-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Actions Files</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
+"><LINK
REL="HOME"
-TITLE="Privoxy 3.0.3 User Manual"
+TITLE="Privoxy 3.0.4 User Manual"
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="The Main Configuration File"
HREF="config.html"><LINK
REL="NEXT"
-TITLE="The Filter File"
+TITLE="Filter Files"
HREF="filter-file.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
><TH
COLSPAN="3"
ALIGN="center"
->Privoxy 3.0.3 User Manual</TH
+>Privoxy 3.0.4 User Manual</TH
></TR
><TR
><TD
CLASS="SECT1"
><A
NAME="ACTIONS-FILE"
->8. Actions Files</A
-></H1
+></A
+>8. Actions Files</H1
><P
> The actions files are used to define what actions
<SPAN
> <DIV
CLASS="TABLE"
><A
-NAME="AEN1654"
+NAME="AEN1784"
></A
><P
><B
></P
><TABLE
BORDER="1"
-FRAME="border"
-RULES="all"
CLASS="CALSTABLE"
-><COL
-WIDTH="1*"
-TITLE="C1"><COL
-WIDTH="1*"
-TITLE="C2"><COL
-WIDTH="1*"
-TITLE="C3"><COL
-WIDTH="1*"
-TITLE="C4"><THEAD
+><THEAD
><TR
><TH
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>Feature</TH
><TH
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>Cautious</TH
><TH
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>Medium</TH
><TH
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>Adventuresome</TH
></TR
></THEAD
><TBODY
><TR
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>Ad-blocking by URL</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>Ad-filtering by size</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>GIF de-animation</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>no</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>Referer forging</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>no</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>Cookie handling</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>none</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>session-only</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>kill</TD
></TR
><TR
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>Pop-up killing</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>unsolicited</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>unsolicited</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>all</TD
></TR
><TR
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>Fast redirects</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>no</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>no</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>HTML taming</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>JavaScript taming</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>Web-bug killing</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>Fun text replacements</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>no</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>no</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>Image tag reordering</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>no</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>no</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>Ad-filtering by link</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>no</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>no</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>Demoronizer</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>no</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>no</TD
><TD
+WIDTH="25%"
+ALIGN="LEFT"
+VALIGN="TOP"
>yes</TD
></TR
></TBODY
><H2
CLASS="SECT2"
><A
-NAME="AEN1753"
->8.1. Finding the Right Mix</A
-></H2
+NAME="AEN1883"
+></A
+>8.1. Finding the Right Mix</H2
><P
> Note that some <A
HREF="actions-file.html#ACTIONS"
><H2
CLASS="SECT2"
><A
-NAME="AEN1760"
->8.2. How to Edit</A
-></H2
+NAME="AEN1890"
+></A
+>8.2. How to Edit</H2
><P
> The easiest way to edit the actions files is with a browser by
using our browser-based editor, which can be reached from <A
CLASS="SECT2"
><A
NAME="ACTIONS-APPLY"
->8.3. How Actions are Applied to URLs</A
-></H2
+></A
+>8.3. How Actions are Applied to URLs</H2
><P
> Actions files are divided into sections. There are special sections,
like the <SPAN
Below that, there is a list of URL patterns, each on a separate line.</P
><P
> To determine which actions apply to a request, the URL of the request is
- compared to all patterns in each action file file. Every time it matches, the list of
+ compared to all patterns in each <SPAN
+CLASS="QUOTE"
+>"action file"</SPAN
+> file. Every time it matches, the list of
applicable actions for the URL is incrementally updated, using the heading
of the section in which the pattern is located. If multiple matches for
the same URL set the same action differently, the last match wins. If not,
the effects are aggregated. E.g. a URL might match a regular section with
- a heading line of <VAR
+ a heading line of <TT
CLASS="LITERAL"
>{
+<A
HREF="actions-file.html#HANDLE-AS-IMAGE"
>handle-as-image</A
-> }</VAR
+> }</TT
>,
- then later another one with just <VAR
+ then later another one with just <TT
CLASS="LITERAL"
>{
+<A
HREF="actions-file.html#BLOCK"
>block</A
-> }</VAR
+> }</TT
>, resulting
in <SPAN
CLASS="emphasis"
CLASS="SECT2"
><A
NAME="AF-PATTERNS"
->8.4. Patterns</A
-></H2
+></A
+>8.4. Patterns</H2
><P
>
As mentioned, <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
> pattern has the form
- <VAR
+ <TT
CLASS="LITERAL"
-><domain>/<path></VAR
+><domain>/<path></TT
>, where both the
- <VAR
+ <TT
CLASS="LITERAL"
-><domain></VAR
-> and <VAR
+><domain></TT
+> and <TT
CLASS="LITERAL"
-><path></VAR
+><path></TT
> are
- optional. (This is why the special <VAR
+ optional. (This is why the special <TT
CLASS="LITERAL"
->/</VAR
+>/</TT
> pattern matches all
URLs). Note that the protocol portion of the URL pattern (e.g.
- <VAR
+ <TT
CLASS="LITERAL"
->http://</VAR
+>http://</TT
>) should <SPAN
CLASS="emphasis"
><I
CLASS="VARIABLELIST"
><DL
><DT
-><VAR
+><TT
CLASS="LITERAL"
->www.example.com/</VAR
+>www.example.com/</TT
></DT
><DD
><P
-> is a domain-only pattern and will match any request to <VAR
+> is a domain-only pattern and will match any request to <TT
CLASS="LITERAL"
->www.example.com</VAR
+>www.example.com</TT
>,
regardless of which document on that server is requested.
</P
></DD
><DT
-><VAR
+><TT
CLASS="LITERAL"
->www.example.com</VAR
+>www.example.com</TT
></DT
><DD
><P
-> means exactly the same. For domain-only patterns, the trailing <VAR
+> means exactly the same. For domain-only patterns, the trailing <TT
CLASS="LITERAL"
->/</VAR
+>/</TT
> may
be omitted.
</P
></DD
><DT
-><VAR
+><TT
CLASS="LITERAL"
->www.example.com/index.html</VAR
+>www.example.com/index.html</TT
></DT
><DD
><P
-> matches only the single document <VAR
+> matches only the single document <TT
CLASS="LITERAL"
->/index.html</VAR
+>/index.html</TT
>
- on <VAR
+ on <TT
CLASS="LITERAL"
->www.example.com</VAR
+>www.example.com</TT
>.
</P
></DD
><DT
-><VAR
+><TT
CLASS="LITERAL"
->/index.html</VAR
+>/index.html</TT
></DT
><DD
><P
-> matches the document <VAR
+> matches the document <TT
CLASS="LITERAL"
->/index.html</VAR
+>/index.html</TT
>, regardless of the domain,
i.e. on <SPAN
CLASS="emphasis"
</P
></DD
><DT
-><VAR
+><TT
CLASS="LITERAL"
->index.html</VAR
+>index.html</TT
></DT
><DD
><P
> matches nothing, since it would be interpreted as a domain name and
- there is no top-level domain called <VAR
+ there is no top-level domain called <TT
CLASS="LITERAL"
->.html</VAR
+>.html</TT
>.
</P
></DD
><H3
CLASS="SECT3"
><A
-NAME="AEN1833"
->8.4.1. The Domain Pattern</A
-></H3
+NAME="AEN1964"
+></A
+>8.4.1. The Domain Pattern</H3
><P
> The matching of the domain part offers some flexible options: if the
domain starts or ends with a dot, it becomes unanchored at that end.
CLASS="VARIABLELIST"
><DL
><DT
-><VAR
+><TT
CLASS="LITERAL"
->.example.com</VAR
+>.example.com</TT
></DT
><DD
><P
>ENDS</I
></SPAN
> in
- <VAR
+ <TT
CLASS="LITERAL"
->.example.com</VAR
+>.example.com</TT
>
</P
></DD
><DT
-><VAR
+><TT
CLASS="LITERAL"
->www.</VAR
+>www.</TT
></DT
><DD
><P
>STARTS</I
></SPAN
> with
- <VAR
+ <TT
CLASS="LITERAL"
->www.</VAR
+>www.</TT
>
</P
></DD
><DT
-><VAR
+><TT
CLASS="LITERAL"
->.example.</VAR
+>.example.</TT
></DT
><DD
><P
CLASS="EMPHASIS"
>CONTAINS</I
></SPAN
-> <VAR
+> <TT
CLASS="LITERAL"
->.example.</VAR
+>.example.</TT
>
- (Correctly speaking: It matches any FQDN that contains <VAR
+ (Correctly speaking: It matches any FQDN that contains <TT
CLASS="LITERAL"
->example</VAR
+>example</TT
> as a domain.)
</P
></DD
CLASS="VARIABLELIST"
><DL
><DT
-><VAR
+><TT
CLASS="LITERAL"
->ad*.example.com</VAR
+>ad*.example.com</TT
></DT
><DD
><P
</P
></DD
><DT
-><VAR
+><TT
CLASS="LITERAL"
->*ad*.example.com</VAR
+>*ad*.example.com</TT
></DT
><DD
><P
</P
></DD
><DT
-><VAR
+><TT
CLASS="LITERAL"
->.?pix.com</VAR
+>.?pix.com</TT
></DT
><DD
><P
-> matches <VAR
+> matches <TT
CLASS="LITERAL"
->www.ipix.com</VAR
+>www.ipix.com</TT
>,
- <VAR
+ <TT
CLASS="LITERAL"
->pictures.epix.com</VAR
->, <VAR
+>pictures.epix.com</TT
+>, <TT
CLASS="LITERAL"
->a.b.c.d.e.upix.com</VAR
+>a.b.c.d.e.upix.com</TT
> etc.
</P
></DD
><DT
-><VAR
+><TT
CLASS="LITERAL"
->www[1-9a-ez].example.c*</VAR
+>www[1-9a-ez].example.c*</TT
></DT
><DD
><P
-> matches <VAR
+> matches <TT
CLASS="LITERAL"
->www1.example.com</VAR
+>www1.example.com</TT
>,
- <VAR
+ <TT
CLASS="LITERAL"
->www4.example.cc</VAR
->, <VAR
+>www4.example.cc</TT
+>, <TT
CLASS="LITERAL"
->wwwd.example.cy</VAR
+>wwwd.example.cy</TT
>,
- <VAR
+ <TT
CLASS="LITERAL"
->wwwz.example.com</VAR
+>wwwz.example.com</TT
> etc., but <SPAN
CLASS="emphasis"
><I
>not</I
></SPAN
>
- <VAR
+ <TT
CLASS="LITERAL"
->wwww.example.com</VAR
+>wwww.example.com</TT
>.
</P
></DD
><H3
CLASS="SECT3"
><A
-NAME="AEN1895"
->8.4.2. The Path Pattern</A
-></H3
+NAME="AEN2026"
+></A
+>8.4.2. The Path Pattern</H3
><P
> <SPAN
CLASS="APPLICATION"
TARGET="_top"
>http://www.pcre.org/man.txt</A
>.
- You might also find the Perl man page on regular expressions (<VAR
+ You might also find the Perl man page on regular expressions (<TT
CLASS="LITERAL"
->man perlre</VAR
+>man perlre</TT
>)
useful, which is available on-line at <A
HREF="http://www.perldoc.com/perl5.6/pod/perlre.html"
<SPAN
CLASS="QUOTE"
>"(?-i)"</SPAN
-> switch: <VAR
+> switch: <TT
CLASS="LITERAL"
->www.example.com/(?-i)PaTtErN.*</VAR
+>www.example.com/(?-i)PaTtErN.*</TT
> will match
- only documents whose path starts with <VAR
+ only documents whose path starts with <TT
CLASS="LITERAL"
->PaTtErN</VAR
+>PaTtErN</TT
> in
<SPAN
CLASS="emphasis"
CLASS="SECT2"
><A
NAME="ACTIONS"
->8.5. Actions</A
-></H2
+></A
+>8.5. Actions</H2
><P
> All actions are disabled by default, until they are explicitly enabled
somewhere in an actions file. Actions are turned on if preceded with a
CLASS="QUOTE"
>"-"</SPAN
>. So a
- <VAR
+ <TT
CLASS="LITERAL"
->+action</VAR
+>+action</TT
> means <SPAN
CLASS="QUOTE"
>"do that action"</SPAN
>, e.g.
- <VAR
+ <TT
CLASS="LITERAL"
->+block</VAR
+>+block</TT
> means <SPAN
CLASS="QUOTE"
>"please block URLs that match the
following patterns"</SPAN
->, and <VAR
+>, and <TT
CLASS="LITERAL"
->-block</VAR
+>-block</TT
> means <SPAN
CLASS="QUOTE"
>"don't
- block URLs that match the following patterns, even if <VAR
+ block URLs that match the following patterns, even if <TT
CLASS="LITERAL"
->+block</VAR
+>+block</TT
>
previously applied."</SPAN
> </P
>
Again, actions are invoked by placing them on a line, enclosed in curly braces and
separated by whitespace, like in
- <VAR
+ <TT
CLASS="LITERAL"
->{+some-action -some-other-action{some-parameter}}</VAR
+>{+some-action -some-other-action{some-parameter}}</TT
>,
followed by a list of URL patterns, one per line, to which they apply.
