ~~~~~ -->
3488 <sect2 id="filterfile">
3489 <title>The Filter File</title>
3491 Any web page can be dynamically modified with the filter file. This
3492 modification can be removal, or re-writing, of any web page content,
3493 including tags and non-visible content. The default filter file is
3494 <filename>default.filter</filename>, located in the config directory.
3498 This is potentially a very powerful feature, and requires knowledge of both
3499 <quote>regular expression</quote> and HTML in order create custom
3500 filters. But, there are a number of useful filters included with
3501 <application>Privoxy</application> for many common situations.
3505 The included example file is divided into sections. Each section begins
3506 with the <literal>FILTER</literal> keyword, followed by the identifier
3507 for that section, e.g. <quote>FILTER: webbugs</quote>. Each section performs
3508 a similar type of filtering, such as <quote>html-annoyances</quote>.
3512 This file uses regular expressions to alter or remove any string in the
3513 target page. The expressions can only operate on one line at a time. Some
3514 examples from the included default <filename>default.filter</filename>:
3518 Stop web pages from displaying annoying messages in the status bar by
3519 deleting such references:
3526 FILTER: html-annoyances
3528 # New browser windows should be resizeable and have a location and status
3531 s/resizable="?(no|0)"?/resizable=1/ig s/noresize/yesresize/ig
3532 s/location="?(no|0)"?/location=1/ig s/status="?(no|0)"?/status=1/ig
3533 s/scrolling="?(no|0|Auto)"?/scrolling=1/ig
3534 s/menubar="?(no|0)"?/menubar=1/ig
3536 # The <BLINK> tag was a crime!
3538 s*<blink>|</blink>**ig
3542 #s/framespacing="?(no|0)"?//ig
3543 #s/margin(height|width)=[0-9]*//gi
3550 Just for kicks, replace any occurrence of <quote>Microsoft</quote> with
3551 <quote>MicroSuck</quote>, and have a little fun with topical buzzwords:
3560 s/microsoft(?!.com)/MicroSuck/ig
3564 s/industry-leading|cutting-edge|award-winning/<font color=red><b>BINGO!</b></font>/ig
3571 Kill those pesky little web-bugs:
3578 # webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)
3581 s/<img\s+[^>]*?(width|height)\s*=\s*['"]?1\D[^>]*?(width|height)\s*=\s*['"]?1(\D[^>]*?)?>/<!-- Squished WebBug -->/sig
3589 <!-- ~ End section ~ -->
3593 <!-- ~~~~~ New section ~~~~~ -->
3596 <title>Templates</title>
3598 When <application>Privoxy</application> displays one of its internal
3599 pages, such as a 404 Not Found error page, it uses the appropriate template.
3600 On Linux, BSD, and Unix, these are located in
3601 <filename>/etc/privoxy/templates</filename> by default. These may be
3602 customized, if desired. <filename>cgi-style.css</filename> is
3603 used to control the HTML attributes (fonts, etc).
3606 The default <quote>Blocked</quote> banner page with the bright red top
3607 banner, is called just <quote><filename>blocked</filename></quote>. This
3608 may be customized or replaced with something else if desired.
3615 <!-- ~ End section ~ -->
3619 <!-- ~~~~~ New section ~~~~~ -->
3621 <sect1 id="contact"><title>Contacting the Developers, Bug Reporting and Feature
3624 <!-- Include contacting.sgml boilerplate: -->
3626 <!-- end boilerplate -->
3629 <!-- ~~~~~ New section ~~~~~ -->
3630 <sect2 id="submitactions">
3631 <title>Submitting Ads and <quote>Action</quote> Problems</title>
3633 Ads and banners that are not stopped by <application>Privoxy</application>
3634 can be submitted to the developers by accessing a special page and filling
3635 out the brief, required form. Conversely, you can also report pages, images,
3636 etc. that <application>Privoxy</application> is blocking, but should not.
3637 The form itself does require Internet access.
3640 To do this, point your browser to <application>Privoxy</application>
3641 at <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>
3642 (shortcut: <ulink url="http://p.p/">http://p.p/</ulink>), and then select
3643 <ulink url="javascript:w=Math.floor(screen.width/2);h=Math.floor(screen.height*0.9);void(window.open('http://www.privoxy.org/actions','Feedback','screenx='+w+',width='+w+',height='+h+',scrollbars=yes,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());">Actions file feedback system</ulink>,
3644 near the bottom of the page. Paste in the URL that is the cause of the
3645 unwanted behavior, and follow the prompts. The developers will
3646 try to incorporate a fix for the problem you reported into future versions.
