NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
-TITLE="Privoxy 3.0.7 User Manual"
+TITLE="Privoxy 3.0.11 User Manual"
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="The Main Configuration File"
HREF="filter-file.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
-HREF="../p_doc.css">
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
</head
><BODY
><TH
COLSPAN="3"
ALIGN="center"
->Privoxy 3.0.7 User Manual</TH
+>Privoxy 3.0.11 User Manual</TH
></TR
><TR
><TD
> <DIV
CLASS="TABLE"
><A
-NAME="AEN2145"
+NAME="AEN2170"
></A
><P
><B
><TD
>no</TD
><TD
->no</TD
+>yes</TD
><TD
>yes</TD
></TR
><H2
CLASS="SECT2"
><A
-NAME="AEN2244"
+NAME="AEN2269"
>8.1. Finding the Right Mix</A
></H2
><P
><H2
CLASS="SECT2"
><A
-NAME="AEN2251"
+NAME="AEN2276"
>8.2. How to Edit</A
></H2
><P
>.
Note: the config file option <A
HREF="config.html#ENABLE-EDIT-ACTIONS"
->enale-edit-actions</A
+>enable-edit-actions</A
> must be enabled for
this to work. The editor allows both fine-grained control over every single
feature on a per-URL basis, and easy choosing from wholesale sets of defaults
>handle-as-image</TT
> +<TT
CLASS="LITERAL"
->block</TT
+>block{Banner ads.}</TT
> }
# Block these as if they were images. Send no block page.
banners.example.com
><P
> The pattern matching syntax is different for the domain and path parts of
the URL. The domain part uses a simple globbing type matching technique,
- while the path part uses a more flexible
+ while the path part uses more flexible
<A
HREF="http://en.wikipedia.org/wiki/Regular_expressions"
TARGET="_top"
><SPAN
CLASS="QUOTE"
>"Regular
- Expressions (PCRE)"</SPAN
+ Expressions"</SPAN
></A
-> based syntax.</P
+> (POSIX 1003.2).</P
><P
></P
><DIV
><DT
><TT
CLASS="LITERAL"
->www.example.com/index.html$</TT
+>www.example.com/index.html</TT
></DT
><DD
><P
><H3
CLASS="SECT3"
><A
-NAME="AEN2342"
+NAME="AEN2367"
>8.4.1. The Domain Pattern</A
></H3
><P
></DT
><DD
><P
-> matches any domain that <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->ENDS</I
-></SPAN
-> in
- <TT
+> matches any domain with first-level domain <TT
CLASS="LITERAL"
->.example.com</TT
+>com</TT
>
+ and second-level domain <TT
+CLASS="LITERAL"
+>example</TT
+>.
+ For example <TT
+CLASS="LITERAL"
+>www.example.com</TT
+>,
+ <TT
+CLASS="LITERAL"
+>example.com</TT
+> and <TT
+CLASS="LITERAL"
+>foo.bar.baz.example.com</TT
+>.
+ Note that it wouldn't match if the second-level domain was <TT
+CLASS="LITERAL"
+>another-example</TT
+>.
</P
></DD
><DT
<TT
CLASS="LITERAL"
>www.</TT
->
+> (It also matches the domain
+ <TT
+CLASS="LITERAL"
+>www</TT
+> but most of the time that doesn't matter.)
</P
></DD
><DT
><H3
CLASS="SECT3"
><A
-NAME="AEN2413"
+NAME="AEN2443"
>8.4.2. The Path Pattern</A
></H3
><P
> <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> uses Perl compatible (PCRE)
+> uses <SPAN
+CLASS="QUOTE"
+>"modern"</SPAN
+> POSIX 1003.2
<A
HREF="http://en.wikipedia.org/wiki/Regular_expressions"
TARGET="_top"
><SPAN
CLASS="QUOTE"
>"Regular
- Expression"</SPAN
+ Expressions"</SPAN
></A
-> based syntax
- (through the <A
-HREF="http://www.pcre.org/"
-TARGET="_top"
->PCRE</A
-> library) for
- matching the path portion (after the slash), and is thus more flexible.</P
+> for matching the path portion (after the slash),
+ and is thus more flexible.</P
><P
> There is an <A
HREF="appendix.html#REGEX"
>Appendix</A
> with a brief quick-start into regular
- expressions, and full (very technical) documentation on PCRE regex syntax is available on-line
- at <A
-HREF="http://www.pcre.org/man.txt"
-TARGET="_top"
->http://www.pcre.org/man.txt</A
->.
- You might also find the Perl man page on regular expressions (<TT
+ expressions, you also might want to have a look at your operating system's documentation
+ on regular expressions (try <TT
CLASS="LITERAL"
->man perlre</TT
->)
- useful, which is available on-line at <A
-HREF="http://perldoc.perl.org/perlre.html"
-TARGET="_top"
->http://perldoc.perl.org/perlre.html</A
->.</P
+>man re_format</TT
+>).</P
><P
> Note that the path pattern is automatically left-anchored at the <SPAN
CLASS="QUOTE"
can tell them apart from URL patterns. Everything after the colon
including white space, is interpreted as a regular expression with
path pattern syntax, except that tag patterns aren't left-anchored
- automatically (Privoxy doesn't silently add a <SPAN
+ automatically (<SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> doesn't silently add a <SPAN
CLASS="QUOTE"
>"^"</SPAN
>,
tags can be used to activate other tagger actions, as long as these other
taggers look for headers that haven't already be parsed.</P
><P
-> For example you could tag client requests which use the POST method,
- use this tag to activate another tagger that adds a tag if cookies
- are send, and then block based on the cookie tag. However if you'd
- reverse the position of the described taggers, and activated the method
- tagger based on the cookie tagger, no method tags would be created.
+> For example you could tag client requests which use the
+ <TT
+CLASS="LITERAL"
+>POST</TT
+> method,
+ then use this tag to activate another tagger that adds a tag if cookies
+ are sent, and then use a block action based on the cookie tag. This allows
+ the outcome of one action, to be input into a subsequent action. However if
+ you'd reverse the position of the described taggers, and activated the
+ method tagger based on the cookie tagger, no method tags would be created.
