-<HTML
-><HEAD
-><TITLE
->Actions Files</TITLE
-><META
-NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.64
-"><LINK
-REL="HOME"
-TITLE="Privoxy User Manual"
-HREF="index.html"><LINK
-REL="PREVIOUS"
-TITLE="The Main Configuration File"
-HREF="config.html"><LINK
-REL="NEXT"
-TITLE="The Filter File"
-HREF="filter-file.html"><LINK
-REL="STYLESHEET"
-TYPE="text/css"
-HREF="../p_doc.css"></HEAD
-><BODY
-CLASS="SECT1"
-BGCOLOR="#EEEEEE"
-TEXT="#000000"
-LINK="#0000FF"
-VLINK="#840084"
-ALINK="#0000FF"
-><DIV
-CLASS="NAVHEADER"
-><TABLE
-WIDTH="100%"
-BORDER="0"
-CELLPADDING="0"
-CELLSPACING="0"
-><TR
-><TH
-COLSPAN="3"
-ALIGN="center"
->Privoxy User Manual</TH
-></TR
-><TR
-><TD
-WIDTH="10%"
-ALIGN="left"
-VALIGN="bottom"
-><A
-HREF="config.html"
->Prev</A
-></TD
-><TD
-WIDTH="80%"
-ALIGN="center"
-VALIGN="bottom"
-></TD
-><TD
-WIDTH="10%"
-ALIGN="right"
-VALIGN="bottom"
-><A
-HREF="filter-file.html"
->Next</A
-></TD
-></TR
-></TABLE
-><HR
-ALIGN="LEFT"
-WIDTH="100%"></DIV
-><DIV
-CLASS="SECT1"
-><H1
-CLASS="SECT1"
-><A
-NAME="ACTIONS-FILE"
->9. Actions Files</A
-></H1
-><P
-> The actions files are used to define what actions
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> takes for which URLs, and thus determines
- how ad images, cookies and various other aspects of HTTP content and
- transactions are handled, and on which sites (or even parts thereof). There
- are three such files included with <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->,
- with slightly different purposes. <TT
-CLASS="FILENAME"
->default.action</TT
-> sets
- the default policies. <TT
-CLASS="FILENAME"
->standard.action</TT
-> is used by
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> and the web based editor to set
- pre-defined values (and normally should not be edited). Local exceptions
- are best done in <TT
-CLASS="FILENAME"
->user.action</TT
->. The content of these
- can all be viewed and edited from <A
-HREF="http://config.privoxy.org/show-status"
-TARGET="_top"
->http://config.privoxy.org/show-status</A
->.
- </P
-><P
->
- Anything you want can be blocked, including ads, banners, or just some obnoxious
- URL that you would rather not see is done here. Cookies can be accepted or rejected, or
- accepted only during the current browser session (i.e. not written to disk),
- content can be modified, JavaScripts tamed, user-tracking fooled, and much more.
- See below for a complete list of available actions.</P
-><P
-> An actions file typically has sections. Near the top, <SPAN
-CLASS="QUOTE"
->"aliases"</SPAN
-> are
- optionally defined (discussed <A
-HREF="actions-file.html#ALIASES"
-TARGET="_top"
->below</A
->), then the default set of rules
- which will apply universally to all sites and pages. And then below that,
- exceptions to the defined universal policies. </P
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN1299"
->9.1. Finding the Right Mix</A
-></H2
-><P
-> Note that some <A
-HREF="actions-file.html#ACTIONS"
->actions</A
->, like cookie suppression
- or script disabling, may render some sites unusable that rely on these
- techniques to work properly. Finding the right mix of actions is not always easy and
- certainly a matter of personal taste. In general, it can be said that the more
- <SPAN
-CLASS="QUOTE"
->"aggressive"</SPAN
-> your default settings (in the top section of the
- actions file) are, the more exceptions for <SPAN
-CLASS="QUOTE"
->"trusted"</SPAN
-> sites you
- will have to make later. If, for example, you want to kill popup windows per
- default, you'll have to make exceptions from that rule for sites that you
- regularly use and that require popups for actually useful content, like maybe
- your bank, favorite shop, or newspaper.</P
-><P
-> We have tried to provide you with reasonable rules to start from in the
- distribution actions files. But there is no general rule of thumb on these
- things. There just are too many variables, and sites are constantly changing.
- Sooner or later you will want to change the rules (and read this chapter again :).</P
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN1306"
->9.2. How to Edit</A
-></H2
-><P
-> The easiest way to edit the <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
-> files is with a browser by
- using our browser-based editor, which can be reached from <A
-HREF="http://config.privoxy.org/show-status"
-TARGET="_top"
->http://config.privoxy.org/show-status</A
->.</P
-><P
-> If you prefer plain text editing to GUIs, you can of course also directly edit the
- the actions files.</P
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN1312"
->9.3. How Actions are Applied to URLs</A
-></H2
-><P
-> Actions files are divided into sections. There are special sections,
- like the <SPAN
-CLASS="QUOTE"
->"<A
-HREF="actions-file.html#ALIASES"
->alias</A
->"</SPAN
-> sections which will be discussed later. For now
- let's concentrate on regular sections: They have a heading line (often split
- up to multiple lines for readability) which consist of a list of actions,
- separated by whitespace and enclosed in curly braces. Below that, there
- is a list of URL patterns, each on a separate line.</P
-><P
-> To determine which actions apply to a request, the URL of the request is
- compared to all patterns in this file. Every time it matches, the list of
- applicable actions for the URL is incrementally updated, using the heading
- of the section in which the pattern is located. If multiple matches for
- the same URL set the same action differently, the last match wins. If not,
- the effects are aggregated (e.g. a URL might match both the
- <A
-HREF="actions-file.html#HANDLE-AS-IMAGE"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+handle-as-image"</SPAN
-></A
->
- and <A
-HREF="actions-file.html#BLOCK"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-></A
-> actions).
- </P
-><P
-> You can trace this process by visiting <A
-HREF="http://config.privoxy.org/show-url-info"
-TARGET="_top"
->http://config.privoxy.org/show-url-info</A
->.</P
-><P
-> More detail on this is provided in the Appendix, <A
-HREF="appendix.html#ACTIONSANAT"
-> Anatomy of an Action</A
->.</P
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN1326"
->9.4. Patterns</A
-></H2
-><P
-> Generally, a pattern has the form <TT
-CLASS="LITERAL"
-><domain>/<path></TT
->,
- where both the <TT
-CLASS="LITERAL"
-><domain></TT
-> and <TT
-CLASS="LITERAL"
-><path></TT
->
- are optional. (This is why the pattern <TT
-CLASS="LITERAL"
->/</TT
-> matches all URLs).</P
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
-><TT
-CLASS="LITERAL"
->www.example.com/</TT
-></DT
-><DD
-><P
-> is a domain-only pattern and will match any request to <TT
-CLASS="LITERAL"
->www.example.com</TT
->,
- regardless of which document on that server is requested.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->www.example.com</TT
-></DT
-><DD
-><P
-> means exactly the same. For domain-only patterns, the trailing <TT
-CLASS="LITERAL"
->/</TT
-> may
- be omitted.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->www.example.com/index.html</TT
-></DT
-><DD
-><P
-> matches only the single document <TT
-CLASS="LITERAL"
->/index.html</TT
->
- on <TT
-CLASS="LITERAL"
->www.example.com</TT
->.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->/index.html</TT
-></DT
-><DD
-><P
-> matches the document <TT
-CLASS="LITERAL"
->/index.html</TT
->, regardless of the domain,
- i.e. on <I
-CLASS="EMPHASIS"
->any</I
-> web server.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->index.html</TT
-></DT
-><DD
-><P
-> matches nothing, since it would be interpreted as a domain name and
- there is no top-level domain called <TT
-CLASS="LITERAL"
->.html</TT
->.
- </P
-></DD
-></DL
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN1366"
->9.4.1. The Domain Pattern</A
-></H3
-><P
-> The matching of the domain part offers some flexible options: if the
- domain starts or ends with a dot, it becomes unanchored at that end.
- For example:</P
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
-><TT
-CLASS="LITERAL"
->.example.com</TT
-></DT
-><DD
-><P
-> matches any domain that <I
-CLASS="EMPHASIS"
->ENDS</I
-> in
- <TT
-CLASS="LITERAL"
->.example.com</TT
->
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->www.</TT
-></DT
-><DD
-><P
-> matches any domain that <I
-CLASS="EMPHASIS"
->STARTS</I
-> with
- <TT
-CLASS="LITERAL"
->www.</TT
->
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->.example.</TT
-></DT
-><DD
-><P
-> matches any domain that <I
-CLASS="EMPHASIS"
->CONTAINS</I
-> <TT
-CLASS="LITERAL"
->.example.</TT
->
- (Correctly speaking: It matches any FQDN that contains <TT
-CLASS="LITERAL"
->example</TT
-> as a domain.)
- </P
-></DD
-></DL
-></DIV
-><P
-> Additionally, there are wild-cards that you can use in the domain names
- themselves. They work pretty similar to shell wild-cards: <SPAN
-CLASS="QUOTE"
->"*"</SPAN
->
- stands for zero or more arbitrary characters, <SPAN
-CLASS="QUOTE"
->"?"</SPAN
-> stands for
- any single character, you can define character classes in square
- brackets and all of that can be freely mixed:</P
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
-><TT
-CLASS="LITERAL"
->ad*.example.com</TT
-></DT
-><DD
-><P
-> matches <SPAN
-CLASS="QUOTE"
->"adserver.example.com"</SPAN
->,
- <SPAN
-CLASS="QUOTE"
->"ads.example.com"</SPAN
->, etc but not <SPAN
-CLASS="QUOTE"
->"sfads.example.com"</SPAN
->
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->*ad*.example.com</TT
-></DT
-><DD
-><P
-> matches all of the above, and then some.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->.?pix.com</TT
-></DT
-><DD
-><P
-> matches <TT
-CLASS="LITERAL"
->www.ipix.com</TT
->,
- <TT
-CLASS="LITERAL"
->pictures.epix.com</TT
->, <TT
-CLASS="LITERAL"
->a.b.c.d.e.upix.com</TT
-> etc.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->www[1-9a-ez].example.c*</TT
-></DT
-><DD
-><P
-> matches <TT
-CLASS="LITERAL"
->www1.example.com</TT
->,
- <TT
-CLASS="LITERAL"
->www4.example.cc</TT
->, <TT
-CLASS="LITERAL"
->wwwd.example.cy</TT
->,
- <TT
-CLASS="LITERAL"
->wwwz.example.com</TT
-> etc., but <I
-CLASS="EMPHASIS"
->not</I
->
- <TT
-CLASS="LITERAL"
->wwww.example.com</TT
->.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN1428"
->9.4.2. The Path Pattern</A
-></H3
-><P
-> <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> uses Perl compatible regular expressions
- (through the <A
-HREF="http://www.pcre.org/"
-TARGET="_top"
->PCRE</A
-> library) for
- matching the path.</P
-><P
-> There is an <A
-HREF="appendix.html#REGEX"
->Appendix</A
-> with a brief quick-start into regular
- expressions, and full (very technical) documentation on PCRE regex syntax is available on-line
- at <A
-HREF="http://www.pcre.org/man.txt"
-TARGET="_top"
->http://www.pcre.org/man.txt</A
->.
- You might also find the Perl man page on regular expressions (<TT
-CLASS="LITERAL"
->man perlre</TT
->)
- useful, which is available on-line at <A
-HREF="http://www.perldoc.com/perl5.6/pod/perlre.html"
-TARGET="_top"
->http://www.perldoc.com/perl5.6/pod/perlre.html</A
->.</P
-><P
-> Note that the path pattern is automatically left-anchored at the <SPAN
-CLASS="QUOTE"
->"/"</SPAN
->,
- i.e. it matches as if it would start with a <SPAN
-CLASS="QUOTE"
->"^"</SPAN
-> (regular expression speak
- for the beginning of a line).</P
-><P
-> Please also note that matching in the path is case
- <I
-CLASS="EMPHASIS"
->INSENSITIVE</I
-> by default, but you can switch to case
- sensitive at any point in the pattern by using the
- <SPAN
-CLASS="QUOTE"
->"(?-i)"</SPAN
-> switch:
- <TT
-CLASS="LITERAL"
->www.example.com/(?-i)PaTtErN.*</TT
-> will match only
- documents whose path starts with <TT
-CLASS="LITERAL"
->PaTtErN</TT
-> in
- <I
-CLASS="EMPHASIS"
->exactly</I
-> this capitalization.</P
-></DIV
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="ACTIONS"
->9.5. Actions</A
-></H2
-><P
-> All actions are disabled by default, until they are explicitly enabled
- somewhere in an actions file. Actions are turned on if preceded with a
- <SPAN
-CLASS="QUOTE"
->"+"</SPAN
->, and turned off if preceded with a <SPAN
-CLASS="QUOTE"
->"-"</SPAN
->. So a
- <SPAN
-CLASS="QUOTE"
->"+action"</SPAN
-> means <SPAN
-CLASS="QUOTE"
->"do that action"</SPAN
->, e.g.
- <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-> means please <SPAN
-CLASS="QUOTE"
->"block the following URL
- patterns"</SPAN
->. </P
-><P
->
- Actions are invoked by enclosing the action name in curly braces (e.g.
- {+some_action}), followed by a list of URLs (or patterns that match URLs) to
- which the action applies. There are three classes of actions: </P
-><P
-> <P
-></P
-><UL
-><LI
-><P
->
- Boolean, i.e the action can only be <SPAN
-CLASS="QUOTE"
->"on"</SPAN
-> or
- <SPAN
-CLASS="QUOTE"
->"off"</SPAN
->. Examples:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+name}</I
-> # enable this action<br>
- <I
-CLASS="EMPHASIS"
->{-name}</I
-> # disable this action<br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- Parameterized, e.g. <SPAN
-CLASS="QUOTE"
->"+/-hide-user-agent{ Mozilla 1.0 }"</SPAN
->,
- where some value is required in order to enable this type of action.
- Examples:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+name{param}}</I
-> # enable action and set parameter to <SPAN
-CLASS="QUOTE"
->"param"</SPAN
-><br>
- <I
-CLASS="EMPHASIS"
->{-name}</I
-> # disable action (<SPAN
-CLASS="QUOTE"
->"parameter"</SPAN
->) can be omitted<br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
-
- Multi-value, e.g. <SPAN
-CLASS="QUOTE"
->"{+/-add-header{Name: value}}"</SPAN
-> or
- <SPAN
-CLASS="QUOTE"
->"{+/-send-wafer{name=value}}"</SPAN
->), where some value needs to be defined
- in addition to simply enabling the action. Examples:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+name{param=value}}</I
-> # enable action and set <SPAN
-CLASS="QUOTE"
->"param"</SPAN
-> to <SPAN
-CLASS="QUOTE"
->"value"</SPAN
-><br>
- <I
-CLASS="EMPHASIS"
->{-name{param=value}}</I
-> # remove the parameter <SPAN
-CLASS="QUOTE"
->"param"</SPAN
-> completely<br>
- <I
-CLASS="EMPHASIS"
->{-name}</I
-> # disable this action totally and remove <SPAN
-CLASS="APPLICATION"
->param</SPAN
-> too<br>
- </P
->
- </TT
->
- </P
-></LI
-></UL
-></P
-><P
-> If nothing is specified in any actions file, no <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
-> are
- taken. So in this case <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> would just be a
- normal, non-blocking, non-anonymizing proxy. You must specifically enable the
- privacy and blocking features you need (although the provided default actions
- files will give a good starting point).</P
-><P
-> Later defined actions always over-ride earlier ones. So exceptions
- to any rules you make, should come in the latter part of the file (or
- in a file that is processed later when using multiple actions files). For
- multi-valued actions, the actions are applied in the order they are specified.
- Actions files are processed in the order they are defined in
- <TT
-CLASS="FILENAME"
->config</TT
-> (the default installation has three actions
- files). It also quite possible for any given URL pattern to match more than
- one action!</P
-><P
-> The list of valid <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
-> are:</P
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="ADD-HEADER"
->9.5.1. <I
-CLASS="EMPHASIS"
->+add-header</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Multi-value.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Send a user defined HTTP header to the web server.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> Any value is possible. Validity of the defined HTTP headers is not checked.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+add-header{X-User-Tracking: sucks}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This action may be specified multiple times, in order to define multiple
- headers. This is rarely needed for the typical user. If you don't know what
- <SPAN
-CLASS="QUOTE"
->"HTTP headers"</SPAN
-> are, you definitely don't need to worry about this
- one.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="BLOCK"
->9.5.2. <I
-CLASS="EMPHASIS"
->+block</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Used to block a URL from reaching your browser. The URL may be
- anything, but is typically used to block ads or other obnoxious
- content.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
->N/A</P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+block}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.banners.example.com</I
-><br>
- <I
-CLASS="EMPHASIS"
->.ads.r.us</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If a URL matches one of the blocked patterns, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- will intercept the URL and display its special <SPAN
-CLASS="QUOTE"
->"BLOCKED"</SPAN
-> page
- instead. If there is sufficient space, a large red banner will appear with
- a friendly message about why the page was blocked, and a way to go there
- anyway. If there is insufficient space a smaller <SPAN
-CLASS="QUOTE"
->"BLOCKED"</SPAN
->
- page will appear without the red banner.
- <A
-HREF="http://ads.bannerserver.example.com/nasty-ads/sponsor.html"
-TARGET="_top"
->Click here</A
->
- to view the default blocked HTML page (<SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> must be running
- for this to work as intended!).
- </P
-><P
->
- A very important exception is if the URL <I
-CLASS="EMPHASIS"
->matches both</I
->
- <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-> and <A
-HREF="actions-file.html#HANDLE-AS-IMAGE"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+handle-as-image"</SPAN
-></A
->,
- then it will be handled by
- <A
-HREF="actions-file.html#SET-IMAGE-BLOCKER"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+set-image-blocker"</SPAN
-></A
->
- (see below). It is important to understand this process, in order
- to understand how <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> is able to deal with
- ads and other objectionable content.
- </P
-><P
-> The <A
-HREF="actions-file.html#FILTER"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+filter"</SPAN
-></A
->
- action can also perform some of the
- same functionality as <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
->, but by virtue of very
- different programming techniques, and is most often used for different
- reasons.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="DEANIMATE-GIFS"
->9.5.3. <I
-CLASS="EMPHASIS"
->+deanimate-gifs</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> To stop those annoying, distracting animated GIF images.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> <SPAN
-CLASS="QUOTE"
->"last"</SPAN
-> or <SPAN
-CLASS="QUOTE"
->"first"</SPAN
->
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+deanimate-gifs{last}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> De-animate all animated GIF images, i.e. reduce them to their last frame.
- This will also shrink the images considerably (in bytes, not pixels!). If
- the option <SPAN
-CLASS="QUOTE"
->"first"</SPAN
-> is given, the first frame of the animation
- is used as the replacement. If <SPAN
-CLASS="QUOTE"
->"last"</SPAN
-> is given, the last
- frame of the animation is used instead, which probably makes more sense for
- most banner animations, but also has the risk of not showing the entire
- last frame (if it is only a delta to an earlier frame).
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="DOWNGRADE-HTTP-VERSION"
->9.5.4. <I
-CLASS="EMPHASIS"
->+downgrade-http-version</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> <SPAN
-CLASS="QUOTE"
->"+downgrade-http-version"</SPAN
-> will downgrade HTTP/1.1 client requests to
- HTTP/1.0 and downgrade the responses as well.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+downgrade-http-version}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Use this action for servers that use HTTP/1.1 protocol features that
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> doesn't handle well yet. HTTP/1.1 is
- only partially implemented. Default is not to downgrade requests. This is
- an infrequently needed action, and is used to help with rare problem sites only.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="FAST-REDIRECTS"
->9.5.5. <I
-CLASS="EMPHASIS"
->+fast-redirects</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> The <SPAN
-CLASS="QUOTE"
->"+fast-redirects"</SPAN
-> action enables interception of
- <SPAN
-CLASS="QUOTE"
->"redirect"</SPAN
-> requests from one server to another, which
- are used to track users.<SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> can cut off
- all but the last valid URL in a redirect request and send a local redirect
- back to your browser without contacting the intermediate site(s).
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+fast-redirects}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
->
- Many sites, like yahoo.com, don't just link to other sites. Instead, they
- will link to some script on their own server, giving the destination as a
- parameter, which will then redirect you to the final target. URLs
- resulting from this scheme typically look like:
- <I
-CLASS="EMPHASIS"
->http://some.place/some_script?http://some.where-else</I
->.
- </P
-><P
-> Sometimes, there are even multiple consecutive redirects encoded in the
- URL. These redirections via scripts make your web browsing more traceable,
- since the server from which you follow such a link can see where you go
- to. Apart from that, valuable bandwidth and time is wasted, while your
- browser ask the server for one redirect after the other. Plus, it feeds
- the advertisers.
- </P
-><P
-> This is a normally <SPAN
-CLASS="QUOTE"
->"on"</SPAN
-> feature, and often requires exceptions
- for sites that are sensitive to defeating this mechanism.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="FILTER"
->9.5.6. <I
-CLASS="EMPHASIS"
->+filter</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Apply page filtering as defined by named sections of the
- <TT
-CLASS="FILENAME"
->default.filter</TT
-> file to the specified site(s).
- <SPAN
-CLASS="QUOTE"
->"Filtering"</SPAN
-> can be any modification of the raw
- page content, including re-writing or deletion of content.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> <SPAN
-CLASS="QUOTE"
->"+filter"</SPAN
-> must include the name of one of the section identifiers
- from <TT
-CLASS="FILENAME"
->default.filter</TT
-> (or whatever
- <I
-CLASS="EMPHASIS"
->filterfile</I
-> is specified in <TT
-CLASS="FILENAME"
->config</TT
->).
- </P
-></DD
-><DT
->Example usage (from the current <TT
-CLASS="FILENAME"
->default.filter</TT
->):</DT
-><DD
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <A
-NAME="FILTER-HTML-ANNOYANCES"
-></A
->
- <I
-CLASS="EMPHASIS"
->+filter{html-annoyances}</I
->: Get rid of particularly annoying HTML abuse.
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <A
-NAME="FILTER-JS-ANNOYANCES"
-></A
->
- <I
-CLASS="EMPHASIS"
->+filter{js-annoyances}</I
->: Get rid of particularly annoying JavaScript abuse
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <A
-NAME="FILTER-CONTENT-COOKIES"
-></A
->
- <I
-CLASS="EMPHASIS"
->+filter{content-cookies}</I
->: Kill cookies that come in the HTML or JS content
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <A
-NAME="FILTER-POPUPS"
-></A
->
- <I
-CLASS="EMPHASIS"
->+filter{popups}</I
->: Kill all popups in JS and HTML
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <A
-NAME="FILTER-FRAMESET-BORDERS"
-></A
->
- <I
-CLASS="EMPHASIS"
->+filter{frameset-borders}</I
->: Give frames a border and make them resizable
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <A
-NAME="FILTER-WEBBUGS"
-></A
->
- <I
-CLASS="EMPHASIS"
->+filter{webbugs}</I
->: Squish WebBugs (1x1 invisible GIFs used for user tracking)
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <A
-NAME="FILTER-REFRESH-TAGS"
-></A
->
- <I
-CLASS="EMPHASIS"
->+filter{refresh-tags}</I
->: Kill automatic refresh tags (for dial-on-demand setups)
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <A
-NAME="FILTER-FUN"
-></A
->
- <I
-CLASS="EMPHASIS"
->+filter{fun}</I
->: Text replacements for subversive browsing fun!
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <A
-NAME="FILTER-NIMDA"
-></A
->
- <I
-CLASS="EMPHASIS"
->+filter{nimda}</I
->: Remove Nimda (virus) code.
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <A
-NAME="FILTER-BANNERS-BY-SIZE"
-></A
->
- <I
-CLASS="EMPHASIS"
->+filter{banners-by-size}</I
->: Kill banners by size (<I
-CLASS="EMPHASIS"
->very</I
-> efficient!)
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <A
-NAME="FILTER-SHOCKWAVE-FLASH"
-></A
->
- <I
-CLASS="EMPHASIS"
->+filter{shockwave-flash}</I
->: Kill embedded Shockwave Flash objects
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <A
-NAME="FILTER-CRUDE-PARENTAL"
-></A
->
- <I
-CLASS="EMPHASIS"
->+filter{crude-parental}</I
->: Kill all web pages that contain the words "sex" or "warez"
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This is potentially a very powerful feature! And requires a knowledge
- of regular expressions if you want to <SPAN
-CLASS="QUOTE"
->"roll your own"</SPAN
->.
- Filtering operates on a line by line basis throughout the entire page.
- </P
-><P
-> Filtering requires buffering the page content, which may appear to
- slow down page rendering since nothing is displayed until all content has
- passed the filters. (It does not really take longer, but seems that way
- since the page is not incrementally displayed.) This effect will be more
- noticeable on slower connections.
