--------------------------------------------------------------------
-ChangeLog for Internet JunkBuster
+ChangeLog for Privoxy
--------------------------------------------------------------------
+*** Since 3.0.6 ***
-*** Version 2.9.11 Beta and CVS Changes (WIP 03/07/02) ***
+- New trust entries are saved with a comment that contains the
+ trusted referring URL (Suggested by Daniel Griscom).
+- Filter descriptions are HTML encoded automatically.
+- New config option "split-large-forms" to work
+ around a browser bug that caused IE6 and IE7 to ignore
+ the Submit button on the edit-actions-for-url CGI page.
+- Requests for Privoxy's CGI pages can be blocked, redirected
+ or (un)trusted like ordinary requests.
+- Empty filter files no longer interrupt the filtering process
+ prematurely and are correctly listed on the show-status CGI page.
+- New config option "accept-intercepted-requests" to combine
+ Privoxy with any packet filter to build an intercepting proxy
+ for HTTP/1.1 requests (and for HTTP/1.0 requests with Host header set).
+- fast-redirects{} catch redirects to https URLs as well.
+- redirect{s@foo@bar@} can be used to redirect to a rewritten
+ version of the original URL.
+- Trap unsupported gopher proxy requests.
+- Fixed a bug in the User Manual delivery on Windows
+ (mingw32 only). Images now show up correctly and HTML
+ pages are no longer padded with garbage data.
+- Fixed small memory leak in case of config file reloads.
+- Only unlink the pidfile if it's actually used.
+- Retries after connection problems with forced requests
+ aren't blocked again.
+- On Unix SIGABRT causes a coredump as expected and is no
+ longer treated as normal shutdown signal.
+- The "access denied" CGI page is more descriptive and
+ allows to circumvent the referrer check.
+- Updated PCRS to handle unexpected PCRE errors properly.
+ Fixed crashes that could occur if Privoxy was build
+ with external PCRE versions newer than Privoxy's internal
+ one. (Reported by Chung-chieh Shan)
+- Fixed crashes with null bytes in PCRS replacement strings
+ (Patch provided by Felix Gröbert).
+- Fixed crashes with header time randomization on mingw32.
+- Added zlib support to filter content with gzip and deflate
+ encoding. (Patch provided by Wil Mahan)
+- The CGI style sheet is no longer delivered if the referring
+ page isn't a Privoxy CGI page. This prevents a JavaScript-based
+ Privoxy detection "attack".
+- Added support for AmigaOS 4, fixed build for AmigaOS 3.x.
+- The show-url-info CGI page displays a warning if Privoxy
+ is currently toggled off.
+- The show-status CGI page suppresses the edit button
+ for action files if Privoxy has no write access.
+- Minor code clean-ups, filter and action file updates.
+ (Some of them reported by Davide Alberani, Markus Elfring
+ and Adam Piggott)
+
+*** Version 3.0.6 ***
+
+- New content filters: no-ping, google, msn, yahoo and blogspot.
+- New header filters: x-httpd-php-to-html, html-to-xml, xml-to-html
+ and hide-tor-exit-notation.
+- The special header "X-Filter: No" now disables header filtering as well.
+- Improved the filters img-reorder, js-annoyances, webbugs,
+ banners-by-size, banners-by-link and ie-exploits to make them
+ less likely to break anything.
+- Removed outdated URL patterns in default.action and added new ones.
+- Added redirection from http://p.p/user-manual to http://p.p/user-manual/
+- Changed webinterface default values for hide-user-agent, hide-referrer
+ and set-image-blocker.
+
+*** Version 3.0.5 ***
+
+- Windows version can be installed/started as a service.
+- Windows icon stays blue when Privoxy is idle, green when busy.
+- Integrated Fabian Keil's extensive patch. See:
+ http://www.fabiankeil.de/sourcecode/privoxy/. Includes the
+ following new or significantly improved actions (among many
+ other improvements):
+
+ content-type-overwrite{}
+ crunch-client-header{string}
+ crunch-if-none-match
+ crunch-server-header{string}
+ fast-redirects{check-decoded-url}
+ filter-client-headers
+ filter-server-headers
+ force-text-mode
+ handle-as-empty-document
+ hide-accept-language{}
+ hide-content-disposition{}
+ hide-if-modified-since
+ hide-referrer{conditional-block}
+ overwrite-last-modified{}
+ redirect{URL}
+ treat-forbidden-connects-like-blocks
+
+- Standard-compliant clients are prevented from displaying cached
+ copies of Privoxy's error messages after the cause of the problem
+ has gone.
+- Improved DNS error handling.
