+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>Configuration</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.64
-"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="Privoxy Frequently Asked Questions"
HREF="index.html"><LINK
HREF="misc.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
-HREF="../p_doc.css"></HEAD
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
><BODY
CLASS="SECT1"
BGCOLOR="#EEEEEE"
><DIV
CLASS="NAVHEADER"
><TABLE
+SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="bottom"
><A
HREF="installation.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="bottom"
><A
HREF="misc.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
><H3
CLASS="SECT2"
><A
-NAME="NEWCONFIG"
->3.1. Can I use my old config files?</A
-></H3
-><P
-> There are major changes to <SPAN
-CLASS="APPLICATION"
->Junkbuster</SPAN
->/
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> configuration from version 2.0.x to
- 2.9.x and later. Most of the older files will not work at all. This is
- especially true of <TT
-CLASS="FILENAME"
->blocklist</TT
->. If this is the case, you
- will need to re-enter your old data into the new configuration structure.
- This is probably also a good recommendation even if upgrading from 2.9.x to
- 3.x since there were many minor changes along the way.
- </P
-></DIV
-><DIV
-CLASS="SECT2"
-><H3
-CLASS="SECT2"
-><A
-NAME="AEN239"
->3.2. What is an <SPAN
+NAME="AEN360"
+>3.1. What exactly is an <SPAN
CLASS="QUOTE"
>"actions"</SPAN
> file?</A
></H3
><P
> <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
-> files are where various actions that
- <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> might take, are configured.
- Typically, you would define a set of default actions that apply
- to all URLs, then add exceptions to these defaults.</P
-><P
-> Actions can be defined on a per site basis, or for groups of sites. Actions
- can also be grouped together and then applied to one or more sites. There
- are many possible actions that might apply to any given site. As an example,
- if we are blocking cookies as one of our default
- <SPAN
-CLASS="APPLICATION"
->actions</SPAN
->, but need to accept cookies from a given
- site, we would define this in our <SPAN
+> utilizes the concept of <SPAN
CLASS="QUOTE"
->"actions"</SPAN
-> file. </P
-><P
-> <SPAN
+>" <A
+HREF="../user-manual/actions-file.html#ACTIONS"
+TARGET="_top"
+>actions</A
+>"</SPAN
+>
+ that are used to manipulate and control web page data.
+ <A
+HREF="../user-manual/actions-file.html"
+TARGET="_top"
+>Actions files</A
+>
+ are where these <A
+HREF="../user-manual/actions-file.html#ACTIONS"
+TARGET="_top"
+>actions</A
+>
+ that <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> comes with several default
- <SPAN
-CLASS="APPLICATION"
->actions</SPAN
-> files, with varying degrees
- of filtering and blocking, as starting points for your own
- configuration (see below).</P
+> could take while processing a certain
+ request, are configured. Typically, you would define a set of default actions
+ that apply globally to all URLs, then add exceptions to these defaults where needed.
+ There is a wide array of actions available that give the user a high degree
+ of control and flexibility on how to process each and every web page.</P
+><P
+> Actions can be defined on a <A
+HREF="../user-manual/actions-file.html#AF-PATTERNS"
+TARGET="_top"
+>URL pattern</A
+> basis, i.e.
+ for single URLs, whole web sites, groups or parts thereof etc. Actions can also be
+ grouped together and then applied to requests matching one or more patterns.
+ There are many possible actions that might apply to any given site. As an example,
+ if you are blocking <A
+HREF="http://en.wikipedia.org/wiki/Browser_cookie"
+TARGET="_top"
+>cookies</A
+>
+ as one of your default actions, but need to accept cookies from a given site,
+ you would need to define an exception for this site in one of your actions
+ files, preferably in <TT
+CLASS="FILENAME"
+>user.action</TT
+>.</P
></DIV
><DIV
CLASS="SECT2"
CLASS="SECT2"
><A
NAME="ACTIONSS"
->3.3. The <SPAN
+>3.2. The <SPAN
CLASS="QUOTE"
>"actions"</SPAN
> concept confuses me. Please list
>.</A
></H3
><P
-> These are all explained in the
- <A
-HREF="../user-manual/configuration.html#ACTIONSFILE"
+> For a comprehensive discussion of the actions concept, please refer
+HREF="../user-manual/actions-file.html"
TARGET="_top"
->user-manual</A
->.
- Please refer to that.</P
+>actions file
+ chapter</A
+> in the <A
+HREF="../user-manual/index.html"
+TARGET="_top"
+>User
+ Manual</A
+>. It includes a <A
+HREF="../user-manual/actions-file.html#ACTIONS"
+TARGET="_top"
+>list of all actions</A
+>
+ and an <A
+HREF="../user-manual/actions-file.html#ACT-EXAMPLES"
+TARGET="_top"
+>actions
+ file tutorial</A
+> to get you started.</P
></DIV
><DIV
CLASS="SECT2"
><H3
CLASS="SECT2"
><A
-NAME="AEN257"
->3.4. How are actions files configured? What is the easiest
+NAME="AEN383"
+>3.3. How are actions files configured? What is the easiest
way to do this?</A
></H3
><P
-> The easiest way to do this, is to access <SPAN
+> Actions files are just text files in a special syntax and can be edited
+ with a text editor. But probably the easiest way is to access
+ <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
+>'s user interface with your web browser
+ at <A
+HREF="http://config.privoxy.org/"
+TARGET="_top"
+>http://config.privoxy.org/</A
>
-
with your web browser at <A
HREF="http://p.p/"
TARGET="_top"
>http://p.p/</A
->,
- and then select
- "<A
-HREF="http://config.privoxy.org"
+>) and then select
+ <SPAN
+CLASS="QUOTE"
+>"<A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>View &
+ change the current configuration</A
+>"</SPAN
+> from the menu. Note
+ that this feature must be explicitly enabled in the main config file
+ (see <A
+HREF="../user-manual/config.html#ENABLE-EDIT-ACTIONS"
TARGET="_top"
->Edit the actions list</A
->"
- from the selection list. You can also do this by editing the appropriate
- file with a text editor.</P
+>enable-edit-actions</A
+>).</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN392"
+>3.4. There are several different <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+> files. What are
+the differences?</A
+></H3
><P
-> Please see the
- <A
-HREF="../user-manual/configuration.html#ACTIONSFILE"
+> Please have a look at the <A
+HREF="../user-manual/actions-file.html"
+TARGET="_top"
+>the actions chapter</A
+>
+ in the <A
+HREF="../user-manual/index.html"
TARGET="_top"
->user-manual</A
-> for a
- detailed explanation of these and other configuration files, and their
- various options and syntax.</P
+>User Manual</A
+> for a detailed explanation.</P
></DIV
><DIV
CLASS="SECT2"
><H3
CLASS="SECT2"
><A
-NAME="CONFIGFILES"
->3.5. What are the differences between
-intermediate.action, basic.action, etc.?</A
+NAME="GETUPDATES"
+>3.5. Where can I get updated Actions Files?</A
></H3
><P
->Configuring <SPAN
+> Based on your feedback and the continuing development, updates of
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+> will be
+ made available from time to time on the <A
+HREF="http://sourceforge.net/project/showfiles.php?group_id=11118"
+TARGET="_top"
+>files section</A
+> of
+ our <A
+HREF="http://sf.net/projects/ijbswa/"
+TARGET="_top"
+>project page</A
+>.