- </P
-><P
-> Filtering can achieve some of the effects as the
- <A
-HREF="actions-file#BLOCK"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-></A
->
- action, i.e. it can be used to block ads and banners. In the overall
- scheme of things, filtering is one of the first things <SPAN
-CLASS="QUOTE"
->"Privoxy"</SPAN
->
- does with a web page. So other most other actions are applied to the
- already <SPAN
-CLASS="QUOTE"
->"filtered"</SPAN
-> page.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="HIDE-FORWARDED-FOR-HEADERS"
->9.5.7. <I
-CLASS="EMPHASIS"
->+hide-forwarded-for-headers</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Block any existing X-Forwarded-for HTTP header, and do not add a new one.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+hide-forwarded-for-headers}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> It is fairly safe to leave this on. It does not seem to break many sites.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="HIDE-FROM-HEADER"
->9.5.8. <I
-CLASS="EMPHASIS"
->+hide-from-header</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> To block the browser from sending your email address in a <SPAN
-CLASS="QUOTE"
->"From:"</SPAN
->
- header.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> Keyword: <SPAN
-CLASS="QUOTE"
->"block"</SPAN
->, or any user defined value.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+hide-from-header{block}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The keyword <SPAN
-CLASS="QUOTE"
->"block"</SPAN
-> will completely remove the header
- (not to be confused with the <A
-HREF="actions-file.html#BLOCK"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-></A
-> action).
- Alternately, you can specify any value you prefer to send to the web
- server.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="HIDE-REFERER"
->9.5.9. <I
-CLASS="EMPHASIS"
->+hide-referer</I
-></A
-></H4
-><A
-NAME="HIDE-REFERRER"
-></A
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Don't send the <SPAN
-CLASS="QUOTE"
->"Referer:"</SPAN
-> (sic) HTTP header to the web site.
- Or, alternately send a forged header instead.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> Prevent the header from being sent with the keyword, <SPAN
-CLASS="QUOTE"
->"block"</SPAN
->.
- Or, <SPAN
-CLASS="QUOTE"
->"forge"</SPAN
-> a URL to one from the same server as the request.
- Or, set to user defined value of your choice.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+hide-referer{forge}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> <SPAN
-CLASS="QUOTE"
->"forge"</SPAN
-> is the preferred option here, since some servers will
- not send images back otherwise.
- </P
-><P
->
- <SPAN
-CLASS="QUOTE"
->"+hide-referrer"</SPAN
-> is an alternate spelling of
- <SPAN
-CLASS="QUOTE"
->"+hide-referer"</SPAN
->. It has the exact same parameters, and can be freely
- mixed with, <SPAN
-CLASS="QUOTE"
->"+hide-referer"</SPAN
->. (<SPAN
-CLASS="QUOTE"
->"referrer"</SPAN
-> is the
- correct English spelling, however the HTTP specification has a bug - it
- requires it to be spelled as <SPAN
-CLASS="QUOTE"
->"referer"</SPAN
->.)
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="HIDE-USER-AGENT"
->9.5.10. <I
-CLASS="EMPHASIS"
->+hide-user-agent</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> To change the <SPAN
-CLASS="QUOTE"
->"User-Agent:"</SPAN
-> header so web servers can't tell
- your browser type. Who's business is it anyway?
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> Any user defined string.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.msn.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Warning! This breaks many web sites that depend on this in order
- to determine how the target browser will respond to various
- requests. Use with caution.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="HANDLE-AS-IMAGE"
->9.5.11. <I
-CLASS="EMPHASIS"
->+handle-as-image</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> To define what <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> should treat
- automatically as an image, and is an important ingredient of how
- ads are handled.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+handle-as-image}</I
-><br>
- <I
-CLASS="EMPHASIS"
->/.*\.(gif|jpg|jpeg|png|bmp|ico)</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This only has meaning if the URL (or pattern) also is
- <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
->ed, in which case a user definable image can
- be sent rather than a HTML page. This is integral to the whole concept of
- ad blocking: the URL must match <I
-CLASS="EMPHASIS"
->both</I
-> a <A
-HREF="actions-file.html#BLOCK"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-></A
-> rule,
- <I
-CLASS="EMPHASIS"
->and</I
-> <SPAN
-CLASS="QUOTE"
->"+handle-as-image"</SPAN
->.
- (See <A
-HREF="actions-file.html#SET-IMAGE-BLOCKER"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+set-image-blocker"</SPAN
-></A
->
- below for control over what will actually be displayed by the browser.)
- </P
-><P
-> There is little reason to change the default definition for this action.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="SET-IMAGE-BLOCKER"
->9.5.12. <I
-CLASS="EMPHASIS"
->+set-image-blocker</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Decide what to do with URLs that end up tagged with <I
-CLASS="EMPHASIS"
->both</I
->
- <A
-HREF="actions-file.html#BLOCK"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-></A
->
- and <A
-HREF="actions-file.html#HANDLE-AS-IMAGE"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+handle-as-image"</SPAN
-></A
->,
- e.g an advertisement.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> There are four available options: <SPAN
-CLASS="QUOTE"
->"-set-image-blocker"</SPAN
-> will send a HTML
- <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
-> page, usually resulting in a <SPAN
-CLASS="QUOTE"
->"broken
- image"</SPAN
-> icon.
- <SPAN
-CLASS="QUOTE"
->"+set-image-blocker{<I
-CLASS="EMPHASIS"
->blank</I
->}"</SPAN
-> will send a
- 1x1 transparent GIF image.
- <SPAN
-CLASS="QUOTE"
->"+set-image-blocker{<I
-CLASS="EMPHASIS"
->pattern</I
->}"</SPAN
-> will send a
- checkerboard type pattern (the default). And finally,
- <SPAN
-CLASS="QUOTE"
->"+set-image-blocker{<I
-CLASS="EMPHASIS"
->http://xyz.com</I
->}"</SPAN
-> will
- send a HTTP temporary redirect to the specified image. This has the
- advantage of the icon being being cached by the browser, which will speed
- up the display.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+set-image-blocker{blank}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If you want <I
-CLASS="EMPHASIS"
->invisible</I
-> ads, they need to meet
- criteria as matching both <I
-CLASS="EMPHASIS"
->images</I
-> and <I
-CLASS="EMPHASIS"
->blocked</I
->
- actions. And then, <SPAN
-CLASS="QUOTE"
->"image-blocker"</SPAN
-> should be set to
- <SPAN
-CLASS="QUOTE"
->"blank"</SPAN
-> for invisibility. Note you cannot treat HTML pages as
- images in most cases. For instance, frames require an HTML page to
- display. So a frame that is an ad, typically cannot be treated as an image.
- Forcing an <SPAN
-CLASS="QUOTE"
->"image"</SPAN
-> in this situation just will not work
- reliably.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="LIMIT-CONNECT"
->9.5.13. <I
-CLASS="EMPHASIS"
->+limit-connect</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> By default, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> only allows HTTP CONNECT
- requests to port 443 (the standard, secure HTTPS port). Use
- <SPAN
-CLASS="QUOTE"
->"+limit-connect"</SPAN
-> to disable this altogether, or to allow
- more ports.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> Any valid port number, or port number range.
- </P
-></DD
-><DT
->Example usages:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+limit-connect{443}</I
-> # This is the default and need not be specified.<br>
- <I
-CLASS="EMPHASIS"
->+limit-connect{80,443}</I
-> # Ports 80 and 443 are OK.<br>
- <I
-CLASS="EMPHASIS"
->+limit-connect{-3, 7, 20-100, 500-}</I
-> # Port less than 3, 7, 20 to 100 and above 500 are OK.<br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The CONNECT methods exists in HTTP to allow access to secure websites
- (https:// URLs) through proxies. It works very simply: the proxy connects
- to the server on the specified port, and then short-circuits its
- connections to the client <I
-CLASS="EMPHASIS"
->and</I
-> to the remote proxy.
- This can be a big security hole, since CONNECT-enabled proxies can be
- abused as TCP relays very easily.
- </P
-><P
->
- If you want to allow CONNECT for more ports than this, or want to forbid
- CONNECT altogether, you can specify a comma separated list of ports and
- port ranges (the latter using dashes, with the minimum defaulting to 0 and
- max to 65K).
- </P
-><P
-> If you don't know what any of this means, there probably is no reason to
- change this one.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="PREVENT-COMPRESSION"
->9.5.14. <I
-CLASS="EMPHASIS"
->+prevent-compression</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Prevent the specified websites from compressing HTTP data.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+prevent-compression}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Some websites do this, which can be a problem for
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->, since
- <A
-HREF="actions-file.html#FILTER"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+filter"</SPAN
-></A
->,
- <A
-HREF="actions-file.html#KILL-POPUPS"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+kill-popups"</SPAN
-></A
->
- and <A
-HREF="actions-file.html#GIF-DEANIMATE"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+gif-deanimate"</SPAN
-></A
->
- will not work on compressed data. This will slow down connections to those
- websites, though. Default typically is to turn
- <SPAN
-CLASS="QUOTE"
->"prevent-compression"</SPAN
-> on.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="SESSION-COOKIES-ONLY"
->9.5.15. <I
-CLASS="EMPHASIS"
->+session-cookies-only</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Allow cookies for the current browser session <I
-CLASS="EMPHASIS"
->only</I
->.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage (disabling):</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{-session-cookies-only}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If websites set cookies, <SPAN
-CLASS="QUOTE"
->"+session-cookies-only"</SPAN
-> will make sure
- they are erased when you exit and restart your web browser. This makes
- profiling cookies useless, but won't break sites which require cookies so
- that you can log in for transactions. This is generally turned on for all
- sites, and is the recommended setting.
- </P
-><P
-> <SPAN
-CLASS="QUOTE"
->"+prevent-*-cookies"</SPAN
-> actions should be turned off as well (see
- below), for <SPAN
-CLASS="QUOTE"
->"+session-cookies-only"</SPAN
-> to work. Or, else no cookies
- will get through at all. For, <SPAN
-CLASS="QUOTE"
->"persistent"</SPAN
-> cookies that survive
- across browser sessions, see below as well.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="PREVENT-READING-COOKIES"
->9.5.16. <I
-CLASS="EMPHASIS"
->+prevent-reading-cookies</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Explicitly prevent the web server from reading any cookies on your
- system.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+prevent-reading-cookies}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Often used in conjunction with <SPAN
-CLASS="QUOTE"
->"+prevent-setting-cookies"</SPAN
-> to
- disable cookies completely. Note that
- <A
-HREF="actions-file.html#SESSION-COOKIES-ONLY"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+session-cookies-only"</SPAN
-></A
->
- requires these to both be disabled (or else it never gets any cookies to cache).
- </P
-><P
-> For <SPAN
-CLASS="QUOTE"
->"persistent"</SPAN
-> cookies to work (i.e. they survive across browser
- sessions and reboots), all three cookie settings should be <SPAN
-CLASS="QUOTE"
->"off"</SPAN
->
- for the specified sites.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="PREVENT-SETTING-COOKIES"
->9.5.17. <I
-CLASS="EMPHASIS"
->+prevent-setting-cookies</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Explicitly block the web server from storing cookies on your
- system.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+prevent-setting-cookies}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Often used in conjunction with <SPAN
-CLASS="QUOTE"
->"+prevent-reading-cookies"</SPAN
-> to
- disable cookies completely (see above).
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="KILL-POPUP"
->9.5.18. <I
-CLASS="EMPHASIS"
->+kill-popups<A
-NAME="KILL-POPUPS"
-></A
-></I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Stop those annoying JavaScript pop-up windows!
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+kill-popups}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> <SPAN
-CLASS="QUOTE"
->"+kill-popups"</SPAN
-> uses a built in filter to disable pop-ups
- that use the <TT
-CLASS="LITERAL"
->window.open()</TT
-> function, etc. This is
- one of the first actions processed by <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- as it contacts the remote web server. This action is not always 100% reliable,
- and is supplemented by <SPAN
-CLASS="QUOTE"
->"+filter{<I
-CLASS="EMPHASIS"
->popups</I
->}"</SPAN
->.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="SEND-VANILLA-WAFER"
->9.5.19. <I
-CLASS="EMPHASIS"
->+send-vanilla-wafer</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Sends a cookie for every site stating that you do not accept any copyright
- on cookies sent to you, and asking them not to track you.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+send-vanilla-wafer}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This action only applies if you are using a <TT
-CLASS="FILENAME"
->jarfile</TT
->
- for saving cookies. Of course, this is a (relatively) unique header and
- could conceivably be used to track you.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="SEND-WAFER"
->9.5.20. <I
-CLASS="EMPHASIS"
->+send-wafer</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Multi-value.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> This allows you to send an arbitrary, user definable cookie.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> User specified cookie name and corresponding value.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+send-wafer{name=value}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This can be specified multiple times in order to add as many cookies as you
- like.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN2196"
->9.5.21. Summary</A
-></H3
-><P
-> Note that many of these actions have the potential to cause a page to
- misbehave, possibly even not to display at all. There are many ways
- a site designer may choose to design his site, and what HTTP header
- content, and other criteria, he may depend on. There is no way to have hard
- and fast rules for all sites. See the <A
-HREF="appendix.html#ACTIONSANAT"
->Appendix</A
-> for a brief example on troubleshooting
- actions.</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H2
-CLASS="SECT3"
-><A
-NAME="ACT-EXAMPLES"
->9.5.22. Sample Actions Files</A
-></H2
-><P
-> Remember that the meaning of any of the above references is reversed by preceding
- the action with a <SPAN
-CLASS="QUOTE"
->"-"</SPAN
->, in place of the <SPAN
-CLASS="QUOTE"
->"+"</SPAN
->. Also,
- that some actions are turned on in the default section of the actions file,
- and require little to no additional configuration. These are just <SPAN
-CLASS="QUOTE"
->"on"</SPAN
->.</P
-><P
-> But, other actions that are turned on in the default section <I
-CLASS="EMPHASIS"
->do
- typically require</I
-> exceptions to be listed in the latter sections of
- one of our actions file. For instance, by default no URLs are
- <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
-> (i.e. in the default definitions of
- <TT
-CLASS="FILENAME"
->default.action</TT
->). We need exceptions to this in order to
- <I
-CLASS="EMPHASIS"
->enable</I
-> ad blocking in the lower sections. But we need to
- be very selective about what we do block. Thus, the default is <SPAN
-CLASS="QUOTE"
->"off"</SPAN
->
- for blocking.</P
-><P
-> Below is a liberally commented sample <TT
-CLASS="FILENAME"
->default.action</TT
-> file
- to demonstrate how all the pieces come together. And to show how exceptions
- to the default policies can be handled. This is followed by a brief
- <TT
-CLASS="FILENAME"
->user.action</TT
-> with similar examples.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-># Sample default.action file <developers@privoxy.org><br>
-<br>
-# Settings -- Don't change! For internal Privoxy use ONLY.<br>
-{{settings}}<br>
-for-privoxy-version=3.0<br>
-<br>
-<br>
-##########################################################################<br>
-# <A
-HREF="actions-file.html#ALIASES"
-TARGET="_top"
->Aliases</A
-> must be defined *before* they are used. These are<br>
-# easier to remember, and can combine several actions into one. Once <br>
-# defined they can be used just like any built-in action -- but within <br>
-# this file only! Aliases do not require a + or - sign.<br>
-##########################################################################<br>
-<br>
-# Some useful aliases.<br>
-# Alias to turn off cookie handling, ie allow all cookies unmolested.<br>
- -prevent-cookies = -prevent-setting-cookies -prevent-reading-cookies \<br>
- -session-cookies-only<br>
-<br>
-# Alias to both block and treat as if an image for ad blocking<br>
-# purposes.<br>
- +imageblock = +block +handle-as-image<br>
-<br>
-# Fragile sites should have the minimum changes:<br>
- fragile = -block -deanimate-gifs -fast-redirects -filter -hide-referer \<br>
- -prevent-cookies -kill-popups<br>
-<br>
-# Shops should be allowed to set persistent cookies<br>
- shop = -filter -prevent-cookies -session-cookies-only<br>
-<br>
-<br>
-##########################################################################<br>
-# Begin default action settings. Anything in this section will match <br>
-# all URLs -- UNLESS we have exceptions that also match, defined below this <br>
-# section. We will show all potential actions here whether they are on <br>
-# or off. We could omit any disabled action if we wanted, since all <br>
-# actions are 'off' by default anyway. Shown for completeness only.<br>
-# Actions are enabled if preceded by a '+', otherwise they are disabled <br>
-# (unless an alias has been defined without this).<br>
-##########################################################################<br>
- { \<br>
- <A
-HREF="actions-file.html#ADD-HEADER"
-TARGET="_top"
->-add-header</A
-> \<br>
- <A
-HREF="actions-file.html#BLOCK"
-TARGET="_top"
->-block</A
-> \<br>
- <A
-HREF="actions-file.html#DEANIMATE-GIFS"
-TARGET="_top"
->-deanimate-gifs</A
-> \<br>
- <A
-HREF="actions-file.html#DOWNGRADE-HTTP-VERSION"
-TARGET="_top"
->-downgrade-http-version</A
-> \<br>
- <A
-HREF="actions-file.html#FAST-REDIRECTS"
-TARGET="_top"
->+fast-redirects</A
-> \<br>
- <A
-HREF="actions-file.html#FILTER-HTML-ANNOYANCES"
-TARGET="_top"
->+filter{html-annoyances}</A
-> \<br>
- <A
-HREF="actions-file.html#FILTER-JS-ANNOYANCES"
-TARGET="_top"
->+filter{js-annoyances}</A
-> \<br>
- <A
-HREF="actions-file.html#FILTER-CONTENT-COOKIES"
-TARGET="_top"
->-filter{content-cookies}</A
-> \<br>
- <A
-HREF="actions-file.html#FILTER-POPUPS"
-TARGET="_top"
->-filter{popups}</A
-> \<br>
- <A
-HREF="actions-file.html#FILTER-WEBBUGS"
-TARGET="_top"
->+filter{webbugs}</A
-> \<br>
- <A
-HREF="actions-file.html#FILTER-REFRESH-TAGS"
-TARGET="_top"
->-filter{refresh-tags}</A
-> \<br>
- <A
-HREF="actions-file.html#FILTER-FUN"
-TARGET="_top"
->-filter{fun}</A
-> \<br>
- <A
-HREF="actions-file.html#FILTER-NIMDA"
-TARGET="_top"
->+filter{nimda}</A
-> \<br>
- <A
-HREF="actions-file.html#FILTER-BANNERS-BY-SIZE"
-TARGET="_top"
->+filter{banners-by-size}</A
-> \<br>
- <A
-HREF="actions-file.html#FILTER-SHOCKWAVE-FLASH"
-TARGET="_top"
->-filter{shockwave-flash}</A
-> \<br>
- <A
-HREF="actions-file.html#FILTER-CRUDE-PARENTAL"
-TARGET="_top"
->-filter{crude-prental}</A
-> \<br>
- <A
-HREF="actions-file.html#HIDE-FORWARDED-FOR-HEADERS"
-TARGET="_top"
->+hide-forwarded-for-headers</A
-> \<br>
- <A
-HREF="actions-file.html#HIDE-FROM-HEADER"
-TARGET="_top"
->+hide-from-header{block}</A
-> \<br>
- <A
-HREF="actions-file.html#HIDE-REFERER"
-TARGET="_top"
->-hide-referrer</A
-> \<br>
- <A
-HREF="actions-file.html#HIDE-USER-AGENT"
-TARGET="_top"
->-hide-user-agent</A
-> \<br>
- <A
-HREF="actions-file.html#HANDLE-AS-IMAGE"
-TARGET="_top"
->-handle-as-image</A
-> \<br>
- <A
-HREF="actions-file.html#SET-IMAGE-BLOCKER"
-TARGET="_top"
->+set-image-blocker{pattern}</A
-> \<br>
- <A
-HREF="actions-file.html#LIMIT-CONNECT"
-TARGET="_top"
->-limit-connect</A
-> \<br>
- <A
-HREF="actions-file.html#PREVENT-COMPRESSION"
-TARGET="_top"
->+prevent-compression</A
-> \<br>
- <A
-HREF="actions-file.html#SESSION-COOKIES-ONLY"
-TARGET="_top"
->-session-cookies-only</A
-> \<br>
- <A
-HREF="actions-file.html#PREVENT-READING-COOKIES"
-TARGET="_top"
->-prevent-reading-cookies</A
-> \<br>
- <A
-HREF="actions-file.html#PREVENT-SETTING-COOKIES"
-TARGET="_top"
->-prevent-setting-cookies</A
-> \<br>
- <A
-HREF="actions-file.html#KILL-POPUPS"
-TARGET="_top"
->-kill-popups</A
-> \<br>
- <A
-HREF="actions-file.html#SEND-VANILLA-WAFER"
-TARGET="_top"
->-send-vanilla-wafer</A
-> \<br>
- <A
-HREF="actions-file.html#SEND-WAFER"
-TARGET="_top"
->-send-wafer</A
-> \<br>
- }<br>
- / # forward slash will match *all* potential URL patterns. <br>
-<br>
-##########################################################################<br>
-# Default behavior is now set. Now we will define some exceptions to our <br>
-# default action policies.<br>
-##########################################################################<br>
-<br>
-# These sites are very complex and require very minimal interference.<br>
-# We'll disable most actions with our 'fragile' alias:<br>
- { fragile }<br>
- .office.microsoft.com # surprise, surprise!<br>
- .windowsupdate.microsoft.com<br>
-<br>
-<br>
-# Shopping sites - not as fragile but require some special <br>
-# handling. We still want to block ads, and we will allow <br>
-# persistant cookies via the 'shop' alias:<br>
- { shop }<br>
- .quietpc.com <br>
- .worldpay.com # for quietpc.com<br>
- .jungle.com<br>
- .scan.co.uk<br>
-<br>
-<br>
-# These sites require pop-ups too :( We'll combine our 'shop' <br>
-# alias with two other actions into one rule to allow all popups.<br>
- { shop <A
-HREF="actions-file.html#KILL-POPUPS"
-TARGET="_top"
->-kill-popups</A
-> <A
-HREF="actions-file.html#FILTER-POPUPS"
-TARGET="_top"
->-filter{popups}</A
-> }<br>
- .dabs.com<br>
- .overclockers.co.uk<br>
-<br>
-<br>
-# The 'Fast-redirects' action breaks some sites. Disable this action<br>
-# for these known sensitive sites:<br>
- { <A
-HREF="actions-file.html#FAST-REDIRECTS"
-TARGET="_top"
->-fast-redirects</A
-> }<br>
- login.yahoo.com<br>
- edit.europe.yahoo.com<br>
- .google.com<br>
- .altavista.com/.*(like|url|link):http<br>
- .altavista.com/trans.*urltext=http<br>
- .nytimes.com<br>
-<br>
-<br>
-# Define which file types will be treated as images. Important<br>
-# for ad blocking.<br>
- { <A
-HREF="actions-file.html#HANDLE-AS-IMAGE"
-TARGET="_top"
->+handle-as-image</A
-> }<br>
- /.*\.(gif|jpe?g|png|bmp|ico)<br>
-<br>
-<br>
-# Now lets list some domains that are known ad generators. And<br>
-# our alias that we use here will block these as well as force <br>
-# them to be treated as images. This combination of actions is <br>
-# important for ad blocking. What the browser will show instead is <br>
-# determined by the setting of <A
-HREF="actions-file.html#SET-IMAGE-BLOCKER"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+set-image-blocker"</SPAN
-></A
-><br>
- { +imageblock }<br>
- ar.atwola.com <br>
- .ad.doubleclick.net<br>
- .a.yimg.com/(?:(?!/i/).)*$<br>
- .a[0-9].yimg.com/(?:(?!/i/).)*$<br>
- bs*.gsanet.com<br>
- bs*.einets.com<br>
- .qkimg.net<br>
- ad.*.doubleclick.net<br>
-<br>
-<br>
-# These will just simply be blocked. They will generate the BLOCKED<br>
-# banner page, if matched. Heavy use of wildcards and regular <br>
-# expressions in this example. Enable block action:<br>
- { <A
-HREF="actions-file.html#BLOCK"
-TARGET="_top"
->+block</A
-> }<br>
- ad*.<br>
- .*ads.<br>
- banner?.<br>
- count*.<br>
- /.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?)<br>
- /(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/<br>
- .hitbox.com <br>
-<br>
-<br>
-# The above block section will probably inadvertantly catch some <br>
-# sites we DO NOT want blocked via the wildcards and regular expressions. <br>
-# Now let's set exceptions to the exceptions so the good guys get better <br>
-# treatment. Disable block action:<br>
- { <A
-HREF="actions-file.html#BLOCK"
-TARGET="_top"
->-block</A
-> }<br>
- advogato.org<br>
- adsl.<br>
- ad[ud]*.<br>
- advice.<br>
-# Let's just trust all .edu top level domains.<br>
- .edu<br>
- www.ugu.com/sui/ugu/adv<br>
-# We'll need to access to path names containing 'download' <br>
- .*downloads.<br>
- /downloads/<br>
-# 'adv' is for globalintersec and means advanced, not advertisement<br>
- www.globalintersec.com/adv<br>
-<br>
-<br>
-# Don't filter *anything* from our friends at sourceforge.<br>
-# Notice we don't have to name the individual filter <br>
-# identifiers -- we just turn them all off in one fell swoop.<br>
-# Disable all filters for this one site:<br>
- { <A
-HREF="actions-file.html#FILTER"
-TARGET="_top"
->-filter</A
-> }<br>
- .sourceforge.net<br>
- </P
->
- </TT
-></P
-><P
-> So far we are painting with a broad brush by setting general policies.
