--------------------------------------------------------------------
ChangeLog for Privoxy
--------------------------------------------------------------------
-*** Since 3.0.5 ***
-- Four new filters from Fabian.
-
-*** Version 3.0.5 ***
+*** Since 3.0.8 ***
+
+- Added SOCKS5 support. Patch provided by Eric M. Hopper.
+- The "blocked" CGI pages include a block reason that was
+ provided as argument to the last-applying block action.
+- If enable-edit-actions is disabled (the default since 3.0.7 beta)
+ the show-status page hides the edit buttons and explains why.
+ Previously the user would get the "this feature has been disabled"
+ message after using the edit button.
+- Forbidden CONNECT requests are treated like blocks by default.
+ The now-pointless treat-forbidden-connects-like-blocks action
+ has been removed.
+- Not enabling limit-connect now allows CONNECT requests to all ports.
+ In previous versions it would only allow CONNECT requests to port 443.
+ Use +limit-connect{443} if you think you need the old default behaviour.
+- The CGI editor gets turned off after three edit requests with invalid
+ file modification timestamps. This makes life harder for attackers
+ who can leverage browser bugs to send fake Referers and intend to
+ brute-force edit URLs.
+- Action settings for multiple patterns in the same section are
+ shared in memory. As a result these sections take up less space
+ (and are loaded slightly faster). Problem reported by Franz Schwartau.
+- Host information is gathered outside the main thread so it's less
+ likely to delay other incoming connections if the host is misconfigured.
+- New config option "hostname" to use a hostname other than
+ the one returned by the operating system. Useful to speed-up responses
+ for CGI requests on misconfigured systems. Requested by Max Khon.
+- The CGI editor supports the "disable all filters of this type"
+ directives "-client-header-filter", "-server-header-filter",
+ "-client-header-tagger" and "-server-header-tagger".
+- Fixed false-positives with the link-by-url filter and URLs that
+ contain the pattern "/jump/".
+- The less-download-windows filter no longer messes
+ "Content-Type: application/x-shockwave-flash" headers up.
+- In the show-url-info page's "Final results" section active and
+ inactive actions are listed separately. Patch provided by Lee.
+- The obsolete kill-popups action has been removed as the
+ PCRS-based popup filters can do the same and are less
+ unreliable.
+
+*** Version 3.0.8 ***
+
+- Fixed a small memory leak when listen-address only specifies the port.
+- The source tar balls now include Privoxy-Regression-Test which
+ (upon other things) can be used to automatically detect some
+ packaging problems. Packagers are welcome to give it a try.
+- Reverted a change in 3.0.7 that caused path patterns to be checked
+ even if the host pattern match already failed. While this doesn't
+ noticeable affect the performance, it makes it less likely to run
+ out of stack space with overly-complex path patterns the user might
+ have added.
+- Updated the msn, yahoo and google filters to work as advertised again.
+- The warning message shown by the show-status CGI page is easier to
+ understand. Previously it wasn't clear that the error message
+ is shown below the invalid directive. (Reported by Lee)
+- When regenerating Content-Disposition headers the more common
+ spelling is used for the name. Previously it was written without caps.
+- Less confusing log message if the content type isn't overwritten
+ because force-text-type wasn't used but the old type doesn't look
+ like content that would be filtered normally.
+- Better log messages if the user tries to execute filters that
+ don't exist.
+- Treat the non-standard Request-Range headers like standard range
+ headers and suppress them if content filtering is enabled.
+- Prevent the log messages for CONNECT requests to unacceptable
+ ports from printing the limit-connect argument as [null] if
+ limit-connect hasn't been explicitly enabled.
+- Don't disable the mingw32 log window if the logfile directive
+ isn't used. While it was an intentional change in 3.0.7 at least
+ one user perceived it as a regression and the same effect can
+ be achieved by disabling all debug directives.
+- Fixed two minor problems related to the win32 build process: a css
+ file was not being in the installer and the trustfile comment in the
+ config.txt referenced a nonexisting file
+- Minor documentation fixes.
+
+*** Version 3.0.7 Beta ***
+
+- Added zlib support to filter content with gzip and deflate
+ encoding. (Patch provided by Wil Mahan)
+- Dedicated filters and actions are used for header filtering.
+ "filter-client-headers" and "filter-client-headers" are no longer
+ supported, use server-header-filter{} and client-header-filter{}
+ instead.
+- Tags can be used to change actions based on HTTP headers.
