-$Id: TODO,v 1.80 2013/05/28 14:38:39 fabiankeil Exp $
+$Id: TODO,v 1.98 2014/05/05 09:49:16 fabiankeil Exp $
Some Privoxy-related tasks, sorted by the time they
have been added, not by priority.
54) Move away from CVS to a more modern revision control system.
Find out if there are any objection against going with Git.
- Using Git would also have the advantage that SF now pretents
+ Using Git would also have the advantage that SF now pretends
to support it, so we could do it independently from 53).
55) Apply for Coverity scans: http://scan.coverity.com/
and redirect requests for them to Privoxy.
86) Add a server-body-tagger action. This is trivial as as all the
- functionallity required to do it already exists.
+ functionality required to do it already exists.
87) Add a client-body-tagger action. This is less trivial as we currently
don't buffer client bodies. After 14) is implemented it would be
reasons on the blocked page that haven't been overruled, not just
the last one.
-90) Implement NO-TAG: patterns that enable a section if the
- provided pattern doesn't match any TAG. This would make
- some things cleaner.
-
91) Add an optional limit for internal redirects. It would probably
be reasonable to default to a limit of one and showing an error
message if the request for the redirect URL would be redirected
for misconfigured setups.
95) Support a non-standard client header in CONNECT requests that
- contains the URL of the requested ressource, which is then treated
+ contains the URL of the requested resource, which is then treated
like the request URL.
This way the client could opt-in for path-based blocking of https
acceptable if the client and Privoxy are running on the same system
or in a trusted environment.
-96) Enabled filters should be easier to look up. Currently most functions
- that work with filters spent more (duplicated) code on finding
- filters than on actually doing something useful with them. Dividing
- filters by type instead of filter file would reduce the lookup-code
- quite a bit.
+96) Filters should be easier to look up. Currently get_filter() has to
+ go through all filters and skip the filter types the caller isn't
+ interested in.
98) When showing action section on the CGI pages, properly escape
line breaks so they can be copy&pasted into action files without
99) Figure out a mechanism through which a user can easily enable
site-specific action sections that are too aggressive to be
- enalbled by default. This could be similiar to the presettings
+ enabled by default. This could be similar to the presettings
in default.action, but could also be just another action file
that isn't used by default.
102) Add an include directive to split the config file into several parts.
103) Potential performance improvement for large action files:
- when figuring out which actions apply, check the action bitmask
+ when figuring out which actions apply, check the action bit mask
before pattern matching and skip section that wouldn't modify the
actions already set. To increase the impact the sections would have
to be applied in reverse.
107) Support more pcrs variables, for example $destination-ip-address
and $source-ip-address.
-108) Allow to use a somewhat random string intead of PRIVOXY-FORCE.
+108) Allow to use a somewhat random string instead of PRIVOXY-FORCE.
109) Let log_error() support the format specifier %S which should
work like %s but escape new lines like %N. This would be useful
to log the result of header filters which may inject new lines.
110) Add a global-buffer-limit directive that roughly limits how
- much malloc'ed memory Privoxy will use and can potentionally
+ much malloc'ed memory Privoxy will use and can potentially
be smaller than (buffer-limit * max-client-connections).
111) Reject requests if hosts and ports in request line and Host
a \r\n (undocumented feature), detect it and split the headers so
following header actions do not treat them as a single string.
Alternatively add another header injection mechanism.
- one
+
+113) Log statistics upon receiving a certain signal (SIGINFO or SIGUSR1).
+
+114) Properly deal with status code 100. The current "Continue hack"
+ can cause problems for gpg when uploading keys through Privoxy.
+
+115) Add ICAP (RFC 3507) support. FR #3615158.
+
+116) Due to the use of sscanf(), Privoxy currently will fail to properly
+ parse chunks whose size can't be represented with 32 bit. This is
+ unlikely to cause problems in the real world, but should eventually
+ be fixed anyway. See also:
+ https://bugzilla.mozilla.org/show_bug.cgi?id=959100
+
+118) There should be "escaped" dynamic variables that are guaranteed
+ not to break filters.
+
+119) Evaluate using pcre's jit mode.
+
+120) Add an option to limit pcre's recursion limit below the default.
+ On some platforms the recursion limit doesn't prevent pcre from
+ running out of stack space, causing the kernel to kill Privoxy
+ ungracefully.
+
+121) Add HTTP/2 support. As a first step, incomming HTTP/1.x requests
+ should be translated to outgoing HTTP/2 requests where possible
+ (and if desired by the user).
+
+122) Allow customized log messages.
+
+123) Allow to decrypt encrypted traffic using the
+ voluntarly-disclose-session-keys option in Firefox.
+ Depends on #16.
+
+124) Add Capsicum support.
projects / privoxy.git / blobdiff