+{+block{Doubleclick banners.} +handle-as-image}
+# Block and replace with image
+ .ad.doubleclick.net
+ .ads.r.us/banners/
+
+{+block{Layered ads.} +handle-as-empty-document}
+# Block and then ignore
+ adserver.example.net/.*\.js$
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="CHANGE-X-FORWARDED-FOR" id=
+ "CHANGE-X-FORWARDED-FOR">8.5.3. change-x-forwarded-for</a></h4>
+
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+
+ <dd>
+ <p>Improve privacy by not forwarding the source of the request
+ in the HTTP headers.</p>
+ </dd>
+
+ <dt>Effect:</dt>
+
+ <dd>
+ <p>Deletes the <span class="QUOTE">"X-Forwarded-For:"</span>
+ HTTP header from the client request, or adds a new one.</p>
+ </dd>
+
+ <dt>Type:</dt>
+
+ <dd>
+ <p>Parameterized.</p>
+ </dd>
+
+ <dt>Parameter:</dt>
+
+ <dd>
+ <ul>
+ <li>
+ <p><span class="QUOTE">"block"</span> to delete the
+ header.</p>
+ </li>
+
+ <li>
+ <p><span class="QUOTE">"add"</span> to create the header
+ (or append the client's IP address to an already existing
+ one).</p>
+ </li>
+ </ul>
+ </dd>
+
+ <dt>Notes:</dt>
+
+ <dd>
+ <p>It is safe and recommended to use <tt class=
+ "LITERAL">block</tt>.</p>
+
+ <p>Forwarding the source address of the request may make sense
+ in some multi-user setups but is also a privacy risk.</p>
+ </dd>
+
+ <dt>Example usage:</dt>
+
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
++change-x-forwarded-for{block}
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="CLIENT-HEADER-FILTER" id=
+ "CLIENT-HEADER-FILTER">8.5.4. client-header-filter</a></h4>
+
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+
+ <dd>
+ <p>Rewrite or remove single client headers.</p>
+ </dd>
+
+ <dt>Effect:</dt>
+
+ <dd>
+ <p>All client headers to which this action applies are filtered
+ on-the-fly through the specified regular expression based
+ substitutions.</p>
+ </dd>
+
+ <dt>Type:</dt>
+
+ <dd>
+ <p>Multi-value.</p>
+ </dd>
+
+ <dt>Parameter:</dt>
+
+ <dd>
+ <p>The name of a client-header filter, as defined in one of the
+ <a href="filter-file.html">filter files</a>.</p>
+ </dd>
+
+ <dt>Notes:</dt>
+
+ <dd>
+ <p>Client-header filters are applied to each header on its own,
+ not to all at once. This makes it easier to diagnose problems,
+ but on the downside you can't write filters that only change
+ header x if header y's value is z. You can do that by using
+ tags though.</p>
+
+ <p>Client-header filters are executed after the other header
+ actions have finished and use their output as input.</p>
+
+ <p>If the request URI gets changed, <span class=
+ "APPLICATION">Privoxy</span> will detect that and use the new
+ one. This can be used to rewrite the request destination behind
+ the client's back, for example to specify a Tor exit relay for
+ certain requests.</p>
+
+ <p>Please refer to the <a href="filter-file.html">filter file
+ chapter</a> to learn which client-header filters are available
+ by default, and how to create your own.</p>
+ </dd>
+
+ <dt>Example usage (section):</dt>
+
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
+# Hide Tor exit notation in Host and Referer Headers
+{+client-header-filter{hide-tor-exit-notation}}
+/
+
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="CLIENT-HEADER-TAGGER" id=
+ "CLIENT-HEADER-TAGGER">8.5.5. client-header-tagger</a></h4>
+
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+
+ <dd>
+ <p>Block requests based on their headers.</p>
+ </dd>
+
+ <dt>Effect:</dt>
+
+ <dd>
+ <p>Client headers to which this action applies are filtered
+ on-the-fly through the specified regular expression based
+ substitutions, the result is used as tag.</p>
+ </dd>
+
+ <dt>Type:</dt>
+
+ <dd>
+ <p>Multi-value.</p>
+ </dd>
+
+ <dt>Parameter:</dt>
+
+ <dd>
+ <p>The name of a client-header tagger, as defined in one of the
+ <a href="filter-file.html">filter files</a>.</p>
+ </dd>
+
+ <dt>Notes:</dt>
+
+ <dd>
+ <p>Client-header taggers are applied to each header on its own,
+ and as the header isn't modified, each tagger <span class=
+ "QUOTE">"sees"</span> the original.</p>
+
+ <p>Client-header taggers are the first actions that are
+ executed and their tags can be used to control every other
+ action.</p>
+ </dd>
+
+ <dt>Example usage (section):</dt>
+
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
+# Tag every request with the User-Agent header
+{+client-header-tagger{user-agent}}
+/
+
+# Tagging itself doesn't change the action
+# settings, sections with TAG patterns do:
+#
+# If it's a download agent, use a different forwarding proxy,
+# show the real User-Agent and make sure resume works.