+ </P
+><P
+> If you wish to receive an email notification whenever we release updates of
+ <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> is not easy. To help you get
-started, we provide you with three different default configurations. The
-following table shows you, which features are enabled in each configuration.
+> or the actions file, <A
+HREF="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce/"
+TARGET="_top"
+>subscribe
+ to our announce mailing list</A
+>, ijbswa-announce@lists.sourceforge.net.
</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="NEWCONFIG"
+>3.6. Can I use my old config files?</A
+></H3
><P
+> The syntax and purpose of configuration files has remained roughly the
+ same throughout the 3.x series, but backwards compatibility is not guaranteed.
+ Also each release contains updated, <SPAN
+CLASS="QUOTE"
+>"improved"</SPAN
+> versions and it is
+ therefore strongly recommended to install the newer configuration files
+ and merge back your modifications.
+ </P
+></DIV
><DIV
-CLASS="TABLE"
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
><A
-NAME="AEN270"
-></A
+NAME="DIFFICULT"
+>3.7. Why is the configuration so complicated?</A
+></H3
><P
-><B
->Table 1. Default Configurations</B
-></P
-><TABLE
-BORDER="1"
-CLASS="CALSTABLE"
-><THEAD
-><TR
-><TH
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->Feature</TH
-><TH
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->default.action</TH
-><TH
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->basic.action</TH
-><TH
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->intermediate.action</TH
-><TH
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->advanced.action</TH
-></TR
-></THEAD
-><TBODY
-><TR
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->ad-filtering</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->?</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-></TR
-><TR
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->blank image</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->?</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-></TR
-><TR
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->de-animate GIFs</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->?</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-></TR
-><TR
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->referer forging</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->?</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-></TR
-><TR
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->jon's +no-cookies-keep (i.e. session cookies only)</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->?</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-></TR
-><TR
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->no-popup windows</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->?</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
-> </TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-></TR
-><TR
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->fast redirects</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->?</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
-> </TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-></TR
+> <SPAN
+CLASS="QUOTE"
+>"Complicated"</SPAN
+> is in the eye of the beholder. Those that are
+ familiar with some of the underlying concepts, such as regular expression
+ syntax, take to it like a fish takes to water. Also, software that tries
+ hard to be <SPAN
+CLASS="QUOTE"
+>"user friendly"</SPAN
+>, often lacks sophistication and
+ flexibility. There is always that trade-off there between power vs.
+ easy-of-use. Furthermore, anyone is welcome to contribute ideas and
+ implementations to enhance <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="YAHOO"
+>3.8. How can I make my Yahoo/Hotmail/Gmail account work?</A
+></H3
+><P
+> The default configuration shouldn't impact the usability of any of these services.
+ It may, however, make all <A
+HREF="http://en.wikipedia.org/wiki/Browser_cookie"
+TARGET="_top"
+>cookies</A
+>
+ temporary, so that your browser will forget your
+ login credentials in between browser sessions. If you would like not to have to log
+ in manually each time you access those websites, simply turn off all cookie handling
+ for them in the <TT
+CLASS="FILENAME"
+>user.action</TT
+> file. An example for yahoo might
+ look like:
+ </P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
><TR
><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->hide-referrer</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->?</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
-> </TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
+><PRE
+CLASS="SCREEN"
+># Allow all cookies for Yahoo login:
+#
+{ -<A
+HREF="../user-manual/actions-file.html#CRUNCH-INCOMING-COOKIES"
+TARGET="_top"
+>crunch-incoming-cookies</A
+> -<A
+HREF="../user-manual/actions-file.html#CRUNCH-OUTGOING-COOKIES"
+TARGET="_top"
+>crunch-outgoing-cookies</A
+> -<A
+HREF="../user-manual/actions-file.html#SESSION-COOKIES-ONLY"
+TARGET="_top"
+>session-cookies-only</A
+> }
+.login.yahoo.com</PRE
+></TD
></TR
+></TABLE
+>
+ </P
+><P
+> These kinds of sites are often quite complex and heavy with
+ <A
+HREF="http://en.wikipedia.org/wiki/Javascript"
+TARGET="_top"
+>Javascript</A
+> and
+ thus <SPAN
+CLASS="QUOTE"
+>"fragile"</SPAN
+>. So if <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>still</I
+></SPAN
+> a problem,
+ we have an <A
+HREF="../user-manual/actions-file.html#ALIASES"
+TARGET="_top"
+>alias</A
+> just for such
+ sticky situations:
+ </P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
><TR
><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->hide-useragent</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->?</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
-> </TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-></TR
-><TR
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->content-modification</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->?</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
-> </TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
-> </TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->x</TD
-></TR
-><TR
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->feature-x</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->?</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
-> </TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
-> </TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
-> </TD
+><PRE
+CLASS="SCREEN"
+># Gmail is a _fragile_ site:
+#
+{ <TT
+CLASS="LITERAL"
+>fragile</TT
+> }
+ # Gmail is ...
+ mail.google.com</PRE
+></TD
></TR
+></TABLE
+>
+ </P
+><P
+> Be sure to flush your browser's caches whenever making these kinds of
+ changes, just to make sure the changes <SPAN
+CLASS="QUOTE"
+>"take"</SPAN
+>.
