1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01
2 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
5 <meta name="generator" content="HTML Tidy, see www.w3.org">
7 What's New in this Release
9 <meta name="GENERATOR" content=
10 "Modular DocBook HTML Stylesheet Version 1.79">
11 <link rel="HOME" title="Privoxy 3.0.18 User Manual" href="index.html">
12 <link rel="PREVIOUS" title="Installation" href="installation.html">
13 <link rel="NEXT" title="Quickstart to Using Privoxy" href=
15 <link rel="STYLESHEET" type="text/css" href="../p_doc.css">
16 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
17 <link rel="STYLESHEET" type="text/css" href="p_doc.css">
18 <style type="text/css">
20 background-color: #EEEEEE;
23 :link { color: #0000FF }
24 :visited { color: #840084 }
25 :active { color: #0000FF }
26 hr.c1 {text-align: left}
30 <div class="NAVHEADER">
31 <table summary="Header navigation table" width="100%" border="0"
32 cellpadding="0" cellspacing="0">
34 <th colspan="3" align="center">
35 Privoxy 3.0.18 User Manual
39 <td width="10%" align="left" valign="bottom">
40 <a href="installation.html" accesskey="P">Prev</a>
42 <td width="80%" align="center" valign="bottom">
44 <td width="10%" align="right" valign="bottom">
45 <a href="quickstart.html" accesskey="N">Next</a>
49 <hr width="100%" class="c1">
53 <a name="WHATSNEW">3. What's New in this Release</a>
56 <span class="APPLICATION">Privoxy 3.0.17</span> is a stable release.
57 The changes since 3.0.16 stable are:
64 Fixed last-chunk-detection for responses where the content was
65 small enough to be read with the body, causing Privoxy to wait
66 for the end of the content until the server closed the connection
67 or the request timed out. Reported by "Karsten" in #3028326.
72 Responses with status code 204 weren't properly detected as
73 body-less like RFC2616 mandates. Like the previous bug, this
74 caused Privoxy to wait for the end of the content until the
75 server closed the connection or the request timed out. Fixes
76 #3022042 and #3025553, reported by a user with no visible name.
77 Most likely also fixes a bunch of other AJAX-related problem
78 reports that got closed in the past due to insufficient
79 information and lack of feedback.
84 Fixed an ACL bug that made it impossible to build a blacklist.
85 Usually the ACL directives are used in a whitelist, which worked
86 as expected, but blacklisting is still useful for public proxies
87 where one only needs to deny known abusers access.
92 Added LOG_LEVEL_RECEIVED to log the not-yet-parsed data read from
93 the network. This should make debugging various parsing issues a
99 The IPv6 code is enabled by default on Windows versions that
100 support it. Patch submitted by oCameLo in #2942729.
105 In mingw32 versions, the user.filter file is reachable through
106 the GUI, just like default.filter is. Feature request 3040263.
111 Added the configure option --enable-large-file-support to set a
112 few defines that are required by platforms like GNU/Linux to
113 support files larger then 2GB. Mainly interesting for users
114 without proper logfile management.
119 Logging with "debug 16" no longer stops at the first nul byte
120 which is pretty useless. Non-printable characters are replaced
121 with their hex value so the result can't span multiple lines
122 making parsing them harder then necessary.
127 Privoxy logs when reading an action, filter or trust file.
132 Fixed incorrect regression test markup which caused a test in
133 3.0.16 to fail while Privoxy itself was working correctly. While
134 Privoxy accepts hide-referer, too, the action name is actually
135 hide-referrer which is also the name used one the final results
136 page, where the test expected the alias.
141 CGI interface improvements:
146 In finish_http_response(), continue to add the 'Connection:
147 close' header if the client connection will not be kept
148 alive. Anonymously pointed out in #2987454.
153 Apostrophes in block messages no longer cause parse errors
154 when the blocked page is viewed with JavaScript enabled.
155 Reported by dg1727 in #3062296.
160 Fix a bunch of anchors that used underscores instead of
166 Allow to keep the client connection alive after crunching the
167 previous request. Already opened server connections can be
173 In cgi_show_url_info(), don't forget to prefix URLs that only
174 contain http:// or https:// in the path. Fixes #2975765
175 reported by Adam Piggott.