Together, the actions line and the following pattern lines make up a section
><TD
><PRE
CLASS="SCREEN"
-> +<VAR
+> +<TT
CLASS="REPLACEABLE"
->name</VAR
-> # enable action <VAR
+><I
+>name</I
+></TT
+> # enable action <TT
CLASS="REPLACEABLE"
->name</VAR
+><I
+>name</I
+></TT
>
- -<VAR
+ -<TT
CLASS="REPLACEABLE"
->name</VAR
-> # disable action <VAR
+><I
+>name</I
+></TT
+> # disable action <TT
CLASS="REPLACEABLE"
->name</VAR
+><I
+>name</I
+></TT
></PRE
></TD
></TR
</P
><P
>
- Example: <VAR
+ Example: <TT
CLASS="LITERAL"
->+block</VAR
+>+block</TT
>
</P
></LI
><TD
><PRE
CLASS="SCREEN"
-> +<VAR
+> +<TT
CLASS="REPLACEABLE"
->name</VAR
->{<VAR
+><I
+>name</I
+></TT
+>{<TT
CLASS="REPLACEABLE"
->param</VAR
->} # enable action and set parameter to <VAR
+><I
+>param</I
+></TT
+>} # enable action and set parameter to <TT
CLASS="REPLACEABLE"
->param</VAR
+><I
+>param</I
+></TT
>,
# overwriting parameter from previous match if necessary
- -<VAR
+ -<TT
CLASS="REPLACEABLE"
->name</VAR
+><I
+>name</I
+></TT
> # disable action. The parameter can be omitted</PRE
></TD
></TR
</P
><P
>
- Example: <VAR
+ Example: <TT
CLASS="LITERAL"
->+hide-user-agent{ Mozilla 1.0 }</VAR
+>+hide-user-agent{ Mozilla 1.0 }</TT
>
</P
></LI
><TD
><PRE
CLASS="SCREEN"
-> +<VAR
+> +<TT
CLASS="REPLACEABLE"
->name</VAR
->{<VAR
+><I
+>name</I
+></TT
+>{<TT
CLASS="REPLACEABLE"
->param</VAR
->} # enable action and add <VAR
+><I
+>param</I
+></TT
+>} # enable action and add <TT
CLASS="REPLACEABLE"
->param</VAR
+><I
+>param</I
+></TT
> to the list of parameters
- -<VAR
+ -<TT
CLASS="REPLACEABLE"
->name</VAR
->{<VAR
+><I
+>name</I
+></TT
+>{<TT
CLASS="REPLACEABLE"
->param</VAR
->} # remove the parameter <VAR
+><I
+>param</I
+></TT
+>} # remove the parameter <TT
CLASS="REPLACEABLE"
->param</VAR
+><I
+>param</I
+></TT
> from the list of parameters
# If it was the last one left, disable the action.
- <VAR
+ <TT
CLASS="REPLACEABLE"
->-name</VAR
+><I
+>-name</I
+></TT
> # disable this action completely and remove all parameters from the list</PRE
></TD
></TR
</P
><P
>
- Examples: <VAR
+ Examples: <TT
CLASS="LITERAL"
->+add-header{X-Fun-Header: Some text}</VAR
+>+add-header{X-Fun-Header: Some text}</TT
> and
- <VAR
+ <TT
CLASS="LITERAL"
->+filter{html-annoyances}</VAR
+>+filter{html-annoyances}</TT
>
</P
></LI
CLASS="SECT3"
><A
NAME="ADD-HEADER"
->8.5.1. add-header</A
-></H4
+></A
+>8.5.1. add-header</H4
><P
></P
><DIV
> Any string value is possible. Validity of the defined HTTP headers is not checked.
It is recommended that you use the <SPAN
CLASS="QUOTE"
->"<VAR
+>"<TT
CLASS="LITERAL"
->X-</VAR
+>X-</TT
>"</SPAN
> prefix
for custom headers.
CLASS="SECT3"
><A
NAME="BLOCK"
->8.5.2. block</A
-></H4
+></A
+>8.5.2. block</H4
><P
></P
><DIV
><P
> Requests for URLs to which this action applies are blocked, i.e. the requests are not
forwarded to the remote server, but answered locally with a substitute page or image,
- as determined by the <VAR
+ as determined by the <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#HANDLE-AS-IMAGE"
>handle-as-image</A
-></VAR
+></TT
>
- and <VAR
+ and <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#SET-IMAGE-BLOCKER"
>set-image-blocker</A
-></VAR
+></TT
> actions.
</P
></DD
>both</I
></SPAN
>
- <VAR
+ <TT
CLASS="LITERAL"
->block</VAR
-> and <VAR
+>block</TT
+> and <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#HANDLE-AS-IMAGE"
>handle-as-image</A
-></VAR
+></TT
>,
apply to the same request: it will then be replaced by an image. If
- <VAR
+ <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#SET-IMAGE-BLOCKER"
>set-image-blocker</A
-></VAR
+></TT
>
(see below) also applies, the type of image will be determined by its parameter,
if not, the standard checkerboard pattern is sent.
ads and other unwanted content.
</P
><P
-> The <VAR
+> The <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#FILTER"
>filter</A
-></VAR
+></TT
>
action can perform a very similar task, by <SPAN
CLASS="QUOTE"
><H4
CLASS="SECT3"
><A
-NAME="CRUNCH-INCOMING-COOKIES"
->8.5.3. crunch-incoming-cookies</A
-></H4
+NAME="CONTENT-TYPE-OVERWRITE"
+></A
+>8.5.3. content-type-overwrite</H4
><P
></P
><DIV
>Typical use:</DT
><DD
><P
-> Prevent the web server from setting any cookies on your system
- </P
+>Stop useless download menus from popping up, or change the browser's rendering mode</P
></DD
><DT
>Effect:</DT
><DD
><P
-> Deletes any <SPAN
+> Replaces the <SPAN
CLASS="QUOTE"
->"Set-Cookie:"</SPAN
-> HTTP headers from server replies.
+>"Content-Type:"</SPAN
+> HTTP server header.
</P
></DD
><DT
>Type:</DT
><DD
><P
->Boolean.</P
+>Parameterized.</P
></DD
><DT
>Parameter:</DT
><DD
><P
-> N/A
+> Any string.
</P
></DD
><DT
>Notes:</DT
><DD
><P
-> This action is only concerned with <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->incoming</I
-></SPAN
-> cookies. For
+> The <SPAN
+CLASS="QUOTE"
+>"Content-Type:"</SPAN
+> HTTP server header is used by the
+ browser to decide what to do with the document. The value of this
+ header can cause the browser to open a download menu instead of
+ displaying the document by itself, even if the document's format is
+ supported by the browser.
+ </P
+><P
+> The declared content type can also affect which rendering mode
+ the browser chooses. If XHTML is delivered as <SPAN
+CLASS="QUOTE"
+>"text/html"</SPAN
+>,
+ many browsers treat it as yet another broken HTML document.
+ If it is send as <SPAN
+CLASS="QUOTE"
+>"application/xml"</SPAN
+>, browsers with
+ XHTML support will only display it, if the syntax is correct.
+ </P
+><P
+> If you see a web site that proudly uses XHTML buttons, but sets
<SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->outgoing</I
-></SPAN
-> cookies, use
- <VAR
+CLASS="QUOTE"
+>"Content-Type: text/html"</SPAN
+>, you can use Privoxy
+ to overwrite it with <SPAN
+CLASS="QUOTE"
+>"application/xml"</SPAN
+> and validate
+ the web master's claim inside your XHTML-supporting browser.
+ If the syntax is incorrect, the browser will complain loudly.
+ </P
+><P
+> You can also go the opposite direction: if your browser prints
+ error messages instead of rendering a document falsely declared
+ as XHTML, you can overwrite the content type with
+ <SPAN
+CLASS="QUOTE"
+>"text/html"</SPAN
+> and have it rendered as broken HTML document.
+ </P
+><P
+> By default <TT
+CLASS="LITERAL"
+>content-type-overwrite</TT
+> only replaces
+ <SPAN
+CLASS="QUOTE"
+>"Content-Type:"</SPAN
+> headers that look like some kind of text.
+ If you want to overwrite it unconditionally, you have to combine it with
+ <TT
CLASS="LITERAL"
><A
-HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
->crunch-outgoing-cookies</A
-></VAR
+HREF="actions-file.html#FORCE-TEXT-MODE"
+>force-text-mode</A
+></TT
>.
- Use <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->both</I
-></SPAN
-> to disable cookies completely.
+ This limitation exists for a reason, think twice before circumventing it.
</P
><P
-> It makes <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->no sense at all</I
-></SPAN
-> to use this action in conjunction
- with the <VAR
+> Most of the time it's easier to enable
+ <TT
CLASS="LITERAL"
><A
-HREF="actions-file.html#SESSION-COOKIES-ONLY"
->session-cookies-only</A
-></VAR
-> action,
- since it would prevent the session cookies from being set. See also
- <VAR
+HREF="filter-file.html#FILTER-SERVER-HEADERS"
+>filter-server-headers</A
+></TT
+>
+ and replace this action with a custom regular expression. It allows you
+ to activate it for every document of a certain site and it will still
+ only replace the content types you aimed at.
+ </P
+><P
+> Of course you can apply <TT
CLASS="LITERAL"
-><A
-HREF="actions-file.html#FILTER-CONTENT-COOKIES"
->filter-content-cookies</A
-></VAR
->.
+>content-type-overwrite</TT
+>
+ to a whole site and then make URL based exceptions, but it's a lot
+ more work to get the same precision.
</P
></DD
><DT
->Example usage:</DT
+>Example usage (sections):</DT
><DD
><P
-> <TABLE
+> <TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TD
><PRE
CLASS="SCREEN"
->+crunch-incoming-cookies</PRE
+># Check if www.example.net/ really uses valid XHTML
+{+content-type-overwrite {application/xml}}
+www.example.net/
+# but leave the content type unmodified if the URL looks like a style sheet
+{-content-type-overwrite}
+www.example.net/*.\.css$
+www.example.net/*.style</PRE
></TD
></TR
></TABLE
><H4
CLASS="SECT3"
><A
-NAME="CRUNCH-OUTGOING-COOKIES"
->8.5.4. crunch-outgoing-cookies</A
-></H4
+NAME="CRUNCH-CLIENT-HEADER"
+></A
+>8.5.4. crunch-server-header</H4
><P
></P
><DIV
>Typical use:</DT
><DD
><P
-> Prevent the web server from reading any cookies from your system
- </P
+>Remove a client header <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> has no dedicated action for.</P
></DD
><DT
>Effect:</DT
><DD
><P
-> Deletes any <SPAN
-CLASS="QUOTE"
->"Cookie:"</SPAN
-> HTTP headers from client requests.
+> Deletes every header send by the client that contains the string the user supplied as parameter.
</P
></DD
><DT
>Type:</DT
><DD
><P
->Boolean.</P
+>Parameterized.</P
></DD
><DT
>Parameter:</DT
><DD
><P
-> N/A
+> Any string.
</P
></DD
><DT
>Notes:</DT
><DD
><P
-> This action is only concerned with <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->outgoing</I
-></SPAN
-> cookies. For
+> This action allows you to block client headers for which no dedicated
<SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->incoming</I
-></SPAN
-> cookies, use
- <VAR
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
->crunch-incoming-cookies</A
-></VAR
->.
- Use <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->both</I
-></SPAN
-> to disable cookies completely.
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> action exists.
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will remove every client header that
+ contains the string you supplied as parameter.
</P
><P
-> It makes <SPAN
+> Regular expressions are <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
->no sense at all</I
+>not supported</I
></SPAN
-> to use this action in conjunction
- with the <VAR
+> and you can't
+ use this action to block different headers in the same request, unless
+ they contain the same string.
+ </P
+><P
+> <TT
+CLASS="LITERAL"
+>crunch-client-header</TT
+> is only meant for quick tests.
+ If you have to block several different headers, or only want to modify
+ parts of them, you should enable
+ <TT
CLASS="LITERAL"
><A
-HREF="actions-file.html#SESSION-COOKIES-ONLY"
->session-cookies-only</A
-></VAR
-> action,
- since it would prevent the session cookies from being read.
+HREF="filter-file.html#FILTER-CLIENT-HEADERS"
+>filter-client-headers</A
+></TT
+>
+ and create your own filter.
</P
-></DD
-><DT
->Example usage:</DT
-><DD
+><DIV
+CLASS="WARNING"
><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
+></P
+><TABLE
+CLASS="WARNING"
+BORDER="1"
WIDTH="90%"
><TR
><TD
-><PRE
-CLASS="SCREEN"
->+crunch-outgoing-cookies</PRE
-></TD
+ALIGN="CENTER"
+><B
+>Warning</B
+></TD
+></TR
+><TR
+><TD
+ALIGN="LEFT"
+><P
+> Don't block any header without understanding the consequences.
