-$Id: TODO,v 1.105 2014/05/13 11:15:28 fabiankeil Exp $
+$Id: TODO,v 1.140 2016/01/21 14:06:20 fabiankeil Exp $
Some Privoxy-related tasks, sorted by the time they
have been added, not by priority.
The latest version should be available at:
http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/TODO
-1) Add some regression tests. Filters should be tested automatically
+There's work in progress to fund development on these items using
+donations. If you want to donate, please have a look at:
+http://www.privoxy.org/faq/general.html#DONATE
+
+1) Add more regression tests. Filters should be tested automatically
(variables too). Could probably reuse large parts of Privoxy-Filter-Test.
Note that there is currently work in progress to leverage curl's
- test suite which could be used for this as well.
+ test suite, patches have been submitted upstream:
+ http://curl.haxx.se/mail/lib-2014-06/0070.html
3) Fix some more XXX: comments.
11) CGI templates should use semantically-correct HTML
and scale properly.
+ Work in progress.
+
12) Support pipelining for outgoing connections.
14) Allow to filter POST parameters.
This should be good enough for most of the content the
user would want to filter.
+ Interested donors: 1.
+
19) enable-forward-fallback. Syntax? Suggested by K.R.
21) User Manual delivery doesn't accept multiple slashes. Should it?
macros with strstr() before compiling pcrs commands.
Investigated, needs some restructuring but is probably worth it.
-51) Make user-manual directive more generic to allow serving
- the FAQ and other stuff, too. Consider changing the port
- for "same origin policy" issues.
+51) Make user-manual directive more generic to allow serving the FAQ
+ and files from user-specified directories. Consider changing the
+ port for "same origin policy" issues.
53) Find a more reliable hoster. Involves finding out what our
requirements are and which SF alternatives fulfil them.
2014-05-13: Work in progress. Hosting wish list at the end
of this file.
+ Interested donors: 1.
+
54) Move away from CVS to a more modern revision control system.
Find out if there are any objection against going with Git.
Using Git would also have the advantage that SF now pretends
to support it, so we could do it independently from 53).
-55) Apply for Coverity scans: http://scan.coverity.com/
-
-56) Apply for the "free online access for qualified open-source
- software projects" for the Co-Advisor HTTP compliance tests:
- http://coad.measurement-factory.com/details.html#pricing
- (Application sent at 2014-05-12)
-
-57) Allow piping into external programs to allow more powerful
- filters and policy decisions. Incomplete support available
- in Fabian's popen branch.
-
58) Move more template strings from the code into the actual templates.
59) Import the German template translation.
82) Detect if the system time goes back in time let the user
know if it caused any connections to get closed.
-84) Flesh out the user-manual delivery to serve pages from
- other directories, too.
-
85) Once #84 is done, write a script that populates a directory with
various common third-party icons (stumbleupon.png, facebook.png ...)
and redirect requests for them to Privoxy.
124) Add support for the "lightweight OS capability and sandbox framework"
Capsicum. http://www.cl.cam.ac.uk/research/security/capsicum/
+ Interested donors: 1.
125) Allow clients to HTTPS-encrypt the proxy connection.
+ Interested donors: 1.
+
+126) Run the Co-Advisor HTTP compliance tests, evaluate the results,
+ fix the compliance issues that aren't by design and document
+ the rest.
+ Note that Privoxy developers qualify for free account upgrades:
+ http://coad.measurement-factory.com/details.html#pricing
+
+127) Add "real" CGI support (serve program output instead of forwarding
+ the request). The work is mostly done due to +external-filter{}.
+
+128) Add a config directive to control the stack limit.
+
+129) Completely implement RFC 7230 4.1 (Chunked Transfer Coding).
+ Currently Privoxy doesn't properly deal with trailers which
+ are rarely used in the real world but should be supported anyway.
+
+130) Move header_tagger() out of the parser structs and let it execute
+ taggers one-by-one against all headers so the header order has less
+ influence on the tagging result. As a bonus, dynamic taggers would
+ have to be compiled less often.
+
+131) The handle-as-empty-doc-returns-ok directive should be replaced with
+ an action so the behaviour can be enabled on a per-request basis.
+ Interested donors: 1.
+
+132) Provide a Tor hidden service to reach the Privoxy website.
+ Work in progress: http://jvauzb4sb3bwlsnc.onion/
+ This hidden service serves a copy of the www.privoxy.org content
+ (filtered through Privoxy to replace some absolute URLs).
+ Interested donors: 1.
+
+133) Consider allowing bitcoin donations.
+ Interested donors: 2.
+
+134) Track the total number of bytes written to and received from a socket.
+
+135) Add OpenBSM audit support.
+
+136) Make builds reproducible.
+
+137) Add a (preferably vector-based) logo.
+
+138) Bring back the scripts to provide actions file feedback.
+
+ Once upon a time (~2003) there were scripts on the webserver
+ to make reporting action file feedback more convenient for the
+ user and the actual reports more useful for the developers.
+ They have been unusable for years and have thus been disabled,
+ but making the reporting mechanism available again would be a
+ good idea.
+
+140) Toggling Privoxy off currently also disables stuff that
+ probably shouldn't be affected (such as actions like
+ forward-override). Investigate and fix or document.
+
+141) Port Privoxy to CloudABI, which, despite the name, is actually
+ rather neet. https://github.com/NuxiNL/cloudlibc
+
+142) Remove or update the "internal" pcre version.
+
+143) Add support for OpenBSD's pledge feature once it's stablelized.
+ This should be a lot less work then #124.
+
+144) Allow Privoxy admins to pre-define tags that are be set for
+ clients that previously opted-in through the CGI interface.
+
+ This would be useful in multi-user setups where admins may
+ want to allow users to disable certain actions and filters
+ for themselves without affecting others.
+
+ Even in single-user setups this could be useful to allow
+ more fine-grained toggling. For example to disable request
+ blocking while still crunching cookies, or to disable
+ experimental filters only.
+
+ Interested donors: 1.
+
+145) Once #144 is implemented, allow clients to opt-in to the
+ tagging for a limited amount of time (or number of requests).
+
+ Interested donors: 1.
+
+146) Once #144 is implemented, optionally allow to save the opt-in
+ status to disk.
+
+147) Improve "Building from Source" section in the user manual.
+ A common problem seems to be that it's not obvious to non-technical
+ users how the listed dependencies can be installed on the commonly
+ used platforms. Adding a couple of examples should also be useful for
+ technical users (like Privoxy developers) who want to install or test
+ Privoxy on platforms they are not familiar with.
##########################################################################
4. It would be preferable if the hoster didn't have a bad track
record as far as user experience, security and privacy are
- concerned and if the terms of services are "reasonable" and
+ concerned and if the terms of service are "reasonable" and
haven't changed too often in the past. Updates in the past
should have been improvements and not regressions.
projects / privoxy.git / blobdiff