+ * Boolean, i.e the action can only be "enabled" or "disabled". Syntax:
+
+ +name # enable action name
+ -name # disable action name
+
+ Example: +block
+
+ * Parameterized, where some value is required in order to enable this type of
+ action. Syntax:
+
+ +name{param} # enable action and set parameter to param,
+ # overwriting parameter from previous match if necessary
+ -name # disable action. The parameter can be omitted
+
+ Note that if the URL matches multiple positive forms of a parameterized
+ action, the last match wins, i.e. the params from earlier matches are
+ simply ignored.
+
+ Example: +hide-user-agent{ Mozilla 1.0 }
+
+ * Multi-value. These look exactly like parameterized actions, but they behave
+ differently: If the action applies multiple times to the same URL, but with
+ different parameters, all the parameters from all matches are remembered.
+ This is used for actions that can be executed for the same request
+ repeatedly, like adding multiple headers, or filtering through multiple
+ filters. Syntax:
+
+ +name{param} # enable action and add param to the list of parameters
+ -name{param} # remove the parameter param from the list of parameters
+ # If it was the last one left, disable the action.
+ -name # disable this action completely and remove all parameters from the list
+
+ Examples: +add-header{X-Fun-Header: Some text} and +filter{html-annoyances}
+
+If nothing is specified in any actions file, no "actions" are taken. So in this
+case Privoxy would just be a normal, non-blocking, non-anonymizing proxy. You
+must specifically enable the privacy and blocking features you need (although
+the provided default actions files will give a good starting point).
+
+Later defined actions always over-ride earlier ones. So exceptions to any rules
+you make, should come in the latter part of the file (or in a file that is
+processed later when using multiple actions files). For multi-valued actions,
+the actions are applied in the order they are specified. Actions files are
+processed in the order they are defined in config (the default installation has
+three actions files). It also quite possible for any given URL pattern to match
+more than one pattern and thus more than one set of actions!
+
+The list of valid Privoxy actions are:
+
+-------------------------------------------------------------------------------
+
+8.5.1. add-header
+
+Typical use:
+
+ Confuse log analysis, custom applications
+
+Effect:
+
+ Sends a user defined HTTP header to the web server.
+
+Type:
+
+ Multi-value.
+
+Parameter:
+
+ Any string value is possible. Validity of the defined HTTP headers is not
+ checked. It is recommended that you use the "X-" prefix for custom headers.
+
+Notes:
+
+ This action may be specified multiple times, in order to define multiple
+ headers. This is rarely needed for the typical user. If you don't know what
+ "HTTP headers" are, you definitely don't need to worry about this one.
+
+Example usage:
+
+ +add-header{X-User-Tracking: sucks}
+
+-------------------------------------------------------------------------------
+
+8.5.2. block
+
+Typical use:
+
+ Block ads or other obnoxious content
+
+Effect:
+
+ Requests for URLs to which this action applies are blocked, i.e. the
+ requests are not forwarded to the remote server, but answered locally with
+ a substitute page or image, as determined by the handle-as-image and
+ set-image-blocker actions.
+
+Type:
+
+ Boolean.
+
+Parameter:
+
+ N/A
+
+Notes:
+
+ Privoxy sends a special "BLOCKED" page for requests to blocked pages. This
+ page contains links to find out why the request was blocked, and a
+ click-through to the blocked content (the latter only if compiled with the
+ force feature enabled). The "BLOCKED" page adapts to the available screen
+ space -- it displays full-blown if space allows, or miniaturized and
+ text-only if loaded into a small frame or window. If you are using Privoxy
+ right now, you can take a look at the "BLOCKED" page.
+
+ A very important exception occurs if both block and handle-as-image, apply
+ to the same request: it will then be replaced by an image. If
+ set-image-blocker (see below) also applies, the type of image will be
+ determined by its parameter, if not, the standard checkerboard pattern is
+ sent.
+
+ It is important to understand this process, in order to understand how
+ Privoxy deals with ads and other unwanted content.
