Announcing Privoxy 3.0.25 beta -------------------------------------------------------------------- Privoxy 3.0.25 beta introduces client-specific tags and includes a couple of minor improvements. It will be followed by a stable release in the near future. -------------------------------------------------------------------- ChangeLog for Privoxy -------------------------------------------------------------------- - Bug fixes: - Always use the current toggle state for new requests. Previously new requests on reused connections inherited the toggle state from the previous request even though the toggle state could have changed. Reported by Robert Klemme. - Fixed two buffer-overflows in the (deprecated) static pcre code. These bugs are not considered security issues as the input is trusted. Found with afl-fuzz and ASAN. - General improvements: - Added support for client-specific tags which allow Privoxy admins to pre-define tags that are set for all requests from clients that previously opted in through the CGI interface. They are useful in multi-user setups where admins may want to allow users to disable certain actions and filters for themselves without affecting others. In single-user setups they are useful to allow more fine-grained toggling. For example to disable request blocking while still crunching cookies, or to disable experimental filters only. This is an experimental feature, the syntax and behaviour may change in future versions. Sponsored by Robert Klemme. - Dynamic filters and taggers now support a $listen-address variable which contains the address the request came in on. For external filters the variable is called $PRIVOXY_LISTEN_ADDRESS. Original patch contributed by pursievro. - Add client-header-tagger 'listen-address'. - Include the listen-address in the log message when logging new requests. Patch contributed by pursievro. - Turn invalid max-client-connections values into fatal errors. - The show-status page now shows whether or not dates before 1970 and after 2038 are expected to be handled properly. This is mainly useful for Privoxy-Regression-Test but could also come handy when dealing with time-related support requests. - On Mac OS X the thread id in log messages are more likely to be unique now. - When complaining about missing filters, the filter type is logged as well. - A couple of harmless coverity warnings were silenced (CID #161202, CID #161203, CID #161211). - Action file improvements: - Filtering is disabled for Range requests to let download resumption and Windows updates work with the default configuration. - Unblock ".ardmediathek.de/". Reported by ThTomate in #932. - Documentation improvements: - Add FAQ entry for crashes caused by memory limits. - Remove obsolete FAQ entry about a bug in PHP 4.2.3. - Mention the new mailing lists were appropriate. As the archives have not been migrated, continue to mention the archives at SF in the contacting section for now. - Note that the templates should be adjusted if Privoxy is running as intercepting proxy without getting all requests. - A bunch of links were converted to https://. - Rephrase onion service paragraph to make it more obvious that Tor is involved and that the whole website (and not just the homepage) is available as onion service. - Streamline the "More information" section on the homepage further by additionally ditching the link to the 'See also' section of the user manual. The section contains mostly links that are directly reachable from the homepage already and the rest is not significant enough to get a link from the homepage. - Change the add-header{} example to set the DNT header and use a complete section to make copy and pasting more convenient. Add a comment to make it obvious that adding the header is not recommended for obvious reasons. Using the DNT header as example was suggested by Leo Wzukw. - Streamline the support-and-service template Instead of linking to the various support trackers (whose URLs hopefully change soon), link to the contact section of the user manual to increase the chances that users actually read it. - Add a FAQ entry for tainted sockets. - More sections in the documentation have stable URLs now. - FAQ: Explain why 'ping config.privoxy.org' is not expected to reach a local Privoxy installation. - Note that donations done through Zwiebelfreunde e.V. currently can't be checked automatically. - Updated section regarding starting Privoxy under OS X. - Use dedicated start instructions for FreeBSD and ElectroBSD. - Removed release instructions for AIX. They haven't been working for years and unsurprisingly nobody seems to care. - Removed obsolete reference to the solaris-dist target. - Updated the release instructions for FreeBSD. - Removed unfinished release instructions for Amiga OS and HP-UX 11. - Added a pointer to the Cygwin Time Machine for getting the last release of Cygwin version 1.5 to use for building Privoxy on Windows. - Various