By: Privoxy Developers
-$Id: user-manual.sgml,v 1.92 2002/04/25 18:55:13 hal9 Exp $
+$Id: user-manual.sgml,v 1.95 2002/04/26 17:23:29 swa Exp $
The user manual gives users information on how to install, configure and use
Privoxy.
1. Introduction
- 1.1. New Features
+ 1.1. Features
3. Installation
- 3.1. Binary Packages
-
- 3.1.1. Red Hat and SuSE RPMs
- 3.1.2. Debian
- 3.1.3. Windows
- 3.1.4. Solaris, NetBSD, FreeBSD, HP-UX
- 3.1.5. OS/2
- 3.1.6. Max OSX
- 3.1.7. AmigaOS
-
- 3.2. Building from Source
+ 3.1. Red Hat and SuSE RPMs
+ 3.2. Debian
+ 3.3. Windows
+ 3.4. Solaris, NetBSD, FreeBSD, HP-UX
+ 3.5. OS/2
+ 3.6. Max OSX
+ 3.7. AmigaOS
-4. Quickstart to Using Privoxy
+4. Note to Upgraders
+5. Quickstart to Using Privoxy
+6. Starting Privoxy
- 4.1. Note to Upgraders
- 4.2. Starting Privoxy
- 4.3. Command Line Options
+ 6.1. Command Line Options
-5. Privoxy Configuration
+7. Privoxy Configuration
- 5.1. Controlling Privoxy with Your Web Browser
- 5.2. Configuration Files Overview
- 5.3. The Main Configuration File
+ 7.1. Controlling Privoxy with Your Web Browser
+ 7.2. Configuration Files Overview
+ 7.3. The Main Configuration File
+
+ 7.3.1. Configuration and Log File Locations
+
+ 7.3.1.1. confdir
+ 7.3.1.2. logdir
+ 7.3.1.3. actionsfile
+ 7.3.1.4. filterfile
+ 7.3.1.5. logfile
+ 7.3.1.6. jarfile
+ 7.3.1.7. trustfile
+
+ 7.3.2. Local Set-up Documentation
+
+ 7.3.2.1. trust-info-url
+ 7.3.2.2. admin-address
+ 7.3.2.3. proxy-info-url
+
+ 7.3.3. Debugging
+
+ 7.3.3.1. debug
+ 7.3.3.2. single-threaded
+
+ 7.3.4. Access Control and Security
+
+ 7.3.4.1. listen-address
+ 7.3.4.2. toggle
+ 7.3.4.3. enable-remote-toggle
+ 7.3.4.4. enable-edit-actions
+ 7.3.4.5. ACLs: permit-access and deny-access
+ 7.3.4.6. buffer-limit
+
+ 7.3.5. Forwarding
+
+ 7.3.5.1. forward
+ 7.3.5.2. forward-socks4 and forward-socks4a
+ 7.3.5.3. Advanced Forwarding Examples
+
+ 7.3.6. Windows GUI Options
+
+ 7.4. Actions Files
- 5.3.1. Configuration and Log File Locations
- 5.3.2. Local Set-up Documentation
- 5.3.3. Debugging
- 5.3.4. Access Control and Security
- 5.3.5. Forwarding
- 5.3.6. Windows GUI Options
+ 7.4.1. Finding the Right Mix
+ 7.4.2. How to Edit
+ 7.4.3. How Actions are Applied to URLs
+ 7.4.4. Patterns
+
+ 7.4.4.1. The Domain Pattern
+ 7.4.4.2. The Path Pattern
+
+ 7.4.5. Actions
+
+ 7.4.5.1. +add-header
+ 7.4.5.2. +block
+ 7.4.5.3. +deanimate-gifs
+ 7.4.5.4. +downgrade-http-version
+ 7.4.5.5. +fast-redirects
+ 7.4.5.6. +filter
+ 7.4.5.7. +hide-forwarded-for-headers
+ 7.4.5.8. +hide-from-header
+ 7.4.5.9. +hide-referer
+ 7.4.5.10. +hide-user-agent
+ 7.4.5.11. +handle-as-image
+ 7.4.5.12. +set-image-blocker
+ 7.4.5.13. +limit-connect
+ 7.4.5.14. +prevent-compression
+ 7.4.5.15. +session-cookies-only
+ 7.4.5.16. +prevent-reading-cookies
+ 7.4.5.17. +prevent-setting-cookies
+ 7.4.5.18. +kill-popups
+ 7.4.5.19. +send-vanilla-wafer
+ 7.4.5.20. +send-wafer
+ 7.4.5.21. Actions Examples
+
+ 7.4.6. Aliases
- 5.4. Actions Files
+ 7.5. The Filter File
- 5.4.1. Finding the Right Mix
- 5.4.2. How to Edit
- 5.4.3. How Actions are Applied to URLs
- 5.4.4. Patterns
- 5.4.5. Actions
- 5.4.6. Aliases
+ 7.5.1. The +filter Action
- 5.5. The Filter File
- 5.6. Templates
+ 7.6. Templates
-6. Contacting the Developers, Bug Reporting and Feature Requests
+8. Contacting the Developers, Bug Reporting and Feature Requests
- 6.1. Submitting Ads and "Action" Problems
+ 8.1. Get Support
+ 8.2. Report bugs
+ 8.3. Request new features
+ 8.4. Report ads or other filter problems
+ 8.5. Other
-7. Copyright and History
+9. Copyright and History
- 7.1. Copyright
- 7.2. History
+ 9.1. Copyright
+ 9.2. History
-8. See Also
-9. Appendix
+10. See Also
+11. Appendix
- 9.1. Regular Expressions
- 9.2. Privoxy's Internal Pages
+ 11.1. Regular Expressions
+ 11.2. Privoxy's Internal Pages
- 9.2.1. Bookmarklets
+ 11.2.1. Bookmarklets
- 9.3. Chain of Events
- 9.4. Anatomy of an Action
+ 11.3. Chain of Events
+ 11.4. Anatomy of an Action
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
-1.1. New Features
+1.1. Features
In addition to Internet Junkbuster's traditional features of ad and banner
blocking and cookie management, Privoxy provides new features, some of them
currently under development:
+ * FIXME: complete the list of features. change the order: most important
+ features to the top of the list. prefix new features with "NEW".