+
+ The filter action can perform a very similar task, by "blocking" banner
+ images and other content through rewriting the relevant URLs in the
+ document's HTML source, so they don't get requested in the first place.
+ Note that this is a totally different technique, and it's easy to confuse
+ the two.
+
+Example usage (section):
+
+ {+block} # Block and replace with "blocked" page
+ .nasty-stuff.example.com
+
+ {+block +handle-as-image} # Block and replace with image
+ .ad.doubleclick.net
+ .ads.r.us
+
+-------------------------------------------------------------------------------
+
+8.5.3. crunch-incoming-cookies
+
+Typical use:
+
+ Prevent the web server from setting any cookies on your system
+
+Effect:
+
+ Deletes any "Set-Cookie:" HTTP headers from server replies.
+
+Type:
+
+ Boolean.
+
+Parameter:
+
+ N/A
+
+Notes:
+
+ This action is only concerned with incoming cookies. For outgoing cookies,
+ use crunch-outgoing-cookies. Use both to disable cookies completely.
+
+ It makes no sense at all to use this action in conjunction with the
+ session-cookies-only action, since it would prevent the session cookies
+ from being set.
+
+Example usage:
+
+ +crunch-incoming-cookies
+
+-------------------------------------------------------------------------------
+
+8.5.4. crunch-outgoing-cookies
+
+Typical use:
+
+ Prevent the web server from reading any cookies from your system
+
+Effect:
+
+ Deletes any "Cookie:" HTTP headers from client requests.
+
+Type:
+
+ Boolean.
+
+Parameter:
+
+ N/A
+
+Notes:
+
+ This action is only concerned with outgoing cookies. For incoming cookies,
+ use crunch-incoming-cookies. Use both to disable cookies completely.
+
+ It makes no sense at all to use this action in conjunction with the
+ session-cookies-only action, since it would prevent the session cookies
+ from being read.
+
+Example usage:
+
+ +crunch-outgoing-cookies
+
+-------------------------------------------------------------------------------
+
+8.5.5. deanimate-gifs
+
+Typical use:
+
+ Stop those annoying, distracting animated GIF images.
+
+Effect:
+
+ De-animate GIF animations, i.e. reduce them to their first or last image.
+
+Type:
+
+ Parameterized.
+
+Parameter:
+
+ "last" or "first"
+
+Notes:
+
+ This will also shrink the images considerably (in bytes, not pixels!). If
+ the option "first" is given, the first frame of the animation is used as
+ the replacement. If "last" is given, the last frame of the animation is
+ used instead, which probably makes more sense for most banner animations,
+ but also has the risk of not showing the entire last frame (if it is only a
+ delta to an earlier frame).
+
+ You can safely use this action with patterns that will also match non-GIF
+ objects, because no attempt will be made at anything that doesn't look like
+ a GIF.
+
+Example usage:
+
+ +deanimate-gifs{last}
+
+-------------------------------------------------------------------------------
+
+8.5.6. downgrade-http-version
+
+Typical use:
+
+ Work around (very rare) problems with HTTP/1.1
+
+Effect:
+
+ Downgrades HTTP/1.1 client requests and server replies to HTTP/1.0.
+
+Type:
+
+ Boolean.
+
+Parameter:
+
+ N/A
+
+Notes:
+
+ This is a left-over from the time when Privoxy didn't support important
+ HTTP/1.1 features well. It is left here for the unlikely case that you
+ experience HTTP/1.1 related problems with some server out there. Not all
+ (optional) HTTP/1.1 features are supported yet, so there is a chance you
+ might need this action.
+
+Example usage (section):
+
+ {+downgrade-http-version}
+ problem-host.example.com
+
+-------------------------------------------------------------------------------
+
+8.5.7. fast-redirects
+
+Typical use:
+
+ Fool some click-tracking scripts and speed up indirect links
+
+Effect:
+
+ Cut off all but the last valid URL from requests.
