+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>Actions Files</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
-"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
-TITLE="Privoxy 3.0.7 User Manual"
+TITLE="Privoxy 3.0.17 User Manual"
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="The Main Configuration File"
HREF="filter-file.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
-HREF="../p_doc.css">
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
</head
><BODY
><TH
COLSPAN="3"
ALIGN="center"
->Privoxy 3.0.7 User Manual</TH
+>Privoxy 3.0.17 User Manual</TH
></TR
><TR
><TD
CLASS="SECT1"
><A
NAME="ACTIONS-FILE"
-></A
->8. Actions Files</H1
+>8. Actions Files</A
+></H1
><P
> The actions files are used to define what <SPAN
CLASS="emphasis"
CLASS="APPLICATION"
>Privoxy</SPAN
> with
- differing purposes:
- </P
+ differing purposes:</P
><P
+> <P
></P
><UL
><LI
><P
-> <TT
+> <TT
+CLASS="FILENAME"
+>match-all.action</TT
+> - is used to define which
+ <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+> relating to banner-blocking, images, pop-ups,
+ content modification, cookie handling etc should be applied by default.
+ It should be the first actions file loaded
+ </P
+></LI
+><LI
+><P
+> <TT
CLASS="FILENAME"
>default.action</TT
-> - is the primary action file
- that sets the initial values for all actions. It is intended to
- provide a base level of functionality for
- <SPAN
-CLASS="APPLICATION"
->Privoxy's</SPAN
-> array of features. So it is
- a set of broad rules that should work reasonably well as-is for most users.
- This is the file that the developers are keeping updated, and <A
-HREF="installation.html#INSTALLATION-KEEPUPDATED"
->making available to users</A
->.
- The user's preferences as set in <TT
+> - defines many exceptions (both
+ positive and negative) from the default set of actions that's configured
+ in <TT
CLASS="FILENAME"
->standard.action</TT
->,
- e.g. either <TT
-CLASS="LITERAL"
->Cautious</TT
-> (the default),
- <TT
-CLASS="LITERAL"
->Medium</TT
->, or <TT
-CLASS="LITERAL"
->Advanced</TT
-> (see
- below).
- </P
+>match-all.action</TT
+>. It is a set of rules that should
+ work reasonably well as-is for most users. This file is only supposed to
+ be edited by the developers. It should be the second actions file loaded.
+ </P
></LI
><LI
><P
-> <TT
+> <TT
CLASS="FILENAME"
>user.action</TT
> - is intended to be for local site
- preferences and exceptions. As an example, if your ISP or your bank
- has specific requirements, and need special handling, this kind of
- thing should go here. This file will not be upgraded.
- </P
+ preferences and exceptions. As an example, if your ISP or your bank
+ has specific requirements, and need special handling, this kind of
+ thing should go here. This file will not be upgraded.
+ </P
></LI
><LI
><P
-> <TT
-CLASS="FILENAME"
->standard.action</TT
-> - is used only by the web based editor
- at <A
-HREF="http://config.privoxy.org/edit-actions-list?f=default"
-TARGET="_top"
-> http://config.privoxy.org/edit-actions-list?f=default</A
->,
- to set various pre-defined sets of rules for the default actions section
- in <TT
-CLASS="FILENAME"
->default.action</TT
->.
- </P
-><P
-> <SPAN
+> <SPAN
CLASS="GUIBUTTON"
>Edit</SPAN
> <SPAN
CLASS="GUIBUTTON"
>Set to Advanced</SPAN
>
- </P
+ </P
><P
-> These have increasing levels of aggressiveness <SPAN
+> These have increasing levels of aggressiveness <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>and have no
- influence on your browsing unless you select them explicitly in the
- editor</I
+ influence on your browsing unless you select them explicitly in the
+ editor</I
></SPAN
>. A default installation should be pre-set to
- <TT
+ <TT
CLASS="LITERAL"
>Cautious</TT
-> (versions prior to 3.0.5 were set to
- <TT
-CLASS="LITERAL"
->Medium</TT
->). New users should try this for a while before
- adjusting the settings to more aggressive levels. The more aggressive
- the settings, then the more likelihood there is of problems such as sites
- not working as they should.
- </P
+>. New users should try this for a while before
+ adjusting the settings to more aggressive levels. The more aggressive
+ the settings, then the more likelihood there is of problems such as sites
+ not working as they should.
+ </P
><P
-> The <SPAN
+> The <SPAN
CLASS="GUIBUTTON"
>Edit</SPAN
> button allows you to turn each
- action on/off individually for fine-tuning. The <SPAN
+ action on/off individually for fine-tuning. The <SPAN
CLASS="GUIBUTTON"
>Cautious</SPAN
>
- button changes the actions list to low/safe settings which will activate
- ad blocking and a minimal set of <SPAN
+ button changes the actions list to low/safe settings which will activate
+ ad blocking and a minimal set of <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
>'s features, and subsequently
- there will be less of a chance for accidental problems. The
- <SPAN
+ there will be less of a chance for accidental problems. The
+ <SPAN
CLASS="GUIBUTTON"
>Medium</SPAN
> button sets the list to a medium level of
- other features and a low level set of privacy features. The
- <SPAN
+ other features and a low level set of privacy features. The
+ <SPAN
CLASS="GUIBUTTON"
>Advanced</SPAN
> button sets the list to a high level of
- ad blocking and medium level of privacy. See the chart below. The latter
- three buttons over-ride any changes via with the
- <SPAN
+ ad blocking and medium level of privacy. See the chart below. The latter
+ three buttons over-ride any changes via with the
+ <SPAN
CLASS="GUIBUTTON"
>Edit</SPAN
> button. More fine-tuning can be done in the
- lower sections of this internal page.
- </P
+ lower sections of this internal page.
+ </P
><P
-> It is not recommend to edit the <TT
-CLASS="FILENAME"
->standard.action</TT
-> file
- itself.
- </P
+> While the actions file editor allows to enable these settings in all
+ actions files, they are only supposed to be enabled in the first one
+ to make sure you don't unintentionally overrule earlier rules.
+ </P
><P
-> The default profiles, and their associated actions, as pre-defined in
- <TT
+> The default profiles, and their associated actions, as pre-defined in
+ <TT
CLASS="FILENAME"
->standard.action</TT
+>default.action</TT
> are:
- </P
+ </P
><P
> <DIV
CLASS="TABLE"
><A
-NAME="AEN2061"
+NAME="AEN2534"
></A
><P
><B
></P
><TABLE
BORDER="1"
+FRAME="border"
+RULES="all"
CLASS="CALSTABLE"
-><THEAD
+><COL
+WIDTH="1*"
+TITLE="C1"><COL
+WIDTH="1*"
+TITLE="C2"><COL
+WIDTH="1*"
+TITLE="C3"><COL
+WIDTH="1*"
+TITLE="C4"><THEAD
><TR
><TH
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>Feature</TH
><TH
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>Cautious</TH
><TH
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>Medium</TH
><TH
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>Advanced</TH
></TR
></THEAD
><TBODY
><TR
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>Ad-blocking Aggressiveness</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>medium</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>high</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>high</TD
></TR
><TR
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>Ad-filtering by size</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>no</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>yes</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>Ad-filtering by link</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>no</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>no</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>Pop-up killing</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>blocks only</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>blocks only</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>blocks only</TD
></TR
><TR
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>Privacy Features</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>low</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>medium</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>medium/high</TD
></TR
><TR
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>Cookie handling</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>none</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>session-only</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>kill</TD
></TR
><TR
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>Referer forging</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>no</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>yes</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>GIF de-animation</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>no</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>yes</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>Fast redirects</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>no</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>no</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>HTML taming</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>no</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>no</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>JavaScript taming</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>no</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>no</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>Web-bug killing</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>no</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>yes</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>yes</TD
></TR
><TR
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>Image tag reordering</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>no</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
->no</TD
+>yes</TD
><TD
-WIDTH="25%"
-ALIGN="LEFT"
-VALIGN="TOP"
>yes</TD
></TR
></TBODY
</P
></LI
></UL
->
- </P
+></P
><P
> The list of actions files to be used are defined in the main configuration
file, and are processed in the order they are defined (e.g.
>http://config.privoxy.org/show-status</A
>.
The over-riding principle when applying actions, is that the last action that
- matches a given URL, wins. The broadest, most general rules go first
+ matches a given URL wins. The broadest, most general rules go first
(defined in <TT
CLASS="FILENAME"
>default.action</TT
CLASS="FILENAME"
>default.action</TT
>,
- with the advantage that is a separate file, which makes preserving your
+ with the advantage that it is a separate file, which makes preserving your
personal settings across <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
><P
>
Actions can be used to block anything you want, including ads, banners, or
- just some obnoxious URL that you would rather not see. Cookies can be accepted
+ just some obnoxious URL whose content you would rather not see. Cookies can be accepted
or rejected, or accepted only during the current browser session (i.e. not
- written to disk), content can be modified, JavaScripts tamed, user-tracking
+ written to disk), content can be modified, some JavaScripts tamed, user-tracking
fooled, and much more. See below for a <A
HREF="actions-file.html#ACTIONS"
>complete list
><H2
CLASS="SECT2"
><A
-NAME="AEN2160"
-></A
->8.1. Finding the Right Mix</H2
+NAME="AEN2633"
+>8.1. Finding the Right Mix</A
+></H2
><P
> Note that some <A
HREF="actions-file.html#ACTIONS"
will have to make later. If, for example, you want to crunch all cookies per
default, you'll have to make exceptions from that rule for sites that you
regularly use and that require cookies for actually useful purposes, like maybe
- your bank, favorite shop, or newspaper. </P
+ your bank, favorite shop, or newspaper.</P
><P
> We have tried to provide you with reasonable rules to start from in the
distribution actions files. But there is no general rule of thumb on these
><H2
CLASS="SECT2"
><A
-NAME="AEN2167"
-></A
->8.2. How to Edit</H2
+NAME="AEN2640"
+>8.2. How to Edit</A
+></H2
><P
> The easiest way to edit the actions files is with a browser by
using our browser-based editor, which can be reached from <A
TARGET="_top"
>http://config.privoxy.org/show-status</A
>.