The method tagger would look for the request line, but at the time
- the cookie tag is created the request line has already been parsed.</P
+ the cookie tag is created, the request line has already been parsed.</P
><P
> While this is a limitation you should be aware of, this kind of
indirection is seldom needed anyway and even the example doesn't
>
Example: <TT
CLASS="LITERAL"
->+block</TT
+>+handle-as-image</TT
>
</P
></LI
>Type:</DT
><DD
><P
->Boolean.</P
+>Parameterized.</P
></DD
><DT
>Parameter:</DT
><DD
><P
->N/A</P
+>A block reason that should be given to the user.</P
></DD
><DT
>Notes:</DT
CLASS="QUOTE"
>"BLOCKED"</SPAN
> page
- for requests to blocked pages. This page contains links to find out why the request
- was blocked, and a click-through to the blocked content (the latter only if compiled with the
- force feature enabled). The <SPAN
-CLASS="QUOTE"
->"BLOCKED"</SPAN
-> page adapts to the available
- screen space -- it displays full-blown if space allows, or miniaturized and text-only
- if loaded into a small frame or window. If you are using <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- right now, you can take a look at the
- <A
-HREF="http://ads.bannerserver.example.com/nasty-ads/sponsor.html"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"BLOCKED"</SPAN
->
- page</A
->.
+ for requests to blocked pages. This page contains the block reason given as
+ parameter, a link to find out why the block action applies, and a click-through
+ to the blocked content (the latter only if the force feature is available and
+ enabled).
</P
><P
>
><TD
><PRE
CLASS="SCREEN"
->{+block}
+>{+block{No nasty stuff for you.}}
# Block and replace with "blocked" page
.nasty-stuff.example.com
-{+block +handle-as-image}
+{+block{Doubleclick banners.} +handle-as-image}
# Block and replace with image
.ad.doubleclick.net
.ads.r.us/banners/
-{+block +handle-as-empty-document}
+{+block{Layered ads.} +handle-as-empty-document}
# Block and then ignore
- adserver.exampleclick.net/.*\.js$</PRE
+ adserver.example.net/.*\.js$</PRE
></TD
></TR
></TABLE
><H4
CLASS="SECT3"
><A
+NAME="CHANGE-X-FORWARDED-FOR"
+>8.5.3. change-x-forwarded-for</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Improve privacy by not forwarding the source of the request in the HTTP headers.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+> Deletes the <SPAN
+CLASS="QUOTE"
+>"X-Forwarded-For:"</SPAN
+> HTTP header from the client request,
+ or adds a new one.
+ </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+></P
+><UL
+><LI
+><P
+><SPAN
+CLASS="QUOTE"
+>"block"</SPAN
+> to delete the header.</P
+></LI
+><LI
+><P
+> <SPAN
+CLASS="QUOTE"
+>"add"</SPAN
+> to create the header (or append
+ the client's IP address to an already existing one).
+ </P
+></LI
+></UL
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> It is safe and recommended to use <TT
+CLASS="LITERAL"
+>block</TT
+>.
+ </P
+><P
+> Forwarding the source address of the request may make
+ sense in some multi-user setups but is also a privacy risk.
+ </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+change-x-forwarded-for{block}</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
NAME="CLIENT-HEADER-FILTER"
->8.5.3. client-header-filter</A
+>8.5.4. client-header-filter</A
></H4
><P
></P
and use their output as input.
</P
><P
+> If the request URL gets changed, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will detect that and use the new
+ one. This can be used to rewrite the request destination behind the client's
+ back, for example to specify a Tor exit relay for certain requests.
+ </P
+><P
> Please refer to the <A
HREF="filter-file.html"
>filter file chapter</A
><TD
><PRE
CLASS="SCREEN"
->{+client-header-filter{hide-tor-exit-notation}}
-.exit/
+># Hide Tor exit notation in Host and Referer Headers
+{+client-header-filter{hide-tor-exit-notation}}
+/
</PRE
></TD
></TR
CLASS="SECT3"
><A
NAME="CLIENT-HEADER-TAGGER"
->8.5.4. client-header-tagger</A
+>8.5.5. client-header-tagger</A
></H4
><P
></P
># Tag every request with the User-Agent header
{+client-header-tagger{user-agent}}
/
+
+# Tagging itself doesn't change the action
+# settings, sections with TAG patterns do:
+#
+# If it's a download agent, use a different forwarding proxy,
+# show the real User-Agent and make sure resume works.
+{+forward-override{forward-socks5 10.0.0.2:2222 .} \
+ -hide-if-modified-since \
+ -overwrite-last-modified \
+ -hide-user-agent \
+ -filter \
+ -deanimate-gifs \
+}
+TAG:^User-Agent: NetBSD-ftp/
+TAG:^User-Agent: Novell ZYPP Installer
+TAG:^User-Agent: RPM APT-HTTP/
+TAG:^User-Agent: fetch libfetch/
+TAG:^User-Agent: Ubuntu APT-HTTP/
+TAG:^User-Agent: MPlayer/
</PRE
></TD
></TR
CLASS="SECT3"
><A
NAME="CONTENT-TYPE-OVERWRITE"
->8.5.5. content-type-overwrite</A
+>8.5.6. content-type-overwrite</A
></H4
><P
></P
CLASS="SECT3"
><A
NAME="CRUNCH-CLIENT-HEADER"
->8.5.6. crunch-client-header</A
+>8.5.7. crunch-client-header</A
></H4
><P
></P
CLASS="SECT3"
><A
NAME="CRUNCH-IF-NONE-MATCH"
->8.5.7. crunch-if-none-match</A
+>8.5.8. crunch-if-none-match</A
></H4
><P
></P
CLASS="SECT3"
><A
NAME="CRUNCH-INCOMING-COOKIES"
->8.5.8. crunch-incoming-cookies</A
+>8.5.9. crunch-incoming-cookies</A
></H4
><P
></P
CLASS="SECT3"
><A
NAME="CRUNCH-SERVER-HEADER"
->8.5.9. crunch-server-header</A
+>8.5.10. crunch-server-header</A
></H4
><P
></P
CLASS="SECT3"
><A
NAME="CRUNCH-OUTGOING-COOKIES"
->8.5.10. crunch-outgoing-cookies</A
+>8.5.11. crunch-outgoing-cookies</A
></H4
><P
></P
CLASS="SECT3"
><A
NAME="DEANIMATE-GIFS"
->8.5.11. deanimate-gifs</A
+>8.5.12. deanimate-gifs</A
></H4
><P
></P
CLASS="SECT3"
><A
NAME="DOWNGRADE-HTTP-VERSION"
->8.5.12. downgrade-http-version</A
+>8.5.13. downgrade-http-version</A
></H4
><P
></P
CLASS="SECT3"
><A
NAME="FAST-REDIRECTS"
->8.5.13. fast-redirects</A
+>8.5.14. fast-redirects</A
></H4
><P
></P
CLASS="SECT3"
><A
NAME="FILTER"
->8.5.14. filter</A
+>8.5.15. filter</A
></H4
><P
