3a318b3e13c08552936eb31cc43271b9fea38f78
[privoxy.git] / doc / webserver / user-manual / actions-file.html
1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
2 "http://www.w3.org/TR/html4/loose.dtd">
3
4 <html>
5 <head>
6   <title>Actions Files</title>
7   <meta name="GENERATOR" content=
8   "Modular DocBook HTML Stylesheet Version 1.79">
9   <link rel="HOME" title="Privoxy 3.0.21 User Manual" href="index.html">
10   <link rel="PREVIOUS" title="The Main Configuration File" href=
11   "config.html">
12   <link rel="NEXT" title="Filter Files" href="filter-file.html">
13   <link rel="STYLESHEET" type="text/css" href="../p_doc.css">
14   <meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
15   <link rel="STYLESHEET" type="text/css" href="p_doc.css">
16 </head>
17
18 <body class="SECT1" bgcolor="#EEEEEE" text="#000000" link="#0000FF" vlink=
19 "#840084" alink="#0000FF">
20   <div class="NAVHEADER">
21     <table summary="Header navigation table" width="100%" border="0"
22     cellpadding="0" cellspacing="0">
23       <tr>
24         <th colspan="3" align="center">Privoxy 3.0.21 User Manual</th>
25       </tr>
26
27       <tr>
28         <td width="10%" align="left" valign="bottom"><a href="config.html"
29         accesskey="P">Prev</a></td>
30
31         <td width="80%" align="center" valign="bottom"></td>
32
33         <td width="10%" align="right" valign="bottom"><a href=
34         "filter-file.html" accesskey="N">Next</a></td>
35       </tr>
36     </table>
37     <hr align="left" width="100%">
38   </div>
39
40   <div class="SECT1">
41     <h1 class="SECT1"><a name="ACTIONS-FILE" id="ACTIONS-FILE">8. Actions
42     Files</a></h1>
43
44     <p>The actions files are used to define what <span class=
45     "emphasis"><i class="EMPHASIS">actions</i></span> <span class=
46     "APPLICATION">Privoxy</span> takes for which URLs, and thus determines
47     how ad images, cookies and various other aspects of HTTP content and
48     transactions are handled, and on which sites (or even parts thereof).
49     There are a number of such actions, with a wide range of functionality.
50     Each action does something a little different. These actions give us a
51     veritable arsenal of tools with which to exert our control, preferences
52     and independence. Actions can be combined so that their effects are
53     aggregated when applied against a given set of URLs.</p>
54
55     <p>There are three action files included with <span class=
56     "APPLICATION">Privoxy</span> with differing purposes:</p>
57
58     <ul>
59       <li>
60         <p><tt class="FILENAME">match-all.action</tt> - is used to define
61         which <span class="QUOTE">"actions"</span> relating to
62         banner-blocking, images, pop-ups, content modification, cookie
63         handling etc should be applied by default. It should be the first
64         actions file loaded</p>
65       </li>
66
67       <li>
68         <p><tt class="FILENAME">default.action</tt> - defines many exceptions
69         (both positive and negative) from the default set of actions that's
70         configured in <tt class="FILENAME">match-all.action</tt>. It is a set
71         of rules that should work reasonably well as-is for most users. This
72         file is only supposed to be edited by the developers. It should be
73         the second actions file loaded.</p>
74       </li>
75
76       <li>
77         <p><tt class="FILENAME">user.action</tt> - is intended to be for
78         local site preferences and exceptions. As an example, if your ISP or
79         your bank has specific requirements, and need special handling, this
80         kind of thing should go here. This file will not be upgraded.</p>
81       </li>
82
83       <li>
84         <p><span class="GUIBUTTON">Edit</span> <span class="GUIBUTTON">Set to
85         Cautious</span> <span class="GUIBUTTON">Set to Medium</span>
86         <span class="GUIBUTTON">Set to Advanced</span></p>
87
88         <p>These have increasing levels of aggressiveness <span class=
89         "emphasis"><i class="EMPHASIS">and have no influence on your browsing
90         unless you select them explicitly in the editor</i></span>. A default
91         installation should be pre-set to <tt class="LITERAL">Cautious</tt>.
92         New users should try this for a while before adjusting the settings
93         to more aggressive levels. The more aggressive the settings, then the
94         more likelihood there is of problems such as sites not working as
95         they should.</p>
96
97         <p>The <span class="GUIBUTTON">Edit</span> button allows you to turn
98         each action on/off individually for fine-tuning. The <span class=
99         "GUIBUTTON">Cautious</span> button changes the actions list to
100         low/safe settings which will activate ad blocking and a minimal set
101         of <span class="APPLICATION">Privoxy</span>'s features, and
102         subsequently there will be less of a chance for accidental problems.
103         The <span class="GUIBUTTON">Medium</span> button sets the list to a
104         medium level of other features and a low level set of privacy
105         features. The <span class="GUIBUTTON">Advanced</span> button sets the
106         list to a high level of ad blocking and medium level of privacy. See
107         the chart below. The latter three buttons over-ride any changes via
108         with the <span class="GUIBUTTON">Edit</span> button. More fine-tuning
109         can be done in the lower sections of this internal page.</p>
110
111         <p>While the actions file editor allows to enable these settings in
112         all actions files, they are only supposed to be enabled in the first
113         one to make sure you don't unintentionally overrule earlier
114         rules.</p>
115
116         <p>The default profiles, and their associated actions, as pre-defined
117         in <tt class="FILENAME">default.action</tt> are:</p>
118
119         <div class="TABLE">
120           <a name="AEN2858" id="AEN2858"></a>
121
122           <p><b>Table 1. Default Configurations</b></p>
123
124           <table border="1" frame="border" rules="all" class="CALSTABLE">
125             <col width="1*" title="C1">
126             <col width="1*" title="C2">
127             <col width="1*" title="C3">
128             <col width="1*" title="C4">
129
130             <thead>
131               <tr>
132                 <th>Feature</th>
133
134                 <th>Cautious</th>
135
136                 <th>Medium</th>
137
138                 <th>Advanced</th>
139               </tr>
140             </thead>
141
142             <tbody>
143               <tr>
144                 <td>Ad-blocking Aggressiveness</td>
145
146                 <td>medium</td>
147
148                 <td>high</td>
149
150                 <td>high</td>
151               </tr>
152
153               <tr>
154                 <td>Ad-filtering by size</td>
155
156                 <td>no</td>
157
158                 <td>yes</td>
159
160                 <td>yes</td>
161               </tr>
162
163               <tr>
164                 <td>Ad-filtering by link</td>
165
166                 <td>no</td>
167
168                 <td>no</td>
169
170                 <td>yes</td>
171               </tr>
172
173               <tr>
174                 <td>Pop-up killing</td>
175
176                 <td>blocks only</td>
177
178                 <td>blocks only</td>
179
180                 <td>blocks only</td>
181               </tr>
182
183               <tr>
184                 <td>Privacy Features</td>
185
186                 <td>low</td>
187
188                 <td>medium</td>
189
190                 <td>medium/high</td>
191               </tr>
192
193               <tr>
194                 <td>Cookie handling</td>
195
196                 <td>none</td>
197
198                 <td>session-only</td>
199
200                 <td>kill</td>
201               </tr>
202
203               <tr>
204                 <td>Referer forging</td>
205
206                 <td>no</td>
207
208                 <td>yes</td>
209
210                 <td>yes</td>
211               </tr>
212
213               <tr>
214                 <td>GIF de-animation</td>
215
216                 <td>no</td>
217
218                 <td>yes</td>
219
220                 <td>yes</td>
221               </tr>
222
223               <tr>
224                 <td>Fast redirects</td>
225
226                 <td>no</td>
227
228                 <td>no</td>
229
230                 <td>yes</td>
231               </tr>
232
233               <tr>
234                 <td>HTML taming</td>
235
236                 <td>no</td>
237
238                 <td>no</td>
239
240                 <td>yes</td>
241               </tr>
242
243               <tr>
244                 <td>JavaScript taming</td>
245
246                 <td>no</td>
247
248                 <td>no</td>
249
250                 <td>yes</td>
251               </tr>
252
253               <tr>
254                 <td>Web-bug killing</td>
255
256                 <td>no</td>
257
258                 <td>yes</td>
259
260                 <td>yes</td>
261               </tr>
262
263               <tr>
264                 <td>Image tag reordering</td>
265
266                 <td>no</td>
267
268                 <td>yes</td>
269
270                 <td>yes</td>
271               </tr>
272             </tbody>
273           </table>
274         </div>
275       </li>
276     </ul>
277
278     <p>The list of actions files to be used are defined in the main
279     configuration file, and are processed in the order they are defined (e.g.
280     <tt class="FILENAME">default.action</tt> is typically processed before
281     <tt class="FILENAME">user.action</tt>). The content of these can all be
282     viewed and edited from <a href="http://config.privoxy.org/show-status"
283     target="_top">http://config.privoxy.org/show-status</a>. The over-riding
284     principle when applying actions, is that the last action that matches a
285     given URL wins. The broadest, most general rules go first (defined in
286     <tt class="FILENAME">default.action</tt>), followed by any exceptions
287     (typically also in <tt class="FILENAME">default.action</tt>), which are
288     then followed lastly by any local preferences (typically in <span class=
289     "emphasis"><i class="EMPHASIS">user</i></span><tt class=
290     "FILENAME">.action</tt>). Generally, <tt class=
291     "FILENAME">user.action</tt> has the last word.</p>
292
293     <p>An actions file typically has multiple sections. If you want to use
294     <span class="QUOTE">"aliases"</span> in an actions file, you have to
295     place the (optional) <a href="actions-file.html#ALIASES">alias
296     section</a> at the top of that file. Then comes the default set of rules
297     which will apply universally to all sites and pages (be <span class=
298     "emphasis"><i class="EMPHASIS">very careful</i></span> with using such a
299     universal set in <tt class="FILENAME">user.action</tt> or any other
300     actions file after <tt class="FILENAME">default.action</tt>, because it
301     will override the result from consulting any previous file). And then
302     below that, exceptions to the defined universal policies. You can regard
303     <tt class="FILENAME">user.action</tt> as an appendix to <tt class=
304     "FILENAME">default.action</tt>, with the advantage that it is a separate
305     file, which makes preserving your personal settings across <span class=
306     "APPLICATION">Privoxy</span> upgrades easier.</p>
307
308     <p>Actions can be used to block anything you want, including ads,
309     banners, or just some obnoxious URL whose content you would rather not
310     see. Cookies can be accepted or rejected, or accepted only during the
311     current browser session (i.e. not written to disk), content can be
312     modified, some JavaScripts tamed, user-tracking fooled, and much more.
313     See below for a <a href="actions-file.html#ACTIONS">complete list of
314     actions</a>.</p>
315
316     <div class="SECT2">
317       <h2 class="SECT2"><a name="AEN2957" id="AEN2957">8.1. Finding the Right
318       Mix</a></h2>
319
320       <p>Note that some <a href="actions-file.html#ACTIONS">actions</a>, like
321       cookie suppression or script disabling, may render some sites unusable
322       that rely on these techniques to work properly. Finding the right mix
323       of actions is not always easy and certainly a matter of personal taste.
324       And, things can always change, requiring refinements in the
325       configuration. In general, it can be said that the more <span class=
326       "QUOTE">"aggressive"</span> your default settings (in the top section
327       of the actions file) are, the more exceptions for <span class=
328       "QUOTE">"trusted"</span> sites you will have to make later. If, for
329       example, you want to crunch all cookies per default, you'll have to
330       make exceptions from that rule for sites that you regularly use and
331       that require cookies for actually useful purposes, like maybe your
332       bank, favorite shop, or newspaper.</p>
333
334       <p>We have tried to provide you with reasonable rules to start from in
335       the distribution actions files. But there is no general rule of thumb
336       on these things. There just are too many variables, and sites are
337       constantly changing. Sooner or later you will want to change the rules
338       (and read this chapter again :).</p>
339     </div>
340
341     <div class="SECT2">
342       <h2 class="SECT2"><a name="AEN2964" id="AEN2964">8.2. How to
343       Edit</a></h2>
344
345       <p>The easiest way to edit the actions files is with a browser by using
346       our browser-based editor, which can be reached from <a href=
347       "http://config.privoxy.org/show-status" target=
348       "_top">http://config.privoxy.org/show-status</a>. Note: the config file
349       option <a href=
350       "config.html#ENABLE-EDIT-ACTIONS">enable-edit-actions</a> must be
351       enabled for this to work. The editor allows both fine-grained control
352       over every single feature on a per-URL basis, and easy choosing from
353       wholesale sets of defaults like <span class="QUOTE">"Cautious"</span>,
354       <span class="QUOTE">"Medium"</span> or <span class=
355       "QUOTE">"Advanced"</span>. Warning: the <span class=
356       "QUOTE">"Advanced"</span> setting is more aggressive, and will be more
357       likely to cause problems for some sites. Experienced users only!</p>
358
359       <p>If you prefer plain text editing to GUIs, you can of course also
360       directly edit the the actions files with your favorite text editor.
361       Look at <tt class="FILENAME">default.action</tt> which is richly
362       commented with many good examples.</p>
363     </div>
364
365     <div class="SECT2">
366       <h2 class="SECT2"><a name="ACTIONS-APPLY" id="ACTIONS-APPLY">8.3. How
367       Actions are Applied to Requests</a></h2>
368
369       <p>Actions files are divided into sections. There are special sections,
370       like the <span class="QUOTE">"<a href=
371       "actions-file.html#ALIASES">alias</a>"</span> sections which will be
372       discussed later. For now let's concentrate on regular sections: They
373       have a heading line (often split up to multiple lines for readability)
374       which consist of a list of actions, separated by whitespace and
375       enclosed in curly braces. Below that, there is a list of URL and tag
376       patterns, each on a separate line.</p>
377
378       <p>To determine which actions apply to a request, the URL of the
379       request is compared to all URL patterns in each <span class=
380       "QUOTE">"action file"</span>. Every time it matches, the list of
381       applicable actions for the request is incrementally updated, using the
382       heading of the section in which the pattern is located. The same is
383       done again for tags and tag patterns later on.</p>
384
385       <p>If multiple applying sections set the same action differently, the
386       last match wins. If not, the effects are aggregated. E.g. a URL might
387       match a regular section with a heading line of <tt class="LITERAL">{
388       +<a href="actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a>
389       }</tt>, then later another one with just <tt class="LITERAL">{
390       +<a href="actions-file.html#BLOCK">block</a> }</tt>, resulting in
391       <span class="emphasis"><i class="EMPHASIS">both</i></span> actions to
392       apply. And there may well be cases where you will want to combine
393       actions together. Such a section then might look like:</p>
394
395       <table border="0" bgcolor="#E0E0E0" width="100%">
396         <tr>
397           <td>
398             <pre class="SCREEN">
399   { +<tt class="LITERAL">handle-as-image</tt>  +<tt class=
400 "LITERAL">block{Banner ads.}</tt> }
401   # Block these as if they were images. Send no block page.
402    banners.example.com
403    media.example.com/.*banners
404    .example.com/images/ads/
405 </pre>
406           </td>
407         </tr>
408       </table>
409
410       <p>You can trace this process for URL patterns and any given URL by
411       visiting <a href="http://config.privoxy.org/show-url-info" target=
412       "_top">http://config.privoxy.org/show-url-info</a>.</p>
413
414       <p>Examples and more detail on this is provided in the Appendix,
415       <a href="appendix.html#ACTIONSANAT">Troubleshooting: Anatomy of an
416       Action</a> section.</p>
417     </div>
418
419     <div class="SECT2">
420       <h2 class="SECT2"><a name="AF-PATTERNS" id="AF-PATTERNS">8.4.