- The editor allows both fine-grained control over every single feature on a
- per-URL basis, and easy choosing from wholesale sets of defaults like
- <SPAN
+ Note: the config file option <A
+HREF="config.html#ENABLE-EDIT-ACTIONS"
+>enable-edit-actions</A
+> must be enabled for
+ this to work. The editor allows both fine-grained control over every single
+ feature on a per-URL basis, and easy choosing from wholesale sets of defaults
+ like <SPAN
CLASS="QUOTE"
>"Cautious"</SPAN
>, <SPAN
CLASS="QUOTE"
>"Medium"</SPAN
-> or <SPAN
+> or
+ <SPAN
CLASS="QUOTE"
>"Advanced"</SPAN
->.
- Warning: the <SPAN
+>. Warning: the <SPAN
CLASS="QUOTE"
>"Advanced"</SPAN
-> setting is more aggressive, and
- will be more likely to cause problems for some sites. Experienced users only!</P
+> setting is more
+ aggressive, and will be more likely to cause problems for some sites.
+ Experienced users only!
+ </P
><P
> If you prefer plain text editing to GUIs, you can of course also directly edit the
the actions files with your favorite text editor. Look at
CLASS="SECT2"
><A
NAME="ACTIONS-APPLY"
-></A
->8.3. How Actions are Applied to Requests</H2
+>8.3. How Actions are Applied to Requests</A
+></H2
><P
> Actions files are divided into sections. There are special sections,
like the <SPAN
>handle-as-image</TT
> +<TT
CLASS="LITERAL"
->block</TT
+>block{Banner ads.}</TT
> }
# Block these as if they were images. Send no block page.
banners.example.com
CLASS="SECT2"
><A
NAME="AF-PATTERNS"
-></A
->8.4. Patterns</H2
+>8.4. Patterns</A
+></H2
><P
>
As mentioned, <SPAN
flexibility. This allows one expression to be expanded and potentially match
against many similar patterns.</P
><P
-> Generally, a URL pattern has the form
+> Generally, an URL pattern has the form
<TT
CLASS="LITERAL"
-><domain>/<path></TT
->, where both the
+><domain><port>/<path></TT
+>, where the
<TT
CLASS="LITERAL"
><domain></TT
-> and <TT
+>, the <TT
+CLASS="LITERAL"
+><port></TT
+>
+ and the <TT
CLASS="LITERAL"
><path></TT
-> are
- optional. (This is why the special <TT
+> are optional. (This is why the special
+ <TT
CLASS="LITERAL"
>/</TT
-> pattern matches all
- URLs). Note that the protocol portion of the URL pattern (e.g.
- <TT
+> pattern matches all URLs). Note that the protocol
+ portion of the URL pattern (e.g. <TT
CLASS="LITERAL"
>http://</TT
->) should <SPAN
+>) should
+ <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>not</I
></SPAN
-> be included in
- the pattern. This is assumed already!</P
+> be included in the pattern. This is assumed already!</P
><P
> The pattern matching syntax is different for the domain and path parts of
the URL. The domain part uses a simple globbing type matching technique,
- while the path part uses a more flexible
+ while the path part uses more flexible
<A
HREF="http://en.wikipedia.org/wiki/Regular_expressions"
TARGET="_top"
><SPAN
CLASS="QUOTE"
>"Regular
- Expressions (PCRE)"</SPAN
+ Expressions"</SPAN
></A
-> based syntax.</P
+> (POSIX 1003.2).</P
+><P
+> The port part of a pattern is a decimal port number preceded by a colon
+ (<TT
+CLASS="LITERAL"
+>:</TT
+>). If the domain part contains a numerical IPv6 address,
+ it has to be put into angle brackets
+ (<TT
+CLASS="LITERAL"
+><</TT
+>, <TT
+CLASS="LITERAL"
+>></TT
+>).</P
><P
></P
><DIV
></DT
><DD
><P
+> matches all the documents on <TT
+CLASS="LITERAL"
+>www.example.com</TT
+>
+ whose name starts with <TT
+CLASS="LITERAL"
+>/index.html</TT
+>.
+ </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>www.example.com/index.html$</TT
+></DT
+><DD
+><P
> matches only the single document <TT
CLASS="LITERAL"
>/index.html</TT
><DT
><TT
CLASS="LITERAL"
->/index.html</TT
+>/index.html$</TT
></DT
><DD
><P
><DT
><TT
CLASS="LITERAL"
+>/</TT
+></DT
+><DD
+><P
+> Matches any URL because there's no requirement for either the
+ domain or the path to match anything.
+ </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>:8000/</TT
+></DT
+><DD
+><P
+> Matches any URL pointing to TCP port 8000.
+ </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+><2001:db8::1>/</TT
+></DT
+><DD
+><P
+> Matches any URL with the host address <TT
+CLASS="LITERAL"
+>2001:db8::1</TT
+>.
+ (Note that the real URL uses plain brackets, not angle brackets.)
+ </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
>index.html</TT
></DT
><DD
><P
-> matches nothing, since it would be interpreted as a domain name and
+> matches nothing, since it would be interpreted as a domain name and
there is no top-level domain called <TT
CLASS="LITERAL"
>.html</TT
><H3
CLASS="SECT3"
><A
-NAME="AEN2250"
-></A
->8.4.1. The Domain Pattern</H3
+NAME="AEN2752"
+>8.4.1. The Domain Pattern</A
+></H3
><P
> The matching of the domain part offers some flexible options: if the
domain starts or ends with a dot, it becomes unanchored at that end.
></DT
><DD
><P
-> matches any domain that <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->ENDS</I
-></SPAN
-> in
- <TT
+> matches any domain with first-level domain <TT
CLASS="LITERAL"
->.example.com</TT
+>com</TT
>
+ and second-level domain <TT
+CLASS="LITERAL"
+>example</TT
+>.
+ For example <TT
+CLASS="LITERAL"
+>www.example.com</TT
+>,
+ <TT
+CLASS="LITERAL"
+>example.com</TT
+> and <TT
+CLASS="LITERAL"
+>foo.bar.baz.example.com</TT
+>.
+ Note that it wouldn't match if the second-level domain was <TT
+CLASS="LITERAL"
+>another-example</TT
+>.
</P
></DD
><DT
<TT
CLASS="LITERAL"
>www.</TT
->
+> (It also matches the domain
+ <TT
+CLASS="LITERAL"
+>www</TT
+> but most of the time that doesn't matter.)
</P
></DD
><DT
><H3
CLASS="SECT3"
><A
-NAME="AEN2321"
-></A
->8.4.2. The Path Pattern</H3
+NAME="AEN2828"
+>8.4.2. The Path Pattern</A
+></H3
><P
> <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> uses Perl compatible (PCRE)
+> uses <SPAN
+CLASS="QUOTE"
+>"modern"</SPAN
+> POSIX 1003.2
<A
HREF="http://en.wikipedia.org/wiki/Regular_expressions"
TARGET="_top"
><SPAN
CLASS="QUOTE"
>"Regular
- Expression"</SPAN
+ Expressions"</SPAN
></A
-> based syntax
- (through the <A
-HREF="http://www.pcre.org/"
-TARGET="_top"
->PCRE</A
-> library) for
- matching the path portion (after the slash), and is thus more flexible.</P
+> for matching the path portion (after the slash),
+ and is thus more flexible.</P
><P
> There is an <A
HREF="appendix.html#REGEX"
>Appendix</A
> with a brief quick-start into regular
- expressions, and full (very technical) documentation on PCRE regex syntax is available on-line
- at <A
-HREF="http://www.pcre.org/man.txt"
-TARGET="_top"
->http://www.pcre.org/man.txt</A
->.
- You might also find the Perl man page on regular expressions (<TT
+ expressions, you also might want to have a look at your operating system's documentation
+ on regular expressions (try <TT
CLASS="LITERAL"
->man perlre</TT
->)
- useful, which is available on-line at <A
-HREF="http://perldoc.perl.org/perlre.html"
-TARGET="_top"
->http://perldoc.perl.org/perlre.html</A
->.</P
+>man re_format</TT
+>).</P
><P
> Note that the path pattern is automatically left-anchored at the <SPAN
CLASS="QUOTE"
><DT
><TT
CLASS="LITERAL"
->.example.com/.*/index.html</TT
+>.example.com/.*/index.html$</TT
></DT
><DD
><P
><DT
><TT
CLASS="LITERAL"
->.example.com/(.*/)?index\.html</TT
+>.example.com/(.*/)?index\.html$</TT
></DT
><DD
><P
CLASS="SECT3"
><A
NAME="TAG-PATTERN"
-></A
->8.4.3. The Tag Pattern</H3
+>8.4.3. The Tag Pattern</A
+></H3
><P
> Tag patterns are used to change the applying actions based on the
request's tags. Tags can be created with either the
<A
-HREF="actions-file.html#CLIENT-HEADER-FILTER"
+HREF="actions-file.html#CLIENT-HEADER-TAGGER"
>client-header-tagger</A
>
or the <A
-HREF="actions-file.html#SERVER-HEADER-FILTER"
+HREF="actions-file.html#SERVER-HEADER-TAGGER"
>server-header-tagger</A
> action.</P
><P
>
can tell them apart from URL patterns. Everything after the colon
including white space, is interpreted as a regular expression with
- path patterns syntax, except that tag patterns aren't left-anchored
- automatically (Privoxy doesn't silently add a <SPAN
+ path pattern syntax, except that tag patterns aren't left-anchored
+ automatically (<SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> doesn't silently add a <SPAN
CLASS="QUOTE"
>"^"</SPAN
>,
match requests whose tags contain <SPAN
CLASS="QUOTE"
>"foo"</SPAN
-> somewhere.</P
+> somewhere.