></P
><TD
><PRE
CLASS="SCREEN"
->+filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse</PRE
+>+filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{js-events} # Kill all JS event bindings (Radically destructive! Only for extra nasty sites)</PRE
+>+filter{js-events} # Kill all JS event bindings and timers (Radically destructive! Only for extra nasty sites).</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{html-annoyances} # Get rid of particularly annoying HTML abuse</PRE
+>+filter{html-annoyances} # Get rid of particularly annoying HTML abuse.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{content-cookies} # Kill cookies that come in the HTML or JS content</PRE
+>+filter{content-cookies} # Kill cookies that come in the HTML or JS content.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{refresh-tags} # Kill automatic refresh tags (for dial-on-demand setups)</PRE
+>+filter{refresh-tags} # Kill automatic refresh tags (for dial-on-demand setups).</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective</PRE
+>+filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{banners-by-size} # Kill banners by size</PRE
+>+filter{banners-by-size} # Kill banners by size.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{banners-by-link} # Kill banners by their links to known clicktrackers</PRE
+>+filter{banners-by-link} # Kill banners by their links to known clicktrackers.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking)</PRE
+>+filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking).</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap</PRE
+>+filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{jumping-windows} # Prevent windows from resizing and moving themselves</PRE
+>+filter{jumping-windows} # Prevent windows from resizing and moving themselves.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{frameset-borders} # Give frames a border and make them resizeable</PRE
+>+filter{frameset-borders} # Give frames a border and make them resizable.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{demoronizer} # Fix MS's non-standard use of standard charsets</PRE
+>+filter{demoronizer} # Fix MS's non-standard use of standard charsets.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{shockwave-flash} # Kill embedded Shockwave Flash objects</PRE
+>+filter{shockwave-flash} # Kill embedded Shockwave Flash objects.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{quicktime-kioskmode} # Make Quicktime movies savable</PRE
+>+filter{quicktime-kioskmode} # Make Quicktime movies saveable.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{crude-parental} # Crude parental filtering (demo only)</PRE
+>+filter{crude-parental} # Crude parental filtering. Note that this filter doesn't work reliably.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{ie-exploits} # Disable a known Internet Explorer bug exploits</PRE
+>+filter{ie-exploits} # Disable some known Internet Explorer bug exploits.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{site-specifics} # Custom filters for specific site related problems</PRE
+>+filter{site-specifics} # Cure for site-specific problems. Don't apply generally!</PRE
></TD
></TR
></TABLE
</P
><P
> <A
-NAME="FILTER-GOOGLE"
+NAME="FILTER-NO-PING"
></A
>
<TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{google} # Removes text ads and other Google specific improvements</PRE
+>+filter{no-ping} # Removes non-standard ping attributes in <a> and <area> tags.</PRE
></TD
></TR
></TABLE
</P
><P
> <A
-NAME="FILTER-YAHOO"
+NAME="FILTER-GOOGLE"
></A
>
<TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{yahoo} # Removes text ads and other Yahoo specific improvements</PRE
+>+filter{google} # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.</PRE
></TD
></TR
></TABLE
</P
><P
> <A
-NAME="FILTER-MSN"
+NAME="FILTER-YAHOO"
></A
>
<TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{msn} # Removes text ads and other MSN specific improvements</PRE
+>+filter{yahoo} # CSS-based block for Yahoo text ads. Also removes a width limitation.</PRE
></TD
></TR
></TABLE
</P
><P
> <A
-NAME="FILTER-BLOGSPOT"
+NAME="FILTER-MSN"
></A
>
<TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{blogspot} # Cleans up Blogspot blogs</PRE
+>+filter{msn} # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.</PRE
></TD
></TR
></TABLE
</P
><P
> <A
-NAME="FILTER-NO-PING"
+NAME="FILTER-BLOGSPOT"
></A
>
<TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{no-ping} # Removes non-standard ping attributes from anchor and area tags</PRE
+>+filter{blogspot} # Cleans up some Blogspot blogs. Read the fine print before using this.</PRE
></TD
></TR
></TABLE
CLASS="SECT3"
><A
NAME="FORCE-TEXT-MODE"
->8.5.15. force-text-mode</A
+>8.5.16. force-text-mode</A
></H4
><P
></P
CLASS="SECT3"
><A
NAME="FORWARD-OVERRIDE"
->8.5.16. forward-override</A
+>8.5.17. forward-override</A
></H4
><P
></P
CLASS="QUOTE"
>"forward-socks4"</SPAN
>
- to use a socks4 connection (with local DNS resolution) instead.
+ to use a socks4 connection (with local DNS resolution) instead, use <SPAN
+CLASS="QUOTE"
+>"forward-socks5"</SPAN
+>
+ for socks5 connections (with remote DNS resolution).
</P
></LI
><LI
CLASS="QUOTE"
>"forward-socks4"</SPAN
> to use a socks4 connection
- (with local DNS resolution) instead.
+ (with local DNS resolution) instead, use <SPAN
+CLASS="QUOTE"
+>"forward-socks5"</SPAN
+>
+ for socks5 connections (with remote DNS resolution).
</P
></LI
></UL
>Notes:</DT
><DD
><P
-> This action takes parameters similar to the
+> This action takes parameters similar to the
<A
HREF="config.html#FORWARDING"
>forward</A
# This way you can continue to use Tor for your normal browsing,
# without overloading the Tor network with your FreeBSD ports updates
# or downloads of bigger files like ISOs.
+# Note that HTTP headers are easy to fake and therefore their
+# values are as (un)trustworthy as your clients and users.