+{+forward-override{forward-socks5 10.0.0.2:2222 .} \
+ -hide-if-modified-since \
+ -overwrite-last-modified \
+ -hide-user-agent \
+ -filter \
+ -deanimate-gifs \
+}
+TAG:^User-Agent: NetBSD-ftp/
+TAG:^User-Agent: Novell ZYPP Installer
+TAG:^User-Agent: RPM APT-HTTP/
+TAG:^User-Agent: fetch libfetch/
+TAG:^User-Agent: Ubuntu APT-HTTP/
+TAG:^User-Agent: MPlayer/
+
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
+# Tag all requests with the Range header set
+{+client-header-tagger{range-requests}}
+/
+
+# Disable filtering for the tagged requests.
+#
+# With filtering enabled Privoxy would remove the Range headers
+# to be able to filter the whole response. The downside is that
+# it prevents clients from resuming downloads or skipping over
+# parts of multimedia files.
+{-filter -deanimate-gifs}
+TAG:^RANGE-REQUEST$
+
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="CONTENT-TYPE-OVERWRITE" id=
+ "CONTENT-TYPE-OVERWRITE">8.5.6. content-type-overwrite</a></h4>
+
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+
+ <dd>
+ <p>Stop useless download menus from popping up, or change the
+ browser's rendering mode</p>
+ </dd>
+
+ <dt>Effect:</dt>
+
+ <dd>
+ <p>Replaces the <span class="QUOTE">"Content-Type:"</span> HTTP
+ server header.</p>
+ </dd>
+
+ <dt>Type:</dt>
+
+ <dd>
+ <p>Parameterized.</p>
+ </dd>
+
+ <dt>Parameter:</dt>
+
+ <dd>
+ <p>Any string.</p>
+ </dd>
+
+ <dt>Notes:</dt>
+
+ <dd>
+ <p>The <span class="QUOTE">"Content-Type:"</span> HTTP server
+ header is used by the browser to decide what to do with the
+ document. The value of this header can cause the browser to
+ open a download menu instead of displaying the document by
+ itself, even if the document's format is supported by the
+ browser.</p>
+
+ <p>The declared content type can also affect which rendering
+ mode the browser chooses. If XHTML is delivered as <span class=
+ "QUOTE">"text/html"</span>, many browsers treat it as yet
+ another broken HTML document. If it is send as <span class=
+ "QUOTE">"application/xml"</span>, browsers with XHTML support
+ will only display it, if the syntax is correct.</p>
+
+ <p>If you see a web site that proudly uses XHTML buttons, but
+ sets <span class="QUOTE">"Content-Type: text/html"</span>, you
+ can use <span class="APPLICATION">Privoxy</span> to overwrite
+ it with <span class="QUOTE">"application/xml"</span> and
+ validate the web master's claim inside your XHTML-supporting
+ browser. If the syntax is incorrect, the browser will complain
+ loudly.</p>
+
+ <p>You can also go the opposite direction: if your browser
+ prints error messages instead of rendering a document falsely
+ declared as XHTML, you can overwrite the content type with
+ <span class="QUOTE">"text/html"</span> and have it rendered as
+ broken HTML document.</p>
+
+ <p>By default <tt class="LITERAL">content-type-overwrite</tt>
+ only replaces <span class="QUOTE">"Content-Type:"</span>
+ headers that look like some kind of text. If you want to
+ overwrite it unconditionally, you have to combine it with
+ <tt class="LITERAL"><a href=
+ "actions-file.html#FORCE-TEXT-MODE">force-text-mode</a></tt>.