3650 New <filename>default.actions</filename> files will occasionally be made
3651 available based on your feedback. These
3652 will be announced on the
3654 url="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce">ijbswa-announce</ulink>
3662 <!-- ~~~~~ New section ~~~~~ -->
3663 <sect1 id="copyright"><title>Copyright and History</title>
3665 <sect2><title>Copyright</title>
3666 <!-- Include copyright.sgml: -->
3668 <!-- end copyright -->
3671 <!-- ~ End section ~ -->
3674 <!-- ~~~~~ New section ~~~~~ -->
3676 <sect2 id="history"><title>History</title>
3677 <!-- Include history.sgml: -->
3679 <!-- end history -->
3683 <!-- ~~~~~ New section ~~~~~ -->
3684 <sect1 id="seealso"><title>See Also</title>
3685 <!-- Include seealso.sgml: -->
3687 <!-- end seealso -->
3692 <!-- ~~~~~ New section ~~~~~ -->
3693 <sect1 id="appendix"><title>Appendix</title>
3696 <!-- ~~~~~ New section ~~~~~ -->
3698 <title>Regular Expressions</title>
3700 <application>Privoxy</application> can use <quote>regular expressions</quote>
3701 in various config files. Assuming support for <quote>pcre</quote> (Perl
3702 Compatible Regular Expressions) is compiled in, which is the default. Such
3703 configuration directives do not require regular expressions, but they can be
3704 used to increase flexibility by matching a pattern with wild-cards against
3709 If you are reading this, you probably don't understand what <quote>regular
3710 expressions</quote> are, or what they can do. So this will be a very brief
3711 introduction only. A full explanation would require a book ;-)
3715 <quote>Regular expressions</quote> is a way of matching one character
3716 expression against another to see if it matches or not. One of the
3717 <quote>expressions</quote> is a literal string of readable characters
3718 (letter, numbers, etc), and the other is a complex string of literal
3719 characters combined with wild-cards, and other special characters, called
3720 meta-characters. The <quote>meta-characters</quote> have special meanings and
3721 are used to build the complex pattern to be matched against. Perl Compatible
3722 Regular Expressions is an enhanced form of the regular expression language
3723 with backward compatibility.
3727 To make a simple analogy, we do something similar when we use wild-card
3728 characters when listing files with the <command>dir</command> command in DOS.
3729 <literal>*.*</literal> matches all filenames. The <quote>special</quote>
3730 character here is the asterisk which matches any and all characters. We can be
3731 more specific and use <literal>?</literal> to match just individual
3732 characters. So <quote>dir file?.text</quote> would match
3733 <quote>file1.txt</quote>, <quote>file2.txt</quote>, etc. We are pattern
3734 matching, using a similar technique to <quote>regular expressions</quote>!
3738 Regular expressions do essentially the same thing, but are much, much more
3739 powerful. There are many more <quote>special characters</quote> and ways of
3740 building complex patterns however. Let's look at a few of the common ones,
3741 and then some examples:
3746 <emphasis>.</emphasis> - Matches any single character, e.g. <quote>a</quote>,
3747 <quote>A</quote>, <quote>4</quote>, <quote>:</quote>, or <quote>@</quote>.
3749 </simplelist></para>
3753 <emphasis>?</emphasis> - The preceding character or expression is matched ZERO or ONE
3756 </simplelist></para>
3760 <emphasis>+</emphasis> - The preceding character or expression is matched ONE or MORE
3763 </simplelist></para>
3767 <emphasis>*</emphasis> - The preceding character or expression is matched ZERO or MORE
3770 </simplelist></para>
3774 <emphasis>\</emphasis> - The <quote>escape</quote> character denotes that
3775 the following character should be taken literally. This is used where one of the
3776 special characters (e.g. <quote>.</quote>) needs to be taken literally and
3777 not as a special meta-character.
3779 </simplelist></para>
3783 <emphasis>[]</emphasis> - Characters enclosed in brackets will be matched if
3784 any of the enclosed characters are encountered.
3786 </simplelist></para>
3790 <emphasis>()</emphasis> - parentheses are used to group a sub-expression,
3791 or multiple sub-expressions.
3793 </simplelist></para>
3797 <emphasis>|</emphasis> - The <quote>bar</quote> character works like an
3798 <quote>or</quote> conditional statement. A match is successful if the
3799 sub-expression on either side of <quote>|</quote> matches.
3801 </simplelist></para>
3805 <emphasis>s/string1/string2/g</emphasis> - This is used to rewrite strings of text.
3806 <quote>string1</quote> is replaced by <quote>string2</quote> in this
3809 </simplelist></para>
3812 These are just some of the ones you are likely to use when matching URLs with
3813 <application>Privoxy</application>, and is a long way from a definitive
3814 list. This is enough to get us started with a few simple examples which may
3815 be more illuminating:
3819 <emphasis><literal>/.*/banners/.*</literal></emphasis> - A simple example
3820 that uses the common combination of <quote>.</quote> and <quote>*</quote> to
3821 denote any character, zero or more times. In other words, any string at all.