+ <SPAN
+CLASS="QUOTE"
+>"TAG: foo"</SPAN
+> wouldn't work as it requires white space.</P
><P
> Sections can contain URL and tag patterns at the same time,
but tag patterns are checked after the URL patterns and thus
tags can be used to activate other tagger actions, as long as these other
taggers look for headers that haven't already be parsed.</P
><P
-> For example you could tag client requests which use the POST method,
- use this tag to activate another tagger that adds a tag if cookies
- are send, and then block based on the cookie tag. However if you'd
- reverse the position of the described taggers, and activated the method
- tagger based on the cookie tagger, no method tags would be created.
+> For example you could tag client requests which use the
+ <TT
+CLASS="LITERAL"
+>POST</TT
+> method,
+ then use this tag to activate another tagger that adds a tag if cookies
+ are sent, and then use a block action based on the cookie tag. This allows
+ the outcome of one action, to be input into a subsequent action. However if
+ you'd reverse the position of the described taggers, and activated the
+ method tagger based on the cookie tagger, no method tags would be created.
The method tagger would look for the request line, but at the time
- the cookie tag is created the request line has already been parsed.</P
+ the cookie tag is created, the request line has already been parsed.</P
><P
> While this is a limitation you should be aware of, this kind of
indirection is seldom needed anyway and even the example doesn't
CLASS="SECT2"
><A
NAME="ACTIONS"
-></A
->8.5. Actions</H2
+>8.5. Actions</A
+></H2
><P
> All actions are disabled by default, until they are explicitly enabled
somewhere in an actions file. Actions are turned on if preceded with a
>
Example: <TT
CLASS="LITERAL"
->+block</TT
+>+handle-as-image</TT
>
</P
></LI
>
Example: <TT
CLASS="LITERAL"
->+hide-user-agent{ Mozilla 1.0 }</TT
+>+hide-user-agent{Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.8.1.4) Gecko/20070602 Firefox/2.0.0.4}</TT
>
</P
></LI
CLASS="APPLICATION"
>Privoxy</SPAN
> would just be a
- normal, non-blocking, non-anonymizing proxy. You must specifically enable the
+ normal, non-blocking, non-filtering proxy. You must specifically enable the
privacy and blocking features you need (although the provided default actions
files will give a good starting point).</P
><P
-> Later defined actions always over-ride earlier ones. So exceptions
- to any rules you make, should come in the latter part of the file (or
+> Later defined action sections always over-ride earlier ones of the same type.
+ So exceptions to any rules you make, should come in the latter part of the file (or
in a file that is processed later when using multiple actions files such
as <TT
CLASS="FILENAME"
CLASS="SECT3"
><A
NAME="ADD-HEADER"
-></A
->8.5.1. add-header</H4
+>8.5.1. add-header</A
+></H4
><P
></P
><DIV
> are, you definitely don't need to worry about this
one.
</P
+><P
+> Headers added by this action are not modified by other actions.
+ </P
></DD
><DT
>Example usage:</DT
CLASS="SECT3"
><A
NAME="BLOCK"
-></A
->8.5.2. block</H4
+>8.5.2. block</A
+></H4
><P
></P
><DIV
>Type:</DT
><DD
><P
->Boolean.</P
+>Parameterized.</P
></DD
><DT
>Parameter:</DT
><DD
><P
->N/A</P
+>A block reason that should be given to the user.</P
></DD
><DT
>Notes:</DT
CLASS="QUOTE"
>"BLOCKED"</SPAN
> page
- for requests to blocked pages. This page contains links to find out why the request
- was blocked, and a click-through to the blocked content (the latter only if compiled with the
- force feature enabled). The <SPAN
-CLASS="QUOTE"
->"BLOCKED"</SPAN
-> page adapts to the available
- screen space -- it displays full-blown if space allows, or miniaturized and text-only
- if loaded into a small frame or window. If you are using <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- right now, you can take a look at the
- <A
-HREF="http://ads.bannerserver.example.com/nasty-ads/sponsor.html"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"BLOCKED"</SPAN
->
- page</A
->.
+ for requests to blocked pages. This page contains the block reason given as
+ parameter, a link to find out why the block action applies, and a click-through
+ to the blocked content (the latter only if the force feature is available and
+ enabled).
</P
><P
>
><TD
><PRE
CLASS="SCREEN"
->{+block}
+>{+block{No nasty stuff for you.}}
# Block and replace with "blocked" page
.nasty-stuff.example.com
-{+block +handle-as-image}
+{+block{Doubleclick banners.} +handle-as-image}
# Block and replace with image
.ad.doubleclick.net
.ads.r.us/banners/
-{+block +handle-as-empty-document}
+{+block{Layered ads.} +handle-as-empty-document}
# Block and then ignore
- adserver.exampleclick.net/.*\.js$</PRE
+ adserver.example.net/.*\.js$</PRE
></TD
></TR
></TABLE
><H4
CLASS="SECT3"
><A
-NAME="CLIENT-HEADER-FILTER"
-></A
->8.5.3. client-header-filter</H4
+NAME="CHANGE-X-FORWARDED-FOR"
+>8.5.3. change-x-forwarded-for</A
+></H4
><P
></P
><DIV
>Typical use:</DT
><DD
><P
-> Rewrite or remove single client headers.
+>Improve privacy by not forwarding the source of the request in the HTTP headers.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+> Deletes the <SPAN
+CLASS="QUOTE"
+>"X-Forwarded-For:"</SPAN
+> HTTP header from the client request,
+ or adds a new one.
+ </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+></P
+><UL
+><LI
+><P
+><SPAN
+CLASS="QUOTE"
+>"block"</SPAN
+> to delete the header.</P
+></LI
+><LI
+><P
+> <SPAN
+CLASS="QUOTE"
+>"add"</SPAN
+> to create the header (or append
+ the client's IP address to an already existing one).
+ </P
+></LI
+></UL
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> It is safe and recommended to use <TT
+CLASS="LITERAL"
+>block</TT
+>.
+ </P
+><P
+> Forwarding the source address of the request may make
+ sense in some multi-user setups but is also a privacy risk.
+ </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+change-x-forwarded-for{block}</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="CLIENT-HEADER-FILTER"
+>8.5.4. client-header-filter</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+> Rewrite or remove single client headers.
</P
></DD
><DT
and use their output as input.
</P
><P
+> If the request URL gets changed, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will detect that and use the new
+ one. This can be used to rewrite the request destination behind the client's
+ back, for example to specify a Tor exit relay for certain requests.
+ </P
+><P
> Please refer to the <A
HREF="filter-file.html"
>filter file chapter</A
><TD
><PRE
CLASS="SCREEN"
->{+client-header-filter{hide-tor-exit-notation}}
-.exit/
+># Hide Tor exit notation in Host and Referer Headers
+{+client-header-filter{hide-tor-exit-notation}}
+/
</PRE
></TD
></TR
CLASS="SECT3"
><A
NAME="CLIENT-HEADER-TAGGER"
-></A
->8.5.4. client-header-tagger</H4
+>8.5.5. client-header-tagger</A
+></H4
><P
></P
><DIV
><PRE
CLASS="SCREEN"
># Tag every request with the User-Agent header
-{+client-header-filter{user-agent}}
+{+client-header-tagger{user-agent}}
/
+
+# Tagging itself doesn't change the action
+# settings, sections with TAG patterns do:
+#
+# If it's a download agent, use a different forwarding proxy,
+# show the real User-Agent and make sure resume works.
+{+forward-override{forward-socks5 10.0.0.2:2222 .} \
+ -hide-if-modified-since \
+ -overwrite-last-modified \
+ -hide-user-agent \
+ -filter \
+ -deanimate-gifs \
+}
+TAG:^User-Agent: NetBSD-ftp/
+TAG:^User-Agent: Novell ZYPP Installer
+TAG:^User-Agent: RPM APT-HTTP/
+TAG:^User-Agent: fetch libfetch/
+TAG:^User-Agent: Ubuntu APT-HTTP/
+TAG:^User-Agent: MPlayer/
</PRE
></TD
></TR
CLASS="SECT3"
><A
NAME="CONTENT-TYPE-OVERWRITE"
-></A
->8.5.5. content-type-overwrite</H4
+>8.5.6. content-type-overwrite</A
+></H4
><P
></P
><DIV
CLASS="SECT3"
><A
NAME="CRUNCH-CLIENT-HEADER"
-></A
->8.5.6. crunch-client-header</H4
+>8.5.7. crunch-client-header</A
+></H4
><P
></P
><DIV
CLASS="SECT3"
><A
NAME="CRUNCH-IF-NONE-MATCH"
-></A
->8.5.7. crunch-if-none-match</H4
+>8.5.8. crunch-if-none-match</A
+></H4
><P
></P
><DIV
</P
><P
> It is also useful to make sure the header isn't used as a cookie
- replacement.
+ replacement (unlikely but possible).
</P
><P
> Blocking the <SPAN
CLASS="QUOTE"
>"If-Modified-Since:"</SPAN
> header
- isn't blocked as well.