+ This limitation exists for a reason, think twice before
+ circumventing it.</p>
+
+ <p>Most of the time it's easier to replace this action with a
+ custom <tt class="LITERAL"><a href=
+ "actions-file.html#SERVER-HEADER-FILTER">server-header
+ filter</a></tt>. It allows you to activate it for every
+ document of a certain site and it will still only replace the
+ content types you aimed at.</p>
+
+ <p>Of course you can apply <tt class=
+ "LITERAL">content-type-overwrite</tt> to a whole site and then
+ make URL based exceptions, but it's a lot more work to get the
+ same precision.</p>
+ </dd>
+
+ <dt>Example usage (sections):</dt>
+
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
+# Check if www.example.net/ really uses valid XHTML
+{ +content-type-overwrite{application/xml} }
+www.example.net/
+
+# but leave the content type unmodified if the URL looks like a style sheet
+{-content-type-overwrite}
+www.example.net/.*\.css$
+www.example.net/.*style
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="CRUNCH-CLIENT-HEADER" id=
+ "CRUNCH-CLIENT-HEADER">8.5.7. crunch-client-header</a></h4>
+
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+
+ <dd>
+ <p>Remove a client header <span class=
+ "APPLICATION">Privoxy</span> has no dedicated action for.</p>
+ </dd>
+
+ <dt>Effect:</dt>
+
+ <dd>
+ <p>Deletes every header sent by the client that contains the
+ string the user supplied as parameter.</p>
+ </dd>
+
+ <dt>Type:</dt>
+
+ <dd>
+ <p>Parameterized.</p>
+ </dd>
+
+ <dt>Parameter:</dt>
+
+ <dd>
+ <p>Any string.</p>
+ </dd>
+
+ <dt>Notes:</dt>
+
+ <dd>
+ <p>This action allows you to block client headers for which no
+ dedicated <span class="APPLICATION">Privoxy</span> action
+ exists. <span class="APPLICATION">Privoxy</span> will remove
+ every client header that contains the string you supplied as
+ parameter.</p>
+
+ <p>Regular expressions are <span class="emphasis"><i class=
+ "EMPHASIS">not supported</i></span> and you can't use this
+ action to block different headers in the same request, unless
+ they contain the same string.</p>
+
+ <p><tt class="LITERAL">crunch-client-header</tt> is only meant
+ for quick tests. If you have to block several different
+ headers, or only want to modify parts of them, you should use a
+ <tt class="LITERAL"><a href=
+ "actions-file.html#CLIENT-HEADER-FILTER">client-header
+ filter</a></tt>.</p>
+
+ <div class="WARNING">
+ <table class="WARNING" border="1" width="90%">
+ <tr>
+ <td align="center"><b>Warning</b></td>
+ </tr>
+
+ <tr>
+ <td align="left">
+ <p>Don't block any header without understanding the
+ consequences.</p>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </dd>
+
+ <dt>Example usage (section):</dt>
+
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
+# Block the non-existent "Privacy-Violation:" client header
+{ +crunch-client-header{Privacy-Violation:} }
+/
+
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="CRUNCH-IF-NONE-MATCH" id=
+ "CRUNCH-IF-NONE-MATCH">8.5.8. crunch-if-none-match</a></h4>
+
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+
+ <dd>
+ <p>Prevent yet another way to track the user's steps between
+ sessions.</p>
+ </dd>
+
+ <dt>Effect:</dt>
+
+ <dd>
+ <p>Deletes the <span class="QUOTE">"If-None-Match:"</span> HTTP
+ client header.</p>
+ </dd>
+
+ <dt>Type:</dt>
+
+ <dd>
+ <p>Boolean.</p>
+ </dd>
+
+ <dt>Parameter:</dt>
+
+ <dd>
+ <p>N/A</p>
+ </dd>
+
+ <dt>Notes:</dt>
+
+ <dd>
+ <p>Removing the <span class="QUOTE">"If-None-Match:"</span>
+ HTTP client header is useful for filter testing, where you want
+ to force a real reload instead of getting status code
+ <span class="QUOTE">"304"</span> which would cause the browser
+ to use a cached copy of the page.</p>
+
+ <p>It is also useful to make sure the header isn't used as a
+ cookie replacement (unlikely but possible).</p>
+
+ <p>Blocking the <span class="QUOTE">"If-None-Match:"</span>
+ header shouldn't cause any caching problems, as long as the
+ <span class="QUOTE">"If-Modified-Since:"</span> header isn't
+ blocked or missing as well.</p>
+
+ <p>It is recommended to use this action together with
+ <tt class="LITERAL"><a href=
+ "actions-file.html#HIDE-IF-MODIFIED-SINCE">hide-if-modified-since</a></tt>
+ and <tt class="LITERAL"><a href=
+ "actions-file.html#OVERWRITE-LAST-MODIFIED">overwrite-last-modified</a></tt>.</p>
+ </dd>
+
+ <dt>Example usage (section):</dt>
+
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
+# Let the browser revalidate cached documents but don't
+# allow the server to use the revalidation headers for user tracking.