421       Patterns</a></h2>
422
423       <p>As mentioned, <span class="APPLICATION">Privoxy</span> uses
424       <span class="QUOTE">"patterns"</span> to determine what <span class=
425       "emphasis"><i class="EMPHASIS">actions</i></span> might apply to which
426       sites and pages your browser attempts to access. These <span class=
427       "QUOTE">"patterns"</span> use wild card type <span class=
428       "emphasis"><i class="EMPHASIS">pattern</i></span> matching to achieve a
429       high degree of flexibility. This allows one expression to be expanded
430       and potentially match against many similar patterns.</p>
431
432       <p>Generally, an URL pattern has the form <tt class=
433       "LITERAL">&lt;domain&gt;&lt;port&gt;/&lt;path&gt;</tt>, where the
434       <tt class="LITERAL">&lt;domain&gt;</tt>, the <tt class=
435       "LITERAL">&lt;port&gt;</tt> and the <tt class=
436       "LITERAL">&lt;path&gt;</tt> are optional. (This is why the special
437       <tt class="LITERAL">/</tt> pattern matches all URLs). Note that the
438       protocol portion of the URL pattern (e.g. <tt class=
439       "LITERAL">http://</tt>) should <span class="emphasis"><i class=
440       "EMPHASIS">not</i></span> be included in the pattern. This is assumed
441       already!</p>
442
443       <p>The pattern matching syntax is different for the domain and path
444       parts of the URL. The domain part uses a simple globbing type matching
445       technique, while the path part uses more flexible <a href=
446       "http://en.wikipedia.org/wiki/Regular_expressions" target=
447       "_top"><span class="QUOTE">"Regular Expressions"</span></a> (POSIX
448       1003.2).</p>
449
450       <p>The port part of a pattern is a decimal port number preceded by a
451       colon (<tt class="LITERAL">:</tt>). If the domain part contains a
452       numerical IPv6 address, it has to be put into angle brackets
453       (<tt class="LITERAL">&lt;</tt>, <tt class="LITERAL">&gt;</tt>).</p>
454
455       <div class="VARIABLELIST">
456         <dl>
457           <dt><tt class="LITERAL">www.example.com/</tt></dt>
458
459           <dd>
460             <p>is a domain-only pattern and will match any request to
461             <tt class="LITERAL">www.example.com</tt>, regardless of which
462             document on that server is requested. So ALL pages in this domain
463             would be covered by the scope of this action. Note that a simple
464             <tt class="LITERAL">example.com</tt> is different and would NOT
465             match.</p>
466           </dd>
467
468           <dt><tt class="LITERAL">www.example.com</tt></dt>
469
470           <dd>
471             <p>means exactly the same. For domain-only patterns, the trailing
472             <tt class="LITERAL">/</tt> may be omitted.</p>
473           </dd>
474
475           <dt><tt class="LITERAL">www.example.com/index.html</tt></dt>
476
477           <dd>
478             <p>matches all the documents on <tt class=
479             "LITERAL">www.example.com</tt> whose name starts with <tt class=
480             "LITERAL">/index.html</tt>.</p>
481           </dd>
482
483           <dt><tt class="LITERAL">www.example.com/index.html$</tt></dt>
484
485           <dd>
486             <p>matches only the single document <tt class=
487             "LITERAL">/index.html</tt> on <tt class=
488             "LITERAL">www.example.com</tt>.</p>
489           </dd>
490
491           <dt><tt class="LITERAL">/index.html$</tt></dt>
492
493           <dd>
494             <p>matches the document <tt class="LITERAL">/index.html</tt>,
495             regardless of the domain, i.e. on <span class=
496             "emphasis"><i class="EMPHASIS">any</i></span> web server
497             anywhere.</p>
498           </dd>
499
500           <dt><tt class="LITERAL">/</tt></dt>
501
502           <dd>
503             <p>Matches any URL because there's no requirement for either the
504             domain or the path to match anything.</p>
505           </dd>
506
507           <dt><tt class="LITERAL">:8000/</tt></dt>
508
509           <dd>
510             <p>Matches any URL pointing to TCP port 8000.</p>
511           </dd>
512
513           <dt><tt class="LITERAL">&lt;2001:db8::1&gt;/</tt></dt>
514
515           <dd>
516             <p>Matches any URL with the host address <tt class=
517             "LITERAL">2001:db8::1</tt>. (Note that the real URL uses plain
518             brackets, not angle brackets.)</p>
519           </dd>
520
521           <dt><tt class="LITERAL">index.html</tt></dt>
522
523           <dd>
524             <p>matches nothing, since it would be interpreted as a domain
525             name and there is no top-level domain called <tt class=
526             "LITERAL">.html</tt>. So its a mistake.</p>
527           </dd>
528         </dl>
529       </div>
530
531       <div class="SECT3">
532         <h3 class="SECT3"><a name="AEN3076" id="AEN3076">8.4.1. The Domain
533         Pattern</a></h3>
534
535         <p>The matching of the domain part offers some flexible options: if
536         the domain starts or ends with a dot, it becomes unanchored at that
537         end. For example:</p>
538
539         <div class="VARIABLELIST">
540           <dl>
541             <dt><tt class="LITERAL">.example.com</tt></dt>
542
543             <dd>
544               <p>matches any domain with first-level domain <tt class=
545               "LITERAL">com</tt> and second-level domain <tt class=
546               "LITERAL">example</tt>. For example <tt class=
547               "LITERAL">www.example.com</tt>, <tt class=
548               "LITERAL">example.com</tt> and <tt class=
549               "LITERAL">foo.bar.baz.example.com</tt>. Note that it wouldn't
550               match if the second-level domain was <tt class=
551               "LITERAL">another-example</tt>.</p>
552             </dd>
553
554             <dt><tt class="LITERAL">www.</tt></dt>
555
556             <dd>
557               <p>matches any domain that <span class="emphasis"><i class=
558               "EMPHASIS">STARTS</i></span> with <tt class="LITERAL">www.</tt>
559               (It also matches the domain <tt class="LITERAL">www</tt> but
560               most of the time that doesn't matter.)</p>
561             </dd>
562
563             <dt><tt class="LITERAL">.example.</tt></dt>
564
565             <dd>
566               <p>matches any domain that <span class="emphasis"><i class=
567               "EMPHASIS">CONTAINS</i></span> <tt class=
568               "LITERAL">.example.</tt>. And, by the way, also included would
569               be any files or documents that exist within that domain since
570               no path limitations are specified. (Correctly speaking: It
571               matches any FQDN that contains <tt class="LITERAL">example</tt>
572               as a domain.) This might be <tt class=
573               "LITERAL">www.example.com</tt>, <tt class=
574               "LITERAL">news.example.de</tt>, or <tt class=
575               "LITERAL">www.example.net/cgi/testing.pl</tt> for instance. All
576               these cases are matched.</p>
577             </dd>
578           </dl>
579         </div>
580
581         <p>Additionally, there are wild-cards that you can use in the domain
582         names themselves. These work similarly to shell globbing type
583         wild-cards: <span class="QUOTE">"*"</span> represents zero or more
584         arbitrary characters (this is equivalent to the <a href=
585         "http://en.wikipedia.org/wiki/Regular_expressions" target=
586         "_top"><span class="QUOTE">"Regular Expression"</span></a> based
587         syntax of <span class="QUOTE">".*"</span>), <span class=
588         "QUOTE">"?"</span> represents any single character (this is
589         equivalent to the regular expression syntax of a simple <span class=
590         "QUOTE">"."</span>), and you can define <span class=
591         "QUOTE">"character classes"</span> in square brackets which is
592         similar to the same regular expression technique. All of this can be
593         freely mixed:</p>
594
595         <div class="VARIABLELIST">
596           <dl>
597             <dt><tt class="LITERAL">ad*.example.com</tt></dt>
598
599             <dd>
600               <p>matches <span class="QUOTE">"adserver.example.com"</span>,
601               <span class="QUOTE">"ads.example.com"</span>, etc but not
602               <span class="QUOTE">"sfads.example.com"</span></p>
603             </dd>
604
605             <dt><tt class="LITERAL">*ad*.example.com</tt></dt>
606
607             <dd>
608               <p>matches all of the above, and then some.</p>
609             </dd>
610
611             <dt><tt class="LITERAL">.?pix.com</tt></dt>
612
613             <dd>
614               <p>matches <tt class="LITERAL">www.ipix.com</tt>, <tt class=
615               "LITERAL">pictures.epix.com</tt>, <tt class=
616               "LITERAL">a.b.c.d.e.upix.com</tt> etc.</p>
617             </dd>
618
619             <dt><tt class="LITERAL">www[1-9a-ez].example.c*</tt></dt>
620
621             <dd>
622               <p>matches <tt class="LITERAL">www1.example.com</tt>,
623               <tt class="LITERAL">www4.example.cc</tt>, <tt class=
624               "LITERAL">wwwd.example.cy</tt>, <tt class=
625               "LITERAL">wwwz.example.com</tt> etc., but <span class=
626               "emphasis"><i class="EMPHASIS">not</i></span> <tt class=
627               "LITERAL">wwww.example.com</tt>.</p>
628             </dd>
629           </dl>
630         </div>
631
632         <p>While flexible, this is not the sophistication of full regular
633         expression based syntax.</p>
634       </div>
635
636       <div class="SECT3">
637         <h3 class="SECT3"><a name="AEN3152" id="AEN3152">8.4.2. The Path
638         Pattern</a></h3>
639
640         <p><span class="APPLICATION">Privoxy</span> uses <span class=
641         "QUOTE">"modern"</span> POSIX 1003.2 <a href=
642         "http://en.wikipedia.org/wiki/Regular_expressions" target=
643         "_top"><span class="QUOTE">"Regular Expressions"</span></a> for
644         matching the path portion (after the slash), and is thus more
645         flexible.</p>
646
647         <p>There is an <a href="appendix.html#REGEX">Appendix</a> with a
648         brief quick-start into regular expressions, you also might want to
649         have a look at your operating system's documentation on regular
650         expressions (try <tt class="LITERAL">man re_format</tt>).</p>
651
652         <p>Note that the path pattern is automatically left-anchored at the
653         <span class="QUOTE">"/"</span>, i.e. it matches as if it would start
654         with a <span class="QUOTE">"^"</span> (regular expression speak for
655         the beginning of a line).</p>
656
657         <p>Please also note that matching in the path is <span class=
658         "emphasis"><i class="EMPHASIS">CASE INSENSITIVE</i></span> by
659         default, but you can switch to case sensitive at any point in the
660         pattern by using the <span class="QUOTE">"(?-i)"</span> switch:
661         <tt class="LITERAL">www.example.com/(?-i)PaTtErN.*</tt> will match
662         only documents whose path starts with <tt class=
663         "LITERAL">PaTtErN</tt> in <span class="emphasis"><i class=
664         "EMPHASIS">exactly</i></span> this capitalization.</p>
665
666         <div class="VARIABLELIST">
667           <dl>
668             <dt><tt class="LITERAL">.example.com/.*</tt></dt>
669
670             <dd>
671               <p>Is equivalent to just <span class=
672               "QUOTE">".example.com"</span>, since any documents within that
673               domain are matched with or without the <span class=
674               "QUOTE">".*"</span> regular expression. This is redundant</p>
675             </dd>
676
677             <dt><tt class="LITERAL">.example.com/.*/index.html$</tt></dt>
678
679             <dd>
680               <p>Will match any page in the domain of <span class=
681               "QUOTE">"example.com"</span> that is named <span class=
682               "QUOTE">"index.html"</span>, and that is part of some path. For
683               example, it matches <span class=
684               "QUOTE">"www.example.com/testing/index.html"</span> but NOT
685               <span class="QUOTE">"www.example.com/index.html"</span> because
686               the regular expression called for at least two <span class=
687               "QUOTE">"/'s"</span>, thus the path requirement. It also would
688               match <span class=
689               "QUOTE">"www.example.com/testing/index_html"</span>, because of
690               the special meta-character <span class="QUOTE">"."</span>.</p>
691             </dd>
692
693             <dt><tt class="LITERAL">.example.com/(.*/)?index\.html$</tt></dt>
694
695             <dd>
696               <p>This regular expression is conditional so it will match any
697               page named <span class="QUOTE">"index.html"</span> regardless
698               of path which in this case can have one or more <span class=
699               "QUOTE">"/'s"</span>. And this one must contain exactly
700               <span class="QUOTE">".html"</span> (but does not have to end
701               with that!).</p>
702             </dd>
703
704             <dt><tt class=
705             "LITERAL">.example.com/(.*/)(ads|banners?|junk)</tt></dt>
706
707             <dd>
708               <p>This regular expression will match any path of <span class=
709               "QUOTE">"example.com"</span> that contains any of the words
710               <span class="QUOTE">"ads"</span>, <span class=
711               "QUOTE">"banner"</span>, <span class="QUOTE">"banners"</span>
712               (because of the <span class="QUOTE">"?"</span>) or <span class=
713               "QUOTE">"junk"</span>. The path does not have to end in these
714               words, just contain them.</p>
715             </dd>
716
717             <dt><tt class=
718             "LITERAL">.example.com/(.*/)(ads|banners?|junk)/.*\.(jpe?g|gif|png)$</tt></dt>
719
720             <dd>
721               <p>This is very much the same as above, except now it must end
722               in either <span class="QUOTE">".jpg"</span>, <span class=
723               "QUOTE">".jpeg"</span>, <span class="QUOTE">".gif"</span> or
724               <span class="QUOTE">".png"</span>. So this one is limited to
725               common image formats.</p>
726             </dd>
727           </dl>
728         </div>
729
730         <p>There are many, many good examples to be found in <tt class=
731         "FILENAME">default.action</tt>, and more tutorials below in <a href=
732         "appendix.html#REGEX">Appendix on regular expressions</a>.</p>
733       </div>
734
735       <div class="SECT3">
736         <h3 class="SECT3"><a name="TAG-PATTERN" id="TAG-PATTERN">8.4.3. The
737         Tag Pattern</a></h3>
738
739         <p>Tag patterns are used to change the applying actions based on the
740         request's tags. Tags can be created with either the <a href=
741         "actions-file.html#CLIENT-HEADER-TAGGER">client-header-tagger</a> or
742         the <a href=
743         "actions-file.html#SERVER-HEADER-TAGGER">server-header-tagger</a>
744         action.</p>
745
746         <p>Tag patterns have to start with <span class="QUOTE">"TAG:"</span>,
747         so <span class="APPLICATION">Privoxy</span> can tell them apart from
748         URL patterns. Everything after the colon including white space, is
749         interpreted as a regular expression with path pattern syntax, except
750         that tag patterns aren't left-anchored automatically (<span class=
751         "APPLICATION">Privoxy</span> doesn't silently add a <span class=
752         "QUOTE">"^"</span>, you have to do it yourself if you need it).</p>
753
754         <p>To match all requests that are tagged with <span class=
755         "QUOTE">"foo"</span> your pattern line should be <span class=
756         "QUOTE">"TAG:^foo$"</span>, <span class="QUOTE">"TAG:foo"</span>
757         would work as well, but it would also match requests whose tags
758         contain <span class="QUOTE">"foo"</span> somewhere. <span class=
759         "QUOTE">"TAG: foo"</span> wouldn't work as it requires white
760         space.</p>
761
762         <p>Sections can contain URL and tag patterns at the same time, but
763         tag patterns are checked after the URL patterns and thus always
764         overrule them, even if they are located before the URL patterns.</p>
765
766         <p>Once a new tag is added, Privoxy checks right away if it's matched
767         by one of the tag patterns and updates the action settings
768         accordingly. As a result tags can be used to activate other tagger
769         actions, as long as these other taggers look for headers that haven't
770         already be parsed.</p>
771
772         <p>For example you could tag client requests which use the <tt class=
773         "LITERAL">POST</tt> method, then use this tag to activate another
774         tagger that adds a tag if cookies are sent, and then use a block
775         action based on the cookie tag. This allows the outcome of one
776         action, to be input into a subsequent action. However if you'd
777         reverse the position of the described taggers, and activated the
778         method tagger based on the cookie tagger, no method tags would be
779         created. The method tagger would look for the request line, but at
780         the time the cookie tag is created, the request line has already been
781         parsed.</p>
782
783         <p>While this is a limitation you should be aware of, this kind of
784         indirection is seldom needed anyway and even the example doesn't make
785         too much sense.</p>
786       </div>
787     </div>
788
789     <div class="SECT2">
790       <h2 class="SECT2"><a name="ACTIONS" id="ACTIONS">8.5. Actions</a></h2>
791
792       <p>All actions are disabled by default, until they are explicitly
793       enabled somewhere in an actions file. Actions are turned on if preceded
794       with a <span class="QUOTE">"+"</span>, and turned off if preceded with
795       a <span class="QUOTE">"-"</span>. So a <tt class="LITERAL">+action</tt>
796       means <span class="QUOTE">"do that action"</span>, e.g. <tt class=
797       "LITERAL">+block</tt> means <span class="QUOTE">"please block URLs that
798       match the following patterns"</span>, and <tt class=
799       "LITERAL">-block</tt> means <span class="QUOTE">"don't block URLs that
800       match the following patterns, even if <tt class="LITERAL">+block</tt>
801       previously applied."</span></p>
802
803       <p>Again, actions are invoked by placing them on a line, enclosed in
804       curly braces and separated by whitespace, like in <tt class=
805       "LITERAL">{+some-action -some-other-action{some-parameter}}</tt>,
806       followed by a list of URL patterns, one per line, to which they apply.