+
* Integrated browser based configuration and control utility at http://
config.privoxy.org/ (shortcut: http://p.p/). Browser-based tracing of rule
and filter effects. Remote toggling.
* Improved signal handling, and a true daemon mode (Unix).
- * Builds from source on most UNIX-like systems. Packages available for: Linux
- (RedHat, SuSE, or Debian), Windows, Sun Solaris, Mac OSX, OS/2, HP-UX 11,
- NetBSD and AmigaOS.
-
* Every feature now controllable on a per-site or per-location basis,
configuration more powerful and versatile over-all.
Privoxy is available both in convenient pre-compiled packages for a wide range
of operating systems, and as raw source code. For most users, we recommend
-using the packages, which can be downloaded from our Privoxy Project Page.
+using the packages, which can be downloaded from our Privoxy Project Page. For
+installing and compiling the source code, please look into our Developer
+Manual.
If you like to live on the bleeding edge and are not afraid of using possibly
unstable development versions, you can check out the up-to-the-minute version
directly from the CVS repository or simply download the nightly CVS tarball.
+Again, we refer you to the Developer Manual.
-At present, Privoxy is known to run on Win32, Mac OSX, OS/2, AmigaOS, Linux
-(RedHat, Suse, Debian), FreeBSD, NetBSD, BeOS, and many flavors of Unix.
-
--------------------------------------------------------------------------------
-
-3.1. Binary Packages
+At present, Privoxy is known to run on Windows(95, 98, ME, 2000, XP), Linux
+(RedHat, Suse, Debian), Mac OSX, OS/2, AmigaOS, FreeBSD, NetBSD, BeOS, and many
+more flavors of Unix.
Note: If you have a previous Junkbuster or Privoxy installation on your system,
you will need to remove it. Some platforms do this for you as part of their
installation procedure. (See below for your platform).
In any case be sure to backup your old configuration if it is valuable to you.
-See the note to upgraders.
-
-How to install the binary packages depends on your operating system:
+See the note to upgraders section below.
-------------------------------------------------------------------------------
-3.1.1. Red Hat and SuSE RPMs
+3.1. Red Hat and SuSE RPMs
RPMs can be installed with rpm -Uvh privoxy-2.9.14-1.rpm, and will use /etc/
privoxy for the location of configuration files.
Note that on Red Hat, Privoxy will not be automatically started on system boot.
-You will need to enable that using chkconfig, ntsysv, or similar method.
+You will need to enable that using chkconfig, ntsysv, or similar methods. Note
+that SuSE will automatically start Privoxy in the boot process.
If you have problems with failed dependencies, try rebuilding the SRC RPM: rpm
--rebuild privoxy-2.9.14-1.src.rpm;. This will use your locally installed
-------------------------------------------------------------------------------
-3.1.2. Debian
+3.2. Debian
FIXME.
-------------------------------------------------------------------------------
-3.1.3. Windows
+3.3. Windows
Just double-click the installer, which will guide you through the installation
-process.
+process. You will find the configuration files in the same directory as you
+installed Privoxy in. We do not use the registry of Windows.
-------------------------------------------------------------------------------
-3.1.4. Solaris, NetBSD, FreeBSD, HP-UX
+3.4. Solaris, NetBSD, FreeBSD, HP-UX
Create a new directory, cd to it, then unzip and untar the archive. For the
most part, you'll have to figure out where things go. FIXME.
-------------------------------------------------------------------------------
-3.1.5. OS/2
+3.5. OS/2
First, make sure that no previous installations of Junkbuster and / or Privoxy
are left on your system. You can do this by
-------------------------------------------------------------------------------
-3.1.6. Max OSX
+3.6. Max OSX
Unzip the downloaded package (you can either double-click on the file in the
finder, or on the desktop if you downloaded it there). Then, double-click on
-------------------------------------------------------------------------------
-3.1.7. AmigaOS
+3.7. AmigaOS
Copy and then unpack the lha archive to a suitable location. All necessary
files will be installed into Privoxy directory, including all configuration and
-------------------------------------------------------------------------------
-3.2. Building from Source
-
-To build Privoxy from source, autoheader, autoconf, GNU make (gmake), and, of
-course, a C compiler are required.