+ isn't blocked or missing as well.
</P
><P
> It is recommended to use this action together with
><TD
><PRE
CLASS="SCREEN"
-># Let the browser revalidate cached documents without being tracked across sessions
-{ +hide-if-modified-since{-60} \
+># Let the browser revalidate cached documents but don't
+# allow the server to use the revalidation headers for user tracking.
+{+hide-if-modified-since{-60} \
+overwrite-last-modified{randomize} \
+crunch-if-none-match}
/ </PRE
CLASS="SECT3"
><A
NAME="CRUNCH-INCOMING-COOKIES"
-></A
->8.5.8. crunch-incoming-cookies</H4
+>8.5.9. crunch-incoming-cookies</A
+></H4
><P
></P
><DIV
>Typical use:</DT
><DD
><P
-> Prevent the web server from setting any cookies on your system
+> Prevent the web server from setting HTTP cookies on your system
</P
></DD
><DT
CLASS="EMPHASIS"
>incoming</I
></SPAN
-> cookies. For
+> HTTP cookies. For
<SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>outgoing</I
></SPAN
-> cookies, use
+> HTTP cookies, use
<TT
CLASS="LITERAL"
><A
CLASS="EMPHASIS"
>both</I
></SPAN
-> to disable cookies completely.
+> to disable HTTP cookies completely.
</P
><P
> It makes <SPAN
CLASS="SECT3"
><A
NAME="CRUNCH-SERVER-HEADER"
-></A
->8.5.9. crunch-server-header</H4
+>8.5.10. crunch-server-header</A
+></H4
><P
></P
><DIV
CLASS="SECT3"
><A
NAME="CRUNCH-OUTGOING-COOKIES"
-></A
->8.5.10. crunch-outgoing-cookies</H4
+>8.5.11. crunch-outgoing-cookies</A
+></H4
><P
></P
><DIV
>Typical use:</DT
><DD
><P
-> Prevent the web server from reading any cookies from your system
+> Prevent the web server from reading any HTTP cookies from your system
</P
></DD
><DT
CLASS="EMPHASIS"
>outgoing</I
></SPAN
-> cookies. For
+> HTTP cookies. For
<SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>incoming</I
></SPAN
-> cookies, use
+> HTTP cookies, use
<TT
CLASS="LITERAL"
><A
CLASS="EMPHASIS"
>both</I
></SPAN
-> to disable cookies completely.
+> to disable HTTP cookies completely.
</P
><P
> It makes <SPAN
CLASS="SECT3"
><A
NAME="DEANIMATE-GIFS"
-></A
->8.5.11. deanimate-gifs</H4
+>8.5.12. deanimate-gifs</A
+></H4
><P
></P
><DIV
CLASS="SECT3"
><A
NAME="DOWNGRADE-HTTP-VERSION"
-></A
->8.5.12. downgrade-http-version</H4
+>8.5.13. downgrade-http-version</A
+></H4
><P
></P
><DIV
>
didn't support important HTTP/1.1 features well. It is left here for the
unlikely case that you experience HTTP/1.1 related problems with some server
- out there. Not all (optional) HTTP/1.1 features are supported yet, so there
- is a chance you might need this action.
+ out there. Not all HTTP/1.1 features and requirements are supported yet,
+ so there is a chance you might need this action.
</P
></DD
><DT
CLASS="SECT3"
><A
NAME="FAST-REDIRECTS"
-></A
->8.5.13. fast-redirects</H4
+>8.5.14. fast-redirects</A
+></H4
><P
></P
><DIV
><PRE
CLASS="SCREEN"
> { +fast-redirects{simple-check} }
- .example.com
+ one.example.com
{ +fast-redirects{check-decoded-url} }
another.example.com/testing</PRE
CLASS="SECT3"
><A
NAME="FILTER"
-></A
->8.5.14. filter</H4
+>8.5.15. filter</A
+></H4
><P
></P
><DIV
><P
> Filtering requires buffering the page content, which may appear to
slow down page rendering since nothing is displayed until all content has
- passed the filters. (It does not really take longer, but seems that way
- since the page is not incrementally displayed.) This effect will be more
- noticeable on slower connections.
+ passed the filters. (The total time until the page is completely rendered
+ doesn't change much, but it may be perceived as slower since the page is
+ not incrementally displayed.)
+ This effect will be more noticeable on slower connections.
</P
><P
> <SPAN
><TD
><PRE
CLASS="SCREEN"
->+filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse</PRE
+>+filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{js-events} # Kill all JS event bindings (Radically destructive! Only for extra nasty sites)</PRE
+>+filter{js-events} # Kill all JS event bindings and timers (Radically destructive! Only for extra nasty sites).</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{html-annoyances} # Get rid of particularly annoying HTML abuse</PRE
+>+filter{html-annoyances} # Get rid of particularly annoying HTML abuse.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{content-cookies} # Kill cookies that come in the HTML or JS content</PRE
+>+filter{content-cookies} # Kill cookies that come in the HTML or JS content.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{refresh-tags} # Kill automatic refresh tags (for dial-on-demand setups)</PRE
+>+filter{refresh-tags} # Kill automatic refresh tags (for dial-on-demand setups).</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective</PRE
+>+filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{banners-by-size} # Kill banners by size</PRE
+>+filter{banners-by-size} # Kill banners by size.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{banners-by-link} # Kill banners by their links to known clicktrackers</PRE
+>+filter{banners-by-link} # Kill banners by their links to known clicktrackers.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking)</PRE
+>+filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking).</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap</PRE
+>+filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{jumping-windows} # Prevent windows from resizing and moving themselves</PRE
+>+filter{jumping-windows} # Prevent windows from resizing and moving themselves.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{frameset-borders} # Give frames a border and make them resizeable</PRE
+>+filter{frameset-borders} # Give frames a border and make them resizable.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{demoronizer} # Fix MS's non-standard use of standard charsets</PRE
+>+filter{demoronizer} # Fix MS's non-standard use of standard charsets.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{shockwave-flash} # Kill embedded Shockwave Flash objects</PRE
+>+filter{shockwave-flash} # Kill embedded Shockwave Flash objects.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{quicktime-kioskmode} # Make Quicktime movies savable</PRE
+>+filter{quicktime-kioskmode} # Make Quicktime movies saveable.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{crude-parental} # Crude parental filtering (demo only)</PRE
+>+filter{crude-parental} # Crude parental filtering. Note that this filter doesn't work reliably.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{ie-exploits} # Disable some known Internet Explorer bug exploits</PRE
+>+filter{ie-exploits} # Disable some known Internet Explorer bug exploits.</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{site-specifics} # Custom filters for specific site related problems</PRE
+>+filter{site-specifics} # Cure for site-specific problems. Don't apply generally!</PRE
></TD
></TR
></TABLE
</P
><P
> <A
-NAME="FILTER-GOOGLE"
+NAME="FILTER-NO-PING"
></A
>
<TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{google} # Removes text ads and other Google specific improvements</PRE
+>+filter{no-ping} # Removes non-standard ping attributes in <a> and <area> tags.</PRE
></TD
></TR
></TABLE
</P
><P
> <A
-NAME="FILTER-YAHOO"
+NAME="FILTER-GOOGLE"
></A
>
<TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{yahoo} # Removes text ads and other Yahoo specific improvements</PRE
+>+filter{google} # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.</PRE
></TD
></TR
></TABLE
</P
><P
> <A
-NAME="FILTER-MSN"
+NAME="FILTER-YAHOO"
></A
>
<TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{msn} # Removes text ads and other MSN specific improvements</PRE
+>+filter{yahoo} # CSS-based block for Yahoo text ads. Also removes a width limitation.</PRE
></TD
></TR
></TABLE
</P
><P
> <A
-NAME="FILTER-BLOGSPOT"
+NAME="FILTER-MSN"
></A
>
<TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{blogspot} # Cleans up Blogspot blogs</PRE
+>+filter{msn} # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.</PRE
></TD
></TR
></TABLE
</P
><P
> <A
-NAME="FILTER-NO-PING"
+NAME="FILTER-BLOGSPOT"
></A
>
<TABLE
><TD
><PRE
CLASS="SCREEN"
->+filter{no-ping} # Removes non-standard ping attributes from anchor and area tags</PRE
+>+filter{blogspot} # Cleans up some Blogspot blogs. Read the fine print before using this.</PRE
></TD
></TR
></TABLE
CLASS="SECT3"
><A
NAME="FORCE-TEXT-MODE"
-></A
->8.5.15. force-text-mode</H4
+>8.5.16. force-text-mode</A
+></H4
><P
></P
><DIV
CLASS="SECT3"
><A
NAME="FORWARD-OVERRIDE"
-></A
->8.5.16. forward-override</H4
+>8.5.17. forward-override</A
+></H4
><P
></P
><DIV
>Effect:</DT
><DD
><P
-> Overrules the forward directives in the configuration files.
+> Overrules the forward directives in the configuration file.
</P
></DD
><DT
> <SPAN
CLASS="QUOTE"
>"forward-socks4a 127.0.0.1:9050 ."</SPAN
-> to use the socks4a proxy listening at 127.0.0.1 port 9050.
- Replace <SPAN
+> to use the socks4a proxy listening at
+ 127.0.0.1 port 9050. Replace <SPAN
CLASS="QUOTE"
>"forward-socks4a"</SPAN
> with <SPAN
CLASS="QUOTE"
>"forward-socks4"</SPAN
-> to use a socks4 connection (with local DNS
- resolution) instead.