807       Together, the actions line and the following pattern lines make up a
808       section of the actions file.</p>
809
810       <p>Actions fall into three categories:</p>
811
812       <ul>
813         <li>
814           <p>Boolean, i.e the action can only be <span class=
815           "QUOTE">"enabled"</span> or <span class="QUOTE">"disabled"</span>.
816           Syntax:</p>
817
818           <table border="0" bgcolor="#E0E0E0" width="90%">
819             <tr>
820               <td>
821                 <pre class="SCREEN">
822   +<tt class="REPLACEABLE"><i>name</i></tt>        # enable action <tt class=
823 "REPLACEABLE"><i>name</i></tt>
824   -<tt class=
825 "REPLACEABLE"><i>name</i></tt>        # disable action <tt class="REPLACEABLE"><i>name</i></tt>
826 </pre>
827               </td>
828             </tr>
829           </table>
830
831           <p>Example: <tt class="LITERAL">+handle-as-image</tt></p>
832         </li>
833
834         <li>
835           <p>Parameterized, where some value is required in order to enable
836           this type of action. Syntax:</p>
837
838           <table border="0" bgcolor="#E0E0E0" width="90%">
839             <tr>
840               <td>
841                 <pre class="SCREEN">
842   +<tt class="REPLACEABLE"><i>name</i></tt>{<tt class=
843 "REPLACEABLE"><i>param</i></tt>}  # enable action and set parameter to <tt class="REPLACEABLE"><i>param</i></tt>,
844                # overwriting parameter from previous match if necessary
845   -<tt class=
846 "REPLACEABLE"><i>name</i></tt>         # disable action. The parameter can be omitted
847 </pre>
848               </td>
849             </tr>
850           </table>
851
852           <p>Note that if the URL matches multiple positive forms of a
853           parameterized action, the last match wins, i.e. the params from
854           earlier matches are simply ignored.</p>
855
856           <p>Example: <tt class="LITERAL">+hide-user-agent{Mozilla/5.0 (X11;
857           U; FreeBSD i386; en-US; rv:1.8.1.4) Gecko/20070602
858           Firefox/2.0.0.4}</tt></p>
859         </li>
860
861         <li>
862           <p>Multi-value. These look exactly like parameterized actions, but
863           they behave differently: If the action applies multiple times to
864           the same URL, but with different parameters, <span class=
865           "emphasis"><i class="EMPHASIS">all</i></span> the parameters from
866           <span class="emphasis"><i class="EMPHASIS">all</i></span> matches
867           are remembered. This is used for actions that can be executed for
868           the same request repeatedly, like adding multiple headers, or
869           filtering through multiple filters. Syntax:</p>
870
871           <table border="0" bgcolor="#E0E0E0" width="90%">
872             <tr>
873               <td>
874                 <pre class="SCREEN">
875   +<tt class="REPLACEABLE"><i>name</i></tt>{<tt class=
876 "REPLACEABLE"><i>param</i></tt>}   # enable action and add <tt class=
877 "REPLACEABLE"><i>param</i></tt> to the list of parameters
878   -<tt class="REPLACEABLE"><i>name</i></tt>{<tt class=
879 "REPLACEABLE"><i>param</i></tt>}   # remove the parameter <tt class=
880 "REPLACEABLE"><i>param</i></tt> from the list of parameters
881                 # If it was the last one left, disable the action.
882   <tt class=
883 "REPLACEABLE"><i>-name</i></tt>          # disable this action completely and remove all parameters from the list
884 </pre>
885               </td>
886             </tr>
887           </table>
888
889           <p>Examples: <tt class="LITERAL">+add-header{X-Fun-Header: Some
890           text}</tt> and <tt class=
891           "LITERAL">+filter{html-annoyances}</tt></p>
892         </li>
893       </ul>
894
895       <p>If nothing is specified in any actions file, no <span class=
896       "QUOTE">"actions"</span> are taken. So in this case <span class=
897       "APPLICATION">Privoxy</span> would just be a normal, non-blocking,
898       non-filtering proxy. You must specifically enable the privacy and
899       blocking features you need (although the provided default actions files
900       will give a good starting point).</p>
901
902       <p>Later defined action sections always over-ride earlier ones of the
903       same type. So exceptions to any rules you make, should come in the
904       latter part of the file (or in a file that is processed later when
905       using multiple actions files such as <tt class=
906       "FILENAME">user.action</tt>). For multi-valued actions, the actions are
907       applied in the order they are specified. Actions files are processed in
908       the order they are defined in <tt class="FILENAME">config</tt> (the
909       default installation has three actions files). It also quite possible
910       for any given URL to match more than one <span class=
911       "QUOTE">"pattern"</span> (because of wildcards and regular
912       expressions), and thus to trigger more than one set of actions! Last
913       match wins.</p>
914
915       <p>The list of valid <span class="APPLICATION">Privoxy</span> actions
916       are:</p>
917
918       <div class="SECT3">
919         <h4 class="SECT3"><a name="ADD-HEADER" id="ADD-HEADER">8.5.1.
920         add-header</a></h4>
921
922         <div class="VARIABLELIST">
923           <dl>
924             <dt>Typical use:</dt>
925
926             <dd>
927               <p>Confuse log analysis, custom applications</p>
928             </dd>
929
930             <dt>Effect:</dt>
931
932             <dd>
933               <p>Sends a user defined HTTP header to the web server.</p>
934             </dd>
935
936             <dt>Type:</dt>
937
938             <dd>
939               <p>Multi-value.</p>
940             </dd>
941
942             <dt>Parameter:</dt>
943
944             <dd>
945               <p>Any string value is possible. Validity of the defined HTTP
946               headers is not checked. It is recommended that you use the
947               <span class="QUOTE">"<tt class="LITERAL">X-</tt>"</span> prefix
948               for custom headers.</p>
949             </dd>
950
951             <dt>Notes:</dt>
952
953             <dd>
954               <p>This action may be specified multiple times, in order to
955               define multiple headers. This is rarely needed for the typical
956               user. If you don't know what <span class="QUOTE">"HTTP
957               headers"</span> are, you definitely don't need to worry about
958               this one.</p>
959
960               <p>Headers added by this action are not modified by other
961               actions.</p>
962             </dd>
963
964             <dt>Example usage:</dt>
965
966             <dd>
967               <table border="0" bgcolor="#E0E0E0" width="90%">
968                 <tr>
969                   <td>
970                     <pre class="SCREEN">
971 +add-header{X-User-Tracking: sucks}
972 </pre>
973                   </td>
974                 </tr>
975               </table>
976             </dd>
977           </dl>
978         </div>
979       </div>
980
981       <div class="SECT3">
982         <h4 class="SECT3"><a name="BLOCK" id="BLOCK">8.5.2. block</a></h4>
983
984         <div class="VARIABLELIST">
985           <dl>
986             <dt>Typical use:</dt>
987
988             <dd>
989               <p>Block ads or other unwanted content</p>
990             </dd>
991
992             <dt>Effect:</dt>
993
994             <dd>
995               <p>Requests for URLs to which this action applies are blocked,
996               i.e. the requests are trapped by <span class=
997               "APPLICATION">Privoxy</span> and the requested URL is never
998               retrieved, but is answered locally with a substitute page or
999               image, as determined by the <tt class="LITERAL"><a href=
1000               "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt>,
1001               <tt class="LITERAL"><a href=
1002               "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a></tt>,
1003               and <tt class="LITERAL"><a href=
1004               "actions-file.html#HANDLE-AS-EMPTY-DOCUMENT">handle-as-empty-document</a></tt>
1005               actions.</p>
1006             </dd>
1007
1008             <dt>Type:</dt>
1009
1010             <dd>
1011               <p>Parameterized.</p>
1012             </dd>
1013
1014             <dt>Parameter:</dt>
1015
1016             <dd>
1017               <p>A block reason that should be given to the user.</p>
1018             </dd>
1019
1020             <dt>Notes:</dt>
1021
1022             <dd>
1023               <p><span class="APPLICATION">Privoxy</span> sends a special
1024               <span class="QUOTE">"BLOCKED"</span> page for requests to
1025               blocked pages. This page contains the block reason given as
1026               parameter, a link to find out why the block action applies, and
1027               a click-through to the blocked content (the latter only if the
1028               force feature is available and enabled).</p>
1029
1030               <p>A very important exception occurs if <span class=
1031               "emphasis"><i class="EMPHASIS">both</i></span> <tt class=
1032               "LITERAL">block</tt> and <tt class="LITERAL"><a href=
1033               "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt>,
1034               apply to the same request: it will then be replaced by an
1035               image. If <tt class="LITERAL"><a href=
1036               "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a></tt>
1037               (see below) also applies, the type of image will be determined
1038               by its parameter, if not, the standard checkerboard pattern is
1039               sent.</p>
1040
1041               <p>It is important to understand this process, in order to
1042               understand how <span class="APPLICATION">Privoxy</span> deals
1043               with ads and other unwanted content. Blocking is a core
1044               feature, and one upon which various other features depend.</p>
1045
1046               <p>The <tt class="LITERAL"><a href=
1047               "actions-file.html#FILTER">filter</a></tt> action can perform a
1048               very similar task, by <span class="QUOTE">"blocking"</span>
1049               banner images and other content through rewriting the relevant
1050               URLs in the document's HTML source, so they don't get requested
1051               in the first place. Note that this is a totally different
1052               technique, and it's easy to confuse the two.</p>
1053             </dd>
1054
1055             <dt>Example usage (section):</dt>
1056
1057             <dd>
1058               <table border="0" bgcolor="#E0E0E0" width="90%">
1059                 <tr>
1060                   <td>
1061                     <pre class="SCREEN">
1062 {+block{No nasty stuff for you.}}
1063 # Block and replace with "blocked" page
1064  .nasty-stuff.example.com
1065
1066 {+block{Doubleclick banners.} +handle-as-image}
1067 # Block and replace with image
1068  .ad.doubleclick.net
1069  .ads.r.us/banners/
1070
1071 {+block{Layered ads.} +handle-as-empty-document}
1072 # Block and then ignore
1073  adserver.example.net/.*\.js$
1074 </pre>
1075                   </td>
1076                 </tr>
1077               </table>
1078             </dd>
1079           </dl>
1080         </div>
1081       </div>
1082
1083       <div class="SECT3">
1084         <h4 class="SECT3"><a name="CHANGE-X-FORWARDED-FOR" id=
1085         "CHANGE-X-FORWARDED-FOR">8.5.3. change-x-forwarded-for</a></h4>
1086
1087         <div class="VARIABLELIST">
1088           <dl>
1089             <dt>Typical use:</dt>
1090
1091             <dd>
1092               <p>Improve privacy by not forwarding the source of the request
1093               in the HTTP headers.</p>
1094             </dd>
1095
1096             <dt>Effect:</dt>
1097
1098             <dd>
1099               <p>Deletes the <span class="QUOTE">"X-Forwarded-For:"</span>
1100               HTTP header from the client request, or adds a new one.</p>
1101             </dd>
1102
1103             <dt>Type:</dt>
1104
1105             <dd>
1106               <p>Parameterized.</p>
1107             </dd>
1108
1109             <dt>Parameter:</dt>
1110
1111             <dd>
1112               <ul>
1113                 <li>
1114                   <p><span class="QUOTE">"block"</span> to delete the
1115                   header.</p>
1116                 </li>
1117
1118                 <li>
1119                   <p><span class="QUOTE">"add"</span> to create the header
1120                   (or append the client's IP address to an already existing
1121                   one).</p>
1122                 </li>
1123               </ul>
1124             </dd>
1125
1126             <dt>Notes:</dt>
1127
1128             <dd>
1129               <p>It is safe and recommended to use <tt class=
1130               "LITERAL">block</tt>.</p>
1131
1132               <p>Forwarding the source address of the request may make sense
1133               in some multi-user setups but is also a privacy risk.</p>
1134             </dd>
1135
1136             <dt>Example usage:</dt>
1137
1138             <dd>
1139               <table border="0" bgcolor="#E0E0E0" width="90%">
1140                 <tr>
1141                   <td>
1142                     <pre class="SCREEN">
1143 +change-x-forwarded-for{block}
1144 </pre>
1145                   </td>
1146                 </tr>
1147               </table>
1148             </dd>
1149           </dl>
1150         </div>
1151       </div>
1152
1153       <div class="SECT3">
1154         <h4 class="SECT3"><a name="CLIENT-HEADER-FILTER" id=
1155         "CLIENT-HEADER-FILTER">8.5.4. client-header-filter</a></h4>
1156
1157         <div class="VARIABLELIST">
1158           <dl>
1159             <dt>Typical use:</dt>
1160
1161             <dd>
1162               <p>Rewrite or remove single client headers.</p>
1163             </dd>
1164
1165             <dt>Effect:</dt>
1166
1167             <dd>
1168               <p>All client headers to which this action applies are filtered
1169               on-the-fly through the specified regular expression based
1170               substitutions.</p>
1171             </dd>
1172
1173             <dt>Type:</dt>
1174
1175             <dd>
1176               <p>Parameterized.</p>
1177             </dd>
1178
1179             <dt>Parameter:</dt>
1180
1181             <dd>
1182               <p>The name of a client-header filter, as defined in one of the
1183               <a href="filter-file.html">filter files</a>.</p>
1184             </dd>
1185
1186             <dt>Notes:</dt>
1187
1188             <dd>
1189               <p>Client-header filters are applied to each header on its own,
1190               not to all at once. This makes it easier to diagnose problems,
1191               but on the downside you can't write filters that only change
1192               header x if header y's value is z. You can do that by using
1193               tags though.</p>
1194
1195               <p>Client-header filters are executed after the other header
1196               actions have finished and use their output as input.</p>
1197
1198               <p>If the request URI gets changed, <span class=
1199               "APPLICATION">Privoxy</span> will detect that and use the new
1200               one. This can be used to rewrite the request destination behind
1201               the client's back, for example to specify a Tor exit relay for
1202               certain requests.</p>
1203
1204               <p>Please refer to the <a href="filter-file.html">filter file
1205               chapter</a> to learn which client-header filters are available
1206               by default, and how to create your own.</p>
1207             </dd>
1208
1209             <dt>Example usage (section):</dt>
1210
1211             <dd>
1212               <table border="0" bgcolor="#E0E0E0" width="90%">
1213                 <tr>
1214                   <td>
1215                     <pre class="SCREEN">
1216 # Hide Tor exit notation in Host and Referer Headers
1217 {+client-header-filter{hide-tor-exit-notation}}
1218 /
1219
1220 </pre>
1221                   </td>
1222                 </tr>
1223               </table>
1224             </dd>
1225           </dl>
1226         </div>
1227       </div>
1228
1229       <div class="SECT3">
1230         <h4 class="SECT3"><a name="CLIENT-HEADER-TAGGER" id=
1231         "CLIENT-HEADER-TAGGER">8.5.5. client-header-tagger</a></h4>
1232
1233         <div class="VARIABLELIST">
1234           <dl>
1235             <dt>Typical use:</dt>
1236
1237             <dd>
1238               <p>Block requests based on their headers.</p>
1239             </dd>
1240
1241             <dt>Effect:</dt>
1242
1243             <dd>
1244               <p>Client headers to which this action applies are filtered
1245               on-the-fly through the specified regular expression based
1246               substitutions, the result is used as tag.</p>
1247             </dd>
1248
1249             <dt>Type:</dt>
1250
1251             <dd>
1252               <p>Parameterized.</p>
1253             </dd>
1254
1255             <dt>Parameter:</dt>
1256
1257             <dd>
1258               <p>The name of a client-header tagger, as defined in one of the
1259               <a href="filter-file.html">filter files</a>.</p>
1260             </dd>
1261
1262             <dt>Notes:</dt>
1263
1264             <dd>
1265               <p>Client-header taggers are applied to each header on its own,
1266               and as the header isn't modified, each tagger <span class=
1267               "QUOTE">"sees"</span> the original.</p>
1268
1269               <p>Client-header taggers are the first actions that are
1270               executed and their tags can be used to control every other
1271               action.</p>
1272             </dd>
1273
1274             <dt>Example usage (section):</dt>
1275
1276             <dd>
1277               <table border="0" bgcolor="#E0E0E0" width="90%">
1278                 <tr>
1279                   <td>
1280                     <pre class="SCREEN">
1281 # Tag every request with the User-Agent header
1282 {+client-header-tagger{user-agent}}
1283 /
1284
1285 # Tagging itself doesn't change the action
1286 # settings, sections with TAG patterns do:
1287 #
1288 # If it's a download agent, use a different forwarding proxy,
1289 # show the real User-Agent and make sure resume works.