-
-When building from a source tarball (either release version or nightly CVS
-tarball), first unpack the source:
-
- tar xzvf privoxy-2.9.14-beta-src* [.tgz or .tar.gz]
- cd privoxy-2.9.14-beta
-
-
-For retrieving the current CVS sources, you'll need CVS installed. Note that
-sources from CVS are development quality, and may not be stable, or well
-tested. To download CVS source:
-
- cvs -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa login
- cvs -z3 -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa co current
- cd current
-
-
-This will create a directory named current/, which will contain the source
-tree.
-
-Then, in either case, to build from unpacked tarball or CVS source:
-
- autoheader
- autoconf
- ./configure # (--help to see options)
- make # (the make from gnu, gmake for *BSD)
- su
- make -n install # (to see where all the files will go)
- make install # (to really install)
-
-
-If you have gnu make, you can have the first four steps automatically done for
-you by just typing:
-
- make
-
-
-in the freshly downloaded or unpacked source directory.
-
-For more detailed instructions on how to build Redhat and SuSE RPMs, Windows
-self-extracting installers, building on platforms with special requirements
-etc, please consult the developer manual.
-
--------------------------------------------------------------------------------
-
-4. Quickstart to Using Privoxy
-
-4.1. Note to Upgraders
+4. Note to Upgraders
There are very significant changes from older versions of Junkbuster to the
current Privoxy. Configuration is substantially changed. Junkbuster 2.0.x and
-------------------------------------------------------------------------------
-4.2. Starting Privoxy
+5. Quickstart to Using Privoxy
+
+ * Install Privoxy. See the section Installing.
+
+ * Start Privoxy. See the section Starting Privoxy.
+
+ * Change your browser's configuration to use the proxy localhost on port
+ 8118. See the section Starting Privoxy.
+
+ * Enjoy surfing with enhanced comfort and privacy. Please see the section
+ Contacting the Developers on how to report bugs or problems with websites
+ or to get help. You may want to change the file user.action to further
+ tweak your new browsing experience.
+
+-------------------------------------------------------------------------------
+
+6. Starting Privoxy
Before launching Privoxy for the first time, you will want to configure your
browser(s) to use Privoxy as a HTTP and HTTPS proxy. The default is localhost
Privoxy is typically started by specifying the main configuration file to be
used on the command line. Example Unix startup command:
-
# /usr/sbin/privoxy /etc/privoxy/config
-
-
See below for other command line options.
-------------------------------------------------------------------------------
-4.3. Command Line Options
+6.1. Command Line Options
Privoxy may be invoked with the following command-line options:
-------------------------------------------------------------------------------
-5. Privoxy Configuration
+7. Privoxy Configuration
All Privoxy configuration is stored in text files. These files can be edited
with a text editor. Many important aspects of Privoxy can also be controlled
-------------------------------------------------------------------------------
-5.1. Controlling Privoxy with Your Web Browser
+7.1. Controlling Privoxy with Your Web Browser
Privoxy's user interface can be reached through the special URL http://
config.privoxy.org/ (shortcut: http://p.p/), which is a built-in page and works
-------------------------------------------------------------------------------
-5.2. Configuration Files Overview
+7.2. Configuration Files Overview
For Unix, *BSD and Linux, all configuration files are located in /etc/privoxy/
by default. For MS Windows, OS/2, and AmigaOS these are all in the same
pre-defined here; whether to apply them or not is up to the actions files.
All files use the "#" character to denote a comment (the rest of the line will
-be ignored) and understand line continuation through placing a backslash ("\")
+be ignored) angd understand line continuation through placing a backslash ("\")
as the very last character in a line. If the # is preceded by a backslash, it
looses its special function. Placing a # in front of an otherwise valid
configuration line to prevent it from being interpreted is called "commenting
-------------------------------------------------------------------------------
-5.3. The Main Configuration File
+7.3. The Main Configuration File
Again, the main configuration file is named config on Linux/Unix/BSD and OS/2,
and config.txt on Windows. Configuration lines consist of an initial keyword
-------------------------------------------------------------------------------
-5.3.1. Configuration and Log File Locations
+7.3.1. Configuration and Log File Locations
Privoxy can (and normally does) use a number of other files for additional
configuration and logging. This section of the configuration file tells Privoxy
-------------------------------------------------------------------------------
-5.3.1.1. confdir
+7.3.1.1. confdir
Specifies:
-------------------------------------------------------------------------------
-5.3.1.2. logdir
+7.3.1.2. logdir
Specifies:
-------------------------------------------------------------------------------
-5.3.1.3. actionsfile
+7.3.1.3. actionsfile
Specifies:
-------------------------------------------------------------------------------
-5.3.1.4. filterfile
+7.3.1.4. filterfile
Specifies:
-------------------------------------------------------------------------------
-5.3.1.5. logfile
+7.3.1.5. logfile
Specifies:
-------------------------------------------------------------------------------
-5.3.1.6. jarfile
+7.3.1.6. jarfile
Specifies:
-------------------------------------------------------------------------------
-5.3.1.7. trustfile
+7.3.1.7. trustfile
Specifies:
-------------------------------------------------------------------------------
-5.3.2. Local Set-up Documentation
+7.3.2. Local Set-up Documentation
If you intend to operate Privoxy for more users that just yourself, it might be
a good idea to let them know how to reach you, what you block and why you do
-------------------------------------------------------------------------------
-5.3.2.1. trust-info-url
+7.3.2.1. trust-info-url
Specifies:
-------------------------------------------------------------------------------
-5.3.2.2. admin-address
+7.3.2.2. admin-address
Specifies:
-------------------------------------------------------------------------------
-5.3.2.3. proxy-info-url
+7.3.2.3. proxy-info-url
Specifies:
-------------------------------------------------------------------------------
-5.3.3. Debugging
+7.3.3. Debugging
These options are mainly useful when tracing a problem. Note that you might
also want to invoke Privoxy with the --no-daemon command line option when
-------------------------------------------------------------------------------
-5.3.3.1. debug
+7.3.3.1. debug
Specifies:
debug 1024 # debug kill pop-ups
debug 4096 # Startup banner and warnings.
