There's work in progress to fund development on these items using
donations. If you want to donate, please have a look at:
-https://www.privoxy.org/faq/general.html#DONATE
+https://www.privoxy.org/donate
1) Add more regression tests. Filters should be tested automatically
(variables too). Could probably reuse large parts of Privoxy-Filter-Test.
Note that there is currently work in progress to leverage curl's
test suite, patches have been submitted upstream:
- http://curl.haxx.se/mail/lib-2014-06/0070.html
+ https://curl.se/mail/lib-2014-06/0070.html
+ https://curl.se/mail/lib-2021-01/0068.html
3) Fix some more XXX: comments.
12) Support pipelining for outgoing connections.
-14) Allow to filter POST parameters.
-
19) enable-forward-fallback. Syntax? Suggested by K.R.
21) User Manual delivery doesn't accept multiple slashes. Should it?
75) Create a tool that creates Privoxy action (and filter?) files
out of adblock files. Could be implemented as option for
- url-pattern-translator.pl.
+ url-pattern-translator.pl. Before doing that, the already
+ existing solutions should probably be evaluated to see if
+ they do the job already or could be improved.
76) Cache DNS responses. Note that this has been requested
several times by users, but is not a developer priority.
86) Add a server-body-tagger action. This is trivial as as all the
functionality required to do it already exists.
-87) Add a client-body-tagger action. This is less trivial as we currently
- don't buffer client bodies. After 14) is implemented it would be
- trivial, though.
+87) Add a client-body-tagger action. Work in progress.
88) Investigate if there's a Perl module that Privoxy-Regression-Test
could optionally use to keep connections alive, preferably while
118) There should be "escaped" dynamic variables that are guaranteed
not to break filters.
-119) Evaluate using pcre's jit mode.
-
120) Add an option to limit pcre's recursion limit below the default.
On some platforms the recursion limit doesn't prevent pcre from
running out of stack space, causing the kernel to kill Privoxy
136) Make builds reproducible.
-137) Add a (preferably vector-based) logo.
-
138) Bring back the scripts to provide actions file feedback.
Once upon a time (~2003) there were scripts on the webserver
probably shouldn't be affected (such as actions like
forward-override). Investigate and fix or document.
-141) Port Privoxy to CloudABI, which, despite the name, is actually
- rather neat. https://github.com/NuxiNL/cloudlibc
-
-142) Remove or update the "internal" pcre version.
-
143) Add support for OpenBSD's pledge feature once it's stablelized.
This should be a lot less work then #124.
memory footprint a bit which may be noticeable in case of multi-user setups
with hundreds of idle connections.
+161) Properly support requests with chunked transfer-encoding with https inspection.
+
+162) When https inspecting, delete generated keys and certificates if
+ the connection to the destination could not be established.
+ Makes silly DoS attacks slightly more complicated.
+
+163) Use subdirectories in the certificate-directory to lower the number
+ of files per directory.
+
+164) Evaluate switching from pcreposix(3) to pcre's native api
+ for URL matching which allows to compile the patterns once
+ at load-time.
+
+165) Add a max-connections-per-client directive.
+
+167) Set up a public Privoxy-Filter-Test instance.
+
+168) Add a privacy policy.
+
+169) Preserve all relevant copyright and license statements in binary
+ packages we distribute.
+
+170) Serve the ca-cert-file through the CGI interface so clients
+ can conveniently import it (insecurely).
+
+171) Create a "view page using Privoxy" website where users can input
+ an URL and get a screenshot of a browser fetching the URL
+ through Privoxy.
+
+172) Create a public git repository for Privoxy-Filter-Test.
+
+173) Document Privoxy's governance model.
+
+174) Let the Tor Onion Service for the privoxy website
+ serve gitweb and the git repository as well.
+
+175) Add more screenshots to the documentation and website.
+
+176) Find a new fiduciary sponsor as a replacement for Zwiebelfreunde e.V.,
+ so that we can continue to receive tax-deductible donations in Europe.
+
+177) Support https-inspection for intercepted requests.
+
+178) Warn on http://config.privoxy.org/client-tags if a Tag name
+ hasn't at least one matching action section.
+
+179) Add a add-server-header{} action to add headers to the response
+ sent to the client (including responses generated by Privoxy itself).
+
+180) Add support for GnuTLS.
+
+181) Allow to upgrade an http request to https behind the
+ client's back using a client-header filter.
+
+182) Before enforcing the client-header-order, check that the
+ client headers actually need sorting. Should reduce log
+ messages and memory allocations.
+
+183) Properly deal with proxy responses that arrive in multiple pieces
+ when https inspecting while using a forwarding proxy.
+
+184) Add support for wolfSSL. Work in progress, expected to be
+ committed after the 3.0.34 release. Funded with donations
+ made to the Privoxy project.
+
+185) The mbedTLS and OpenSSL versions of generate_host_certificate()
+ should only be called when necessary and the check should be
+ done without holding the certificate mutex.
+
+186) Privoxy should handle "OPTIONS *" requests properly.
+
+187) There should be a convenient way to see the versions of
+ the libraries Privoxy is using.
+
+188) In the windows config.txt file, add the line
+ user-manual ./doc/user-manual/
+ right after
+ # Copyright ...
+ #
+
+189) Bring back binary packages for macOS, preferably for both Intel and M1.
+ The first step would be getting at least one build system, either
+ donated or bought with donations earmarked for this.
+ Interested donors: 0.
+
+190) The socks5 authentication code should send user name an password
+ seperately or we should increase the cbuf size to allow longer
+ user names and passwords.
+
+191) The cipher-list directive should be split into cipher-list-server
+ and cipher-list-client.
+
+192) The client TLS contexts should probably be shared among threads
+ to spend less time and memory loading the root certificates.
+
+193) Use SHA256 instead of MD5 for the host hash used when generating file
+ names for host certificates and keys.
+
+194) There should be a way to force gif deanimation if the server does not
+ declare the content as gif.
+
+195) We should probably cache the server TLS contexts.
+
+196) Investigate if it's worth adding an optional mutex for the CGI handler.
+ Could reduce memory use and increase performance on single core systems
+ for some tests.
+
+197) Investigate if parts of Privoxy should get optional replacements
+ written in Rust.
+
+198) Add a config directive that prevent's IP addresses from being logged
+ (when logging is enabled).
+
+199) In actions.c the "#define DEFINE_ACTION_ALIAS 0" lines should probably
+ be changed to "#undef DEFINE_ACTION_ALIAS" or removed.
+
+200) Add a config directive that causes Privoxy to remove all
+ host certificates before exiting.
+
##########################################################################
Hosting wish list (relevant for #53)
projects / privoxy.git / blobdiff