+ </P
+><P
+> Make sure the domain, host and path are appropriate as well. Your browser can
+ tell you where you are specifically and you should use that information for
+ your configuration settings. Note that above it is not referenced as
+ <TT
+CLASS="LITERAL"
+>gmail.com</TT
+>, which is a valid domain name.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="CONFIGFILES"
+>3.9. What's the difference between the
+<SPAN
+CLASS="QUOTE"
+>"Cautious"</SPAN
+>, <SPAN
+CLASS="QUOTE"
+>"Medium"</SPAN
+> and <SPAN
+CLASS="QUOTE"
+>"Advanced"</SPAN
+> defaults?</A
+></H3
+><P
+> Configuring <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is not entirely trivial. To
+ help you get started, we provide you with three different default action
+ <SPAN
+CLASS="QUOTE"
+>"profiles"</SPAN
+> in the web based actions file editor at <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>http://config.privoxy.org/show-status</A
+>.
+ See the <A
+HREF="../user-manual/actions-file.html"
+TARGET="_top"
+><I
+CLASS="CITETITLE"
+>User
+ Manual</I
+></A
+> for a list of actions, and how the default
+ profiles are set.
+ </P
+><P
+> Where the defaults are likely to break some sites, exceptions for
+ known popular <SPAN
+CLASS="QUOTE"
+>"problem"</SPAN
+> sites are included, but in
+ general, the more aggressive your default settings are, the more exceptions
+ you will have to make later. New users are best to start off in
+ <SPAN
+CLASS="QUOTE"
+>"Cautious"</SPAN
+> setting. This is safest and will have the fewest
+ problems. See the <A
+HREF="../user-manual/index.html"
+TARGET="_top"
+><I
+CLASS="CITETITLE"
+>User Manual</I
+></A
+>
+ for a more detailed discussion.</P
+><P
+> It should be noted that the <SPAN
+CLASS="QUOTE"
+>"Advanced"</SPAN
+> profile (formerly known
+ as the <SPAN
+CLASS="QUOTE"
+>"Adventuresome"</SPAN
+> profile) is more
+ aggressive, and will make use of some of
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> advanced features. Use at your own risk!</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="BROWSECONFIG"
+>3.10. Why can I change the configuration
+with a browser? Does that not raise security issues?</A
+></H3
+><P
+> It may seem strange that regular users can edit the config files with their
+ browsers, although the whole <TT
+CLASS="FILENAME"
+>/etc/privoxy</TT
+> hierarchy
+ belongs to the user <SPAN
+CLASS="QUOTE"
+>"privoxy"</SPAN
+>, with only 644 permissions.
+ </P
+><P
+> When you use the browser-based editor, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ itself is writing to the config files. Because
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is running as the user <SPAN
+CLASS="QUOTE"
+>"privoxy"</SPAN
+>,
+ it can update its own config files.
+ </P
+><P
+> If you run <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> for multiple untrusted users (e.g. in
+ a LAN) or aren't entirely in control of your own browser, you will probably want
+ to make sure that the the web-based editor and remote toggle features are
+ <SPAN
+CLASS="QUOTE"
+>"off"</SPAN
+> by setting <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/config.html#ENABLE-EDIT-ACTIONS"
+TARGET="_top"
+>enable-edit-actions</A
+>
+ 0</TT
+>"</SPAN
+> and <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/config.html#ENABLE-REMOTE-TOGGLE"
+TARGET="_top"
+>enable-remote-toggle</A
+>
+ 0</TT
+>"</SPAN
+> in the <A
+HREF="../user-manual/config.html"
+TARGET="_top"
+>main configuration file</A
+>.
+ </P
+><P
+> As of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 3.0.7 these options are disabled by default.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN480"
+>3.11. What is the <TT
+CLASS="FILENAME"
+>default.filter</TT
+> file? What is a <SPAN
+CLASS="QUOTE"
+>"filter"</SPAN
+>?</A
+></H3
+><P
+> The <A
+HREF="../user-manual/filter-file.html"
+TARGET="_top"
+><TT
+CLASS="FILENAME"
+>default.filter</TT
+></A
+>
+ file is where <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>filters</I
+></SPAN
+> as supplied by the developers are defined.
+ Filters are a special subset of actions that can be used to modify or
+ remove web page content or headers on the fly. Content filters can
+ be applied to <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>anything</I
+></SPAN
+> in the page source,
+ header filters can be applied to either server or client headers.
+ Regular expressions are used to accomplish this.</P
+><P
+> There are a number of pre-defined filters to deal with common annoyances. The
+ filters are only defined here, to invoke them, you need to use the
+ <A
+HREF="../user-manual/actions-file.html#FILTER"
+TARGET="_top"
+><TT
+CLASS="LITERAL"
+>filter</TT
+>
+ action</A
+> in one of the actions files. Content filtering is automatically
+ disabled for inappropriate MIME types, but if you know better than Privoxy
+ what should or should not be filtered you can filter any content you like.</P
+><P
+> Filters should
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not</I
+></SPAN
+> be confused with <A
+HREF="../user-manual/actions-file.html#BLOCK"
+TARGET="_top"
+><TT
+CLASS="LITERAL"
+>blocks</TT
+></A
+>, which
+ is a completely different action, and is more typically used to block ads and
+ unwanted sites.</P
+><P
+> If you are familiar with regular expressions, and HTML, you can look at
+ the provided <TT
+CLASS="FILENAME"
+>default.filter</TT
+> with a text editor and define
+ your own filters. This is potentially a very powerful feature, but
+ requires some expertise in both regular expressions and HTML/HTTP.
+ You should
+ place any modifications to the default filters, or any new ones you create
+ in a separate file, such as <TT
+CLASS="FILENAME"
+>user.filter</TT
+>, so they won't
+ be overwritten during upgrades.
+ The ability to define multiple filter files
+ in <TT
+CLASS="FILENAME"
+>config</TT
+> is a new feature as of v. 3.0.5.</P
+><P
+> There is no GUI editor option for this part of the configuration,
+ but you can disable/enable the various pre-defined filters of the included
+ <TT
+CLASS="FILENAME"
+>default.filter</TT
+> file with the <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>web-based actions file editor</A
+>.