+ </P
+></TD
+></TR
+></TABLE
+></DIV
+></DD
+><DT
+>Example usage (section):</DT
+><DD
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Block the non-existent "Privacy-Violation:" client header
+{+crunch-client-header {Privacy-Violation:}}
+/
+ </PRE
+></TD
></TR
></TABLE
>
><H4
CLASS="SECT3"
><A
-NAME="DEANIMATE-GIFS"
->8.5.5. deanimate-gifs</A
-></H4
+NAME="CRUNCH-IF-NONE-MATCH"
+></A
+>8.5.5. crunch-if-none-match</H4
><P
></P
><DIV
>Typical use:</DT
><DD
><P
->Stop those annoying, distracting animated GIF images.</P
+>Prevent yet another way to track the user's steps between sessions.</P
></DD
><DT
>Effect:</DT
><DD
><P
-> De-animate GIF animations, i.e. reduce them to their first or last image.
+> Deletes the <SPAN
+CLASS="QUOTE"
+>"If-None-Match:"</SPAN
+> HTTP client header.
</P
></DD
><DT
>Type:</DT
><DD
><P
->Parameterized.</P
+>Boolean.</P
></DD
><DT
>Parameter:</DT
><DD
><P
-> <SPAN
-CLASS="QUOTE"
->"last"</SPAN
-> or <SPAN
-CLASS="QUOTE"
->"first"</SPAN
->
+> N/A
</P
></DD
><DT
>Notes:</DT
><DD
><P
-> This will also shrink the images considerably (in bytes, not pixels!). If
- the option <SPAN
+> Removing the <SPAN
CLASS="QUOTE"
->"first"</SPAN
-> is given, the first frame of the animation
- is used as the replacement. If <SPAN
+>"If-None-Match:"</SPAN
+> HTTP client header
+ is useful for filter testing, where you want to force a real
+ reload instead of getting status code <SPAN
CLASS="QUOTE"
->"last"</SPAN
-> is given, the last
- frame of the animation is used instead, which probably makes more sense for
- most banner animations, but also has the risk of not showing the entire
- last frame (if it is only a delta to an earlier frame).
+>"304"</SPAN
+> which
+ would cause the browser to use a cached copy of the page.
</P
><P
-> You can safely use this action with patterns that will also match non-GIF
- objects, because no attempt will be made at anything that doesn't look like
- a GIF.
+> It is also useful to make sure the header isn't used as a cookie
+ replacement.
+ </P
+><P
+> Blocking the <SPAN
+CLASS="QUOTE"
+>"If-None-Match:"</SPAN
+> header shouldn't cause any
+ caching problems, as long as the <SPAN
+CLASS="QUOTE"
+>"If-Modified-Since:"</SPAN
+> header
+ isn't blocked as well.
+ </P
+><P
+> It is recommended to use this action together with
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HIDE-IF-MODIFIED-SINCE"
+>hide-if-modified-since</A
+></TT
+>
+ and
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#OVERWRITE-LAST-MODIFIED"
+>overwrite-last-modified</A
+></TT
+>.
</P
></DD
><DT
->Example usage:</DT
+>Example usage (section):</DT
><DD
><P
-> <TABLE
+> <TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TD
><PRE
CLASS="SCREEN"
->+deanimate-gifs{last}</PRE
+># Let the browser revalidate cached documents without being tracked across sessions
+{+hide-if-modified-since {-1} \
++overwrite-last-modified {randomize} \
++crunch-if-none-match}
+/ </PRE
></TD
></TR
></TABLE
>
- </P
+ </P
></DD
></DL
></DIV
><H4
CLASS="SECT3"
><A
-NAME="DOWNGRADE-HTTP-VERSION"
->8.5.6. downgrade-http-version</A
-></H4
+NAME="CRUNCH-INCOMING-COOKIES"
+></A
+>8.5.6. crunch-incoming-cookies</H4
><P
></P
><DIV
>Typical use:</DT
><DD
><P
->Work around (very rare) problems with HTTP/1.1</P
+> Prevent the web server from setting any cookies on your system
+ </P
></DD
><DT
>Effect:</DT
><DD
><P
-> Downgrades HTTP/1.1 client requests and server replies to HTTP/1.0.
+> Deletes any <SPAN
+CLASS="QUOTE"
+>"Set-Cookie:"</SPAN
+> HTTP headers from server replies.
</P
></DD
><DT
>Notes:</DT
><DD
><P
-> This is a left-over from the time when <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- didn't support important HTTP/1.1 features well. It is left here for the
- unlikely case that you experience HTTP/1.1 related problems with some server
- out there. Not all (optional) HTTP/1.1 features are supported yet, so there
- is a chance you might need this action.
+> This action is only concerned with <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>incoming</I
+></SPAN
+> cookies. For
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>outgoing</I
+></SPAN
+> cookies, use
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
+>crunch-outgoing-cookies</A
+></TT
+>.
+ Use <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>both</I
+></SPAN
+> to disable cookies completely.
+ </P
+><P
+> It makes <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>no sense at all</I
+></SPAN
+> to use this action in conjunction
+ with the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#SESSION-COOKIES-ONLY"
+>session-cookies-only</A
+></TT
+> action,
+ since it would prevent the session cookies from being set. See also
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FILTER-CONTENT-COOKIES"
+>filter-content-cookies</A
+></TT
+>.
</P
></DD
><DT
->Example usage (section):</DT
+>Example usage:</DT
><DD
><P
-> <TABLE
+> <TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TD
><PRE
CLASS="SCREEN"
->{+downgrade-http-version}
-problem-host.example.com</PRE
+>+crunch-incoming-cookies</PRE
></TD
></TR
></TABLE
>
- </P
+ </P
></DD
></DL
></DIV
><H4
CLASS="SECT3"
><A
-NAME="FAST-REDIRECTS"
->8.5.7. fast-redirects</A
-></H4
+NAME="CRUNCH-SERVER-HEADER"
+></A
+>8.5.7. crunch-server-header</H4
><P
></P
><DIV
>Typical use:</DT
><DD
><P
->Fool some click-tracking scripts and speed up indirect links</P
+>Remove a server header <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> has no dedicated action for.</P
></DD
><DT
>Effect:</DT
><DD
><P
-> Cut off all but the last valid URL from requests.
+> Deletes every header sent by the server that contains the string the user supplied as parameter.
</P
></DD
><DT
>Type:</DT
><DD
><P
->Boolean.</P
+>Parameterized.</P
></DD
><DT
>Parameter:</DT
><DD
><P
-> N/A
+> Any string.
</P
></DD
><DT
>Notes:</DT
><DD
><P
->
- Many sites, like yahoo.com, don't just link to other sites. Instead, they
- will link to some script on their own servers, giving the destination as a
- parameter, which will then redirect you to the final target. URLs
- resulting from this scheme typically look like:
+> This action allows you to block server headers for which no dedicated
<SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> action exists. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ will remove every server header that contains the string you supplied as parameter.
+ </P
+><P
+> Regular expressions are <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
->http://some.place/click-tracker.cgi?target=http://some.where.else</I
+>not supported</I
></SPAN
->.
- </P
-><P
-> Sometimes, there are even multiple consecutive redirects encoded in the
- URL. These redirections via scripts make your web browsing more traceable,
- since the server from which you follow such a link can see where you go
- to. Apart from that, valuable bandwidth and time is wasted, while your
- browser ask the server for one redirect after the other. Plus, it feeds
- the advertisers.
+> and you can't
+ use this action to block different headers in the same request, unless
+ they contain the same string.
</P
><P
-> This feature is currently not very smart and is scheduled for improvement.
- It is likely to break some sites. You should expect to need possibly
- many exceptions to this action, if it is enabled by default in
+> <TT
+CLASS="LITERAL"
+>crunch-server-header</TT
+> is only meant for quick tests.
+ If you have to block several different headers, or only want to modify
+ parts of them, you should enable
<TT
-CLASS="FILENAME"
->default.action</TT
->. Some sites just don't work without
- it.
+CLASS="LITERAL"
+><A
+HREF="filter-file.html#FILTER-SERVER-HEADERS"
+>filter-server-headers</A
+></TT
+>
+ and create your own filter.
</P
+><DIV
+CLASS="WARNING"
+><P
+></P
+><TABLE
+CLASS="WARNING"
+BORDER="1"
+WIDTH="90%"
+><TR
+><TD
+ALIGN="CENTER"
+><B
+>Warning</B
+></TD
+></TR
+><TR
+><TD
+ALIGN="LEFT"
+><P
+> Don't block any header without understanding the consequences.
+ </P
+></TD
+></TR
+></TABLE
+></DIV
></DD
><DT
->Example usage:</DT
+>Example usage (section):</DT
><DD
><P
> <TABLE
><TD
><PRE
CLASS="SCREEN"
->{+fast-redirects}</PRE
+># Crunch server headers that try to prevent caching
+{+crunch-server-header {no-cache}}
+/ </PRE
></TD
></TR
></TABLE
>
- </P
+ </P
></DD
></DL
></DIV
><H4
CLASS="SECT3"
><A
-NAME="FILTER"
->8.5.8. filter</A
-></H4
+NAME="CRUNCH-OUTGOING-COOKIES"
+></A
+>8.5.8. crunch-outgoing-cookies</H4
><P
></P
><DIV
>Typical use:</DT
><DD
><P
->Get rid of HTML and JavaScript annoyances, banner advertisements (by size), do fun text replacements, etc.</P
+> Prevent the web server from reading any cookies from your system
+ </P
></DD
><DT
>Effect:</DT
><DD
><P
-> All files of text-based type, most notably HTML and JavaScript, to which this
- action applies, are filtered on-the-fly through the specified regular expression
- based substitutions. (Note: as of version 3.0.3 plain text documents
- are exempted from filtering, because web servers often use the
- <VAR
-CLASS="LITERAL"
->text/plain</VAR
-> MIME type for all files whose type they
- don't know.)
+> Deletes any <SPAN
+CLASS="QUOTE"
+>"Cookie:"</SPAN
+> HTTP headers from client requests.
</P
></DD
><DT
>Type:</DT
><DD
><P
->Parameterized.</P
+>Boolean.</P
></DD
><DT
>Parameter:</DT
><DD
><P
-> The name of a filter, as defined in the <A
-HREF="filter-file.html"
->filter file</A
->
- (typically <TT
-CLASS="FILENAME"
->default.filter</TT
->, set by the
- <VAR
-CLASS="LITERAL"
-><A
-HREF="config.html#FILTERFILE"
->filterfile</A
-></VAR
->
- option in the <A
-HREF="config.html"
->config file</A
->). When used in its negative form,
- and without parameters, filtering is completely disabled.
+> N/A
</P
></DD
><DT
>Notes:</DT
><DD
><P
-> For your convenience, there are a number of pre-defined filters available
- in the distribution filter file that you can use. See the examples below for
- a list.
- </P
-><P
-> Filtering requires buffering the page content, which may appear to
- slow down page rendering since nothing is displayed until all content has
- passed the filters. (It does not really take longer, but seems that way
- since the page is not incrementally displayed.) This effect will be more
- noticeable on slower connections.
- </P
-><P
-> This is very powerful feature, but <SPAN
-CLASS="QUOTE"
->"rolling your own"</SPAN
->
- filters requires a knowledge of regular expressions and HTML.
- </P
-><P
-> The amount of data that can be filtered is limited to the
- <VAR
-CLASS="LITERAL"
-><A
-HREF="config.html#BUFFER-LIMIT"
->buffer-limit</A
-></VAR
->
- option in the main <A
-HREF="config.html"
->config file</A
->. The
- default is 4096 KB (4 Megs). Once this limit is exceeded, the buffered
- data, and all pending data, is passed through unfiltered.
- </P
-><P
-> Inadequate MIME types, such as zipped files, are not filtered at all.
- (Again, only text-based types except plain text). Encrypted SSL data
- (from HTTPS servers) cannot be filtered either, since this would violate
- the integrity of the secure transaction. In some situations it might
- be necessary to protect certain text, like source code, from filtering
- by defining appropriate <VAR
-CLASS="LITERAL"
->-filter</VAR
-> sections.
- </P
-><P
-> At this time, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> cannot (yet!) uncompress compressed
- documents. If you want filtering to work on all documents, even those that
- would normally be sent compressed, use the
- <VAR
+> This action is only concerned with <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>outgoing</I
+></SPAN
+> cookies. For
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>incoming</I
+></SPAN
+> cookies, use
+ <TT
CLASS="LITERAL"
><A
-HREF="actions-file.html#PREVENT-COMPRESSION"
->prevent-compression</A
-></VAR
->
- action in conjunction with <VAR
-CLASS="LITERAL"
->filter</VAR
+HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
+>crunch-incoming-cookies</A
+></TT
>.
+ Use <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>both</I
+></SPAN
+> to disable cookies completely.
</P
><P
-> Filtering can achieve some of the same effects as the
- <VAR
+> It makes <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>no sense at all</I
+></SPAN
+> to use this action in conjunction
+ with the <TT
CLASS="LITERAL"
><A
-HREF="actions-file.html#BLOCK"
->block</A
-></VAR
->
- action, i.e. it can be used to block ads and banners. But the mechanism
- works quite differently. One effective use, is to block ad banners
- based on their size (see below), since many of these seem to be somewhat
- standardized.
- </P
-><P
-> <A
-HREF="contact.html"
->Feedback</A
-> with suggestions for new or
- improved filters is particularly welcome!
- </P
-><P
-> The below list has only the names and a one-line description of each
- predefined filter. There are <A
-HREF="filter-file.html#PREDEFINED-FILTERS"
->more
- verbose explanations</A
-> of what these filters do in the <A
-HREF="filter-file.html"
->filter file chapter</A
->.