+{+hide-if-modified-since{-60} \
+ +overwrite-last-modified{randomize} \
+ +crunch-if-none-match}
+/
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="CRUNCH-INCOMING-COOKIES" id=
+ "CRUNCH-INCOMING-COOKIES">8.5.9. crunch-incoming-cookies</a></h4>
+
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+
+ <dd>
+ <p>Prevent the web server from setting HTTP cookies on your
+ system</p>
+ </dd>
+
+ <dt>Effect:</dt>
+
+ <dd>
+ <p>Deletes any <span class="QUOTE">"Set-Cookie:"</span> HTTP
+ headers from server replies.</p>
+ </dd>
+
+ <dt>Type:</dt>
+
+ <dd>
+ <p>Boolean.</p>
+ </dd>
+
+ <dt>Parameter:</dt>
+
+ <dd>
+ <p>N/A</p>
+ </dd>
+
+ <dt>Notes:</dt>
+
+ <dd>
+ <p>This action is only concerned with <span class=
+ "emphasis"><i class="EMPHASIS">incoming</i></span> HTTP
+ cookies. For <span class="emphasis"><i class=
+ "EMPHASIS">outgoing</i></span> HTTP cookies, use <tt class=
+ "LITERAL"><a href=
+ "actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a></tt>.
+ Use <span class="emphasis"><i class="EMPHASIS">both</i></span>
+ to disable HTTP cookies completely.</p>
+
+ <p>It makes <span class="emphasis"><i class="EMPHASIS">no sense
+ at all</i></span> to use this action in conjunction with the
+ <tt class="LITERAL"><a href=
+ "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a></tt>
+ action, since it would prevent the session cookies from being
+ set. See also <tt class="LITERAL"><a href=
+ "actions-file.html#FILTER-CONTENT-COOKIES">filter-content-cookies</a></tt>.</p>
+ </dd>
+
+ <dt>Example usage:</dt>
+
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
++crunch-incoming-cookies
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="CRUNCH-SERVER-HEADER" id=
+ "CRUNCH-SERVER-HEADER">8.5.10. crunch-server-header</a></h4>
+
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+
+ <dd>
+ <p>Remove a server header <span class=
+ "APPLICATION">Privoxy</span> has no dedicated action for.</p>
+ </dd>
+
+ <dt>Effect:</dt>
+
+ <dd>
+ <p>Deletes every header sent by the server that contains the
+ string the user supplied as parameter.</p>
+ </dd>
+
+ <dt>Type:</dt>
+
+ <dd>
+ <p>Parameterized.</p>
+ </dd>
+
+ <dt>Parameter:</dt>
+
+ <dd>
+ <p>Any string.</p>
+ </dd>
+
+ <dt>Notes:</dt>
+
+ <dd>
+ <p>This action allows you to block server headers for which no
+ dedicated <span class="APPLICATION">Privoxy</span> action
+ exists. <span class="APPLICATION">Privoxy</span> will remove
+ every server header that contains the string you supplied as
+ parameter.</p>
+
+ <p>Regular expressions are <span class="emphasis"><i class=
+ "EMPHASIS">not supported</i></span> and you can't use this
+ action to block different headers in the same request, unless
+ they contain the same string.</p>
+
+ <p><tt class="LITERAL">crunch-server-header</tt> is only meant
+ for quick tests. If you have to block several different
+ headers, or only want to modify parts of them, you should use a
+ custom <tt class="LITERAL"><a href=
+ "actions-file.html#SERVER-HEADER-FILTER">server-header
+ filter</a></tt>.</p>
+
+ <div class="WARNING">
+ <table class="WARNING" border="1" width="90%">
+ <tr>
+ <td align="center"><b>Warning</b></td>
+ </tr>
+
+ <tr>
+ <td align="left">
+ <p>Don't block any header without understanding the
+ consequences.</p>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </dd>
+
+ <dt>Example usage (section):</dt>
+
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
+# Crunch server headers that try to prevent caching
+{ +crunch-server-header{no-cache} }
+/
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="CRUNCH-OUTGOING-COOKIES" id=
+ "CRUNCH-OUTGOING-COOKIES">8.5.11. crunch-outgoing-cookies</a></h4>
+
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+