+ Note that the custom actions editor must be explicitly enabled in
+ the main config file (see <A
+HREF="../user-manual/config.html#ENABLE-EDIT-ACTIONS"
+TARGET="_top"
+>enable-edit-actions</A
+>).</P
+><P
+> If you intend to develop your own filters, you might want to have a look at
+ <A
+HREF="http://www.fabiankeil.de/sourcecode/pft/"
+TARGET="_top"
+>Privoxy-Filter-Test</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="LANCONFIG"
+>3.12. How can I set up Privoxy to act as a proxy for my
+ LAN?</A
+></H3
+><P
+> By default, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> only responds to requests
+ from <TT
+CLASS="LITERAL"
+>127.0.0.1</TT
+> (localhost). To have it act as a server for
+ a network, this needs to be changed in the <A
+HREF="../user-manual/config.html"
+TARGET="_top"
+>main configuration file</A
+>. Look for
+ the <TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/config.html#LISTEN-ADDRESS"
+TARGET="_top"
+>listen-address</A
+></TT
+>
+ option, which may be commented out with a <SPAN
+CLASS="QUOTE"
+>"#"</SPAN
+> symbol. Make sure
+ it is uncommented, and assign it the address of the LAN gateway interface,
+ and port number to use. Assuming your LAN address is 192.168.1.1 and you
+ wish to run <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> on port 8118, this line
+ should look like:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
><TR
><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->feature-y</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->?</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
-> </TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
-> </TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
-> </TD
+><PRE
+CLASS="SCREEN"
+> listen-address 192.168.1.1:8118</PRE
+></TD
></TR
+></TABLE
+></P
+><P
+> Save the file, and restart <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. Configure
+ all browsers on the network then to use this address and port number.</P
+><P
+> Alternately, you can have <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> listen on
+ all available interfaces:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
><TR
><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->feature-z</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
->?</TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
-> </TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
-> </TD
-><TD
-WIDTH="20%"
-ALIGN="LEFT"
-VALIGN="TOP"
-> </TD
+><PRE
+CLASS="SCREEN"
+> listen-address :8118</PRE
+></TD
></TR
-></TBODY
></TABLE
-></DIV
></P
+><P
+> And then use <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+>
+ <A
+HREF="../user-manual/config.html#PERMIT-ACCESS"
+TARGET="_top"
+>permit-access</A
+>
+ feature to limit connections. A firewall in this situation is recommended
+ as well.</P
+><P
+> The above steps should be the same for any TCP network, regardless of
+ operating system.</P
+><P
+> If you run <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> on a LAN with untrusted users,
+ we recommend that you double-check the <A
+HREF="../user-manual/config.html#ACCESS-CONTROL"
+TARGET="_top"
+>access control and security</A
+>
+ options!</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN531"
+>3.13. Instead of ads, now I get a checkerboard pattern. I don't want to see anything.</A
+></H3
+><P
+> The replacement for blocked images can be controlled with the <A
+HREF="../user-manual/actions-file.html#SET-IMAGE-BLOCKER"
+TARGET="_top"
+><TT
+CLASS="LITERAL"
+>set-image-blocker</TT
+>
+ action</A
+>. You have the choice of a checkerboard pattern, a transparent 1x1 GIF
+ image (aka <SPAN
+CLASS="QUOTE"
+>"blank"</SPAN
+>), or a redirect to a custom image of your choice.
+ Note that this choice only has effect for images which are blocked as images, i.e.
+ whose URLs match both a <TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/actions-file.html#HANDLE-AS-IMAGE"
+TARGET="_top"
+>handle-as-image</A
+></TT
+>
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>and</I
+></SPAN
+> <TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/actions-file.html#BLOCK"
+TARGET="_top"
+>block</A
+></TT
+> action.</P
+><P
+> If you want to see nothing, then change the <A
+HREF="../user-manual/actions-file.html#SET-IMAGE-BLOCKER"
+TARGET="_top"
+><TT
+CLASS="LITERAL"
+>set-image-blocker</TT
+>
+ action</A
+> to <SPAN
+CLASS="QUOTE"
+>"blank"</SPAN
+>. This can be done by editing the
+ <TT
+CLASS="FILENAME"
+>user.action</TT
+> file, or through the <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>web-based actions file editor</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN548"
+>3.14. Why would anybody want to see a checkerboard pattern?</A
+></H3
+><P
+> Remember that <A
+HREF="general.html#WHATSANAD"
+>telling which image is an ad and which
+ isn't</A
+>, is an educated guess. While we hope that the standard configuration
+ is rather smart, it will make occasional mistakes. The checkerboard image is visually
+ decent, and it shows you where images have been blocked, which can be very
+ helpful in case some navigation aid or otherwise innocent image was
+ erroneously blocked. It is recommended for new users so they can
+ <SPAN
+CLASS="QUOTE"
+>"see"</SPAN
+> what is happening. Some people might also enjoy seeing how
+ many banners they <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>don't</I
+></SPAN
+> have to see.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN554"
+>3.15. I see some images being replaced with text
+instead of the checkerboard image. Why and how do I get rid of this?</A
+></H3
+><P
+> This happens when the banners are not embedded in the HTML code of the
+ page itself, but in separate HTML (sub)documents that are loaded into (i)frames
+ or (i)layers, and these external HTML documents are blocked. Being non-images
+ they get replaced by a substitute HTML page rather than a substitute image,
+ which wouldn't work out technically, since the browser expects and accepts
+ only HTML when it has requested an HTML document. </P
+><P
+> The substitute page adapts to the available space and shows itself as a
+ miniature two-liner if loaded into small frames, or full-blown with a
+ large red "BLOCKED" banner if space allows.</P
+><P
+> If you prefer the banners to be blocked by images, you must see to it that
+ the HTML documents in which they are embedded are not blocked. Clicking
+ the <SPAN
+CLASS="QUOTE"
+>"See why"</SPAN
+> link offered in the substitute page will show
+ you which rule blocked the page. After changing the rule and un-blocking
+ the HTML documents, the browser will try to load the actual banner images
+ and the usual image blocking will (hopefully!) kick in.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="SRVANY"
+>3.16. Can Privoxy run as a service
+on Win2K/NT/XP?</A
+></H3
+><P
+> Yes. Version 3.0.5 introduces full <SPAN
+CLASS="APPLICATION"
+>Windows</SPAN
+> service
+ functionality. See <A
+HREF="../user-manual/installation.html#installation-pack-win"
+TARGET="_top"
+> the <I
+CLASS="CITETITLE"
+>User Manual</I
+></A
+> for details on how to install and configure
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> as a service.</P
+><P
+> Earlier 3.x versions could run as a system service using <B
+CLASS="COMMAND"
+>srvany.exe</B
+>.