1290 {+forward-override{forward-socks5 10.0.0.2:2222 .} \
1291  -hide-if-modified-since      \
1292  -overwrite-last-modified     \
1293  -hide-user-agent             \
1294  -filter                      \
1295  -deanimate-gifs              \
1296 }
1297 TAG:^User-Agent: NetBSD-ftp/
1298 TAG:^User-Agent: Novell ZYPP Installer
1299 TAG:^User-Agent: RPM APT-HTTP/
1300 TAG:^User-Agent: fetch libfetch/
1301 TAG:^User-Agent: Ubuntu APT-HTTP/
1302 TAG:^User-Agent: MPlayer/
1303
1304 </pre>
1305                   </td>
1306                 </tr>
1307               </table>
1308
1309               <table border="0" bgcolor="#E0E0E0" width="90%">
1310                 <tr>
1311                   <td>
1312                     <pre class="SCREEN">
1313 # Tag all requests with the Range header set
1314 {+client-header-tagger{range-requests}}
1315 /
1316
1317 # Disable filtering for the tagged requests.
1318 #
1319 # With filtering enabled Privoxy would remove the Range headers
1320 # to be able to filter the whole response. The downside is that
1321 # it prevents clients from resuming downloads or skipping over
1322 # parts of multimedia files.
1323 {-filter -deanimate-gifs}
1324 TAG:^RANGE-REQUEST$
1325
1326 </pre>
1327                   </td>
1328                 </tr>
1329               </table>
1330             </dd>
1331           </dl>
1332         </div>
1333       </div>
1334
1335       <div class="SECT3">
1336         <h4 class="SECT3"><a name="CONTENT-TYPE-OVERWRITE" id=
1337         "CONTENT-TYPE-OVERWRITE">8.5.6. content-type-overwrite</a></h4>
1338
1339         <div class="VARIABLELIST">
1340           <dl>
1341             <dt>Typical use:</dt>
1342
1343             <dd>
1344               <p>Stop useless download menus from popping up, or change the
1345               browser's rendering mode</p>
1346             </dd>
1347
1348             <dt>Effect:</dt>
1349
1350             <dd>
1351               <p>Replaces the <span class="QUOTE">"Content-Type:"</span> HTTP
1352               server header.</p>
1353             </dd>
1354
1355             <dt>Type:</dt>
1356
1357             <dd>
1358               <p>Parameterized.</p>
1359             </dd>
1360
1361             <dt>Parameter:</dt>
1362
1363             <dd>
1364               <p>Any string.</p>
1365             </dd>
1366
1367             <dt>Notes:</dt>
1368
1369             <dd>
1370               <p>The <span class="QUOTE">"Content-Type:"</span> HTTP server
1371               header is used by the browser to decide what to do with the
1372               document. The value of this header can cause the browser to
1373               open a download menu instead of displaying the document by
1374               itself, even if the document's format is supported by the
1375               browser.</p>
1376
1377               <p>The declared content type can also affect which rendering
1378               mode the browser chooses. If XHTML is delivered as <span class=
1379               "QUOTE">"text/html"</span>, many browsers treat it as yet
1380               another broken HTML document. If it is send as <span class=
1381               "QUOTE">"application/xml"</span>, browsers with XHTML support
1382               will only display it, if the syntax is correct.</p>
1383
1384               <p>If you see a web site that proudly uses XHTML buttons, but
1385               sets <span class="QUOTE">"Content-Type: text/html"</span>, you
1386               can use <span class="APPLICATION">Privoxy</span> to overwrite
1387               it with <span class="QUOTE">"application/xml"</span> and
1388               validate the web master's claim inside your XHTML-supporting
1389               browser. If the syntax is incorrect, the browser will complain
1390               loudly.</p>
1391
1392               <p>You can also go the opposite direction: if your browser
1393               prints error messages instead of rendering a document falsely
1394               declared as XHTML, you can overwrite the content type with
1395               <span class="QUOTE">"text/html"</span> and have it rendered as
1396               broken HTML document.</p>
1397
1398               <p>By default <tt class="LITERAL">content-type-overwrite</tt>
1399               only replaces <span class="QUOTE">"Content-Type:"</span>
1400               headers that look like some kind of text. If you want to
1401               overwrite it unconditionally, you have to combine it with
1402               <tt class="LITERAL"><a href=
1403               "actions-file.html#FORCE-TEXT-MODE">force-text-mode</a></tt>.
1404               This limitation exists for a reason, think twice before
1405               circumventing it.</p>
1406
1407               <p>Most of the time it's easier to replace this action with a
1408               custom <tt class="LITERAL"><a href=
1409               "actions-file.html#SERVER-HEADER-FILTER">server-header
1410               filter</a></tt>. It allows you to activate it for every
1411               document of a certain site and it will still only replace the
1412               content types you aimed at.</p>
1413
1414               <p>Of course you can apply <tt class=
1415               "LITERAL">content-type-overwrite</tt> to a whole site and then
1416               make URL based exceptions, but it's a lot more work to get the
1417               same precision.</p>
1418             </dd>
1419
1420             <dt>Example usage (sections):</dt>
1421
1422             <dd>
1423               <table border="0" bgcolor="#E0E0E0" width="90%">
1424                 <tr>
1425                   <td>
1426                     <pre class="SCREEN">
1427 # Check if www.example.net/ really uses valid XHTML
1428 { +content-type-overwrite{application/xml} }
1429 www.example.net/
1430
1431 # but leave the content type unmodified if the URL looks like a style sheet
1432 {-content-type-overwrite}
1433 www.example.net/.*\.css$
1434 www.example.net/.*style
1435 </pre>
1436                   </td>
1437                 </tr>
1438               </table>
1439             </dd>
1440           </dl>
1441         </div>
1442       </div>
1443
1444       <div class="SECT3">
1445         <h4 class="SECT3"><a name="CRUNCH-CLIENT-HEADER" id=
1446         "CRUNCH-CLIENT-HEADER">8.5.7. crunch-client-header</a></h4>
1447
1448         <div class="VARIABLELIST">
1449           <dl>
1450             <dt>Typical use:</dt>
1451
1452             <dd>
1453               <p>Remove a client header <span class=
1454               "APPLICATION">Privoxy</span> has no dedicated action for.</p>
1455             </dd>
1456
1457             <dt>Effect:</dt>
1458
1459             <dd>
1460               <p>Deletes every header sent by the client that contains the
1461               string the user supplied as parameter.</p>
1462             </dd>
1463
1464             <dt>Type:</dt>
1465
1466             <dd>
1467               <p>Parameterized.</p>
1468             </dd>
1469
1470             <dt>Parameter:</dt>
1471
1472             <dd>
1473               <p>Any string.</p>
1474             </dd>
1475
1476             <dt>Notes:</dt>
1477
1478             <dd>
1479               <p>This action allows you to block client headers for which no
1480               dedicated <span class="APPLICATION">Privoxy</span> action
1481               exists. <span class="APPLICATION">Privoxy</span> will remove
1482               every client header that contains the string you supplied as
1483               parameter.</p>
1484
1485               <p>Regular expressions are <span class="emphasis"><i class=
1486               "EMPHASIS">not supported</i></span> and you can't use this
1487               action to block different headers in the same request, unless
1488               they contain the same string.</p>
1489
1490               <p><tt class="LITERAL">crunch-client-header</tt> is only meant
1491               for quick tests. If you have to block several different
1492               headers, or only want to modify parts of them, you should use a
1493               <tt class="LITERAL"><a href=
1494               "actions-file.html#CLIENT-HEADER-FILTER">client-header
1495               filter</a></tt>.</p>
1496
1497               <div class="WARNING">
1498                 <table class="WARNING" border="1" width="90%">
1499                   <tr>
1500                     <td align="center"><b>Warning</b></td>
1501                   </tr>
1502
1503                   <tr>
1504                     <td align="left">
1505                       <p>Don't block any header without understanding the
1506                       consequences.</p>
1507                     </td>
1508                   </tr>
1509                 </table>
1510               </div>
1511             </dd>
1512
1513             <dt>Example usage (section):</dt>
1514
1515             <dd>
1516               <table border="0" bgcolor="#E0E0E0" width="90%">
1517                 <tr>
1518                   <td>
1519                     <pre class="SCREEN">
1520 # Block the non-existent "Privacy-Violation:" client header
1521 { +crunch-client-header{Privacy-Violation:} }
1522 /
1523
1524 </pre>
1525                   </td>
1526                 </tr>
1527               </table>
1528             </dd>
1529           </dl>
1530         </div>
1531       </div>
1532
1533       <div class="SECT3">
1534         <h4 class="SECT3"><a name="CRUNCH-IF-NONE-MATCH" id=
1535         "CRUNCH-IF-NONE-MATCH">8.5.8. crunch-if-none-match</a></h4>
1536
1537         <div class="VARIABLELIST">
1538           <dl>
1539             <dt>Typical use:</dt>
1540
1541             <dd>
1542               <p>Prevent yet another way to track the user's steps between
1543               sessions.</p>
1544             </dd>
1545
1546             <dt>Effect:</dt>
1547
1548             <dd>
1549               <p>Deletes the <span class="QUOTE">"If-None-Match:"</span> HTTP
1550               client header.</p>
1551             </dd>
1552
1553             <dt>Type:</dt>
1554
1555             <dd>
1556               <p>Boolean.</p>
1557             </dd>
1558
1559             <dt>Parameter:</dt>
1560
1561             <dd>
1562               <p>N/A</p>
1563             </dd>
1564
1565             <dt>Notes:</dt>
1566
1567             <dd>
1568               <p>Removing the <span class="QUOTE">"If-None-Match:"</span>
1569               HTTP client header is useful for filter testing, where you want
1570               to force a real reload instead of getting status code
1571               <span class="QUOTE">"304"</span> which would cause the browser
1572               to use a cached copy of the page.</p>
1573
1574               <p>It is also useful to make sure the header isn't used as a
1575               cookie replacement (unlikely but possible).</p>
1576
1577               <p>Blocking the <span class="QUOTE">"If-None-Match:"</span>
1578               header shouldn't cause any caching problems, as long as the
1579               <span class="QUOTE">"If-Modified-Since:"</span> header isn't
1580               blocked or missing as well.</p>
1581
1582               <p>It is recommended to use this action together with
1583               <tt class="LITERAL"><a href=
1584               "actions-file.html#HIDE-IF-MODIFIED-SINCE">hide-if-modified-since</a></tt>
1585               and <tt class="LITERAL"><a href=
1586               "actions-file.html#OVERWRITE-LAST-MODIFIED">overwrite-last-modified</a></tt>.</p>
1587             </dd>
1588
1589             <dt>Example usage (section):</dt>
1590
1591             <dd>
1592               <table border="0" bgcolor="#E0E0E0" width="90%">
1593                 <tr>
1594                   <td>
1595                     <pre class="SCREEN">
1596 # Let the browser revalidate cached documents but don't
1597 # allow the server to use the revalidation headers for user tracking.
1598 {+hide-if-modified-since{-60} \
1599  +overwrite-last-modified{randomize} \
1600  +crunch-if-none-match}
1601 /
1602 </pre>
1603                   </td>
1604                 </tr>
1605               </table>
1606             </dd>
1607           </dl>
1608         </div>
1609       </div>
1610
1611       <div class="SECT3">
1612         <h4 class="SECT3"><a name="CRUNCH-INCOMING-COOKIES" id=
1613         "CRUNCH-INCOMING-COOKIES">8.5.9. crunch-incoming-cookies</a></h4>
1614
1615         <div class="VARIABLELIST">
1616           <dl>
1617             <dt>Typical use:</dt>
1618
1619             <dd>
1620               <p>Prevent the web server from setting HTTP cookies on your
1621               system</p>
1622             </dd>
1623
1624             <dt>Effect:</dt>
1625
1626             <dd>
1627               <p>Deletes any <span class="QUOTE">"Set-Cookie:"</span> HTTP
1628               headers from server replies.</p>
1629             </dd>
1630
1631             <dt>Type:</dt>
1632
1633             <dd>
1634               <p>Boolean.</p>
1635             </dd>
1636
1637             <dt>Parameter:</dt>
1638
1639             <dd>
1640               <p>N/A</p>
1641             </dd>
1642
1643             <dt>Notes:</dt>
1644
1645             <dd>
1646               <p>This action is only concerned with <span class=
1647               "emphasis"><i class="EMPHASIS">incoming</i></span> HTTP
1648               cookies. For <span class="emphasis"><i class=
1649               "EMPHASIS">outgoing</i></span> HTTP cookies, use <tt class=
1650               "LITERAL"><a href=
1651               "actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a></tt>.