+ <dd>
+ <p>Prevent the web server from reading any HTTP cookies from
+ your system</p>
+ </dd>
+
+ <dt>Effect:</dt>
+
+ <dd>
+ <p>Deletes any <span class="QUOTE">"Cookie:"</span> HTTP
+ headers from client requests.</p>
+ </dd>
+
+ <dt>Type:</dt>
+
+ <dd>
+ <p>Boolean.</p>
+ </dd>
+
+ <dt>Parameter:</dt>
+
+ <dd>
+ <p>N/A</p>
+ </dd>
+
+ <dt>Notes:</dt>
+
+ <dd>
+ <p>This action is only concerned with <span class=
+ "emphasis"><i class="EMPHASIS">outgoing</i></span> HTTP
+ cookies. For <span class="emphasis"><i class=
+ "EMPHASIS">incoming</i></span> HTTP cookies, use <tt class=
+ "LITERAL"><a href=
+ "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a></tt>.
+ Use <span class="emphasis"><i class="EMPHASIS">both</i></span>
+ to disable HTTP cookies completely.</p>
+
+ <p>It makes <span class="emphasis"><i class="EMPHASIS">no sense
+ at all</i></span> to use this action in conjunction with the
+ <tt class="LITERAL"><a href=
+ "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a></tt>
+ action, since it would prevent the session cookies from being
+ read.</p>
+ </dd>
+
+ <dt>Example usage:</dt>
+
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
++crunch-outgoing-cookies
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="DEANIMATE-GIFS" id=
+ "DEANIMATE-GIFS">8.5.12. deanimate-gifs</a></h4>
+
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+
+ <dd>
+ <p>Stop those annoying, distracting animated GIF images.</p>
+ </dd>
+
+ <dt>Effect:</dt>
+
+ <dd>
+ <p>De-animate GIF animations, i.e. reduce them to their first
+ or last image.</p>
+ </dd>
+
+ <dt>Type:</dt>
+
+ <dd>
+ <p>Parameterized.</p>
+ </dd>
+
+ <dt>Parameter:</dt>
+
+ <dd>
+ <p><span class="QUOTE">"last"</span> or <span class=
+ "QUOTE">"first"</span></p>
+ </dd>
+
+ <dt>Notes:</dt>
+
+ <dd>
+ <p>This will also shrink the images considerably (in bytes, not
+ pixels!). If the option <span class="QUOTE">"first"</span> is
+ given, the first frame of the animation is used as the
+ replacement. If <span class="QUOTE">"last"</span> is given, the
+ last frame of the animation is used instead, which probably
+ makes more sense for most banner animations, but also has the
+ risk of not showing the entire last frame (if it is only a
+ delta to an earlier frame).</p>
+
+ <p>You can safely use this action with patterns that will also
+ match non-GIF objects, because no attempt will be made at
+ anything that doesn't look like a GIF.</p>
+ </dd>
+
+ <dt>Example usage:</dt>
+
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
++deanimate-gifs{last}
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="DOWNGRADE-HTTP-VERSION" id=
+ "DOWNGRADE-HTTP-VERSION">8.5.13. downgrade-http-version</a></h4>
+
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+
+ <dd>
+ <p>Work around (very rare) problems with HTTP/1.1</p>
+ </dd>
+
+ <dt>Effect:</dt>
+
+ <dd>
+ <p>Downgrades HTTP/1.1 client requests and server replies to
+ HTTP/1.0.</p>
+ </dd>
+
+ <dt>Type:</dt>
+
+ <dd>
+ <p>Boolean.</p>
+ </dd>
+
+ <dt>Parameter:</dt>
+
+ <dd>
+ <p>N/A</p>
+ </dd>
+
+ <dt>Notes:</dt>
+
+ <dd>
+ <p>This is a left-over from the time when <span class=
+ "APPLICATION">Privoxy</span> didn't support important HTTP/1.1
+ features well. It is left here for the unlikely case that you
+ experience HTTP/1.1-related problems with some server out
+ there.</p>
+
+ <p>Note that enabling this action is only a workaround. It
+ should not be enabled for sites that work without it. While it
+ shouldn't break any pages, it has an (usually negative)
+ performance impact.</p>
+
+ <p>If you come across a site where enabling this action helps,
+ please report it, so the cause of the problem can be analyzed.