debug 8192 # Non-fatal errors
-
To select multiple debug levels, you can either add them or use multiple
debug lines.
-------------------------------------------------------------------------------
-5.3.3.2. single-threaded
+7.3.3.2. single-threaded
Specifies:
-------------------------------------------------------------------------------
-5.3.4. Access Control and Security
+7.3.4. Access Control and Security
This section of the config file controls the security-relevant aspects of
Privoxy's configuration.
-------------------------------------------------------------------------------
-5.3.4.1. listen-address
+7.3.4.1. listen-address
Specifies:
from inside only:
listen-address 192.168.0.1:8118
-
-------------------------------------------------------------------------------
-5.3.4.2. toggle
+7.3.4.2. toggle
Specifies:
-------------------------------------------------------------------------------
-5.3.4.3. enable-remote-toggle
+7.3.4.3. enable-remote-toggle
Specifies:
-------------------------------------------------------------------------------
-5.3.4.4. enable-edit-actions
+7.3.4.4. enable-edit-actions
Specifies:
-------------------------------------------------------------------------------
-5.3.4.5. ACLs: permit-access and deny-access
+7.3.4.5. ACLs: permit-access and deny-access
Specifies:
destination addresses are OK:
permit-access localhost
-
Allow any host on the same class C subnet as www.privoxy.org access to
nothing but www.example.com:
permit-access www.privoxy.org/24 www.example.com/32
-
Allow access from any host on the 26-bit subnet 192.168.45.64 to anywhere,
with the exception that 192.168.45.73 may not access
permit-access 192.168.45.64/26
deny-access 192.168.45.73 www.dirty-stuff.example.com
-
-------------------------------------------------------------------------------
-5.3.4.6. buffer-limit
+7.3.4.6. buffer-limit
Specifies:
-------------------------------------------------------------------------------
-5.3.5. Forwarding
+7.3.5. Forwarding
This feature allows routing of HTTP requests through a chain of multiple
proxies. It can be used to better protect privacy and confidentiality when
-------------------------------------------------------------------------------
-5.3.5.1. forward
+7.3.5.1. forward
Specifies:
forward .* anon-proxy.example.org:8080
forward :443 .
-
Everything goes to our example ISP's caching proxy, except for requests to
that ISP's sites:
forward .*. caching-proxy.example-isp.net:8000
forward .example-isp.net .
-
-------------------------------------------------------------------------------
-5.3.5.2. forward-socks4 and forward-socks4a
+7.3.5.2. forward-socks4 and forward-socks4a
Specifies:
forward-socks4a .*. socks-gw.example.com:1080 www-cache.example-isp.net:8080
forward .example.com .
-
A rule that uses a SOCKS 4 gateway for all destinations but no HTTP parent
looks like this:
forward-socks4 .*. socks-gw.example.com:1080 .
-
-------------------------------------------------------------------------------
-5.3.5.3. Advanced Forwarding Examples
+7.3.5.3. Advanced Forwarding Examples
If you have links to multiple ISPs that provide various special content only to
their subscribers, you can configure multiple Privoxies which have connections
forward .*. .
forward .isp-b.net host-b:8118
-
host-b:
forward .*. .
forward .isp-a.net host-a:8118
-
Now, your users can set their browser's proxy to use either host-a or host-b
and be able to browse the internal content of both isp-a and isp-b.
# Forward all the rest to Privoxy
never_direct allow all
-
You would then need to change your browser's proxy settings to squid's address
and port. Squid normally uses port 3128. If unsure consult http_port in
-------------------------------------------------------------------------------
-5.3.6. Windows GUI Options
+7.3.6. Windows GUI Options
Privoxy has a number of options specific to the Windows GUI interface:
-------------------------------------------------------------------------------
-5.4. Actions Files
+7.4. Actions Files
The actions files are used to define what actions Privoxy takes for which URLs,
and thus determines how ad images, cookies and various other aspects of HTTP
The content of these can all be viewed and edited from http://
config.privoxy.org/show-status.
-Anything you want can blocked, including ads, banners, or just some obnoxious
-URL that you would rather not see is done here. Cookies can be accepted or
-rejected, or accepted only during the current browser session (i.e. not written
-to disk), content can be modified, JavaScripts tamed, user-tracking fooled, and
-much more. See below for a complete list of available actions.