+ See the discussion at <A
+HREF="http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118"
+TARGET="_top"
+>http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118</A
+>,
+ for details, and a sample configuration.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="OTHERPROXY"
+>3.17. How can I make Privoxy work with other
+proxies like Squid or Tor?</A
+></H3
+><P
+> This can be done and is often useful to combine the benefits of
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with those of a another proxy.
+ See the <A
+HREF="../user-manual/config.html#FORWARDING"
+TARGET="_top"
+>forwarding chapter</A
+>
+ in the <A
+HREF="../user-manual/index.html"
+TARGET="_top"
+>User Manual</A
+> which
+ describes how to do this, and the <A
+HREF="misc.html#TOR"
+> How do I use Privoxy together with
+ Tor</A
+> section below.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="PORT-80"
+>3.18. Can I just set Privoxy to use port 80
+and thus avoid individual browser configuration?</A
+></H3
+><P
+> No, its more complicated than that. This only works with special kinds
+ of proxies known as <SPAN
+CLASS="QUOTE"
+>"intercepting"</SPAN
+> proxies (see below).</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="TRANSPARENT"
+>3.19. Can Privoxy run as a <SPAN
+CLASS="QUOTE"
+>"transparent"</SPAN
+> proxy?</A
+></H3
+><P
+> The whole idea of Privoxy is to modify client requests
+ and server responses in all sorts of ways and therefore
+ it's not a transparent proxy as described in
+ <A
+HREF="http://tools.ietf.org/html/rfc2616"
+TARGET="_top"
+>RFC 2616</A
+>.</P
+><P
+> However, some people say <SPAN
+CLASS="QUOTE"
+>"transparent proxy"</SPAN
+> when they
+ mean <SPAN
+CLASS="QUOTE"
+>"intercepting proxy"</SPAN
+>. If you are one of them,
+ please read the <A
+HREF="#intercepting"
+TARGET="_top"
+>next entry</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="INTERCEPTING"
+>3.20. Can Privoxy run as a <SPAN
+CLASS="QUOTE"
+>"intercepting"</SPAN
+> proxy?</A
+></H3
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can't intercept traffic itself,
+ but it can handle requests that where intercepted and redirected
+ with a packet filter (like <SPAN
+CLASS="APPLICATION"
+>PF</SPAN
+> or
+ <SPAN
+CLASS="APPLICATION"
+>iptables</SPAN
+>), as long as the <TT
+CLASS="LITERAL"
+>Host</TT
+>
+ header is present.
+ </P
+><P
+> As the <TT
+CLASS="LITERAL"
+>Host</TT
+> header is required by HTTP/1.1 and as most
+ web sites rely on it anyway, this limitation shouldn't be a problem.</P
+><P
+> Please refer to your packet filter's documentation to learn how to
+ intercept and redirect traffic into <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>.
+ Afterward you just have to configure <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to
+ <A
+HREF="../user-manual/config.html#ACCEPT-INTERCEPTED-REQUESTS"
+TARGET="_top"
+>accept
+ intercepted requests</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="OUTLOOK"
+>3.21. How can I configure Privoxy for use with Outlook?</A
+></H3
+><P
+> Versions of <SPAN
+CLASS="APPLICATION"
+>Outlook</SPAN
+> prior to Office 2007, use
+ <SPAN
+CLASS="APPLICATION"
+>Internet Explorer</SPAN
+> components to both render HTML,
+ and fetch any HTTP requests that may be embedded in an HTML email. So however
+ you have <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> configured to work with IE, this
+ configuration should automatically be shared, at least with older version of
+ Internet Explorer.</P
+><P
+> Starting with Office 2007, Microsoft is instead using the MS-Word rendering
+ engine with Outlook. It is unknown whether this can be configured to use a
+ proxy.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="OUTLOOK-MORE"
+>3.22. How can I have separate rules just for HTML mail?</A
+></H3
+><P
+> The short answer is, you can't. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> has no way
+ of knowing which particular application makes a request, so there is no way to
+ distinguish between web pages and HTML mail.
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> just blindly proxies all requests. In the
+ case of <SPAN
+CLASS="APPLICATION"
+>Outlook Express</SPAN
+> (see above), OE uses
+ IE anyway, and there is no way for <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to ever
+ be able to distinguish between them (nor could any other proxy type application for
+ that matter).</P
+><P
+> For a good discussion of some of the issues involved (including privacy and
+ security issues), see
+ <A
+HREF="http://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118"
+TARGET="_top"
+>http://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118</A
+>.</P
></DIV
><DIV
CLASS="SECT2"
><H3
CLASS="SECT2"
><A
-NAME="BROWSECONFIG"
->3.6. Why can I change the configuration with a
-browser? Does that not raise security issues?</A
+NAME="SNEAKY-COOKIES"
+>3.23. I sometimes notice cookies sneaking through. How?</A
></H3
><P
->What I don't understand, is how I can browser edit the config file as a
-regular user, while the whole <TT
-CLASS="FILENAME"
->/etc/privoxy</TT
-> hierarchy
-belongs to the user <SPAN
-CLASS="QUOTE"
->"privoxy"</SPAN
->, with only 644 permissions.
- </P
-><P
->When you use the browser-based editor, <SPAN
+> <A
+HREF="http://en.wikipedia.org/wiki/Browser_cookie"
+TARGET="_top"
+>Cookies</A
+> can be
+ set in several ways. The classic method is via the
+ <TT
+CLASS="LITERAL"
+>Set-Cookie</TT
+> HTTP header. This is straightforward, and an
+ easy one to manipulate, such as the <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
->
-itself is writing to the config files. Because
-<SPAN
+> concept of
+ <A
+HREF="../user-manual/actions-file.html#SESSION-COOKIES-ONLY"
+TARGET="_top"
+>session-cookies-only</A
+>.
+ There is also the possibility of using
+ <A
+HREF="http://en.wikipedia.org/wiki/Javascript"
+TARGET="_top"
+>Javascript</A
+> to
+ set cookies (<SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> is running as the user <SPAN
-CLASS="QUOTE"
->"privoxy"</SPAN
->, it can
-update the config files.