+HREF="actions-file.html#SESSION-COOKIES-ONLY"
+>session-cookies-only</A
+></TT
+> action,
+ since it would prevent the session cookies from being read.
</P
></DD
><DT
->Example usage (with filters from the distribution <TT
-CLASS="FILENAME"
->default.filter</TT
-> file).
- See <A
-HREF="filter-file.html#PREDEFINED-FILTERS"
->the Predefined Filters section</A
-> for
- more explanation on each:</DT
+>Example usage:</DT
><DD
><P
-> <A
-NAME="FILTER-JS-ANNOYANCES"
-></A
->
- <TABLE
+> <TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TD
><PRE
CLASS="SCREEN"
->+filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse</PRE
+>+crunch-outgoing-cookies</PRE
></TD
></TR
></TABLE
>
</P
-><P
-> <A
-NAME="FILTER-JS-EVENTS"
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="DEANIMATE-GIFS"
></A
->
- <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+filter{js-events} # Kill all JS event bindings (Radically destructive! Only for extra nasty sites)</PRE
-></TD
-></TR
-></TABLE
->
+>8.5.9. deanimate-gifs</H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Stop those annoying, distracting animated GIF images.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+> De-animate GIF animations, i.e. reduce them to their first or last image.
</P
+></DD
+><DT
+>Type:</DT
+><DD
><P
-> <A
-NAME="FILTER-HTML-ANNOYANCES"
-></A
->
- <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+filter{html-annoyances} # Get rid of particularly annoying HTML abuse</PRE
-></TD
-></TR
-></TABLE
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+> <SPAN
+CLASS="QUOTE"
+>"last"</SPAN
+> or <SPAN
+CLASS="QUOTE"
+>"first"</SPAN
>
</P
+></DD
+><DT
+>Notes:</DT
+><DD
><P
-> <A
-NAME="FILTER-CONTENT-COOKIES"
-></A
->
- <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+filter{content-cookies} # Kill cookies that come in the HTML or JS content</PRE
-></TD
-></TR
-></TABLE
->
+> This will also shrink the images considerably (in bytes, not pixels!). If
+ the option <SPAN
+CLASS="QUOTE"
+>"first"</SPAN
+> is given, the first frame of the animation
+ is used as the replacement. If <SPAN
+CLASS="QUOTE"
+>"last"</SPAN
+> is given, the last
+ frame of the animation is used instead, which probably makes more sense for
+ most banner animations, but also has the risk of not showing the entire
+ last frame (if it is only a delta to an earlier frame).
</P
><P
-> <A
-NAME="FILTER-REFRESH-TAGS"
-></A
->
- <TABLE
+> You can safely use this action with patterns that will also match non-GIF
+ objects, because no attempt will be made at anything that doesn't look like
+ a GIF.
+ </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+> <TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TD
><PRE
CLASS="SCREEN"
->+filter{refresh-tags} # Kill automatic refresh tags (for dial-on-demand setups)</PRE
+>+deanimate-gifs{last}</PRE
></TD
></TR
></TABLE
>
- </P
-><P
-> <A
-NAME="FILTER-UNSOLICITED-POPUPS"
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="DOWNGRADE-HTTP-VERSION"
></A
->
- <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+filter{unsolicited-popups} # Disable only unsolicited pop-up windows</PRE
-></TD
-></TR
-></TABLE
->
+>8.5.10. downgrade-http-version</H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Work around (very rare) problems with HTTP/1.1</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+> Downgrades HTTP/1.1 client requests and server replies to HTTP/1.0.
</P
+></DD
+><DT
+>Type:</DT
+><DD
><P
-> <A
-NAME="FILTER-ALL-POPUPS"
-></A
->
- <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+filter{all-popups} # Kill all popups in JavaScript and HTML</PRE
-></TD
-></TR
-></TABLE
->
+>Boolean.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+> N/A
</P
+></DD
+><DT
+>Notes:</DT
+><DD
><P
-> <A
-NAME="FILTER-IMG-REORDER"
-></A
->
- <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective</PRE
-></TD
-></TR
-></TABLE
+> This is a left-over from the time when <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
>
+ didn't support important HTTP/1.1 features well. It is left here for the
+ unlikely case that you experience HTTP/1.1 related problems with some server
+ out there. Not all (optional) HTTP/1.1 features are supported yet, so there
+ is a chance you might need this action.
</P
+></DD
+><DT
+>Example usage (section):</DT
+><DD
><P
-> <A
-NAME="FILTER-BANNERS-BY-SIZE"
-></A
->
- <TABLE
+> <TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TD
><PRE
CLASS="SCREEN"
->+filter{banners-by-size} # Kill banners by size</PRE
+>{+downgrade-http-version}
+problem-host.example.com</PRE
></TD
></TR
></TABLE
>
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="FAST-REDIRECTS"
+></A
+>8.5.11. fast-redirects</H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Fool some click-tracking scripts and speed up indirect links.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+> Detects redirection URLs and redirects the browser without contacting
+ the redirection server first.
</P
+></DD
+><DT
+>Type:</DT
+><DD
><P
-> <A
-NAME="FILTER-BANNERS-BY-LINK"
-></A
->
- <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+filter{banners-by-link} # Kill banners by their links to known clicktrackers</PRE
-></TD
-></TR
-></TABLE
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+></P
+><UL
+><LI
+><P
+> <SPAN
+CLASS="QUOTE"
+>"simple-check"</SPAN
+> to just search for the string <SPAN
+CLASS="QUOTE"
+>"http://"</SPAN
>
+ to detect redirection URLs.
+ </P
+></LI
+><LI
+><P
+> <SPAN
+CLASS="QUOTE"
+>"check-decoded-url"</SPAN
+> to decode URLs (if necessary) before searching
+ for redirection URLs.
+ </P
+></LI
+></UL
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>
+ Many sites, like yahoo.com, don't just link to other sites. Instead, they
+ will link to some script on their own servers, giving the destination as a
+ parameter, which will then redirect you to the final target. URLs
+ resulting from this scheme typically look like:
+ <SPAN
+CLASS="QUOTE"
+>"http://www.example.org/click-tracker.cgi?target=http%3a//www.example.net/"</SPAN
+>.
+ </P
+><P
+> Sometimes, there are even multiple consecutive redirects encoded in the
+ URL. These redirections via scripts make your web browsing more traceable,
+ since the server from which you follow such a link can see where you go
+ to. Apart from that, valuable bandwidth and time is wasted, while your
+ browser asks the server for one redirect after the other. Plus, it feeds
+ the advertisers.
</P
><P
-> <A
-NAME="FILTER-WEBBUGS"
-></A
+> This feature is currently not very smart and is scheduled for improvement.
+ If it is enabled by default, you will have to create some exceptions to
+ this action. It can lead to failures in several ways:
+ </P
+><P
+> Not every URLs with other URLs as parameters is evil.
+ Some sites offer a real service that requires this information to work.
+ For example a validation service needs to know, which document to validate.
+ <TT
+CLASS="LITERAL"
+>fast-redirects</TT
+> assumes that every URL parameter that
+ looks like another URL is a redirection target, and will always redirect to
+ the last one. Most of the time the assumption is correct, but if it isn't,
+ the user gets redirected anyway.
+ </P
+><P
+> Another failure occurs if the URL contains other parameters after the URL parameter.
+ The URL:
+ <SPAN
+CLASS="QUOTE"
+>"http://www.example.org/?redirect=http%3a//www.example.net/&foo=bar"</SPAN
+>.
+ contains the redirection URL <SPAN
+CLASS="QUOTE"
+>"http://www.example.net/"</SPAN
+>,
+ followed by another parameter. <TT
+CLASS="LITERAL"
+>fast-redirects</TT
+> doesn't know that
+ and will cause a redirect to <SPAN
+CLASS="QUOTE"
+>"http://www.example.net/&foo=bar"</SPAN
+>.
+ Depending on the target server configuration, the parameter will be silently ignored
+ or lead to a <SPAN
+CLASS="QUOTE"
+>"page not found"</SPAN
+> error. It is possible to fix these redirected
+ requests with <TT
+CLASS="LITERAL"
+><A
+HREF="filter-file.html#FILTER-CLIENT-HEADERS"
+>filter-client-headers</A
+></TT
>
- <TABLE
+ but it requires a little effort.
+ </P
+><P
+> To detect a redirection URL, <TT
+CLASS="LITERAL"
+>fast-redirects</TT
+> only
+ looks for the string <SPAN
+CLASS="QUOTE"
+>"http://"</SPAN
+>, either in plain text
+ (invalid but often used) or encoded as <SPAN
+CLASS="QUOTE"
+>"http%3a//"</SPAN
+>.
+ Some sites use their own URL encoding scheme, encrypt the address
+ of the target server or replace it with a database id. In theses cases
+ <TT
+CLASS="LITERAL"
+>fast-redirects</TT
+> is fooled and the request reaches the
+ redirection server where it probably gets logged.
+ </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+> <TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TD
><PRE
CLASS="SCREEN"
->+filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking)</PRE
+>+fast-redirects{simple-check}</PRE
></TD
></TR
></TABLE
>
- </P
+ </P
><P
-> <A
-NAME="FILTER-TINY-TEXTFORMS"
-></A
->
- <TABLE
+> <TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TD
><PRE
CLASS="SCREEN"
->+filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap</PRE
+>+fast-redirects{check-decoded-url}</PRE
></TD
></TR
></TABLE
>
- </P
-><P
-> <A
-NAME="FILTER-JUMPING-WINDOWS"
-></A
->
- <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="FILTER"
+></A
+>8.5.12. filter</H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Get rid of HTML and JavaScript annoyances, banner advertisements (by size), do fun text replacements, etc.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+> All files of text-based type, most notably HTML and JavaScript, to which this
+ action applies, are filtered on-the-fly through the specified regular expression
+ based substitutions. (Note: as of version 3.0.3 plain text documents
+ are exempted from filtering, because web servers often use the
+ <TT
+CLASS="LITERAL"
+>text/plain</TT
+> MIME type for all files whose type they
+ don't know.)
+ </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+> The name of a filter, as defined in the <A
+HREF="filter-file.html"
+>filter file</A
+>.
+ Filters can be defined in one or more files as defined by the
+ <TT
+CLASS="LITERAL"
+><A
+HREF="config.html#FILTERFILE"
+>filterfile</A
+></TT
+>
+ option in the <A
+HREF="config.html"
+>config file</A
+>.
+ <TT
+CLASS="FILENAME"
+>default.filter</TT
+> is the collection of filters
+ supplied by the developers. Locally defined filters should go
+ in their own file, such as <TT
+CLASS="FILENAME"
+>user.filter</TT
+>.
+ </P
+><P
+> When used in its negative form,
+ and without parameters, filtering is completely disabled.
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> For your convenience, there are a number of pre-defined filters available
+ in the distribution filter file that you can use. See the examples below for
+ a list.
+ </P
+><P
+> Filtering requires buffering the page content, which may appear to
+ slow down page rendering since nothing is displayed until all content has
+ passed the filters. (It does not really take longer, but seems that way
+ since the page is not incrementally displayed.) This effect will be more
+ noticeable on slower connections.
+ </P
+><P
+> This is very powerful feature, and <SPAN
+CLASS="QUOTE"
+>"rolling your own"</SPAN
+>
+ filters requires a knowledge of regular expressions and HTML.
+ </P
+><P
+> The amount of data that can be filtered is limited to the
+ <TT
+CLASS="LITERAL"
+><A
+HREF="config.html#BUFFER-LIMIT"
+>buffer-limit</A
+></TT
+>
+ option in the main <A
+HREF="config.html"
+>config file</A
+>. The
+ default is 4096 KB (4 Megs). Once this limit is exceeded, the buffered
+ data, and all pending data, is passed through unfiltered.
+ </P
+><P
+> Inadequate MIME types, such as zipped files, are not filtered at all.
+ (Again, only text-based types except plain text). Encrypted SSL data
+ (from HTTPS servers) cannot be filtered either, since this would violate
+ the integrity of the secure transaction. In some situations it might
+ be necessary to protect certain text, like source code, from filtering
+ by defining appropriate <TT
+CLASS="LITERAL"
+>-filter</TT
+> sections.
+ </P
+><P
+> At this time, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> cannot (yet!) uncompress compressed
+ documents. If you want filtering to work on all documents, even those that
+ would normally be sent compressed, use the
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#PREVENT-COMPRESSION"
+>prevent-compression</A
+></TT
+>
+ action in conjunction with <TT
+CLASS="LITERAL"
+>filter</TT
+>.
+ </P
+><P
+> Filtering can achieve some of the same effects as the
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+>
+ action, i.e. it can be used to block ads and banners. But the mechanism
+ works quite differently. One effective use, is to block ad banners
+ based on their size (see below), since many of these seem to be somewhat
+ standardized.
+ </P
+><P
+> <A
+HREF="contact.html"
+>Feedback</A
+> with suggestions for new or
+ improved filters is particularly welcome!