{+forward-override{forward .} \
-hide-if-modified-since \
-overwrite-last-modified \
CLASS="SECT3"
><A
NAME="HANDLE-AS-EMPTY-DOCUMENT"
->8.5.17. handle-as-empty-document</A
+>8.5.18. handle-as-empty-document</A
></H4
><P
></P
CLASS="SCREEN"
># Block all documents on example.org that end with ".js",
# but send an empty document instead of the usual HTML message.
-{+block +handle-as-empty-document}
+{+block{Blocked JavaScript} +handle-as-empty-document}
example.org/.*\.js$
</PRE
></TD
CLASS="SECT3"
><A
NAME="HANDLE-AS-IMAGE"
->8.5.18. handle-as-image</A
+>8.5.19. handle-as-image</A
></H4
><P
></P
# These don't look like images, but they're banners and should be
# blocked as images:
#
-{+block +handle-as-image}
-some.nasty-banner-server.com/junk.cgi\?output=trash
-
-# Banner source! Who cares if they also have non-image content?
-ad.doubleclick.net </PRE
+{+block{Nasty banners.} +handle-as-image}
+nasty-banner-server.example.com/junk.cgi\?output=trash</PRE
></TD
></TR
></TABLE
CLASS="SECT3"
><A
NAME="HIDE-ACCEPT-LANGUAGE"
->8.5.19. hide-accept-language</A
+>8.5.20. hide-accept-language</A
></H4
><P
></P
CLASS="SECT3"
><A
NAME="HIDE-CONTENT-DISPOSITION"
->8.5.20. hide-content-disposition</A
+>8.5.21. hide-content-disposition</A
></H4
><P
></P
CLASS="SECT3"
><A
NAME="HIDE-IF-MODIFIED-SINCE"
->8.5.21. hide-if-modified-since</A
+>8.5.22. hide-if-modified-since</A
></H4
><P
></P
CLASS="QUOTE"
>"If-Modified-Since:"</SPAN
> makes
- sure it isn't used as a cookie replacement, but you will run into
- caching problems if the random range is too high.
+ it less likely that the server can use the time as a cookie replacement,
+ but you will run into caching problems if the random range is too high.
</P
><P
> It is a good idea to only use a small negative value and let
HREF="actions-file.html#CRUNCH-IF-NONE-MATCH"
>crunch-if-none-match</A
></TT
->.
+>,
+ otherwise it's more or less pointless.
</P
></DD
><DT
><TD
><PRE
CLASS="SCREEN"
-># Let the browser revalidate without being tracked across sessions
-{ +hide-if-modified-since{-60} \
+># Let the browser revalidate but make tracking based on the time less likely.
+{+hide-if-modified-since{-60} \
+overwrite-last-modified{randomize} \
+crunch-if-none-match}
/</PRE
><H4
CLASS="SECT3"
><A
-NAME="HIDE-FORWARDED-FOR-HEADERS"
->8.5.22. hide-forwarded-for-headers</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Typical use:</DT
-><DD
-><P
->Improve privacy by not embedding the source of the request in the HTTP headers.</P
-></DD
-><DT
->Effect:</DT
-><DD
-><P
-> Deletes any existing <SPAN
-CLASS="QUOTE"
->"X-Forwarded-for:"</SPAN
-> HTTP header from client requests,
- and prevents adding a new one.
- </P
-></DD
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Parameter:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> It is safe to leave this on.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+hide-forwarded-for-headers</PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
NAME="HIDE-FROM-HEADER"
>8.5.23. hide-from-header</A
></H4
><P
><SPAN
CLASS="QUOTE"
+>"conditional-forge"</SPAN
+> to forge the header if the host has changed.</P
+></LI
+><LI
+><P
+><SPAN
+CLASS="QUOTE"
>"block"</SPAN
> to delete the header unconditionally.</P
></LI
><P
> Always blocking the referrer, or using a custom one, can lead to
failures on servers that check the referrer before they answer any
- requests, in an attempt to prevent their valuable content from being
+ requests, in an attempt to prevent their content from being
embedded or linked to elsewhere.
</P
><P
>Typical use:</DT
><DD
><P
->Conceal your type of browser and client operating system</P
+>Try to conceal your type of browser and client operating system</P
></DD
><DT
>Effect:</DT
></SPAN
> the right thing to do: good web sites
work browser-independently).
-
</P
></TD
></TR
><H4
CLASS="SECT3"
><A
-NAME="INSPECT-JPEGS"
->8.5.26. inspect-jpegs</A
+NAME="LIMIT-CONNECT"
+>8.5.26. limit-connect</A
></H4
><P
></P
>Typical use:</DT
><DD
><P
->To protect against the MS buffer over-run in JPEG processing</P
+>Prevent abuse of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> as a TCP proxy relay or disable SSL for untrusted sites</P
></DD
><DT
>Effect:</DT
><DD
><P
-> Protect against a known exploit
+> Specifies to which ports HTTP CONNECT requests are allowable.
</P
></DD
><DT
>Type:</DT
><DD
><P
->Boolean.</P
+>Parameterized.</P
></DD
><DT
>Parameter:</DT
><DD
><P
-> N/A
+> A comma-separated list of ports or port ranges (the latter using dashes, with the minimum
+ defaulting to 0 and the maximum to 65K).
</P
></DD
><DT
>Notes:</DT
><DD
><P
-> See Microsoft Security Bulletin MS04-028. JPEG images are one of the most
- common image types found across the Internet. The exploit as described can
- allow execution of code on the target system, giving an attacker access
- to the system in question by merely planting an altered JPEG image, which
- would have no obvious indications of what lurks inside. This action
- prevents this exploit.
- </P
-><P
-> Note that the described exploit is only one of many,
- using this action does not mean that you no longer
- have to patch the client.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-><TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+inspect-jpegs</PRE
-></TD
-></TR
-></TABLE
-></P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="KILL-POPUPS"
->8.5.27. kill-popups<A
-NAME="KILL-POPUP"
-></A
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Typical use:</DT
-><DD
-><P
->Eliminate those annoying pop-up windows (deprecated)</P
-></DD
-><DT
->Effect:</DT
-><DD
-><P
-> While loading the document, replace JavaScript code that opens
- pop-up windows with (syntactically neutral) dummy code on the fly.
- </P
-></DD
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Parameter:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This action is basically a built-in, hardwired special-purpose filter
- action, but there are important differences: For <TT
-CLASS="LITERAL"
->kill-popups</TT
->,
- the document need not be buffered, so it can be incrementally rendered while
- downloading. But <TT
-CLASS="LITERAL"
->kill-popups</TT
-> doesn't catch as many pop-ups as
- <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#FILTER-ALL-POPUPS"
->filter{<TT
-CLASS="REPLACEABLE"
-><I
->all-popups</I
-></TT
->}</A
-></TT
->
- does and is not as smart as <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#FILTER-UNSOLICITED-POPUPS"
->filter{<TT
-CLASS="REPLACEABLE"
-><I
->unsolicited-popups</I
-></TT
->}</A
->
- </TT
->is.