- </P
-><P
->If you don't like this, setting <SPAN
-CLASS="QUOTE"
->"enable-edit-actions 0"</SPAN
-> in the
-config file will disable the browser-based editor. If you're that paranoid,
-you should also consider setting <SPAN
-CLASS="QUOTE"
->"enable-remote-toggle 0"</SPAN
-> to prevent
-browser-based enabling/disabling of <SPAN
+> calls these <TT
+CLASS="LITERAL"
+>content-cookies</TT
+>). This
+ is trickier because the syntax can vary widely, and thus requires a certain
+ amount of guesswork. It is not realistic to catch all of these short of
+ disabling Javascript, which would break many sites. And lastly, if the
+ cookies are embedded in a HTTPS/SSL secure session via Javascript, they are beyond
+ <SPAN
CLASS="APPLICATION"
->Privoxy</SPAN
->.
- </P
+>Privoxy's</SPAN
+> reach.</P
><P
->Note that normally only local users can connect to
-<SPAN
+> All in all, <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
->, so this is not (normally) a security
-problem.
- </P
+> can help manage cookies in general, can help minimize
+ the loss of privacy posed by cookies, but can't realistically stop all
+ cookies.</P
></DIV
><DIV
CLASS="SECT2"
><H3
CLASS="SECT2"
><A
-NAME="AEN379"
->3.7. What is <SPAN
-CLASS="QUOTE"
->"default.filter"</SPAN
->?</A
+NAME="EVIL-COOKIES"
+>3.24. Are all cookies bad? Why?</A
></H3
><P
-> The <SPAN
-CLASS="QUOTE"
->"default.filter"</SPAN
-> file is used to <SPAN
-CLASS="QUOTE"
->"filter"</SPAN
-> any
- web page content. By <SPAN
-CLASS="QUOTE"
->"filtering"</SPAN
-> we mean it can modify, remove,
- or change <I
+> No, in fact there are many beneficial uses of
+ <A
+HREF="http://en.wikipedia.org/wiki/Browser_cookie"
+TARGET="_top"
+>cookies</A
+>. Cookies are just a
+ method that browsers can use to store data between pages, or between browser
+ sessions. Sometimes there is a good reason for this, and the user's life is a
+ bit easier as a result. But there is a long history of some websites taking
+ advantage of this layer of trust, and using the data they glean from you and
+ your browsing habits for their own purposes, and maybe to your potential
+ detriment. Such sites are using you and storing their data on your system.
+ That is why the privacy conscious watch from whom those cookies come, and why
+ they really <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
->anything</I
-> on the page, including HTML tags, and
- JavaScript. Regular expressions are used to accomplish this, and operate
- on a line by line basis. This is potentially a very powerful feature, but
- requires some expertise. </P
-><P
-> If you are familiar with regular expressions, and HTML, you can look at
- the provided <TT
-CLASS="FILENAME"
->default.filter</TT
-> with a text editor and see
- some of things it can be used for.</P
+>need</I
+></SPAN
+> to be there.</P
><P
-> Presently, there is no GUI editor option for this part of the configuration,
- but you can disable/enable various sections of the included default
- file with the <SPAN
-CLASS="QUOTE"
->"Actions List Editor"</SPAN
-> from your browser.</P
+> See the
+ <A
+HREF="http://en.wikipedia.org/wiki/Browser_cookie"
+TARGET="_top"
+>Wikipedia cookie
+ definition</A
+> for more.</P
></DIV
><DIV
CLASS="SECT2"
><H3
CLASS="SECT2"
><A
-NAME="AEN391"
->3.8. How can I set up <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> to act as a proxy for my
- LAN?</A
+NAME="ALLOW-COOKIES"
+>3.25. How can I allow permanent cookies for my trusted sites?</A
></H3
><P
-> By default, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> only responds to requests
- from localhost. To have it act as a server for a network, this needs to be
- changed in the main config file where the <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- configuration is located. In that file is a <SPAN
+> There are several actions that relate to cookies. The default behavior is to
+ allow only <SPAN
CLASS="QUOTE"
->"listen-address"</SPAN
->
- option. It may be commented out with a <SPAN
-CLASS="QUOTE"
->"#"</SPAN
-> symbol. Make sure
- it is uncommented, and assign it the address of the LAN gateway interface,
- and port number to use:</P
+>"session cookies"</SPAN
+>, which means the cookies only last
+ for the current browser session. This eliminates most kinds of abuse related
+ to cookies. But there may be cases where you want cookies to last.</P
+><P
+> To disable all cookie actions, so that cookies are allowed unrestricted,
+ both in and out, for <TT
+CLASS="LITERAL"
+>example.com</TT
+>: </P
><P
> <TABLE
BORDER="0"
><TD
><PRE
CLASS="SCREEN"
-> listen-address 192.168.1.1:8118
- </PRE
+> { -crunch-incoming-cookies -crunch-outgoing-cookies -session-cookies-only -filter{content-cookies} }
+ .example.com</PRE
></TD
></TR
></TABLE
></P
><P
-> Save the file, and restart <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->. Configure
- all browsers on the network then to use this address and port number.</P
+> Place the above in <TT
+CLASS="FILENAME"
+>user.action</TT
+>. Note that some of these may
+ be off by default anyway, so this might be redundant, but there is no harm
+ being explicit in what you want to happen. <TT
+CLASS="FILENAME"
+>user.action</TT
+>
+ includes an alias for this situation, called
+ <TT
+CLASS="LITERAL"
+>allow-all-cookies</TT
+>.</P
></DIV
><DIV
CLASS="SECT2"
><H3
CLASS="SECT2"
><A
-NAME="AEN403"
->3.9. Instead of ads, now I get a checkerboard pattern. I don't want to see anything.</A
+NAME="MULTIPLES"
+>3.26. Can I have separate configurations for different users?</A
></H3
><P
-> This is a configuration option for images that
- <SPAN
+> Each instance of <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> is stopping. You have the choice of a checkerboard
- pattern, a transparent 1x1 GIF image (aka <SPAN
-CLASS="QUOTE"
->"blank"</SPAN
->), or a custom
- URL of your choice. Note that to fit this category, the URL must match both
- the <SPAN
-CLASS="QUOTE"
->"+image"</SPAN
-> and <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-> actions.</P
-><P
-> If you want to see nothing, then change the <SPAN
-CLASS="QUOTE"
->"+image-blocker"</SPAN
->
- action to <SPAN
-CLASS="QUOTE"
->"+image-blocker{blank}"</SPAN
->. This can be done from the
- <SPAN
-CLASS="QUOTE"
->"Edit Actions List"</SPAN
-> selection at <A
-HREF="http://p.p/"
+> has its own
+ configuration, including such attributes as the TCP port that it listens on.