+ </P
+><P
+> The below list has only the names and a one-line description of each
+ predefined filter. There are <A
+HREF="filter-file.html#PREDEFINED-FILTERS"
+>more
+ verbose explanations</A
+> of what these filters do in the <A
+HREF="filter-file.html"
+>filter file chapter</A
+>.
+ </P
+></DD
+><DT
+>Example usage (with filters from the distribution <TT
+CLASS="FILENAME"
+>default.filter</TT
+> file).
+ See <A
+HREF="filter-file.html#PREDEFINED-FILTERS"
+>the Predefined Filters section</A
+> for
+ more explanation on each:</DT
+><DD
+><P
+> <A
+NAME="FILTER-JS-ANNOYANCES"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
><TD
><PRE
CLASS="SCREEN"
->+filter{jumping-windows} # Prevent windows from resizing and moving themselves</PRE
+>+filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse</PRE
></TD
></TR
></TABLE
</P
><P
> <A
-NAME="FILTER-FRAMESET-BORDERS"
+NAME="FILTER-JS-EVENTS"
></A
>
<TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{frameset-borders} # Give frames a border and make them resizable</PRE
+>+filter{js-events} # Kill all JS event bindings (Radically destructive! Only for extra nasty sites)</PRE
></TD
></TR
></TABLE
</P
><P
> <A
-NAME="FILTER-DEMORONIZER"
+NAME="FILTER-HTML-ANNOYANCES"
></A
>
<TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{demoronizer} # Fix MS's non-standard use of standard charsets</PRE
+>+filter{html-annoyances} # Get rid of particularly annoying HTML abuse</PRE
></TD
></TR
></TABLE
</P
><P
> <A
-NAME="FILTER-SHOCKWAVE-FLASH"
+NAME="FILTER-CONTENT-COOKIES"
></A
>
<TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{shockwave-flash} # Kill embedded Shockwave Flash objects</PRE
+>+filter{content-cookies} # Kill cookies that come in the HTML or JS content</PRE
></TD
></TR
></TABLE
</P
><P
> <A
-NAME="FILTER-QUICKTIME-KIOSKMODE"
+NAME="FILTER-REFRESH-TAGS"
></A
>
<TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{quicktime-kioskmode} # Make Quicktime movies saveable</PRE
+>+filter{refresh-tags} # Kill automatic refresh tags (for dial-on-demand setups)</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> <A
+NAME="FILTER-UNSOLICITED-POPUPS"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{unsolicited-popups} # Disable only unsolicited pop-up windows</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> <A
+NAME="FILTER-ALL-POPUPS"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{all-popups} # Kill all popups in JavaScript and HTML</PRE
></TD
></TR
></TABLE
>
</P
><P
-> <A
-NAME="FILTER-FUN"
-></A
->
- <TABLE
+> <A
+NAME="FILTER-IMG-REORDER"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> <A
+NAME="FILTER-BANNERS-BY-SIZE"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{banners-by-size} # Kill banners by size</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> <A
+NAME="FILTER-BANNERS-BY-LINK"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{banners-by-link} # Kill banners by their links to known clicktrackers</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> <A
+NAME="FILTER-WEBBUGS"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking)</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> <A
+NAME="FILTER-TINY-TEXTFORMS"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> <A
+NAME="FILTER-JUMPING-WINDOWS"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{jumping-windows} # Prevent windows from resizing and moving themselves</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> <A
+NAME="FILTER-FRAMESET-BORDERS"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{frameset-borders} # Give frames a border and make them resizable</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> <A
+NAME="FILTER-DEMORONIZER"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{demoronizer} # Fix MS's non-standard use of standard charsets</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> <A
+NAME="FILTER-SHOCKWAVE-FLASH"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{shockwave-flash} # Kill embedded Shockwave Flash objects</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> <A
+NAME="FILTER-QUICKTIME-KIOSKMODE"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{quicktime-kioskmode} # Make Quicktime movies saveable</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> <A
+NAME="FILTER-FUN"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{fun} # Text replacements for subversive browsing fun!</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> <A
+NAME="FILTER-CRUDE-PARENTAL"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{crude-parental} # Crude parental filtering (demo only)</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> <A
+NAME="FILTER-IE-EXPLOITS"
+></A
+>
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{ie-exploits} # Disable some known Internet Explorer bug exploits</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="FORCE-TEXT-MODE"
+></A
+>8.5.13. force-text-mode</H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Force <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to treat a document as if it was in some kind of <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>text</I
+></SPAN
+> format. </P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+> Declares a document as text, even if the <SPAN
+CLASS="QUOTE"
+>"Content-Type:"</SPAN
+> isn't detected as such.
+ </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Boolean.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+> N/A
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> As explained <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FILTER"
+>above</A
+></TT
+>,
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> tries to only filter files that are
+ in some kind of text format. The same restrictions apply to
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CONTENT-TYPE-OVERWRITE"
+>content-type-overwrite</A
+></TT
+>.
+ <TT
+CLASS="LITERAL"
+>force-text-mode</TT
+> declares a document as text,
+ without looking at the <SPAN
+CLASS="QUOTE"
+>"Content-Type:"</SPAN
+> first.
+ </P
+><DIV
+CLASS="WARNING"
+><P
+></P
+><TABLE
+CLASS="WARNING"
+BORDER="1"
+WIDTH="90%"
+><TR
+><TD
+ALIGN="CENTER"
+><B
+>Warning</B
+></TD
+></TR
+><TR
+><TD
+ALIGN="LEFT"
+><P
+> Think twice before activating this action. Filtering binary data
+ with regular expressions can cause file damage.
+ </P
+></TD
+></TR
+></TABLE
+></DIV
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+force-text-mode
+ </PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="HANDLE-AS-EMPTY-DOCUMENT"
+></A
+>8.5.14. handle-as-empty-document</H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Mark URLs that should be replaced by empty documents <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>if they get blocked</I
+></SPAN
+></P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+> This action alone doesn't do anything noticeable. It just marks URLs.
+ If the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+> action <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>also applies</I
+></SPAN
+>,
+ the presence or absence of this mark decides whether an HTML <SPAN
+CLASS="QUOTE"
+>"blocked"</SPAN
+>
+ page, or an empty document will be sent to the client as a substitute for the blocked content.
+ The <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>empty</I
+></SPAN
+> document isn't literally empty, but actually contains a single space.
+ </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Boolean.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+> N/A
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> Some browsers complain about syntax errors if JavaScript documents
+ are blocked with <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+>
+ default HTML page; this option can be used to silence them.
+ </P
+><P
+> The content type for the empty document can be specified with
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CONTENT-TYPE-OVERWRITE"
+>content-type-overwrite{}</A
+></TT
+>,
+ but usually this isn't necessary.
+ </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Block all documents on example.org that end with ".js",
+# but send an empty document instead of the usual HTML message.
+{+block +handle-as-empty-document}
+example.org/.*\.js$
+ </PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="HANDLE-AS-IMAGE"
+></A
+>8.5.15. handle-as-image</H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Mark URLs as belonging to images (so they'll be replaced by imagee <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>if they get blocked</I
+></SPAN
+>)</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+> This action alone doesn't do anything noticeable. It just marks URLs as images.
+ If the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+> action <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>also applies</I
+></SPAN
+>,
+ the presence or absence of this mark decides whether an HTML <SPAN
+CLASS="QUOTE"
+>"blocked"</SPAN
+>
+ page, or a replacement image (as determined by the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#SET-IMAGE-BLOCKER"
+>set-image-blocker</A
+></TT
+> action) will be sent to the
+ client as a substitute for the blocked content.
+ </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Boolean.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+> N/A
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> The below generic example section is actually part of <TT
+CLASS="FILENAME"
+>default.action</TT
+>.
+ It marks all URLs with well-known image file name extensions as images and should
+ be left intact.
+ </P
+><P
+> Users will probably only want to use the handle-as-image action in conjunction with
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+>, to block sources of banners, whose URLs don't
+ reflect the file type, like in the second example section.
+ </P
+><P
+> Note that you cannot treat HTML pages as images in most cases. For instance, (in-line) ad
+ frames require an HTML page to be sent, or they won't display properly.
+ Forcing <TT
+CLASS="LITERAL"
+>handle-as-image</TT
+> in this situation will not replace the
+ ad frame with an image, but lead to error messages.
+ </P
+></DD
+><DT
+>Example usage (sections):</DT
+><DD
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Generic image extensions:
+#
+{+handle-as-image}
+/.*\.(gif|jpg|jpeg|png|bmp|ico)$
+
+# These don't look like images, but they're banners and should be
+# blocked as images:
+#
+{+block +handle-as-image}
+some.nasty-banner-server.com/junk.cgi?output=trash
+
+# Banner source! Who cares if they also have non-image content?
+ad.doubleclick.net </PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="HIDE-ACCEPT-LANGUAGE"
+></A
+>8.5.16. hide-accept-language</H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Pretend to use different language settings.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+> Deletes or replaces the <SPAN
+CLASS="QUOTE"
+>"Accept-Language:"</SPAN
+> HTTP header in client requests.
+ </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+> Keyword: <SPAN
+CLASS="QUOTE"
+>"block"</SPAN
+>, or any user defined value.
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> Faking the browser's language settings can be useful to make a
+ foreign User-Agent set with
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HIDE-USER-AGENT"
+>hide-user-agent</A
+></TT
+>
+ more believable.
+ </P
+><P
+> However some sites with content in different languages check the
+ <SPAN
+CLASS="QUOTE"
+>"Accept-Language:"</SPAN
+> to decide which one to take by default.
+ Sometimes it isn't possible to later switch to another language without
+ changing the <SPAN
+CLASS="QUOTE"
+>"Accept-Language:"</SPAN
+> header first.
+ </P
+><P
+> Therefore it's a good idea to either only change the
+ <SPAN
+CLASS="QUOTE"
+>"Accept-Language:"</SPAN
+> header to languages you understand,
+ or to languages that aren't wide spread.
+ </P
+><P
+> Before setting the <SPAN
+CLASS="QUOTE"
+>"Accept-Language:"</SPAN
+> header
+ to a rare language, you should consider that it helps to
+ make your requests unique and thus easier to trace.
+ If you don't plan to change this header frequently,
+ you should stick to a common language.
+ </P
+></DD
+><DT
+>Example usage (section):</DT
+><DD
+><P
+> <TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TD
><PRE
CLASS="SCREEN"
->+filter{fun} # Text replacements for subversive browsing fun!</PRE
+># Pretend to use Canadian language settings.
+{+hide-accept-language{en-ca} \
++hide-user-agent{Mozilla/5.0 (X11; U; OpenBSD i386; en-CA; rv:1.8.0.4) Gecko/20060628 Firefox/1.5.0.4} \
+}
+/ </PRE
></TD
></TR
></TABLE
>
</P
-><P
-> <A
-NAME="FILTER-CRUDE-PARENTAL"
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="HIDE-CONTENT-DISPOSITION"
></A
->
- <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+filter{crude-parental} # Crude parental filtering (demo only)</PRE
-></TD
-></TR
-></TABLE
->
+>8.5.17. hide-content-disposition</H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Prevent download menus for content you prefer to view inside the browser.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+> Deletes or replaces the <SPAN
+CLASS="QUOTE"
+>"Content-Disposition:"</SPAN
+> HTTP header set by some servers.
</P
+></DD
+><DT
+>Type:</DT
+><DD
><P
-> <A
-NAME="FILTER-IE-EXPLOITS"
-></A
->
- <TABLE
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+> Keyword: <SPAN
+CLASS="QUOTE"
+>"block"</SPAN
+>, or any user defined value.
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> Some servers set the <SPAN
+CLASS="QUOTE"
+>"Content-Disposition:"</SPAN
+> HTTP header for
+ documents they assume you want to save locally before viewing them.
+ The <SPAN
+CLASS="QUOTE"
+>"Content-Disposition:"</SPAN
+> header contains the file name
+ the browser is supposed to use by default.
+ </P
+><P
+> In most browsers that understand this header, it makes it impossible to
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>just view</I
+></SPAN
+> the document, without downloading it first,
+ even if it's just a simple text file or an image.
+ </P
+><P
+> Removing the <SPAN
+CLASS="QUOTE"
+>"Content-Disposition:"</SPAN
+> header helps
+ to prevent this annoyance, but some browsers additionally check the
+ <SPAN
+CLASS="QUOTE"
+>"Content-Type:"</SPAN
+> header, before they decide if they can
+ display a document without saving it first. In these cases, you have
+ to change this header as well, before the browser stops displaying
+ download menus.
+ </P
+><P
+> It is also possible to change the server's file name suggestion
+ to another one, but in most cases it isn't worth the time to set
+ it up.
+ </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+> <TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TD
><PRE
CLASS="SCREEN"
->+filter{ie-exploits} # Disable some known Internet Explorer bug exploits</PRE
+># Disarm the download link in Sourceforge's patch tracker
+{-filter\
++content-type-overwrite {text/plain}\
++hide-content-disposition {block} }
+.sourceforge.net/tracker/download.php</PRE
></TD
></TR
></TABLE
><H4
CLASS="SECT3"
><A
-NAME="HANDLE-AS-IMAGE"
->8.5.9. handle-as-image</A
-></H4
+NAME="HIDE-IF-MODIFIED-SINCE"
+></A
+>8.5.18. hide-if-modified-since</H4
><P
></P
><DIV
>Typical use:</DT
><DD
><P
->Mark URLs as belonging to images (so they'll be replaced by images <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->if they get blocked</I
-></SPAN
->)</P
+>Prevent yet another way to track the user's steps between sessions.</P
></DD
><DT
>Effect:</DT
><DD
><P
-> This action alone doesn't do anything noticeable. It just marks URLs as images.