3822 So we start with a literal forward slash, then our regular expression pattern
3823 (<quote>.*</quote>) another literal forward slash, the string
3824 <quote>banners</quote>, another forward slash, and lastly another
3825 <quote>.*</quote>. We are building
3826 a directory path here. This will match any file with the path that has a
3827 directory named <quote>banners</quote> in it. The <quote>.*</quote> matches
3828 any characters, and this could conceivably be more forward slashes, so it
3829 might expand into a much longer looking path. For example, this could match:
3830 <quote>/eye/hate/spammers/banners/annoy_me_please.gif</quote>, or just
3831 <quote>/banners/annoying.html</quote>, or almost an infinite number of other
3832 possible combinations, just so it has <quote>banners</quote> in the path
3837 A now something a little more complex:
3841 <emphasis><literal>/.*/adv((er)?ts?|ertis(ing|ements?))?/</literal></emphasis> -
3842 We have several literal forward slashes again (<quote>/</quote>), so we are
3843 building another expression that is a file path statement. We have another
3844 <quote>.*</quote>, so we are matching against any conceivable sub-path, just so
3845 it matches our expression. The only true literal that <emphasis>must
3846 match</emphasis> our pattern is <application>adv</application>, together with
3847 the forward slashes. What comes after the <quote>adv</quote> string is the
3852 Remember the <quote>?</quote> means the preceding expression (either a
3853 literal character or anything grouped with <quote>(...)</quote> in this case)
3854 can exist or not, since this means either zero or one match. So
3855 <quote>((er)?ts?|ertis(ing|ements?))</quote> is optional, as are the
3856 individual sub-expressions: <quote>(er)</quote>,
3857 <quote>(ing|ements?)</quote>, and the <quote>s</quote>. The <quote>|</quote>
3858 means <quote>or</quote>. We have two of those. For instance,
3859 <quote>(ing|ements?)</quote>, can expand to match either <quote>ing</quote>
3860 <emphasis>OR</emphasis> <quote>ements?</quote>. What is being done here, is an
3861 attempt at matching as many variations of <quote>advertisement</quote>, and
3862 similar, as possible. So this would expand to match just <quote>adv</quote>,
3863 or <quote>advert</quote>, or <quote>adverts</quote>, or
3864 <quote>advertising</quote>, or <quote>advertisement</quote>, or
3865 <quote>advertisements</quote>. You get the idea. But it would not match
3866 <quote>advertizements</quote> (with a <quote>z</quote>). We could fix that by
3867 changing our regular expression to:
3868 <quote>/.*/adv((er)?ts?|erti(s|z)(ing|ements?))?/</quote>, which would then match
3873 <emphasis><literal>/.*/advert[0-9]+\.(gif|jpe?g)</literal></emphasis> - Again
3874 another path statement with forward slashes. Anything in the square brackets
3875 <quote>[]</quote> can be matched. This is using <quote>0-9</quote> as a
3876 shorthand expression to mean any digit one through nine. It is the same as
3877 saying <quote>0123456789</quote>. So any digit matches. The <quote>+</quote>
3878 means one or more of the preceding expression must be included. The preceding
3879 expression here is what is in the square brackets -- in this case, any digit
3880 one through nine. Then, at the end, we have a grouping: <quote>(gif|jpe?g)</quote>.
3881 This includes a <quote>|</quote>, so this needs to match the expression on
3882 either side of that bar character also. A simple <quote>gif</quote> on one side, and the other
3883 side will in turn match either <quote>jpeg</quote> or <quote>jpg</quote>,
3884 since the <quote>?</quote> means the letter <quote>e</quote> is optional and
3885 can be matched once or not at all. So we are building an expression here to
3886 match image GIF or JPEG type image file. It must include the literal
3887 string <quote>advert</quote>, then one or more digits, and a <quote>.</quote>
3888 (which is now a literal, and not a special character, since it is escaped
3889 with <quote>\</quote>), and lastly either <quote>gif</quote>, or
3890 <quote>jpeg</quote>, or <quote>jpg</quote>. Some possible matches would
3891 include: <quote>//advert1.jpg</quote>,
3892 <quote>/nasty/ads/advert1234.gif</quote>,
3893 <quote>/banners/from/hell/advert99.jpg</quote>. It would not match
3894 <quote>advert1.gif</quote> (no leading slash), or
3895 <quote>/adverts232.jpg</quote> (the expression does not include an
3896 <quote>s</quote>), or <quote>/advert1.jsp</quote> (<quote>jsp</quote> is not
3897 in the expression anywhere).