- The above would be a reasonable starting point for many situations. Now,
- we want to be more specific and have customized rules that are more suitable
- to our personal habits and preferences. These would be for narrowly defined
- situations like your ISP or your bank, and should be placed in
- <TT
-CLASS="FILENAME"
->user.action</TT
->, which is parsed after all other
- actions files and should not be clobbered by upgrades. So any settings here,
- will have the last word and over-ride any previously defined actions.</P
-><P
-> Now a few examples of some things that one might do with a
- <TT
-CLASS="FILENAME"
->user.action</TT
-> file. </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-># Sample user.action file.<br>
-<br>
-# Any aliases you want to use need to be re-defined here.<br>
-# Alias to turn off cookie handling, ie allow all cookies unmolested.<br>
- -prevent-cookies = -prevent-setting-cookies -prevent-reading-cookies \<br>
- -session-cookies-only<br>
-<br>
-# Fragile sites should have the minimum changes:<br>
- fragile = -block -deanimate-gifs -fast-redirects -filter -hide-referer \<br>
- -prevent-cookies -kill-popups<br>
-<br>
-# Allow persistent cookies for a few regular sites that we <br>
-# trust via our above alias. These will be saved from one browser session <br>
-# to the next. We are explicity turning off any and all cookie handling, <br>
-# even though the prevent-*-cookie settings were disabled in our above <br>
-# default.action anyway. So cookies from these domains will come through <br>
-# unmolested.<br>
- { -prevent-cookies }<br>
- .sun.com<br>
- .yahoo.com<br>
- .msdn.microsoft.com<br>
- .redhat.com<br>
-<br>
-<br>
-# My ISP uses obnoxious self promoting images on many pages.<br>
-# Nuke them :) Note that <A
-HREF="actions-file.html#HANDLE-AS-IMAGE"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+handle-as-image"</SPAN
-></A
-> need not be specified,<br>
-# since all URLs ending in .gif will be tagged as images by the<br>
-# general rules in default.action anyway.<br>
- { <A
-HREF="actions-file.html#BLOCK"
-TARGET="_top"
->+block</A
-> }<br>
- www.my-isp-example.com/logo[0-9].gif<br>
-<br>
-# Say the site where you do your homebanking needs to open<br>
-# popup windows, but you have chosen to kill popups by<br>
-# default. This will allow it for your-example-bank.com:<br>
-#<br>
- { <A
-HREF="actions-file.html#FILTER-POPUPS"
-TARGET="_top"
->-filter{popups}</A
-> <A
-HREF="actions-file.html#KILL-POPUPS"
-TARGET="_top"
->-kill-popups</A
-> }<br>
- .my-example-bank.com<br>
-<br>
-# This site is delicate, and requires kid-glove <br>
-# treatment.<br>
- { fragile }<br>
- .forbes.com<br>
- </P
->
- </TT
-></P
-></DIV
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="ALIASES"
->9.6. Aliases</A
-></H2
-><P
-> Custom <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
->, known to <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- as <SPAN
-CLASS="QUOTE"
->"aliases"</SPAN
->, can be defined by combining other <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
->.
- These can in turn be invoked just like the built-in <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
->.
- Currently, an alias can contain any character except space, tab, <SPAN
-CLASS="QUOTE"
->"="</SPAN
->,
- <SPAN
-CLASS="QUOTE"
->"{"</SPAN
-> or <SPAN
-CLASS="QUOTE"
->"}"</SPAN
->. But please use only <SPAN
-CLASS="QUOTE"
->"a"</SPAN
->-
- <SPAN
-CLASS="QUOTE"
->"z"</SPAN
->, <SPAN
-CLASS="QUOTE"
->"0"</SPAN
->-<SPAN
-CLASS="QUOTE"
->"9"</SPAN
->, <SPAN
-CLASS="QUOTE"
->"+"</SPAN
->, and
- <SPAN
-CLASS="QUOTE"
->"-"</SPAN
->. Alias names are not case sensitive, and
- <I
-CLASS="EMPHASIS"
->must be defined before other actions</I
-> in the
- actions file! And there can only be one set of <SPAN
-CLASS="QUOTE"
->"aliases"</SPAN
->
- defined per file. Each actions file may have its own aliases, but they are
- only visible within that file. Aliases do not requir a <SPAN
-CLASS="QUOTE"
->"+"</SPAN
-> or
- <SPAN
-CLASS="QUOTE"
->"-"</SPAN
-> sign in front, since they are merely expanded.</P
-><P
-> Now let's define a few aliases:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Useful custom aliases we can use later. These must come first!<br>
- {{alias}}<br>
- +prevent-cookies = +prevent-setting-cookies +prevent-reading-cookies<br>
- -prevent-cookies = -prevent-setting-cookies -prevent-reading-cookies<br>
- fragile = -block -prevent-cookies -filter -fast-redirects -hide-referer -kill-popups<br>
- shop = -prevent-cookies -filter -fast-redirects<br>
- +imageblock = +block +handle-as-image<br>
-<br>
- # Aliases defined from other aliases, for people who don't like to type <br>
- # too much: ;-)<br>
- c0 = +prevent-cookies<br>
- c1 = -prevent-cookies<br>
- #... etc. Customize to your heart's content.<br>
- </P
->
- </TT
-></P
-><P
-> Some examples using our <SPAN
-CLASS="QUOTE"
->"shop"</SPAN
-> and <SPAN
-CLASS="QUOTE"
->"fragile"</SPAN
->
- aliases from above. These would appear in the lower sections of an
- actions file as exceptions to the default actions (as defined in the
- upper section):</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # These sites are very complex and require<br>
- # minimal interference.<br>
- {fragile}<br>
- .office.microsoft.com<br>
- .windowsupdate.microsoft.com<br>
- .nytimes.com<br>
-<br>
- # Shopping sites - but we still want to block ads.<br>
- {shop}<br>
- .quietpc.com<br>
- .worldpay.com # for quietpc.com<br>
- .scan.co.uk<br>
-<br>
- # These shops require pop-ups also <br>
- {shop -kill-popups}<br>
- .dabs.com<br>
- .overclockers.co.uk<br>
- </P
->
- </TT
-></P
-><P
-> The <SPAN
-CLASS="QUOTE"
->"shop"</SPAN
-> and <SPAN
-CLASS="QUOTE"
->"fragile"</SPAN
-> aliases are often used for
- <SPAN
-CLASS="QUOTE"
->"problem"</SPAN
-> sites that require most actions to be disabled
- in order to function properly. </P
-></DIV
-></DIV
-><DIV
-CLASS="NAVFOOTER"
-><HR
-ALIGN="LEFT"
-WIDTH="100%"><TABLE
-WIDTH="100%"
-BORDER="0"
-CELLPADDING="0"
-CELLSPACING="0"
-><TR
-><TD
-WIDTH="33%"
-ALIGN="left"
-VALIGN="top"
-><A
-HREF="config.html"
->Prev</A
-></TD
-><TD
-WIDTH="34%"
-ALIGN="center"
-VALIGN="top"
-><A
-HREF="index.html"
->Home</A
-></TD
-><TD
-WIDTH="33%"
-ALIGN="right"
-VALIGN="top"
-><A
-HREF="filter-file.html"
->Next</A
-></TD
-></TR
-><TR
-><TD
-WIDTH="33%"
-ALIGN="left"
-VALIGN="top"
->The Main Configuration File</TD
-><TD
-WIDTH="34%"
-ALIGN="center"
-VALIGN="top"
-> </TD
-><TD
-WIDTH="33%"
-ALIGN="right"
-VALIGN="top"
->The Filter File</TD
-></TR
-></TABLE
-></DIV
-></BODY
-></HTML
->
\ No newline at end of file
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01
+Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<html>
+ <head>
+ <title>
+ Actions Files
+ </title>
+ <meta name="GENERATOR" content=
+ "Modular DocBook HTML Stylesheet Version 1.79">
+ <link rel="HOME" title="Privoxy 3.0.25 User Manual" href="index.html">
+ <link rel="PREVIOUS" title="The Main Configuration File" href=
+ "config.html">
+ <link rel="NEXT" title="Filter Files" href="filter-file.html">
+ <link rel="STYLESHEET" type="text/css" href="../p_doc.css">
+ <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+ <link rel="STYLESHEET" type="text/css" href="p_doc.css">
+ </head>
+ <body class="SECT1" bgcolor="#EEEEEE" text="#000000" link="#0000FF" vlink=
+ "#840084" alink="#0000FF">
+ <div class="NAVHEADER">
+ <table summary="Header navigation table" width="100%" border="0"
+ cellpadding="0" cellspacing="0">
+ <tr>
+ <th colspan="3" align="center">
+ Privoxy 3.0.25 User Manual
+ </th>
+ </tr>
+ <tr>
+ <td width="10%" align="left" valign="bottom">
+ <a href="config.html" accesskey="P">Prev</a>
+ </td>
+ <td width="80%" align="center" valign="bottom">
+ </td>
+ <td width="10%" align="right" valign="bottom">
+ <a href="filter-file.html" accesskey="N">Next</a>
+ </td>
+ </tr>
+ </table>
+ <hr align="LEFT" width="100%">
+ </div>
+ <div class="SECT1">
+ <h1 class="SECT1">
+ <a name="ACTIONS-FILE">8. Actions Files</a>
+ </h1>
+ <p>
+ The actions files are used to define what <span class="emphasis"><i
+ class="EMPHASIS">actions</i></span> <span class=
+ "APPLICATION">Privoxy</span> takes for which URLs, and thus
+ determines how ad images, cookies and various other aspects of HTTP
+ content and transactions are handled, and on which sites (or even
+ parts thereof). There are a number of such actions, with a wide range
+ of functionality. Each action does something a little different.
+ These actions give us a veritable arsenal of tools with which to
+ exert our control, preferences and independence. Actions can be
+ combined so that their effects are aggregated when applied against a
+ given set of URLs.
+ </p>
+ <p>
+ There are three action files included with <span class=
+ "APPLICATION">Privoxy</span> with differing purposes:
+ </p>
+ <p>
+ </p>
+ <ul>
+ <li>
+ <p>
+ <tt class="FILENAME">match-all.action</tt> - is used to define
+ which <span class="QUOTE">"actions"</span> relating to
+ banner-blocking, images, pop-ups, content modification, cookie
+ handling etc should be applied by default. It should be the first
+ actions file loaded
+ </p>
+ </li>
+ <li>
+ <p>
+ <tt class="FILENAME">default.action</tt> - defines many
+ exceptions (both positive and negative) from the default set of
+ actions that's configured in <tt class=
+ "FILENAME">match-all.action</tt>. It is a set of rules that
+ should work reasonably well as-is for most users. This file is
+ only supposed to be edited by the developers. It should be the
+ second actions file loaded.
+ </p>
+ </li>
+ <li>
+ <p>
+ <tt class="FILENAME">user.action</tt> - is intended to be for
+ local site preferences and exceptions. As an example, if your ISP
+ or your bank has specific requirements, and need special
+ handling, this kind of thing should go here. This file will not
+ be upgraded.
+ </p>
+ </li>
+ <li>
+ <p>
+ <span class="GUIBUTTON">Edit</span> <span class="GUIBUTTON">Set
+ to Cautious</span> <span class="GUIBUTTON">Set to Medium</span>
+ <span class="GUIBUTTON">Set to Advanced</span>
+ </p>
+ <p>
+ These have increasing levels of aggressiveness <span class=
+ "emphasis"><i class="EMPHASIS">and have no influence on your
+ browsing unless you select them explicitly in the
+ editor</i></span>. A default installation should be pre-set to
+ <tt class="LITERAL">Cautious</tt>. New users should try this for
+ a while before adjusting the settings to more aggressive levels.
+ The more aggressive the settings, then the more likelihood there
+ is of problems such as sites not working as they should.
+ </p>
+ <p>
+ The <span class="GUIBUTTON">Edit</span> button allows you to turn
+ each action on/off individually for fine-tuning. The <span class=
+ "GUIBUTTON">Cautious</span> button changes the actions list to
+ low/safe settings which will activate ad blocking and a minimal
+ set of <span class="APPLICATION">Privoxy</span>'s features, and
+ subsequently there will be less of a chance for accidental
+ problems. The <span class="GUIBUTTON">Medium</span> button sets
+ the list to a medium level of other features and a low level set
+ of privacy features. The <span class="GUIBUTTON">Advanced</span>
+ button sets the list to a high level of ad blocking and medium
+ level of privacy. See the chart below. The latter three buttons
+ over-ride any changes via with the <span class=
+ "GUIBUTTON">Edit</span> button. More fine-tuning can be done in
+ the lower sections of this internal page.
+ </p>
+ <p>
+ While the actions file editor allows to enable these settings in
+ all actions files, they are only supposed to be enabled in the
+ first one to make sure you don't unintentionally overrule earlier
+ rules.
+ </p>
+ <p>
+ The default profiles, and their associated actions, as
+ pre-defined in <tt class="FILENAME">default.action</tt> are:
+ </p>
+ <p>
+ </p>
+ <div class="TABLE">
+ <a name="AEN2750"></a>
+ <p>
+ <b>Table 1. Default Configurations</b>
+ </p>
+ <table border="1" frame="border" rules="all" class="CALSTABLE">
+ <col width="1*" title="C1">
+ <col width="1*" title="C2">
+ <col width="1*" title="C3">
+ <col width="1*" title="C4">
+ <thead>
+ <tr>
+ <th>
+ Feature
+ </th>
+ <th>
+ Cautious
+ </th>
+ <th>
+ Medium
+ </th>
+ <th>
+ Advanced
+ </th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td>
+ Ad-blocking Aggressiveness
+ </td>
+ <td>
+ medium
+ </td>
+ <td>
+ high
+ </td>
+ <td>
+ high
+ </td>
+ </tr>
+ <tr>
+ <td>
+ Ad-filtering by size
+ </td>
+ <td>
+ no
+ </td>
+ <td>
+ yes
+ </td>
+ <td>
+ yes
+ </td>
+ </tr>
+ <tr>
+ <td>
+ Ad-filtering by link
+ </td>
+ <td>
+ no
+ </td>
+ <td>
+ no
+ </td>
+ <td>
+ yes
+ </td>
+ </tr>
+ <tr>
+ <td>
+ Pop-up killing
+ </td>
+ <td>
+ blocks only
+ </td>
+ <td>
+ blocks only
+ </td>
+ <td>
+ blocks only
+ </td>
+ </tr>
+ <tr>
+ <td>
+ Privacy Features
+ </td>
+ <td>
+ low
+ </td>
+ <td>
+ medium
+ </td>
+ <td>
+ medium/high
+ </td>
+ </tr>
+ <tr>
+ <td>
+ Cookie handling
+ </td>
+ <td>
+ none
+ </td>
+ <td>
+ session-only
+ </td>
+ <td>
+ kill
+ </td>
+ </tr>
+ <tr>
+ <td>
+ Referer forging
+ </td>
+ <td>
+ no
+ </td>
+ <td>
+ yes
+ </td>
+ <td>
+ yes
+ </td>
+ </tr>
+ <tr>
+ <td>
+ GIF de-animation
+ </td>
+ <td>
+ no
+ </td>
+ <td>
+ yes
+ </td>
+ <td>
+ yes
+ </td>
+ </tr>
+ <tr>
+ <td>
+ Fast redirects
+ </td>
+ <td>
+ no
+ </td>
+ <td>
+ no
+ </td>
+ <td>
+ yes
+ </td>
+ </tr>
+ <tr>
+ <td>
+ HTML taming
+ </td>
+ <td>
+ no
+ </td>
+ <td>
+ no
+ </td>
+ <td>
+ yes
+ </td>
+ </tr>
+ <tr>
+ <td>
+ JavaScript taming
+ </td>
+ <td>
+ no
+ </td>
+ <td>
+ no
+ </td>
+ <td>
+ yes
+ </td>
+ </tr>
+ <tr>
+ <td>
+ Web-bug killing
+ </td>
+ <td>
+ no
+ </td>
+ <td>
+ yes
+ </td>
+ <td>
+ yes
+ </td>
+ </tr>
+ <tr>
+ <td>
+ Image tag reordering
+ </td>
+ <td>
+ no
+ </td>
+ <td>
+ yes
+ </td>
+ <td>
+ yes
+ </td>
+ </tr>
+ </tbody>
+ </table>
+ </div>
+ </li>
+ </ul>
+
+ <p>
+ The list of actions files to be used are defined in the main
+ configuration file, and are processed in the order they are defined
+ (e.g. <tt class="FILENAME">default.action</tt> is typically processed
+ before <tt class="FILENAME">user.action</tt>). The content of these
+ can all be viewed and edited from <a href=
+ "http://config.privoxy.org/show-status" target=
+ "_top">http://config.privoxy.org/show-status</a>. The over-riding
+ principle when applying actions, is that the last action that matches
+ a given URL wins. The broadest, most general rules go first (defined
+ in <tt class="FILENAME">default.action</tt>), followed by any
+ exceptions (typically also in <tt class=
+ "FILENAME">default.action</tt>), which are then followed lastly by
+ any local preferences (typically in <span class="emphasis"><i class=
+ "EMPHASIS">user</i></span><tt class="FILENAME">.action</tt>).
+ Generally, <tt class="FILENAME">user.action</tt> has the last word.
+ </p>
+ <p>
+ An actions file typically has multiple sections. If you want to use
+ <span class="QUOTE">"aliases"</span> in an actions file, you have to
+ place the (optional) <a href="actions-file.html#ALIASES">alias
+ section</a> at the top of that file. Then comes the default set of
+ rules which will apply universally to all sites and pages (be <span
+ class="emphasis"><i class="EMPHASIS">very careful</i></span> with
+ using such a universal set in <tt class="FILENAME">user.action</tt>
+ or any other actions file after <tt class=
+ "FILENAME">default.action</tt>, because it will override the result
+ from consulting any previous file). And then below that, exceptions
+ to the defined universal policies. You can regard <tt class=
+ "FILENAME">user.action</tt> as an appendix to <tt class=
+ "FILENAME">default.action</tt>, with the advantage that it is a
+ separate file, which makes preserving your personal settings across
+ <span class="APPLICATION">Privoxy</span> upgrades easier.
+ </p>
+ <p>
+ Actions can be used to block anything you want, including ads,
+ banners, or just some obnoxious URL whose content you would rather
+ not see. Cookies can be accepted or rejected, or accepted only during
+ the current browser session (i.e. not written to disk), content can
+ be modified, some JavaScripts tamed, user-tracking fooled, and much
+ more. See below for a <a href="actions-file.html#ACTIONS">complete
+ list of actions</a>.
+ </p>
+ <div class="SECT2">
+ <h2 class="SECT2">
+ <a name="RIGHT-MIX">8.1. Finding the Right Mix</a>
+ </h2>
+ <p>
+ Note that some <a href="actions-file.html#ACTIONS">actions</a>,
+ like cookie suppression or script disabling, may render some sites
+ unusable that rely on these techniques to work properly. Finding
+ the right mix of actions is not always easy and certainly a matter
+ of personal taste. And, things can always change, requiring
+ refinements in the configuration. In general, it can be said that
+ the more <span class="QUOTE">"aggressive"</span> your default
+ settings (in the top section of the actions file) are, the more
+ exceptions for <span class="QUOTE">"trusted"</span> sites you will
+ have to make later. If, for example, you want to crunch all cookies
+ per default, you'll have to make exceptions from that rule for
+ sites that you regularly use and that require cookies for actually
+ useful purposes, like maybe your bank, favorite shop, or newspaper.
+ </p>
+ <p>
+ We have tried to provide you with reasonable rules to start from in
+ the distribution actions files. But there is no general rule of
+ thumb on these things. There just are too many variables, and sites
+ are constantly changing. Sooner or later you will want to change
+ the rules (and read this chapter again :).
+ </p>
+ </div>
+ <div class="SECT2">
+ <h2 class="SECT2">
+ <a name="HOW-TO-EDIT">8.2. How to Edit</a>
+ </h2>
+ <p>
+ The easiest way to edit the actions files is with a browser by
+ using our browser-based editor, which can be reached from <a href=
+ "http://config.privoxy.org/show-status" target=
+ "_top">http://config.privoxy.org/show-status</a>. Note: the config
+ file option <a href=
+ "config.html#ENABLE-EDIT-ACTIONS">enable-edit-actions</a> must be
+ enabled for this to work. The editor allows both fine-grained
+ control over every single feature on a per-URL basis, and easy
+ choosing from wholesale sets of defaults like <span class=
+ "QUOTE">"Cautious"</span>, <span class="QUOTE">"Medium"</span> or
+ <span class="QUOTE">"Advanced"</span>. Warning: the <span class=
+ "QUOTE">"Advanced"</span> setting is more aggressive, and will be
+ more likely to cause problems for some sites. Experienced users
+ only!
+ </p>
+ <p>
+ If you prefer plain text editing to GUIs, you can of course also
+ directly edit the the actions files with your favorite text editor.
+ Look at <tt class="FILENAME">default.action</tt> which is richly
+ commented with many good examples.
+ </p>
+ </div>
+ <div class="SECT2">
+ <h2 class="SECT2">
+ <a name="ACTIONS-APPLY">8.3. How Actions are Applied to
+ Requests</a>
+ </h2>
+ <p>
+ Actions files are divided into sections. There are special
+ sections, like the <span class="QUOTE">"<a href=
+ "actions-file.html#ALIASES">alias</a>"</span> sections which will
+ be discussed later. For now let's concentrate on regular sections:
+ They have a heading line (often split up to multiple lines for
+ readability) which consist of a list of actions, separated by
+ whitespace and enclosed in curly braces. Below that, there is a
+ list of URL and tag patterns, each on a separate line.
+ </p>
+ <p>
+ To determine which actions apply to a request, the URL of the
+ request is compared to all URL patterns in each <span class=
+ "QUOTE">"action file"</span>. Every time it matches, the list of
+ applicable actions for the request is incrementally updated, using
+ the heading of the section in which the pattern is located. The
+ same is done again for tags and tag patterns later on.
+ </p>
+ <p>
+ If multiple applying sections set the same action differently, the
+ last match wins. If not, the effects are aggregated. E.g. a URL
+ might match a regular section with a heading line of <tt class=
+ "LITERAL">{ +<a href=
+ "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a> }</tt>,
+ then later another one with just <tt class="LITERAL">{ +<a href=
+ "actions-file.html#BLOCK">block</a> }</tt>, resulting in <span
+ class="emphasis"><i class="EMPHASIS">both</i></span> actions to
+ apply. And there may well be cases where you will want to combine
+ actions together. Such a section then might look like:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+ { +<tt class="LITERAL">handle-as-image</tt> +<tt class=
+"LITERAL">block{Banner ads.}</tt> }
+ # Block these as if they were images. Send no block page.
+ banners.example.com
+ media.example.com/.*banners
+ .example.com/images/ads/
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ You can trace this process for URL patterns and any given URL by
+ visiting <a href="http://config.privoxy.org/show-url-info" target=
+ "_top">http://config.privoxy.org/show-url-info</a>.
+ </p>
+ <p>
+ Examples and more detail on this is provided in the Appendix, <a
+ href="appendix.html#ACTIONSANAT">Troubleshooting: Anatomy of an
+ Action</a> section.
+ </p>
+ </div>
+ <div class="SECT2">
+ <h2 class="SECT2">
+ <a name="AF-PATTERNS">8.4. Patterns</a>
+ </h2>
+ <p>
+ As mentioned, <span class="APPLICATION">Privoxy</span> uses <span
+ class="QUOTE">"patterns"</span> to determine what <span class=
+ "emphasis"><i class="EMPHASIS">actions</i></span> might apply to
+ which sites and pages your browser attempts to access. These <span
+ class="QUOTE">"patterns"</span> use wild card type <span class=
+ "emphasis"><i class="EMPHASIS">pattern</i></span> matching to
+ achieve a high degree of flexibility. This allows one expression to
+ be expanded and potentially match against many similar patterns.
+ </p>
+ <p>
+ Generally, an URL pattern has the form <tt class=
+ "LITERAL"><host><port>/<path></tt>, where the <tt
+ class="LITERAL"><host></tt>, the <tt class=
+ "LITERAL"><port></tt> and the <tt class=
+ "LITERAL"><path></tt> are optional. (This is why the special
+ <tt class="LITERAL">/</tt> pattern matches all URLs). Note that the
+ protocol portion of the URL pattern (e.g. <tt class=
+ "LITERAL">http://</tt>) should <span class="emphasis"><i class=
+ "EMPHASIS">not</i></span> be included in the pattern. This is
+ assumed already!