+
+Type:
+
+ Boolean.
+
+Parameter:
+
+ N/A
+
+Notes:
+
+ Many sites, like yahoo.com, don't just link to other sites. Instead, they
+ will link to some script on their own servers, giving the destination as a
+ parameter, which will then redirect you to the final target. URLs resulting
+ from this scheme typically look like: http://some.place/click-tracker.cgi?
+ target=http://some.where.else.
+
+ Sometimes, there are even multiple consecutive redirects encoded in the
+ URL. These redirections via scripts make your web browsing more traceable,
+ since the server from which you follow such a link can see where you go to.
+ Apart from that, valuable bandwidth and time is wasted, while your browser
+ ask the server for one redirect after the other. Plus, it feeds the
+ advertisers.
+
+ This feature is currently not very smart and is scheduled for improvement.
+ It is likely to break some sites. You should expect to need possibly many
+ exceptions to this action, if it is enabled by default in default.action.
+ Some sites just don't work without it.
+
+Example usage:
+
+ {+fast-redirects}
+
+-------------------------------------------------------------------------------
+
+8.5.8. filter
+
+Typical use:
+
+ Get rid of HTML and JavaScript annoyances, banner advertisements (by size),
+ do fun text replacements, etc.
+
+Effect:
+
+ Text documents, including HTML and JavaScript, to which this action
+ applies, are filtered on-the-fly through the specified regular expression
+ based substitutions.
+
+Type:
+
+ Parameterized.
+
+Parameter:
+
+ The name of a filter, as defined in the filter file (typically
+ default.filter, set by the filterfile option in the config file)
+
+Notes:
+
+ For your convenience, there are a bunch of pre-defined filters available in
+ the distribution filter file that you can use. See the example below for a
+ list.
+
+ This is potentially a very powerful feature! But "rolling your own" filters
+ requires a knowledge of regular expressions and HTML.
+
+ Filtering requires buffering the page content, which may appear to slow
+ down page rendering since nothing is displayed until all content has passed
+ the filters. (It does not really take longer, but seems that way since the
+ page is not incrementally displayed.) This effect will be more noticeable
+ on slower connections.
+
+ At this time, Privoxy cannot (yet!) uncompress compressed documents. If you
+ want filtering to work on all documents, even those that would normally be
+ sent compressed, use the prevent-compression action in conjunction with
+ filter.
+
+ Filtering can achieve some of the effects as the block action, i.e. it can
+ be used to block ads and banners.
+
+ Feedback with suggestions for new or improved filters is particularly
+ welcome!
+
+Example usage (with filters from the distribution default.filter file):
+
+ +filter{html-annoyances} # Get rid of particularly annoying HTML abuse.
+
+ +filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse
+
+ +filter{banners-by-size} # Kill banners by size (very efficient!)
+
+ +filter{content-cookies} # Kill cookies that come sneaking in the HTML or JS content
+
+ +filter{popups} # Kill all popups in JS and HTML
+
+ +filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking)
+
+ +filter{fun} # Text replacements for subversive browsing fun!
+
+ +filter{frameset-borders} # Give frames a border and make them resizeable
+
+ +filter{refresh-tags} # Kill automatic refresh tags (for dial-on-demand setups)
+
+ +filter{nimda} # Remove Nimda (virus) code.
+
+ +filter{shockwave-flash} # Kill embedded Shockwave Flash objects
+
+ +filter{crude-parental} # Kill all web pages that contain the words "sex" or "warez"
+
+-------------------------------------------------------------------------------
+
+8.5.9. handle-as-image
+
+Typical use:
+
+ Mark URLs as belonging to images (so they'll be replaced by images if they
+ get blocked)
+
+Effect:
+
+ This action alone doesn't do anything noticeable. It just marks URLs as
+ images. If the block action also applies, the presence or absence of this
+ mark decides whether an HTML "blocked" page, or a replacement image (as
+ determined by the set-image-blocker action) will be sent to the client as a
+ substitute for the blocked content.