- If the <VAR
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#BLOCK"
->block</A
-></VAR
-> action <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->also applies</I
-></SPAN
->,
- the presence or absence of this mark decides whether an HTML <SPAN
+> Deletes the <SPAN
CLASS="QUOTE"
->"blocked"</SPAN
->
- page, or a replacement image (as determined by the <VAR
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#SET-IMAGE-BLOCKER"
->set-image-blocker</A
-></VAR
-> action) will be sent to the
- client as a substitute for the blocked content.
+>"If-Modified-Since:"</SPAN
+> HTTP client header or modifies its value.
</P
></DD
><DT
>Type:</DT
><DD
><P
->Boolean.</P
+>Parameterized.</P
></DD
><DT
>Parameter:</DT
><DD
><P
-> N/A
+> Keyword: <SPAN
+CLASS="QUOTE"
+>"block"</SPAN
+>, or a user defined value that specifies a range of hours.
</P
></DD
><DT
>Notes:</DT
><DD
><P
-> The below generic example section is actually part of <TT
-CLASS="FILENAME"
->default.action</TT
->.
- It marks all URLs with well-known image file name extensions as images and should
- be left intact.
+> Removing this header is useful for filter testing, where you want to force a real
+ reload instead of getting status code <SPAN
+CLASS="QUOTE"
+>"304"</SPAN
+>, which would cause the
+ browser to use a cached copy of the page.
</P
><P
-> Users will probably only want to use the handle-as-image action in conjunction with
- <VAR
+> Instead of removing the header, <TT
+CLASS="LITERAL"
+>hide-if-modified-since</TT
+> can
+ also add or substract a random amount of time to/from the headers value.
+ You specify a range of hours were the random factor should be chosen from and
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> does the rest. A negative value means
+ subtracting, a positive value adding.
+ </P
+><P
+> Randomizing the value of the <SPAN
+CLASS="QUOTE"
+>"If-Modified-Since:"</SPAN
+> makes
+ sure it isn't used as a cookie replacement, but you will run into
+ caching problems if the random range is too high.
+ </P
+><P
+> It is a good idea to only use a small negative value and let
+ <TT
CLASS="LITERAL"
><A
-HREF="actions-file.html#BLOCK"
->block</A
-></VAR
->, to block sources of banners, whose URLs don't
- reflect the file type, like in the second example section.
+HREF="actions-file.html#OVERWRITE-LAST-MODIFIED"
+>overwrite-last-modified</A
+></TT
+>
+ handle the greater changes.
</P
><P
-> Note that you cannot treat HTML pages as images in most cases. For instance, (in-line) ad
- frames require an HTML page to be sent, or they won't display properly.
- Forcing <VAR
+> It is also recommended to use this action together with
+ <TT
CLASS="LITERAL"
->handle-as-image</VAR
-> in this situation will not replace the
- ad frame with an image, but lead to error messages.
+><A
+HREF="actions-file.html#CRUNCH-IF-NONE-MATCH"
+>crunch-if-none-match</A
+></TT
+>.
</P
></DD
><DT
->Example usage (sections):</DT
+>Example usage (section):</DT
><DD
><P
> <TABLE
><TD
><PRE
CLASS="SCREEN"
-># Generic image extensions:
-#
-{+handle-as-image}
-/.*\.(gif|jpg|jpeg|png|bmp|ico)$
-
-# These don't look like images, but they're banners and should be
-# blocked as images:
-#
-{+block +handle-as-image}
-some.nasty-banner-server.com/junk.cgi?output=trash
-
-# Banner source! Who cares if they also have non-image content?
-ad.doubleclick.net </PRE
+># Let the browser revalidate without being tracked across sessions
+{+hide-if-modified-since {-1}\
++overwrite-last-modified {randomize}\
++crunch-if-none-match}
+/</PRE
></TD
></TR
></TABLE
CLASS="SECT3"
><A
NAME="HIDE-FORWARDED-FOR-HEADERS"
->8.5.10. hide-forwarded-for-headers</A
-></H4
+></A
+>8.5.19. hide-forwarded-for-headers</H4
><P
></P
><DIV
CLASS="SECT3"
><A
NAME="HIDE-FROM-HEADER"
->8.5.11. hide-from-header</A
-></H4
+></A
+>8.5.20. hide-from-header</H4
><P
></P
><DIV
CLASS="QUOTE"
>"block"</SPAN
> will completely remove the header
- (not to be confused with the <VAR
+ (not to be confused with the <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#BLOCK"
>block</A
-></VAR
+></TT
>
action).
</P
CLASS="SECT3"
><A
NAME="HIDE-REFERRER"
->8.5.12. hide-referrer</A
-></H4
+></A
+>8.5.21. hide-referrer</H4
><A
NAME="HIDE-REFERER"
></A
><P
><SPAN
CLASS="QUOTE"
+>"conditional-block"</SPAN
+> to delete the header completely if the host has changed.</P
+></LI
+><LI
+><P
+><SPAN
+CLASS="QUOTE"
>"block"</SPAN
-> to delete the header completely.</P
+> to delete the header unconditionally.</P
></LI
><LI
><P
>Notes:</DT
><DD
><P
-> <SPAN
+> <TT
+CLASS="LITERAL"
+>conditional-block</TT
+> is the only parameter,
+ that isn't easily detected in the server's log file. If it blocks the
+ referrer, the request will look like the visitor used a bookmark or
+ typed in the address directly.
+ </P
+><P
+> Leaving the referrer unmodified for requests on the same host
+ allows the server owner to see the visitor's <SPAN
CLASS="QUOTE"
->"forge"</SPAN
-> is the preferred option here, since some servers will
- not send images back otherwise, in an attempt to prevent their valuable
- content from being embedded elsewhere (and hence, without being surrounded
- by <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->their</I
-></SPAN
-> banners).
+>"click path"</SPAN
+>,
+ but in most cases she could also get that information by comparing
+ other parts of the log file: for example the User-Agent if it isn't
+ a very common one, or the user's IP address if it doesn't change between
+ different requests.
+ </P
+><P
+> Always blocking the referrer, or using a custom one, can lead to
+ failures on servers that check the referrer before they answer any
+ requests, in an attempt to prevent their valuable content from being
+ embedded or linked to elsewhere.
+ </P
+><P
+> Both <TT
+CLASS="LITERAL"
+>conditional-block</TT
+> and <TT
+CLASS="LITERAL"
+>forge</TT
+>
+ will work with referrer checks, as long as content and valid referring page
+ are on the same host. Most of the time that's the case.
</P
><P
>
- <VAR
+ <TT
CLASS="LITERAL"
->hide-referer</VAR
+>hide-referer</TT
> is an alternate spelling of
- <VAR
+ <TT
CLASS="LITERAL"
->hide-referrer</VAR
+>hide-referrer</TT
> and the two can be can be freely
- substituted with each other. (<SPAN
+ substituted with each other. (<SPAN
CLASS="QUOTE"
>"referrer"</SPAN
> is the
- correct English spelling, however the HTTP specification has a bug - it
- requires it to be spelled as <SPAN
+ correct English spelling, however the HTTP specification has a bug - it
+ requires it to be spelled as <SPAN
CLASS="QUOTE"
>"referer"</SPAN
>.)
- </P
+ </P
></DD
><DT
>Example usage:</DT
CLASS="SECT3"
><A
NAME="HIDE-USER-AGENT"
->8.5.13. hide-user-agent</A
-></H4
+></A
+>8.5.22. hide-user-agent</H4
><P
></P
><DIV
><TD
ALIGN="LEFT"
><P
-> This breaks many web sites that depend on looking at this header in order
- to customize their content for different browsers (which, by the
+> This can lead to problems on web sites that depend on looking at this header in
+ order to customize their content for different browsers (which, by the
way, is <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>NOT</I
></SPAN
-> a <A
-HREF="http://www.javascriptkit.com/javaindex.shtml"
-TARGET="_top"
->smart way to do
- that</A
->!).
+> the right thing to do: good web sites
+ work browser-independently).
+
</P
></TD
></TR
(Must be just a silly MS goof, I'm sure :-).
</P
><P
-> This action is scheduled for improvement.
+> This action is scheduled for improvement.
+ </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="INSPECT-JPEGS"
+></A
+>8.5.23. inspect-jpegs</H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>To protect against the MS buffer over-run in JPEG processing</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+> To protect against a known exploit
+ </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Boolean.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+> N/A
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> See Microsoft Security Bulletin MS04-028. JPEG images are one of the most
+ common image types found across the Internet. The exploit as described can
+ allow execution of code on the target system, giving an attacker access
+ to the system in question by merely planting an altered JPEG image, which
+ would have no obvious indications of what lurks inside. This action
+ prevents unwanted intrusion.
</P
></DD
><DT
>Example usage:</DT
><DD
><P
-> <TABLE
+><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TD
><PRE
CLASS="SCREEN"
->+hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}</PRE
+>+inspect-jpegs</PRE
></TD
></TR
></TABLE
->
- </P
+></P
></DD
></DL
></DIV
CLASS="SECT3"
><A
NAME="KILL-POPUPS"
->8.5.14. kill-popups<A
-NAME="KILL-POPUP"
></A
+>8.5.24. kill-popups<A
+NAME="KILL-POPUP"
></A
></H4
><P
><DD
><P
> This action is basically a built-in, hardwired special-purpose filter
- action, but there are important differences: For <VAR
+ action, but there are important differences: For <TT
CLASS="LITERAL"
->kill-popups</VAR
+>kill-popups</TT
>,
the document need not be buffered, so it can be incrementally rendered while
- downloading. But <VAR
+ downloading. But <TT
CLASS="LITERAL"
->kill-popups</VAR
+>kill-popups</TT
> doesn't catch as many pop-ups as
- <VAR
+ <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#FILTER-ALL-POPUPS"
->filter{<VAR
+>filter{<TT
CLASS="REPLACEABLE"
->all-popups</VAR
+><I
+>all-popups</I
+></TT
>}</A
-></VAR
+></TT
>
- does and is not as smart as <VAR
+ does and is not as smart as <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#FILTER-UNSOLICITED-POPUPS"
->filter{<VAR
+>filter{<TT
CLASS="REPLACEABLE"
->unsolicited-popups</VAR
+><I
+>unsolicited-popups</I
+></TT
>}</A
>
- </VAR
+ </TT
>is.
</P
><P
> Think of it as a fast and efficient replacement for a filter that you
can use if you don't want any filtering at all. Note that it doesn't make
- sense to combine it with any <VAR
+ sense to combine it with any <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#FILTER"
>filter</A
-></VAR
+></TT
> action,
- since as soon as one <VAR
+ since as soon as one <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#FILTER"
>filter</A
-></VAR
+></TT
> applies,
the whole document needs to be buffered anyway, which destroys the advantage of
- the <VAR
+ the <TT
CLASS="LITERAL"
->kill-popups</VAR
+>kill-popups</TT
> action over its filter equivalent.
</P
><P
> Killing all pop-ups unconditionally is problematic. Many shops and banks rely on
- pop-ups to display forms, shopping carts etc, and the <VAR
+ pop-ups to display forms, shopping carts etc, and the <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#FILTER-UNSOLICITED-POPUPS"
->filter{<VAR
+>filter{<TT
CLASS="REPLACEABLE"
->unsolicited-popups</VAR
+><I
+>unsolicited-popups</I
+></TT
>}</A
>
- </VAR
+ </TT
> does a fairly good job of catching only the unwanted ones.
</P
><P
></SPAN
> windows that appear when you close an other
one), you might want to use
- <VAR
+ <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#FILTER"
>filter</A
->{<VAR
+>{<TT
CLASS="REPLACEABLE"
->js-annoyances</VAR
->}</VAR
+><I
+>js-annoyances</I
+></TT
+>}</TT
>
instead.
</P
CLASS="SECT3"
><A
NAME="LIMIT-CONNECT"
->8.5.15. limit-connect</A
-></H4
+></A
+>8.5.25. limit-connect</H4
><P
></P
><DIV
>Prevent abuse of <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> as a TCP proxy relay</P
+> as a TCP proxy relay or disable SSL for untrusted sites</P
></DD
><DT
>Effect:</DT
>Parameter:</DT
><DD
><P
-> A comma-separated list of ports or port ranges (the latter using dashes, with the minimum
- defaulting to 0 and the maximum to 65K).
+> A comma-separated list of ports or port ranges (the latter using dashes, with the minimum
+ defaulting to 0 and the maximum to 65K).
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> By default, i.e. if no <TT
+CLASS="LITERAL"
+>limit-connect</TT
+> action applies,
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> only allows HTTP CONNECT
+ requests to port 443 (the standard, secure HTTPS port). Use
+ <TT
+CLASS="LITERAL"
+>limit-connect</TT
+> if more fine-grained control is desired
+ for some or all destinations.