+ If the problem turns out to be caused by a bug in <span class=
+ "APPLICATION">Privoxy</span> it should be fixed so the
+ following release works without the work around.</p>
+ </dd>
+
+ <dt>Example usage (section):</dt>
+
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
+{+downgrade-http-version}
+problem-host.example.com
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="EXTERNAL-FILTER" id=
+ "EXTERNAL-FILTER">8.5.14. external-filter</a></h4>
+
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+
+ <dd>
+ <p>Modify content using a programming language of your
+ choice.</p>
+ </dd>
+
+ <dt>Effect:</dt>
+
+ <dd>
+ <p>All instances of text-based type, most notably HTML and
+ JavaScript, to which this action applies, can be filtered
+ on-the-fly through the specified external filter. By default
+ plain text documents are exempted from filtering, because web
+ servers often use the <tt class="LITERAL">text/plain</tt> MIME
+ type for all files whose type they don't know.)</p>
+ </dd>
+
+ <dt>Type:</dt>
+
+ <dd>
+ <p>Multi-value.</p>
+ </dd>
+
+ <dt>Parameter:</dt>
+
+ <dd>
+ <p>The name of an external content filter, as defined in the
+ <a href="filter-file.html">filter file</a>. External filters
+ can be defined in one or more files as defined by the
+ <tt class="LITERAL"><a href=
+ "config.html#FILTERFILE">filterfile</a></tt> option in the
+ <a href="config.html">config file</a>.</p>
+
+ <p>When used in its negative form, and without parameters,
+ <span class="emphasis"><i class="EMPHASIS">all</i></span>
+ filtering with external filters is completely disabled.</p>
+ </dd>
+
+ <dt>Notes:</dt>
+
+ <dd>
+ <p>External filters are scripts or programs that can modify the
+ content in case common <tt class="LITERAL"><a href=
+ "actions-file.html#FILTER">filters</a></tt> aren't powerful
+ enough. With the exception that this action doesn't use
+ pcrs-based filters, the notes in the <tt class=
+ "LITERAL"><a href="actions-file.html#FILTER">filter</a></tt>
+ section apply.</p>
+
+ <div class="WARNING">
+ <table class="WARNING" border="1" width="90%">
+ <tr>
+ <td align="center"><b>Warning</b></td>
+ </tr>
+
+ <tr>
+ <td align="left">
+ <p>Currently external filters are executed with
+ <span class="APPLICATION">Privoxy</span>'s privileges.
+ Only use external filters you understand and trust.</p>
+ </td>
+ </tr>
+ </table>
+ </div>
+
+ <p>This feature is experimental, the <tt class=
+ "LITERAL"><a href=
+ "filter-file.html#EXTERNAL-FILTER-SYNTAX">syntax</a></tt> may
+ change in the future.</p>
+ </dd>
+
+ <dt>Example usage:</dt>
+
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
++external-filter{fancy-filter}
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="FAST-REDIRECTS" id=
+ "FAST-REDIRECTS">8.5.15. fast-redirects</a></h4>
+
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+
+ <dd>
+ <p>Fool some click-tracking scripts and speed up indirect
+ links.</p>
+ </dd>
+
+ <dt>Effect:</dt>
+
+ <dd>
+ <p>Detects redirection URLs and redirects the browser without
+ contacting the redirection server first.</p>
+ </dd>
+
+ <dt>Type:</dt>
+
+ <dd>
+ <p>Parameterized.</p>
+ </dd>
+
+ <dt>Parameter:</dt>
+
+ <dd>
+ <ul>
+ <li>
+ <p><span class="QUOTE">"simple-check"</span> to just search
+ for the string <span class="QUOTE">"http://"</span> to
+ detect redirection URLs.</p>
+ </li>
+
+ <li>
+ <p><span class="QUOTE">"check-decoded-url"</span> to decode
+ URLs (if necessary) before searching for redirection
+ URLs.</p>
+ </li>
+ </ul>
+ </dd>
+
+ <dt>Notes:</dt>
+
+ <dd>
+ <p>Many sites, like yahoo.com, don't just link to other sites.