+- Multiple filter files can now be specified in config.
+- Added jpeg filtering to defend against MS jpeg vulnerability MS04-028
+ with the new inspect-jpegs action.
+- Removed the "arbitrary" 1000 filter limit - addresses tracker #911950
+- Thanks to Jindrich Makovicka for a race condition fix for the log
+ file. The race condition remains for non-pthread implementations.
+ Reference patch #1175720. Various other logging enhancements.
+- A pile of assorted bug fixes, memory leaks, enhancements, etc.
+- Moved Actions file reporting mechanism to SF tracker.
+- Two new options for config: enable-remote-http-toggle and
+ forwarded-connect-retries.
+- Trap unsupported FTP requests.
+- Let text/xml be filtered.
+- Numerous updates to default.action
+- Increase the compiled in limit of trusted referrers from 64 to 512
+ (for trustfile users).
+
+*** Version 3.0.3 ***
+
+- Fixed yet another two memory leaks. Process growth seems stopped now.
+- Further tightened security against malicious toggle-off links.
+- Excluded text/plain MIME types from filtering. This fixes a
+ couple of client-crashing, download corruption and
+ Privoxy performance issues, whose root cause lies in
+ web servers labelling content of unknown type as text/plain.
+- Assorted fixes for POSIX compliance, signal handling, graceful
+ termination, compiler warnings, OSX support, Win32 systray,
+ error logging, hostname wildcards, correct detection of NetBSD.
+- Workarounds for client (iTunes etc) and server (PHP < 4.2.3) bugs
+ including the notorious "blank page" problem.
+- Various filter improvements; most notably the unsolicited-popups
+ filter became less destructive
+- Major revamp of the actions file
+
+*** Version 3.0.2 ***
+
+- Fixed two memory leaks, one serious
+- Fixed bug in pcrs which could cause crashes with user-defined filters
+- Fixed bug in domain name matching
+- Assorted small fixes (Win32 menu, CGI URL editor, ..)
+- Added basic support for the OPTIONS and TRACE http methods
+- Added workaround for Bug in Mac OSX that made Privoxy crash occasionally
+- Refined the default action file through >400 items of user feedback
+- Filter changes:
+ - Assorted refinements, optimizations and fixes in the js-annoyances,
+ img-reorder, banners-by-size, banners-by-link, webbugs, refresh-tags,
+ html-annoyances, content-cookies and fun filters
+ - Replaced filter "popups" by choice between two modes:
+ - "unsolicited-popups" tries to catch only the unsolicited ones
+ - "all-popups" tries to kill them all (as before)
+ - New filter "tiny-textforms" Help those tiny or hard-wrap textareas.
+ - New filter "jumping-windows" that prevents windows from resizing
+ and moving themselves
+ - New filter "demoronizer" which fixes MS's abuse of std charsets
+ (common cases anyway).
+ - Replaced "nimda" with more general "ie-exploits" filter in which
+ all filters for exploits shall be collected
+- Improved cookie logging
+- Rewrote make install target. Added uninstall and install-strip
+ targets.
+- Fixed a potential (application-level, NOT OS-level!) security
+ problem involving remote toggling and action file manipulation
+ by mailicious websites.
+- Added ability to chroot (thanks to Sviatoslav Sviridov)
+- Added more action aliases for prehistoric action names
+- Add Slackware support to Makefile.
+
+*** Version 3.0 ***
+
+- Fixed Windows startmenu items, log window and tray icon menus.
+- Added warning for bogus install target
+- Added quicktime-kioskmode filter and improved frameset-borders
+- Updated default.action based on latest feedback
+- New PDF doc build process
+- Add a user contrib module to cvs:
+ http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/ijbswa/contrib/
+
+*** Version 2.9.18 ***
+
+- Added workaround for IE bug that broke CGI interface
+- Bugfix: String actions now reliably editable through CGI interface
+- Three filters fixed (again!)
+- Assorted small fixes and doc enhancements
+
+*** Version 2.9.16 ***
+
+- Major revamp of default.action to get rid of years of cruft.
+- Same for default.filter
+- Re-design and major improvements to the CGI editor interface.
+- Address spurious 'out of memory' error due to incorrect file permissions.
+- Impose buffer limits while reading client and server headers.
+- Better memory and CPU optimization.
+- Add Conectiva Linux package.
+- user-manual directive added to config for help links from within CGI
+ editor.
+- Multiple actions files can now be specified in config.
+- Actions files are changed to: default.action, standard.action, and
+ user.action. user.action is for personal/local configuration.
+- The usual many small and miscellaneous bug and security fixes.