+ </p>
+ <p>
+ The pattern matching syntax is different for the host and path
+ parts of the URL. The host part uses a simple globbing type
+ matching technique, while the path part uses more flexible <a href=
+ "http://en.wikipedia.org/wiki/Regular_expressions" target=
+ "_top"><span class="QUOTE">"Regular Expressions"</span></a> (POSIX
+ 1003.2).
+ </p>
+ <p>
+ The port part of a pattern is a decimal port number preceded by a
+ colon (<tt class="LITERAL">:</tt>). If the host part contains a
+ numerical IPv6 address, it has to be put into angle brackets (<tt
+ class="LITERAL"><</tt>, <tt class="LITERAL">></tt>).
+ </p>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ <tt class="LITERAL">www.example.com/</tt>
+ </dt>
+ <dd>
+ <p>
+ is a host-only pattern and will match any request to <tt
+ class="LITERAL">www.example.com</tt>, regardless of which
+ document on that server is requested. So ALL pages in this
+ domain would be covered by the scope of this action. Note
+ that a simple <tt class="LITERAL">example.com</tt> is
+ different and would NOT match.
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL">www.example.com</tt>
+ </dt>
+ <dd>
+ <p>
+ means exactly the same. For host-only patterns, the trailing
+ <tt class="LITERAL">/</tt> may be omitted.
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL">www.example.com/index.html</tt>
+ </dt>
+ <dd>
+ <p>
+ matches all the documents on <tt class=
+ "LITERAL">www.example.com</tt> whose name starts with <tt
+ class="LITERAL">/index.html</tt>.
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL">www.example.com/index.html$</tt>
+ </dt>
+ <dd>
+ <p>
+ matches only the single document <tt class=
+ "LITERAL">/index.html</tt> on <tt class=
+ "LITERAL">www.example.com</tt>.
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL">/index.html$</tt>
+ </dt>
+ <dd>
+ <p>
+ matches the document <tt class="LITERAL">/index.html</tt>,
+ regardless of the domain, i.e. on <span class="emphasis"><i
+ class="EMPHASIS">any</i></span> web server anywhere.
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL">/</tt>
+ </dt>
+ <dd>
+ <p>
+ Matches any URL because there's no requirement for either the
+ domain or the path to match anything.
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL">:8000/</tt>
+ </dt>
+ <dd>
+ <p>
+ Matches any URL pointing to TCP port 8000.
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL">10.0.0.1/</tt>
+ </dt>
+ <dd>
+ <p>
+ Matches any URL with the host address <tt class=
+ "LITERAL">10.0.0.1</tt>. (Note that the real URL uses plain
+ brackets, not angle brackets.)
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL"><2001:db8::1>/</tt>
+ </dt>
+ <dd>
+ <p>
+ Matches any URL with the host address <tt class=
+ "LITERAL">2001:db8::1</tt>. (Note that the real URL uses
+ plain brackets, not angle brackets.)
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL">index.html</tt>
+ </dt>
+ <dd>
+ <p>
+ matches nothing, since it would be interpreted as a domain
+ name and there is no top-level domain called <tt class=
+ "LITERAL">.html</tt>. So its a mistake.
+ </p>
+ </dd>
+ </dl>
+ </div>
+ <div class="SECT3">
+ <h3 class="SECT3">
+ <a name="HOST-PATTERN">8.4.1. The Host Pattern</a>
+ </h3>
+ <p>
+ The matching of the host part offers some flexible options: if
+ the host pattern starts or ends with a dot, it becomes unanchored
+ at that end. The host pattern is often referred to as domain
+ pattern as it is usually used to match domain names and not IP
+ addresses. For example:
+ </p>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ <tt class="LITERAL">.example.com</tt>
+ </dt>
+ <dd>
+ <p>
+ matches any domain with first-level domain <tt class=
+ "LITERAL">com</tt> and second-level domain <tt class=
+ "LITERAL">example</tt>. For example <tt class=
+ "LITERAL">www.example.com</tt>, <tt class=
+ "LITERAL">example.com</tt> and <tt class=
+ "LITERAL">foo.bar.baz.example.com</tt>. Note that it
+ wouldn't match if the second-level domain was <tt class=
+ "LITERAL">another-example</tt>.
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL">www.</tt>
+ </dt>
+ <dd>
+ <p>
+ matches any domain that <span class="emphasis"><i class=
+ "EMPHASIS">STARTS</i></span> with <tt class=
+ "LITERAL">www.</tt> (It also matches the domain <tt class=
+ "LITERAL">www</tt> but most of the time that doesn't
+ matter.)
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL">.example.</tt>
+ </dt>
+ <dd>
+ <p>
+ matches any domain that <span class="emphasis"><i class=
+ "EMPHASIS">CONTAINS</i></span> <tt class=
+ "LITERAL">.example.</tt>. And, by the way, also included
+ would be any files or documents that exist within that
+ domain since no path limitations are specified. (Correctly
+ speaking: It matches any FQDN that contains <tt class=
+ "LITERAL">example</tt> as a domain.) This might be <tt
+ class="LITERAL">www.example.com</tt>, <tt class=
+ "LITERAL">news.example.de</tt>, or <tt class=
+ "LITERAL">www.example.net/cgi/testing.pl</tt> for instance.
+ All these cases are matched.
+ </p>
+ </dd>
+ </dl>
+ </div>
+ <p>
+ Additionally, there are wild-cards that you can use in the domain
+ names themselves. These work similarly to shell globbing type
+ wild-cards: <span class="QUOTE">"*"</span> represents zero or
+ more arbitrary characters (this is equivalent to the <a href=
+ "http://en.wikipedia.org/wiki/Regular_expressions" target=
+ "_top"><span class="QUOTE">"Regular Expression"</span></a> based
+ syntax of <span class="QUOTE">".*"</span>), <span class=
+ "QUOTE">"?"</span> represents any single character (this is
+ equivalent to the regular expression syntax of a simple <span
+ class="QUOTE">"."</span>), and you can define <span class=
+ "QUOTE">"character classes"</span> in square brackets which is
+ similar to the same regular expression technique. All of this can
+ be freely mixed:
+ </p>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ <tt class="LITERAL">ad*.example.com</tt>
+ </dt>
+ <dd>
+ <p>
+ matches <span class="QUOTE">"adserver.example.com"</span>,
+ <span class="QUOTE">"ads.example.com"</span>, etc but not
+ <span class="QUOTE">"sfads.example.com"</span>
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL">*ad*.example.com</tt>
+ </dt>
+ <dd>
+ <p>
+ matches all of the above, and then some.
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL">.?pix.com</tt>
+ </dt>
+ <dd>
+ <p>
+ matches <tt class="LITERAL">www.ipix.com</tt>, <tt class=
+ "LITERAL">pictures.epix.com</tt>, <tt class=
+ "LITERAL">a.b.c.d.e.upix.com</tt> etc.
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL">www[1-9a-ez].example.c*</tt>
+ </dt>
+ <dd>
+ <p>
+ matches <tt class="LITERAL">www1.example.com</tt>, <tt
+ class="LITERAL">www4.example.cc</tt>, <tt class=
+ "LITERAL">wwwd.example.cy</tt>, <tt class=
+ "LITERAL">wwwz.example.com</tt> etc., but <span class=
+ "emphasis"><i class="EMPHASIS">not</i></span> <tt class=
+ "LITERAL">wwww.example.com</tt>.
+ </p>
+ </dd>
+ </dl>
+ </div>
+ <p>
+ While flexible, this is not the sophistication of full regular
+ expression based syntax.
+ </p>
+ </div>
+ <div class="SECT3">
+ <h3 class="SECT3">
+ <a name="PATH-PATTERN">8.4.2. The Path Pattern</a>
+ </h3>
+ <p>
+ <span class="APPLICATION">Privoxy</span> uses <span class=
+ "QUOTE">"modern"</span> POSIX 1003.2 <a href=
+ "http://en.wikipedia.org/wiki/Regular_expressions" target=
+ "_top"><span class="QUOTE">"Regular Expressions"</span></a> for
+ matching the path portion (after the slash), and is thus more
+ flexible.
+ </p>
+ <p>
+ There is an <a href="appendix.html#REGEX">Appendix</a> with a
+ brief quick-start into regular expressions, you also might want
+ to have a look at your operating system's documentation on
+ regular expressions (try <tt class="LITERAL">man re_format</tt>).
+ </p>
+ <p>
+ Note that the path pattern is automatically left-anchored at the
+ <span class="QUOTE">"/"</span>, i.e. it matches as if it would
+ start with a <span class="QUOTE">"^"</span> (regular expression
+ speak for the beginning of a line).
+ </p>
+ <p>
+ Please also note that matching in the path is <span class=
+ "emphasis"><i class="EMPHASIS">CASE INSENSITIVE</i></span> by
+ default, but you can switch to case sensitive at any point in the
+ pattern by using the <span class="QUOTE">"(?-i)"</span> switch:
+ <tt class="LITERAL">www.example.com/(?-i)PaTtErN.*</tt> will
+ match only documents whose path starts with <tt class=
+ "LITERAL">PaTtErN</tt> in <span class="emphasis"><i class=
+ "EMPHASIS">exactly</i></span> this capitalization.
+ </p>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ <tt class="LITERAL">.example.com/.*</tt>
+ </dt>
+ <dd>
+ <p>
+ Is equivalent to just <span class=
+ "QUOTE">".example.com"</span>, since any documents within
+ that domain are matched with or without the <span class=
+ "QUOTE">".*"</span> regular expression. This is redundant
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL">.example.com/.*/index.html$</tt>
+ </dt>
+ <dd>
+ <p>
+ Will match any page in the domain of <span class=
+ "QUOTE">"example.com"</span> that is named <span class=
+ "QUOTE">"index.html"</span>, and that is part of some path.
+ For example, it matches <span class=
+ "QUOTE">"www.example.com/testing/index.html"</span> but NOT
+ <span class="QUOTE">"www.example.com/index.html"</span>
+ because the regular expression called for at least two
+ <span class="QUOTE">"/'s"</span>, thus the path
+ requirement. It also would match <span class=
+ "QUOTE">"www.example.com/testing/index_html"</span>,
+ because of the special meta-character <span class=
+ "QUOTE">"."</span>.
+ </p>
+ </dd>
+ <dt>
+ <tt class="LITERAL">.example.com/(.*/)?index\.html$</tt>
+ </dt>
+ <dd>
+ <p>
+ This regular expression is conditional so it will match any
+ page named <span class="QUOTE">"index.html"</span>
+ regardless of path which in this case can have one or more
+ <span class="QUOTE">"/'s"</span>. And this one must contain
+ exactly <span class="QUOTE">".html"</span> (but does not
+ have to end with that!).
+ </p>
+ </dd>
+ <dt>
+ <tt class=
+ "LITERAL">.example.com/(.*/)(ads|banners?|junk)</tt>
+ </dt>
+ <dd>
+ <p>
+ This regular expression will match any path of <span class=
+ "QUOTE">"example.com"</span> that contains any of the words
+ <span class="QUOTE">"ads"</span>, <span class=
+ "QUOTE">"banner"</span>, <span class=
+ "QUOTE">"banners"</span> (because of the <span class=
+ "QUOTE">"?"</span>) or <span class="QUOTE">"junk"</span>.
+ The path does not have to end in these words, just contain
+ them.
+ </p>
+ </dd>
+ <dt>
+ <tt class=
+ "LITERAL">.example.com/(.*/)(ads|banners?|junk)/.*\.(jpe?g|gif|png)$</tt>
+ </dt>
+ <dd>
+ <p>
+ This is very much the same as above, except now it must end
+ in either <span class="QUOTE">".jpg"</span>, <span class=
+ "QUOTE">".jpeg"</span>, <span class="QUOTE">".gif"</span>
+ or <span class="QUOTE">".png"</span>. So this one is
+ limited to common image formats.
+ </p>
+ </dd>
+ </dl>
+ </div>
+ <p>
+ There are many, many good examples to be found in <tt class=
+ "FILENAME">default.action</tt>, and more tutorials below in <a
+ href="appendix.html#REGEX">Appendix on regular expressions</a>.
+ </p>
+ </div>
+ <div class="SECT3">
+ <h3 class="SECT3">
+ <a name="TAG-PATTERN">8.4.3. The Request Tag Pattern</a>
+ </h3>
+ <p>
+ Request tag patterns are used to change the applying actions
+ based on the request's tags. Tags can be created based on HTTP
+ headers with either the <a href=
+ "actions-file.html#CLIENT-HEADER-TAGGER">client-header-tagger</a>
+ or the <a href=
+ "actions-file.html#SERVER-HEADER-TAGGER">server-header-tagger</a>
+ action.
+ </p>
+ <p>
+ Request tag patterns have to start with <span class=
+ "QUOTE">"TAG:"</span>, so <span class=
+ "APPLICATION">Privoxy</span> can tell them apart from other
+ patterns. Everything after the colon including white space, is
+ interpreted as a regular expression with path pattern syntax,
+ except that tag patterns aren't left-anchored automatically
+ (<span class="APPLICATION">Privoxy</span> doesn't silently add a
+ <span class="QUOTE">"^"</span>, you have to do it yourself if you
+ need it).
+ </p>
+ <p>
+ To match all requests that are tagged with <span class=
+ "QUOTE">"foo"</span> your pattern line should be <span class=
+ "QUOTE">"TAG:^foo$"</span>, <span class="QUOTE">"TAG:foo"</span>
+ would work as well, but it would also match requests whose tags
+ contain <span class="QUOTE">"foo"</span> somewhere. <span class=
+ "QUOTE">"TAG: foo"</span> wouldn't work as it requires white
+ space.
+ </p>
+ <p>
+ Sections can contain URL and request tag patterns at the same
+ time, but request tag patterns are checked after the URL patterns
+ and thus always overrule them, even if they are located before
+ the URL patterns.
+ </p>
+ <p>
+ Once a new request tag is added, Privoxy checks right away if
+ it's matched by one of the request tag patterns and updates the
+ action settings accordingly. As a result request tags can be used
+ to activate other tagger actions, as long as these other taggers
+ look for headers that haven't already be parsed.
+ </p>
+ <p>
+ For example you could tag client requests which use the <tt
+ class="LITERAL">POST</tt> method, then use this tag to activate
+ another tagger that adds a tag if cookies are sent, and then use
+ a block action based on the cookie tag. This allows the outcome
+ of one action, to be input into a subsequent action. However if
+ you'd reverse the position of the described taggers, and
+ activated the method tagger based on the cookie tagger, no method
+ tags would be created. The method tagger would look for the
+ request line, but at the time the cookie tag is created, the
+ request line has already been parsed.
+ </p>
+ <p>
+ While this is a limitation you should be aware of, this kind of
+ indirection is seldom needed anyway and even the example doesn't
+ make too much sense.
+ </p>
+ </div>
+ <div class="SECT3">
+ <h3 class="SECT3">
+ <a name="NEGATIVE-TAG-PATTERNS">8.4.4. The Negative Request Tag
+ Patterns</a>
+ </h3>
+ <p>
+ To match requests that do not have a certain request tag, specify
+ a negative tag pattern by prefixing the tag pattern line with
+ either <span class="QUOTE">"NO-REQUEST-TAG:"</span> or <span
+ class="QUOTE">"NO-RESPONSE-TAG:"</span> instead of <span class=
+ "QUOTE">"TAG:"</span>.
+ </p>
+ <p>
+ Negative request tag patterns created with <span class=
+ "QUOTE">"NO-REQUEST-TAG:"</span> are checked after all client
+ headers are scanned, the ones created with <span class=
+ "QUOTE">"NO-RESPONSE-TAG:"</span> are checked after all server
+ headers are scanned. In both cases all the created tags are
+ considered.
+ </p>
+ </div>
+ <div class="SECT3">
+ <h3 class="SECT3">
+ <a name="CLIENT-TAG-PATTERN">8.4.5. The Client Tag Pattern</a>
+ </h3>
+ <div class="WARNING">
+ <table class="WARNING" border="1" width="100%">
+ <tr>
+ <td align="CENTER">
+ <b>Warning</b>
+ </td>
+ </tr>
+ <tr>
+ <td align="LEFT">
+ <p>
+ This is an experimental feature. The syntax is likely to
+ change in future versions.
+ </p>
+ </td>
+ </tr>
+ </table>
+ </div>
+ <p>
+ Client tag patterns are not set based on HTTP headers but based
+ on the client's IP address. Users can enable them themselves, but
+ the Privoxy admin controls which tags are available and what
+ their effect is.
+ </p>
+ <p>
+ After a client-specific tag has been defined with the <a href=
+ "config.html#CLIENT-SPECIFIC-TAG">client-specific-tag</a>,
+ directive, action sections can be activated based on the tag by
+ using a CLIENT-TAG pattern. The CLIENT-TAG pattern is evaluated
+ at the same priority as URL patterns, as a result the last
+ matching pattern wins. Tags that are created based on client or
+ server headers are evaluated later on and can overrule CLIENT-TAG
+ and URL patterns!
+ </p>
+ <p>
+ The tag is set for all requests that come from clients that
+ requested it to be set. Note that "clients" are differentiated by
+ IP address, if the IP address changes the tag has to be requested
+ again.
+ </p>
+ <p>
+ Clients can request tags to be set by using the CGI interface <a
+ href="http://config.privoxy.org/client-tags" target=
+ "_top">http://config.privoxy.org/client-tags</a>.
+ </p>
+ <p>
+ Example:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# If the admin defined the client-specific-tag circumvent-blocks,
+# and the request comes from a client that previously requested
+# the tag to be set, overrule all previous +block actions that
+# are enabled based on URL to CLIENT-TAG patterns.
+{-block}
+CLIENT-TAG:^circumvent-blocks$
+
+# This section is not overruled because it's located after
+# the previous one.
+{+block{Nobody is supposed to request this.}}
+example.org/blocked-example-page
+</pre>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </div>
+ <div class="SECT2">
+ <h2 class="SECT2">
+ <a name="ACTIONS">8.5. Actions</a>
+ </h2>
+ <p>
+ All actions are disabled by default, until they are explicitly
+ enabled somewhere in an actions file. Actions are turned on if
+ preceded with a <span class="QUOTE">"+"</span>, and turned off if
+ preceded with a <span class="QUOTE">"-"</span>. So a <tt class=
+ "LITERAL">+action</tt> means <span class="QUOTE">"do that
+ action"</span>, e.g. <tt class="LITERAL">+block</tt> means <span
+ class="QUOTE">"please block URLs that match the following
+ patterns"</span>, and <tt class="LITERAL">-block</tt> means <span
+ class="QUOTE">"don't block URLs that match the following patterns,
+ even if <tt class="LITERAL">+block</tt> previously
+ applied."</span>
+ </p>
+ <p>
+ Again, actions are invoked by placing them on a line, enclosed in
+ curly braces and separated by whitespace, like in <tt class=
+ "LITERAL">{+some-action -some-other-action{some-parameter}}</tt>,
+ followed by a list of URL patterns, one per line, to which they
+ apply. Together, the actions line and the following pattern lines
+ make up a section of the actions file.
+ </p>
+ <p>
+ Actions fall into three categories:
+ </p>
+ <p>
+ </p>
+ <ul>
+ <li>
+ <p>
+ Boolean, i.e the action can only be <span class=
+ "QUOTE">"enabled"</span> or <span class=
+ "QUOTE">"disabled"</span>. Syntax:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+ +<tt class="REPLACEABLE"><i>name</i></tt> # enable action <tt class=
+"REPLACEABLE"><i>name</i></tt>
+ -<tt class="REPLACEABLE"><i>name</i></tt> # disable action <tt
+class="REPLACEABLE"><i>name</i></tt>
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ Example: <tt class="LITERAL">+handle-as-image</tt>
+ </p>
+ </li>
+ <li>
+ <p>
+ Parameterized, where some value is required in order to enable
+ this type of action. Syntax:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+ +<tt class="REPLACEABLE"><i>name</i></tt>{<tt class=
+"REPLACEABLE"><i>param</i></tt>} # enable action and set parameter to <tt
+class="REPLACEABLE"><i>param</i></tt>,
+ # overwriting parameter from previous match if necessary
+ -<tt class=
+"REPLACEABLE"><i>name</i></tt> # disable action. The parameter can be omitted
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ Note that if the URL matches multiple positive forms of a
+ parameterized action, the last match wins, i.e. the params from
+ earlier matches are simply ignored.
+ </p>
+ <p>
+ Example: <tt class="LITERAL">+hide-user-agent{Mozilla/5.0 (X11;
+ U; FreeBSD i386; en-US; rv:1.8.1.4) Gecko/20070602
+ Firefox/2.0.0.4}</tt>
+ </p>
+ </li>
+ <li>
+ <p>
+ Multi-value. These look exactly like parameterized actions, but
+ they behave differently: If the action applies multiple times
+ to the same URL, but with different parameters, <span class=
+ "emphasis"><i class="EMPHASIS">all</i></span> the parameters
+ from <span class="emphasis"><i class="EMPHASIS">all</i></span>
+ matches are remembered. This is used for actions that can be
+ executed for the same request repeatedly, like adding multiple
+ headers, or filtering through multiple filters. Syntax:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+ +<tt class="REPLACEABLE"><i>name</i></tt>{<tt class=
+"REPLACEABLE"><i>param</i></tt>} # enable action and add <tt class=
+"REPLACEABLE"><i>param</i></tt> to the list of parameters
+ -<tt class="REPLACEABLE"><i>name</i></tt>{<tt class=
+"REPLACEABLE"><i>param</i></tt>} # remove the parameter <tt class=
+"REPLACEABLE"><i>param</i></tt> from the list of parameters
+ # If it was the last one left, disable the action.
+ <tt class=
+"REPLACEABLE"><i>-name</i></tt> # disable this action completely and remove all parameters from the list
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ Examples: <tt class="LITERAL">+add-header{X-Fun-Header: Some
+ text}</tt> and <tt class=
+ "LITERAL">+filter{html-annoyances}</tt>
+ </p>
+ </li>
+ </ul>
+
+ <p>
+ If nothing is specified in any actions file, no <span class=
+ "QUOTE">"actions"</span> are taken. So in this case <span class=
+ "APPLICATION">Privoxy</span> would just be a normal, non-blocking,
+ non-filtering proxy. You must specifically enable the privacy and
+ blocking features you need (although the provided default actions
+ files will give a good starting point).
+ </p>
+ <p>
+ Later defined action sections always over-ride earlier ones of the
+ same type. So exceptions to any rules you make, should come in the
+ latter part of the file (or in a file that is processed later when
+ using multiple actions files such as <tt class=
+ "FILENAME">user.action</tt>). For multi-valued actions, the actions
+ are applied in the order they are specified. Actions files are
+ processed in the order they are defined in <tt class=
+ "FILENAME">config</tt> (the default installation has three actions
+ files). It also quite possible for any given URL to match more than
+ one <span class="QUOTE">"pattern"</span> (because of wildcards and
+ regular expressions), and thus to trigger more than one set of
+ actions! Last match wins.
+ </p>
+ <p>
+ The list of valid <span class="APPLICATION">Privoxy</span> actions
+ are:
+ </p>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="ADD-HEADER">8.5.1. add-header</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Confuse log analysis, custom applications
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Sends a user defined HTTP header to the web server.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Multi-value.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ Any string value is possible. Validity of the defined HTTP
+ headers is not checked. It is recommended that you use the
+ <span class="QUOTE">"<tt class="LITERAL">X-</tt>"</span>
+ prefix for custom headers.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ This action may be specified multiple times, in order to
+ define multiple headers. This is rarely needed for the
+ typical user. If you don't know what <span class=
+ "QUOTE">"HTTP headers"</span> are, you definitely don't
+ need to worry about this one.
+ </p>
+ <p>
+ Headers added by this action are not modified by other
+ actions.
+ </p>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Add a DNT ("Do not track") header to all requests,
+# event to those that already have one.
+#
+# This is just an example, not a recommendation.
+#
+# There is no reason to believe that user-tracking websites care
+# about the DNT header and depending on the User-Agent, adding the
+# header may make user-tracking easier.
+{+add-header{DNT: 1}}
+/
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="BLOCK">8.5.2. block</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Block ads or other unwanted content
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Requests for URLs to which this action applies are blocked,
+ i.e. the requests are trapped by <span class=
+ "APPLICATION">Privoxy</span> and the requested URL is never
+ retrieved, but is answered locally with a substitute page
+ or image, as determined by the <tt class="LITERAL"><a href=
+ "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt>,
+ <tt class="LITERAL"><a href=
+ "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a></tt>,
+ and <tt class="LITERAL"><a href=
+ "actions-file.html#HANDLE-AS-EMPTY-DOCUMENT">handle-as-empty-document</a></tt>
+ actions.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ A block reason that should be given to the user.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ <span class="APPLICATION">Privoxy</span> sends a special
+ <span class="QUOTE">"BLOCKED"</span> page for requests to
+ blocked pages. This page contains the block reason given as
+ parameter, a link to find out why the block action applies,
+ and a click-through to the blocked content (the latter only
+ if the force feature is available and enabled).
