7 CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
10 TITLE="Privoxy Frequently Asked Questions"
11 HREF="index.html"><LINK
14 HREF="installation.html"><LINK
17 HREF="misc.html"><LINK
20 HREF="../p_doc.css"></HEAD
31 SUMMARY="Header navigation table"
40 >Privoxy Frequently Asked Questions</TH
48 HREF="installation.html"
86 >3.1. Where can I get updated Actions Files?</H3
88 > Based on your feedback and the continuing development, updates of
93 made available from time to time on the <A
94 HREF="http://sourceforge.net/project/showfiles.php?group_id=11118"
99 HREF="http://sf.net/projects/ijbswa/"
105 > If you wish to receive an email notification whenever we release updates of
109 > or the actions file, <A
110 HREF="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce/"
113 to our announce mailing list</A
114 >, ijbswa-announce@lists.sourceforge.net.
124 >3.2. Can I use my old config files?</H3
126 > The syntax and purpose of configuration files has remained the same
127 throughout the 3.x series. Although each release contains updated,
131 > versions and it is recommended to use the newer
134 If upgrading from version prior to 3.0.4 the syntax for <TT
138 has changed. See the <A
139 HREF="../user-manual/whatsnew.html"
141 >What's New section</A
149 > But all configuration files have substantially
150 changed from the <SPAN
157 >. The old files, like
161 > will not work at all.
165 HREF="../user-manual/whatsnew.html"
169 page for information on configuration changes that may occur from one release to another.
179 >3.3. What exactly is an <SPAN
185 HREF="../user-manual/actions-file.html"
190 HREF="../user-manual/actions-file.html#ACTIONS"
197 > could take while processing a certain
198 request, are configured. Typically, you would define a set of default actions
199 that apply to all URLs, then add exceptions to these defaults where needed.
200 There is a wide array of actions available that give the user a high degree
201 of control and flexibility on how to process each and every web page.</P
203 > Actions can be defined on a <A
204 HREF="../user-manual/actions-file.html#AF-PATTERNS"
208 for single URLs, whole web sites, groups or parts thereof etc. Actions can also be
209 grouped together and then applied to requests matching one or more patterns.
210 There are many possible actions that might apply to any given site. As an example,
211 if you are blocking <A
212 HREF="http://en.wikipedia.org/wiki/Browser_cookie"
216 as one of your default actions, but need to accept cookies from a given site,
217 you would need to define an exception for this site in one of your actions
218 files, preferably in <TT
233 > concept confuses me. Please list
239 > For a comprehensive discussion of the actions concept, please refer
241 HREF="../user-manual/actions-file.html"
246 HREF="../user-manual/index.html"
251 HREF="../user-manual/actions-file.html#ACTIONS"
253 >list of all actions</A
256 HREF="../user-manual/actions-file.html#ACT-EXAMPLES"
260 > to get you started.</P
269 >3.5. How are actions files configured? What is the easiest
272 > Actions files are just text files in a special syntax and can be edited
273 with a text editor. But probably the easiest way is to access
277 >'s user interface with your web browser
279 HREF="http://config.privoxy.org/"
281 >http://config.privoxy.org/</A
291 HREF="http://config.privoxy.org/show-status"
294 change the current configuration</A
305 >3.6. There are several different <SPAN
314 > v2.9.15, three actions files
315 are being included, to be used for
316 different purposes: These are
324 which is actively maintained by the <SPAN
331 >, where users are encouraged
332 to make their private customizations, and <TT
336 which is for internal <SPAN
341 HREF="../user-manual/actions-file.html"
343 >the actions chapter</A
346 HREF="../user-manual/index.html"
350 detailed explanation.</P
352 > Earlier versions included three different versions of the
356 > file. The new scheme allows for
357 greater flexibility of local configuration, and for browser based
358 selection of pre-defined <SPAN
360 >"aggressiveness"</SPAN
370 >3.7. How can I make my Yahoo/Hotmail/Gmail account work?</H3
372 > The default configuration shouldn't impact the usability of any of these services.
373 It will, however, make all <A
374 HREF="http://en.wikipedia.org/wiki/Browser_cookie"
378 temporary, so that your browser will forget your
379 login credentials in between browser sessions. If you would like not to have to log
380 in manually each time you access those websites, simply turn off all cookie handling
384 > file. An example for yahoo might
396 ># Allow all cookies for Yahoo login:
399 HREF="../user-manual/actions-file.html#CRUNCH-INCOMING-COOKIES"
401 >crunch-incoming-cookies</A
403 HREF="../user-manual/actions-file.html#CRUNCH-OUTGOING-COOKIES"
405 >crunch-outgoing-cookies</A
407 HREF="../user-manual/actions-file.html#SESSION-COOKIES-ONLY"
409 >session-cookies-only</A
411 .login.yahoo.com</PRE
418 > These kinds of sites are often quite complex and heavy with
420 HREF="http://en.wikipedia.org/wiki/Javascript"
435 HREF="../user-manual/actions-file.html#ALIASES"
450 ># Gmail is a _fragile_ site:
463 > Be sure to flush your browser's caches whenever making these kinds of
464 changes, just to make sure the changes <SPAN
470 > Make sure the domain, host and path are appropriate as well. Your browser can
471 tell you where you are specifically and you should use that information for
472 your configuration settings. Note that above it is not referenced as
476 >, which is a valid domain name.