+
+*** Version 2.9.14 Beta ***
+
+- Fix Solaris compile problem (gateway.h and filters.h)
+- Makefile fixes for Solaris, FreeBSD (?)
+- Fix build failure where certain features were disabled.
+- 'blocked-compact' template is removed. Various CGI improvements,
+ including an adaptive 'blocked' template.
+- Various tweaks for actions file to get ready for stable 3.0
+- Included a 'Bookmarklet' and PHP scripts for reporting actions file
+ problems via web interface at privoxy.org. Accessed via internal CGIs.
+- Include cgi-style.css for templates.
+- #include mechansim for common text in templates
+- Various other minor fixes.
+
+*** Version 2.9.13 Beta ***
+
+- *NEWS*: The project has been renamed to Privoxy! The new name is
+ reflected throughout (file locations, etc).
+- ijb.action is now default.action. re_filterfile is now
+ default.filter.
+- http://i.j.b/ is now http://p.p/
+- The 'logo' option for replacing ad iamges is removed now. 'Pattern'
+ (checkerboard) is now the default.
+- RPM spec file make over.
+
+
+*** Version 2.9.12 Beta ***
- **READ**: The default listening PORT is NOW 8118!!! Changed from
-8000 due to conflict with NAS (Network Audio Server, whatever that
-is.)
+ 8000 due to conflict with NAS (Network Audio Server, whatever that
+ is.)
+- More CGI actions editor fixes and improvements.
+- Win32 command line fix ups.
+- re_filterfile now has modular sections that can be activated on a
+ per site basis. Some new goodies there too.
+- +filter now takes arguments to match FILTER sections in re_filterfile
+ for even more flexibility.
- Added a new image blocker option: +image-blocker{pattern}, which
-displays a checkboard patthern and scales better than the logo.
+ displays a checkerboard patthern and scales better than the logo.
- PNG images will be used in place of GIF for JB built-in images
-if configured with --enable-no-gif.
+ if configured with --enable-no-gif.
- Clean up compiler warnings (mostly).
- Improved handling of failed DNS lookups & diagnostics for failed bind
-to listen socket
+ to listen socket
- Made --no-daemon mode log to tty instead of logfile.
- Various spec file and init script cleanups and improvements (Redhat and
-SuSE).
+ SuSE).
- CGI Editor works on OS/2 now.
- Fix restart failure where sockets were in TIME_WAIT.
- Fixes for actions cgi editor, make sure we have right file.
- A --pidfile command line option now, in addition to --help,
---version, --no-daemon, --user and configfile. --no-daemon replaces
-the former -d option and _DEBUG define. --user will drop privileges
-to the specified user.
+ --version, --no-daemon, --user and configfile. --no-daemon replaces
+ the former -d option and _DEBUG define. --user will drop privileges
+ to the specified user.
- Signal handling cleanups (*nix).
- CGI actions editor improvements and fixes.
- Error handling improvements, especially out of memory.
- Default re_filterfile fix that caused spurious IJB logos
-(instead of 'blank').
+ (instead of 'blank').
- configure.in threading fixes for Solaris.
- Various other minor fixes.
-*** Version 2.9.10 Beta Changes ***
+*** Version 2.9.11 Beta Changes ***
- Add "session" cookie concept where cookies exist for the life
of that browser session only (ie never goes to disk).
URLs to fail in some cases.
-*** Version 2.9.10 Alpha Changes ***
+*** Version 2.9.11 Alpha Changes ***
- A web-based editor for the actions file is included (go to http://i.j.b/).
- Web-based toggle IJB on/off support.
+*** Version 2.9.3 pre-Alpha Changes ***
+
+- Amiga support (completely untested by me - I don't have an Amiga)
+- "tinygif 3" support (redirects blocked images to a specified URL, so
+the browser doesn't have to load and cache many copies of the same
+image).
+- one case where there were both local and global "referrer" variables
+(yuck!) clarified by renaming the local one to "refer".
+- Fixed some places where close() was used instead of close_socket().
+Thanks to Jörg Strohmayer (joergs at users.sourceforge.net) for these.
+- Temporary hack to get FORCE_LOAD to work with IE. I just lowercased the
+FORCE_LOAD_PREFIX. Needs fixing properly.
+- Most URLs hardcoded into Junkbuster were changed to go through a script
+e.g. http://ijbswa.sourceforge.net/redirect.php?v=2.9.3&to=faq
+The only other URLs left are the GNU GPL:
+ http://www.fsf.org/copyleft/gpl.html
+and the home page:
+ http://ijbswa.sourceforge.net/
+... and various URLs which will be intercepted by Junkbuster anyway.