+
+Type:
+
+ Boolean.
+
+Parameter:
+
+ N/A
+
+Notes:
+
+ The below generic example section is actually part of default.action. It
+ marks all URLs with well-known image file name extensions as images and
+ should be left intact.
+
+ Users will probably only want to use the handle-as-image action in
+ conjunction with block, to block sources of banners, whose URLs don't
+ reflect the file type, like in the second example section.
+
+ Note that you cannot treat HTML pages as images in most cases. For
+ instance, (inline) ad frames require an HTML page to be sent, or they won't
+ display properly. Forcing handle-as-image in this situation will not
+ replace the ad frame with an image, but lead to error messages.
+
+Example usage (sections):
+
+ # Generic image extensions:
+ #
+ {+handle-as-image}
+ /.*\.(gif|jpg|jpeg|png|bmp|ico)$
+
+ # These don't look like images, but they're banners and should be
+ # blocked as images:
+ #
+ {+block +handle-as-image}
+ some.nasty-banner-server.com/junk.cgi?output=trash
+
+ # Banner source! Who cares if they also have non-image content?
+ ad.doubleclick.net
+
+-------------------------------------------------------------------------------
+
+8.5.10. hide-forwarded-for-headers
+
+Typical use:
+
+ Improve privacy by hiding the true source of the request
+
+Effect:
+
+ Deletes any existing "X-Forwarded-for:" HTTP header from client requests,
+ and prevents adding a new one.
+
+Type:
+
+ Boolean.
+
+Parameter:
+
+ N/A
+
+Notes:
+
+ It is fairly safe to leave this on.
+
+ This action is scheduled for improvement: It should be able to generate
+ forged "X-Forwarded-for:" headers using random IP addresses from a
+ specified network, to make successive requests from the same client look
+ like requests from a pool of different users sharing the same proxy.
+
+Example usage:
+
+ +hide-forwarded-for-headers
+
+-------------------------------------------------------------------------------
+
+8.5.11. hide-from-header
+
+Typical use:
+
+ Keep your (old and ill) browser from telling web servers your email address
+
+Effect:
+
+ Deletes any existing "From:" HTTP header, or replaces it with the specified
+ string.
+
+Type:
+
+ Parameterized.
+
+Parameter:
+
+ Keyword: "block", or any user defined value.
+
+Notes:
+
+ The keyword "block" will completely remove the header (not to be confused
+ with the block action).
+
+ Alternately, you can specify any value you prefer to be sent to the web
+ server. If you do, it is a matter of fairness not to use any address that
+ is actually used by a real person.
+
+ This action is rarely needed, as modern web browsers don't send "From:"
+ headers anymore.
+
+Example usage:
+
+ +hide-from-header{block}
+
+ or
+
+ +hide-from-header{spam-me-senseless@sittingduck.example.com}
+
+-------------------------------------------------------------------------------
+
+8.5.12. hide-referrer
+
+Typical use:
+
+ Conceal which link you followed to get to a particular site
+
+Effect:
+
+ Deletes the "Referer:" (sic) HTTP header from the client request, or
+ replaces it with a forged one.
+
+Type:
+
+ Parameterized.
+
+Parameter:
+
+ + "block" to delete the header completely.
+
+ + "forge" to pretend to be coming from the homepage of the server we are
+ talking to.
+
+ + Any other string to set a user defined referrer.
+
+Notes:
+
+ "forge" is the preferred option here, since some servers will not send
+ images back otherwise, in an attempt to prevent their valuable content from
+ being embedded elsewhere (and hence, without being surrounded by their
+ banners).
+
+ hide-referer is an alternate spelling of hide-referrer and the two can be
+ can be freely substituted with each other. ("referrer" is the correct
+ English spelling, however the HTTP specification has a bug - it requires it
+ to be spelled as "referer".)
+
+Example usage:
+
+ +hide-referrer{forge}
+
+ or
+
+ +hide-referrer{http://www.yahoo.com/}
+