+Anything you want can be blocked, including ads, banners, or just some
+obnoxious URL that you would rather not see is done here. Cookies can be
+accepted or rejected, or accepted only during the current browser session (i.e.
+not written to disk), content can be modified, JavaScripts tamed, user-tracking
+fooled, and much more. See below for a complete list of available actions.
An actions file typically has sections. Near the top, "aliases" are optionally
defined (discussed below), then the default set of rules which will apply
-------------------------------------------------------------------------------
-5.4.1. Finding the Right Mix
+7.4.1. Finding the Right Mix
Note that some actions like cookie suppression or script disabling may render
some sites unusable, which rely on these techniques to work properly. Finding
-------------------------------------------------------------------------------
-5.4.2. How to Edit
+7.4.2. How to Edit
The easiest way to edit the "actions" files is with a browser by using our
browser-based editor, which can be reached from http://config.privoxy.org/
-------------------------------------------------------------------------------
-5.4.3. How Actions are Applied to URLs
+7.4.3. How Actions are Applied to URLs
Actions files are divided into sections. There are special sections, like the "
alias" sections which will be discussed later. For now let's concentrate on
-------------------------------------------------------------------------------
-5.4.4. Patterns
+7.4.4. Patterns
Generally, a pattern has the form <domain>/<path>, where both the <domain> and
<path> are optional. (This is why the pattern / matches all URLs).
-------------------------------------------------------------------------------
-5.4.4.1. The Domain Pattern
+7.4.4.1. The Domain Pattern
The matching of the domain part offers some flexible options: if the domain
starts or ends with a dot, it becomes unanchored at that end. For example:
-------------------------------------------------------------------------------
-5.4.4.2. The Path Pattern
+7.4.4.2. The Path Pattern
Privoxy uses Perl compatible regular expressions (through the PCRE library) for
matching the path.
-------------------------------------------------------------------------------
-5.4.5. Actions
+7.4.5. Actions
All actions are disabled by default, until they are explicitly enabled
somewhere in an actions file. Actions are turned on if preceded with a "+", and
the provided default actions files will give a good starting point).
Later defined actions always over-ride earlier ones. So exceptions to any rules
-you make, should come in the latter part of the file. For multi-valued actions,
+you make, should come in the latter part of the file (or in a file that is
+processed later when using multiple actions files). For multi-valued actions,
the actions are applied in the order they are specified. Actions files are
processed in the order they are defined in config (the default installation has
three actions files). It also quite possible for any given URL pattern to match
-------------------------------------------------------------------------------
-5.4.5.1. +add-header{Name: value}
+7.4.5.1. +add-header
Type:
-------------------------------------------------------------------------------
-5.4.5.2. +block
+7.4.5.2. +block
Type:
URL and display its special "BLOCKED" page instead. If there is sufficient
space, a large red banner will appear with a friendly message about why the
page was blocked, and a way to go there anyway. If there is insufficient
- space a smaller blocked page will appear without the red banner. Click here
- to view the default blocked HTML page (Privoxy must be running for this to
- work as intended!).
+ space a smaller "BLOCKED" page will appear without the red banner. Click
+ here to view the default blocked HTML page (Privoxy must be running for
+ this to work as intended!).
A very important exception is if the URL matches both "+block" and
"+handle-as-image", then it will be handled by "+set-image-blocker" (see
-------------------------------------------------------------------------------
-5.4.5.3. +deanimate-gifs
+7.4.5.3. +deanimate-gifs
Type:
-------------------------------------------------------------------------------
-5.4.5.4. +downgrade-http-version
+7.4.5.4. +downgrade-http-version
Type:
-------------------------------------------------------------------------------
-5.4.5.5. +fast-redirects
+7.4.5.5. +fast-redirects
Type:
-------------------------------------------------------------------------------
-5.4.5.6. +filter
+7.4.5.6. +filter
Type:
-------------------------------------------------------------------------------
-5.4.5.7. +hide-forwarded-for-headers
+7.4.5.7. +hide-forwarded-for-headers
Type:
-------------------------------------------------------------------------------
-5.4.5.8. +hide-from-header
+7.4.5.8. +hide-from-header
Type:
-------------------------------------------------------------------------------
-5.4.5.9. +hide-referer
+7.4.5.9. +hide-referer
Type:
-------------------------------------------------------------------------------
-5.4.5.10. +hide-user-agent
+7.4.5.10. +hide-user-agent
Type:
-------------------------------------------------------------------------------
-5.4.5.11. +handle-as-image
+7.4.5.11. +handle-as-image
Type:
-------------------------------------------------------------------------------
-5.4.5.12. +set-image-blocker
+7.4.5.12. +set-image-blocker
Type:
-------------------------------------------------------------------------------
-5.4.5.13. +limit-connect
+7.4.5.13. +limit-connect
Type:
-------------------------------------------------------------------------------
-5.4.5.14. +prevent-compression
+7.4.5.14. +prevent-compression
Type:
-------------------------------------------------------------------------------
-5.4.5.15. +session-cookies-only
+7.4.5.15. +session-cookies-only
Type:
-------------------------------------------------------------------------------
-5.4.5.16. +prevent-reading-cookies
+7.4.5.16. +prevent-reading-cookies
Type:
-------------------------------------------------------------------------------
-5.4.5.17. +prevent-setting-cookies
+7.4.5.17. +prevent-setting-cookies
Type:
-------------------------------------------------------------------------------
-5.4.5.18. +kill-popups
+7.4.5.18. +kill-popups
Type:
-------------------------------------------------------------------------------
-5.4.5.19. +send-vanilla-wafer
+7.4.5.19. +send-vanilla-wafer
Type:
-------------------------------------------------------------------------------
-5.4.5.20. +send-wafer
+7.4.5.20. +send-wafer
Type:
-------------------------------------------------------------------------------
-5.4.5.21. Actions Examples
+7.4.5.21. Actions Examples
Note that the meaning of any of the above examples is reversed by preceding the
action with a "-", in place of the "+". Also, that some actions are turned on
in the default section of the actions file, and require little to no additional
configuration. These are just "on". But, other actions that are turned on the
-default section do typically require exceptions to be listed in the lower
-sections of actions file. E.g. by default no URLs are "blocked" (i.e. in the
-default definitions of default.action). We need exceptions to this in order to
-enable ad blocking.