- </P
-><P
-> Think of it as a fast and efficient replacement for a filter that you
- can use if you don't want any filtering at all. Note that it doesn't make
- sense to combine it with any <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#FILTER"
->filter</A
-></TT
-> action,
- since as soon as one <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#FILTER"
->filter</A
-></TT
-> applies,
- the whole document needs to be buffered anyway, which destroys the advantage of
- the <TT
-CLASS="LITERAL"
->kill-popups</TT
-> action over its filter equivalent.
- </P
-><P
-> Killing all pop-ups unconditionally is problematic. Many shops and banks rely on
- pop-ups to display forms, shopping carts etc, and the <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#FILTER-UNSOLICITED-POPUPS"
->filter{<TT
-CLASS="REPLACEABLE"
-><I
->unsolicited-popups</I
-></TT
->}</A
->
- </TT
-> does a better job of catching only the unwanted ones.
- </P
-><P
-> If the only kind of pop-ups that you want to kill are exit consoles (those
- <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->really nasty</I
-></SPAN
-> windows that appear when you close an other
- one), you might want to use
- <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#FILTER"
->filter</A
->{<TT
-CLASS="REPLACEABLE"
-><I
->js-annoyances</I
-></TT
->}</TT
->
- instead.
- </P
-><P
-> This action is most appropriate for browsers that don't have any controls
- for unwanted pop-ups. Not recommended for general usage.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-><TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+kill-popups</PRE
-></TD
-></TR
-></TABLE
-></P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="LIMIT-CONNECT"
->8.5.28. limit-connect</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Typical use:</DT
-><DD
-><P
->Prevent abuse of <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> as a TCP proxy relay or disable SSL for untrusted sites</P
-></DD
-><DT
->Effect:</DT
-><DD
-><P
-> Specifies to which ports HTTP CONNECT requests are allowable.
- </P
-></DD
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Parameter:</DT
-><DD
-><P
-> A comma-separated list of ports or port ranges (the latter using dashes, with the minimum
- defaulting to 0 and the maximum to 65K).
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> By default, i.e. if no <TT
-CLASS="LITERAL"
->limit-connect</TT
-> action applies,
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> only allows HTTP CONNECT
- requests to port 443 (the standard, secure HTTPS port). Use
- <TT
-CLASS="LITERAL"
->limit-connect</TT
-> if more fine-grained control is desired
- for some or all destinations.
+> By default, i.e. if no <TT
+CLASS="LITERAL"
+>limit-connect</TT
+> action applies,
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> allows HTTP CONNECT requests to all
+ ports. Use <TT
+CLASS="LITERAL"
+>limit-connect</TT
+> if fine-grained control
+ is desired for some or all destinations.
</P
><P
> The CONNECT methods exists in HTTP to allow access to secure websites
> URLs) through proxies. It works very simply:
the proxy connects to the server on the specified port, and then
short-circuits its connections to the client and to the remote server.
- This can be a big security hole, since CONNECT-enabled proxies can be
- abused as TCP relays very easily.
+ This means CONNECT-enabled proxies can be used as TCP relays very easily.
</P
><P
> <SPAN
>Privoxy</SPAN
>'s
filters. By specifying an invalid port range you can disable HTTPS entirely.
- If you plan to disable SSL by default, consider enabling
- <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#TREAT-FORBIDDEN-CONNECTS-LIKE-BLOCKS"
->treat-forbidden-connects-like-blocks</A
-></TT
->
- as well, to be able to quickly create exceptions.
</P
></DD
><DT
><TD
><PRE
CLASS="SCREEN"
->+limit-connect{443} # This is the default and need not be specified.
+>+limit-connect{443} # Port 443 is OK.
+limit-connect{80,443} # Ports 80 and 443 are OK.
+limit-connect{-3, 7, 20-100, 500-} # Ports less than 3, 7, 20 to 100 and above 500 are OK.
+limit-connect{-} # All ports are OK
CLASS="SECT3"
><A
NAME="PREVENT-COMPRESSION"
->8.5.29. prevent-compression</A
+>8.5.27. prevent-compression</A
></H4
><P
></P
HREF="actions-file.html#FILTER"
>filter</A
></TT
->, <TT
+> and
+ <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#DEANIMATE-GIFS"
>deanimate-gifs</A
></TT
>
- and <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#KILL-POPUPS"
->kill-popups</A
-></TT
-> actions need
- access to the uncompressed data.
+ actions need access to the uncompressed data.
</P
><P
> When compiled with zlib support (available since <SPAN
CLASS="SECT3"
><A
NAME="OVERWRITE-LAST-MODIFIED"
->8.5.30. overwrite-last-modified</A
+>8.5.28. overwrite-last-modified</A
></H4
><P
></P
><TD
><PRE
CLASS="SCREEN"
-># Let the browser revalidate without being tracked across sessions
-{ +hide-if-modified-since{-60} \
- +overwrite-last-modified{randomize} \
- +crunch-if-none-match}
-/</PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="REDIRECT"
->8.5.31. redirect</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Typical use:</DT
-><DD
-><P
-> Redirect requests to other sites.
- </P
-></DD
-><DT
->Effect:</DT
-><DD
-><P
-> Convinces the browser that the requested document has been moved
- to another location and the browser should get it from there.
- </P
-></DD
-><DT
->Type:</DT
-><DD
-><P
->Parameterized</P
-></DD
-><DT
->Parameter:</DT
-><DD
-><P
-> An absolute URL or a single pcrs command.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Requests to which this action applies are answered with a
- HTTP redirect to URLs of your choosing. The new URL is
- either provided as parameter, or derived by applying a
- single pcrs command to the original URL.
- </P
-><P
-> This action will be ignored if you use it together with
- <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#BLOCK"
->block</A
-></TT
->.
- It can be combined with
- <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#FAST-REDIRECTS"
->fast-redirects{check-decoded-url}</A
-></TT
->
- to redirect to a decoded version of a rewritten URL.
- </P
-><P
-> Use this action carefully, make sure not to create redirection loops
- and be aware that using your own redirects might make it
- possible to fingerprint your requests.