180 Show the 404 CGI page if cgi_send_user_manual() is called
181 while local user manual delivery is disabled.
188 Action file improvements:
193 Enable user.filter by default. Suggested by David White in
199 Block .sitestat.com/. Reported by johnd16 in #3002725.
204 Block .atemda.com/. Reported by johnd16 in #3002723.
209 Block js.adlink.net/. Reported by johnd16 in #3002720.
214 Block .analytics.yahoo.com/. Reported by johnd16 in #3002713.
219 Block sb.scorecardresearch.com, too. Reported by dg1727 in
225 Fix problems noticed on Yahoo mail and news pages.
230 Remove the too broad yahoo section, only keeping the
231 fast-redirects exception as discussed on ijbswa-devel@.
236 Don't block adesklets.sourceforge.net. Reported in #2974204.
241 Block chartbeat ping tracking. Reported in #2975895.
246 Tag CSS and image requests with cautious and medium settings,
252 Don't handle view.atdmt.com as image. It's used for
253 click-throughs so users should be able to "go there anyway".
254 Reported by Adam Piggott in #2975927.
259 Also let the refresh-tags filter remove invalid refresh tags
260 where the 'url=' part is missing. Anonymously reported in
261 #2986382. While at it, update the description to mention the
262 fact that only refresh tags with refresh times above 9
268 javascript needs to be blocked with +handle-as-empty-document
269 to work around Firefox bug 492459. So move .js blockers from
270 +block{Might be a web-bug.} -handle-as-empty-document to
271 +block{Might be a web-bug.} +handle-as-empty-document.
276 ijbswa-Feature Requests-3006719 - Block 160x578 Banners.
281 Block another omniture tracking domain.
286 Added a range-requests tagger.
291 Added two sections to get Flickr's Ajax interface working
292 with default pre-settings. If you change the configuration to
293 block cookies by default, you'll need additional exceptions.
294 Reported by Mathias Homann in #3101419 and by Patrick on
302 Documentation improvements:
307 Explicitly mention how to match all URLs.
312 Consistently recommend socks5 in the Tor FAQ entry and
313 mention its advantage compared to socks4a. Reported by David
319 Slightly improve the explanation of why filtering may appear
325 Grammar fixes for the ACL section.
330 Fixed a link to the 'intercepting' entry and add another one.
335 Rename the 'Other' section to 'Mailing Lists' and reword it
336 to make it clear that nobody is forced to use the trackers
341 Note that 'anonymously' posting on the trackers may not
347 Suggest to enable debug 32768 when suspecting parsing
355 Privoxy-Log-Parser improvements:
360 Gather statistics for ressources, methods, and HTTP versions
366 Also gather statistics for blocked and redirected requests.
371 Provide the percentage of keep-alive offers the client
377 Add a --url-statistics-threshold option.
382 Add a --host-statistics-threshold option to also gather
383 statistics about how many request where made per host.
388 Fix a bug in handle_loglevel_header() where a 'scan: ' got
394 Add a --shorten-thread-ids option to replace the thread id
395 with a decimal number.
400 Accept and ignore: Looks like we got the last chunk together
401 with the server headers. We better stop reading.
406 Accept and ignore: Continue hack in da house.
411 Accept and higlight: Rejecting connection from 10.0.0.2.
412 Maximum number of connections reached.
417 Accept and highlight: Loading actions file:
418 /usr/local/etc/privoxy/default.action
423 Accept and highlight: Loading filter file:
424 /usr/local/etc/privoxy/default.filter
429 Accept and highlight: Killed all-caps Host header line: HOST:
435 Accept and highlight: Reducing expected bytes to 0. Marking
436 the server socket tainted after throwing 4 bytes away.
441 Accept: Merged multiple header lines to: 'X-FORWARDED-PROTO:
442 http X-HOST: 127.0.0.1'
454 Remove the next member from the client_state struct. Only the
455 main thread needs access to all client states so give it its
461 Garbage-collect request_contains_null_bytes().
466 Ditch redundant code in unload_configfile().
471 Ditch LogGetURLUnderCursor() which doesn't seem to be used
477 In write_socket(), remove the write-only variable write_len
478 in an ifdef __OS2__ block. Spotted by cppcheck.