1652               Use <span class="emphasis"><i class="EMPHASIS">both</i></span>
1653               to disable HTTP cookies completely.</p>
1654
1655               <p>It makes <span class="emphasis"><i class="EMPHASIS">no sense
1656               at all</i></span> to use this action in conjunction with the
1657               <tt class="LITERAL"><a href=
1658               "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a></tt>
1659               action, since it would prevent the session cookies from being
1660               set. See also <tt class="LITERAL"><a href=
1661               "actions-file.html#FILTER-CONTENT-COOKIES">filter-content-cookies</a></tt>.</p>
1662             </dd>
1663
1664             <dt>Example usage:</dt>
1665
1666             <dd>
1667               <table border="0" bgcolor="#E0E0E0" width="90%">
1668                 <tr>
1669                   <td>
1670                     <pre class="SCREEN">
1671 +crunch-incoming-cookies
1672 </pre>
1673                   </td>
1674                 </tr>
1675               </table>
1676             </dd>
1677           </dl>
1678         </div>
1679       </div>
1680
1681       <div class="SECT3">
1682         <h4 class="SECT3"><a name="CRUNCH-SERVER-HEADER" id=
1683         "CRUNCH-SERVER-HEADER">8.5.10. crunch-server-header</a></h4>
1684
1685         <div class="VARIABLELIST">
1686           <dl>
1687             <dt>Typical use:</dt>
1688
1689             <dd>
1690               <p>Remove a server header <span class=
1691               "APPLICATION">Privoxy</span> has no dedicated action for.</p>
1692             </dd>
1693
1694             <dt>Effect:</dt>
1695
1696             <dd>
1697               <p>Deletes every header sent by the server that contains the
1698               string the user supplied as parameter.</p>
1699             </dd>
1700
1701             <dt>Type:</dt>
1702
1703             <dd>
1704               <p>Parameterized.</p>
1705             </dd>
1706
1707             <dt>Parameter:</dt>
1708
1709             <dd>
1710               <p>Any string.</p>
1711             </dd>
1712
1713             <dt>Notes:</dt>
1714
1715             <dd>
1716               <p>This action allows you to block server headers for which no
1717               dedicated <span class="APPLICATION">Privoxy</span> action
1718               exists. <span class="APPLICATION">Privoxy</span> will remove
1719               every server header that contains the string you supplied as
1720               parameter.</p>
1721
1722               <p>Regular expressions are <span class="emphasis"><i class=
1723               "EMPHASIS">not supported</i></span> and you can't use this
1724               action to block different headers in the same request, unless
1725               they contain the same string.</p>
1726
1727               <p><tt class="LITERAL">crunch-server-header</tt> is only meant
1728               for quick tests. If you have to block several different
1729               headers, or only want to modify parts of them, you should use a
1730               custom <tt class="LITERAL"><a href=
1731               "actions-file.html#SERVER-HEADER-FILTER">server-header
1732               filter</a></tt>.</p>
1733
1734               <div class="WARNING">
1735                 <table class="WARNING" border="1" width="90%">
1736                   <tr>
1737                     <td align="center"><b>Warning</b></td>
1738                   </tr>
1739
1740                   <tr>
1741                     <td align="left">
1742                       <p>Don't block any header without understanding the
1743                       consequences.</p>
1744                     </td>
1745                   </tr>
1746                 </table>
1747               </div>
1748             </dd>
1749
1750             <dt>Example usage (section):</dt>
1751
1752             <dd>
1753               <table border="0" bgcolor="#E0E0E0" width="90%">
1754                 <tr>
1755                   <td>
1756                     <pre class="SCREEN">
1757 # Crunch server headers that try to prevent caching
1758 { +crunch-server-header{no-cache} }
1759 /
1760 </pre>
1761                   </td>
1762                 </tr>
1763               </table>
1764             </dd>
1765           </dl>
1766         </div>
1767       </div>
1768
1769       <div class="SECT3">
1770         <h4 class="SECT3"><a name="CRUNCH-OUTGOING-COOKIES" id=
1771         "CRUNCH-OUTGOING-COOKIES">8.5.11. crunch-outgoing-cookies</a></h4>
1772
1773         <div class="VARIABLELIST">
1774           <dl>
1775             <dt>Typical use:</dt>
1776
1777             <dd>
1778               <p>Prevent the web server from reading any HTTP cookies from
1779               your system</p>
1780             </dd>
1781
1782             <dt>Effect:</dt>
1783
1784             <dd>
1785               <p>Deletes any <span class="QUOTE">"Cookie:"</span> HTTP
1786               headers from client requests.</p>
1787             </dd>
1788
1789             <dt>Type:</dt>
1790
1791             <dd>
1792               <p>Boolean.</p>
1793             </dd>
1794
1795             <dt>Parameter:</dt>
1796
1797             <dd>
1798               <p>N/A</p>
1799             </dd>
1800
1801             <dt>Notes:</dt>
1802
1803             <dd>
1804               <p>This action is only concerned with <span class=
1805               "emphasis"><i class="EMPHASIS">outgoing</i></span> HTTP
1806               cookies. For <span class="emphasis"><i class=
1807               "EMPHASIS">incoming</i></span> HTTP cookies, use <tt class=
1808               "LITERAL"><a href=
1809               "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a></tt>.
1810               Use <span class="emphasis"><i class="EMPHASIS">both</i></span>
1811               to disable HTTP cookies completely.</p>
1812
1813               <p>It makes <span class="emphasis"><i class="EMPHASIS">no sense
1814               at all</i></span> to use this action in conjunction with the
1815               <tt class="LITERAL"><a href=
1816               "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a></tt>
1817               action, since it would prevent the session cookies from being
1818               read.</p>
1819             </dd>
1820
1821             <dt>Example usage:</dt>
1822
1823             <dd>
1824               <table border="0" bgcolor="#E0E0E0" width="90%">
1825                 <tr>
1826                   <td>
1827                     <pre class="SCREEN">
1828 +crunch-outgoing-cookies
1829 </pre>
1830                   </td>
1831                 </tr>
1832               </table>
1833             </dd>
1834           </dl>
1835         </div>
1836       </div>
1837
1838       <div class="SECT3">
1839         <h4 class="SECT3"><a name="DEANIMATE-GIFS" id=
1840         "DEANIMATE-GIFS">8.5.12. deanimate-gifs</a></h4>
1841
1842         <div class="VARIABLELIST">
1843           <dl>
1844             <dt>Typical use:</dt>
1845
1846             <dd>
1847               <p>Stop those annoying, distracting animated GIF images.</p>
1848             </dd>
1849
1850             <dt>Effect:</dt>
1851
1852             <dd>
1853               <p>De-animate GIF animations, i.e. reduce them to their first
1854               or last image.</p>
1855             </dd>
1856
1857             <dt>Type:</dt>
1858
1859             <dd>
1860               <p>Parameterized.</p>
1861             </dd>
1862
1863             <dt>Parameter:</dt>
1864
1865             <dd>
1866               <p><span class="QUOTE">"last"</span> or <span class=
1867               "QUOTE">"first"</span></p>
1868             </dd>
1869
1870             <dt>Notes:</dt>
1871
1872             <dd>
1873               <p>This will also shrink the images considerably (in bytes, not
1874               pixels!). If the option <span class="QUOTE">"first"</span> is
1875               given, the first frame of the animation is used as the
1876               replacement. If <span class="QUOTE">"last"</span> is given, the
1877               last frame of the animation is used instead, which probably
1878               makes more sense for most banner animations, but also has the
1879               risk of not showing the entire last frame (if it is only a
1880               delta to an earlier frame).</p>
1881
1882               <p>You can safely use this action with patterns that will also
1883               match non-GIF objects, because no attempt will be made at
1884               anything that doesn't look like a GIF.</p>
1885             </dd>
1886
1887             <dt>Example usage:</dt>
1888
1889             <dd>
1890               <table border="0" bgcolor="#E0E0E0" width="90%">
1891                 <tr>
1892                   <td>
1893                     <pre class="SCREEN">
1894 +deanimate-gifs{last}
1895 </pre>
1896                   </td>
1897                 </tr>
1898               </table>
1899             </dd>
1900           </dl>
1901         </div>
1902       </div>
1903
1904       <div class="SECT3">
1905         <h4 class="SECT3"><a name="DOWNGRADE-HTTP-VERSION" id=
1906         "DOWNGRADE-HTTP-VERSION">8.5.13. downgrade-http-version</a></h4>
1907
1908         <div class="VARIABLELIST">
1909           <dl>
1910             <dt>Typical use:</dt>
1911
1912             <dd>
1913               <p>Work around (very rare) problems with HTTP/1.1</p>
1914             </dd>
1915
1916             <dt>Effect:</dt>
1917
1918             <dd>
1919               <p>Downgrades HTTP/1.1 client requests and server replies to
1920               HTTP/1.0.</p>
1921             </dd>
1922
1923             <dt>Type:</dt>
1924
1925             <dd>
1926               <p>Boolean.</p>
1927             </dd>
1928
1929             <dt>Parameter:</dt>
1930
1931             <dd>
1932               <p>N/A</p>
1933             </dd>
1934
1935             <dt>Notes:</dt>
1936
1937             <dd>
1938               <p>This is a left-over from the time when <span class=
1939               "APPLICATION">Privoxy</span> didn't support important HTTP/1.1
1940               features well. It is left here for the unlikely case that you
1941               experience HTTP/1.1-related problems with some server out
1942               there.</p>
1943
1944               <p>Note that enabling this action is only a workaround. It
1945               should not be enabled for sites that work without it. While it
1946               shouldn't break any pages, it has an (usually negative)
1947               performance impact.</p>
1948
1949               <p>If you come across a site where enabling this action helps,
1950               please report it, so the cause of the problem can be analyzed.
1951               If the problem turns out to be caused by a bug in <span class=
1952               "APPLICATION">Privoxy</span> it should be fixed so the
1953               following release works without the work around.</p>
1954             </dd>
1955
1956             <dt>Example usage (section):</dt>
1957
1958             <dd>
1959               <table border="0" bgcolor="#E0E0E0" width="90%">
1960                 <tr>
1961                   <td>
1962                     <pre class="SCREEN">
1963 {+downgrade-http-version}
1964 problem-host.example.com
1965 </pre>
1966                   </td>
1967                 </tr>
1968               </table>
1969             </dd>
1970           </dl>
1971         </div>
1972       </div>
1973
1974       <div class="SECT3">
1975         <h4 class="SECT3"><a name="FAST-REDIRECTS" id=
1976         "FAST-REDIRECTS">8.5.14. fast-redirects</a></h4>
1977
1978         <div class="VARIABLELIST">
1979           <dl>
1980             <dt>Typical use:</dt>
1981
1982             <dd>
1983               <p>Fool some click-tracking scripts and speed up indirect
1984               links.</p>
1985             </dd>
1986
1987             <dt>Effect:</dt>
1988
1989             <dd>
1990               <p>Detects redirection URLs and redirects the browser without
1991               contacting the redirection server first.</p>
1992             </dd>
1993
1994             <dt>Type:</dt>
1995
1996             <dd>
1997               <p>Parameterized.</p>
1998             </dd>
1999
2000             <dt>Parameter:</dt>
2001
2002             <dd>
2003               <ul>
2004                 <li>
2005                   <p><span class="QUOTE">"simple-check"</span> to just search
2006                   for the string <span class="QUOTE">"http://"</span> to
2007                   detect redirection URLs.</p>
2008                 </li>
2009
2010                 <li>
2011                   <p><span class="QUOTE">"check-decoded-url"</span> to decode
2012                   URLs (if necessary) before searching for redirection
2013                   URLs.</p>
2014                 </li>
2015               </ul>
2016             </dd>
2017
2018             <dt>Notes:</dt>
2019
2020             <dd>
2021               <p>Many sites, like yahoo.com, don't just link to other sites.
2022               Instead, they will link to some script on their own servers,
2023               giving the destination as a parameter, which will then redirect
2024               you to the final target. URLs resulting from this scheme
2025               typically look like: <span class=
2026               "QUOTE">"http://www.example.org/click-tracker.cgi?target=http%3a//www.example.net/"</span>.</p>
2027
2028               <p>Sometimes, there are even multiple consecutive redirects
2029               encoded in the URL. These redirections via scripts make your
2030               web browsing more traceable, since the server from which you
2031               follow such a link can see where you go to. Apart from that,
2032               valuable bandwidth and time is wasted, while your browser asks
2033               the server for one redirect after the other. Plus, it feeds the
2034               advertisers.</p>
2035
2036               <p>This feature is currently not very smart and is scheduled
2037               for improvement. If it is enabled by default, you will have to
2038               create some exceptions to this action. It can lead to failures
2039               in several ways:</p>
2040
2041               <p>Not every URLs with other URLs as parameters is evil. Some
2042               sites offer a real service that requires this information to
2043               work. For example a validation service needs to know, which
2044               document to validate. <tt class="LITERAL">fast-redirects</tt>
2045               assumes that every URL parameter that looks like another URL is
2046               a redirection target, and will always redirect to the last one.
2047               Most of the time the assumption is correct, but if it isn't,
2048               the user gets redirected anyway.</p>
2049
2050               <p>Another failure occurs if the URL contains other parameters
2051               after the URL parameter. The URL: <span class=
2052               "QUOTE">"http://www.example.org/?redirect=http%3a//www.example.net/&amp;foo=bar"</span>.
2053               contains the redirection URL <span class=
2054               "QUOTE">"http://www.example.net/"</span>, followed by another
2055               parameter. <tt class="LITERAL">fast-redirects</tt> doesn't know
2056               that and will cause a redirect to <span class=
2057               "QUOTE">"http://www.example.net/&amp;foo=bar"</span>. Depending
2058               on the target server configuration, the parameter will be
2059               silently ignored or lead to a <span class="QUOTE">"page not
2060               found"</span> error. You can prevent this problem by first
2061               using the <tt class="LITERAL"><a href=
2062               "actions-file.html#REDIRECT">redirect</a></tt> action to remove
2063               the last part of the URL, but it requires a little effort.</p>
2064
2065               <p>To detect a redirection URL, <tt class=
2066               "LITERAL">fast-redirects</tt> only looks for the string
2067               <span class="QUOTE">"http://"</span>, either in plain text
2068               (invalid but often used) or encoded as <span class=
2069               "QUOTE">"http%3a//"</span>. Some sites use their own URL
2070               encoding scheme, encrypt the address of the target server or
2071               replace it with a database id. In theses cases <tt class=
2072               "LITERAL">fast-redirects</tt> is fooled and the request reaches
2073               the redirection server where it probably gets logged.</p>
2074             </dd>
2075
2076             <dt>Example usage:</dt>
2077
2078             <dd>
2079               <table border="0" bgcolor="#E0E0E0" width="90%">
2080                 <tr>
2081                   <td>
2082                     <pre class="SCREEN">
2083  { +fast-redirects{simple-check} }
2084    one.example.com
2085
2086  { +fast-redirects{check-decoded-url} }
2087    another.example.com/testing
2088 </pre>
2089                   </td>
2090                 </tr>
2091               </table>
2092             </dd>
2093           </dl>
2094         </div>
2095       </div>
2096
2097       <div class="SECT3">
2098         <h4 class="SECT3"><a name="FILTER" id="FILTER">8.5.15.