+- New server-header filter: less-download-windows.
+- New client-header taggers: css-requests, image-requests,
+ client-ip-address, http-method, allow-post, complete-url,
+ user-agent and privoxy-control.
+- New server-header taggers: content-type and privoxy-control.
+- The forward-override{} action allows to change the forwarding
+ settings through the action files, for example based on client
+ headers like the User-Agent, or the request origin.
+- Socks errors are no longer handled by the CGI page for
+ DNS resolution failures.
+- CGI pages use favicons to signal whether they are error
+ or control pages. This is useful if you rely heavily on
+ browser tabs.
+- The show-url-info CGI page shows the forwarding settings.
+- "Crunch!" log messages (used when Privoxy answers requests
+ by itself) now also contain the reason.
+- Allow to rewrite the request destination behind the client's back.
+- Fix socks requests on big-endian platforms. Patch provided by Song Weijia.
+- Fixes possible deadlocks and crashes on OpenBSD.
+ Patch provided by Ralf Horstmann.
+- The CGI action editor allows to edit actionfiles with previously
+ forbidden characters like dots.
+- New trust entries are saved with a comment that contains the
+ trusted referring URL (Suggested by Daniel Griscom).
+- Filter descriptions are HTML encoded automatically.
+- New config option "split-large-forms" to work
+ around a browser bug that caused IE6 and IE7 to ignore
+ the Submit button on the edit-actions-for-url CGI page.
+- New config option "allow-cgi-request-crunching" to allow
+ requests for Privoxy's CGI pages to be blocked, redirected
+ or (un)trusted like ordinary requests.
+- Empty filter files no longer interrupt the filtering process
+ prematurely and are correctly listed on the show-status CGI page.
+- New config option "accept-intercepted-requests" to combine
+ Privoxy with any packet filter to build an intercepting proxy
+ for HTTP/1.1 requests (and for HTTP/1.0 requests with Host header set).
+- fast-redirects{} catch redirects to https URLs as well.
+- redirect{s@foo@bar@} can be used to redirect to a rewritten
+ version of the original URL.
+- Trap unsupported gopher proxy requests.
+- Fixed a bug in the User Manual delivery on Windows
+ (mingw32 only). Images now show up correctly and HTML
+ pages are no longer padded with garbage data.
+- Fixed several minor memory leaks, most of them discovered with Valgrind.
+- Only unlink the pidfile if it's actually used.
+- Retries after connection problems with forced requests
+ aren't blocked again.
+- On Unix SIGABRT causes a core dump as expected and is no
+ longer treated as normal shutdown signal.
+- The "access denied" CGI page is more descriptive and
+ allows retries to circumvent the referrer check.
+- Updated PCRS to handle unexpected PCRE errors properly.
+ Fixed crashes that could occur if Privoxy was build
+ with external PCRE versions newer than Privoxy's internal
+ one. (Reported by Chung-chieh Shan)
+- Fixed crashes with null bytes in PCRS replacement strings
+ (Patch provided by Felix Gröbert).
+- Fixed crashes with header time randomization on mingw32.
+- The CGI style sheet is no longer delivered if the referring
+ page isn't a Privoxy CGI page. This prevents a JavaScript-based
+ Privoxy detection "attack". Note that detecting Privoxy is
+ still possible through other ways and Privoxy was never intended
+ to be invisible anyway.
+- Added support for AmigaOS 4, fixed build for AmigaOS 3.x.
+- The show-url-info CGI page displays a warning if Privoxy
+ is currently toggled off.
+- The show-status CGI page suppresses the edit button
+ for action files if Privoxy has no write access.
+- Most CGI error pages react properly to HEAD requests.
+- Requests with RFC 3253 HTTP methods (used by Subversion)
+ are accepted. (Patch provided by Petr Kadlec)
+- New config option "templdir" to change the location
+ of the CGI templates to make sure customized templates
+ aren't "updated".
+- Better handling of "HTTP/1.1 100 Continue" responses.
+- The background of the PNG pattern is transparent.
+- Fixed XML syntax errors caused by banners-by-size and banners-by-url.
+- Fixed crashes and possible action file corruptions
+ when lines containing hashes are written through the CGI editor.
+- Supports dynamic filters which can contain variables.
+- Supports tags to change the actions based on client or server headers.
+- Incorrect actions are logged before program termination.