+default section do typically require exceptions to be listed in the latter
+sections of one of our actions file. For instance, by default no URLs are
+"blocked" (i.e. in the default definitions of default.action). We need
+exceptions to this in order to enable ad blocking in the lower sections. But we
+need to be very selective about what we do block.
+
+Below is a liberally commented default.action file to demonstrate the pieces
+all come together. And to show how exceptions to the default policies can be
+handled. This is followed by a user.action with similar examples.
+
+
+##########################################################################
+# Aliases must be defined *before* they are used. These are
+# easier to remember, and combine several actions into one:
+##########################################################################
+
+# Some useful aliases.
+ +prevent-cookies = +prevent-setting-cookies +prevent-reading-cookies
+ -prevent-cookies = -prevent-setting-cookies -prevent-reading-cookies
+ +imageblock = +block +handle-as-image
+
+# Fragile sites should have the minimum changes:
+ fragile = -block -deanimate-gifs -fast-redirects -filter -hide-referer \
+ -prevent-cookies -kill-popups
+
+# Shops should be allowed to set persistent cookies
+ shop = -filter -prevent-cookies -prevent-keeping-cookies
+
+
+##########################################################################
+# Begin default action settings. Anything in this section will match
+# all URLs -- UNLESS we have exceptions defined below this section.
+# We will show all potential actions here whether they are on or off.
+# We could omit any disabled action if we wanted, since all actions are
+# 'off' by default anyway. Shown for completeness only.
+##########################################################################
+ { \
+ -add-header \
+ -block \
+ -deanimate-gifs \
+ -downgrade-http-version \
+ +fast-redirects \
+ +filter{html-annoyances} \
+ +filter{js-annoyances} \
+ -filter{content-cookies} \
+ -filter{popups} \
+ +filter{webbugs} \
+ -filter{refresh-tags} \
+ -filter{fun} \
+ +filter{nimda} \
+ +filter{banners-by-size} \
+ -filter{shockwave-flash} \
+ -filter{crude-prental} \
+ +hide-forwarded-for-headers \
+ +hide-from-header{block} \
+ -hide-referrer \
+ -hide-user-agent \
+ -handle-as-image \
+ +set-image-blocker{pattern} \
+ -limit-connect \
+ +prevent-compression \
+ -session-cookies-only \
+ -prevent-reading-cookies \
+ -prevent-setting-cookies \
+ -kill-popups \
+ -send-vanilla-wafer \
+ -send-wafer \
+ }
+ / # forward slash will match all potential URLs patterns.
+
+##########################################################################
+# Default behavior is now set. Time for some exceptions to our
+# default actions.
+##########################################################################
+
+# These sites are very complex and require very minimal interference.
+# We'll disable most actions with our 'fragile' alias.
+ {fragile}
+ .office.microsoft.com
+ .windowsupdate.microsoft.com
+
+
+# Shopping sites - not as fragile. We still want to block ads.
+ {shop}
+ .quietpc.com
+ .worldpay.com # for quietpc.com
+ .jungle.com
+ .scan.co.uk
+
+
+# These sites require pop-ups too :( We'll combine our 'shop'
+# alias with two other actions into one rule to allow all popups.
+ {shop -no-popups -filter{popups}}
+ .dabs.com
+ .overclockers.co.uk
+
+
+# The 'Fast-redirects' action breaks some sites. Disable this action
+# for these known sensitive sites.
+ {-fast-redirects}
+ www.ukc.ac.uk/cgi-bin/wac\.cgi\?
+ login.yahoo.com
+ edit.europe.yahoo.com
+ .google.com
+ .altavista.com/.*(like|url|link):http
+ .altavista.com/trans.*urltext=http
+ .nytimes.com
+
+
+# Define which file types will be treated as images. Important
+# for ad blocking.