2099         filter</a></h4>
2100
2101         <div class="VARIABLELIST">
2102           <dl>
2103             <dt>Typical use:</dt>
2104
2105             <dd>
2106               <p>Get rid of HTML and JavaScript annoyances, banner
2107               advertisements (by size), do fun text replacements, add
2108               personalized effects, etc.</p>
2109             </dd>
2110
2111             <dt>Effect:</dt>
2112
2113             <dd>
2114               <p>All instances of text-based type, most notably HTML and
2115               JavaScript, to which this action applies, can be filtered
2116               on-the-fly through the specified regular expression based
2117               substitutions. (Note: as of version 3.0.3 plain text documents
2118               are exempted from filtering, because web servers often use the
2119               <tt class="LITERAL">text/plain</tt> MIME type for all files
2120               whose type they don't know.)</p>
2121             </dd>
2122
2123             <dt>Type:</dt>
2124
2125             <dd>
2126               <p>Parameterized.</p>
2127             </dd>
2128
2129             <dt>Parameter:</dt>
2130
2131             <dd>
2132               <p>The name of a content filter, as defined in the <a href=
2133               "filter-file.html">filter file</a>. Filters can be defined in
2134               one or more files as defined by the <tt class=
2135               "LITERAL"><a href="config.html#FILTERFILE">filterfile</a></tt>
2136               option in the <a href="config.html">config file</a>. <tt class=
2137               "FILENAME">default.filter</tt> is the collection of filters
2138               supplied by the developers. Locally defined filters should go
2139               in their own file, such as <tt class=
2140               "FILENAME">user.filter</tt>.</p>
2141
2142               <p>When used in its negative form, and without parameters,
2143               <span class="emphasis"><i class="EMPHASIS">all</i></span>
2144               filtering is completely disabled.</p>
2145             </dd>
2146
2147             <dt>Notes:</dt>
2148
2149             <dd>
2150               <p>For your convenience, there are a number of pre-defined
2151               filters available in the distribution filter file that you can
2152               use. See the examples below for a list.</p>
2153
2154               <p>Filtering requires buffering the page content, which may
2155               appear to slow down page rendering since nothing is displayed
2156               until all content has passed the filters. (The total time until
2157               the page is completely rendered doesn't change much, but it may
2158               be perceived as slower since the page is not incrementally
2159               displayed.) This effect will be more noticeable on slower
2160               connections.</p>
2161
2162               <p><span class="QUOTE">"Rolling your own"</span> filters
2163               requires a knowledge of <a href=
2164               "http://en.wikipedia.org/wiki/Regular_expressions" target=
2165               "_top"><span class="QUOTE">"Regular Expressions"</span></a> and
2166               <a href="http://en.wikipedia.org/wiki/Html" target=
2167               "_top"><span class="QUOTE">"HTML"</span></a>. This is very
2168               powerful feature, and potentially very intrusive. Filters
2169               should be used with caution, and where an equivalent
2170               <span class="QUOTE">"action"</span> is not available.</p>
2171
2172               <p>The amount of data that can be filtered is limited to the
2173               <tt class="LITERAL"><a href=
2174               "config.html#BUFFER-LIMIT">buffer-limit</a></tt> option in the
2175               main <a href="config.html">config file</a>. The default is 4096
2176               KB (4 Megs). Once this limit is exceeded, the buffered data,
2177               and all pending data, is passed through unfiltered.</p>
2178
2179               <p>Inappropriate MIME types, such as zipped files, are not
2180               filtered at all. (Again, only text-based types except plain
2181               text). Encrypted SSL data (from HTTPS servers) cannot be
2182               filtered either, since this would violate the integrity of the
2183               secure transaction. In some situations it might be necessary to
2184               protect certain text, like source code, from filtering by
2185               defining appropriate <tt class="LITERAL">-filter</tt>
2186               exceptions.</p>
2187
2188               <p>Compressed content can't be filtered either, but if
2189               <span class="APPLICATION">Privoxy</span> is compiled with zlib
2190               support and a supported compression algorithm is used (gzip or
2191               deflate), <span class="APPLICATION">Privoxy</span> can first
2192               decompress the content and then filter it.</p>
2193
2194               <p>If you use a <span class="APPLICATION">Privoxy</span>
2195               version without zlib support, but want filtering to work on as
2196               much documents as possible, even those that would normally be
2197               sent compressed, you must use the <tt class="LITERAL"><a href=
2198               "actions-file.html#PREVENT-COMPRESSION">prevent-compression</a></tt>
2199               action in conjunction with <tt class="LITERAL">filter</tt>.</p>
2200
2201               <p>Content filtering can achieve some of the same effects as
2202               the <tt class="LITERAL"><a href=
2203               "actions-file.html#BLOCK">block</a></tt> action, i.e. it can be
2204               used to block ads and banners. But the mechanism works quite
2205               differently. One effective use, is to block ad banners based on
2206               their size (see below), since many of these seem to be somewhat
2207               standardized.</p>
2208
2209               <p><a href="contact.html">Feedback</a> with suggestions for new
2210               or improved filters is particularly welcome!</p>
2211
2212               <p>The below list has only the names and a one-line description
2213               of each predefined filter. There are <a href=
2214               "filter-file.html#PREDEFINED-FILTERS">more verbose
2215               explanations</a> of what these filters do in the <a href=
2216               "filter-file.html">filter file chapter</a>.</p>
2217             </dd>
2218
2219             <dt>Example usage (with filters from the distribution <tt class=
2220             "FILENAME">default.filter</tt> file). See <a href=
2221             "filter-file.html#PREDEFINED-FILTERS">the Predefined Filters
2222             section</a> for more explanation on each:</dt>
2223
2224             <dd>
2225               <p><a name="FILTER-JS-ANNOYANCES" id=
2226               "FILTER-JS-ANNOYANCES"></a></p>
2227
2228               <table border="0" bgcolor="#E0E0E0" width="90%">
2229                 <tr>
2230                   <td>
2231                     <pre class="SCREEN">
2232 +filter{js-annoyances}       # Get rid of particularly annoying JavaScript abuse.
2233 </pre>
2234                   </td>
2235                 </tr>
2236               </table>
2237
2238               <p><a name="FILTER-JS-EVENTS" id="FILTER-JS-EVENTS"></a></p>
2239
2240               <table border="0" bgcolor="#E0E0E0" width="90%">
2241                 <tr>
2242                   <td>
2243                     <pre class="SCREEN">
2244 +filter{js-events}           # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).
2245 </pre>
2246                   </td>
2247                 </tr>
2248               </table>
2249
2250               <p><a name="FILTER-HTML-ANNOYANCES" id=
2251               "FILTER-HTML-ANNOYANCES"></a></p>
2252
2253               <table border="0" bgcolor="#E0E0E0" width="90%">
2254                 <tr>
2255                   <td>
2256                     <pre class="SCREEN">
2257 +filter{html-annoyances}     # Get rid of particularly annoying HTML abuse.
2258 </pre>
2259                   </td>
2260                 </tr>
2261               </table>
2262
2263               <p><a name="FILTER-CONTENT-COOKIES" id=
2264               "FILTER-CONTENT-COOKIES"></a></p>
2265
2266               <table border="0" bgcolor="#E0E0E0" width="90%">
2267                 <tr>
2268                   <td>
2269                     <pre class="SCREEN">
2270 +filter{content-cookies}     # Kill cookies that come in the HTML or JS content.
2271 </pre>
2272                   </td>
2273                 </tr>
2274               </table>
2275
2276               <p><a name="FILTER-REFRESH-TAGS" id=
2277               "FILTER-REFRESH-TAGS"></a></p>
2278
2279               <table border="0" bgcolor="#E0E0E0" width="90%">
2280                 <tr>
2281                   <td>
2282                     <pre class="SCREEN">
2283 +filter{refresh-tags}        # Kill automatic refresh tags if refresh time is larger than 9 seconds.
2284 </pre>
2285                   </td>
2286                 </tr>
2287               </table>
2288
2289               <p><a name="FILTER-UNSOLICITED-POPUPS" id=
2290               "FILTER-UNSOLICITED-POPUPS"></a></p>
2291
2292               <table border="0" bgcolor="#E0E0E0" width="90%">
2293                 <tr>
2294                   <td>
2295                     <pre class="SCREEN">
2296 +filter{unsolicited-popups}  # Disable only unsolicited pop-up windows.
2297 </pre>
2298                   </td>
2299                 </tr>
2300               </table>
2301
2302               <p><a name="FILTER-ALL-POPUPS" id="FILTER-ALL-POPUPS"></a></p>
2303
2304               <table border="0" bgcolor="#E0E0E0" width="90%">
2305                 <tr>
2306                   <td>
2307                     <pre class="SCREEN">
2308 +filter{all-popups}          # Kill all popups in JavaScript and HTML.
2309 </pre>
2310                   </td>
2311                 </tr>
2312               </table>
2313
2314               <p><a name="FILTER-IMG-REORDER" id=
2315               "FILTER-IMG-REORDER"></a></p>
2316
2317               <table border="0" bgcolor="#E0E0E0" width="90%">
2318                 <tr>
2319                   <td>
2320                     <pre class="SCREEN">
2321 +filter{img-reorder}         # Reorder attributes in &lt;img&gt; tags to make the banners-by-* filters more effective.
2322 </pre>
2323                   </td>
2324                 </tr>
2325               </table>
2326
2327               <p><a name="FILTER-BANNERS-BY-SIZE" id=
2328               "FILTER-BANNERS-BY-SIZE"></a></p>
2329
2330               <table border="0" bgcolor="#E0E0E0" width="90%">
2331                 <tr>
2332                   <td>
2333                     <pre class="SCREEN">
2334 +filter{banners-by-size}     # Kill banners by size.
2335 </pre>
2336                   </td>
2337                 </tr>
2338               </table>
2339
2340               <p><a name="FILTER-BANNERS-BY-LINK" id=
2341               "FILTER-BANNERS-BY-LINK"></a></p>
2342
2343               <table border="0" bgcolor="#E0E0E0" width="90%">
2344                 <tr>
2345                   <td>
2346                     <pre class="SCREEN">
2347 +filter{banners-by-link}     # Kill banners by their links to known clicktrackers.
2348 </pre>
2349                   </td>
2350                 </tr>
2351               </table>
2352
2353               <p><a name="FILTER-WEBBUGS" id="FILTER-WEBBUGS"></a></p>
2354
2355               <table border="0" bgcolor="#E0E0E0" width="90%">
2356                 <tr>
2357                   <td>
2358                     <pre class="SCREEN">
2359 +filter{webbugs}             # Squish WebBugs (1x1 invisible GIFs used for user tracking).
2360 </pre>
2361                   </td>
2362                 </tr>
2363               </table>
2364
2365               <p><a name="FILTER-TINY-TEXTFORMS" id=
2366               "FILTER-TINY-TEXTFORMS"></a></p>
2367
2368               <table border="0" bgcolor="#E0E0E0" width="90%">
2369                 <tr>
2370                   <td>
2371                     <pre class="SCREEN">
2372 +filter{tiny-textforms}      # Extend those tiny textareas up to 40x80 and kill the hard wrap.
2373 </pre>
2374                   </td>
2375                 </tr>
2376               </table>
2377
2378               <p><a name="FILTER-JUMPING-WINDOWS" id=
2379               "FILTER-JUMPING-WINDOWS"></a></p>
2380
2381               <table border="0" bgcolor="#E0E0E0" width="90%">
2382                 <tr>
2383                   <td>
2384                     <pre class="SCREEN">
2385 +filter{jumping-windows}     # Prevent windows from resizing and moving themselves.
2386 </pre>
2387                   </td>
2388                 </tr>
2389               </table>
2390
2391               <p><a name="FILTER-FRAMESET-BORDERS" id=
2392               "FILTER-FRAMESET-BORDERS"></a></p>
2393
2394               <table border="0" bgcolor="#E0E0E0" width="90%">
2395                 <tr>
2396                   <td>
2397                     <pre class="SCREEN">
2398 +filter{frameset-borders}    # Give frames a border and make them resizable.
2399 </pre>
2400                   </td>
2401                 </tr>
2402               </table>
2403
2404               <p><a name="FILTER-IFRAMES" id="FILTER-IFRAMES"></a></p>
2405
2406               <table border="0" bgcolor="#E0E0E0" width="90%">
2407                 <tr>
2408                   <td>
2409                     <pre class="SCREEN">
2410 +filter{iframes}             # Removes all detected iframes. Should only be enabled for individual sites.
2411 </pre>
2412                   </td>
2413                 </tr>
2414               </table>
2415
2416               <p><a name="FILTER-DEMORONIZER" id=
2417               "FILTER-DEMORONIZER"></a></p>
2418
2419               <table border="0" bgcolor="#E0E0E0" width="90%">
2420                 <tr>
2421                   <td>
2422                     <pre class="SCREEN">
2423 +filter{demoronizer}         # Fix MS's non-standard use of standard charsets.
2424 </pre>
2425                   </td>
2426                 </tr>
2427               </table>
2428
2429               <p><a name="FILTER-SHOCKWAVE-FLASH" id=
2430               "FILTER-SHOCKWAVE-FLASH"></a></p>
2431
2432               <table border="0" bgcolor="#E0E0E0" width="90%">
2433                 <tr>
2434                   <td>
2435                     <pre class="SCREEN">
2436 +filter{shockwave-flash}     # Kill embedded Shockwave Flash objects.
2437 </pre>
2438                   </td>
2439                 </tr>
2440               </table>
2441
2442               <p><a name="FILTER-QUICKTIME-KIOSKMODE" id=
2443               "FILTER-QUICKTIME-KIOSKMODE"></a></p>
2444
2445               <table border="0" bgcolor="#E0E0E0" width="90%">
2446                 <tr>
2447                   <td>
2448                     <pre class="SCREEN">
2449 +filter{quicktime-kioskmode} # Make Quicktime movies saveable.
2450 </pre>
2451                   </td>
2452                 </tr>
2453               </table>
2454
2455               <p><a name="FILTER-FUN" id="FILTER-FUN"></a></p>
2456
2457               <table border="0" bgcolor="#E0E0E0" width="90%">
2458                 <tr>
2459                   <td>
2460                     <pre class="SCREEN">
2461 +filter{fun}                 # Text replacements for subversive browsing fun!
2462 </pre>
2463                   </td>
2464                 </tr>
2465               </table>
2466
2467               <p><a name="FILTER-CRUDE-PARENTAL" id=
2468               "FILTER-CRUDE-PARENTAL"></a></p>
2469
2470               <table border="0" bgcolor="#E0E0E0" width="90%">
2471                 <tr>
2472                   <td>
2473                     <pre class="SCREEN">
2474 +filter{crude-parental}      # Crude parental filtering. Note that this filter doesn't work reliably.
2475 </pre>
2476                   </td>
2477                 </tr>
2478               </table>
2479
2480               <p><a name="FILTER-IE-EXPLOITS" id=
2481               "FILTER-IE-EXPLOITS"></a></p>
2482
2483               <table border="0" bgcolor="#E0E0E0" width="90%">
2484                 <tr>
2485                   <td>
2486                     <pre class="SCREEN">
2487 +filter{ie-exploits}         # Disable some known Internet Explorer bug exploits.
2488 </pre>
2489                   </td>
2490                 </tr>
2491               </table>
2492
2493               <p><a name="FILTER-SITE-SPECIFICS" id=
2494               "FILTER-SITE-SPECIFICS"></a></p>
2495
2496               <table border="0" bgcolor="#E0E0E0" width="90%">
2497                 <tr>
2498                   <td>
2499                     <pre class="SCREEN">
2500 +filter{site-specifics}      # Cure for site-specific problems. Don't apply generally!
2501 </pre>
2502                   </td>
2503                 </tr>
2504               </table>
2505
2506               <p><a name="FILTER-NO-PING" id="FILTER-NO-PING"></a></p>
2507
2508               <table border="0" bgcolor="#E0E0E0" width="90%">
2509                 <tr>
2510                   <td>
2511                     <pre class="SCREEN">
2512 +filter{no-ping}             # Removes non-standard ping attributes in &lt;a&gt; and &lt;area&gt; tags.
2513 </pre>
2514                   </td>
2515                 </tr>
2516               </table>
2517
2518               <p><a name="FILTER-GOOGLE" id="FILTER-GOOGLE"></a></p>
2519
2520               <table border="0" bgcolor="#E0E0E0" width="90%">
2521                 <tr>
2522                   <td>
2523                     <pre class="SCREEN">
2524 +filter{google}              # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.
2525 </pre>
2526                   </td>
2527                 </tr>
2528               </table>
2529
2530               <p><a name="FILTER-YAHOO" id="FILTER-YAHOO"></a></p>
2531
2532               <table border="0" bgcolor="#E0E0E0" width="90%">
2533                 <tr>
2534                   <td>
2535                     <pre class="SCREEN">
2536 +filter{yahoo}               # CSS-based block for Yahoo text ads. Also removes a width limitation.
2537 </pre>
2538                   </td>
2539                 </tr>
2540               </table>
2541
2542               <p><a name="FILTER-MSN" id="FILTER-MSN"></a></p>
2543
2544               <table border="0" bgcolor="#E0E0E0" width="90%">
2545                 <tr>
2546                   <td>
2547                     <pre class="SCREEN">
2548 +filter{msn}                 # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.
2549 </pre>
2550                   </td>
2551                 </tr>
2552               </table>
2553
2554               <p><a name="FILTER-BLOGSPOT" id="FILTER-BLOGSPOT"></a></p>
2555
2556               <table border="0" bgcolor="#E0E0E0" width="90%">
2557                 <tr>
2558                   <td>
2559                     <pre class="SCREEN">
2560 +filter{blogspot}            # Cleans up some Blogspot blogs. Read the fine print before using this.
2561 </pre>
2562                   </td>
2563                 </tr>
2564               </table>
2565             </dd>
2566           </dl>
2567         </div>
2568       </div>
2569
2570       <div class="SECT3">
2571         <h4 class="SECT3"><a name="FORCE-TEXT-MODE" id=
2572         "FORCE-TEXT-MODE">8.5.16. force-text-mode</a></h4>
2573
2574         <div class="VARIABLELIST">
2575           <dl>
2576             <dt>Typical use:</dt>
2577
2578             <dd>
2579               <p>Force <span class="APPLICATION">Privoxy</span> to treat a
2580               document as if it was in some kind of <span class=
2581               "emphasis"><i class="EMPHASIS">text</i></span> format.</p>
2582             </dd>
2583
2584             <dt>Effect:</dt>
2585
2586             <dd>
2587               <p>Declares a document as text, even if the <span class=
2588               "QUOTE">"Content-Type:"</span> isn't detected as such.</p>
2589             </dd>
2590
2591             <dt>Type:</dt>
2592
2593             <dd>
2594               <p>Boolean.</p>
2595             </dd>
2596
2597             <dt>Parameter:</dt>
2598
2599             <dd>
2600               <p>N/A</p>
2601             </dd>
2602
2603             <dt>Notes:</dt>
2604
2605             <dd>
2606               <p>As explained <tt class="LITERAL"><a href=
2607               "actions-file.html#FILTER">above</a></tt>, <span class=
2608               "APPLICATION">Privoxy</span> tries to only filter files that
2609               are in some kind of text format. The same restrictions apply to
2610               <tt class="LITERAL"><a href=
2611               "actions-file.html#CONTENT-TYPE-OVERWRITE">content-type-overwrite</a></tt>.