+>
+ to use a socks4 connection (with local DNS resolution) instead, use <SPAN
+CLASS="QUOTE"
+>"forward-socks5"</SPAN
+>
+ for socks5 connections (with remote DNS resolution).
</P
></LI
><LI
> with <SPAN
CLASS="QUOTE"
>"forward-socks4"</SPAN
-> to use a socks4 connection (with local DNS
- resolution) instead.
+> to use a socks4 connection
+ (with local DNS resolution) instead, use <SPAN
+CLASS="QUOTE"
+>"forward-socks5"</SPAN
+>
+ for socks5 connections (with remote DNS resolution).
</P
></LI
></UL
>Notes:</DT
><DD
><P
-> This action takes parameters similar to the
+> This action takes parameters similar to the
<A
HREF="config.html#FORWARDING"
>forward</A
# This way you can continue to use Tor for your normal browsing,
# without overloading the Tor network with your FreeBSD ports updates
# or downloads of bigger files like ISOs.
+# Note that HTTP headers are easy to fake and therefore their
+# values are as (un)trustworthy as your clients and users.
{+forward-override{forward .} \
-hide-if-modified-since \
-overwrite-last-modified \
}
-TAG:^User-Agent: fetch libfetch/2.0$
+TAG:^User-Agent: fetch libfetch/2\.0$
</PRE
></TD
></TR
CLASS="SECT3"
><A
NAME="HANDLE-AS-EMPTY-DOCUMENT"
-></A
->8.5.17. handle-as-empty-document</H4
+>8.5.18. handle-as-empty-document</A
+></H4
><P
></P
><DIV
CLASS="SCREEN"
># Block all documents on example.org that end with ".js",
# but send an empty document instead of the usual HTML message.
-{+block +handle-as-empty-document}
+{+block{Blocked JavaScript} +handle-as-empty-document}
example.org/.*\.js$
</PRE
></TD
CLASS="SECT3"
><A
NAME="HANDLE-AS-IMAGE"
-></A
->8.5.18. handle-as-image</H4
+>8.5.19. handle-as-image</A
+></H4
><P
></P
><DIV
# These don't look like images, but they're banners and should be
# blocked as images:
#
-{+block +handle-as-image}
-some.nasty-banner-server.com/junk.cgi?output=trash
-
-# Banner source! Who cares if they also have non-image content?
-ad.doubleclick.net </PRE
+{+block{Nasty banners.} +handle-as-image}
+nasty-banner-server.example.com/junk.cgi\?output=trash</PRE
></TD
></TR
></TABLE
CLASS="SECT3"
><A
NAME="HIDE-ACCEPT-LANGUAGE"
-></A
->8.5.19. hide-accept-language</H4
+>8.5.20. hide-accept-language</A
+></H4
><P
></P
><DIV
CLASS="SECT3"
><A
NAME="HIDE-CONTENT-DISPOSITION"
-></A
->8.5.20. hide-content-disposition</H4
+>8.5.21. hide-content-disposition</A
+></H4
><P
></P
><DIV
to another one, but in most cases it isn't worth the time to set
it up.
</P
+><P
+> This action will probably be removed in the future,
+ use server-header filters instead.
+ </P
></DD
><DT
>Example usage:</DT
CLASS="SECT3"
><A
NAME="HIDE-IF-MODIFIED-SINCE"
-></A
->8.5.21. hide-if-modified-since</H4
+>8.5.22. hide-if-modified-since</A
+></H4
><P
></P
><DIV
CLASS="QUOTE"
>"If-Modified-Since:"</SPAN
> makes
- sure it isn't used as a cookie replacement, but you will run into
- caching problems if the random range is too high.
+ it less likely that the server can use the time as a cookie replacement,
+ but you will run into caching problems if the random range is too high.
</P
><P
> It is a good idea to only use a small negative value and let
HREF="actions-file.html#CRUNCH-IF-NONE-MATCH"
>crunch-if-none-match</A
></TT
->.
+>,
+ otherwise it's more or less pointless.
</P
></DD
><DT
><TD
><PRE
CLASS="SCREEN"
-># Let the browser revalidate without being tracked across sessions
-{ +hide-if-modified-since{-60} \
+># Let the browser revalidate but make tracking based on the time less likely.
+{+hide-if-modified-since{-60} \
+overwrite-last-modified{randomize} \
+crunch-if-none-match}
/</PRE
><H4
CLASS="SECT3"
><A
-NAME="HIDE-FORWARDED-FOR-HEADERS"
-></A
->8.5.22. hide-forwarded-for-headers</H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Typical use:</DT
-><DD
-><P
->Improve privacy by hiding the true source of the request</P
-></DD
-><DT
->Effect:</DT
-><DD
-><P
-> Deletes any existing <SPAN
-CLASS="QUOTE"
->"X-Forwarded-for:"</SPAN
-> HTTP header from client requests,
- and prevents adding a new one.
- </P
-></DD
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Parameter:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> It is fairly safe to leave this on.
- </P
-><P
-> This action is scheduled for improvement: It should be able to generate forged
- <SPAN
-CLASS="QUOTE"
->"X-Forwarded-for:"</SPAN
-> headers using random IP addresses from a specified network,
- to make successive requests from the same client look like requests from a pool of different
- users sharing the same proxy.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+hide-forwarded-for-headers</PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
NAME="HIDE-FROM-HEADER"
-></A
->8.5.23. hide-from-header</H4
+>8.5.23. hide-from-header</A
+></H4
><P
></P
><DIV
CLASS="SECT3"
><A
NAME="HIDE-REFERRER"
-></A
->8.5.24. hide-referrer</H4
+>8.5.24. hide-referrer</A
+></H4
><A
NAME="HIDE-REFERER"
></A
><P
><SPAN
CLASS="QUOTE"
+>"conditional-forge"</SPAN
+> to forge the header if the host has changed.</P
+></LI
+><LI
+><P
+><SPAN
+CLASS="QUOTE"
>"block"</SPAN
> to delete the header unconditionally.</P
></LI
><P
> Always blocking the referrer, or using a custom one, can lead to
failures on servers that check the referrer before they answer any
- requests, in an attempt to prevent their valuable content from being
+ requests, in an attempt to prevent their content from being
embedded or linked to elsewhere.
</P
><P
CLASS="SECT3"
><A
NAME="HIDE-USER-AGENT"
-></A
->8.5.25. hide-user-agent</H4
+>8.5.25. hide-user-agent</A
+></H4
><P
></P
><DIV
>Typical use:</DT
><DD
><P
->Conceal your type of browser and client operating system</P
+>Try to conceal your type of browser and client operating system</P
></DD
><DT
>Effect:</DT
></SPAN
> the right thing to do: good web sites
work browser-independently).
-
</P
></TD
></TR
(Must be just a silly MS goof, I'm sure :-).
</P
><P
-> This action is scheduled for improvement.
+> More information on known user-agent strings can be found at
+ <A
+HREF="http://www.user-agents.org/"
+TARGET="_top"
+>http://www.user-agents.org/</A
+>
+ and
+ <A
+HREF="http://en.wikipedia.org/wiki/User_agent"
+TARGET="_top"
+>http://en.wikipedia.org/wiki/User_agent</A
+>.
</P
></DD
><DT
><H4
CLASS="SECT3"
><A
-NAME="INSPECT-JPEGS"
-></A
->8.5.26. inspect-jpegs</H4
+NAME="LIMIT-CONNECT"
+>8.5.26. limit-connect</A
+></H4
><P
></P
><DIV
>Typical use:</DT
><DD
><P
->To protect against the MS buffer over-run in JPEG processing</P
+>Prevent abuse of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> as a TCP proxy relay or disable SSL for untrusted sites</P
></DD
><DT
>Effect:</DT
><DD
><P
-> Protect against a known exploit
+> Specifies to which ports HTTP CONNECT requests are allowable.
</P
></DD
><DT
>Type:</DT
><DD
><P
->Boolean.</P
+>Parameterized.</P
></DD
><DT
>Parameter:</DT
><DD
><P
-> N/A
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> See Microsoft Security Bulletin MS04-028. JPEG images are one of the most
- common image types found across the Internet. The exploit as described can
- allow execution of code on the target system, giving an attacker access
- to the system in question by merely planting an altered JPEG image, which
- would have no obvious indications of what lurks inside. This action
- prevents unwanted intrusion.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-><TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+inspect-jpegs</PRE
-></TD
-></TR
-></TABLE
-></P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="KILL-POPUPS"
-></A
->8.5.27. kill-popups<A
-NAME="KILL-POPUP"
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Typical use:</DT
-><DD
-><P
->Eliminate those annoying pop-up windows (deprecated)</P
-></DD
-><DT
->Effect:</DT
-><DD
-><P
-> While loading the document, replace JavaScript code that opens
- pop-up windows with (syntactically neutral) dummy code on the fly.
- </P
-></DD
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Parameter:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This action is basically a built-in, hardwired special-purpose filter
- action, but there are important differences: For <TT
-CLASS="LITERAL"
->kill-popups</TT
->,
- the document need not be buffered, so it can be incrementally rendered while
- downloading. But <TT
-CLASS="LITERAL"
->kill-popups</TT
-> doesn't catch as many pop-ups as
- <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#FILTER-ALL-POPUPS"
->filter{<TT
-CLASS="REPLACEABLE"
-><I
->all-popups</I
-></TT
->}</A
-></TT
->
- does and is not as smart as <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#FILTER-UNSOLICITED-POPUPS"
->filter{<TT
-CLASS="REPLACEABLE"
-><I
->unsolicited-popups</I
-></TT
->}</A
->
- </TT
->is.