+- The "actionsfile" syntax in the configuration file is consistent
+ with the rest of the configuration options and requires the
+ whole file name. This is an incompatible change, if you use
+ an old configuration file you might have to append ".action"
+ to your "actionsfile" directives.
+- With the configuration file option "enforce-blocks" the
+ "go there anyway" mechanism can be disabled without recompiling
+ Privoxy.
+- More precise error messages in case of incorrect acl syntax.
+- Logs a warning if filtering is enabled but impossible due
+ to lack of zlib support or use of the prevent-compression action.
+- Less noisy handling of Cookie:" and "Connection:" headers.
+- Improved error messages in case of connection problems.
+- Fix a command-line-parsing bug that was introduced before 3.0.5
+ beta and caused Privoxy to treat the last argument as configuration
+ file if no configuration file was specified.
+- Treat unknown command line options as fatal errors instead
+ of silently ignoring them.
+- Use string functions with length checks more often.
+- Don't log CONNECT requests twice.
+- Allow to log the source address for ACL-related connection drops.
+- Don't ignore applying filters if the server didn't
+ specify a Content-Type. Bug reported by Amuro Namie.
+- Rejected CONNECT requests are logged with log level info
+ (enabled by default) and the reason for the block.
+- New command line option "--pre-chroot-nslookup hostname" to
+ intialize the resolver library before chroot'ing. On some systems this
+ reduces the number of files that must be copied into the chroot tree.
+ (Patch provided by Stephen Gildea)
+- Fix a long-standing memory corruption bug that could cause
+ Privoxy to overwrite a single byte in memory it didn't explicitly
+ allocate (but that probably was allocated anyway due to bucket size).
+- Send template-based CGI pages as HTTP/1.1 unless the client
+ asked for HTTP/1.0.
+- Let the first line in connection established responses
+ end in \r\n as required by RFC1945. Reported by Bert van Leeuwen.
+- If no log file has been specified, disable logging instead of logging
+ to stderr.
+- Don't block stderr when in daemon mode.
+- Ignore missing zero-chunks when filtering chunk-encoded content.
+ Earlier Privoxy versions would buffer and then forward the content
+ unmodified which caused some browsers to simply show empty pages.
+- Fix double free in cgi_edit_actions_list(). Reported by Venustech AD-LAB.
+- The code to add X-Forwarded-For headers when the hide-forwarded-for-headers
+ action isn't being used has been removed.
+- Fixed trustfile feature which previously didn't work without FEATURE_TOGGLE.
+ Reported by Lee.
+- Minor code clean-ups, filter and action file updates.
+ (Some of them reported by Davide Alberani, Markus Elfring,
+ Stefan Huehner and Adam Piggott)
+
+*** Version 3.0.6 ***
+
+- New content filters: no-ping, google, msn, yahoo and blogspot.
+- New header filters: x-httpd-php-to-html, html-to-xml, xml-to-html
+ and hide-tor-exit-notation.
+- The special header "X-Filter: No" now disables header filtering as well.
+- Improved the filters img-reorder, js-annoyances, webbugs,
+ banners-by-size, banners-by-link and ie-exploits to make them
+ less likely to break anything.
+- Removed outdated URL patterns in default.action and added new ones.
+- Added redirection from http://p.p/user-manual to http://p.p/user-manual/
+- Changed webinterface default values for hide-user-agent, hide-referrer
+ and set-image-blocker.
+
+*** Version 3.0.5 Beta ***
- Windows version can be installed/started as a service.
- Windows icon stays blue when Privoxy is idle, green when busy.
----------------------------------------------------------------------
-Copyright : Written by and Copyright (C) 2001 the SourceForge
+Copyright : Written by and Copyright (C) 2001-2007 the SourceForge
Privoxy team. http://www.privoxy.org/
Based on the Internet Junkbuster originally written
by and Copyright (C) 1997 Anonymous Coders and
- Junkbusters Corporation. http://www.junkbusters.com
+ Junkbusters Corporation. http://www.junkbusters.com/
This program is free software; you can redistribute it
and/or modify it under the terms of the GNU General
or write to the Free Software Foundation, Inc., 59
Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ Note that parts of Privoxy are under licenses that are
+ GPL-compatible but less restrictive - for details see
+ Privoxy's source code. The Privoxy team doesn't hold the
+ copyright for these parts and doesn't relicense them either.
+ You are free to extract them again to distribute them under
+ their own license.
+
set vi:tw=68
projects / privoxy.git / blobdiff