- </P
-></DD
-><DT
->Example usages:</DT
-><DD
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-># Replace example.com's style sheet with another one
-{ +redirect{http://localhost/css-replacements/example.com.css} }
- example.com/stylesheet\.css
-
-# Create a short, easy to remember nickname for a favorite site
-# (relies on the browser accept and forward invalid URLs to <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->)
-{ +redirect{http://www.privoxy.org/user-manual/actions-file.html} }
- a
-
-# Always use the expanded view for Undeadly.org articles
-# (Note the $ at the end of the URL pattern to make sure
-# the request for the rewritten URL isn't redirected as well)
-{+redirect{s@$@&mode=expanded@}}
-undeadly.org/cgi\?action=article&sid=\d*$</PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="SEND-VANILLA-WAFER"
->8.5.32. send-vanilla-wafer</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Typical use:</DT
-><DD
-><P
-> Feed log analysis scripts with useless data.
- </P
-></DD
-><DT
->Effect:</DT
-><DD
-><P
-> Sends a cookie with each request stating that you do not accept any copyright
- on cookies sent to you, and asking the site operator not to track you.
- </P
-></DD
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Parameter:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The vanilla wafer is a (relatively) unique header and could conceivably be used to track you.
- </P
-><P
-> This action is rarely used and not enabled in the default configuration.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+send-vanilla-wafer</PRE
+># Let the browser revalidate without being tracked across sessions
+{ +hide-if-modified-since{-60} \
+ +overwrite-last-modified{randomize} \
+ +crunch-if-none-match}
+/</PRE
></TD
></TR
></TABLE
><H4
CLASS="SECT3"
><A
-NAME="SEND-WAFER"
->8.5.33. send-wafer</A
+NAME="REDIRECT"
+>8.5.29. redirect</A
></H4
><P
></P
>Typical use:</DT
><DD
><P
-> Send custom cookies or feed log analysis scripts with even more useless data.
+> Redirect requests to other sites.
</P
></DD
><DT
>Effect:</DT
><DD
><P
-> Sends a custom, user-defined cookie with each request.
+> Convinces the browser that the requested document has been moved
+ to another location and the browser should get it from there.
</P
></DD
><DT
>Type:</DT
><DD
><P
->Multi-value.</P
+>Parameterized</P
></DD
><DT
>Parameter:</DT
><DD
><P
-> A string of the form <SPAN
-CLASS="QUOTE"
->"<TT
-CLASS="REPLACEABLE"
-><I
->name</I
-></TT
->=<TT
-CLASS="REPLACEABLE"
-><I
->value</I
-></TT
->"</SPAN
->.
+> An absolute URL or a single pcrs command.
</P
></DD
><DT
>Notes:</DT
><DD
><P
-> Being multi-valued, multiple instances of this action can apply to the same request,
- resulting in multiple cookies being sent.
+> Requests to which this action applies are answered with a
+ HTTP redirect to URLs of your choosing. The new URL is
+ either provided as parameter, or derived by applying a
+ single pcrs command to the original URL.
+ </P
+><P
+> This action will be ignored if you use it together with
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+>.
+ It can be combined with
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FAST-REDIRECTS"
+>fast-redirects{check-decoded-url}</A
+></TT
+>
+ to redirect to a decoded version of a rewritten URL.
+ </P
+><P
+> Use this action carefully, make sure not to create redirection loops
+ and be aware that using your own redirects might make it
+ possible to fingerprint your requests.
</P
><P
-> This action is rarely used and not enabled in the default configuration.
+> In case of problems with your redirects, or simply to watch
+ them working, enable <A
+HREF="config.html#DEBUG"
+>debug 128</A
+>.
</P
></DD
><DT
->Example usage (section):</DT
+>Example usages:</DT
><DD
><P
> <TABLE
><TD
><PRE
CLASS="SCREEN"
->{+send-wafer{UsingPrivoxy=true}}
-my-internal-testing-server.void</PRE
+># Replace example.com's style sheet with another one
+{ +redirect{http://localhost/css-replacements/example.com.css} }
+ example.com/stylesheet\.css
+
+# Create a short, easy to remember nickname for a favorite site
+# (relies on the browser accept and forward invalid URLs to <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>)
+{ +redirect{http://www.privoxy.org/user-manual/actions-file.html} }
+ a
+
+# Always use the expanded view for Undeadly.org articles
+# (Note the $ at the end of the URL pattern to make sure
+# the request for the rewritten URL isn't redirected as well)
+{+redirect{s@$@&mode=expanded@}}
+undeadly.org/cgi\?action=article&sid=\d*$
+
+# Redirect Google search requests to MSN
+{+redirect{s@^http://[^/]*/search\?q=([^&]*).*@http://search.msn.com/results.aspx?q=$1@}}
+.google.com/search
+
+# Redirect MSN search requests to Yahoo
+{+redirect{s@^http://[^/]*/results\.aspx\?q=([^&]*).*@http://search.yahoo.com/search?p=$1@}}
+search.msn.com//results\.aspx\?q=
+
+# Redirect remote requests for this manual
+# to the local version delivered by Privoxy
+{+redirect{s@^http://www@http://config@}}
+www.privoxy.org/user-manual/</PRE
></TD
></TR
></TABLE
CLASS="SECT3"
><A
NAME="SERVER-HEADER-FILTER"
->8.5.34. server-header-filter</A
+>8.5.30. server-header-filter</A
></H4
><P
></P
CLASS="SECT3"
><A
NAME="SERVER-HEADER-TAGGER"
->8.5.35. server-header-tagger</A
+>8.5.31. server-header-tagger</A
></H4
><P
></P
>Typical use:</DT
><DD
><P
-> Disable or disable filters based on the Content-Type header.
+> Enable or disable filters based on the Content-Type header.
</P
></DD
><DT
><TD
><PRE
CLASS="SCREEN"
-># Tag every request with the declared content type
+># Tag every request with the content type declared by the server
{+server-header-tagger{content-type}}
/
</PRE
CLASS="SECT3"
><A
NAME="SESSION-COOKIES-ONLY"
->8.5.36. session-cookies-only</A
+>8.5.32. session-cookies-only</A
></H4
><P
></P
CLASS="SECT3"
><A
NAME="SET-IMAGE-BLOCKER"
->8.5.37. set-image-blocker</A
+>8.5.33. set-image-blocker</A
></H4
><P
></P
></DIV
><DIV
CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="TREAT-FORBIDDEN-CONNECTS-LIKE-BLOCKS"
->8.5.38. treat-forbidden-connects-like-blocks</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Typical use:</DT
-><DD
-><P
->Block forbidden connects with an easy to find error message.</P
-></DD
-><DT
->Effect:</DT
-><DD
-><P
-> If this action is enabled, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> no longer
- makes a difference between forbidden connects and ordinary blocks.