2612               <tt class="LITERAL">force-text-mode</tt> declares a document as
2613               text, without looking at the <span class=
2614               "QUOTE">"Content-Type:"</span> first.</p>
2615
2616               <div class="WARNING">
2617                 <table class="WARNING" border="1" width="90%">
2618                   <tr>
2619                     <td align="center"><b>Warning</b></td>
2620                   </tr>
2621
2622                   <tr>
2623                     <td align="left">
2624                       <p>Think twice before activating this action. Filtering
2625                       binary data with regular expressions can cause file
2626                       damage.</p>
2627                     </td>
2628                   </tr>
2629                 </table>
2630               </div>
2631             </dd>
2632
2633             <dt>Example usage:</dt>
2634
2635             <dd>
2636               <table border="0" bgcolor="#E0E0E0" width="90%">
2637                 <tr>
2638                   <td>
2639                     <pre class="SCREEN">
2640 +force-text-mode
2641
2642 </pre>
2643                   </td>
2644                 </tr>
2645               </table>
2646             </dd>
2647           </dl>
2648         </div>
2649       </div>
2650
2651       <div class="SECT3">
2652         <h4 class="SECT3"><a name="FORWARD-OVERRIDE" id=
2653         "FORWARD-OVERRIDE">8.5.17. forward-override</a></h4>
2654
2655         <div class="VARIABLELIST">
2656           <dl>
2657             <dt>Typical use:</dt>
2658
2659             <dd>
2660               <p>Change the forwarding settings based on User-Agent or
2661               request origin</p>
2662             </dd>
2663
2664             <dt>Effect:</dt>
2665
2666             <dd>
2667               <p>Overrules the forward directives in the configuration
2668               file.</p>
2669             </dd>
2670
2671             <dt>Type:</dt>
2672
2673             <dd>
2674               <p>Multi-value.</p>
2675             </dd>
2676
2677             <dt>Parameter:</dt>
2678
2679             <dd>
2680               <ul>
2681                 <li>
2682                   <p><span class="QUOTE">"forward ."</span> to use a direct
2683                   connection without any additional proxies.</p>
2684                 </li>
2685
2686                 <li>
2687                   <p><span class="QUOTE">"forward 127.0.0.1:8123"</span> to
2688                   use the HTTP proxy listening at 127.0.0.1 port 8123.</p>
2689                 </li>
2690
2691                 <li>
2692                   <p><span class="QUOTE">"forward-socks4a 127.0.0.1:9050
2693                   ."</span> to use the socks4a proxy listening at 127.0.0.1
2694                   port 9050. Replace <span class=
2695                   "QUOTE">"forward-socks4a"</span> with <span class=
2696                   "QUOTE">"forward-socks4"</span> to use a socks4 connection
2697                   (with local DNS resolution) instead, use <span class=
2698                   "QUOTE">"forward-socks5"</span> for socks5 connections
2699                   (with remote DNS resolution).</p>
2700                 </li>
2701
2702                 <li>
2703                   <p><span class="QUOTE">"forward-socks4a 127.0.0.1:9050
2704                   proxy.example.org:8000"</span> to use the socks4a proxy
2705                   listening at 127.0.0.1 port 9050 to reach the HTTP proxy
2706                   listening at proxy.example.org port 8000. Replace
2707                   <span class="QUOTE">"forward-socks4a"</span> with
2708                   <span class="QUOTE">"forward-socks4"</span> to use a socks4
2709                   connection (with local DNS resolution) instead, use
2710                   <span class="QUOTE">"forward-socks5"</span> for socks5
2711                   connections (with remote DNS resolution).</p>
2712                 </li>
2713               </ul>
2714             </dd>
2715
2716             <dt>Notes:</dt>
2717
2718             <dd>
2719               <p>This action takes parameters similar to the <a href=
2720               "config.html#FORWARDING">forward</a> directives in the
2721               configuration file, but without the URL pattern. It can be used
2722               as replacement, but normally it's only used in cases where
2723               matching based on the request URL isn't sufficient.</p>
2724
2725               <div class="WARNING">
2726                 <table class="WARNING" border="1" width="90%">
2727                   <tr>
2728                     <td align="center"><b>Warning</b></td>
2729                   </tr>
2730
2731                   <tr>
2732                     <td align="left">
2733                       <p>Please read the description for the <a href=
2734                       "config.html#FORWARDING">forward</a> directives before
2735                       using this action. Forwarding to the wrong people will
2736                       reduce your privacy and increase the chances of
2737                       man-in-the-middle attacks.</p>
2738
2739                       <p>If the ports are missing or invalid, default values
2740                       will be used. This might change in the future and you
2741                       shouldn't rely on it. Otherwise incorrect syntax causes
2742                       Privoxy to exit.</p>
2743
2744                       <p>Use the <a href=
2745                       "http://config.privoxy.org/show-url-info" target=
2746                       "_top">show-url-info CGI page</a> to verify that your
2747                       forward settings do what you thought the do.</p>
2748                     </td>
2749                   </tr>
2750                 </table>
2751               </div>
2752             </dd>
2753
2754             <dt>Example usage:</dt>
2755
2756             <dd>
2757               <table border="0" bgcolor="#E0E0E0" width="90%">
2758                 <tr>
2759                   <td>
2760                     <pre class="SCREEN">
2761 # Always use direct connections for requests previously tagged as
2762 # <span class="QUOTE">"User-Agent: fetch libfetch/2.0"</span> and make sure
2763 # resuming downloads continues to work.
2764 # This way you can continue to use Tor for your normal browsing,
2765 # without overloading the Tor network with your FreeBSD ports updates
2766 # or downloads of bigger files like ISOs.
2767 # Note that HTTP headers are easy to fake and therefore their
2768 # values are as (un)trustworthy as your clients and users.
2769 {+forward-override{forward .} \
2770  -hide-if-modified-since      \
2771  -overwrite-last-modified     \
2772 }
2773 TAG:^User-Agent: fetch libfetch/2\.0$
2774
2775 </pre>
2776                   </td>
2777                 </tr>
2778               </table>
2779             </dd>
2780           </dl>
2781         </div>
2782       </div>
2783
2784       <div class="SECT3">
2785         <h4 class="SECT3"><a name="HANDLE-AS-EMPTY-DOCUMENT" id=
2786         "HANDLE-AS-EMPTY-DOCUMENT">8.5.18. handle-as-empty-document</a></h4>
2787
2788         <div class="VARIABLELIST">
2789           <dl>
2790             <dt>Typical use:</dt>
2791
2792             <dd>
2793               <p>Mark URLs that should be replaced by empty documents
2794               <span class="emphasis"><i class="EMPHASIS">if they get
2795               blocked</i></span></p>
2796             </dd>
2797
2798             <dt>Effect:</dt>
2799
2800             <dd>
2801               <p>This action alone doesn't do anything noticeable. It just
2802               marks URLs. If the <tt class="LITERAL"><a href=
2803               "actions-file.html#BLOCK">block</a></tt> action <span class=
2804               "emphasis"><i class="EMPHASIS">also applies</i></span>, the
2805               presence or absence of this mark decides whether an HTML
2806               <span class="QUOTE">"BLOCKED"</span> page, or an empty document
2807               will be sent to the client as a substitute for the blocked
2808               content. The <span class="emphasis"><i class=
2809               "EMPHASIS">empty</i></span> document isn't literally empty, but
2810               actually contains a single space.</p>
2811             </dd>
2812
2813             <dt>Type:</dt>
2814
2815             <dd>
2816               <p>Boolean.</p>
2817             </dd>
2818
2819             <dt>Parameter:</dt>
2820
2821             <dd>
2822               <p>N/A</p>
2823             </dd>
2824
2825             <dt>Notes:</dt>
2826
2827             <dd>
2828               <p>Some browsers complain about syntax errors if JavaScript
2829               documents are blocked with <span class=
2830               "APPLICATION">Privoxy's</span> default HTML page; this option
2831               can be used to silence them. And of course this action can also
2832               be used to eliminate the <span class=
2833               "APPLICATION">Privoxy</span> BLOCKED message in frames.</p>
2834
2835               <p>The content type for the empty document can be specified
2836               with <tt class="LITERAL"><a href=
2837               "actions-file.html#CONTENT-TYPE-OVERWRITE">content-type-overwrite{}</a></tt>,
2838               but usually this isn't necessary.</p>
2839             </dd>
2840
2841             <dt>Example usage:</dt>
2842
2843             <dd>
2844               <table border="0" bgcolor="#E0E0E0" width="90%">
2845                 <tr>
2846                   <td>
2847                     <pre class="SCREEN">
2848 # Block all documents on example.org that end with ".js",
2849 # but send an empty document instead of the usual HTML message.
2850 {+block{Blocked JavaScript} +handle-as-empty-document}
2851 example.org/.*\.js$
2852
2853 </pre>
2854                   </td>
2855                 </tr>
2856               </table>
2857             </dd>
2858           </dl>
2859         </div>
2860       </div>
2861
2862       <div class="SECT3">
2863         <h4 class="SECT3"><a name="HANDLE-AS-IMAGE" id=
2864         "HANDLE-AS-IMAGE">8.5.19. handle-as-image</a></h4>
2865
2866         <div class="VARIABLELIST">
2867           <dl>
2868             <dt>Typical use:</dt>
2869
2870             <dd>
2871               <p>Mark URLs as belonging to images (so they'll be replaced by
2872               images <span class="emphasis"><i class="EMPHASIS">if they do
2873               get blocked</i></span>, rather than HTML pages)</p>
2874             </dd>
2875
2876             <dt>Effect:</dt>
2877
2878             <dd>
2879               <p>This action alone doesn't do anything noticeable. It just
2880               marks URLs as images. If the <tt class="LITERAL"><a href=
2881               "actions-file.html#BLOCK">block</a></tt> action <span class=
2882               "emphasis"><i class="EMPHASIS">also applies</i></span>, the
2883               presence or absence of this mark decides whether an HTML
2884               <span class="QUOTE">"blocked"</span> page, or a replacement
2885               image (as determined by the <tt class="LITERAL"><a href=
2886               "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a></tt>
2887               action) will be sent to the client as a substitute for the
2888               blocked content.</p>
2889             </dd>
2890
2891             <dt>Type:</dt>
2892
2893             <dd>
2894               <p>Boolean.</p>
2895             </dd>
2896
2897             <dt>Parameter:</dt>
2898
2899             <dd>
2900               <p>N/A</p>
2901             </dd>
2902
2903             <dt>Notes:</dt>
2904
2905             <dd>
2906               <p>The below generic example section is actually part of
2907               <tt class="FILENAME">default.action</tt>. It marks all URLs
2908               with well-known image file name extensions as images and should
2909               be left intact.</p>
2910
2911               <p>Users will probably only want to use the handle-as-image
2912               action in conjunction with <tt class="LITERAL"><a href=
2913               "actions-file.html#BLOCK">block</a></tt>, to block sources of
2914               banners, whose URLs don't reflect the file type, like in the
2915               second example section.</p>
2916
2917               <p>Note that you cannot treat HTML pages as images in most
2918               cases. For instance, (in-line) ad frames require an HTML page
2919               to be sent, or they won't display properly. Forcing <tt class=
2920               "LITERAL">handle-as-image</tt> in this situation will not
2921               replace the ad frame with an image, but lead to error
2922               messages.</p>
2923             </dd>
2924
2925             <dt>Example usage (sections):</dt>
2926
2927             <dd>
2928               <table border="0" bgcolor="#E0E0E0" width="90%">
2929                 <tr>
2930                   <td>
2931                     <pre class="SCREEN">
2932 # Generic image extensions:
2933 #
2934 {+handle-as-image}
2935 /.*\.(gif|jpg|jpeg|png|bmp|ico)$
2936
2937 # These don't look like images, but they're banners and should be
2938 # blocked as images:
2939 #
2940 {+block{Nasty banners.} +handle-as-image}
2941 nasty-banner-server.example.com/junk.cgi\?output=trash
2942 </pre>
2943                   </td>
2944                 </tr>
2945               </table>
2946             </dd>
2947           </dl>
2948         </div>
2949       </div>
2950
2951       <div class="SECT3">
2952         <h4 class="SECT3"><a name="HIDE-ACCEPT-LANGUAGE" id=
2953         "HIDE-ACCEPT-LANGUAGE">8.5.20. hide-accept-language</a></h4>
2954
2955         <div class="VARIABLELIST">
2956           <dl>
2957             <dt>Typical use:</dt>
2958
2959             <dd>
2960               <p>Pretend to use different language settings.</p>
2961             </dd>
2962
2963             <dt>Effect:</dt>
2964
2965             <dd>
2966               <p>Deletes or replaces the <span class=
2967               "QUOTE">"Accept-Language:"</span> HTTP header in client
2968               requests.</p>
2969             </dd>
2970
2971             <dt>Type:</dt>
2972
2973             <dd>
2974               <p>Parameterized.</p>
2975             </dd>
2976
2977             <dt>Parameter:</dt>
2978
2979             <dd>
2980               <p>Keyword: <span class="QUOTE">"block"</span>, or any user
2981               defined value.</p>
2982             </dd>
2983
2984             <dt>Notes:</dt>
2985
2986             <dd>
2987               <p>Faking the browser's language settings can be useful to make
2988               a foreign User-Agent set with <tt class="LITERAL"><a href=
2989               "actions-file.html#HIDE-USER-AGENT">hide-user-agent</a></tt>
2990               more believable.</p>
2991
2992               <p>However some sites with content in different languages check
2993               the <span class="QUOTE">"Accept-Language:"</span> to decide
2994               which one to take by default. Sometimes it isn't possible to
2995               later switch to another language without changing the
2996               <span class="QUOTE">"Accept-Language:"</span> header first.</p>
2997
2998               <p>Therefore it's a good idea to either only change the
2999               <span class="QUOTE">"Accept-Language:"</span> header to
3000               languages you understand, or to languages that aren't wide
3001               spread.</p>
3002
3003               <p>Before setting the <span class=
3004               "QUOTE">"Accept-Language:"</span> header to a rare language,
3005               you should consider that it helps to make your requests unique
3006               and thus easier to trace. If you don't plan to change this
3007               header frequently, you should stick to a common language.</p>
3008             </dd>
3009
3010             <dt>Example usage (section):</dt>
3011
3012             <dd>
3013               <table border="0" bgcolor="#E0E0E0" width="90%">
3014                 <tr>
3015                   <td>
3016                     <pre class="SCREEN">
3017 # Pretend to use Canadian language settings.