+TODO: Still need to do something with the URLs in Junkbuster Corp's
+copyright/trademark notice on the bottom of the show-proxy-args page.
+- PCRE or GNU Regex is now a #define option.
+
+
+*** Version 2.9.2 pre-Alpha Changes ***
+
+- Andreas applied the latest version of the FORCE patch.
+
+
+*** Version 2.9.1 pre-Alpha Changes ***
+
+- in parsers.c, fixed two #ifdef FORCE to #ifdef FORCE_LOAD
+(BTW: I think FORCE is precise enough, since loading remote
+data is the whole purpose of a proxy..)
+- Set the FORCE_PREFIX (back) to 'IJB-FORCE-LOAD-'. While 'noijb.'
+is more elegant and looks like a hostname in the URL, it doesn't
+make clear to the inexperienced user that the proxy is bypassed. It
+also has a higher name collision risk.
+- Filled in the function header templates for my functions in
+parsers.c (again). They obviously got lost in our current
+patch war ;-)
+- Cut the credit for the §-referrer-option from the config file,
+that Stefan had placed there.
+- Improved the re_filterfile
+
+
+*** Version 2.9.0 pre-Alpha Changes ***
+
+- Now use PCRE, not GNU REGEX. I have not yet had chance to check the
+syntax of the block/image/cookie file to ensure that they match what
+is expected - however they seem to work.
+- Replaced "configure" script with one generated by "autoconf". Also
+use a header "config.h" (was ijbconfig.h in my previous release) for
+the #defines. "config.h" is now generated with "autoheader" from
+"acconfig.h" and "configure.in". (Note that to install you do not
+need autoconf or autoheader - just run "./configure".)
+To see command-line options, run "./configure --help".
+This is my first ever autoconf script, so it has some rough edges
+(how PCRE is handled is the roughest).
+- Error logging code replaced with new module errlog.c, based on the
+one from JunkbusterMT (but with the threading code removed).
+- Most of Rodney's 0.21 and 0.21A patches applied. (Marked *). I did not
+apply all of these, since I had already independently done conditional
+popup file, conditional image file, and integration of popup code.
+- ACL, Jar and trust files conditionally compiled.
+- New source file headers.
+- Various cosmetic changes. (But I have not consistently ordered the
+config files - I think that's worthwhile, but it's 1am and I want to
+get this released!)
+- RCS tags on .h files.
+- RCS tags are const char[] rather than const char *. (Saves 4 bytes
+per tag ;-)
+- VC++ project files renamed to vc_junkbuster.*.
+- show-proxy-args now shows status of all conditionals, not just REGEX
+- Various functions moved around. Most notably all the system-specific
+sockets code which was spread between jcc.c, bind.c, and connect.c,
+has been moved to "jbsockets.c". The non-system-specific code from
+connect.c and socks4.c has been movet to "gateway.c". Also, the
+config file loader and the global variables it writes to have been
+moved to "loadcfg.c". (Maybe this should go into loaders.c?)
+And candidate for the "worst filename ever" award is "miscutil.c",
+which contains, well, miscellaneous utility functions like zalloc.
+(Suggestions for a better name for this file are welcome!)
+- Loaders now use a common function to read a line and skip comments,
+and this function also stores the proxy_args.
+- Added ./junkbuster --help (Not for Win32 GUI)
+- Added ./junkbuster --version (Not for Win32 GUI)
+- Win32 resources are now all marked as "U.S. English", rather than
+being a mix of "U.S. English", "U.K. English" and "Irish English".
+- Version number changes to 2.9.0
+
+
+
----------------------------------------------------------------------
-Copyright : Written by and Copyright (C) 2001 the SourceForge
- IJBSWA team. http://ijbswa.sourceforge.net
+Copyright : Written by and Copyright (C) 2001-2007 the SourceForge
+ Privoxy team. http://www.privoxy.org/
Based on the Internet Junkbuster originally written
by and Copyright (C) 1997 Anonymous Coders and
- Junkbusters Corporation. http://www.junkbusters.com
+ Junkbusters Corporation. http://www.junkbusters.com/
This program is free software; you can redistribute it
and/or modify it under the terms of the GNU General
or write to the Free Software Foundation, Inc., 59
Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-
+ Note that parts of Privoxy are under licenses that are
+ GPL-compatible but less restrictive - for details see
+ Privoxy's source code. The Privoxy team doesn't hold the
+ copyright for these parts and doesn't relicense them either.
+ You are free to extract them again to distribute them under
+ their own license.
+
+set vi:tw=68
projects / privoxy.git / blobdiff