+ </p>
+ <p>
+ A very important exception occurs if <span class=
+ "emphasis"><i class="EMPHASIS">both</i></span> <tt class=
+ "LITERAL">block</tt> and <tt class="LITERAL"><a href=
+ "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt>,
+ apply to the same request: it will then be replaced by an
+ image. If <tt class="LITERAL"><a href=
+ "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a></tt>
+ (see below) also applies, the type of image will be
+ determined by its parameter, if not, the standard
+ checkerboard pattern is sent.
+ </p>
+ <p>
+ It is important to understand this process, in order to
+ understand how <span class="APPLICATION">Privoxy</span>
+ deals with ads and other unwanted content. Blocking is a
+ core feature, and one upon which various other features
+ depend.
+ </p>
+ <p>
+ The <tt class="LITERAL"><a href=
+ "actions-file.html#FILTER">filter</a></tt> action can
+ perform a very similar task, by <span class=
+ "QUOTE">"blocking"</span> banner images and other content
+ through rewriting the relevant URLs in the document's HTML
+ source, so they don't get requested in the first place.
+ Note that this is a totally different technique, and it's
+ easy to confuse the two.
+ </p>
+ </dd>
+ <dt>
+ Example usage (section):
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+{+block{No nasty stuff for you.}}
+# Block and replace with "blocked" page
+ .nasty-stuff.example.com
+
+{+block{Doubleclick banners.} +handle-as-image}
+# Block and replace with image
+ .ad.doubleclick.net
+ .ads.r.us/banners/
+
+{+block{Layered ads.} +handle-as-empty-document}
+# Block and then ignore
+ adserver.example.net/.*\.js$
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="CHANGE-X-FORWARDED-FOR">8.5.3.
+ change-x-forwarded-for</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Improve privacy by not forwarding the source of the request
+ in the HTTP headers.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Deletes the <span class="QUOTE">"X-Forwarded-For:"</span>
+ HTTP header from the client request, or adds a new one.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <ul>
+ <li>
+ <p>
+ <span class="QUOTE">"block"</span> to delete the
+ header.
+ </p>
+ </li>
+ <li>
+ <p>
+ <span class="QUOTE">"add"</span> to create the header
+ (or append the client's IP address to an already
+ existing one).
+ </p>
+ </li>
+ </ul>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ It is safe and recommended to use <tt class=
+ "LITERAL">block</tt>.
+ </p>
+ <p>
+ Forwarding the source address of the request may make sense
+ in some multi-user setups but is also a privacy risk.
+ </p>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++change-x-forwarded-for{block}
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="CLIENT-HEADER-FILTER">8.5.4. client-header-filter</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Rewrite or remove single client headers.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ All client headers to which this action applies are
+ filtered on-the-fly through the specified regular
+ expression based substitutions.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Multi-value.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ The name of a client-header filter, as defined in one of
+ the <a href="filter-file.html">filter files</a>.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ Client-header filters are applied to each header on its
+ own, not to all at once. This makes it easier to diagnose
+ problems, but on the downside you can't write filters that
+ only change header x if header y's value is z. You can do
+ that by using tags though.
+ </p>
+ <p>
+ Client-header filters are executed after the other header
+ actions have finished and use their output as input.
+ </p>
+ <p>
+ If the request URI gets changed, <span class=
+ "APPLICATION">Privoxy</span> will detect that and use the
+ new one. This can be used to rewrite the request
+ destination behind the client's back, for example to
+ specify a Tor exit relay for certain requests.
+ </p>
+ <p>
+ Please refer to the <a href="filter-file.html">filter file
+ chapter</a> to learn which client-header filters are
+ available by default, and how to create your own.
+ </p>
+ </dd>
+ <dt>
+ Example usage (section):
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Hide Tor exit notation in Host and Referer Headers
+{+client-header-filter{hide-tor-exit-notation}}
+/
+
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="CLIENT-HEADER-TAGGER">8.5.5. client-header-tagger</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Block requests based on their headers.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Client headers to which this action applies are filtered
+ on-the-fly through the specified regular expression based
+ substitutions, the result is used as tag.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Multi-value.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ The name of a client-header tagger, as defined in one of
+ the <a href="filter-file.html">filter files</a>.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ Client-header taggers are applied to each header on its
+ own, and as the header isn't modified, each tagger <span
+ class="QUOTE">"sees"</span> the original.
+ </p>
+ <p>
+ Client-header taggers are the first actions that are
+ executed and their tags can be used to control every other
+ action.
+ </p>
+ </dd>
+ <dt>
+ Example usage (section):
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Tag every request with the User-Agent header
+{+client-header-tagger{user-agent}}
+/
+
+# Tagging itself doesn't change the action
+# settings, sections with TAG patterns do:
+#
+# If it's a download agent, use a different forwarding proxy,
+# show the real User-Agent and make sure resume works.
+{+forward-override{forward-socks5 10.0.0.2:2222 .} \
+ -hide-if-modified-since \
+ -overwrite-last-modified \
+ -hide-user-agent \
+ -filter \
+ -deanimate-gifs \
+}
+TAG:^User-Agent: NetBSD-ftp/
+TAG:^User-Agent: Novell ZYPP Installer
+TAG:^User-Agent: RPM APT-HTTP/
+TAG:^User-Agent: fetch libfetch/
+TAG:^User-Agent: Ubuntu APT-HTTP/
+TAG:^User-Agent: MPlayer/
+
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Tag all requests with the Range header set
+{+client-header-tagger{range-requests}}
+/
+
+# Disable filtering for the tagged requests.
+#
+# With filtering enabled Privoxy would remove the Range headers
+# to be able to filter the whole response. The downside is that
+# it prevents clients from resuming downloads or skipping over
+# parts of multimedia files.
+{-filter -deanimate-gifs}
+TAG:^RANGE-REQUEST$
+
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="CONTENT-TYPE-OVERWRITE">8.5.6.
+ content-type-overwrite</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Stop useless download menus from popping up, or change the
+ browser's rendering mode
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Replaces the <span class="QUOTE">"Content-Type:"</span>
+ HTTP server header.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ Any string.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ The <span class="QUOTE">"Content-Type:"</span> HTTP server
+ header is used by the browser to decide what to do with the
+ document. The value of this header can cause the browser to
+ open a download menu instead of displaying the document by
+ itself, even if the document's format is supported by the
+ browser.
+ </p>
+ <p>
+ The declared content type can also affect which rendering
+ mode the browser chooses. If XHTML is delivered as <span
+ class="QUOTE">"text/html"</span>, many browsers treat it as
+ yet another broken HTML document. If it is send as <span
+ class="QUOTE">"application/xml"</span>, browsers with XHTML
+ support will only display it, if the syntax is correct.
+ </p>
+ <p>
+ If you see a web site that proudly uses XHTML buttons, but
+ sets <span class="QUOTE">"Content-Type: text/html"</span>,
+ you can use <span class="APPLICATION">Privoxy</span> to
+ overwrite it with <span class=
+ "QUOTE">"application/xml"</span> and validate the web
+ master's claim inside your XHTML-supporting browser. If the
+ syntax is incorrect, the browser will complain loudly.
+ </p>
+ <p>
+ You can also go the opposite direction: if your browser
+ prints error messages instead of rendering a document
+ falsely declared as XHTML, you can overwrite the content
+ type with <span class="QUOTE">"text/html"</span> and have
+ it rendered as broken HTML document.
+ </p>
+ <p>
+ By default <tt class="LITERAL">content-type-overwrite</tt>
+ only replaces <span class="QUOTE">"Content-Type:"</span>
+ headers that look like some kind of text. If you want to
+ overwrite it unconditionally, you have to combine it with
+ <tt class="LITERAL"><a href=
+ "actions-file.html#FORCE-TEXT-MODE">force-text-mode</a></tt>.
+ This limitation exists for a reason, think twice before
+ circumventing it.
+ </p>
+ <p>
+ Most of the time it's easier to replace this action with a
+ custom <tt class="LITERAL"><a href=
+ "actions-file.html#SERVER-HEADER-FILTER">server-header
+ filter</a></tt>. It allows you to activate it for every
+ document of a certain site and it will still only replace
+ the content types you aimed at.
+ </p>
+ <p>
+ Of course you can apply <tt class=
+ "LITERAL">content-type-overwrite</tt> to a whole site and
+ then make URL based exceptions, but it's a lot more work to
+ get the same precision.
+ </p>
+ </dd>
+ <dt>
+ Example usage (sections):
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Check if www.example.net/ really uses valid XHTML
+{ +content-type-overwrite{application/xml} }
+www.example.net/
+
+# but leave the content type unmodified if the URL looks like a style sheet
+{-content-type-overwrite}
+www.example.net/.*\.css$
+www.example.net/.*style
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="CRUNCH-CLIENT-HEADER">8.5.7. crunch-client-header</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Remove a client header <span class=
+ "APPLICATION">Privoxy</span> has no dedicated action for.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Deletes every header sent by the client that contains the
+ string the user supplied as parameter.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ Any string.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ This action allows you to block client headers for which no
+ dedicated <span class="APPLICATION">Privoxy</span> action
+ exists. <span class="APPLICATION">Privoxy</span> will
+ remove every client header that contains the string you
+ supplied as parameter.
+ </p>
+ <p>
+ Regular expressions are <span class="emphasis"><i class=
+ "EMPHASIS">not supported</i></span> and you can't use this
+ action to block different headers in the same request,
+ unless they contain the same string.
+ </p>
+ <p>
+ <tt class="LITERAL">crunch-client-header</tt> is only meant
+ for quick tests. If you have to block several different
+ headers, or only want to modify parts of them, you should
+ use a <tt class="LITERAL"><a href=
+ "actions-file.html#CLIENT-HEADER-FILTER">client-header
+ filter</a></tt>.
+ </p>
+ <div class="WARNING">
+ <table class="WARNING" border="1" width="90%">
+ <tr>
+ <td align="CENTER">
+ <b>Warning</b>
+ </td>
+ </tr>
+ <tr>
+ <td align="LEFT">
+ <p>
+ Don't block any header without understanding the
+ consequences.
+ </p>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </dd>
+ <dt>
+ Example usage (section):
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Block the non-existent "Privacy-Violation:" client header
+{ +crunch-client-header{Privacy-Violation:} }
+/
+
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="CRUNCH-IF-NONE-MATCH">8.5.8. crunch-if-none-match</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Prevent yet another way to track the user's steps between
+ sessions.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Deletes the <span class="QUOTE">"If-None-Match:"</span>
+ HTTP client header.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Boolean.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ N/A
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ Removing the <span class="QUOTE">"If-None-Match:"</span>
+ HTTP client header is useful for filter testing, where you
+ want to force a real reload instead of getting status code
+ <span class="QUOTE">"304"</span> which would cause the
+ browser to use a cached copy of the page.
+ </p>
+ <p>
+ It is also useful to make sure the header isn't used as a
+ cookie replacement (unlikely but possible).
+ </p>
+ <p>
+ Blocking the <span class="QUOTE">"If-None-Match:"</span>
+ header shouldn't cause any caching problems, as long as the
+ <span class="QUOTE">"If-Modified-Since:"</span> header
+ isn't blocked or missing as well.
+ </p>
+ <p>
+ It is recommended to use this action together with <tt
+ class="LITERAL"><a href=
+ "actions-file.html#HIDE-IF-MODIFIED-SINCE">hide-if-modified-since</a></tt>
+ and <tt class="LITERAL"><a href=
+ "actions-file.html#OVERWRITE-LAST-MODIFIED">overwrite-last-modified</a></tt>.
+ </p>
+ </dd>
+ <dt>
+ Example usage (section):
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Let the browser revalidate cached documents but don't
+# allow the server to use the revalidation headers for user tracking.
+{+hide-if-modified-since{-60} \
+ +overwrite-last-modified{randomize} \
+ +crunch-if-none-match}
+/
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="CRUNCH-INCOMING-COOKIES">8.5.9.
+ crunch-incoming-cookies</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Prevent the web server from setting HTTP cookies on your
+ system
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Deletes any <span class="QUOTE">"Set-Cookie:"</span> HTTP
+ headers from server replies.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Boolean.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ N/A
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ This action is only concerned with <span class=
+ "emphasis"><i class="EMPHASIS">incoming</i></span> HTTP
+ cookies. For <span class="emphasis"><i class=
+ "EMPHASIS">outgoing</i></span> HTTP cookies, use <tt class=
+ "LITERAL"><a href=
+ "actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a></tt>.
+ Use <span class="emphasis"><i class=
+ "EMPHASIS">both</i></span> to disable HTTP cookies
+ completely.
+ </p>
+ <p>
+ It makes <span class="emphasis"><i class="EMPHASIS">no
+ sense at all</i></span> to use this action in conjunction
+ with the <tt class="LITERAL"><a href=
+ "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a></tt>
+ action, since it would prevent the session cookies from
+ being set. See also <tt class="LITERAL"><a href=
+ "actions-file.html#FILTER-CONTENT-COOKIES">filter-content-cookies</a></tt>.
+ </p>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++crunch-incoming-cookies
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="CRUNCH-SERVER-HEADER">8.5.10. crunch-server-header</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Remove a server header <span class=
+ "APPLICATION">Privoxy</span> has no dedicated action for.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Deletes every header sent by the server that contains the
+ string the user supplied as parameter.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ Any string.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ This action allows you to block server headers for which no
+ dedicated <span class="APPLICATION">Privoxy</span> action
+ exists. <span class="APPLICATION">Privoxy</span> will
+ remove every server header that contains the string you
+ supplied as parameter.
+ </p>
+ <p>
+ Regular expressions are <span class="emphasis"><i class=
+ "EMPHASIS">not supported</i></span> and you can't use this
+ action to block different headers in the same request,
+ unless they contain the same string.
+ </p>
+ <p>
+ <tt class="LITERAL">crunch-server-header</tt> is only meant
+ for quick tests. If you have to block several different
+ headers, or only want to modify parts of them, you should
+ use a custom <tt class="LITERAL"><a href=
+ "actions-file.html#SERVER-HEADER-FILTER">server-header
+ filter</a></tt>.
+ </p>
+ <div class="WARNING">
+ <table class="WARNING" border="1" width="90%">
+ <tr>
+ <td align="CENTER">
+ <b>Warning</b>
+ </td>
+ </tr>
+ <tr>
+ <td align="LEFT">
+ <p>
+ Don't block any header without understanding the
+ consequences.
+ </p>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </dd>
+ <dt>
+ Example usage (section):
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Crunch server headers that try to prevent caching
+{ +crunch-server-header{no-cache} }
+/
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="CRUNCH-OUTGOING-COOKIES">8.5.11.
+ crunch-outgoing-cookies</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Prevent the web server from reading any HTTP cookies from
+ your system
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Deletes any <span class="QUOTE">"Cookie:"</span> HTTP
+ headers from client requests.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Boolean.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ N/A
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ This action is only concerned with <span class=
+ "emphasis"><i class="EMPHASIS">outgoing</i></span> HTTP
+ cookies. For <span class="emphasis"><i class=
+ "EMPHASIS">incoming</i></span> HTTP cookies, use <tt class=
+ "LITERAL"><a href=
+ "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a></tt>.
+ Use <span class="emphasis"><i class=
+ "EMPHASIS">both</i></span> to disable HTTP cookies
+ completely.
+ </p>
+ <p>
+ It makes <span class="emphasis"><i class="EMPHASIS">no
+ sense at all</i></span> to use this action in conjunction
+ with the <tt class="LITERAL"><a href=
+ "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a></tt>
+ action, since it would prevent the session cookies from
+ being read.
+ </p>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++crunch-outgoing-cookies
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="DEANIMATE-GIFS">8.5.12. deanimate-gifs</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Stop those annoying, distracting animated GIF images.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ De-animate GIF animations, i.e. reduce them to their first
+ or last image.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ <span class="QUOTE">"last"</span> or <span class=
+ "QUOTE">"first"</span>
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ This will also shrink the images considerably (in bytes,
+ not pixels!). If the option <span class=
+ "QUOTE">"first"</span> is given, the first frame of the
+ animation is used as the replacement. If <span class=
+ "QUOTE">"last"</span> is given, the last frame of the
+ animation is used instead, which probably makes more sense
+ for most banner animations, but also has the risk of not
+ showing the entire last frame (if it is only a delta to an
+ earlier frame).
+ </p>
+ <p>
+ You can safely use this action with patterns that will also
+ match non-GIF objects, because no attempt will be made at
+ anything that doesn't look like a GIF.
+ </p>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++deanimate-gifs{last}
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="DOWNGRADE-HTTP-VERSION">8.5.13.
+ downgrade-http-version</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Work around (very rare) problems with HTTP/1.1
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Downgrades HTTP/1.1 client requests and server replies to
+ HTTP/1.0.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Boolean.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ N/A
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ This is a left-over from the time when <span class=
+ "APPLICATION">Privoxy</span> didn't support important
+ HTTP/1.1 features well. It is left here for the unlikely
+ case that you experience HTTP/1.1-related problems with
+ some server out there.
+ </p>
+ <p>
+ Note that enabling this action is only a workaround. It
+ should not be enabled for sites that work without it. While
+ it shouldn't break any pages, it has an (usually negative)
+ performance impact.
+ </p>
+ <p>
+ If you come across a site where enabling this action helps,
+ please report it, so the cause of the problem can be
+ analyzed. If the problem turns out to be caused by a bug in
+ <span class="APPLICATION">Privoxy</span> it should be fixed
+ so the following release works without the work around.
+ </p>
+ </dd>
+ <dt>
+ Example usage (section):
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+{+downgrade-http-version}
+problem-host.example.com
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="EXTERNAL-FILTER">8.5.14. external-filter</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Modify content using a programming language of your choice.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ All instances of text-based type, most notably HTML and
+ JavaScript, to which this action applies, can be filtered
+ on-the-fly through the specified external filter. By
+ default plain text documents are exempted from filtering,
+ because web servers often use the <tt class=
+ "LITERAL">text/plain</tt> MIME type for all files whose
+ type they don't know.)
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Multi-value.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ The name of an external content filter, as defined in the
+ <a href="filter-file.html">filter file</a>. External
+ filters can be defined in one or more files as defined by
+ the <tt class="LITERAL"><a href=
+ "config.html#FILTERFILE">filterfile</a></tt> option in the
+ <a href="config.html">config file</a>.
+ </p>
+ <p>
+ When used in its negative form, and without parameters,
+ <span class="emphasis"><i class="EMPHASIS">all</i></span>
+ filtering with external filters is completely disabled.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ External filters are scripts or programs that can modify
+ the content in case common <tt class="LITERAL"><a href=
+ "actions-file.html#FILTER">filters</a></tt> aren't powerful
+ enough. With the exception that this action doesn't use
+ pcrs-based filters, the notes in the <tt class="LITERAL"><a
+ href="actions-file.html#FILTER">filter</a></tt> section
+ apply.
+ </p>
+ <div class="WARNING">
+ <table class="WARNING" border="1" width="90%">
+ <tr>
+ <td align="CENTER">
+ <b>Warning</b>
+ </td>
+ </tr>
+ <tr>
+ <td align="LEFT">
+ <p>
+ Currently external filters are executed with <span
+ class="APPLICATION">Privoxy</span>'s privileges.
+ Only use external filters you understand and trust.
+ </p>
+ </td>
+ </tr>
+ </table>
+ </div>
+ <p>
+ This feature is experimental, the <tt class="LITERAL"><a
+ href=
+ "filter-file.html#EXTERNAL-FILTER-SYNTAX">syntax</a></tt>
+ may change in the future.
+ </p>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++external-filter{fancy-filter}
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="FAST-REDIRECTS">8.5.15. fast-redirects</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Fool some click-tracking scripts and speed up indirect
+ links.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Detects redirection URLs and redirects the browser without
+ contacting the redirection server first.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <ul>
+ <li>
+ <p>
+ <span class="QUOTE">"simple-check"</span> to just
+ search for the string <span class=
+ "QUOTE">"http://"</span> to detect redirection URLs.
+ </p>
+ </li>
+ <li>
+ <p>
+ <span class="QUOTE">"check-decoded-url"</span> to
+ decode URLs (if necessary) before searching for
+ redirection URLs.
+ </p>
+ </li>
+ </ul>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ Many sites, like yahoo.com, don't just link to other sites.
+ Instead, they will link to some script on their own
+ servers, giving the destination as a parameter, which will
+ then redirect you to the final target. URLs resulting from
+ this scheme typically look like: <span class=
+ "QUOTE">"http://www.example.org/click-tracker.cgi?target=http%3a//www.example.net/"</span>.
+ </p>
+ <p>
+ Sometimes, there are even multiple consecutive redirects
+ encoded in the URL. These redirections via scripts make
+ your web browsing more traceable, since the server from
+ which you follow such a link can see where you go to. Apart
+ from that, valuable bandwidth and time is wasted, while
+ your browser asks the server for one redirect after the
+ other. Plus, it feeds the advertisers.
+ </p>
+ <p>
+ This feature is currently not very smart and is scheduled
+ for improvement. If it is enabled by default, you will have
+ to create some exceptions to this action. It can lead to
+ failures in several ways:
+ </p>
+ <p>
+ Not every URLs with other URLs as parameters is evil. Some
+ sites offer a real service that requires this information
+ to work. For example a validation service needs to know,
+ which document to validate. <tt class=
+ "LITERAL">fast-redirects</tt> assumes that every URL
+ parameter that looks like another URL is a redirection
+ target, and will always redirect to the last one. Most of
+ the time the assumption is correct, but if it isn't, the
+ user gets redirected anyway.
+ </p>
+ <p>
+ Another failure occurs if the URL contains other parameters
+ after the URL parameter. The URL: <span class=
+ "QUOTE">"http://www.example.org/?redirect=http%3a//www.example.net/&foo=bar"</span>.
+ contains the redirection URL <span class=
+ "QUOTE">"http://www.example.net/"</span>, followed by
+ another parameter. <tt class="LITERAL">fast-redirects</tt>
+ doesn't know that and will cause a redirect to <span class=
+ "QUOTE">"http://www.example.net/&foo=bar"</span>.
+ Depending on the target server configuration, the parameter
+ will be silently ignored or lead to a <span class=
+ "QUOTE">"page not found"</span> error. You can prevent this
+ problem by first using the <tt class="LITERAL"><a href=
+ "actions-file.html#REDIRECT">redirect</a></tt> action to
+ remove the last part of the URL, but it requires a little
+ effort.
+ </p>
+ <p>
+ To detect a redirection URL, <tt class=
+ "LITERAL">fast-redirects</tt> only looks for the string
+ <span class="QUOTE">"http://"</span>, either in plain text
+ (invalid but often used) or encoded as <span class=
+ "QUOTE">"http%3a//"</span>. Some sites use their own URL
+ encoding scheme, encrypt the address of the target server
+ or replace it with a database id. In theses cases <tt
+ class="LITERAL">fast-redirects</tt> is fooled and the
+ request reaches the redirection server where it probably
+ gets logged.
+ </p>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+ { +fast-redirects{simple-check} }
+ one.example.com
+
+ { +fast-redirects{check-decoded-url} }
+ another.example.com/testing
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="FILTER">8.5.16. filter</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Get rid of HTML and JavaScript annoyances, banner
+ advertisements (by size), do fun text replacements, add
+ personalized effects, etc.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ All instances of text-based type, most notably HTML and
+ JavaScript, to which this action applies, can be filtered
+ on-the-fly through the specified regular expression based
+ substitutions. (Note: as of version 3.0.3 plain text
+ documents are exempted from filtering, because web servers
+ often use the <tt class="LITERAL">text/plain</tt> MIME type
+ for all files whose type they don't know.)
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Multi-value.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ The name of a content filter, as defined in the <a href=
+ "filter-file.html">filter file</a>. Filters can be defined
+ in one or more files as defined by the <tt class=
+ "LITERAL"><a href=
+ "config.html#FILTERFILE">filterfile</a></tt> option in the
+ <a href="config.html">config file</a>. <tt class=
+ "FILENAME">default.filter</tt> is the collection of filters
+ supplied by the developers. Locally defined filters should
+ go in their own file, such as <tt class=
+ "FILENAME">user.filter</tt>.
+ </p>
+ <p>
+ When used in its negative form, and without parameters,
+ <span class="emphasis"><i class="EMPHASIS">all</i></span>
+ filtering is completely disabled.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ For your convenience, there are a number of pre-defined
+ filters available in the distribution filter file that you
+ can use. See the examples below for a list.
+ </p>
+ <p>
+ Filtering requires buffering the page content, which may
+ appear to slow down page rendering since nothing is
+ displayed until all content has passed the filters. (The
+ total time until the page is completely rendered doesn't
+ change much, but it may be perceived as slower since the
+ page is not incrementally displayed.) This effect will be
+ more noticeable on slower connections.