+ </P
+><P
+> The CONNECT methods exists in HTTP to allow access to secure websites
+ (<SPAN
+CLASS="QUOTE"
+>"https://"</SPAN
+> URLs) through proxies. It works very simply:
+ the proxy connects to the server on the specified port, and then
+ short-circuits its connections to the client and to the remote server.
+ This can be a big security hole, since CONNECT-enabled proxies can be
+ abused as TCP relays very easily.
+ </P
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> relays HTTPS traffic without seeing
+ the decoded content. Websites can leverage this limitation to circumvent Privoxy's
+ filters. By specifying an invalid port range you can disable HTTPS entirely.
+ If you plan to disable SSL by default, consider enabling
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#TREAT-FORBIDDEN-CONNECTS-LIKE-BLOCKS"
+>treat-forbidden-connects-like-blocks</A
+></TT
+>
+ as well, to be able to quickly create exceptions.
+ </P
+></DD
+><DT
+>Example usages:</DT
+><DD
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+limit-connect{443} # This is the default and need not be specified.
++limit-connect{80,443} # Ports 80 and 443 are OK.
++limit-connect{-3, 7, 20-100, 500-} # Ports less than 3, 7, 20 to 100 and above 500 are OK.
++limit-connect{-} # All ports are OK
++limit-connect{,} # No HTTPS traffic is allowed</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="PREVENT-COMPRESSION"
+></A
+>8.5.26. prevent-compression</H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+> Ensure that servers send the content uncompressed, so it can be
+ passed through <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FILTER"
+>filter</A
+></TT
+>s.
+ </P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+> Removes the Accept-Encoding header which can be used to ask for compressed transfer.
+ </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Boolean.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+> N/A
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> More and more websites send their content compressed by default, which
+ is generally a good idea and saves bandwidth. But for the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FILTER"
+>filter</A
+></TT
+>, <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#DEANIMATE-GIFS"
+>deanimate-gifs</A
+></TT
+>
+ and <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#KILL-POPUPS"
+>kill-popups</A
+></TT
+> actions to work,
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> needs access to the uncompressed data.
+ Unfortunately, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can't yet(!) uncompress, filter, and
+ re-compress the content on the fly. So if you want to ensure that all websites, including
+ those that normally compress, can be filtered, you need to use this action.
+ </P
+><P
+> This will slow down transfers from those websites, though. If you use any of the above-mentioned
+ actions, you will typically want to use <TT
+CLASS="LITERAL"
+>prevent-compression</TT
+> in conjunction
+ with them.
+ </P
+><P
+> Note that some (rare) ill-configured sites don't handle requests for uncompressed
+ documents correctly (they send an empty document body). If you use <TT
+CLASS="LITERAL"
+>prevent-compression</TT
+>
+ per default, you'll have to add exceptions for those sites. See the example for how to do that.
+ </P
+></DD
+><DT
+>Example usage (sections):</DT
+><DD
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Set default:
+#
+{+prevent-compression}
+/ # Match all sites
+
+# Make exceptions for ill sites:
+#
+{-prevent-compression}
+www.debianhelp.org
+www.pclinuxonline.com</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="OVERWRITE-LAST-MODIFIED"
+></A
+>8.5.27. overwrite-last-modified</H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Prevent yet another way to track the user's steps between sessions.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+> Deletes the <SPAN
+CLASS="QUOTE"
+>"Last-Modified:"</SPAN
+> HTTP server header or modifies its value.
+ </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+> One of the keywords: <SPAN
+CLASS="QUOTE"
+>"block"</SPAN
+>, <SPAN
+CLASS="QUOTE"
+>"reset-to-request-time"</SPAN
+>
+ and <SPAN
+CLASS="QUOTE"
+>"randomize"</SPAN
+>
</P
></DD
><DT
>Notes:</DT
><DD
><P
-> By default, i.e. if no <VAR
-CLASS="LITERAL"
->limit-connect</VAR
-> action applies,
+> Removing the <SPAN
+CLASS="QUOTE"
+>"Last-Modified:"</SPAN
+> header is useful for filter
+ testing, where you want to force a real reload instead of getting status
+ code <SPAN
+CLASS="QUOTE"
+>"304"</SPAN
+>, which would cause the browser to reuse the old
+ version of the page.
+ </P
+><P
+> The <SPAN
+CLASS="QUOTE"
+>"randomize"</SPAN
+> option overwrites the value of the
<SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> only allows HTTP CONNECT
- requests to port 443 (the standard, secure HTTPS port). Use
- <VAR
+CLASS="QUOTE"
+>"Last-Modified:"</SPAN
+> header with a randomly chosen time
+ between the original value and the current time. In theory the server
+ could send each document with a different <SPAN
+CLASS="QUOTE"
+>"Last-Modified:"</SPAN
+>
+ header to track visits without using cookies. <SPAN
+CLASS="QUOTE"
+>"Randomize"</SPAN
+>
+ makes it impossible and the browser can still revalidate cached documents.
+ </P
+><P
+> <SPAN
+CLASS="QUOTE"
+>"reset-to-request-time"</SPAN
+> overwrites the value of the
+ <SPAN
+CLASS="QUOTE"
+>"Last-Modified:"</SPAN
+> header with the current time. You could use
+ this option together with
+ <TT
CLASS="LITERAL"
->limit-connect</VAR
-> if more fine-grained control is desired
- for some or all destinations.
+><A
+HREF="actions-file.html#HIDE-IF-MODIFIED-SINCE"
+>hided-if-modified-since</A
+></TT
+>
+ to further customize your random range.
</P
><P
-> The CONNECT methods exists in HTTP to allow access to secure websites
- (<SPAN
+> The preferred parameter here is <SPAN
CLASS="QUOTE"
->"https://"</SPAN
-> URLs) through proxies. It works very simply:
- the proxy connects to the server on the specified port, and then
- short-circuits its connections to the client and to the remote server.
- This can be a big security hole, since CONNECT-enabled proxies can be
- abused as TCP relays very easily.
- </P
+>"randomize"</SPAN
+>. It is safe
+ to use, as long as the time settings are more or less correct.
+ If the server sets the <SPAN
+CLASS="QUOTE"
+>"Last-Modified:"</SPAN
+> header to the time
+ of the request, the random range becomes zero and the value stays the same.
+ Therefore you should later randomize it a second time with
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HIDE-IF-MODIFIED-SINCE"
+>hided-if-modified-since</A
+></TT
+>,
+ just to be sure.
+ </P
><P
-> If you don't know what any of this means, there probably is no reason to
- change this one, since the default is already very restrictive.
- </P
+> It is also recommended to use this action together with
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CRUNCH-IF-NONE-MATCH"
+>crunch-if-none-match</A
+></TT
+>.
+ </P
></DD
><DT
->Example usages:</DT
+>Example usage:</DT
><DD
><P
> <TABLE
><TD
><PRE
CLASS="SCREEN"
->+limit-connect{443} # This is the default and need not be specified.
-+limit-connect{80,443} # Ports 80 and 443 are OK.
-+limit-connect{-3, 7, 20-100, 500-} # Ports less than 3, 7, 20 to 100 and above 500 are OK.
-+limit-connect{-} # All ports are OK (gaping security hole!)</PRE
+># Let the browser revalidate without being tracked across sessions
+{+hide-if-modified-since {-1}\
++overwrite-last-modified {randomize}\
++crunch-if-none-match}
+/</PRE
></TD
></TR
></TABLE
><H4
CLASS="SECT3"
><A
-NAME="PREVENT-COMPRESSION"
->8.5.16. prevent-compression</A
-></H4
+NAME="REDIRECT"
+></A
+>8.5.28. redirect</H4
><P
></P
><DIV
>Typical use:</DT
><DD
><P
-> Ensure that servers send the content uncompressed, so it can be
- passed through <VAR
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#FILTER"
->filter</A
-></VAR
->s
+> Redirect requests to other sites.
</P
></DD
><DT
>Effect:</DT
><DD
><P
-> Adds a header to the request that asks for uncompressed transfer.
+> Convinces the browser that the requested document has been moved
+ to another location and the browser should get it from there.
</P
></DD
><DT
>Type:</DT
><DD
><P
->Boolean.</P
+>Parameterized</P
></DD
><DT
>Parameter:</DT
><DD
><P
-> N/A
+> Any URL.
</P
></DD
><DT
>Notes:</DT
><DD
><P
-> More and more websites send their content compressed by default, which
- is generally a good idea and saves bandwidth. But for the <VAR
+> This action is useful to replace whole documents with your own
+ ones. For that to work, they have to be available on another server.
+ </P
+><P
+> You can do the same by combining the actions
+ <TT
CLASS="LITERAL"
><A
-HREF="actions-file.html#FILTER"
->filter</A
-></VAR
->, <VAR
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+>,
+ <TT
CLASS="LITERAL"
><A
-HREF="actions-file.html#DEANIMATE-GIFS"
->deanimate-gifs</A
-></VAR
->
- and <VAR
+HREF="actions-file.html#HANDLE-AS-IMAGE"
+>handle-as-image</A
+></TT
+> and
+ <TT
CLASS="LITERAL"
><A
-HREF="actions-file.html#KILL-POPUPS"
->kill-popups</A
-></VAR
-> actions to work,
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> needs access to the uncompressed data.
- Unfortunately, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> can't yet(!) uncompress, filter, and
- re-compress the content on the fly. So if you want to ensure that all websites, including
- those that normally compress, can be filtered, you need to use this action.
- </P
-><P
-> This will slow down transfers from those websites, though. If you use any of the above-mentioned
- actions, you will typically want to use <VAR
-CLASS="LITERAL"
->prevent-compression</VAR
-> in conjunction
- with them.
+HREF="actions-file.html#SET-IMAGE-BLOCKER"
+>set-image-blocker{URL}</A
+></TT
+>.
+ It doesn't sound right for non-image documents, and that's why this action
+ was created.
</P
><P
-> Note that some (rare) ill-configured sites don't handle requests for uncompressed
- documents correctly (they send an empty document body). If you use <VAR
+> This action will be ignored if you use it together with
+ <TT
CLASS="LITERAL"
->prevent-compression</VAR
->
- per default, you'll have to add exceptions for those sites. See the example for how to do that.
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+>.
</P
></DD
><DT
->Example usage (sections):</DT
+>Example usage:</DT
><DD
><P
> <TABLE
><TD
><PRE
CLASS="SCREEN"
-># Set default:
-#
-{+prevent-compression}
-/ # Match all sites
-
-# Make exceptions for ill sites:
-#
-{-prevent-compression}
-www.debianhelp.org
-www.pclinuxonline.com</PRE
+># Replace example.com's style sheet with another one
+{+redirect{http://localhost/css-replacements/example.com.css}}
+example.com/stylesheet.css</PRE
></TD
></TR
></TABLE
CLASS="SECT3"
><A
NAME="SEND-VANILLA-WAFER"
->8.5.17. send-vanilla-wafer</A
-></H4
+></A
+>8.5.29. send-vanilla-wafer</H4
><P
></P
><DIV
CLASS="SECT3"
><A
NAME="SEND-WAFER"
->8.5.18. send-wafer</A
-></H4
+></A
+>8.5.30. send-wafer</H4
><P
></P
><DIV
><P
> A string of the form <SPAN
CLASS="QUOTE"
->"<VAR
+>"<TT
CLASS="REPLACEABLE"
->name</VAR
->=<VAR
+><I
+>name</I
+></TT
+>=<TT
CLASS="REPLACEABLE"
->value</VAR
+><I
+>value</I
+></TT
>"</SPAN
>.
</P
CLASS="SECT3"
><A
NAME="SESSION-COOKIES-ONLY"
->8.5.19. session-cookies-only</A
-></H4
+></A
+>8.5.31. session-cookies-only</H4
><P
></P
><DIV
>Notes:</DT
><DD
><P
-> This is less strict than <VAR
+> This is less strict than <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
>crunch-incoming-cookies</A
-></VAR
+></TT
> /
- <VAR
+ <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
>crunch-outgoing-cookies</A
-></VAR
+></TT
> and allows you to browse
websites that insist or rely on setting cookies, without compromising your privacy too badly.
</P
><P
> Most browsers will not permanently store cookies that have been processed by
- <VAR
+ <TT
CLASS="LITERAL"
->session-cookies-only</VAR
+>session-cookies-only</TT
> and will forget about them between sessions.
This makes profiling cookies useless, but won't break sites which require cookies so
that you can log in for transactions. This is generally turned on for all
CLASS="EMPHASIS"
>no sense at all</I
></SPAN
-> to use <VAR
+> to use <TT
CLASS="LITERAL"
->session-cookies-only</VAR
+>session-cookies-only</TT
>
- together with <VAR
+ together with <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
>crunch-incoming-cookies</A
-></VAR
+></TT
> or
- <VAR
+ <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
>crunch-outgoing-cookies</A
-></VAR
+></TT
>. If you do, cookies
will be plainly killed.
</P
>content-cookies filter</A
>
to block some types of cookies. Content cookies are not effected by
- <VAR
+ <TT
CLASS="LITERAL"
->session-cookies-only</VAR
+>session-cookies-only</TT
>.