- </P
-><P
-> Think of it as a fast and efficient replacement for a filter that you
- can use if you don't want any filtering at all. Note that it doesn't make
- sense to combine it with any <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#FILTER"
->filter</A
-></TT
-> action,
- since as soon as one <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#FILTER"
->filter</A
-></TT
-> applies,
- the whole document needs to be buffered anyway, which destroys the advantage of
- the <TT
-CLASS="LITERAL"
->kill-popups</TT
-> action over its filter equivalent.
- </P
-><P
-> Killing all pop-ups unconditionally is problematic. Many shops and banks rely on
- pop-ups to display forms, shopping carts etc, and the <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#FILTER-UNSOLICITED-POPUPS"
->filter{<TT
-CLASS="REPLACEABLE"
-><I
->unsolicited-popups</I
-></TT
->}</A
->
- </TT
-> does a better job of catching only the unwanted ones.
- </P
-><P
-> If the only kind of pop-ups that you want to kill are exit consoles (those
- <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->really nasty</I
-></SPAN
-> windows that appear when you close an other
- one), you might want to use
- <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#FILTER"
->filter</A
->{<TT
-CLASS="REPLACEABLE"
-><I
->js-annoyances</I
-></TT
->}</TT
->
- instead.
- </P
-><P
-> This action is most appropriate for browsers that don't have any controls
- for unwanted pop-ups. Not recommended for general usage.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-><TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+kill-popups</PRE
-></TD
-></TR
-></TABLE
-></P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="LIMIT-CONNECT"
-></A
->8.5.28. limit-connect</H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Typical use:</DT
-><DD
-><P
->Prevent abuse of <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> as a TCP proxy relay or disable SSL for untrusted sites</P
-></DD
-><DT
->Effect:</DT
-><DD
-><P
-> Specifies to which ports HTTP CONNECT requests are allowable.
- </P
-></DD
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Parameter:</DT
-><DD
-><P
-> A comma-separated list of ports or port ranges (the latter using dashes, with the minimum
- defaulting to 0 and the maximum to 65K).
+> A comma-separated list of ports or port ranges (the latter using dashes, with the minimum
+ defaulting to 0 and the maximum to 65K).
</P
></DD
><DT
<SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> only allows HTTP CONNECT
- requests to port 443 (the standard, secure HTTPS port). Use
- <TT
+> allows HTTP CONNECT requests to all
+ ports. Use <TT
CLASS="LITERAL"
>limit-connect</TT
-> if more fine-grained control is desired
- for some or all destinations.
+> if fine-grained control
+ is desired for some or all destinations.
</P
><P
> The CONNECT methods exists in HTTP to allow access to secure websites
> URLs) through proxies. It works very simply:
the proxy connects to the server on the specified port, and then
short-circuits its connections to the client and to the remote server.
- This can be a big security hole, since CONNECT-enabled proxies can be
- abused as TCP relays very easily.
+ This means CONNECT-enabled proxies can be used as TCP relays very easily.
</P
><P
> <SPAN
>Privoxy</SPAN
>'s
filters. By specifying an invalid port range you can disable HTTPS entirely.
- If you plan to disable SSL by default, consider enabling
- <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#TREAT-FORBIDDEN-CONNECTS-LIKE-BLOCKS"
->treat-forbidden-connects-like-blocks</A
-></TT
->
- as well, to be able to quickly create exceptions.
</P
></DD
><DT
><TD
><PRE
CLASS="SCREEN"
->+limit-connect{443} # This is the default and need not be specified.
+>+limit-connect{443} # Port 443 is OK.
+limit-connect{80,443} # Ports 80 and 443 are OK.
+limit-connect{-3, 7, 20-100, 500-} # Ports less than 3, 7, 20 to 100 and above 500 are OK.
+limit-connect{-} # All ports are OK
CLASS="SECT3"
><A
NAME="PREVENT-COMPRESSION"
-></A
->8.5.29. prevent-compression</H4
+>8.5.27. prevent-compression</A
+></H4
><P
></P
><DIV
HREF="actions-file.html#FILTER"
>filter</A
></TT
->, <TT
+> and
+ <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#DEANIMATE-GIFS"
>deanimate-gifs</A
></TT
>
- and <TT
-CLASS="LITERAL"
-><A
-HREF="actions-file.html#KILL-POPUPS"
->kill-popups</A
-></TT
-> actions need
- access to the uncompressed data.
+ actions need access to the uncompressed data.
</P
><P
> When compiled with zlib support (available since <SPAN
CLASS="SECT3"
><A
NAME="OVERWRITE-LAST-MODIFIED"
-></A
->8.5.30. overwrite-last-modified</H4
+>8.5.28. overwrite-last-modified</A
+></H4
><P
></P
><DIV
CLASS="LITERAL"
><A
HREF="actions-file.html#HIDE-IF-MODIFIED-SINCE"
->hided-if-modified-since</A
+>hide-if-modified-since</A
></TT
>
to further customize your random range.
CLASS="SECT3"
><A
NAME="REDIRECT"
-></A
->8.5.31. redirect</H4
+>8.5.29. redirect</A
+></H4
><P
></P
><DIV
and be aware that using your own redirects might make it
possible to fingerprint your requests.
</P
+><P
+> In case of problems with your redirects, or simply to watch
+ them working, enable <A
+HREF="config.html#DEBUG"
+>debug 128</A
+>.
+ </P
></DD
><DT
>Example usages:</DT
# (Note the $ at the end of the URL pattern to make sure
# the request for the rewritten URL isn't redirected as well)
{+redirect{s@$@&mode=expanded@}}
-undeadly.org/cgi\?action=article&sid=\d*$</PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="SEND-VANILLA-WAFER"
-></A
->8.5.32. send-vanilla-wafer</H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Typical use:</DT
-><DD
-><P
-> Feed log analysis scripts with useless data.
- </P
-></DD
-><DT
->Effect:</DT
-><DD
-><P
-> Sends a cookie with each request stating that you do not accept any copyright
- on cookies sent to you, and asking the site operator not to track you.
- </P
-></DD
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Parameter:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The vanilla wafer is a (relatively) unique header and could conceivably be used to track you.
- </P
-><P
-> This action is rarely used and not enabled in the default configuration.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+send-vanilla-wafer</PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="SEND-WAFER"
-></A
->8.5.33. send-wafer</H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Typical use:</DT
-><DD
-><P
-> Send custom cookies or feed log analysis scripts with even more useless data.
- </P
-></DD
-><DT
->Effect:</DT
-><DD
-><P
-> Sends a custom, user-defined cookie with each request.
- </P
-></DD
-><DT
->Type:</DT
-><DD
-><P
->Multi-value.</P
-></DD
-><DT
->Parameter:</DT
-><DD
-><P
-> A string of the form <SPAN
-CLASS="QUOTE"
->"<TT
-CLASS="REPLACEABLE"
-><I
->name</I
-></TT
->=<TT
-CLASS="REPLACEABLE"
-><I
->value</I
-></TT
->"</SPAN
->.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Being multi-valued, multiple instances of this action can apply to the same request,
- resulting in multiple cookies being sent.
- </P
-><P
-> This action is rarely used and not enabled in the default configuration.
- </P
-></DD
-><DT
->Example usage (section):</DT
-><DD
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->{+send-wafer{UsingPrivoxy=true}}
-my-internal-testing-server.void</PRE
+undeadly.org/cgi\?action=article&sid=\d*$
+
+# Redirect Google search requests to MSN
+{+redirect{s@^http://[^/]*/search\?q=([^&]*).*@http://search.msn.com/results.aspx?q=$1@}}
+.google.com/search
+
+# Redirect MSN search requests to Yahoo
+{+redirect{s@^http://[^/]*/results\.aspx\?q=([^&]*).*@http://search.yahoo.com/search?p=$1@}}
+search.msn.com//results\.aspx\?q=
+
+# Redirect remote requests for this manual
+# to the local version delivered by Privoxy
+{+redirect{s@^http://www@http://config@}}
+www.privoxy.org/user-manual/</PRE
></TD
></TR
></TABLE
CLASS="SECT3"
><A
NAME="SERVER-HEADER-FILTER"
-></A
->8.5.34. server-header-filter</H4
+>8.5.30. server-header-filter</A
+></H4
><P
></P
><DIV
CLASS="SECT3"
><A
NAME="SERVER-HEADER-TAGGER"
-></A
->8.5.35. server-header-tagger</H4
+>8.5.31. server-header-tagger</A
+></H4
><P
></P
><DIV
>Typical use:</DT
><DD
><P
-> Disable or disable filters based on the Content-Type header.
+> Enable or disable filters based on the Content-Type header.
</P
></DD
><DT
><TD
><PRE
CLASS="SCREEN"
-># Tag every request with the declared content type
-{+client-header-filter{content-type}}
+># Tag every request with the content type declared by the server
+{+server-header-tagger{content-type}}
/
</PRE
></TD
CLASS="SECT3"
><A
NAME="SESSION-COOKIES-ONLY"
-></A
->8.5.36. session-cookies-only</H4
+>8.5.32. session-cookies-only</A
+></H4
><P
></P
><DIV
CLASS="SECT3"
><A
NAME="SET-IMAGE-BLOCKER"
-></A
->8.5.37. set-image-blocker</H4
+>8.5.33. set-image-blocker</A
+></H4
><P
></P
><DIV
></DIV
><DIV
CLASS="SECT3"
-><H4
-CLASS="SECT3"
-><A
-NAME="TREAT-FORBIDDEN-CONNECTS-LIKE-BLOCKS"
-></A
->8.5.38. treat-forbidden-connects-like-blocks</H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Typical use:</DT
-><DD
-><P
->Block forbidden connects with an easy to find error message.</P
-></DD
-><DT
->Effect:</DT
-><DD
-><P
-> If this action is enabled, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> no longer
- makes a difference between forbidden connects and ordinary blocks.