+ </p>
+ <p>
+ <span class="QUOTE">"Rolling your own"</span> filters
+ requires a knowledge of <a href=
+ "http://en.wikipedia.org/wiki/Regular_expressions" target=
+ "_top"><span class="QUOTE">"Regular Expressions"</span></a>
+ and <a href="http://en.wikipedia.org/wiki/Html" target=
+ "_top"><span class="QUOTE">"HTML"</span></a>. This is very
+ powerful feature, and potentially very intrusive. Filters
+ should be used with caution, and where an equivalent <span
+ class="QUOTE">"action"</span> is not available.
+ </p>
+ <p>
+ The amount of data that can be filtered is limited to the
+ <tt class="LITERAL"><a href=
+ "config.html#BUFFER-LIMIT">buffer-limit</a></tt> option in
+ the main <a href="config.html">config file</a>. The default
+ is 4096 KB (4 Megs). Once this limit is exceeded, the
+ buffered data, and all pending data, is passed through
+ unfiltered.
+ </p>
+ <p>
+ Inappropriate MIME types, such as zipped files, are not
+ filtered at all. (Again, only text-based types except plain
+ text). Encrypted SSL data (from HTTPS servers) cannot be
+ filtered either, since this would violate the integrity of
+ the secure transaction. In some situations it might be
+ necessary to protect certain text, like source code, from
+ filtering by defining appropriate <tt class=
+ "LITERAL">-filter</tt> exceptions.
+ </p>
+ <p>
+ Compressed content can't be filtered either, but if <span
+ class="APPLICATION">Privoxy</span> is compiled with zlib
+ support and a supported compression algorithm is used (gzip
+ or deflate), <span class="APPLICATION">Privoxy</span> can
+ first decompress the content and then filter it.
+ </p>
+ <p>
+ If you use a <span class="APPLICATION">Privoxy</span>
+ version without zlib support, but want filtering to work on
+ as much documents as possible, even those that would
+ normally be sent compressed, you must use the <tt class=
+ "LITERAL"><a href=
+ "actions-file.html#PREVENT-COMPRESSION">prevent-compression</a></tt>
+ action in conjunction with <tt class="LITERAL">filter</tt>.
+ </p>
+ <p>
+ Content filtering can achieve some of the same effects as
+ the <tt class="LITERAL"><a href=
+ "actions-file.html#BLOCK">block</a></tt> action, i.e. it
+ can be used to block ads and banners. But the mechanism
+ works quite differently. One effective use, is to block ad
+ banners based on their size (see below), since many of
+ these seem to be somewhat standardized.
+ </p>
+ <p>
+ <a href="contact.html">Feedback</a> with suggestions for
+ new or improved filters is particularly welcome!
+ </p>
+ <p>
+ The below list has only the names and a one-line
+ description of each predefined filter. There are <a href=
+ "filter-file.html#PREDEFINED-FILTERS">more verbose
+ explanations</a> of what these filters do in the <a href=
+ "filter-file.html">filter file chapter</a>.
+ </p>
+ </dd>
+ <dt>
+ Example usage (with filters from the distribution <tt class=
+ "FILENAME">default.filter</tt> file). See <a href=
+ "filter-file.html#PREDEFINED-FILTERS">the Predefined Filters
+ section</a> for more explanation on each:
+ </dt>
+ <dd>
+ <p>
+ <a name="FILTER-JS-ANNOYANCES"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-JS-EVENTS"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{js-events} # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-HTML-ANNOYANCES"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{html-annoyances} # Get rid of particularly annoying HTML abuse.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-CONTENT-COOKIES"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{content-cookies} # Kill cookies that come in the HTML or JS content.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-REFRESH-TAGS"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{refresh-tags} # Kill automatic refresh tags if refresh time is larger than 9 seconds.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-UNSOLICITED-POPUPS"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{unsolicited-popups} # Disable only unsolicited pop-up windows.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-ALL-POPUPS"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{all-popups} # Kill all popups in JavaScript and HTML.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-IMG-REORDER"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-BANNERS-BY-SIZE"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{banners-by-size} # Kill banners by size.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-BANNERS-BY-LINK"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{banners-by-link} # Kill banners by their links to known clicktrackers.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-WEBBUGS"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking).
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-TINY-TEXTFORMS"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-JUMPING-WINDOWS"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{jumping-windows} # Prevent windows from resizing and moving themselves.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-FRAMESET-BORDERS"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{frameset-borders} # Give frames a border and make them resizable.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-IFRAMES"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{iframes} # Removes all detected iframes. Should only be enabled for individual sites.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-DEMORONIZER"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{demoronizer} # Fix MS's non-standard use of standard charsets.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-SHOCKWAVE-FLASH"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{shockwave-flash} # Kill embedded Shockwave Flash objects.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-QUICKTIME-KIOSKMODE"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{quicktime-kioskmode} # Make Quicktime movies saveable.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-FUN"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{fun} # Text replacements for subversive browsing fun!
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-CRUDE-PARENTAL"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{crude-parental} # Crude parental filtering. Note that this filter doesn't work reliably.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-IE-EXPLOITS"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{ie-exploits} # Disable some known Internet Explorer bug exploits.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-SITE-SPECIFICS"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{site-specifics} # Cure for site-specific problems. Don't apply generally!
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-NO-PING"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{no-ping} # Removes non-standard ping attributes in <a> and <area> tags.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-GOOGLE"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{google} # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-YAHOO"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{yahoo} # CSS-based block for Yahoo text ads. Also removes a width limitation.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-MSN"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{msn} # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <a name="FILTER-BLOGSPOT"></a>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++filter{blogspot} # Cleans up some Blogspot blogs. Read the fine print before using this.
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="FORCE-TEXT-MODE">8.5.17. force-text-mode</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Force <span class="APPLICATION">Privoxy</span> to treat a
+ document as if it was in some kind of <span class=
+ "emphasis"><i class="EMPHASIS">text</i></span> format.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Declares a document as text, even if the <span class=
+ "QUOTE">"Content-Type:"</span> isn't detected as such.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Boolean.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ N/A
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ As explained <tt class="LITERAL"><a href=
+ "actions-file.html#FILTER">above</a></tt>, <span class=
+ "APPLICATION">Privoxy</span> tries to only filter files
+ that are in some kind of text format. The same restrictions
+ apply to <tt class="LITERAL"><a href=
+ "actions-file.html#CONTENT-TYPE-OVERWRITE">content-type-overwrite</a></tt>.
+ <tt class="LITERAL">force-text-mode</tt> declares a
+ document as text, without looking at the <span class=
+ "QUOTE">"Content-Type:"</span> first.
+ </p>
+ <div class="WARNING">
+ <table class="WARNING" border="1" width="90%">
+ <tr>
+ <td align="CENTER">
+ <b>Warning</b>
+ </td>
+ </tr>
+ <tr>
+ <td align="LEFT">
+ <p>
+ Think twice before activating this action.
+ Filtering binary data with regular expressions can
+ cause file damage.
+ </p>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++force-text-mode
+
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="FORWARD-OVERRIDE">8.5.18. forward-override</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Change the forwarding settings based on User-Agent or
+ request origin
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Overrules the forward directives in the configuration file.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <ul>
+ <li>
+ <p>
+ <span class="QUOTE">"forward ."</span> to use a direct
+ connection without any additional proxies.
+ </p>
+ </li>
+ <li>
+ <p>
+ <span class="QUOTE">"forward 127.0.0.1:8123"</span> to
+ use the HTTP proxy listening at 127.0.0.1 port 8123.
+ </p>
+ </li>
+ <li>
+ <p>
+ <span class="QUOTE">"forward-socks4a 127.0.0.1:9050
+ ."</span> to use the socks4a proxy listening at
+ 127.0.0.1 port 9050. Replace <span class=
+ "QUOTE">"forward-socks4a"</span> with <span class=
+ "QUOTE">"forward-socks4"</span> to use a socks4
+ connection (with local DNS resolution) instead, use
+ <span class="QUOTE">"forward-socks5"</span> for socks5
+ connections (with remote DNS resolution).
+ </p>
+ </li>
+ <li>
+ <p>
+ <span class="QUOTE">"forward-socks4a 127.0.0.1:9050
+ proxy.example.org:8000"</span> to use the socks4a proxy
+ listening at 127.0.0.1 port 9050 to reach the HTTP
+ proxy listening at proxy.example.org port 8000. Replace
+ <span class="QUOTE">"forward-socks4a"</span> with <span
+ class="QUOTE">"forward-socks4"</span> to use a socks4
+ connection (with local DNS resolution) instead, use
+ <span class="QUOTE">"forward-socks5"</span> for socks5
+ connections (with remote DNS resolution).
+ </p>
+ </li>
+ <li>
+ <p>
+ <span class="QUOTE">"forward-webserver
+ 127.0.0.1:80"</span> to use the HTTP server listening
+ at 127.0.0.1 port 80 without adjusting the request
+ headers.
+ </p>
+ <p>
+ This makes it more convenient to use Privoxy to make
+ existing websites available as onion services as well.
+ </p>
+ <p>
+ Many websites serve content with hardcoded URLs and
+ can't be easily adjusted to change the domain based on
+ the one used by the client.
+ </p>
+ <p>
+ Putting Privoxy between Tor and the webserver (or an
+ stunnel that forwards to the webserver) allows to
+ rewrite headers and content to make client and server
+ happy at the same time.
+ </p>
+ <p>
+ Using Privoxy for webservers that are only reachable
+ through onion addresses and whose location is supposed
+ to be secret is not recommended and should not be
+ necessary anyway.
+ </p>
+ </li>
+ </ul>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ This action takes parameters similar to the <a href=
+ "config.html#FORWARDING">forward</a> directives in the
+ configuration file, but without the URL pattern. It can be
+ used as replacement, but normally it's only used in cases
+ where matching based on the request URL isn't sufficient.
+ </p>
+ <div class="WARNING">
+ <table class="WARNING" border="1" width="90%">
+ <tr>
+ <td align="CENTER">
+ <b>Warning</b>
+ </td>
+ </tr>
+ <tr>
+ <td align="LEFT">
+ <p>
+ Please read the description for the <a href=
+ "config.html#FORWARDING">forward</a> directives
+ before using this action. Forwarding to the wrong
+ people will reduce your privacy and increase the
+ chances of man-in-the-middle attacks.
+ </p>
+ <p>
+ If the ports are missing or invalid, default values
+ will be used. This might change in the future and
+ you shouldn't rely on it. Otherwise incorrect
+ syntax causes Privoxy to exit. Due to design
+ limitations, invalid parameter syntax isn't
+ detected until the action is used the first time.
+ </p>
+ <p>
+ Use the <a href=
+ "http://config.privoxy.org/show-url-info" target=
+ "_top">show-url-info CGI page</a> to verify that
+ your forward settings do what you thought the do.
+ </p>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Use an ssh tunnel for requests previously tagged as
+# <span class="QUOTE">"User-Agent: fetch libfetch/2.0"</span> and make sure
+# resuming downloads continues to work.
+#
+# This way you can continue to use Tor for your normal browsing,
+# without overloading the Tor network with your FreeBSD ports updates
+# or downloads of bigger files like ISOs.
+#
+# Note that HTTP headers are easy to fake and therefore their
+# values are as (un)trustworthy as your clients and users.
+{+forward-override{forward-socks5 10.0.0.2:2222 .} \
+ -hide-if-modified-since \
+ -overwrite-last-modified \
+}
+TAG:^User-Agent: fetch libfetch/2\.0$
+
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="HANDLE-AS-EMPTY-DOCUMENT">8.5.19.
+ handle-as-empty-document</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Mark URLs that should be replaced by empty documents <span
+ class="emphasis"><i class="EMPHASIS">if they get
+ blocked</i></span>
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ This action alone doesn't do anything noticeable. It just
+ marks URLs. If the <tt class="LITERAL"><a href=
+ "actions-file.html#BLOCK">block</a></tt> action <span
+ class="emphasis"><i class="EMPHASIS">also
+ applies</i></span>, the presence or absence of this mark
+ decides whether an HTML <span class=
+ "QUOTE">"BLOCKED"</span> page, or an empty document will be
+ sent to the client as a substitute for the blocked content.
+ The <span class="emphasis"><i class=
+ "EMPHASIS">empty</i></span> document isn't literally empty,
+ but actually contains a single space.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Boolean.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ N/A
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ Some browsers complain about syntax errors if JavaScript
+ documents are blocked with <span class=
+ "APPLICATION">Privoxy's</span> default HTML page; this
+ option can be used to silence them. And of course this
+ action can also be used to eliminate the <span class=
+ "APPLICATION">Privoxy</span> BLOCKED message in frames.
+ </p>
+ <p>
+ The content type for the empty document can be specified
+ with <tt class="LITERAL"><a href=
+ "actions-file.html#CONTENT-TYPE-OVERWRITE">content-type-overwrite{}</a></tt>,
+ but usually this isn't necessary.
+ </p>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Block all documents on example.org that end with ".js",
+# but send an empty document instead of the usual HTML message.
+{+block{Blocked JavaScript} +handle-as-empty-document}
+example.org/.*\.js$
+
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="HANDLE-AS-IMAGE">8.5.20. handle-as-image</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Mark URLs as belonging to images (so they'll be replaced by
+ images <span class="emphasis"><i class="EMPHASIS">if they
+ do get blocked</i></span>, rather than HTML pages)
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ This action alone doesn't do anything noticeable. It just
+ marks URLs as images. If the <tt class="LITERAL"><a href=
+ "actions-file.html#BLOCK">block</a></tt> action <span
+ class="emphasis"><i class="EMPHASIS">also
+ applies</i></span>, the presence or absence of this mark
+ decides whether an HTML <span class=
+ "QUOTE">"blocked"</span> page, or a replacement image (as
+ determined by the <tt class="LITERAL"><a href=
+ "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a></tt>
+ action) will be sent to the client as a substitute for the
+ blocked content.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Boolean.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ N/A
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ The below generic example section is actually part of <tt
+ class="FILENAME">default.action</tt>. It marks all URLs
+ with well-known image file name extensions as images and
+ should be left intact.
+ </p>
+ <p>
+ Users will probably only want to use the handle-as-image
+ action in conjunction with <tt class="LITERAL"><a href=
+ "actions-file.html#BLOCK">block</a></tt>, to block sources
+ of banners, whose URLs don't reflect the file type, like in
+ the second example section.
+ </p>
+ <p>
+ Note that you cannot treat HTML pages as images in most
+ cases. For instance, (in-line) ad frames require an HTML
+ page to be sent, or they won't display properly. Forcing
+ <tt class="LITERAL">handle-as-image</tt> in this situation
+ will not replace the ad frame with an image, but lead to
+ error messages.
+ </p>
+ </dd>
+ <dt>
+ Example usage (sections):
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Generic image extensions:
+#
+{+handle-as-image}
+/.*\.(gif|jpg|jpeg|png|bmp|ico)$
+
+# These don't look like images, but they're banners and should be
+# blocked as images:
+#
+{+block{Nasty banners.} +handle-as-image}
+nasty-banner-server.example.com/junk.cgi\?output=trash
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="HIDE-ACCEPT-LANGUAGE">8.5.21. hide-accept-language</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Pretend to use different language settings.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Deletes or replaces the <span class=
+ "QUOTE">"Accept-Language:"</span> HTTP header in client
+ requests.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ Keyword: <span class="QUOTE">"block"</span>, or any user
+ defined value.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ Faking the browser's language settings can be useful to
+ make a foreign User-Agent set with <tt class="LITERAL"><a
+ href=
+ "actions-file.html#HIDE-USER-AGENT">hide-user-agent</a></tt>
+ more believable.
+ </p>
+ <p>
+ However some sites with content in different languages
+ check the <span class="QUOTE">"Accept-Language:"</span> to
+ decide which one to take by default. Sometimes it isn't
+ possible to later switch to another language without
+ changing the <span class="QUOTE">"Accept-Language:"</span>
+ header first.
+ </p>
+ <p>
+ Therefore it's a good idea to either only change the <span
+ class="QUOTE">"Accept-Language:"</span> header to languages
+ you understand, or to languages that aren't wide spread.
+ </p>
+ <p>
+ Before setting the <span class=
+ "QUOTE">"Accept-Language:"</span> header to a rare
+ language, you should consider that it helps to make your
+ requests unique and thus easier to trace. If you don't plan
+ to change this header frequently, you should stick to a
+ common language.
+ </p>
+ </dd>
+ <dt>
+ Example usage (section):
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Pretend to use Canadian language settings.
+{+hide-accept-language{en-ca} \
++hide-user-agent{Mozilla/5.0 (X11; U; OpenBSD i386; en-CA; rv:1.8.0.4) Gecko/20060628 Firefox/1.5.0.4} \
+}
+/
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="HIDE-CONTENT-DISPOSITION">8.5.22.
+ hide-content-disposition</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Prevent download menus for content you prefer to view
+ inside the browser.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Deletes or replaces the <span class=
+ "QUOTE">"Content-Disposition:"</span> HTTP header set by
+ some servers.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ Keyword: <span class="QUOTE">"block"</span>, or any user
+ defined value.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ Some servers set the <span class=
+ "QUOTE">"Content-Disposition:"</span> HTTP header for
+ documents they assume you want to save locally before
+ viewing them. The <span class=
+ "QUOTE">"Content-Disposition:"</span> header contains the
+ file name the browser is supposed to use by default.
+ </p>
+ <p>
+ In most browsers that understand this header, it makes it
+ impossible to <span class="emphasis"><i class=
+ "EMPHASIS">just view</i></span> the document, without
+ downloading it first, even if it's just a simple text file
+ or an image.
+ </p>
+ <p>
+ Removing the <span class=
+ "QUOTE">"Content-Disposition:"</span> header helps to
+ prevent this annoyance, but some browsers additionally
+ check the <span class="QUOTE">"Content-Type:"</span>
+ header, before they decide if they can display a document
+ without saving it first. In these cases, you have to change
+ this header as well, before the browser stops displaying
+ download menus.
+ </p>
+ <p>
+ It is also possible to change the server's file name
+ suggestion to another one, but in most cases it isn't worth
+ the time to set it up.
+ </p>
+ <p>
+ This action will probably be removed in the future, use
+ server-header filters instead.
+ </p>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Disarm the download link in Sourceforge's patch tracker
+{ -filter \
+ +content-type-overwrite{text/plain}\
+ +hide-content-disposition{block} }
+ .sourceforge.net/tracker/download\.php
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="HIDE-IF-MODIFIED-SINCE">8.5.23.
+ hide-if-modified-since</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Prevent yet another way to track the user's steps between
+ sessions.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Deletes the <span class="QUOTE">"If-Modified-Since:"</span>
+ HTTP client header or modifies its value.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ Keyword: <span class="QUOTE">"block"</span>, or a user
+ defined value that specifies a range of hours.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ Removing this header is useful for filter testing, where
+ you want to force a real reload instead of getting status
+ code <span class="QUOTE">"304"</span>, which would cause
+ the browser to use a cached copy of the page.
+ </p>
+ <p>
+ Instead of removing the header, <tt class=
+ "LITERAL">hide-if-modified-since</tt> can also add or
+ subtract a random amount of time to/from the header's
+ value. You specify a range of minutes where the random
+ factor should be chosen from and <span class=
+ "APPLICATION">Privoxy</span> does the rest. A negative
+ value means subtracting, a positive value adding.
+ </p>
+ <p>
+ Randomizing the value of the <span class=
+ "QUOTE">"If-Modified-Since:"</span> makes it less likely
+ that the server can use the time as a cookie replacement,
+ but you will run into caching problems if the random range
+ is too high.
+ </p>
+ <p>
+ It is a good idea to only use a small negative value and
+ let <tt class="LITERAL"><a href=
+ "actions-file.html#OVERWRITE-LAST-MODIFIED">overwrite-last-modified</a></tt>
+ handle the greater changes.
+ </p>
+ <p>
+ It is also recommended to use this action together with <tt
+ class="LITERAL"><a href=
+ "actions-file.html#CRUNCH-IF-NONE-MATCH">crunch-if-none-match</a></tt>,
+ otherwise it's more or less pointless.
+ </p>
+ </dd>
+ <dt>
+ Example usage (section):
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Let the browser revalidate but make tracking based on the time less likely.
+{+hide-if-modified-since{-60} \
+ +overwrite-last-modified{randomize} \
+ +crunch-if-none-match}
+/
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="HIDE-FROM-HEADER">8.5.24. hide-from-header</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Keep your (old and ill) browser from telling web servers
+ your email address
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Deletes any existing <span class="QUOTE">"From:"</span>
+ HTTP header, or replaces it with the specified string.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ Keyword: <span class="QUOTE">"block"</span>, or any user
+ defined value.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ The keyword <span class="QUOTE">"block"</span> will
+ completely remove the header (not to be confused with the
+ <tt class="LITERAL"><a href=
+ "actions-file.html#BLOCK">block</a></tt> action).
+ </p>
+ <p>
+ Alternately, you can specify any value you prefer to be
+ sent to the web server. If you do, it is a matter of
+ fairness not to use any address that is actually used by a
+ real person.
+ </p>
+ <p>
+ This action is rarely needed, as modern web browsers don't
+ send <span class="QUOTE">"From:"</span> headers anymore.
+ </p>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++hide-from-header{block}
+</pre>
+ </td>
+ </tr>
+ </table>
+ or
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++hide-from-header{spam-me-senseless@sittingduck.example.com}
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="HIDE-REFERRER">8.5.25. hide-referrer</a>
+ </h4>
+ <a name="HIDE-REFERER"></a>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Conceal which link you followed to get to a particular site
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Deletes the <span class="QUOTE">"Referer:"</span> (sic)
+ HTTP header from the client request, or replaces it with a
+ forged one.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <ul>
+ <li>
+ <p>
+ <span class="QUOTE">"conditional-block"</span> to
+ delete the header completely if the host has changed.
+ </p>
+ </li>
+ <li>
+ <p>
+ <span class="QUOTE">"conditional-forge"</span> to forge
+ the header if the host has changed.
+ </p>
+ </li>
+ <li>
+ <p>
+ <span class="QUOTE">"block"</span> to delete the header
+ unconditionally.
+ </p>
+ </li>
+ <li>
+ <p>
+ <span class="QUOTE">"forge"</span> to pretend to be
+ coming from the homepage of the server we are talking
+ to.
+ </p>
+ </li>
+ <li>
+ <p>
+ Any other string to set a user defined referrer.
+ </p>
+ </li>
+ </ul>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ <tt class="LITERAL">conditional-block</tt> is the only
+ parameter, that isn't easily detected in the server's log
+ file. If it blocks the referrer, the request will look like
+ the visitor used a bookmark or typed in the address
+ directly.
+ </p>
+ <p>
+ Leaving the referrer unmodified for requests on the same
+ host allows the server owner to see the visitor's <span
+ class="QUOTE">"click path"</span>, but in most cases she
+ could also get that information by comparing other parts of
+ the log file: for example the User-Agent if it isn't a very
+ common one, or the user's IP address if it doesn't change
+ between different requests.
+ </p>
+ <p>
+ Always blocking the referrer, or using a custom one, can
+ lead to failures on servers that check the referrer before
+ they answer any requests, in an attempt to prevent their
+ content from being embedded or linked to elsewhere.
+ </p>
+ <p>
+ Both <tt class="LITERAL">conditional-block</tt> and <tt
+ class="LITERAL">forge</tt> will work with referrer checks,
+ as long as content and valid referring page are on the same
+ host. Most of the time that's the case.
+ </p>
+ <p>
+ <tt class="LITERAL">hide-referer</tt> is an alternate
+ spelling of <tt class="LITERAL">hide-referrer</tt> and the
+ two can be can be freely substituted with each other.
+ (<span class="QUOTE">"referrer"</span> is the correct
+ English spelling, however the HTTP specification has a bug
+ - it requires it to be spelled as <span class=
+ "QUOTE">"referer"</span>.)
+ </p>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++hide-referrer{forge}
+</pre>
+ </td>
+ </tr>
+ </table>
+ or
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++hide-referrer{http://www.yahoo.com/}
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="HIDE-USER-AGENT">8.5.26. hide-user-agent</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Try to conceal your type of browser and client operating
+ system
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Replaces the value of the <span class=
+ "QUOTE">"User-Agent:"</span> HTTP header in client requests
+ with the specified value.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ Any user-defined string.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <div class="WARNING">
+ <table class="WARNING" border="1" width="90%">
+ <tr>
+ <td align="CENTER">
+ <b>Warning</b>
+ </td>
+ </tr>
+ <tr>
+ <td align="LEFT">
+ <p>
+ This can lead to problems on web sites that depend
+ on looking at this header in order to customize
+ their content for different browsers (which, by the
+ way, is <span class="emphasis"><i class=
+ "EMPHASIS">NOT</i></span> the right thing to do:
+ good web sites work browser-independently).
+ </p>
+ </td>
+ </tr>
+ </table>
+ </div>
+ <p>
+ Using this action in multi-user setups or wherever
+ different types of browsers will access the same <span
+ class="APPLICATION">Privoxy</span> is <span class=
+ "emphasis"><i class="EMPHASIS">not recommended</i></span>.