483 In connect_to(), don't declare the variable 'flags' on OS/2
484 where it isn't used. Spotted by cppcheck.
489 Limit the scope of various variables. Spotted by cppcheck.
494 In add_to_iob(), turn an interestingly looking for loop into
500 Code cleanup in preparation for external filters.
505 In listen_loop(), mention the socket on which we accepted the
506 connection, not just the source IP address.
511 In write_socket(), also log the socket we're writing to.
516 In log_error(), assert that escaped characters get logged
517 completely or not at all.
522 In log_error(), assert that ival and sval have reasonable
523 values. There's no reason not to abort() if they don't.
528 Remove an incorrect cgi_error_unknown() call in a
529 cannot-happen-situation in send_crunch_response().
534 Clean up white-space in http_response definition and move the
535 crunch_reason to the beginning.
540 Turn http_response.reason into an enum and rename it to
541 http_response.crunch_reason.
546 Silence a 'gcc (Debian 4.3.2-1.1) 4.3.2' warning on i686
552 Fix white-space in a log message in
553 remove_chunked_transfer_coding(). While at it, add a note
554 that the message doesn't seem to be entirely correct and
555 should be improved later on.
562 GNUmakefile improvements:
567 Use $(SSH) instead of ssh, so one only needs to specify a
573 Removed references to the action feedback thingy that hasn't
574 been working for years.
579 Consistently use shell.sourceforge.net instead of
580 shell.sf.net so one doesn't need to check server fingerprints
586 Removed GNUisms in the webserver and webactions targets so
587 they work with standard tar.
596 <a name="UPGRADERSNOTE">3.1. Note to Upgraders</a>
599 A quick list of things to be aware of before upgrading from earlier
600 versions of <span class="APPLICATION">Privoxy</span>:
607 The recommended way to upgrade <span class=
608 "APPLICATION">Privoxy</span> is to backup your old
609 configuration files, install the new ones, verify that <span
610 class="APPLICATION">Privoxy</span> is working correctly and
611 finally merge back your changes using <span class=
612 "APPLICATION">diff</span> and maybe <span class=
613 "APPLICATION">patch</span>.
616 There are a number of new features in each <span class=
617 "APPLICATION">Privoxy</span> release and most of them have to
618 be explicitly enabled in the configuration files. Old
619 configuration files obviously don't do that and due to syntax
620 changes using old configuration files with a new <span class=
621 "APPLICATION">Privoxy</span> isn't always possible anyway.
626 Note that some installers remove earlier versions completely,
627 including configuration files, therefore you should really save
628 any important configuration files!
633 On the other hand, other installers don't overwrite existing
634 configuration files, thinking you will want to do that
640 <tt class="FILENAME">standard.action</tt> has been merged into
641 the <tt class="FILENAME">default.action</tt> file.
646 In the default configuration only fatal errors are logged now.
647 You can change that in the <a href="config.html#DEBUG">debug
648 section</a> of the configuration file. You may also want to
649 enable more verbose logging until you verified that the new
650 <span class="APPLICATION">Privoxy</span> version is working as
656 Three other config file settings are now off by default: <a
658 "config.html#ENABLE-REMOTE-TOGGLE">enable-remote-toggle</a>, <a
660 "config.html#ENABLE-REMOTE-HTTP-TOGGLE">enable-remote-http-toggle</a>,
662 "config.html#ENABLE-EDIT-ACTIONS">enable-edit-actions</a>. If
663 you use or want these, you will need to explicitly enable them,
664 and be aware of the security issues involved.
670 <div class="NAVFOOTER">
671 <hr width="100%" class="c1">
672 <table summary="Footer navigation table" width="100%" border="0"
673 cellpadding="0" cellspacing="0">
675 <td width="33%" align="left" valign="top">
676 <a href="installation.html" accesskey="P">Prev</a>
678 <td width="34%" align="center" valign="top">
679 <a href="index.html" accesskey="H">Home</a>
681 <td width="33%" align="right" valign="top">
682 <a href="quickstart.html" accesskey="N">Next</a>
686 <td width="33%" align="left" valign="top">
689 <td width="34%" align="center" valign="top">
692 <td width="33%" align="right" valign="top">
693 Quickstart to Using Privoxy