+ What you can do is run multiple instances of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, each with
+ a unique
+ <A
+HREF="../user-manual/config.html#LISTEN-ADDRESS"
TARGET="_top"
->http://p.p/</A
->. Or by hand editing the appropriate
- actions file. This will only effect what is defined as <SPAN
-CLASS="QUOTE"
->"images"</SPAN
+>listen-address</A
>
- though. Also, some URLs that generate the bright red <SPAN
-CLASS="QUOTE"
->"Blocked"</SPAN
->
- banner, can be moved to the <SPAN
-CLASS="QUOTE"
->"+image-blocker"</SPAN
-> section for the
- same reason, but there are some limits and risks to this (see below).</P
+ configuration setting, and configuration path, and then
+ each of these can have their own configurations. Think of it as per-port
+ configuration.</P
+><P
+>
+ Simple enough for a few users, but for large installations, consider having
+ groups of users that might share like configurations.</P
></DIV
><DIV
CLASS="SECT2"
><H3
CLASS="SECT2"
><A
-NAME="AEN418"
->3.10. Why would anybody want to see a checkerboard pattern?</A
+NAME="WHITELISTS"
+>3.27. Can I set-up Privoxy as a whitelist of
+<SPAN
+CLASS="QUOTE"
+>"good"</SPAN
+> sites?</A
></H3
><P
-> This can be helpful for troubleshooting problems. It might also be good
- for anyone new to <SPAN
+> Sure. There are a couple of things you can do for simple white-listing.
+ Here's one real easy one:</P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> ############################################################
+ # Blacklist
+ ############################################################
+ { <A
+HREF="../user-manual/actions-file.html#BLOCK"
+TARGET="_top"
+>+block</A
+> }
+ / # Block *all* URLs
+
+ ############################################################
+ # Whitelist
+ ############################################################
+ { <A
+HREF="../user-manual/actions-file.html#BLOCK"
+TARGET="_top"
+>-block</A
+> }
+ kids.example.com
+ toys.example.com
+ games.example.com</PRE
+></TD
+></TR
+></TABLE
+><P
+> This allows access to only those three sites by first blocking all URLs, and
+ then subsequently allowing three specific exceptions.</P
+><P
+> Another approach is <SPAN
CLASS="APPLICATION"
->Privoxy</SPAN
-> so that they can
- see if their favorite pages are displaying correctly, and
+>Privoxy's</SPAN
+>
+ <TT
+CLASS="LITERAL"
+>trustfile</TT
+> concept, which incorporates the notion of
<SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> is not inadvertently removing something
- important.</P
+CLASS="QUOTE"
+>"trusted referrers"</SPAN
+>. See the <A
+HREF="../user-manual/config.html#TRUSTFILE"
+TARGET="_top"
+>Trust documentation</A
+>
+ for details.</P
+><P
+> These are fairly simple approaches and are not completely foolproof. There
+ are various other configuration options that should be disabled (described
+ elsewhere here and in <A
+HREF="../user-manual/"
+TARGET="_top"
+>the User Manual</A
+>)
+ so that users can't modify their own configuration and easily circumvent the
+ whitelist.</P
></DIV
><DIV
CLASS="SECT2"
><H3
CLASS="SECT2"
><A
-NAME="AEN423"
->3.11. I see large red banners on some pages that say
-<SPAN
-CLASS="QUOTE"
->"Blocked"</SPAN
->. Why and how do I get rid of this?</A
+NAME="NO-ADBLOCK"
+>3.28. How can I turn off ad-blocking?</A
></H3
><P
-> These are URLs that match something in one of
- <SPAN
-CLASS="APPLICATION"
->Privoxy's</SPAN
-> block actions (+block). It is meant
- to be a warning so that you know something has been blocked and an easy way
- for you to see why. These are handled differently than what has been defined
- explicitly as <SPAN
-CLASS="QUOTE"
->"images"</SPAN
-> (e.g. ad banners). Depending on the
- URL itself, it is sometimes hard for <SPAN
+> Ad blocking is achieved through a complex application of various <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> to
- really know whether there is indeed an ad image there or not. And there are
- limitations as to what <SPAN
+>
+ <A
+HREF="../user-manual/actions-file.html"
+TARGET="_top"
+>actions</A
+>. These
+ actions are deployed against simple images, banners, flash animations,
+ text pages, JavaScript, pop-ups and pop-unders, etc., so its not as simple as
+ just turning one or two actions off. The various actions that make up
+ <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> can do to
- <SPAN
-CLASS="QUOTE"
->"fool"</SPAN
-> the browser.</P
-><P
-> For instance, if the ad is in a frame, then it is embedded in the separate
- HTML page used for the frame. In this case, you cannot just substitute an
- aribitray image (like we would for a <SPAN
-CLASS="QUOTE"
->"blank"</SPAN
-> image), for an HTML
- page. The browser is expecting an HTML page, and that is what it must have
- for frames. So this situation can be a little trickier to deal with, and
- <SPAN
+> ad blocking are hard-coded into the default configuration files. It
+ has been assumed that everyone using <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> will use the <SPAN
-CLASS="QUOTE"
->"Blocked"</SPAN
-> page.</P
-><P
-> If you want these to be treated as if they were images, so that they can be
- made invisible, you can try moving the offending URL from the
- <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-> section to the <SPAN
-CLASS="QUOTE"
->"+imageblock"</SPAN
-> section of
- your actions file. Just be forewarned, if any URL is made
- <SPAN
-CLASS="QUOTE"
->"invisible"</SPAN
->, you may not have any inkling that something has
- been removed from that page, or why. If this approach does not work, then you are
- probably dealing with a frame (or <SPAN
-CLASS="QUOTE"
->"ilayer"</SPAN
->), and the only thing
- that can go there is an HTML page of some sort.</P
+> is interested in this
+ particular feature.
+ </P
><P
-> To deal with this situation, you could modify the
- <SPAN
-CLASS="QUOTE"
->"<TT
+> If you want to do without this, there are several approaches you can take:
+ You can manually undo the many block rules in
+ <TT
CLASS="FILENAME"
->block</TT
->"</SPAN
-> HTML template that is used by
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> to display this, and make it something
- more to your liking. Currently, there is no configuration option for this.