+ {+handle-as-image}
+ /.*\.(gif|jpe?g|png|bmp|ico)
+
+
+# Now lets list some domains that are known ad generators. And
+# our alias here will block these as well as force them to be
+# treated as images. This combination of actions is important
+# for ad blocking. What the browser will show instead is
+# determined by the setting of "+set-image-blocker"
+ {+imageblock}
+ ar.atwola.com
+ .ad.doubleclick.net
+ .a.yimg.com/(?:(?!/i/).)*$
+ .a[0-9].yimg.com/(?:(?!/i/).)*$
+ bs*.gsanet.com
+ bs*.einets.com
+ .qkimg.net
+ ad.*.doubleclick.net
+
+
+# These will just simply be blocked. They will generate the BLOCKED
+# banner page, if matched. Heavy use of wildcards and regular
+# expressions in this example.
+ {+block}
+ ad*.
+ .*ads.
+ banner?.
+ count*.
+ /.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?)
+ /(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/
+ .hitbox.com
+
+
+# The above block section will catch some sites we DO NOT want
+# blocked via wildcards and regular expressions. Now set exceptions
+# to the exceptions so the good guys get better treatment.
+ {-block}
+ advogato.org
+ adsl.
+ ad[ud]*.
+ advice.
+# Let's just trust universities
+ .edu
+ www.ugu.com/sui/ugu/adv
+# We'll need to access to path names containing 'download'
+ .*downloads.
+ /downloads/
+# 'adv' is for globalintersec means advanced, not advertisement
+ www.globalintersec.com/adv
+
+
+# Don't filter *anything* from our friends at sourceforge.
+# Notice we don't have to name the individual filter
+# identifiers -- we just turn them all off.
+ {-filter}
+ .sourceforge.net
+
+
Some examples:
-------------------------------------------------------------------------------
-5.4.6. Aliases
+7.4.6. Aliases
Custom "actions", known to Privoxy as "aliases", can be defined by combining
other "actions". These can in turn be invoked just like the built-in "actions".
-------------------------------------------------------------------------------
-5.5. The Filter File
+7.5. The Filter File
Any web page can be dynamically modified with the filter file. This
modification can be removal, or re-writing, of any web page content, including
-------------------------------------------------------------------------------
-5.6. Templates
+7.5.1. The +filter Action
+
+Filters are enabled with the "+filter" action from within one of the actions
+files. "+filter" requires one parameter, which should match one of the section
+identifiers in the filter file itself. Example:
+
+ +filter{html-annoyances}
+
+
+This would activate that particular filter. Similarly, "+filter" can be turned
+off for selected sites as: "-filter{html-annoyances}". Remember, all actions
+are off by default, unless they are explicity enabled in one of the actions
+files.
+
+-------------------------------------------------------------------------------
+
+7.6. Templates
When Privoxy displays one of its internal pages, such as a 404 Not Found error
page, it uses the appropriate template. On Linux, BSD, and Unix, these are
-------------------------------------------------------------------------------
-6. Contacting the Developers, Bug Reporting and Feature Requests
+8. Contacting the Developers, Bug Reporting and Feature Requests
We value your feedback. However, to provide you with the best support, please
-note:
+note the following sections.
- * Use the Sourceforge Support Forum to get help:
-
- http://sourceforge.net/tracker/?group_id=11118&atid=211118
-
-
- * Submit bugs only through our Sourceforge Bug Forum:
-
- http://sourceforge.net/tracker/?group_id=11118&atid=111118.
-
-
- Make sure that the bug has not already been submitted. Please try to verify
- that it is a Privoxy bug, and not a browser or site bug first. If you are
- using your own custom configuration, please try the stock configs to see if
- the problem is a configuration related bug. And if not using the latest
- development snapshot, please try the latest one. Or even better, CVS
- sources. Please be sure to include the Privoxy/Junkbuster version,
- platform, browser, any pertinent log data, any other relevant details
- (please be specific) and, if possible, some way to reproduce the bug.
-
- * Submit feature requests only through our Sourceforge feature request forum:
-
- http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse.
-
-
- * You can also send feedback on websites that Privoxy has problems with. Please bookmark
- the following link: "Privoxy - Submit Filter Feedback"
- . Once you surf to a page with problems, use the
- bookmark to send us feedback. We will look into the issue as soon as possible.
-
-
- * For any other issues, feel free to use the mailing lists:
-
- http://sourceforge.net/mail/?group_id=11118.
-
-
- Anyone interested in actively participating in development and related
- discussions can also join the appropriate mailing list. Archives are
- available, too.
+-------------------------------------------------------------------------------
+
+8.1. Get Support
+
+To get support, use the Sourceforge Support Forum:
+
+ http://sourceforge.net/tracker/?group_id=11118&atid=211118
+
+-------------------------------------------------------------------------------
+
+8.2. Report bugs
+
+To submit bugs, use the Sourceforge Bug Forum:
+
+ http://sourceforge.net/tracker/?group_id=11118&atid=111118.
+
+
+Make sure that the bug has not already been submitted. Please try to verify
+that it is a Privoxy bug, and not a browser or site bug first. If you are using
+your own custom configuration, please try the stock configs to see if the
+problem is a configuration related bug. And if not using the latest development
+snapshot, please try the latest one. Or even better, CVS sources. Please be
+sure to include the Privoxy version, platform, browser, any pertinent log data,
+any other relevant details (please be specific) and, if possible, some way to
+reproduce the bug.