486 >3.8. What's the difference between the
501 > is not entirely trivial. To
502 help you get started, we provide you with three different default action
506 > in the web based actions file editor at <A
507 HREF="http://config.privoxy.org/show-status"
509 >http://config.privoxy.org/show-status</A
512 HREF="../user-manual/actions-file.html"
519 > for a list of actions, and how the default
523 > Where the defaults are likely to break some sites, exceptions for
527 > sites are included, but in
528 general, the more aggressive your default settings are, the more exceptions
529 you will have to make later. See the <A
530 HREF="../user-manual/index.html"
537 for a more detailed discussion.</P
539 > It should be noted that the <SPAN
542 > profile (formerly known
545 >"Adventuresome"</SPAN
547 aggressive, and will make use of some of
551 > advanced features. Use at your own risk!</P
560 >3.9. Why can I change the configuration
561 with a browser? Does that not raise security issues?</H3
563 > It may seem strange that regular users can edit the config files with their
564 browsers, although the whole <TT
568 belongs to the user <SPAN
571 >, with only 644 permissions.
574 > When you use the browser-based editor, <SPAN
578 itself is writing to the config files. Because
582 > is running as the user <SPAN
586 it can update the config files.
592 > for multiple untrusted users (e.g. in
593 a LAN), you will probably want to turn the web-based editor and remote toggle
594 features off by setting <SPAN
599 HREF="../user-manual/config.html#ENABLE-EDIT-ACTIONS"
601 >enable-edit-actions</A
610 HREF="../user-manual/config.html#ENABLE-REMOTE-TOGGLE"
612 >enable-remote-toggle</A
617 HREF="../user-manual/config.html"
619 >main configuration file</A
623 > Note that in the default configuration, only local users (i.e. those on
627 >) can connect to <SPAN
631 so this is not (normally) a security problem.
641 >3.10. What is the <TT
644 > file? What is a <SPAN
650 HREF="../user-manual/filter-file.html"
663 > as supplied by the developers are defined.
664 Filters are a special subset of actions that can be used to modify or
665 remove, web page content on the fly. Filters apply to <SPAN
672 in the page source (and optionally both client and server headers), including
673 HTML tags, and JavaScript. Regular expressions are used to accomplish this.
674 There are a number of pre-defined filters to deal with common annoyances. The
675 filters are only defined here, to invoke them, you need to use the
677 HREF="../user-manual/actions-file.html#FILTER"
684 > in one of the actions files. Filtering is automatically
685 disabled for inappropriate MIME types.</P
687 > If you are familiar with regular expressions, and HTML, you can look at
691 > with a text editor and define
692 your own filters. This is potentially a very powerful feature, but
693 requires some expertise in both regular expressions and HTML/HTTP.
695 place any modifications to the default filters, or any new ones you create
696 in a separate file, such as <TT
700 be overwritten during upgrades.
701 The ability to define multiple filter files
705 > is a new feature as of v. 3.0.5.</P
707 > There is no GUI editor option for this part of the configuration,
708 but you can disable/enable the various pre-defined filters of the included
713 HREF="http://config.privoxy.org/show-status"
715 >web-based actions file editor</A
725 >3.11. How can I set up Privoxy to act as a proxy for my
731 > only responds to requests
735 > (localhost). To have it act as a server for
736 a network, this needs to be changed in the <A
737 HREF="../user-manual/config.html"
739 >main configuration file</A
744 HREF="../user-manual/config.html#LISTEN-ADDRESS"
749 option, which may be commented out with a <SPAN
753 it is uncommented, and assign it the address of the LAN gateway interface,
754 and port number to use. Assuming your LAN address is 192.168.1.1 and you
758 > on port 8118, this line
769 > listen-address 192.168.1.1:8118</PRE
775 > Save the file, and restart <SPAN
779 all browsers on the network then to use this address and port number.</P
781 > Alternately, you can have <SPAN
785 all available interfaces:</P
795 > listen-address :8118</PRE
806 HREF="../user-manual/config.html#PERMIT-ACCESS"
810 feature to limit connections. A firewall in this situation is recommended
813 > The above steps should be the same for any TCP network, regardless of
819 > on a LAN with untrusted users,
820 we recommend that you double-check the <A
821 HREF="../user-manual/config.html#ACCESS-CONTROL"
823 >access control and security</A
834 >3.12. Instead of ads, now I get a checkerboard pattern. I don't want to see anything.</H3
836 > The replacement for blocked images can be controlled with the <A
837 HREF="../user-manual/actions-file.html#SET-IMAGE-BLOCKER"
841 >set-image-blocker</TT
844 >. You have the choice of a checkerboard pattern, a transparent 1x1 GIF
848 >), or a redirect to a custom image of your choice.