3901 <emphasis><literal>s/microsoft(?!.com)/MicroSuck/i</literal></emphasis> - This is
3902 a substitution. <quote>MicroSuck</quote> will replace any occurrence of
3903 <quote>microsoft</quote>. The <quote>i</quote> at the end of the expression
3904 means ignore case. The <quote>(?!.com)</quote> means
3905 the match should fail if <quote>microsoft</quote> is followed by
3906 <quote>.com</quote>. In other words, this acts like a <quote>NOT</quote>
3907 modifier. In case this is a hyperlink, we don't want to break it ;-).
3911 We are barely scratching the surface of regular expressions here so that you
3912 can understand the default <application>Privoxy</application>
3913 configuration files, and maybe use this knowledge to customize your own
3914 installation. There is much, much more that can be done with regular
3915 expressions. Now that you know enough to get started, you can learn more on
3920 More reading on Perl Compatible Regular expressions:
3921 <ulink url="http://www.perldoc.com/perl5.6/pod/perlre.html">http://www.perldoc.com/perl5.6/pod/perlre.html</ulink>
3926 <!-- ~ End section ~ -->
3929 <!-- ~~~~~ New section ~~~~~ -->
3931 <title><application>Privoxy</application>'s Internal Pages</title>
3934 Since <application>Privoxy</application> proxies each requested
3935 web page, it is easy for <application>Privoxy</application> to
3936 trap certain special URLs. In this way, we can talk directly to
3937 <application>Privoxy</application>, and see how it is
3938 configured, see how our rules are being applied, change these
3939 rules and other configuration options, and even turn
3940 <application>Privoxy's</application> filtering off, all with
3946 The URLs listed below are the special ones that allow direct access
3947 to <application>Privoxy</application>. Of course,
3948 <application>Privoxy</application> must be running to access these. If
3949 not, you will get a friendly error message. Internet access is not
3962 <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>
3966 Alternately, this may be reached at <ulink
3967 url="http://p.p/">http://p.p/</ulink>, but this
3968 variation may not work as reliably as the above in some configurations.
3974 Show information about the current configuration:
3978 <ulink url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status</ulink>
3985 Show the source code version numbers:
3989 <ulink url="http://config.privoxy.org/show-version">http://config.privoxy.org/show-version</ulink>
3996 Show the client's request headers:
4000 <ulink url="http://config.privoxy.org/show-request">http://config.privoxy.org/show-request</ulink>
4007 Show which actions apply to a URL and why:
4011 <ulink url="http://config.privoxy.org/show-url-info">http://config.privoxy.org/show-url-info</ulink>
4018 Toggle Privoxy on or off. In this case, <quote>Privoxy</quote> continues
4019 to run, but only as a pass-through proxy, with no actions taking place:
4023 <ulink url="http://config.privoxy.org/toggle">http://config.privoxy.org/toggle</ulink>
4027 Short cuts. Turn off, then on:
4031 <ulink url="http://config.privoxy.org/toggle?set=disable">http://config.privoxy.org/toggle?set=disable</ulink>
4036 <ulink url="http://config.privoxy.org/toggle?set=enable">http://config.privoxy.org/toggle?set=enable</ulink>
4043 Edit the actions list file:
4047 <ulink url="http://config.privoxy.org/edit-actions">http://config.privoxy.org/edit-actions</ulink>
4056 These may be bookmarked for quick reference.
4060 <sect3 id="bookmarklets">
4061 <title>Bookmarklets</title>
4063 Below are some <quote>bookmarklets</quote> to allow you to easily access a
4064 <quote>mini</quote> version of some of <application>Privoxy's</application>
4065 special pages. They are designed for MS Internet Explorer, but should work
4066 equally well in Netscape, Mozilla, and other browsers which support
4067 JavaScript. They are designed to run directly from your bookmarks - not by
4068 clicking the links below (although that should work for testing).
4071 To save them, right-click the link and choose <quote>Add to Favorites</quote>
4072 (IE) or <quote>Add Bookmark</quote> (Netscape). You will get a warning that
4073 the bookmark <quote>may not be safe</quote> - just click OK. Then you can run the
4074 Bookmarklet directly from your favorites/bookmarks. For even faster access,
4075 you can put them on the <quote>Links</quote> bar (IE) or the <quote>Personal