+ In single-user, single-browser setups, you might use it to
+ delete your OS version information from the headers,
+ because it is an invitation to exploit known bugs for your
+ OS. It is also occasionally useful to forge this in order
+ to access sites that won't let you in otherwise (though
+ there may be a good reason in some cases).
+ </p>
+ <p>
+ More information on known user-agent strings can be found
+ at <a href="http://www.user-agents.org/" target=
+ "_top">http://www.user-agents.org/</a> and <a href=
+ "http://en.wikipedia.org/wiki/User_agent" target=
+ "_top">http://en.wikipedia.org/wiki/User_agent</a>.
+ </p>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="LIMIT-CONNECT">8.5.27. limit-connect</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Prevent abuse of <span class="APPLICATION">Privoxy</span>
+ as a TCP proxy relay or disable SSL for untrusted sites
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Specifies to which ports HTTP CONNECT requests are
+ allowable.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ A comma-separated list of ports or port ranges (the latter
+ using dashes, with the minimum defaulting to 0 and the
+ maximum to 65K).
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ By default, i.e. if no <tt class=
+ "LITERAL">limit-connect</tt> action applies, <span class=
+ "APPLICATION">Privoxy</span> allows HTTP CONNECT requests
+ to all ports. Use <tt class="LITERAL">limit-connect</tt> if
+ fine-grained control is desired for some or all
+ destinations.
+ </p>
+ <p>
+ The CONNECT methods exists in HTTP to allow access to
+ secure websites (<span class="QUOTE">"https://"</span>
+ URLs) through proxies. It works very simply: the proxy
+ connects to the server on the specified port, and then
+ short-circuits its connections to the client and to the
+ remote server. This means CONNECT-enabled proxies can be
+ used as TCP relays very easily.
+ </p>
+ <p>
+ <span class="APPLICATION">Privoxy</span> relays HTTPS
+ traffic without seeing the decoded content. Websites can
+ leverage this limitation to circumvent <span class=
+ "APPLICATION">Privoxy</span>'s filters. By specifying an
+ invalid port range you can disable HTTPS entirely.
+ </p>
+ </dd>
+ <dt>
+ Example usages:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++limit-connect{443} # Port 443 is OK.
++limit-connect{80,443} # Ports 80 and 443 are OK.
++limit-connect{-3, 7, 20-100, 500-} # Ports less than 3, 7, 20 to 100 and above 500 are OK.
++limit-connect{-} # All ports are OK
++limit-connect{,} # No HTTPS/SSL traffic is allowed
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="LIMIT-COOKIE-LIFETIME">8.5.28. limit-cookie-lifetime</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Limit the lifetime of HTTP cookies to a couple of minutes
+ or hours.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Overwrites the expires field in Set-Cookie server headers
+ if it's above the specified limit.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ The lifetime limit in minutes, or 0.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ This action reduces the lifetime of HTTP cookies coming
+ from the server to the specified number of minutes,
+ starting from the time the cookie passes Privoxy.
+ </p>
+ <p>
+ Cookies with a lifetime below the limit are not modified.
+ The lifetime of session cookies is set to the specified
+ limit.
+ </p>
+ <p>
+ The effect of this action depends on the server.
+ </p>
+ <p>
+ In case of servers which refresh their cookies with each
+ response (or at least frequently), the lifetime limit set
+ by this action is updated as well. Thus, a session
+ associated with the cookie continues to work with this
+ action enabled, as long as a new request is made before the
+ last limit set is reached.
+ </p>
+ <p>
+ However, some servers send their cookies once, with a
+ lifetime of several years (the year 2037 is a popular
+ choice), and do not refresh them until a certain event in
+ the future, for example the user logging out. In this case
+ this action may limit the absolute lifetime of the session,
+ even if requests are made frequently.
+ </p>
+ <p>
+ If the parameter is <span class="QUOTE">"0"</span>, this
+ action behaves like <tt class="LITERAL"><a href=
+ "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a></tt>.
+ </p>
+ </dd>
+ <dt>
+ Example usages:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++limit-cookie-lifetime{60}
+
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="PREVENT-COMPRESSION">8.5.29. prevent-compression</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Ensure that servers send the content uncompressed, so it
+ can be passed through <tt class="LITERAL"><a href=
+ "actions-file.html#FILTER">filter</a></tt>s.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Removes the Accept-Encoding header which can be used to ask
+ for compressed transfer.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Boolean.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ N/A
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ More and more websites send their content compressed by
+ default, which is generally a good idea and saves
+ bandwidth. But the <tt class="LITERAL"><a href=
+ "actions-file.html#FILTER">filter</a></tt> and <tt class=
+ "LITERAL"><a href=
+ "actions-file.html#DEANIMATE-GIFS">deanimate-gifs</a></tt>
+ actions need access to the uncompressed data.
+ </p>
+ <p>
+ When compiled with zlib support (available since <span
+ class="APPLICATION">Privoxy</span> 3.0.7), content that
+ should be filtered is decompressed on-the-fly and you don't
+ have to worry about this action. If you are using an older
+ <span class="APPLICATION">Privoxy</span> version, or one
+ that hasn't been compiled with zlib support, this action
+ can be used to convince the server to send the content
+ uncompressed.
+ </p>
+ <p>
+ Most text-based instances compress very well, the size is
+ seldom decreased by less than 50%, for markup-heavy
+ instances like news feeds saving more than 90% of the
+ original size isn't unusual.
+ </p>
+ <p>
+ Not using compression will therefore slow down the
+ transfer, and you should only enable this action if you
+ really need it. As of <span class=
+ "APPLICATION">Privoxy</span> 3.0.7 it's disabled in all
+ predefined action settings.
+ </p>
+ <p>
+ Note that some (rare) ill-configured sites don't handle
+ requests for uncompressed documents correctly. Broken PHP
+ applications tend to send an empty document body, some IIS
+ versions only send the beginning of the content. If you
+ enable <tt class="LITERAL">prevent-compression</tt> per
+ default, you might want to add exceptions for those sites.
+ See the example for how to do that.
+ </p>
+ </dd>
+ <dt>
+ Example usage (sections):
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Selectively turn off compression, and enable a filter
+#
+{ +filter{tiny-textforms} +prevent-compression }
+# Match only these sites
+ .google.
+ sourceforge.net
+ sf.net
+
+# Or instead, we could set a universal default:
+#
+{ +prevent-compression }
+ / # Match all sites
+
+# Then maybe make exceptions for broken sites:
+#
+{ -prevent-compression }
+.compusa.com/
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="OVERWRITE-LAST-MODIFIED">8.5.30.
+ overwrite-last-modified</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Prevent yet another way to track the user's steps between
+ sessions.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Deletes the <span class="QUOTE">"Last-Modified:"</span>
+ HTTP server header or modifies its value.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ One of the keywords: <span class="QUOTE">"block"</span>,
+ <span class="QUOTE">"reset-to-request-time"</span> and
+ <span class="QUOTE">"randomize"</span>
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ Removing the <span class="QUOTE">"Last-Modified:"</span>
+ header is useful for filter testing, where you want to
+ force a real reload instead of getting status code <span
+ class="QUOTE">"304"</span>, which would cause the browser
+ to reuse the old version of the page.
+ </p>
+ <p>
+ The <span class="QUOTE">"randomize"</span> option
+ overwrites the value of the <span class=
+ "QUOTE">"Last-Modified:"</span> header with a randomly
+ chosen time between the original value and the current
+ time. In theory the server could send each document with a
+ different <span class="QUOTE">"Last-Modified:"</span>
+ header to track visits without using cookies. <span class=
+ "QUOTE">"Randomize"</span> makes it impossible and the
+ browser can still revalidate cached documents.
+ </p>
+ <p>
+ <span class="QUOTE">"reset-to-request-time"</span>
+ overwrites the value of the <span class=
+ "QUOTE">"Last-Modified:"</span> header with the current
+ time. You could use this option together with <tt class=
+ "LITERAL"><a href=
+ "actions-file.html#HIDE-IF-MODIFIED-SINCE">hide-if-modified-since</a></tt>
+ to further customize your random range.
+ </p>
+ <p>
+ The preferred parameter here is <span class=
+ "QUOTE">"randomize"</span>. It is safe to use, as long as
+ the time settings are more or less correct. If the server
+ sets the <span class="QUOTE">"Last-Modified:"</span> header
+ to the time of the request, the random range becomes zero
+ and the value stays the same. Therefore you should later
+ randomize it a second time with <tt class="LITERAL"><a
+ href=
+ "actions-file.html#HIDE-IF-MODIFIED-SINCE">hided-if-modified-since</a></tt>,
+ just to be sure.
+ </p>
+ <p>
+ It is also recommended to use this action together with <tt
+ class="LITERAL"><a href=
+ "actions-file.html#CRUNCH-IF-NONE-MATCH">crunch-if-none-match</a></tt>.
+ </p>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Let the browser revalidate without being tracked across sessions
+{ +hide-if-modified-since{-60} \
+ +overwrite-last-modified{randomize} \
+ +crunch-if-none-match}
+/
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="REDIRECT">8.5.31. redirect</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Redirect requests to other sites.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Convinces the browser that the requested document has been
+ moved to another location and the browser should get it
+ from there.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ An absolute URL or a single pcrs command.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ Requests to which this action applies are answered with a
+ HTTP redirect to URLs of your choosing. The new URL is
+ either provided as parameter, or derived by applying a
+ single pcrs command to the original URL.
+ </p>
+ <p>
+ The syntax for pcrs commands is documented in the <a href=
+ "filter-file.html">filter file</a> section.
+ </p>
+ <p>
+ Requests can't be blocked and redirected at the same time,
+ applying this action together with <tt class="LITERAL"><a
+ href="actions-file.html#BLOCK">block</a></tt> is a
+ configuration error. Currently the request is blocked and
+ an error message logged, the behavior may change in the
+ future and result in Privoxy rejecting the action file.
+ </p>
+ <p>
+ This action can be combined with <tt class="LITERAL"><a
+ href=
+ "actions-file.html#FAST-REDIRECTS">fast-redirects{check-decoded-url}</a></tt>
+ to redirect to a decoded version of a rewritten URL.
+ </p>
+ <p>
+ Use this action carefully, make sure not to create
+ redirection loops and be aware that using your own
+ redirects might make it possible to fingerprint your
+ requests.
+ </p>
+ <p>
+ In case of problems with your redirects, or simply to watch
+ them working, enable <a href="config.html#DEBUG">debug
+ 128</a>.
+ </p>
+ </dd>
+ <dt>
+ Example usages:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Replace example.com's style sheet with another one
+{ +redirect{http://localhost/css-replacements/example.com.css} }
+ example.com/stylesheet\.css
+
+# Create a short, easy to remember nickname for a favorite site
+# (relies on the browser to accept and forward invalid URLs to <span class=
+"APPLICATION">Privoxy</span>)
+{ +redirect{https://www.privoxy.org/user-manual/actions-file.html} }
+ a
+
+# Always use the expanded view for Undeadly.org articles
+# (Note the $ at the end of the URL pattern to make sure
+# the request for the rewritten URL isn't redirected as well)
+{+redirect{s@$@&mode=expanded@}}
+undeadly.org/cgi\?action=article&sid=\d*$
+
+# Redirect Google search requests to MSN
+{+redirect{s@^http://[^/]*/search\?q=([^&]*).*@http://search.msn.com/results.aspx?q=$1@}}
+.google.com/search
+
+# Redirect MSN search requests to Yahoo
+{+redirect{s@^http://[^/]*/results\.aspx\?q=([^&]*).*@http://search.yahoo.com/search?p=$1@}}
+search.msn.com//results\.aspx\?q=
+
+# Redirect http://example.com/&bla=fasel&toChange=foo (and any other value but "bar")
+# to http://example.com/&bla=fasel&toChange=bar
+#
+# The URL pattern makes sure that the following request isn't redirected again.
+{+redirect{s@toChange=[^&]+@toChange=bar@}}
+example.com/.*toChange=(?!bar)
+
+# Add a shortcut to look up illumos bugs
+{+redirect{s@^http://i([0-9]+)/.*@https://www.illumos.org/issues/$1@}}
+# Redirected URL = http://i4974/
+# Redirect Destination = https://www.illumos.org/issues/4974
+i[0-9][0-9][0-9][0-9]*/
+
+# Redirect remote requests for this manual
+# to the local version delivered by Privoxy
+{+redirect{s@^http://www@http://config@}}
+www.privoxy.org/user-manual/
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="SERVER-HEADER-FILTER">8.5.32. server-header-filter</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Rewrite or remove single server headers.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ All server headers to which this action applies are
+ filtered on-the-fly through the specified regular
+ expression based substitutions.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Multi-value.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ The name of a server-header filter, as defined in one of
+ the <a href="filter-file.html">filter files</a>.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ Server-header filters are applied to each header on its
+ own, not to all at once. This makes it easier to diagnose
+ problems, but on the downside you can't write filters that
+ only change header x if header y's value is z. You can do
+ that by using tags though.
+ </p>
+ <p>
+ Server-header filters are executed after the other header
+ actions have finished and use their output as input.
+ </p>
+ <p>
+ Please refer to the <a href="filter-file.html">filter file
+ chapter</a> to learn which server-header filters are
+ available by default, and how to create your own.
+ </p>
+ </dd>
+ <dt>
+ Example usage (section):
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+{+server-header-filter{html-to-xml}}
+example.org/xml-instance-that-is-delivered-as-html
+
+{+server-header-filter{xml-to-html}}
+example.org/instance-that-is-delivered-as-xml-but-is-not
+
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="SERVER-HEADER-TAGGER">8.5.33. server-header-tagger</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Enable or disable filters based on the Content-Type header.
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Server headers to which this action applies are filtered
+ on-the-fly through the specified regular expression based
+ substitutions, the result is used as tag.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Multi-value.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ The name of a server-header tagger, as defined in one of
+ the <a href="filter-file.html">filter files</a>.
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ Server-header taggers are applied to each header on its
+ own, and as the header isn't modified, each tagger <span
+ class="QUOTE">"sees"</span> the original.
+ </p>
+ <p>
+ Server-header taggers are executed before all other header
+ actions that modify server headers. Their tags can be used
+ to control all of the other server-header actions, the
+ content filters and the crunch actions (<a href=
+ "actions-file.html#REDIRECT">redirect</a> and <a href=
+ "actions-file.html#BLOCK">block</a>).
+ </p>
+ <p>
+ Obviously crunching based on tags created by server-header
+ taggers doesn't prevent the request from showing up in the
+ server's log file.
+ </p>
+ </dd>
+ <dt>
+ Example usage (section):
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Tag every request with the content type declared by the server
+{+server-header-tagger{content-type}}
+/
+
+# If the response has a tag starting with 'image/' enable an external
+# filter that only applies to images.
+#
+# Note that the filter is not available by default, it's just a
+# <tt class="LITERAL"><a href=
+"filter-file.html#EXTERNAL-FILTER-SYNTAX">silly example</a></tt>.
+{+external-filter{rotate-image} +force-text-mode}
+TAG:^image/
+
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="SESSION-COOKIES-ONLY">8.5.34. session-cookies-only</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Allow only temporary <span class="QUOTE">"session"</span>
+ cookies (for the current browser session <span class=
+ "emphasis"><i class="EMPHASIS">only</i></span>).
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ Deletes the <span class="QUOTE">"expires"</span> field from
+ <span class="QUOTE">"Set-Cookie:"</span> server headers.
+ Most browsers will not store such cookies permanently and
+ forget them in between sessions.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Boolean.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <p>
+ N/A
+ </p>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ This is less strict than <tt class="LITERAL"><a href=
+ "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a></tt>
+ / <tt class="LITERAL"><a href=
+ "actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a></tt>
+ and allows you to browse websites that insist or rely on
+ setting cookies, without compromising your privacy too
+ badly.
+ </p>
+ <p>
+ Most browsers will not permanently store cookies that have
+ been processed by <tt class=
+ "LITERAL">session-cookies-only</tt> and will forget about
+ them between sessions. This makes profiling cookies
+ useless, but won't break sites which require cookies so
+ that you can log in for transactions. This is generally
+ turned on for all sites, and is the recommended setting.
+ </p>
+ <p>
+ It makes <span class="emphasis"><i class="EMPHASIS">no
+ sense at all</i></span> to use <tt class=
+ "LITERAL">session-cookies-only</tt> together with <tt
+ class="LITERAL"><a href=
+ "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a></tt>
+ or <tt class="LITERAL"><a href=
+ "actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a></tt>.
+ If you do, cookies will be plainly killed.
+ </p>
+ <p>
+ Note that it is up to the browser how it handles such
+ cookies without an <span class="QUOTE">"expires"</span>
+ field. If you use an exotic browser, you might want to try
+ it out to be sure.
+ </p>
+ <p>
+ This setting also has no effect on cookies that may have
+ been stored previously by the browser before starting <span
+ class="APPLICATION">Privoxy</span>. These would have to be
+ removed manually.
+ </p>
+ <p>
+ <span class="APPLICATION">Privoxy</span> also uses the <a
+ href=
+ "actions-file.html#FILTER-CONTENT-COOKIES">content-cookies
+ filter</a> to block some types of cookies. Content cookies
+ are not effected by <tt class=
+ "LITERAL">session-cookies-only</tt>.
+ </p>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++session-cookies-only
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h4 class="SECT3">
+ <a name="SET-IMAGE-BLOCKER">8.5.35. set-image-blocker</a>
+ </h4>
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>
+ Typical use:
+ </dt>
+ <dd>
+ <p>
+ Choose the replacement for blocked images
+ </p>
+ </dd>
+ <dt>
+ Effect:
+ </dt>
+ <dd>
+ <p>
+ This action alone doesn't do anything noticeable. If <span
+ class="emphasis"><i class="EMPHASIS">both</i></span> <tt
+ class="LITERAL"><a href=
+ "actions-file.html#BLOCK">block</a></tt> <span class=
+ "emphasis"><i class="EMPHASIS">and</i></span> <tt class=
+ "LITERAL"><a href=
+ "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt>
+ <span class="emphasis"><i class="EMPHASIS">also</i></span>
+ apply, i.e. if the request is to be blocked as an image,
+ <span class="emphasis"><i class="EMPHASIS">then</i></span>
+ the parameter of this action decides what will be sent as a
+ replacement.
+ </p>
+ </dd>
+ <dt>
+ Type:
+ </dt>
+ <dd>
+ <p>
+ Parameterized.
+ </p>
+ </dd>
+ <dt>
+ Parameter:
+ </dt>
+ <dd>
+ <ul>
+ <li>
+ <p>
+ <span class="QUOTE">"pattern"</span> to send a built-in
+ checkerboard pattern image. The image is visually
+ decent, scales very well, and makes it obvious where
+ banners were busted.
+ </p>
+ </li>
+ <li>
+ <p>
+ <span class="QUOTE">"blank"</span> to send a built-in
+ transparent image. This makes banners disappear
+ completely, but makes it hard to detect where <span
+ class="APPLICATION">Privoxy</span> has blocked images
+ on a given page and complicates troubleshooting if
+ <span class="APPLICATION">Privoxy</span> has blocked
+ innocent images, like navigation icons.
+ </p>
+ </li>
+ <li>
+ <p>
+ <span class="QUOTE">"<tt class=
+ "REPLACEABLE"><i>target-url</i></tt>"</span> to send a
+ redirect to <tt class=
+ "REPLACEABLE"><i>target-url</i></tt>. You can redirect
+ to any image anywhere, even in your local filesystem
+ via <span class="QUOTE">"file:///"</span> URL. (But
+ note that not all browsers support redirecting to a
+ local file system).
+ </p>
+ <p>
+ A good application of redirects is to use special <span
+ class="APPLICATION">Privoxy</span>-built-in URLs, which
+ send the built-in images, as <tt class=
+ "REPLACEABLE"><i>target-url</i></tt>. This has the same
+ visual effect as specifying <span class=
+ "QUOTE">"blank"</span> or <span class=
+ "QUOTE">"pattern"</span> in the first place, but
+ enables your browser to cache the replacement image,
+ instead of requesting it over and over again.
+ </p>
+ </li>
+ </ul>
+ </dd>
+ <dt>
+ Notes:
+ </dt>
+ <dd>
+ <p>
+ The URLs for the built-in images are <span class=
+ "QUOTE">"http://config.privoxy.org/send-banner?type=<tt
+ class="REPLACEABLE"><i>type</i></tt>"</span>, where <tt
+ class="REPLACEABLE"><i>type</i></tt> is either <span class=
+ "QUOTE">"blank"</span> or <span class=
+ "QUOTE">"pattern"</span>.
+ </p>
+ <p>
+ There is a third (advanced) type, called <span class=
+ "QUOTE">"auto"</span>. It is <span class="emphasis"><i
+ class="EMPHASIS">NOT</i></span> to be used in <tt class=
+ "LITERAL">set-image-blocker</tt>, but meant for use from <a
+ href="filter-file.html">filters</a>. Auto will select the
+ type of image that would have applied to the referring
+ page, had it been an image.
+ </p>
+ </dd>
+ <dt>
+ Example usage:
+ </dt>
+ <dd>
+ <p>
+ Built-in pattern:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++set-image-blocker{pattern}
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ Redirect to the BSD daemon:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++set-image-blocker{http://www.freebsd.org/gifs/dae_up3.gif}
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ Redirect to the built-in pattern for better caching:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+<pre class="SCREEN">
++set-image-blocker{http://config.privoxy.org/send-banner?type=pattern}
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+ <div class="SECT3">
+ <h3 class="SECT3">
+ <a name="SUMMARY">8.5.36. Summary</a>
+ </h3>
+ <p>
+ Note that many of these actions have the potential to cause a
+ page to misbehave, possibly even not to display at all. There are
+ many ways a site designer may choose to design his site, and what
+ HTTP header content, and other criteria, he may depend on. There
+ is no way to have hard and fast rules for all sites. See the <a
+ href="appendix.html#ACTIONSANAT">Appendix</a> for a brief example
+ on troubleshooting actions.
+ </p>
+ </div>
+ </div>
+ <div class="SECT2">
+ <h2 class="SECT2">
+ <a name="ALIASES">8.6. Aliases</a>
+ </h2>
+ <p>
+ Custom <span class="QUOTE">"actions"</span>, known to <span class=
+ "APPLICATION">Privoxy</span> as <span class=
+ "QUOTE">"aliases"</span>, can be defined by combining other
+ actions. These can in turn be invoked just like the built-in
+ actions. Currently, an alias name can contain any character except
+ space, tab, <span class="QUOTE">"="</span>, <span class=
+ "QUOTE">"{"</span> and <span class="QUOTE">"}"</span>, but we <span
+ class="emphasis"><i class="EMPHASIS">strongly recommend</i></span>
+ that you only use <span class="QUOTE">"a"</span> to <span class=
+ "QUOTE">"z"</span>, <span class="QUOTE">"0"</span> to <span class=
+ "QUOTE">"9"</span>, <span class="QUOTE">"+"</span>, and <span
+ class="QUOTE">"-"</span>. Alias names are not case sensitive, and
+ are not required to start with a <span class="QUOTE">"+"</span> or
+ <span class="QUOTE">"-"</span> sign, since they are merely
+ textually expanded.
+ </p>
+ <p>
+ Aliases can be used throughout the actions file, but they <span
+ class="emphasis"><i class="EMPHASIS">must be defined in a special
+ section at the top of the file!</i></span> And there can only be
+ one such section per actions file. Each actions file may have its
+ own alias section, and the aliases defined in it are only visible
+ within that file.
+ </p>
+ <p>
+ There are two main reasons to use aliases: One is to save typing
+ for frequently used combinations of actions, the other one is a
+ gain in flexibility: If you decide once how you want to handle
+ shops by defining an alias called <span class=
+ "QUOTE">"shop"</span>, you can later change your policy on shops in
+ <span class="emphasis"><i class="EMPHASIS">one</i></span> place,
+ and your changes will take effect everywhere in the actions file
+ where the <span class="QUOTE">"shop"</span> alias is used. Calling
+ aliases by their purpose also makes your actions files more
+ readable.
+ </p>
+ <p>
+ Currently, there is one big drawback to using aliases, though:
+ <span class="APPLICATION">Privoxy</span>'s built-in web-based
+ action file editor honors aliases when reading the actions files,
+ but it expands them before writing. So the effects of your aliases
+ are of course preserved, but the aliases themselves are lost when
+ you edit sections that use aliases with it.
+ </p>
+ <p>
+ Now let's define some aliases...
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+ # Useful custom aliases we can use later.
+ #
+ # Note the (required!) section header line and that this section
+ # must be at the top of the actions file!
+ #
+ {{alias}}
+
+ # These aliases just save typing later:
+ # (Note that some already use other aliases!)