- </P
-></DD
-><DT
->Type:</DT
-><DD
-><P
->Boolean</P
-></DD
-><DT
->Parameter:</DT
-><DD
-><P
->N/A</P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> By default <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> answers
- <A
-HREF="actions-file.html#LIMIT-CONNECT"
->forbidden <SPAN
-CLASS="QUOTE"
->"Connect"</SPAN
-> requests</A
->
- with a short error message inside the headers. If the browser doesn't display
- headers (most don't), you just see an empty page.
- </P
-><P
-> With this action enabled, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> displays
- the message that is used for ordinary blocks instead. If you decide
- to make an exception for the page in question, you can do so by
- following the <SPAN
-CLASS="QUOTE"
->"See why"</SPAN
-> link.
- </P
-><P
-> For <SPAN
-CLASS="QUOTE"
->"Connect"</SPAN
-> requests the clients tell
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> which host they are interested
- in, but not which document they plan to get later. As a result, the
- <SPAN
-CLASS="QUOTE"
->"Go there anyway"</SPAN
-> wouldn't work and is therefore suppressed.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->+treat-forbidden-connects-like-blocks</PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
><H3
CLASS="SECT3"
><A
-NAME="AEN4122"
-></A
->8.5.39. Summary</H3
+NAME="AEN4460"
+>8.5.34. Summary</A
+></H3
><P
> Note that many of these actions have the potential to cause a page to
misbehave, possibly even not to display at all. There are many ways
CLASS="SECT2"
><A
NAME="ALIASES"
-></A
->8.6. Aliases</H2
+>8.6. Aliases</A
+></H2
><P
> Custom <SPAN
CLASS="QUOTE"
HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
>crunch-outgoing-cookies</A
>
- +block-as-image = +block +handle-as-image
+ +block-as-image = +block{Blocked image.} +handle-as-image
allow-all-cookies = -crunch-all-cookies -<A
HREF="actions-file.html#SESSION-COOKIES-ONLY"
>session-cookies-only</A
HREF="actions-file.html#HIDE-REFERER"
>hide-referrer</A
> -<A
-HREF="actions-file.html#KILL-POPUPS"
->kill-popups</A
-> -<A
HREF="actions-file.html#PREVENT-COMPRESSION"
>prevent-compression</A
>
shop = -crunch-all-cookies -<A
HREF="actions-file.html#FILTER-ALL-POPUPS"
>filter{all-popups}</A
-> -<A
-HREF="actions-file.html#KILL-POPUPS"
->kill-popups</A
>
# Short names for other aliases, for really lazy people ;-)
# These shops require pop-ups:
#
- {-kill-popups -filter{all-popups} -filter{unsolicited-popups}}
+ {-filter{all-popups} -filter{unsolicited-popups}}
.dabs.com
.overclockers.co.uk</PRE
></TD
CLASS="SECT2"
><A
NAME="ACT-EXAMPLES"
-></A
->8.7. Actions Files Tutorial</H2
+>8.7. Actions Files Tutorial</A
+></H2
><P
> The above chapters have shown <A
HREF="actions-file.html"
>. Now, let's look at an
example <TT
CLASS="FILENAME"
+>match-all.action</TT
+>, <TT
+CLASS="FILENAME"
+>default.action</TT
+>
+ and <TT
+CLASS="FILENAME"
+>user.action</TT
+> file and see how all these pieces come together:</P
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="AEN4524"
+>8.7.1. match-all.action</A
+></H3
+><P
+> Remember <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all actions are disabled when matching starts</I
+></SPAN
+>,
+ so we have to explicitly enable the ones we want.</P
+><P
+> While the <TT
+CLASS="FILENAME"
+>match-all.action</TT
+> file only contains a
+ single section, it is probably the most important one. It has only one
+ pattern, <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="LITERAL"
+>/</TT
+>"</SPAN
+>, but this pattern
+ <A
+HREF="actions-file.html#AF-PATTERNS"
+>matches all URLs</A
+>. Therefore, the set of
+ actions used in this <SPAN
+CLASS="QUOTE"
+>"default"</SPAN
+> section <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>will
+ be applied to all requests as a start</I
+></SPAN
+>. It can be partly or
+ wholly overridden by other actions files like <TT
+CLASS="FILENAME"
>default.action</TT
-> and <TT
+>
+ and <TT
CLASS="FILENAME"
>user.action</TT
->
- file and see how all these pieces come together:</P
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN4187"
-></A
->8.7.1. default.action</H3
+>, but it will still be largely responsible
+ for your overall browsing experience.</P
><P
->Every config file should start with a short comment stating its purpose:</P
+> Again, at the start of matching, all actions are disabled, so there is
+ no need to disable any actions here. (Remember: a <SPAN
+CLASS="QUOTE"
+>"+"</SPAN
+>
+ preceding the action name enables the action, a <SPAN
+CLASS="QUOTE"
+>"-"</SPAN
+> disables!).
+ Also note how this long line has been made more readable by splitting it into
+ multiple lines with line continuation.</P
><P
> <TABLE
BORDER="0"
><TD
><PRE
CLASS="SCREEN"
-># Sample default.action file <ijbswa-developers@lists.sourceforge.net></PRE
+>{ \
+ +<A
+HREF="actions-file.html#CHANGE-X-FORWARDED-FOR"
+>change-x-forwarded-for{block}</A
+> \
+ +<A
+HREF="actions-file.html#HIDE-FROM-HEADER"
+>hide-from-header{block}</A
+> \
+ +<A
+HREF="actions-file.html#SET-IMAGE-BLOCKER"
+>set-image-blocker{pattern}</A
+> \
+}
+/ # Match all URLs
+ </PRE
></TD
></TR
></TABLE
></P
><P
->Then, since this is the <TT
+> The default behavior is now set.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="AEN4546"
+>8.7.2. default.action</A
+></H3
+><P
+> If you aren't a developer, there's no need for you to edit the
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+> file. It is maintained by
+ the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> developers and if you disagree with some of the
+ sections, you should overrule them in your <TT
+CLASS="FILENAME"
+>user.action</TT
+>.</P
+><P
+> Understanding the <TT
CLASS="FILENAME"
>default.action</TT
-> file, the
-first section is a special section for internal use that you needn't
-change or worry about:</P
+> file can
+ help you with your <TT
+CLASS="FILENAME"
+>user.action</TT
+>, though.</P
+><P
+> The first section in this file is a special section for internal use
+ that prevents older <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> versions from reading the file:</P
><P
> <TABLE
BORDER="0"
>##########################################################################
# Settings -- Don't change! For internal Privoxy use ONLY.
##########################################################################
-
{{settings}}
-for-privoxy-version=3.0</PRE
+for-privoxy-version=3.0.11</PRE
></TD
></TR
></TABLE
></P
><P
->After that comes the (optional) alias section. We'll use the example
-section from the above <A
+> After that comes the (optional) alias section. We'll use the example
+
section from the above <A
HREF="actions-file.html#ALIASES"
>chapter on aliases</A
>,
-that also explains why and how aliases are used:</P
+ that also explains why and how aliases are used:</P
><P
> <TABLE
BORDER="0"
HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
>crunch-outgoing-cookies</A
>
- +block-as-image = +block +handle-as-image
+ +block-as-image = +block{Blocked image.} +handle-as-image
mercy-for-cookies = -crunch-all-cookies -<A
HREF="actions-file.html#SESSION-COOKIES-ONLY"
>session-cookies-only</A
> -<A
HREF="actions-file.html#HIDE-REFERER"
>hide-referrer</A
-> -<A
-HREF="actions-file.html#KILL-POPUPS"
->kill-popups</A
>
shop = -crunch-all-cookies -<A
HREF="actions-file.html#FILTER-ALL-POPUPS"
>filter{all-popups}</A
-> -<A
-HREF="actions-file.html#KILL-POPUPS"
->kill-popups</A
></PRE
></TD
></TR
></TABLE
></P
><P
-> Now come the regular sections, i.e. sets of actions, accompanied
- by URL patterns to which they apply. Remember <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->all actions
- are disabled when matching starts</I
-></SPAN
->, so we have to explicitly
- enable the ones we want.</P
-><P
-> The first regular section is probably the most important. It has only
- one pattern, <SPAN
-CLASS="QUOTE"
->"<TT
-CLASS="LITERAL"
->/</TT
->"</SPAN
->, but this pattern
- <A
-HREF="actions-file.html#AF-PATTERNS"
->matches all URLs</A
->. Therefore, the
- set of actions used in this <SPAN
-CLASS="QUOTE"
->"default"</SPAN
-> section <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->will
- be applied to all requests as a start</I
-></SPAN
->. It can be partly or
- wholly overridden by later matches further down this file, or in user.action,
- but it will still be largely responsible for your overall browsing
- experience.</P
-><P
-> Again, at the start of matching, all actions are disabled, so there is
- no real need to disable any actions here, but we will do that nonetheless,
- to have a complete listing for your reference. (Remember: a <SPAN
-CLASS="QUOTE"
->"+"</SPAN
->
- preceding the action name enables the action, a <SPAN
-CLASS="QUOTE"
->"-"</SPAN
-> disables!).