849 Note that this choice only has effect for images which are blocked as images, i.e.
850 whose URLs match both a <TT
853 HREF="../user-manual/actions-file.html#HANDLE-AS-IMAGE"
867 HREF="../user-manual/actions-file.html#BLOCK"
873 > If you want to see nothing, then change the <A
874 HREF="../user-manual/actions-file.html#SET-IMAGE-BLOCKER"
878 >set-image-blocker</TT
884 >. This can be done by editing the
888 > file, or trough the <A
889 HREF="http://config.privoxy.org/show-status"
891 >web-based actions file editor</A
901 >3.13. Why would anybody want to see a checkerboard pattern?</H3
904 HREF="general.html#WHATSANAD"
905 >telling which image is an ad and which
907 >, is mostly guesswork. While we hope that the standard configuration
908 is rather smart, it can and will make errors. The checkerboard image is visually
909 decent, but it shows you that and where images were blocked, which can be very
910 helpful in case some navigation aid or otherwise innocent image was
911 erroneously blocked. Some people might also enjoy seeing how many banners
927 >3.14. I see some images being replaced by a text
928 instead of the checkerboard image. Why and how do I get rid of this?</H3
930 > This happens when the banners are not embedded in the HTML code of the
931 page itself, but in separate HTML (sub)documents that are loaded into (i)frames
932 or (i)layers, and these external HTML documents are blocked. Being non-images
933 they get replaced by a substitute HTML page rather than a substitute image,
934 which wouldn't work out technically, since the browser expects and accepts
935 only HTML when it has requested an HTML document. </P
937 > The substitute page adapts to the available space and shows itself as a
938 miniature two-liner if loaded into small frames, or full-blown with a
939 large red "BLOCKED" banner if space allows.</P
941 > If you prefer the banners to be blocked by images, you must see to it that
942 the HTML documents in which they are embedded are not blocked. Clicking
946 > link offered in the substitute page will show
947 you which rule blocked the page. After changing the rule and un-blocking
948 the HTML documents, the browser will try to load the actual banner images
949 and the usual image blocking will (hopefully!) kick in.</P
958 >3.15. Can Privoxy run as a service
961 > Yes. Version 3.0.5 introduces full <SPAN
965 functionality. See <A
966 HREF="../user-manual/installation.html#installation-pack-win"
969 > for details on how to install and configure
975 > Earlier 3.x versions could run as a system service using <B
979 See the discussion at <A
980 HREF="http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118"
982 >http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118</A
984 for details, and a sample configuration.</P
993 >3.16. How can I make Privoxy work with other
994 proxies like Squid or Tor?</H3
996 > This can be done and is often useful to combine the benefits of
1000 > with those of a another proxy.
1002 HREF="../user-manual/config.html#FORWARDING"
1004 >forwarding chapter</A
1007 HREF="../user-manual/index.html"
1011 describes how to do this, and the <A
1012 HREF="misc.html#TOR"
1013 > How do I use Privoxy together with
1024 >3.17. Can I just set Privoxy to use port 80
1025 and thus avoid individual browser configuration?</H3
1027 > No, its more complicated than that. This only works with special kinds
1028 of proxies known as <SPAN
1030 >"transparent"</SPAN
1031 > proxies (see below).</P
1040 >3.18. Can Privoxy run as a <SPAN
1042 >"transparent"</SPAN
1048 > currently does not have this ability,
1049 though it may be added in a future release. Transparent proxies require
1050 special handling of the request headers beyond what
1054 > is now capable of.</P
1059 > behind another proxy that has
1060 this ability should work though.
1062 HREF="../user-manual/config.html#FORWARDING"
1064 >forwarding chapter</A
1067 HREF="../user-manual/index.html"
1071 a transparent proxy to be used for chaining we recommend Transproxy
1073 HREF="http://transproxy.sourceforge.net/"
1075 >http://transproxy.sourceforge.net/</A
1085 >3.19. How can I configure Privoxy for use with Outlook
1090 >Outlook Express</SPAN
1093 >Internet Explorer</SPAN
1095 components to both render HTML, and fetch any HTTP requests that may be embedded in an HTML email.