</P
></DD
CLASS="SECT3"
><A
NAME="SET-IMAGE-BLOCKER"
->8.5.20. set-image-blocker</A
-></H4
+></A
+>8.5.32. set-image-blocker</H4
><P
></P
><DIV
>both</I
></SPAN
>
- <VAR
+ <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#BLOCK"
>block</A
-></VAR
+></TT
> <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>and</I
></SPAN
-> <VAR
+> <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#HANDLE-AS-IMAGE"
>handle-as-image</A
-></VAR
+></TT
> <SPAN
CLASS="emphasis"
><I
><P
> <SPAN
CLASS="QUOTE"
->"<VAR
+>"<TT
CLASS="REPLACEABLE"
->target-url</VAR
+><I
+>target-url</I
+></TT
>"</SPAN
> to
- send a redirect to <VAR
+ send a redirect to <TT
CLASS="REPLACEABLE"
->target-url</VAR
+><I
+>target-url</I
+></TT
>. You can redirect
- to any image anywhere, even in your local filesystem (via <SPAN
+ to any image anywhere, even in your local filesystem via <SPAN
CLASS="QUOTE"
>"file:///"</SPAN
-> URL).
+> URL.
+ (But note that not all browsers support redirecting to a local file system).
</P
><P
> A good application of redirects is to use special <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
>-built-in
- URLs, which send the built-in images, as <VAR
+ URLs, which send the built-in images, as <TT
CLASS="REPLACEABLE"
->target-url</VAR
+><I
+>target-url</I
+></TT
>.
This has the same visual effect as specifying <SPAN
CLASS="QUOTE"
><P
> The URLs for the built-in images are <SPAN
CLASS="QUOTE"
->"http://config.privoxy.org/send-banner?type=<VAR
+>"http://config.privoxy.org/send-banner?type=<TT
CLASS="REPLACEABLE"
->type</VAR
+><I
+>type</I
+></TT
>"</SPAN
->, where <VAR
+>, where <TT
CLASS="REPLACEABLE"
->type</VAR
+><I
+>type</I
+></TT
> is
either <SPAN
CLASS="QUOTE"
>NOT</I
></SPAN
> to be
- used in <VAR
+ used in <TT
CLASS="LITERAL"
->set-image-blocker</VAR
+>set-image-blocker</TT
>, but meant for use from <A
HREF="filter-file.html"
>filters</A
></DIV
><DIV
CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="TREAT-FORBIDDEN-CONNECTS-LIKE-BLOCKS"
+></A
+>8.5.33. treat-forbidden-connects-like-blocks</H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Block forbidden connects with an easy to find error message.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+> If this action is enabled, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> no longer
+ makes a difference between forbidden connects and ordinary blocks.
+ </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Boolean</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>N/A</P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> By default <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> answers
+ <A
+HREF="actions-file.html#LIMIT-CONNECT"
+>forbidden <SPAN
+CLASS="QUOTE"
+>"Connect"</SPAN
+> requests</A
+>
+ with a short error message inside the headers. If the browser doesn't display
+ headers (most don't), you just see an empty page.
+ </P
+><P
+> With this action enabled, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> displays
+ the message that is used for ordinary blocks instead. If you decide
+ to make an exception for the page in question, you can do so by
+ following the <SPAN
+CLASS="QUOTE"
+>"See why"</SPAN
+> link.
+ </P
+><P
+> For <SPAN
+CLASS="QUOTE"
+>"Connect"</SPAN
+> requests the clients tell
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> which host they are interested
+ in, but not which document they plan to get later. As a result, the
+ <SPAN
+CLASS="QUOTE"
+>"Go there anyway"</SPAN
+> link becomes rather useless:
+ it lets the client request the home page of the forbidden host
+ through unencrypted HTTP, still using the port of the last request.
+ </P
+><P
+> If you previously configured <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to do the
+ request through a SSL tunnel, everything will work. Most likely you haven't
+ and the server will responds with an error message because it is expecting
+ HTTPS.
+ </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+treat-forbidden-connects-like-blocks</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
><H3
CLASS="SECT3"
><A
-NAME="AEN2855"
->8.5.21. Summary</A
-></H3
+NAME="AEN3543"
+></A
+>8.5.34. Summary</H3
><P
> Note that many of these actions have the potential to cause a page to
misbehave, possibly even not to display at all. There are many ways
CLASS="SECT2"
><A
NAME="ALIASES"
->8.6. Aliases</A
-></H2
+></A
+>8.6. Aliases</H2
><P
> Custom <SPAN
CLASS="QUOTE"
CLASS="SECT2"
><A
NAME="ACT-EXAMPLES"
->8.7. Actions Files Tutorial</A
-></H2
+></A
+>8.7. Actions Files Tutorial</H2
><P
> The above chapters have shown <A
HREF="actions-file.html"
><H3
CLASS="SECT3"
><A
-NAME="AEN2920"
->8.7.1. default.action</A
-></H3
+NAME="AEN3608"
+></A
+>8.7.1. default.action</H3
><P
>Every config file should start with a short comment stating its purpose:</P
><P
><TD
><PRE
CLASS="SCREEN"
-># Sample default.action file <developers@privoxy.org></PRE
+># Sample default.action file <ijbswa-developers@lists.sourceforge.net></PRE
></TD
></TR
></TABLE
> The first regular section is probably the most important. It has only
one pattern, <SPAN
CLASS="QUOTE"
->"<VAR
+>"<TT
CLASS="LITERAL"
->/</VAR
+>/</TT
>"</SPAN
>, but this pattern
<A
sites, i.e. sites that require minimum interference, because they are either
very complex or very keen on tracking you (and have mechanisms in place that
make them unusable for people who avoid being tracked). We will simply use
- our pre-defined <VAR
+ our pre-defined <TT
CLASS="LITERAL"
->fragile</VAR
+>fragile</TT
> alias instead of stating the list
of actions explicitly:</P
><P
></TABLE
></P
><P
-> The <VAR
+> The <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#FAST-REDIRECTS"
>fast-redirects</A
-></VAR
+></TT
>
action, which we enabled per default above, breaks some sites. So disable
it for popular sites where we know it misbehaves:</P
>and</I
></SPAN
>
- information). We can mark any URL as an image with the <VAR
+ information). We can mark any URL as an image with the <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#HANDLE-AS-IMAGE"
>handle-as-image</A
-></VAR
+></TT
> action,
and marking all URLs that end in a known image file extension is a
good start:</P
></SPAN
>
mark them as images in one go, with the help of our
- <VAR
+ <TT
CLASS="LITERAL"
->block-as-image</VAR
+>block-as-image</TT
> alias defined above. (We could of
- course just as well use <VAR
+ course just as well use <TT
CLASS="LITERAL"
>+<A
HREF="actions-file.html#BLOCK"
+<A
HREF="actions-file.html#HANDLE-AS-IMAGE"
>handle-as-image</A
-></VAR
+></TT
> here.)
Remember that the type of the replacement image is chosen by the
- <VAR
+ <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#SET-IMAGE-BLOCKER"
>set-image-blocker</A
-></VAR
+></TT
>
action. Since all URLs have matched the default section with its
- <VAR
+ <TT
CLASS="LITERAL"
>+<A
HREF="actions-file.html#SET-IMAGE-BLOCKER"
>set-image-blocker</A
->{pattern}</VAR
+>{pattern}</TT
>
action before, it still applies and needn't be repeated:</P
><P
CLASS="QUOTE"
>"blocked"</SPAN
>
- by the <VAR
+ by the <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#FILTER"
>filter</A
->{banners-by-size}</VAR
+>{banners-by-size}</TT
>
action, which we enabled above, and which deletes the references to banner
images from the pages while they are loaded, so the browser doesn't request
them anymore, and hence they don't need to be blocked here. But this naturally
doesn't catch all banners, and some people choose not to use filters, so we
need a comprehensive list of patterns for banner URLs here, and apply the
- <VAR
+ <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#BLOCK"
>block</A
-></VAR
+></TT
> action to them.</P
><P
> First comes a bunch of generic patterns, which do most of the work, by
></P
><P
> You wouldn't believe how many advertisers actually call their banner
- servers ads.<VAR
+ servers ads.<TT
CLASS="REPLACEABLE"
->company</VAR
+><I
+>company</I
+></TT
>.com, or call the directory
in which the banners are stored simply <SPAN
CLASS="QUOTE"
generic patterns are surprisingly effective.</P
><P
> But being very generic, they necessarily also catch URLs that we don't want
- to block. The pattern <VAR
+ to block. The pattern <TT
CLASS="LITERAL"
->.*ads.</VAR
+>.*ads.</TT
> e.g. catches
<SPAN
CLASS="QUOTE"
></SPAN
>l.some-provider.net."</SPAN
> So here come some
- well-known exceptions to the <VAR
+ well-known exceptions to the <TT
CLASS="LITERAL"
>+<A
HREF="actions-file.html#BLOCK"
>block</A
-></VAR
+></TT
>
section above.</P
><P
>"downloads.sourcefroge.net"</SPAN
>: Initially, all actions are deactivated,
so it wouldn't get blocked. Then comes the defaults section, which matches the
- URL, but just deactivates the <VAR
+ URL, but just deactivates the <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#BLOCK"
>block</A
-></VAR
+></TT
>
- action once again. Then it matches <VAR
+ action once again. Then it matches <TT
CLASS="LITERAL"
->.*ads.</VAR
+>.*ads.</TT
>, an exception to the
general non-blocking policy, and suddenly
- <VAR
+ <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#BLOCK"
>+block</A
-></VAR
+></TT
> applies. And now, it'll match
- <VAR
+ <TT
CLASS="LITERAL"
->.*loads.</VAR
->, where <VAR
+>.*loads.</TT
+>, where <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#BLOCK"
>-block</A
-></VAR
+></TT
>
applies, so (unless it matches <SPAN
CLASS="emphasis"
>again</I
></SPAN
> further down) it ends up
- with no <VAR
+ with no <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#BLOCK"
>block</A
-></VAR
+></TT
> action applying.</P
><P
> <TABLE
CLASS="QUOTE"
>"cvs"</SPAN
> in them. Note that
- <VAR
+ <TT
CLASS="LITERAL"
>-<A
HREF="actions-file.html#FILTER"
>filter</A
-></VAR
+></TT
>
disables <SPAN
CLASS="emphasis"
><H3
CLASS="SECT3"
><A
-NAME="AEN3086"
->8.7.2. user.action</A
-></H3
+NAME="AEN3774"
+></A
+>8.7.2. user.action</H3
><P
> So far we are painting with a broad brush by setting general policies,
which would be a reasonable starting point for many people. Now,
> Say you have accounts on some sites that you visit regularly, and
you don't want to have to log in manually each time. So you'd like
to allow persistent cookies for these sites. The
- <VAR
+ <TT
CLASS="LITERAL"
->allow-all-cookies</VAR
+>allow-all-cookies</TT
> alias defined above does exactly
that, i.e. it disables crunching of cookies in any direction, and the
processing of cookies to make them only temporary.</P
>"copy image location"</SPAN
>
and pasted the URL below while removing the leading http://, into a
- <VAR
+ <TT
CLASS="LITERAL"
->{ +block }</VAR
-> section. Note that <VAR
+>{ +block }</TT
+> section. Note that <TT
CLASS="LITERAL"
>{ +handle-as-image
- }</VAR
+ }</TT
> need not be specified, since all URLs ending in
- <VAR
+ <TT
CLASS="LITERAL"
->.gif</VAR
+>.gif</TT
> will be tagged as images by the general rules as set
in default.action anyway:</P
><P
>Privoxy</SPAN
> to guess
the file type just by looking at the URL.
- You can use the <VAR
+ You can use the <TT
CLASS="LITERAL"
->+block-as-image</VAR
+>+block-as-image</TT
> alias defined above for
these cases.
Note that objects which match this rule but then turn out NOT to be an
HREF="contact.html"
>feedback</A
>, so
- you just used the <VAR
+ you just used the <TT
CLASS="LITERAL"
->fragile</VAR
+>fragile</TT
> alias on the site, and
-- <SPAN
CLASS="emphasis"
CLASS="EMPHASIS"
>whoa!</I
></SPAN
-> -- it worked. The <VAR
+> -- it worked. The <TT
CLASS="LITERAL"
->fragile</VAR
+>fragile</TT
>
aliases disables those actions that are most likely to break a site. Also,
good for testing purposes to see if it is <SPAN
></TABLE
> </P
><P
-> Note that <VAR
+> Note that <TT
CLASS="LITERAL"
->allow-ads</VAR
+>allow-ads</TT
> has been aliased to
- <VAR
+ <TT
CLASS="LITERAL"
>-<A
HREF="actions-file.html#BLOCK"
>block</A
-></VAR
+></TT
>,
- <VAR
+ <TT
CLASS="LITERAL"
>-<A
HREF="actions-file.html#FILTER-BANNERS-BY-SIZE"
>filter{banners-by-size}</A
-></VAR
+></TT
>, and
- <VAR
+ <TT
CLASS="LITERAL"
>-<A
HREF="actions-file.html#FILTER-BANNERS-BY-LINK"
>filter{banners-by-link}</A
-></VAR
+></TT
> above.</P
><P
> <TT
WIDTH="33%"
ALIGN="right"
VALIGN="top"
->The Filter File</TD
+>Filter Files</TD
></TR
></TABLE
></DIV