- </P
-></DD
-><DT
->Type:</DT
-><DD
-><P
->Boolean</P
-></DD
-><DT
->Parameter:</DT
-><DD
-><P
->N/A</P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> By default <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> answers
- <A
-HREF="actions-file.html#LIMIT-CONNECT"
->forbidden <SPAN
-CLASS="QUOTE"
->"Connect"</SPAN
-> requests</A
->
- with a short error message inside the headers. If the browser doesn't display
- headers (most don't), you just see an empty page.
- </P
-><P
-> With this action enabled, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> displays
- the message that is used for ordinary blocks instead. If you decide
- to make an exception for the page in question, you can do so by
- following the <SPAN
-CLASS="QUOTE"
->"See why"</SPAN
-> link.
- </P
-><P
-> For <SPAN
-CLASS="QUOTE"
->"Connect"</SPAN
-> requests the clients tell
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> which host they are interested
- in, but not which document they plan to get later. As a result, the
- <SPAN
-CLASS="QUOTE"
->"Go there anyway"</SPAN
-> wouldn't work and is therefore suppressed.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+treat-forbidden-connects-like-blocks</PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
><H3
CLASS="SECT3"
><A
-NAME="AEN4217"
->8.5.39. Summary</A
+NAME="AEN4074"
+>8.5.34. Summary</A
></H3
><P
> Note that many of these actions have the potential to cause a page to
HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
>crunch-outgoing-cookies</A
>
- +block-as-image = +block +handle-as-image
+ +block-as-image = +block{Blocked image.} +handle-as-image
allow-all-cookies = -crunch-all-cookies -<A
HREF="actions-file.html#SESSION-COOKIES-ONLY"
>session-cookies-only</A
HREF="actions-file.html#HIDE-REFERER"
>hide-referrer</A
> -<A
-HREF="actions-file.html#KILL-POPUPS"
->kill-popups</A
-> -<A
HREF="actions-file.html#PREVENT-COMPRESSION"
>prevent-compression</A
>
shop = -crunch-all-cookies -<A
HREF="actions-file.html#FILTER-ALL-POPUPS"
>filter{all-popups}</A
-> -<A
-HREF="actions-file.html#KILL-POPUPS"
->kill-popups</A
>
# Short names for other aliases, for really lazy people ;-)
# These shops require pop-ups:
#
- {-kill-popups -filter{all-popups} -filter{unsolicited-popups}}
+ {-filter{all-popups} -filter{unsolicited-popups}}
.dabs.com
.overclockers.co.uk</PRE
></TD
><H3
CLASS="SECT3"
><A
-NAME="AEN4282"
+NAME="AEN4137"
>8.7.1. default.action</A
></H3
><P
HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
>crunch-outgoing-cookies</A
>
- +block-as-image = +block +handle-as-image
+ +block-as-image = +block{Blocked image.} +handle-as-image
mercy-for-cookies = -crunch-all-cookies -<A
HREF="actions-file.html#SESSION-COOKIES-ONLY"
>session-cookies-only</A
> -<A
HREF="actions-file.html#HIDE-REFERER"
>hide-referrer</A
-> -<A
-HREF="actions-file.html#KILL-POPUPS"
->kill-popups</A
>
shop = -crunch-all-cookies -<A
HREF="actions-file.html#FILTER-ALL-POPUPS"
>filter{all-popups}</A
-> -<A
-HREF="actions-file.html#KILL-POPUPS"
->kill-popups</A
></PRE
></TD
></TR
experience.</P
><P
> Again, at the start of matching, all actions are disabled, so there is
- no real need to disable any actions here, but we will do that nonetheless,
- to have a complete listing for your reference. (Remember: a <SPAN
+ no need to disable any actions here. (Remember: a <SPAN
CLASS="QUOTE"
>"+"</SPAN
>
# "Defaults" section:
##########################################################################
{ \
- -<A
-HREF="actions-file.html#ADD-HEADER"
->add-header</A
-> \
- -<A
-HREF="actions-file.html#CLIENT-HEADER-FILTER"
->client-header-filter{hide-tor-exit-notation}</A
-> \
- -<A
-HREF="actions-file.html#BLOCK"
->block</A
-> \
- -<A
-HREF="actions-file.html#CONTENT-TYPE-OVERWRITE"
->content-type-overwrite</A
-> \
- -<A
-HREF="actions-file.html#CRUNCH-CLIENT-HEADER"
->crunch-client-header</A
-> \
- -<A
-HREF="actions-file.html#CRUNCH-IF-NONE-MATCH"
->crunch-if-none-match</A
-> \
- -<A
-HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
->crunch-incoming-cookies</A
-> \
- -<A
-HREF="actions-file.html#CRUNCH-SERVER-HEADER"
->crunch-server-header</A
-> \
- -<A
-HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
->crunch-outgoing-cookies</A
+ +<A
+HREF="actions-file.html#CHANGE-X-FORWARDED-FOR"
+>change-x-forwarded-for{block}</A
> \
+<A
HREF="actions-file.html#DEANIMATE-GIFS"
>deanimate-gifs</A
-> \
- -<A
-HREF="actions-file.html#DOWNGRADE-HTTP-VERSION"
->downgrade-http-version</A
-> \
- -<A
-HREF="actions-file.html#FAST-REDIRECTS"
->fast-redirects{check-decoded-url}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-JS-ANNOYANCES"
->filter{js-annoyances}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-JS-EVENTS"
->filter{js-events}</A
> \
+<A
HREF="actions-file.html#FILTER-HTML-ANNOYANCES"
>filter{html-annoyances}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-CONTENT-COOKIES"
->filter{content-cookies}</A
> \
+<A
HREF="actions-file.html#FILTER-REFRESH-TAGS"
>filter{refresh-tags}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-UNSOLICITED-POPUPS"
->filter{unsolicited-popups}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-ALL-POPUPS"
->filter{all-popups}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-IMG-REORDER"
->filter{img-reorder}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-BANNERS-BY-SIZE"
->filter{banners-by-size}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-BANNERS-BY-LINK"
->filter{banners-by-link}</A
> \
+<A
HREF="actions-file.html#FILTER-WEBBUGS"
>filter{webbugs}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-TINY-TEXTFORMS"