4076 Toolbar</quote> (Netscape), and run them with a single click.
4084 <ulink url="javascript:void(window.open('http://config.privoxy.org/toggle?mini=y&set=enabled','ijbstatus','width=250,height=100,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());">Enable Privoxy</ulink>
4090 <ulink url="javascript:void(window.open('http://config.privoxy.org/toggle?mini=y&set=disabled','ijbstatus','width=250,height=100,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());">Disable Privoxy</ulink>
4096 <ulink url="javascript:void(window.open('http://config.privoxy.org/toggle?mini=y&set=toggle','ijbstatus','width=250,height=100,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());">Toggle Privoxy</ulink> (Toggles between enabled and disabled)
4102 <ulink url="javascript:void(window.open('http://config.privoxy.org/toggle?mini=y','ijbstatus','width=250,height=2,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());">View Privoxy Status</ulink>
4108 <ulink url="javascript:w=Math.floor(screen.width/2);h=Math.floor(screen.height*0.9);void(window.open('http://www.privoxy.org/actions','Feedback','screenx='+w+',width='+w+',height='+h+',scrollbars=yes,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());">Actions file feedback system</ulink>
4118 Credit: The site which gave me the general idea for these bookmarklets is
4119 <ulink url="http://www.bookmarklets.com">www.bookmarklets.com</ulink>. They
4120 have more information about bookmarklets.
4129 <!-- ~~~~~ New section ~~~~~ -->
4130 <sect2 id="actionsanat">
4131 <title>Anatomy of an Action</title>
4134 The way <application>Privoxy</application> applies <quote>actions</quote>
4135 and <quote>filters</quote> to any given URL can be complex, and not always so
4136 easy to understand what is happening. And sometimes we need to be able to
4137 <emphasis>see</emphasis> just what <application>Privoxy</application> is
4138 doing. Especially, if something <application>Privoxy</application> is doing
4139 is causing us a problem inadvertently. It can be a little daunting to look at
4140 the actions and filters files themselves, since they tend to be filled with
4141 <quote>regular expressions</quote> whose consequences are not always
4142 so obvious. <application>Privoxy</application> provides the
4143 <ulink url="http://config.privoxy.org/show-url-info">http://config.privoxy.org/show-url-info</ulink>
4144 page that can show us very specifically how <application>actions</application>
4145 are being applied to any given URL. This is a big help for troubleshooting.
4149 First, enter one URL (or partial URL) at the prompt, and then
4150 <application>Privoxy</application> will tell us
4151 how the current configuration will handle it. This will not
4152 help with filtering effects from the <filename>default.filter</filename> file! It
4153 also will not tell you about any other URLs that may be embedded within the
4154 URL you are testing (i.e. a web page). For instance, images such as ads are expressed as URLs
4155 within the raw page source of HTML pages. So you will only get info for the
4156 actual URL that is pasted into the prompt area -- not any sub-URLs. If you
4157 want to know about embedded URLs like ads, you will have to dig those out of
4158 the HTML source. Use your browser's <quote>View Page Source</quote> option
4159 for this. Or right click on the ad, and grab the URL.
4163 Let's look at an example, <ulink url="http://google.com">google.com</ulink>,
4164 one section at a time:
4169 System default actions:
4171 { -add-header -block -deanimate-gifs -downgrade -fast-redirects -filter
4172 -hide-forwarded -hide-from -hide-referer -hide-user-agent -image
4173 -image-blocker -limit-connect -no-compression -no-cookies-keep
4174 -no-cookies-read -no-cookies-set -no-popups -vanilla-wafer -wafer }
4180 This is the top section, and only tells us of the compiled in defaults. This
4181 is basically what <application>Privoxy</application> would do if there
4182 were not any <quote>actions</quote> defined, i.e. it does nothing. Every action
4183 is disabled. This is not particularly informative for our purposes here. OK,
4190 Matches for http://google.com:
4192 { -add-header -block +deanimate-gifs -downgrade +fast-redirects
4193 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}
4194 +filter{webbugs} +filter{nimda} +filter{banners-by-size} +filter{hal}
4195 +filter{fun} +hide-forwarded +hide-from{block} +hide-referer{forge}
4196 -hide-user-agent -image +image-blocker{blank} +no-compression
4197 +no-cookies-keep -no-cookies-read -no-cookies-set +no-popups
4198 -vanilla-wafer -wafer }
4201 { -no-cookies-keep -no-cookies-read -no-cookies-set }
4211 This is much more informative, and tells us how we have defined our
4212 <quote>actions</quote>, and which ones match for our example,
4213 <quote>google.com</quote>. The first grouping shows our default
4214 settings, which would apply to all URLs. If you look at your <quote>actions</quote>
4215 file, this would be the section just below the <quote>aliases</quote> section
4216 near the top. This applies to all URLs as signified by the single forward
4217 slash -- <quote>/</quote>.
4222 These are the default actions we have enabled. But we can define additional
4223 actions that would be exceptions to these general rules, and then list
4224 specific URLs that these exceptions would apply to. Last match wins.
4225 Just below this then are two explicit matches for <quote>.google.com</quote>.
4226 The first is negating our various cookie blocking actions (i.e. we will allow
4227 cookies here). The second is allowing <quote>fast-redirects</quote>. Note
4228 that there is a leading dot here -- <quote>.google.com</quote>. This will
4229 match any hosts and sub-domains, in the google.com domain also, such as
4230 <quote>www.google.com</quote>. So, apparently, we have these actions defined
4231 somewhere in the lower part of our actions file, and
4232 <quote>google.com</quote> is referenced in these sections.