3018 {+hide-accept-language{en-ca} \
3019 +hide-user-agent{Mozilla/5.0 (X11; U; OpenBSD i386; en-CA; rv:1.8.0.4) Gecko/20060628 Firefox/1.5.0.4} \
3020 }
3021 /
3022 </pre>
3023                   </td>
3024                 </tr>
3025               </table>
3026             </dd>
3027           </dl>
3028         </div>
3029       </div>
3030
3031       <div class="SECT3">
3032         <h4 class="SECT3"><a name="HIDE-CONTENT-DISPOSITION" id=
3033         "HIDE-CONTENT-DISPOSITION">8.5.21. hide-content-disposition</a></h4>
3034
3035         <div class="VARIABLELIST">
3036           <dl>
3037             <dt>Typical use:</dt>
3038
3039             <dd>
3040               <p>Prevent download menus for content you prefer to view inside
3041               the browser.</p>
3042             </dd>
3043
3044             <dt>Effect:</dt>
3045
3046             <dd>
3047               <p>Deletes or replaces the <span class=
3048               "QUOTE">"Content-Disposition:"</span> HTTP header set by some
3049               servers.</p>
3050             </dd>
3051
3052             <dt>Type:</dt>
3053
3054             <dd>
3055               <p>Parameterized.</p>
3056             </dd>
3057
3058             <dt>Parameter:</dt>
3059
3060             <dd>
3061               <p>Keyword: <span class="QUOTE">"block"</span>, or any user
3062               defined value.</p>
3063             </dd>
3064
3065             <dt>Notes:</dt>
3066
3067             <dd>
3068               <p>Some servers set the <span class=
3069               "QUOTE">"Content-Disposition:"</span> HTTP header for documents
3070               they assume you want to save locally before viewing them. The
3071               <span class="QUOTE">"Content-Disposition:"</span> header
3072               contains the file name the browser is supposed to use by
3073               default.</p>
3074
3075               <p>In most browsers that understand this header, it makes it
3076               impossible to <span class="emphasis"><i class="EMPHASIS">just
3077               view</i></span> the document, without downloading it first,
3078               even if it's just a simple text file or an image.</p>
3079
3080               <p>Removing the <span class=
3081               "QUOTE">"Content-Disposition:"</span> header helps to prevent
3082               this annoyance, but some browsers additionally check the
3083               <span class="QUOTE">"Content-Type:"</span> header, before they
3084               decide if they can display a document without saving it first.
3085               In these cases, you have to change this header as well, before
3086               the browser stops displaying download menus.</p>
3087
3088               <p>It is also possible to change the server's file name
3089               suggestion to another one, but in most cases it isn't worth the
3090               time to set it up.</p>
3091
3092               <p>This action will probably be removed in the future, use
3093               server-header filters instead.</p>
3094             </dd>
3095
3096             <dt>Example usage:</dt>
3097
3098             <dd>
3099               <table border="0" bgcolor="#E0E0E0" width="90%">
3100                 <tr>
3101                   <td>
3102                     <pre class="SCREEN">
3103 # Disarm the download link in Sourceforge's patch tracker
3104 { -filter \
3105  +content-type-overwrite{text/plain}\
3106  +hide-content-disposition{block} }
3107  .sourceforge.net/tracker/download\.php
3108 </pre>
3109                   </td>
3110                 </tr>
3111               </table>
3112             </dd>
3113           </dl>
3114         </div>
3115       </div>
3116
3117       <div class="SECT3">
3118         <h4 class="SECT3"><a name="HIDE-IF-MODIFIED-SINCE" id=
3119         "HIDE-IF-MODIFIED-SINCE">8.5.22. hide-if-modified-since</a></h4>
3120
3121         <div class="VARIABLELIST">
3122           <dl>
3123             <dt>Typical use:</dt>
3124
3125             <dd>
3126               <p>Prevent yet another way to track the user's steps between
3127               sessions.</p>
3128             </dd>
3129
3130             <dt>Effect:</dt>
3131
3132             <dd>
3133               <p>Deletes the <span class="QUOTE">"If-Modified-Since:"</span>
3134               HTTP client header or modifies its value.</p>
3135             </dd>
3136
3137             <dt>Type:</dt>
3138
3139             <dd>
3140               <p>Parameterized.</p>
3141             </dd>
3142
3143             <dt>Parameter:</dt>
3144
3145             <dd>
3146               <p>Keyword: <span class="QUOTE">"block"</span>, or a user
3147               defined value that specifies a range of hours.</p>
3148             </dd>
3149
3150             <dt>Notes:</dt>
3151
3152             <dd>
3153               <p>Removing this header is useful for filter testing, where you
3154               want to force a real reload instead of getting status code
3155               <span class="QUOTE">"304"</span>, which would cause the browser
3156               to use a cached copy of the page.</p>
3157
3158               <p>Instead of removing the header, <tt class=
3159               "LITERAL">hide-if-modified-since</tt> can also add or subtract
3160               a random amount of time to/from the header's value. You specify
3161               a range of minutes where the random factor should be chosen
3162               from and <span class="APPLICATION">Privoxy</span> does the
3163               rest. A negative value means subtracting, a positive value
3164               adding.</p>
3165
3166               <p>Randomizing the value of the <span class=
3167               "QUOTE">"If-Modified-Since:"</span> makes it less likely that
3168               the server can use the time as a cookie replacement, but you
3169               will run into caching problems if the random range is too
3170               high.</p>
3171
3172               <p>It is a good idea to only use a small negative value and let
3173               <tt class="LITERAL"><a href=
3174               "actions-file.html#OVERWRITE-LAST-MODIFIED">overwrite-last-modified</a></tt>
3175               handle the greater changes.</p>
3176
3177               <p>It is also recommended to use this action together with
3178               <tt class="LITERAL"><a href=
3179               "actions-file.html#CRUNCH-IF-NONE-MATCH">crunch-if-none-match</a></tt>,
3180               otherwise it's more or less pointless.</p>
3181             </dd>
3182
3183             <dt>Example usage (section):</dt>
3184
3185             <dd>
3186               <table border="0" bgcolor="#E0E0E0" width="90%">
3187                 <tr>
3188                   <td>
3189                     <pre class="SCREEN">
3190 # Let the browser revalidate but make tracking based on the time less likely.
3191 {+hide-if-modified-since{-60} \
3192  +overwrite-last-modified{randomize} \
3193  +crunch-if-none-match}
3194 /
3195 </pre>
3196                   </td>
3197                 </tr>
3198               </table>
3199             </dd>
3200           </dl>
3201         </div>
3202       </div>
3203
3204       <div class="SECT3">
3205         <h4 class="SECT3"><a name="HIDE-FROM-HEADER" id=
3206         "HIDE-FROM-HEADER">8.5.23. hide-from-header</a></h4>
3207
3208         <div class="VARIABLELIST">
3209           <dl>
3210             <dt>Typical use:</dt>
3211
3212             <dd>
3213               <p>Keep your (old and ill) browser from telling web servers
3214               your email address</p>
3215             </dd>
3216
3217             <dt>Effect:</dt>
3218
3219             <dd>
3220               <p>Deletes any existing <span class="QUOTE">"From:"</span> HTTP
3221               header, or replaces it with the specified string.</p>
3222             </dd>
3223
3224             <dt>Type:</dt>
3225
3226             <dd>
3227               <p>Parameterized.</p>
3228             </dd>
3229
3230             <dt>Parameter:</dt>
3231
3232             <dd>
3233               <p>Keyword: <span class="QUOTE">"block"</span>, or any user
3234               defined value.</p>
3235             </dd>
3236
3237             <dt>Notes:</dt>
3238
3239             <dd>
3240               <p>The keyword <span class="QUOTE">"block"</span> will
3241               completely remove the header (not to be confused with the
3242               <tt class="LITERAL"><a href=
3243               "actions-file.html#BLOCK">block</a></tt> action).</p>
3244
3245               <p>Alternately, you can specify any value you prefer to be sent
3246               to the web server. If you do, it is a matter of fairness not to
3247               use any address that is actually used by a real person.</p>
3248
3249               <p>This action is rarely needed, as modern web browsers don't
3250               send <span class="QUOTE">"From:"</span> headers anymore.</p>
3251             </dd>
3252
3253             <dt>Example usage:</dt>
3254
3255             <dd>
3256               <table border="0" bgcolor="#E0E0E0" width="90%">
3257                 <tr>
3258                   <td>
3259                     <pre class="SCREEN">
3260 +hide-from-header{block}
3261 </pre>
3262                   </td>
3263                 </tr>
3264               </table>or
3265
3266               <table border="0" bgcolor="#E0E0E0" width="90%">
3267                 <tr>
3268                   <td>
3269                     <pre class="SCREEN">
3270 +hide-from-header{spam-me-senseless@sittingduck.example.com}
3271 </pre>
3272                   </td>
3273                 </tr>
3274               </table>
3275             </dd>
3276           </dl>
3277         </div>
3278       </div>
3279
3280       <div class="SECT3">
3281         <h4 class="SECT3"><a name="HIDE-REFERRER" id="HIDE-REFERRER">8.5.24.
3282         hide-referrer</a></h4><a name="HIDE-REFERER" id="HIDE-REFERER"></a>
3283
3284         <div class="VARIABLELIST">
3285           <dl>
3286             <dt>Typical use:</dt>
3287
3288             <dd>
3289               <p>Conceal which link you followed to get to a particular
3290               site</p>
3291             </dd>
3292
3293             <dt>Effect:</dt>
3294
3295             <dd>
3296               <p>Deletes the <span class="QUOTE">"Referer:"</span> (sic) HTTP
3297               header from the client request, or replaces it with a forged
3298               one.</p>
3299             </dd>
3300
3301             <dt>Type:</dt>
3302
3303             <dd>
3304               <p>Parameterized.</p>
3305             </dd>
3306
3307             <dt>Parameter:</dt>
3308
3309             <dd>
3310               <ul>
3311                 <li>
3312                   <p><span class="QUOTE">"conditional-block"</span> to delete
3313                   the header completely if the host has changed.</p>
3314                 </li>
3315
3316                 <li>
3317                   <p><span class="QUOTE">"conditional-forge"</span> to forge
3318                   the header if the host has changed.</p>
3319                 </li>
3320
3321                 <li>
3322                   <p><span class="QUOTE">"block"</span> to delete the header
3323                   unconditionally.</p>
3324                 </li>
3325
3326                 <li>
3327                   <p><span class="QUOTE">"forge"</span> to pretend to be
3328                   coming from the homepage of the server we are talking
3329                   to.</p>
3330                 </li>
3331
3332                 <li>
3333                   <p>Any other string to set a user defined referrer.</p>
3334                 </li>
3335               </ul>
3336             </dd>
3337
3338             <dt>Notes:</dt>
3339
3340             <dd>
3341               <p><tt class="LITERAL">conditional-block</tt> is the only
3342               parameter, that isn't easily detected in the server's log file.
3343               If it blocks the referrer, the request will look like the
3344               visitor used a bookmark or typed in the address directly.</p>
3345
3346               <p>Leaving the referrer unmodified for requests on the same
3347               host allows the server owner to see the visitor's <span class=
3348               "QUOTE">"click path"</span>, but in most cases she could also
3349               get that information by comparing other parts of the log file:
3350               for example the User-Agent if it isn't a very common one, or
3351               the user's IP address if it doesn't change between different
3352               requests.</p>
3353
3354               <p>Always blocking the referrer, or using a custom one, can
3355               lead to failures on servers that check the referrer before they
3356               answer any requests, in an attempt to prevent their content
3357               from being embedded or linked to elsewhere.</p>
3358
3359               <p>Both <tt class="LITERAL">conditional-block</tt> and
3360               <tt class="LITERAL">forge</tt> will work with referrer checks,
3361               as long as content and valid referring page are on the same
3362               host. Most of the time that's the case.</p>
3363
3364               <p><tt class="LITERAL">hide-referer</tt> is an alternate
3365               spelling of <tt class="LITERAL">hide-referrer</tt> and the two
3366               can be can be freely substituted with each other. (<span class=
3367               "QUOTE">"referrer"</span> is the correct English spelling,
3368               however the HTTP specification has a bug - it requires it to be
3369               spelled as <span class="QUOTE">"referer"</span>.)</p>
3370             </dd>
3371
3372             <dt>Example usage:</dt>
3373
3374             <dd>
3375               <table border="0" bgcolor="#E0E0E0" width="90%">
3376                 <tr>
3377                   <td>
3378                     <pre class="SCREEN">
3379 +hide-referrer{forge}
3380 </pre>
3381                   </td>
3382                 </tr>
3383               </table>or
3384
3385               <table border="0" bgcolor="#E0E0E0" width="90%">
3386                 <tr>
3387                   <td>
3388                     <pre class="SCREEN">
3389 +hide-referrer{http://www.yahoo.com/}
3390 </pre>
3391                   </td>
3392                 </tr>
3393               </table>
3394             </dd>
3395           </dl>
3396         </div>
3397       </div>
3398
3399       <div class="SECT3">
3400         <h4 class="SECT3"><a name="HIDE-USER-AGENT" id=
3401         "HIDE-USER-AGENT">8.5.25. hide-user-agent</a></h4>
3402
3403         <div class="VARIABLELIST">
3404           <dl>
3405             <dt>Typical use:</dt>
3406
3407             <dd>
3408               <p>Try to conceal your type of browser and client operating
3409               system</p>
3410             </dd>
3411
3412             <dt>Effect:</dt>
3413
3414             <dd>
3415               <p>Replaces the value of the <span class=
3416               "QUOTE">"User-Agent:"</span> HTTP header in client requests
3417               with the specified value.</p>
3418             </dd>
3419
3420             <dt>Type:</dt>
3421
3422             <dd>
3423               <p>Parameterized.</p>
3424             </dd>
3425
3426             <dt>Parameter:</dt>
3427
3428             <dd>
3429               <p>Any user-defined string.</p>
3430             </dd>
3431
3432             <dt>Notes:</dt>
3433
3434             <dd>
3435               <div class="WARNING">
3436                 <table class="WARNING" border="1" width="90%">
3437                   <tr>
3438                     <td align="center"><b>Warning</b></td>
3439                   </tr>
3440
3441                   <tr>
3442                     <td align="left">
3443                       <p>This can lead to problems on web sites that depend
3444                       on looking at this header in order to customize their
3445                       content for different browsers (which, by the way, is
3446                       <span class="emphasis"><i class=
3447                       "EMPHASIS">NOT</i></span> the right thing to do: good
3448                       web sites work browser-independently).</p>
3449                     </td>
3450                   </tr>
3451                 </table>
3452               </div>
3453
3454               <p>Using this action in multi-user setups or wherever different
3455               types of browsers will access the same <span class=
3456               "APPLICATION">Privoxy</span> is <span class=
3457               "emphasis"><i class="EMPHASIS">not recommended</i></span>. In
3458               single-user, single-browser setups, you might use it to delete
3459               your OS version information from the headers, because it is an
3460               invitation to exploit known bugs for your OS. It is also
3461               occasionally useful to forge this in order to access sites that
3462               won't let you in otherwise (though there may be a good reason
3463               in some cases).</p>
3464
3465               <p>More information on known user-agent strings can be found at
3466               <a href="http://www.user-agents.org/" target=
3467               "_top">http://www.user-agents.org/</a> and <a href=
3468               "http://en.wikipedia.org/wiki/User_agent" target=
3469               "_top">http://en.wikipedia.org/wiki/User_agent</a>.</p>
3470             </dd>
3471
3472             <dt>Example usage:</dt>
3473
3474             <dd>
3475               <table border="0" bgcolor="#E0E0E0" width="90%">
3476                 <tr>
3477                   <td>
3478                     <pre class="SCREEN">
3479 +hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}
3480 </pre>
3481                   </td>
3482                 </tr>
3483               </table>
3484             </dd>
3485           </dl>
3486         </div>
3487       </div>
3488
3489       <div class="SECT3">
3490         <h4 class="SECT3"><a name="LIMIT-CONNECT" id="LIMIT-CONNECT">8.5.26.
3491         limit-connect</a></h4>
3492
3493         <div class="VARIABLELIST">
3494           <dl>
3495             <dt>Typical use:</dt>
3496
3497             <dd>
3498               <p>Prevent abuse of <span class="APPLICATION">Privoxy</span> as
3499               a TCP proxy relay or disable SSL for untrusted sites</p>
3500             </dd>
3501
3502             <dt>Effect:</dt>
3503
3504             <dd>
3505               <p>Specifies to which ports HTTP CONNECT requests are
3506               allowable.</p>
3507             </dd>
3508
3509             <dt>Type:</dt>
3510
3511             <dd>
3512               <p>Parameterized.</p>
3513             </dd>
3514
3515             <dt>Parameter:</dt>
3516
3517             <dd>