- Also note how this long line has been made more readable by splitting it into
- multiple lines with line continuation.</P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="100%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
->##########################################################################
-# "Defaults" section:
-##########################################################################
- { \
- -<A
-HREF="actions-file.html#ADD-HEADER"
->add-header</A
-> \
- -<A
-HREF="actions-file.html#CLIENT-HEADER-FILTER"
->client-header-filter{hide-tor-exit-notation}</A
-> \
- -<A
-HREF="actions-file.html#BLOCK"
->block</A
-> \
- -<A
-HREF="actions-file.html#CONTENT-TYPE-OVERWRITE"
->content-type-overwrite</A
-> \
- -<A
-HREF="actions-file.html#CRUNCH-CLIENT-HEADER"
->crunch-client-header</A
-> \
- -<A
-HREF="actions-file.html#CRUNCH-IF-NONE-MATCH"
->crunch-if-none-match</A
-> \
- -<A
-HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
->crunch-incoming-cookies</A
-> \
- -<A
-HREF="actions-file.html#CRUNCH-SERVER-HEADER"
->crunch-server-header</A
-> \
- -<A
-HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
->crunch-outgoing-cookies</A
-> \
- +<A
-HREF="actions-file.html#DEANIMATE-GIFS"
->deanimate-gifs</A
-> \
- -<A
-HREF="actions-file.html#DOWNGRADE-HTTP-VERSION"
->downgrade-http-version</A
-> \
- -<A
-HREF="actions-file.html#FAST-REDIRECTS"
->fast-redirects{check-decoded-url}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-JS-ANNOYANCES"
->filter{js-annoyances}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-JS-EVENTS"
->filter{js-events}</A
-> \
- +<A
-HREF="actions-file.html#FILTER-HTML-ANNOYANCES"
->filter{html-annoyances}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-CONTENT-COOKIES"
->filter{content-cookies}</A
-> \
- +<A
-HREF="actions-file.html#FILTER-REFRESH-TAGS"
->filter{refresh-tags}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-UNSOLICITED-POPUPS"
->filter{unsolicited-popups}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-ALL-POPUPS"
->filter{all-popups}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-IMG-REORDER"
->filter{img-reorder}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-BANNERS-BY-SIZE"
->filter{banners-by-size}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-BANNERS-BY-LINK"
->filter{banners-by-link}</A
-> \
- +<A
-HREF="actions-file.html#FILTER-WEBBUGS"
->filter{webbugs}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-TINY-TEXTFORMS"
->filter{tiny-textforms}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-JUMPING-WINDOWS"
->filter{jumping-windows}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-FRAMESET-BORDERS"
->filter{frameset-borders}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-DEMORONIZER"
->filter{demoronizer}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-SHOCKWAVE-FLASH"
->filter{shockwave-flash}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-QUICKTIME-KIOSKMODE"
->filter{quicktime-kioskmode}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-FUN"
->filter{fun}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-CRUDE-PARENTAL"
->filter{crude-parental}</A
-> \
- +<A
-HREF="actions-file.html#FILTER-IE-EXPLOITS"
->filter{ie-exploits}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-GOOGLE"
->filter{google}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-YAHOO"
->filter{yahoo}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-MSN"
->filter{msn}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-BLOGSPOT"
->filter{blogspot}</A
-> \
- -<A
-HREF="actions-file.html#FILTER-NO-PING"
->filter{no-ping}</A
-> \
- -<A
-HREF="actions-file.html#FORCE-TEXT-MODE"
->force-text-mode</A
-> \
- -<A
-HREF="actions-file.html#HANDLE-AS-EMPTY-DOCUMENT"
->handle-as-empty-document</A
-> \
- -<A
-HREF="actions-file.html#HANDLE-AS-IMAGE"
->handle-as-image</A
-> \
- -<A
-HREF="actions-file.html#HIDE-ACCEPT-LANGUAGE"
->hide-accept-language</A
-> \
- -<A
-HREF="actions-file.html#HIDE-CONTENT-DISPOSITION"
->hide-content-disposition</A
-> \
- -<A
-HREF="actions-file.html#HIDE-IF-MODIFIED-SINCE"
->hide-if-modified-since</A
-> \
- +<A
-HREF="actions-file.html#HIDE-FORWARDED-FOR-HEADERS"
->hide-forwarded-for-headers</A
-> \
- +<A
-HREF="actions-file.html#HIDE-FROM-HEADER"
->hide-from-header{block}</A
-> \
- +<A
-HREF="actions-file.html#HIDE-REFERER"
->hide-referrer{forge}</A
-> \
- -<A
-HREF="actions-file.html#HIDE-USER-AGENT"
->hide-user-agent</A
-> \
- -<A
-HREF="actions-file.html#INSPECT-JPEGS"
->inspect-jpegs</A
-> \
- -<A
-HREF="actions-file.html#KILL-POPUPS"
->kill-popups</A
-> \
- -<A
-HREF="actions-file.html#LIMIT-CONNECT"
->limit-connect</A
-> \
- +<A
-HREF="actions-file.html#PREVENT-COMPRESSION"
->prevent-compression</A
-> \
- -<A
-HREF="actions-file.html#OVERWRITE-LAST-MODIFIED"
->overwrite-last-modified</A
-> \
- -<A
-HREF="actions-file.html#REDIRECT"
->redirect</A
-> \
- -<A
-HREF="actions-file.html#SEND-VANILLA-WAFER"
->send-vanilla-wafer</A
-> \
- -<A
-HREF="actions-file.html#SEND-WAFER"
->send-wafer</A
-> \
- -<A
-HREF="actions-file.html#SERVER-HEADER-FILTER"
->server-header-filter{xml-to-html}</A
-> \
- -<A
-HREF="actions-file.html#SERVER-HEADER-FILTER"
->server-header-filter{html-to-xml}</A
-> \
- +<A
-HREF="actions-file.html#SESSION-COOKIES-ONLY"
->session-cookies-only</A
-> \
- +<A
-HREF="actions-file.html#SET-IMAGE-BLOCKER"
->set-image-blocker{pattern}</A
-> \
- -<A
-HREF="actions-file.html#TREAT-FORBIDDEN-CONNECTS-LIKE-BLOCKS"
->treat-forbidden-connects-like-blocks</A
-> \
- }
- / # forward slash will match *all* potential URL patterns.</PRE
-></TD
-></TR
-></TABLE
-></P
-><P
-> The default behavior is now set. Note that some actions, like not hiding
- the user agent, are part of a <SPAN
-CLASS="QUOTE"
->"general policy"</SPAN
-> that applies
- universally and won't get any exceptions defined later. Other choices,
- like not blocking (which is <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->understandably</I
-></SPAN
-> the
- default!) need exceptions, i.e. we need to specify explicitly what we
- want to block in later sections.</P
-><P
> The first of our specialized sections is concerned with <SPAN
CLASS="QUOTE"
>"fragile"</SPAN
>fast-redirects</A
></TT
>
- action, which we enabled per default above, breaks some sites. So disable
- it for popular sites where we know it misbehaves:</P
+ action, which may have been enabled in <TT
+CLASS="FILENAME"
+>match-all.action</TT
+>,
+ breaks some sites. So disable it for popular sites where we know it misbehaves:</P
><P
> <TABLE
BORDER="0"
be blocked, a substitute image can be sent, rather than an HTML page.
Contacting the remote site to find out is not an option, since it
would destroy the loading time advantage of banner blocking, and it
- would feed the advertisers (in terms of money <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->and</I
-></SPAN
->
- information). We can mark any URL as an image with the <TT
+ would feed the advertisers information about you. We can mark any
+ URL as an image with the <TT
CLASS="LITERAL"
><A
HREF="actions-file.html#HANDLE-AS-IMAGE"
##########################################################################
{ <A
HREF="actions-file.html#BLOCK"
->+block</A
+>+block{Banner ads.}</A
> }
# Generic patterns:
><H3
CLASS="SECT3"
><A
-NAME="AEN4374"
-></A
->8.7.2. user.action</H3
+NAME="AEN4659"
+>8.7.3. user.action</A
+></H3
><P
> So far we are painting with a broad brush by setting general policies,
which would be a reasonable starting point for many people. Now,
><TD
><PRE
CLASS="SCREEN"
-># My user.action file. <fred@foobar.com></PRE
+># My user.action file. <fred@example.com></PRE
></TD
></TR
></TABLE
+crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
-crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
allow-all-cookies = -crunch-all-cookies -session-cookies-only
- allow-popups = -filter{all-popups} -kill-popups
-+block-as-image = +block +handle-as-image
+ allow-popups = -filter{all-popups}
++block-as-image = +block{Blocked as image.} +handle-as-image
-block-as-image = -block
# These aliases define combinations of actions that are useful for
# certain types of sites:
#
-fragile = -block -crunch-all-cookies -filter -fast-redirects -hide-referrer -kill-popups
+fragile = -block -crunch-all-cookies -filter -fast-redirects -hide-referrer
shop = -crunch-all-cookies allow-popups
# Allow ads for selected useful free sites:
and pasted the URL below while removing the leading http://, into a
<TT
CLASS="LITERAL"
->{ +block }</TT
+>{ +block{} }</TT
> section. Note that <TT
CLASS="LITERAL"
>{ +handle-as-image
>{ +<A
HREF="actions-file.html#BLOCK"
>block</A
-> }
+>{Nasty ads.} }
www.example.com/nasty-ads/sponsor\.gif
- another.popular.site.net/more/junk/here/</PRE
+ another.example.net/more/junk/here/</PRE
></TD
></TR
></TABLE
CLASS="FILENAME"
>default.filter</TT
>,
- but it is disabled in the distributed actions file. (My colleagues on the team just
- don't have a sense of humour, that's why! ;-). So you'd like to turn it on in your private,
+ but it is disabled in the distributed actions file.
+ So you'd like to turn it on in your private,
update-safe config, once and for all:</P
><P
><TABLE
projects / privoxy.git / blobdiff