4237 And now we pull it altogether in the bottom section and summarize how
4238 <application>Privoxy</application> is applying all its <quote>actions</quote>
4239 to <quote>google.com</quote>:
4248 -add-header -block -deanimate-gifs -downgrade -fast-redirects
4249 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}
4250 +filter{webbugs} +filter{nimda} +filter{banners-by-size} +filter{hal}
4251 +filter{fun} +hide-forwarded +hide-from{block} +hide-referer{forge}
4252 -hide-user-agent -image +image-blocker{blank} -limit-connect +no-compression
4253 -no-cookies-keep -no-cookies-read -no-cookies-set +no-popups -vanilla-wafer
4260 Now another example, <quote>ad.doubleclick.net</quote>:
4279 We'll just show the interesting part here, the explicit matches. It is
4280 matched three different times. Each as an <quote>+block +image</quote>,
4281 which is the expanded form of one of our aliases that had been defined as:
4282 <quote>+imageblock</quote>. (<quote>Aliases</quote> are defined in the
4283 first section of the actions file and typically used to combine more
4288 Any one of these would have done the trick and blocked this as an unwanted
4289 image. This is unnecessarily redundant since the last case effectively
4290 would also cover the first. No point in taking chances with these guys
4291 though ;-) Note that if you want an ad or obnoxious
4292 URL to be invisible, it should be defined as <quote>ad.doubleclick.net</quote>
4293 is done here -- as both a <quote>+block</quote> <emphasis>and</emphasis> an
4294 <quote>+image</quote>. The custom alias <quote>+imageblock</quote> does this
4299 One last example. Let's try <quote>http://www.rhapsodyk.net/adsl/HOWTO/</quote>.
4300 This one is giving us problems. We are getting a blank page. Hmmm...
4306 Matches for http://www.rhapsodyk.net/adsl/HOWTO/:
4308 { -add-header -block +deanimate-gifs -downgrade +fast-redirects
4309 +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}
4310 +filter{webbugs} +filter{nimda} +filter{banners-by-size} +filter{hal}
4311 +filter{fun} +hide-forwarded +hide-from{block} +hide-referer{forge}
4312 -hide-user-agent -image +image-blocker{blank} +no-compression
4313 +no-cookies-keep -no-cookies-read -no-cookies-set +no-popups
4314 -vanilla-wafer -wafer }
4324 Ooops, the <quote>/adsl/</quote> is matching <quote>/ads</quote>! But
4325 we did not want this at all! Now we see why we get the blank page. We could
4326 now add a new action below this that explicitly does <emphasis>not</emphasis>
4327 block (-block) pages with <quote>adsl</quote>. There are various ways to
4328 handle such exceptions. Example:
4341 Now the page displays ;-) Be sure to flush your browser's caches when
4342 making such changes. Or, try using <literal>Shift+Reload</literal>.
4346 But now what about a situation where we get no explicit matches like
4360 That actually was very telling and pointed us quickly to where the problem
4361 was. If you don't get this kind of match, then it means one of the default
4362 rules in the first section is causing the problem. This would require some
4363 guesswork, and maybe a little trial and error to isolate the offending rule.
4364 One likely cause would be one of the <quote>{+filter}</quote> actions. Try
4365 adding the URL for the site to one of aliases that turn off <quote>+filter</quote>:
4373 .worldpay.com # for quietpc.com
4382 <quote>{shop}</quote> is an <quote>alias</quote> that expands to
4383 <quote>{ -filter -no-cookies -no-cookies-keep }</quote>. Or you could do
4384 your own exception to negate filtering:
4398 <quote>{fragile}</quote> is an alias that disables most actions. This can be
4399 used as a last resort for problem sites. Remember to flush caches! If this
4400 still does not work, you will have to go through the remaining actions one by
4401 one to find which one(s) is causing the problem.
4410 This program is free software; you can redistribute it
4411 and/or modify it under the terms of the GNU General
4412 Public License as published by the Free Software
4413 Foundation; either version 2 of the License, or (at
4414 your option) any later version.