+ Instead, they will link to some script on their own servers,
+ giving the destination as a parameter, which will then redirect
+ you to the final target. URLs resulting from this scheme
+ typically look like: <span class=
+ "QUOTE">"http://www.example.org/click-tracker.cgi?target=http%3a//www.example.net/"</span>.</p>
+
+ <p>Sometimes, there are even multiple consecutive redirects
+ encoded in the URL. These redirections via scripts make your
+ web browsing more traceable, since the server from which you
+ follow such a link can see where you go to. Apart from that,
+ valuable bandwidth and time is wasted, while your browser asks
+ the server for one redirect after the other. Plus, it feeds the
+ advertisers.</p>
+
+ <p>This feature is currently not very smart and is scheduled
+ for improvement. If it is enabled by default, you will have to
+ create some exceptions to this action. It can lead to failures
+ in several ways:</p>
+
+ <p>Not every URLs with other URLs as parameters is evil. Some
+ sites offer a real service that requires this information to
+ work. For example a validation service needs to know, which
+ document to validate. <tt class="LITERAL">fast-redirects</tt>
+ assumes that every URL parameter that looks like another URL is
+ a redirection target, and will always redirect to the last one.
+ Most of the time the assumption is correct, but if it isn't,
+ the user gets redirected anyway.</p>
+
+ <p>Another failure occurs if the URL contains other parameters
+ after the URL parameter. The URL: <span class=
+ "QUOTE">"http://www.example.org/?redirect=http%3a//www.example.net/&foo=bar"</span>.
+ contains the redirection URL <span class=
+ "QUOTE">"http://www.example.net/"</span>, followed by another
+ parameter. <tt class="LITERAL">fast-redirects</tt> doesn't know
+ that and will cause a redirect to <span class=
+ "QUOTE">"http://www.example.net/&foo=bar"</span>. Depending
+ on the target server configuration, the parameter will be
+ silently ignored or lead to a <span class="QUOTE">"page not
+ found"</span> error. You can prevent this problem by first
+ using the <tt class="LITERAL"><a href=
+ "actions-file.html#REDIRECT">redirect</a></tt> action to remove
+ the last part of the URL, but it requires a little effort.</p>
+
+ <p>To detect a redirection URL, <tt class=
+ "LITERAL">fast-redirects</tt> only looks for the string
+ <span class="QUOTE">"http://"</span>, either in plain text
+ (invalid but often used) or encoded as <span class=
+ "QUOTE">"http%3a//"</span>. Some sites use their own URL
+ encoding scheme, encrypt the address of the target server or
+ replace it with a database id. In theses cases <tt class=
+ "LITERAL">fast-redirects</tt> is fooled and the request reaches
+ the redirection server where it probably gets logged.</p>
+ </dd>
+
+ <dt>Example usage:</dt>
+
+ <dd>
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
+ { +fast-redirects{simple-check} }
+ one.example.com
+
+ { +fast-redirects{check-decoded-url} }
+ another.example.com/testing
+</pre>
+ </td>
+ </tr>
+ </table>
+ </dd>
+ </dl>
+ </div>
+ </div>
+
+ <div class="SECT3">
+ <h4 class="SECT3"><a name="FILTER" id="FILTER">8.5.16.