- You will have to modify, or create your own page, and use this to replace
+>default.action</TT
+>. Or even easier, just create your own
<TT
CLASS="FILENAME"
->templates/blocked</TT
->, which is what
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> uses to display the <SPAN
-CLASS="QUOTE"
->"Blocked"</SPAN
->
- page.</P
+>default.action</TT
+> file from scratch without the many ad
+ blocking rules, and corresponding exceptions. Or lastly, if you are not
+ concerned about the additional blocks that are done for privacy reasons, you
+ can very easily over-ride <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all</I
+></SPAN
+> blocking with the
+ following very simple rule in your <TT
+CLASS="FILENAME"
+>user.action</TT
+>:
+ </P
><P
-> Another way to deal with this is find why and where
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> is blocking the frame, and
- diable this. Then let the <SPAN
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> # Unblock everybody, everywhere
+ { <A
+HREF="../user-manual/actions-file.html#BLOCK"
+TARGET="_top"
+>-block</A
+> }
+ / # UN-Block *all* URLs</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+>
+ Or even a more comprehensive reversing of various ad related actions:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> # Unblock everybody, everywhere, and turn off appropriate filtering, etc
+ { <A
+HREF="../user-manual/actions-file.html#BLOCK"
+TARGET="_top"
+>-block</A
+> \
+ <A
+HREF="../user-manual/actions-file.html#FILTER-BANNERS-BY-SIZE"
+TARGET="_top"
+>-filter{banners-by-size}</A
+> \
+ <A
+HREF="../user-manual/actions-file.html#FILTER-BANNERS-BY-LINK"
+TARGET="_top"
+>-filter{banners-by-link}</A
+> \
+ <TT
+CLASS="LITERAL"
+>allow-popups</TT
+> \
+ }
+ / # UN-Block *all* URLs and allow ads</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> This last <SPAN
CLASS="QUOTE"
->"+image-blocker"</SPAN
-> action
- handle the ad that is embedded in the frame's HTML page. </P
+>"action"</SPAN
+> in this compound statement,
+ <TT
+CLASS="LITERAL"
+>allow-popups</TT
+>, is an <A
+HREF="../user-manual/actions-file.html#ALIASES"
+TARGET="_top"
+>alias</A
+> that disables
+ various pop-up blocking features.</P
></DIV
><DIV
CLASS="SECT2"
><H3
CLASS="SECT2"
><A
-NAME="ALLISEEISRED"
->3.12. I cannot see all of the <SPAN
-CLASS="QUOTE"
->"Blocked"</SPAN
-> page banner. All I
-see is a bright red square.</A
+NAME="TEMPLATES"
+>3.29. How can I have custom template pages, like the
+<SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>BLOCKED</I
+></SPAN
+> page?</A
></H3
><P
-> There is not enough space to fit the entire page. Try right clicking on the
- visible, red portion, and select <SPAN
-CLASS="QUOTE"
->"Show Frame"</SPAN
->, or equivalent.
- This will usually allow you to see the entire Privoxy <SPAN
-CLASS="QUOTE"
->"Blocked"</SPAN
->
- page, and from there you can see just what is being blocked, and why.</P
-></DIV
-><DIV
-CLASS="SECT2"
-><H3
-CLASS="SECT2"
-><A
-NAME="SRVANY"
->3.13. Can <SPAN
+> <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> run as a service
-on Win2K/NT?</A
-></H3
-><P
-> Yes, it can run as a system service using <B
-CLASS="COMMAND"
->srvany.exe</B
->.
- The only catch is that this will effectively disable the
+> <SPAN
+CLASS="QUOTE"
+>"templates"</SPAN
+> are specialized text files utilized by
<SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> icon in the taskbar. You can have
- one or the other, but not both at this time :( </P
+> for various purposes and can easily be modified using any text
+ editor. All the template pages are installed in a sub-directory appropriately
+ named: <TT
+CLASS="FILENAME"
+>templates</TT
+>. Knowing something about HTML syntax
+ will of course be helpful.</P
><P
-> There is a pending feature request for this functionality. See
- thread: <A
-HREF="http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118"
+> Be forewarned that the default templates are subject to being overwritten
+ during upgrades. You can, however, create completely new templates,
+ place them in another directory and specify the alternate path in the main
+ <TT
+CLASS="FILENAME"
+>config</TT
+>. For details, have a look at the <A
+HREF="../user-manual/config.html#templdir"
TARGET="_top"
->http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118</A
->,
- for details, and a sample configuration. </P
+>templdir</A
+> option. </P
></DIV
><DIV
CLASS="SECT2"
><H3
CLASS="SECT2"
><A
-NAME="OTHERPROXY"
->3.14. How can I make <SPAN
+NAME="BLOCKALL"
+>3.30. How can I remove the <SPAN
+CLASS="QUOTE"
+>"Go There Anyway"</SPAN
+> link from
+the <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>BLOCKED</I
+></SPAN
+> page?</A
+></H3
+><P
+> There is more than one way to do it (although Perl is not involved).</P
+><P
+> Editing the BLOCKED template page (see above) may dissuade some users, but
+ this method is easily circumvented. Where you need this level of control, you
+ might want to build <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> work with other
-proxies like <SPAN
+> from source, and disable various features that are
+ available as compile-time options. You should
+ <B
+CLASS="COMMAND"
+>configure</B
+> the sources as follows:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> ./configure --disable-toggle --disable-editor --disable-force</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> This will create an executable with hard-coded security features so that
+ <SPAN
CLASS="APPLICATION"
->Squid</SPAN
->?</A
-></H3
+>Privoxy</SPAN
+> does not allow easy bypassing of blocked sites, or changing the
+ current configuration via any connected user's web browser.</P
><P
-> This can be done. See the <A
-HREF="../user-manual/configuration.html#FORWARDING"
+> Finally, all of these features can also be toggled on/off via options in
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> main <A
+HREF="../user-manual/config.html#ACCESS-CONTROL"
TARGET="_top"
->user manual</A
->,
- which describes how to do this. </P
+>config</A
+> file which
+ means you don't have to recompile anything.</P
></DIV
></DIV
><DIV
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="top"
><A
HREF="installation.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="top"
><A
HREF="index.html"
+ACCESSKEY="H"
>Home</A
></TD
><TD
VALIGN="top"
><A
HREF="misc.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
projects / privoxy.git / blobdiff