4416 This program is distributed in the hope that it will
4417 be useful, but WITHOUT ANY WARRANTY; without even the
4418 implied warranty of MERCHANTABILITY or FITNESS FOR A
4419 PARTICULAR PURPOSE. See the GNU General Public
4420 License for more details.
4422 The GNU General Public License should be included with
4423 this file. If not, you can view it at
4424 http://www.gnu.org/copyleft/gpl.html
4425 or write to the Free Software Foundation, Inc., 59
4426 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
4428 $Log: user-manual.sgml,v $
4429 Revision 1.84 2002/04/18 21:17:13 hal9
4430 Spell Redhat correctly (ie Red Hat). A few minor grammar corrections.
4432 Revision 1.83 2002/04/18 18:21:12 oes
4433 Added RPM install detail
4435 Revision 1.82 2002/04/18 12:04:50 oes
4438 Revision 1.81 2002/04/18 11:50:24 oes
4439 Extended Install section - needs fixing by packagers
4441 Revision 1.80 2002/04/18 10:45:19 oes
4442 Moved text to buildsource.sgml, renamed some filters, details
4444 Revision 1.79 2002/04/18 03:18:06 hal9
4445 Spellcheck, and minor touchups.
4447 Revision 1.78 2002/04/17 18:04:16 oes
4450 Revision 1.77 2002/04/17 13:51:23 oes
4451 Proofreading, part one
4453 Revision 1.76 2002/04/16 04:25:51 hal9
4454 -Added 'Note to Upgraders' and re-ordered the 'Quickstart' section.
4455 -Note about proxy may need requests to re-read config files.
4457 Revision 1.75 2002/04/12 02:08:48 david__schmidt
4458 Remove OS/2 building info... it is already in the developer-manual
4460 Revision 1.74 2002/04/11 00:54:38 hal9
4461 Add small section on submitting actions.
4463 Revision 1.73 2002/04/10 18:45:15 swa
4466 Revision 1.72 2002/04/10 04:06:19 hal9
4467 Added actions feedback to Bookmarklets section
4469 Revision 1.71 2002/04/08 22:59:26 hal9
4470 Version update. Spell chkconfig correctly :)
4472 Revision 1.70 2002/04/08 20:53:56 swa
4475 Revision 1.69 2002/04/06 05:07:29 hal9
4476 -Add privoxy-man-page.sgml, for man page.
4477 -Add authors.sgml for AUTHORS (and p-authors.sgml)
4478 -Reworked various aspects of various docs.
4479 -Added additional comments to sub-docs.
4481 Revision 1.68 2002/04/04 18:46:47 swa
4482 consistent look. reuse of copyright, history et. al.
4484 Revision 1.67 2002/04/04 17:27:57 swa
4485 more single file to be included at multiple points. make maintaining easier
4487 Revision 1.66 2002/04/04 06:48:37 hal9
4488 Structural changes to allow for conditional inclusion/exclusion of content
4489 based on entity toggles, e.g. 'entity % p-not-stable "INCLUDE"'. And
4490 definition of internal entities, e.g. 'entity p-version "2.9.13"' that will
4491 eventually be set by Makefile.
4492 More boilerplate text for use across multiple docs.
4494 Revision 1.65 2002/04/03 19:52:07 swa
4495 enhance squid section due to user suggestion
4497 Revision 1.64 2002/04/03 03:53:43 hal9
4498 A few minor bug fixes, and touch ups. Ready for review.
4500 Revision 1.63 2002/04/01 16:24:49 hal9
4501 Define entities to include boilerplate text. See doc/source/*.
4503 Revision 1.62 2002/03/30 04:15:53 hal9
4504 - Fix privoxy.org/config links.
4505 - Paste in Bookmarklets from Toggle page.
4506 - Move Quickstart nearer top, and minor rework.
4508 Revision 1.61 2002/03/29 01:31:08 hal9
4511 Revision 1.60 2002/03/27 01:57:34 hal9
4512 Added more to Anatomy section.
4514 Revision 1.59 2002/03/27 00:54:33 hal9
4515 Touch up intro for new name.
4517 Revision 1.58 2002/03/26 22:29:55 swa
4518 we have a new homepage!
4520 Revision 1.57 2002/03/24 20:33:30 hal9
4521 A few minor catch ups with name change.
4523 Revision 1.56 2002/03/24 16:17:06 swa
4524 configure needs to be generated.
4526 Revision 1.55 2002/03/24 16:08:08 swa
4527 we are too lazy to make a block-built
4528 privoxy logo. hence removed the option.
4530 Revision 1.54 2002/03/24 15:46:20 swa
4531 name change related issue.
4533 Revision 1.53 2002/03/24 11:51:00 swa
4534 name change. changed filenames.
4536 Revision 1.52 2002/03/24 11:01:06 swa
4539 Revision 1.51 2002/03/23 15:13:11 swa
4540 renamed every reference to the old name with foobar.
4541 fixed "application foobar application" tag, fixed
4542 "the foobar" with "foobar". left junkbustser in cvs
4543 comments and remarks to history untouched.