typos have been fixed. - Infrastructure improvements: - The website is no longer hosted at SourceForge and can be reached through https now. - The mailing lists at SourceForge have been deprecated, you can subscribe to the new ones at: https://lists.privoxy.org/ - Migrating the remaining services from SourceForge is work in progress (TODO list item #53). - Build system improvements: - Add configure argument to optimistically redefine FD_SETSIZE with the intent to change the maximum number of client connections Privoxy can handle. Only works with some libcs. Sponsored by Robert Klemme. - Let the tarball-dist target skip files in ".git". - Let the tarball-dist target work in cwds other than current. - Make the 'clean' target faster when run from a git repository. - Include tools in the generic distribution. - Let the gen-dist target work in cwds other than current. - Sort find output that is used for distribution tarballs to get reproducible results. - Don't add '-src' to the name of the tar ball generated by the gen-dist target. The package isn't a source distribution but a binary package. While at it, use a variable for the name to reduce the chances that the various references get out of sync and fix the gen-upload target which was looking in the wrong directory. - Add regression-tests.action to the files that are distributed. - The gen-dist target which was broken since 2002 (r1.92) has been fixed. - Remove genclspec.sh which has been obsolete since 2009. - Remove obsolete reference to Redhat spec file. - Remove the obsolete announce target which has been commented out years ago. - Let rsync skip files if the checksums match. - Privoxy-Regression-Test: - Add a "Default level offset" directive which can be used to change the default level by a given value. This directive affects all tests located after it until the end of the file or a another "Default level offset" directive is reached. The purpose of this directive is to make it more convenient to skip similar tests in a given file without having to remove or disable the tests completely. - Let test level 17 depend on FEATURE_64_BIT_TIME_T instead of FEATURE_PTHREAD which has no direct connection to the time_t size. - Fix indentation in perldoc examples. - Don't overlook directives in the first line of the action file. - Bump version to 0.7. - Fix detection of the Privoxy version now that https:// is used for the website. ----------------------------------------------------------------- About Privoxy: ----------------------------------------------------------------- Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks. Privoxy is Free Software and licensed under the GNU GPLv2. Our TODO list is rather long. Helping hands and donations are welcome: * https://www.privoxy.org/faq/general.html#PARTICIPATE * https://www.privoxy.org/faq/general.html#DONATE At present, Privoxy is known to run on Windows 95 and later versions (98, ME, 2000, XP, Vista, Windows 7 etc.), GNU/Linux (RedHat, SuSE, Debian, Fedora, Gentoo, Slackware and others), Mac OS X (10.4 and upwards on PPC and Intel processors), OS/2, Haiku, DragonFly, ElectroBSD, FreeBSD, NetBSD, OpenBSD, Solaris, and various other flavors of Unix. In addition to the core features of ad blocking and cookie management, Privoxy provides many supplemental features, that give the end-user more control, more privacy and more freedom: * Supports "Connection: keep-alive". Outgoing connections can be kept alive independently from the client. Currently not available on all platforms. * Supports IPv6, provided the operating system does so too, and the configure script detects it. * Supports tagging which allows to change the behaviour based on client and server headers. * Can be run as an "intercepting" proxy, which obviates the need to configure browsers individually. * Sophisticated actions and filters for manipulating both server and client headers. * Can be chained with other proxies. * Integrated browser based configuration and control utility at http://config.privoxy.org/ (shortcut: http://p.p/). Browser-based tracing of rule and filter effects. Remote toggling. * Web page filtering (text replacements, removes banners based on size, invisible "web-bugs" and HTML annoyances, etc.) * Modularized configuration that allows for standard settings and user settings to reside in separate files, so that installing updated actions files won't overwrite individual user settings. * Support for Perl Compatible Regular Expressions in the configuration files, and a more sophisticated and flexible configuration syntax. * GIF de-animation. * Bypass many click-tracking scripts (avoids script redirection). * User-customizable HTML templates for most proxy-generated pages (e.g. "blocked" page). * Auto-detection and re-reading of config file changes. * Most features are controllable on a per-site or per-location basis. Home Page: https://www.privoxy.org/ - Privoxy Developers