1096 So however you have <SPAN
1099 > configured to work
1100 with IE, this configuration should automatically be shared.</P
1109 >3.20. How can I have separate rules just for HTML mail?</H3
1111 > The short answer is, you can't. <SPAN
1115 of knowing which particular application makes a request, so there is no way to
1116 distinguish between web pages and HTML mail.
1120 > just blindly proxies all requests. In the
1123 >Outlook Express</SPAN
1124 > (see above), OE uses
1125 IE anyway, and there is no way for <SPAN
1129 be able to distinguish between them (nor could any other proxy type application for
1132 > For a good discussion of some of the issues involved (including privacy and
1133 security issues), see
1135 HREF="http://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118"
1137 >http://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118</A
1145 NAME="SNEAKY-COOKIES"
1147 >3.21. I sometimes notice cookies sneaking through. How?</H3
1150 HREF="http://en.wikipedia.org/wiki/Browser_cookie"
1154 set in several ways. The classic method is via the
1158 > HTTP header. This is straightforward, and an
1159 easy one to manipulate, such as the <SPAN
1164 HREF="../user-manual/actions-file.html#SESSION-COOKIES-ONLY"
1166 >session-cookies-only</A
1168 There is also the possibility of using
1170 HREF="http://en.wikipedia.org/wiki/Javascript"
1179 >content-cookies</TT
1181 is trickier because the syntax can vary widely, and thus requires a certain
1182 amount of guesswork. It is not realistic to catch all of these short of
1183 disabling Javascript, which would break many sites. And lastly, if the
1184 cookies are embedded in a HTTPS/SSL secure session via Javascript, they are beyond
1193 > can help manage cookies in general, can help minimize
1194 the loss of privacy posed by cookies, but can't realistically stop all
1204 >3.22. Are all cookies bad? Why?</H3
1206 > No, in fact there are many beneficial uses of
1208 HREF="http://en.wikipedia.org/wiki/Browser_cookie"
1211 >. Cookies are just a
1212 method that browsers can use to store data between pages, or between browser
1213 sessions. Sometimes there is a good reason for this, and the user's life is a
1214 bit easier as a result. But there is a long history of some websites taking
1215 advantage of this layer of trust, and using the data they glean from you and
1216 your browsing habits for their own purposes, and maybe to your potential
1217 detriment. Such sites are using you and storing their data on your system.
1218 That is why the security conscious watch from whom those cookies come, and why
1229 HREF="http://en.wikipedia.org/wiki/Browser_cookie"
1240 NAME="ALLOW-COOKIES"
1242 >3.23. How can I allow permanent cookies for my trusted sites?</H3
1244 > There are several actions that relate to cookies. The default behavior is to
1247 >"session cookies"</SPAN
1248 >, which means the cookies only last
1249 for the current browser session. This eliminates most kinds of abuse related
1250 to cookies. But there may be cases where we want cookies to last.</P
1252 > To disable all cookie actions, so that cookies are allowed unrestricted,
1253 both in and out, for <TT
1266 > { -crunch-incoming-cookies -crunch-outgoing-cookies -session-cookies-only -filter{content-cookies} }
1273 > Place the above in <TT
1276 >. Note some of these may
1277 be off by default anyway, so this might be redundant, but there is no harm
1278 being explicit in what you want to happen. <TT
1282 includes an alias for this situation, called
1285 >allow-all-cookies</TT
1295 >3.24. Can I have separate configurations for different users?</H3
1297 > Each instance of <SPAN
1301 configuration, including such attributes as the TCP port that it listens on.
1302 What you can do is run multiple instances of <SPAN
1309 > and configuration path, and then
1310 each of these can have their own configurations. Think of it as per-port
1314 Simple enough for a few users, but for large installations, consider having
1315 groups of users that might share like configurations.</P
1324 >3.25. Can I set-up Privoxy as a whitelist of
1330 > Sure. There are a couple of things you can do for simple whitelisting.
1331 Here's one real easy one:</P
1340 > ############################################################
1342 ############################################################
1344 HREF="../user-manual/actions-file.html#BLOCK"
1348 / # Block *all* URLs
1350 ############################################################
1352 ############################################################
1354 HREF="../user-manual/actions-file.html#BLOCK"
1360 games.example.com</PRE
1365 > This allows access to only those three sites.</P
1367 > A more interesting approach is <SPAN
1374 > concept, which incorporates the notion of
1377 >"trusted referrers"</SPAN
1379 HREF="../user-manual/config.html#TRUSTFILE"
1381 >User Manual Trust</A
1385 > These are fairly simple approaches and are not completely foolproof. There
1386 are various other configuration options that should be disabled (described
1387 elsewhere here and in <A
1388 HREF="../user-manual/"
1392 so that users can't modify their own configuration and easily circumvent the
1401 SUMMARY="Footer navigation table"
1412 HREF="installation.html"
projects / privoxy.git / blob