+
-------------------------------------------------------------------------------
-6.1. Submitting Ads and "Action" Problems
+8.3. Request new features
+
+To submit ideas on new features, use the Sourceforge feature request forum:
-Ads and banners that are not stopped by Privoxy can be submitted to the
-developers by accessing a special page and filling out the brief, required
-form. Conversely, you can also report pages, images, etc. that Privoxy is
-blocking, but should not. The form itself does require Internet access.
+ http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse.
+
-To do this, point your browser to Privoxy at http://config.privoxy.org/
-(shortcut: http://p.p/), and then select Actions file feedback system, near the
-bottom of the page. Paste in the URL that is the cause of the unwanted
-behavior, and follow the prompts. The developers will try to incorporate a fix
-for the problem you reported into future versions.
+-------------------------------------------------------------------------------
+
+8.4. Report ads or other filter problems
+
+You can also send feedback on websites that Privoxy has problems with. Please
+bookmark the following link: "Privoxy - Submit Filter Feedback". Once you surf
+to a page with problems, use the bookmark to send us feedback. We will look
+into the issue as soon as possible.
New, improved default.action files will occasionally be made available based on
your feedback. These will be announced on the ijbswa-announce list.
-------------------------------------------------------------------------------
-7. Copyright and History
+8.5. Other
-7.1. Copyright
+For any other issues, feel free to use the mailing lists:
+
+ http://sourceforge.net/mail/?group_id=11118.
+
+
+Anyone interested in actively participating in development and related
+discussions can also join the appropriate mailing list. Archives are available,
+too. See the page on Sourceforge.
+
+-------------------------------------------------------------------------------
+
+9. Copyright and History
+
+9.1. Copyright
Privoxy is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
-------------------------------------------------------------------------------
-7.2. History
+9.2. History
Privoxy is evolved, and derived from, the Internet Junkbuster, with many
improvments and enhancements over the original.
-------------------------------------------------------------------------------
-8. See Also
+10. See Also
Other references and sites of interest to Privoxy users:
-------------------------------------------------------------------------------
-9. Appendix
+11. Appendix
-9.1. Regular Expressions
+11.1. Regular Expressions
Privoxy can use "regular expressions" in various config files. Assuming support
for "pcre" (Perl Compatible Regular Expressions) is compiled in, which is the
-------------------------------------------------------------------------------
-9.2. Privoxy's Internal Pages
+11.2. Privoxy's Internal Pages
Since Privoxy proxies each requested web page, it is easy for Privoxy to trap
certain special URLs. In this way, we can talk directly to Privoxy, and see how
-------------------------------------------------------------------------------
-9.2.1. Bookmarklets
+11.2.1. Bookmarklets
Below are some "bookmarklets" to allow you to easily access a "mini" version of
some of Privoxy's special pages. They are designed for MS Internet Explorer,
bar (IE) or the "Personal Toolbar" (Netscape), and run them with a single
click.
- * Enable Privoxy
+ * Privoxy - Enable
- * Disable Privoxy
+ * Privoxy - Disable
- * Toggle Privoxy (Toggles between enabled and disabled)
+ * Privoxy - Toggle Privoxy (Toggles between enabled and disabled)
- * View Privoxy Status
+ * Privoxy- View Status
- * Actions file feedback system
+ * Privoxy - Submit Filter Feedback
Credit: The site which gave me the general idea for these bookmarklets is
www.bookmarklets.com. They have more information about bookmarklets.
-------------------------------------------------------------------------------
-9.3. Chain of Events
+11.3. Chain of Events
Let's take a quick look at the basic sequence of events when a web page is
requested by your browser and Privoxy is on duty:
-------------------------------------------------------------------------------
-9.4. Anatomy of an Action
+11.4. Anatomy of an Action
The way Privoxy applies "actions" and "filters" to any given URL can be
complex, and not always so easy to understand what is happening. And sometimes
-hide-user-agent -handle-as-image +set-image-blocker{pattern} -limit-connect
+prevent-compression -session-cookies-only -prevent-reading-cookies
-prevent-setting-cookies -kill-popups -send-vanilla-wafer -send-wafer
-
-
Notice the only difference here to the previous listing, is to "fast-redirects"
and "session-cookies-only".
{ +block +handle-as-image }
.doubleclick.net
-
-
We'll just show the interesting part here, the explicit matches. It is matched
three different times. Each as an "+block +handle-as-image", which is the
{ +block +handle-as-image }
/ads
-
-
Ooops, the "/adsl/" is matching "/ads"! But we did not want this at all! Now we
see why we get the blank page. We could now add a new action below this that
{ -block }
/adsl
-
-
Now the page displays ;-) Be sure to flush your browser's caches when making
such changes. Or, try using Shift+Reload.
{ +block +handle-as-image }
/ads
-
-
That actually was very telling and pointed us quickly to where the problem was.
If you don't get this kind of match, then it means one of the default rules in
.jungle.com
.scan.co.uk
.forbes.com
-
-
"{shop}" is an "alias" that expands to "{ -filter -session-cookies-only }". Or
you could do your own exception to negate filtering:
{-filter}
.forbes.com
-
-
This would probably be most appropriately put in user.action, for local site
exceptions.