4545 Revision 1.50 2002/03/23 05:06:21 hal9
4548 Revision 1.49 2002/03/21 17:01:05 hal9
4549 New section in Appendix.
4551 Revision 1.48 2002/03/12 06:33:01 hal9
4552 Catching up to Andreas and re_filterfile changes.
4554 Revision 1.47 2002/03/11 13:13:27 swa
4555 correct feedback channels
4557 Revision 1.46 2002/03/10 00:51:08 hal9
4558 Added section on JB internal pages in Appendix.
4560 Revision 1.45 2002/03/09 17:43:53 swa
4563 Revision 1.44 2002/03/09 17:08:48 hal9
4564 New section on Jon's actions file editor, and move some stuff around.
4566 Revision 1.43 2002/03/08 00:47:32 hal9
4567 Added imageblock{pattern}.
4569 Revision 1.42 2002/03/07 18:16:55 swa
4572 Revision 1.41 2002/03/07 16:46:43 hal9
4573 Fix a few markup problems for jade.
4575 Revision 1.40 2002/03/07 16:28:39 swa
4576 provide correct feedback channels
4578 Revision 1.39 2002/03/06 16:19:28 hal9
4579 Note on perceived filtering slowdown per FR.
4581 Revision 1.38 2002/03/05 23:55:14 hal9
4582 Stupid I did it again. Double hyphen in comment breaks jade.
4584 Revision 1.37 2002/03/05 23:53:49 hal9
4585 jade barfs on '- -' embedded in comments. - -user option broke it.
4587 Revision 1.36 2002/03/05 22:53:28 hal9
4588 Add new - - user option.
4590 Revision 1.35 2002/03/05 00:17:27 hal9
4591 Added section on command line options.
4593 Revision 1.34 2002/03/04 19:32:07 oes
4594 Changed default port to 8118
4596 Revision 1.33 2002/03/03 19:46:13 hal9
4597 Emphasis on where/how to report bugs, etc
4599 Revision 1.32 2002/03/03 09:26:06 joergs
4600 AmigaOS changes, config is now loaded from PROGDIR: instead of
4601 AmiTCP:db/junkbuster/ if no configuration file is specified on the
4604 Revision 1.31 2002/03/02 22:45:52 david__schmidt
4607 Revision 1.30 2002/03/02 22:00:14 hal9
4608 Updated 'New Features' list. Ran through spell-checker.
4610 Revision 1.29 2002/03/02 20:34:07 david__schmidt
4611 Update OS/2 build section
4613 Revision 1.28 2002/02/24 14:34:24 jongfoster
4614 Formatting changes. Now changing the doctype to DocBook XML 4.1
4615 will work - no other changes are needed.
4617 Revision 1.27 2002/01/11 14:14:32 hal9
4618 Added a very short section on Templates
4620 Revision 1.26 2002/01/09 20:02:50 hal9
4621 Fix bug re: auto-detect config file changes.
4623 Revision 1.25 2002/01/09 18:20:30 hal9
4624 Touch ups for *.action files.
4626 Revision 1.24 2001/12/02 01:13:42 hal9
4629 Revision 1.23 2001/12/02 00:20:41 hal9
4630 Updates for recent changes.
4632 Revision 1.22 2001/11/05 23:57:51 hal9
4633 Minor update for startup now daemon mode.
4635 Revision 1.21 2001/10/31 21:11:03 hal9
4636 Correct 2 minor errors
4638 Revision 1.18 2001/10/24 18:45:26 hal9
4639 *** empty log message ***
4641 Revision 1.17 2001/10/24 17:10:55 hal9
4642 Catching up with Jon's recent work, and a few other things.
4644 Revision 1.16 2001/10/21 17:19:21 swa
4645 wrong url in documentation
4647 Revision 1.15 2001/10/14 23:46:24 hal9
4648 Various minor changes. Fleshed out SEE ALSO section.
4650 Revision 1.13 2001/10/10 17:28:33 hal9
4653 Revision 1.12 2001/09/28 02:57:04 hal9
4656 Revision 1.11 2001/09/28 02:25:20 hal9
4659 Revision 1.9 2001/09/27 23:50:29 hal9
4660 A few changes. A short section on regular expression in appendix.
4662 Revision 1.8 2001/09/25 00:34:59 hal9
4663 Some additions, and re-arranging.
4665 Revision 1.7 2001/09/24 14:31:36 hal9
4668 Revision 1.6 2001/09/24 14:10:32 hal9
4669 Including David's OS/2 installation instructions.
4671 Revision 1.2 2001/09/13 15:27:40 swa
4674 Revision 1.1 2001/09/12 15:36:41 swa
4675 source files for junkbuster documentation
4677 Revision 1.3 2001/09/10 17:43:59 swa
4678 first proposal of a structure.
4680 Revision 1.2 2001/06/13 14:28:31 swa
4681 docs should have an author.
4683 Revision 1.1 2001/06/13 14:20:37 swa
4684 first import of project's documentation for the webserver.