->filter{tiny-textforms}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-JUMPING-WINDOWS"
->filter{jumping-windows}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-FRAMESET-BORDERS"
->filter{frameset-borders}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-DEMORONIZER"
->filter{demoronizer}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-SHOCKWAVE-FLASH"
->filter{shockwave-flash}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-QUICKTIME-KIOSKMODE"
->filter{quicktime-kioskmode}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-FUN"
->filter{fun}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-CRUDE-PARENTAL"
->filter{crude-parental}</A
> \
+<A
HREF="actions-file.html#FILTER-IE-EXPLOITS"
>filter{ie-exploits}</A
> \
- -<A
-HREF="actions-file.html#FILTER-GOOGLE"
->filter{google}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-YAHOO"
->filter{yahoo}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-MSN"
->filter{msn}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-BLOGSPOT"
->filter{blogspot}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-NO-PING"
->filter{no-ping}</A
-> \
- -<A
-HREF="actions-file.html#FORCE-TEXT-MODE"
->force-text-mode</A
-> \
- -<A
-HREF="actions-file.html#HANDLE-AS-EMPTY-DOCUMENT"
->handle-as-empty-document</A
-> \
- -<A
-HREF="actions-file.html#HANDLE-AS-IMAGE"
->handle-as-image</A
-> \
- -<A
-HREF="actions-file.html#HIDE-ACCEPT-LANGUAGE"
->hide-accept-language</A
-> \
- -<A
-HREF="actions-file.html#HIDE-CONTENT-DISPOSITION"
->hide-content-disposition</A
-> \
- -<A
-HREF="actions-file.html#HIDE-IF-MODIFIED-SINCE"
->hide-if-modified-since</A
-> \
- +<A
-HREF="actions-file.html#HIDE-FORWARDED-FOR-HEADERS"
->hide-forwarded-for-headers</A
-> \
+<A
HREF="actions-file.html#HIDE-FROM-HEADER"
>hide-from-header{block}</A
+<A
HREF="actions-file.html#HIDE-REFERER"
>hide-referrer{forge}</A
-> \
- -<A
-HREF="actions-file.html#HIDE-USER-AGENT"
->hide-user-agent</A
-> \
- -<A
-HREF="actions-file.html#INSPECT-JPEGS"
->inspect-jpegs</A
-> \
- -<A
-HREF="actions-file.html#KILL-POPUPS"
->kill-popups</A
-> \
- -<A
-HREF="actions-file.html#LIMIT-CONNECT"
->limit-connect</A
> \
+<A
HREF="actions-file.html#PREVENT-COMPRESSION"
>prevent-compression</A
-> \
- -<A
-HREF="actions-file.html#OVERWRITE-LAST-MODIFIED"
->overwrite-last-modified</A
-> \
- -<A
-HREF="actions-file.html#REDIRECT"
->redirect</A
-> \
- -<A
-HREF="actions-file.html#SEND-VANILLA-WAFER"
->send-vanilla-wafer</A
-> \
- -<A
-HREF="actions-file.html#SEND-WAFER"
->send-wafer</A
-> \
- -<A
-HREF="actions-file.html#SERVER-HEADER-FILTER"
->server-header-filter{xml-to-html}</A
-> \
- -<A
-HREF="actions-file.html#SERVER-HEADER-FILTER"
->server-header-filter{html-to-xml}</A
> \
+<A
HREF="actions-file.html#SESSION-COOKIES-ONLY"
+<A
HREF="actions-file.html#SET-IMAGE-BLOCKER"
>set-image-blocker{pattern}</A
-> \
- -<A
-HREF="actions-file.html#TREAT-FORBIDDEN-CONNECTS-LIKE-BLOCKS"
->treat-forbidden-connects-like-blocks</A
> \
}
/ # forward slash will match *all* potential URL patterns.</PRE
></TABLE
></P
><P
-> The default behavior is now set. Note that some actions, like not hiding
- the user agent, are part of a <SPAN
-CLASS="QUOTE"
->"general policy"</SPAN
-> that applies
- universally and won't get any exceptions defined later. Other choices,
- like not blocking (which is <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->understandably</I
-></SPAN
-> the
- default!) need exceptions, i.e. we need to specify explicitly what we
- want to block in later sections.</P
+> The default behavior is now set.
+ </P
><P
> The first of our specialized sections is concerned with <SPAN
CLASS="QUOTE"
##########################################################################
{ <A
HREF="actions-file.html#BLOCK"
->+block</A
+>+block{Banner ads.}</A
> }
# Generic patterns:
><H3
CLASS="SECT3"
><A
-NAME="AEN4469"
+NAME="AEN4271"
>8.7.2. user.action</A
></H3
><P
><TD
><PRE
CLASS="SCREEN"
-># My user.action file. <fred@foobar.com></PRE
+># My user.action file. <fred@example.com></PRE
></TD
></TR
></TABLE
+crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
-crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
allow-all-cookies = -crunch-all-cookies -session-cookies-only
- allow-popups = -filter{all-popups} -kill-popups
-+block-as-image = +block +handle-as-image
+ allow-popups = -filter{all-popups}
++block-as-image = +block{Blocked as image.} +handle-as-image
-block-as-image = -block
# These aliases define combinations of actions that are useful for
# certain types of sites:
#
-fragile = -block -crunch-all-cookies -filter -fast-redirects -hide-referrer -kill-popups
+fragile = -block -crunch-all-cookies -filter -fast-redirects -hide-referrer
shop = -crunch-all-cookies allow-popups
# Allow ads for selected useful free sites:
and pasted the URL below while removing the leading http://, into a
<TT
CLASS="LITERAL"
->{ +block }</TT
+>{ +block{} }</TT
> section. Note that <TT
CLASS="LITERAL"
>{ +handle-as-image
>{ +<A
HREF="actions-file.html#BLOCK"
>block</A
-> }
+>{Nasty ads.} }
www.example.com/nasty-ads/sponsor\.gif
- another.popular.site.net/more/junk/here/</PRE
+ another.example.net/more/junk/here/</PRE
></TD
></TR
></TABLE
CLASS="FILENAME"
>default.filter</TT
>,
- but it is disabled in the distributed actions file. (My colleagues on the team just
- don't have a sense of humour, that's why! ;-). So you'd like to turn it on in your private,
+ but it is disabled in the distributed actions file.
+ So you'd like to turn it on in your private,
update-safe config, once and for all:</P
><P
><TABLE