+ #
+ +crunch-all-cookies = +<a href=
+"actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a> +<a
+href="actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a>
+ -crunch-all-cookies = -<a href=
+"actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a> -<a
+href="actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a>
+ +block-as-image = +block{Blocked image.} +handle-as-image
+ allow-all-cookies = -crunch-all-cookies -<a href=
+"actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a> -<a href=
+"actions-file.html#FILTER-CONTENT-COOKIES">filter{content-cookies}</a>
+
+ # These aliases define combinations of actions
+ # that are useful for certain types of sites:
+ #
+ fragile = -<a href="actions-file.html#BLOCK">block</a> -<a href=
+"actions-file.html#FILTER">filter</a> -crunch-all-cookies -<a href=
+"actions-file.html#FAST-REDIRECTS">fast-redirects</a> -<a href=
+"actions-file.html#HIDE-REFERER">hide-referrer</a> -<a href=
+"actions-file.html#PREVENT-COMPRESSION">prevent-compression</a>
+
+ shop = -crunch-all-cookies -<a href=
+"actions-file.html#FILTER-ALL-POPUPS">filter{all-popups}</a>
+
+ # Short names for other aliases, for really lazy people ;-)
+ #
+ c0 = +crunch-all-cookies
+ c1 = -crunch-all-cookies
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ ...and put them to use. These sections would appear in the lower
+ part of an actions file and define exceptions to the default
+ actions (as specified further up for the <span class=
+ "QUOTE">"/"</span> pattern):
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+ # These sites are either very complex or very keen on
+ # user data and require minimal interference to work:
+ #
+ {fragile}
+ .office.microsoft.com
+ .windowsupdate.microsoft.com
+ # Gmail is really mail.google.com, not gmail.com
+ mail.google.com
+
+ # Shopping sites:
+ # Allow cookies (for setting and retrieving your customer data)
+ #
+ {shop}
+ .quietpc.com
+ .worldpay.com # for quietpc.com
+ mybank.example.com
+
+ # These shops require pop-ups:
+ #
+ {-filter{all-popups} -filter{unsolicited-popups}}
+ .dabs.com
+ .overclockers.co.uk
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ Aliases like <span class="QUOTE">"shop"</span> and <span class=
+ "QUOTE">"fragile"</span> are typically used for <span class=
+ "QUOTE">"problem"</span> sites that require more than one action to
+ be disabled in order to function properly.
+ </p>
+ </div>
+ <div class="SECT2">
+ <h2 class="SECT2">
+ <a name="ACT-EXAMPLES">8.7. Actions Files Tutorial</a>
+ </h2>
+ <p>
+ The above chapters have shown <a href="actions-file.html">which
+ actions files there are and how they are organized</a>, how actions
+ are <a href="actions-file.html#ACTIONS">specified</a> and <a href=
+ "actions-file.html#ACTIONS-APPLY">applied to URLs</a>, how <a href=
+ "actions-file.html#AF-PATTERNS">patterns</a> work, and how to
+ define and use <a href="actions-file.html#ALIASES">aliases</a>.
+ Now, let's look at an example <tt class=
+ "FILENAME">match-all.action</tt>, <tt class=
+ "FILENAME">default.action</tt> and <tt class=
+ "FILENAME">user.action</tt> file and see how all these pieces come
+ together:
+ </p>
+ <div class="SECT3">
+ <h3 class="SECT3">
+ <a name="MATCH-ALL">8.7.1. match-all.action</a>
+ </h3>
+ <p>
+ Remember <span class="emphasis"><i class="EMPHASIS">all actions
+ are disabled when matching starts</i></span>, so we have to
+ explicitly enable the ones we want.
+ </p>
+ <p>
+ While the <tt class="FILENAME">match-all.action</tt> file only
+ contains a single section, it is probably the most important one.
+ It has only one pattern, <span class="QUOTE">"<tt class=
+ "LITERAL">/</tt>"</span>, but this pattern <a href=
+ "actions-file.html#AF-PATTERNS">matches all URLs</a>. Therefore,
+ the set of actions used in this <span class=
+ "QUOTE">"default"</span> section <span class="emphasis"><i class=
+ "EMPHASIS">will be applied to all requests as a start</i></span>.
+ It can be partly or wholly overridden by other actions files like
+ <tt class="FILENAME">default.action</tt> and <tt class=
+ "FILENAME">user.action</tt>, but it will still be largely
+ responsible for your overall browsing experience.
+ </p>
+ <p>
+ Again, at the start of matching, all actions are disabled, so
+ there is no need to disable any actions here. (Remember: a <span
+ class="QUOTE">"+"</span> preceding the action name enables the
+ action, a <span class="QUOTE">"-"</span> disables!). Also note
+ how this long line has been made more readable by splitting it
+ into multiple lines with line continuation.
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+{ \
+ +<a href=
+"actions-file.html#CHANGE-X-FORWARDED-FOR">change-x-forwarded-for{block}</a> \
+ +<a href="actions-file.html#HIDE-FROM-HEADER">hide-from-header{block}</a> \
+ +<a href=
+"actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker{pattern}</a> \
+}
+/ # Match all URLs
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ The default behavior is now set.
+ </p>
+ </div>
+ <div class="SECT3">
+ <h3 class="SECT3">
+ <a name="DEFAULT-ACTION">8.7.2. default.action</a>
+ </h3>
+ <p>
+ If you aren't a developer, there's no need for you to edit the
+ <tt class="FILENAME">default.action</tt> file. It is maintained
+ by the <span class="APPLICATION">Privoxy</span> developers and if
+ you disagree with some of the sections, you should overrule them
+ in your <tt class="FILENAME">user.action</tt>.
+ </p>
+ <p>
+ Understanding the <tt class="FILENAME">default.action</tt> file
+ can help you with your <tt class="FILENAME">user.action</tt>,
+ though.
+ </p>
+ <p>
+ The first section in this file is a special section for internal
+ use that prevents older <span class="APPLICATION">Privoxy</span>
+ versions from reading the file:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+##########################################################################
+# Settings -- Don't change! For internal Privoxy use ONLY.
+##########################################################################
+{{settings}}
+for-privoxy-version=3.0.11
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ After that comes the (optional) alias section. We'll use the
+ example section from the above <a href=
+ "actions-file.html#ALIASES">chapter on aliases</a>, that also
+ explains why and how aliases are used:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+##########################################################################
+# Aliases
+##########################################################################
+{{alias}}
+
+ # These aliases just save typing later:
+ # (Note that some already use other aliases!)
+ #
+ +crunch-all-cookies = +<a href=
+"actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a> +<a
+href="actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a>
+ -crunch-all-cookies = -<a href=
+"actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a> -<a
+href="actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a>
+ +block-as-image = +block{Blocked image.} +handle-as-image
+ mercy-for-cookies = -crunch-all-cookies -<a href=
+"actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a> -<a href=
+"actions-file.html#FILTER-CONTENT-COOKIES">filter{content-cookies}</a>
+
+ # These aliases define combinations of actions
+ # that are useful for certain types of sites:
+ #
+ fragile = -<a href="actions-file.html#BLOCK">block</a> -<a href=
+"actions-file.html#FILTER">filter</a> -crunch-all-cookies -<a href=
+"actions-file.html#FAST-REDIRECTS">fast-redirects</a> -<a href=
+"actions-file.html#HIDE-REFERER">hide-referrer</a>
+ shop = -crunch-all-cookies -<a href=
+"actions-file.html#FILTER-ALL-POPUPS">filter{all-popups}</a>
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ The first of our specialized sections is concerned with <span
+ class="QUOTE">"fragile"</span> sites, i.e. sites that require
+ minimum interference, because they are either very complex or
+ very keen on tracking you (and have mechanisms in place that make
+ them unusable for people who avoid being tracked). We will simply
+ use our pre-defined <tt class="LITERAL">fragile</tt> alias
+ instead of stating the list of actions explicitly:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+##########################################################################
+# Exceptions for sites that'll break under the default action set:
+##########################################################################
+
+# "Fragile" Use a minimum set of actions for these sites (see alias above):
+#
+{ fragile }
+.office.microsoft.com # surprise, surprise!
+.windowsupdate.microsoft.com
+mail.google.com
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ Shopping sites are not as fragile, but they typically require
+ cookies to log in, and pop-up windows for shopping carts or item
+ details. Again, we'll use a pre-defined alias:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Shopping sites:
+#
+{ shop }
+.quietpc.com
+.worldpay.com # for quietpc.com
+.jungle.com
+.scan.co.uk
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ The <tt class="LITERAL"><a href=
+ "actions-file.html#FAST-REDIRECTS">fast-redirects</a></tt>
+ action, which may have been enabled in <tt class=
+ "FILENAME">match-all.action</tt>, breaks some sites. So disable
+ it for popular sites where we know it misbehaves:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+{ -<a href="actions-file.html#FAST-REDIRECTS">fast-redirects</a> }
+login.yahoo.com
+edit.*.yahoo.com
+.google.com
+.altavista.com/.*(like|url|link):http
+.altavista.com/trans.*urltext=http
+.nytimes.com
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ It is important that <span class="APPLICATION">Privoxy</span>
+ knows which URLs belong to images, so that <span class=
+ "emphasis"><i class="EMPHASIS">if</i></span> they are to be
+ blocked, a substitute image can be sent, rather than an HTML
+ page. Contacting the remote site to find out is not an option,
+ since it would destroy the loading time advantage of banner
+ blocking, and it would feed the advertisers information about
+ you. We can mark any URL as an image with the <tt class=
+ "LITERAL"><a href=
+ "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt>
+ action, and marking all URLs that end in a known image file
+ extension is a good start:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+##########################################################################
+# Images:
+##########################################################################
+
+# Define which file types will be treated as images, in case they get
+# blocked further down this file:
+#
+{ +<a href="actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a> }
+/.*\.(gif|jpe?g|png|bmp|ico)$
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ And then there are known banner sources. They often use scripts
+ to generate the banners, so it won't be visible from the URL that
+ the request is for an image. Hence we block them <span class=
+ "emphasis"><i class="EMPHASIS">and</i></span> mark them as images
+ in one go, with the help of our <tt class=
+ "LITERAL">+block-as-image</tt> alias defined above. (We could of
+ course just as well use <tt class="LITERAL">+<a href=
+ "actions-file.html#BLOCK">block</a> +<a href=
+ "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt>
+ here.) Remember that the type of the replacement image is chosen
+ by the <tt class="LITERAL"><a href=
+ "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a></tt>
+ action. Since all URLs have matched the default section with its
+ <tt class="LITERAL">+<a href=
+ "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a>{pattern}</tt>
+ action before, it still applies and needn't be repeated:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Known ad generators:
+#
+{ +block-as-image }
+ar.atwola.com
+.ad.doubleclick.net
+.ad.*.doubleclick.net
+.a.yimg.com/(?:(?!/i/).)*$
+.a[0-9].yimg.com/(?:(?!/i/).)*$
+bs*.gsanet.com
+.qkimg.net
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ One of the most important jobs of <span class=
+ "APPLICATION">Privoxy</span> is to block banners. Many of these
+ can be <span class="QUOTE">"blocked"</span> by the <tt class=
+ "LITERAL"><a href=
+ "actions-file.html#FILTER">filter</a>{banners-by-size}</tt>
+ action, which we enabled above, and which deletes the references
+ to banner images from the pages while they are loaded, so the
+ browser doesn't request them anymore, and hence they don't need
+ to be blocked here. But this naturally doesn't catch all banners,
+ and some people choose not to use filters, so we need a
+ comprehensive list of patterns for banner URLs here, and apply
+ the <tt class="LITERAL"><a href=
+ "actions-file.html#BLOCK">block</a></tt> action to them.
+ </p>
+ <p>
+ First comes many generic patterns, which do most of the work, by
+ matching typical domain and path name components of banners. Then
+ comes a list of individual patterns for specific sites, which is
+ omitted here to keep the example short:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+##########################################################################
+# Block these fine banners:
+##########################################################################
+{ <a href="actions-file.html#BLOCK">+block{Banner ads.}</a> }
+
+# Generic patterns:
+#
+ad*.
+.*ads.
+banner?.
+count*.
+/.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?)
+/(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/
+
+# Site-specific patterns (abbreviated):
+#
+.hitbox.com
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ It's quite remarkable how many advertisers actually call their
+ banner servers ads.<tt class=
+ "REPLACEABLE"><i>company</i></tt>.com, or call the directory in
+ which the banners are stored simply <span class=
+ "QUOTE">"banners"</span>. So the above generic patterns are
+ surprisingly effective.
+ </p>
+ <p>
+ But being very generic, they necessarily also catch URLs that we
+ don't want to block. The pattern <tt class="LITERAL">.*ads.</tt>
+ e.g. catches <span class="QUOTE">"nasty-<span class="emphasis"><i
+ class="EMPHASIS">ads</i></span>.nasty-corp.com"</span> as
+ intended, but also <span class="QUOTE">"downlo<span class=
+ "emphasis"><i class=
+ "EMPHASIS">ads</i></span>.sourcefroge.net"</span> or <span class=
+ "QUOTE">"<span class="emphasis"><i class=
+ "EMPHASIS">ads</i></span>l.some-provider.net."</span> So here
+ come some well-known exceptions to the <tt class="LITERAL">+<a
+ href="actions-file.html#BLOCK">block</a></tt> section above.
+ </p>
+ <p>
+ Note that these are exceptions to exceptions from the default!
+ Consider the URL <span class=
+ "QUOTE">"downloads.sourcefroge.net"</span>: Initially, all
+ actions are deactivated, so it wouldn't get blocked. Then comes
+ the defaults section, which matches the URL, but just deactivates
+ the <tt class="LITERAL"><a href=
+ "actions-file.html#BLOCK">block</a></tt> action once again. Then
+ it matches <tt class="LITERAL">.*ads.</tt>, an exception to the
+ general non-blocking policy, and suddenly <tt class="LITERAL"><a
+ href="actions-file.html#BLOCK">+block</a></tt> applies. And now,
+ it'll match <tt class="LITERAL">.*loads.</tt>, where <tt class=
+ "LITERAL"><a href="actions-file.html#BLOCK">-block</a></tt>
+ applies, so (unless it matches <span class="emphasis"><i class=
+ "EMPHASIS">again</i></span> further down) it ends up with no <tt
+ class="LITERAL"><a href="actions-file.html#BLOCK">block</a></tt>
+ action applying.
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+##########################################################################
+# Save some innocent victims of the above generic block patterns:
+##########################################################################
+
+# By domain:
+#
+{ -<a href="actions-file.html#BLOCK">block</a> }
+adv[io]*. # (for advogato.org and advice.*)
+adsl. # (has nothing to do with ads)
+adobe. # (has nothing to do with ads either)
+ad[ud]*. # (adult.* and add.*)
+.edu # (universities don't host banners (yet!))
+.*loads. # (downloads, uploads etc)
+
+# By path:
+#
+/.*loads/
+
+# Site-specific:
+#
+www.globalintersec.com/adv # (adv = advanced)
+www.ugu.com/sui/ugu/adv
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ Filtering source code can have nasty side effects, so make an
+ exception for our friends at sourceforge.net, and all paths with
+ <span class="QUOTE">"cvs"</span> in them. Note that <tt class=
+ "LITERAL">-<a href="actions-file.html#FILTER">filter</a></tt>
+ disables <span class="emphasis"><i class=
+ "EMPHASIS">all</i></span> filters in one fell swoop!
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Don't filter code!
+#
+{ -<a href="actions-file.html#FILTER">filter</a> }
+/(.*/)?cvs
+bugzilla.
+developer.
+wiki.
+.sourceforge.net
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ The actual <tt class="FILENAME">default.action</tt> is of course
+ much more comprehensive, but we hope this example made clear how
+ it works.
+ </p>
+ </div>
+ <div class="SECT3">
+ <h3 class="SECT3">
+ <a name="USER-ACTION">8.7.3. user.action</a>
+ </h3>
+ <p>
+ So far we are painting with a broad brush by setting general
+ policies, which would be a reasonable starting point for many
+ people. Now, you might want to be more specific and have
+ customized rules that are more suitable to your personal habits
+ and preferences. These would be for narrowly defined situations
+ like your ISP or your bank, and should be placed in <tt class=
+ "FILENAME">user.action</tt>, which is parsed after all other
+ actions files and hence has the last word, over-riding any
+ previously defined actions. <tt class="FILENAME">user.action</tt>
+ is also a <span class="emphasis"><i class=
+ "EMPHASIS">safe</i></span> place for your personal settings,
+ since <tt class="FILENAME">default.action</tt> is actively
+ maintained by the <span class="APPLICATION">Privoxy</span>
+ developers and you'll probably want to install updated versions
+ from time to time.
+ </p>
+ <p>
+ So let's look at a few examples of things that one might
+ typically do in <tt class="FILENAME">user.action</tt>:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# My user.action file. <fred@example.com>
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ As <a href="actions-file.html#ALIASES">aliases</a> are local to
+ the actions file that they are defined in, you can't use the ones
+ from <tt class="FILENAME">default.action</tt>, unless you repeat
+ them here:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Aliases are local to the file they are defined in.
+# (Re-)define aliases for this file:
+#
+{{alias}}
+#
+# These aliases just save typing later, and the alias names should
+# be self explanatory.
+#
++crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
+-crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
+ allow-all-cookies = -crunch-all-cookies -session-cookies-only
+ allow-popups = -filter{all-popups}
++block-as-image = +block{Blocked as image.} +handle-as-image
+-block-as-image = -block
+
+# These aliases define combinations of actions that are useful for
+# certain types of sites:
+#
+fragile = -block -crunch-all-cookies -filter -fast-redirects -hide-referrer
+shop = -crunch-all-cookies allow-popups
+
+# Allow ads for selected useful free sites:
+#
+allow-ads = -block -filter{banners-by-size} -filter{banners-by-link}
+
+# Alias for specific file types that are text, but might have conflicting
+# MIME types. We want the browser to force these to be text documents.
+handle-as-text = -<a href="actions-file.html#FILTER">filter</a> +-<a href=
+"actions-file.html#CONTENT-TYPE-OVERWRITE">content-type-overwrite{text/plain}</a> +-<a
+ href="actions-file.html#FORCE-TEXT-MODE">force-text-mode</a> -<a href=
+"actions-file.html#HIDE-CONTENT-DISPOSITION">hide-content-disposition</a>
+</pre>
+ </td>
+ </tr>
+ </table>
+ <br>
+
+ <p>
+ Say you have accounts on some sites that you visit regularly, and
+ you don't want to have to log in manually each time. So you'd
+ like to allow persistent cookies for these sites. The <tt class=
+ "LITERAL">allow-all-cookies</tt> alias defined above does exactly
+ that, i.e. it disables crunching of cookies in any direction, and
+ the processing of cookies to make them only temporary.
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+{ allow-all-cookies }
+ sourceforge.net
+ .yahoo.com
+ .msdn.microsoft.com
+ .redhat.com
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ Your bank is allergic to some filter, but you don't know which,
+ so you disable them all:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+{ -<a href="actions-file.html#FILTER">filter</a> }
+ .your-home-banking-site.com
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ Some file types you may not want to filter for various reasons:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+# Technical documentation is likely to contain strings that might
+# erroneously get altered by the JavaScript-oriented filters:
+#
+.tldp.org
+/(.*/)?selfhtml/
+
+# And this stupid host sends streaming video with a wrong MIME type,
+# so that Privoxy thinks it is getting HTML and starts filtering:
+#
+stupid-server.example.com/
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ Example of a simple <a href="actions-file.html#BLOCK">block</a>
+ action. Say you've seen an ad on your favourite page on
+ example.com that you want to get rid of. You have right-clicked
+ the image, selected <span class="QUOTE">"copy image
+ location"</span> and pasted the URL below while removing the
+ leading http://, into a <tt class="LITERAL">{ +block{} }</tt>
+ section. Note that <tt class="LITERAL">{ +handle-as-image }</tt>
+ need not be specified, since all URLs ending in <tt class=
+ "LITERAL">.gif</tt> will be tagged as images by the general rules
+ as set in default.action anyway:
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+{ +<a href="actions-file.html#BLOCK">block</a>{Nasty ads.} }
+ www.example.com/nasty-ads/sponsor\.gif
+ another.example.net/more/junk/here/
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ The URLs of dynamically generated banners, especially from large
+ banner farms, often don't use the well-known image file name
+ extensions, which makes it impossible for <span class=
+ "APPLICATION">Privoxy</span> to guess the file type just by
+ looking at the URL. You can use the <tt class=
+ "LITERAL">+block-as-image</tt> alias defined above for these
+ cases. Note that objects which match this rule but then turn out
+ NOT to be an image are typically rendered as a <span class=
+ "QUOTE">"broken image"</span> icon by the browser. Use
+ cautiously.
+ </p>
+ <p>
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+{ +block-as-image }
+ .doubleclick.net
+ .fastclick.net
+ /Realmedia/ads/
+ ar.atwola.com/
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ Now you noticed that the default configuration breaks Forbes
+ Magazine, but you were too lazy to find out which action is the
+ culprit, and you were again too lazy to give <a href=
+ "contact.html">feedback</a>, so you just used the <tt class=
+ "LITERAL">fragile</tt> alias on the site, and -- <span class=
+ "emphasis"><i class="EMPHASIS">whoa!</i></span> -- it worked. The
+ <tt class="LITERAL">fragile</tt> aliases disables those actions
+ that are most likely to break a site. Also, good for testing
+ purposes to see if it is <span class="APPLICATION">Privoxy</span>
+ that is causing the problem or not. We later find other regular
+ sites that misbehave, and add those to our personalized list of
+ troublemakers:
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+{ fragile }
+ .forbes.com
+ webmail.example.com
+ .mybank.com
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ You like the <span class="QUOTE">"fun"</span> text replacements
+ in <tt class="FILENAME">default.filter</tt>, but it is disabled
+ in the distributed actions file. So you'd like to turn it on in
+ your private, update-safe config, once and for all:
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+{ +<a href="actions-file.html#FILTER-FUN">filter{fun}</a> }
+ / # For ALL sites!
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ Note that the above is not really a good idea: There are
+ exceptions to the filters in <tt class=
+ "FILENAME">default.action</tt> for things that really shouldn't
+ be filtered, like code on CVS->Web interfaces. Since <tt
+ class="FILENAME">user.action</tt> has the last word, these
+ exceptions won't be valid for the <span class=
+ "QUOTE">"fun"</span> filtering specified here.
+ </p>
+ <p>
+ You might also worry about how your favourite free websites are
+ funded, and find that they rely on displaying banner
+ advertisements to survive. So you might want to specifically
+ allow banners for those sites that you feel provide value to you:
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+{ allow-ads }
+ .sourceforge.net
+ .slashdot.org
+ .osdn.net
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ Note that <tt class="LITERAL">allow-ads</tt> has been aliased to
+ <tt class="LITERAL">-<a href=
+ "actions-file.html#BLOCK">block</a></tt>, <tt class="LITERAL">-<a
+ href=
+ "actions-file.html#FILTER-BANNERS-BY-SIZE">filter{banners-by-size}</a></tt>,
+ and <tt class="LITERAL">-<a href=
+ "actions-file.html#FILTER-BANNERS-BY-LINK">filter{banners-by-link}</a></tt>
+ above.
+ </p>
+ <p>
+ Invoke another alias here to force an over-ride of the MIME type
+ <tt class="LITERAL">application/x-sh</tt> which typically would
+ open a download type dialog. In my case, I want to look at the
+ shell script, and then I can save it should I choose to.
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+{ handle-as-text }
+ /.*\.sh$
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <tt class="FILENAME">user.action</tt> is generally the best place
+ to define exceptions and additions to the default policies of <tt
+ class="FILENAME">default.action</tt>. Some actions are safe to
+ have their default policies set here though. So let's set a
+ default policy to have a <span class="QUOTE">"blank"</span> image
+ as opposed to the checkerboard pattern for <span class=
+ "emphasis"><i class="EMPHASIS">ALL</i></span> sites. <span class=
+ "QUOTE">"/"</span> of course matches all URL paths and patterns:
+ </p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+<pre class="SCREEN">
+{ +<a href=
+"actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker{blank}</a> }
+/ # ALL sites
+</pre>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </div>
+ </div>
+ <div class="NAVFOOTER">
+ <hr align="LEFT" width="100%">
+ <table summary="Footer navigation table" width="100%" border="0"
+ cellpadding="0" cellspacing="0">
+ <tr>
+ <td width="33%" align="left" valign="top">
+ <a href="config.html" accesskey="P">Prev</a>
+ </td>
+ <td width="34%" align="center" valign="top">
+ <a href="index.html" accesskey="H">Home</a>
+ </td>
+ <td width="33%" align="right" valign="top">
+ <a href="filter-file.html" accesskey="N">Next</a>
+ </td>
+ </tr>
+ <tr>
+ <td width="33%" align="left" valign="top">
+ The Main Configuration File
+ </td>
+ <td width="34%" align="center" valign="top">
+
+ </td>
+ <td width="33%" align="right" valign="top">
+ Filter Files
+ </td>
+ </tr>
+ </table>
+ </div>
+ </body>
+</html>
+
projects / privoxy.git / blobdiff