+ filter</a></h4>
+
+ <div class="VARIABLELIST">
+ <dl>
+ <dt>Typical use:</dt>
+
+ <dd>
+ <p>Get rid of HTML and JavaScript annoyances, banner
+ advertisements (by size), do fun text replacements, add
+ personalized effects, etc.</p>
+ </dd>
+
+ <dt>Effect:</dt>
+
+ <dd>
+ <p>All instances of text-based type, most notably HTML and
+ JavaScript, to which this action applies, can be filtered
+ on-the-fly through the specified regular expression based
+ substitutions. (Note: as of version 3.0.3 plain text documents
+ are exempted from filtering, because web servers often use the
+ <tt class="LITERAL">text/plain</tt> MIME type for all files
+ whose type they don't know.)</p>
+ </dd>
+
+ <dt>Type:</dt>
+
+ <dd>
+ <p>Multi-value.</p>
+ </dd>
+
+ <dt>Parameter:</dt>
+
+ <dd>
+ <p>The name of a content filter, as defined in the <a href=
+ "filter-file.html">filter file</a>. Filters can be defined in
+ one or more files as defined by the <tt class=
+ "LITERAL"><a href="config.html#FILTERFILE">filterfile</a></tt>
+ option in the <a href="config.html">config file</a>. <tt class=
+ "FILENAME">default.filter</tt> is the collection of filters
+ supplied by the developers. Locally defined filters should go
+ in their own file, such as <tt class=
+ "FILENAME">user.filter</tt>.</p>
+
+ <p>When used in its negative form, and without parameters,
+ <span class="emphasis"><i class="EMPHASIS">all</i></span>
+ filtering is completely disabled.</p>
+ </dd>
+
+ <dt>Notes:</dt>
+
+ <dd>
+ <p>For your convenience, there are a number of pre-defined
+ filters available in the distribution filter file that you can
+ use. See the examples below for a list.</p>
+
+ <p>Filtering requires buffering the page content, which may
+ appear to slow down page rendering since nothing is displayed
+ until all content has passed the filters. (The total time until
+ the page is completely rendered doesn't change much, but it may
+ be perceived as slower since the page is not incrementally
+ displayed.) This effect will be more noticeable on slower
+ connections.</p>
+
+ <p><span class="QUOTE">"Rolling your own"</span> filters
+ requires a knowledge of <a href=
+ "http://en.wikipedia.org/wiki/Regular_expressions" target=
+ "_top"><span class="QUOTE">"Regular Expressions"</span></a> and
+ <a href="http://en.wikipedia.org/wiki/Html" target=
+ "_top"><span class="QUOTE">"HTML"</span></a>. This is very
+ powerful feature, and potentially very intrusive. Filters
+ should be used with caution, and where an equivalent
+ <span class="QUOTE">"action"</span> is not available.</p>
+
+ <p>The amount of data that can be filtered is limited to the
+ <tt class="LITERAL"><a href=
+ "config.html#BUFFER-LIMIT">buffer-limit</a></tt> option in the
+ main <a href="config.html">config file</a>. The default is 4096
+ KB (4 Megs). Once this limit is exceeded, the buffered data,
+ and all pending data, is passed through unfiltered.</p>
+
+ <p>Inappropriate MIME types, such as zipped files, are not
+ filtered at all. (Again, only text-based types except plain
+ text). Encrypted SSL data (from HTTPS servers) cannot be
+ filtered either, since this would violate the integrity of the
+ secure transaction. In some situations it might be necessary to
+ protect certain text, like source code, from filtering by
+ defining appropriate <tt class="LITERAL">-filter</tt>
+ exceptions.</p>
+
+ <p>Compressed content can't be filtered either, but if
+ <span class="APPLICATION">Privoxy</span> is compiled with zlib
+ support and a supported compression algorithm is used (gzip or
+ deflate), <span class="APPLICATION">Privoxy</span> can first
+ decompress the content and then filter it.</p>
+
+ <p>If you use a <span class="APPLICATION">Privoxy</span>
+ version without zlib support, but want filtering to work on as
+ much documents as possible, even those that would normally be
+ sent compressed, you must use the <tt class="LITERAL"><a href=
+ "actions-file.html#PREVENT-COMPRESSION">prevent-compression</a></tt>
+ action in conjunction with <tt class="LITERAL">filter</tt>.</p>
+
+ <p>Content filtering can achieve some of the same effects as
+ the <tt class="LITERAL"><a href=
+ "actions-file.html#BLOCK">block</a></tt> action, i.e. it can be
+ used to block ads and banners. But the mechanism works quite
+ differently. One effective use, is to block ad banners based on
+ their size (see below), since many of these seem to be somewhat
+ standardized.</p>
+
+ <p><a href="contact.html">Feedback</a> with suggestions for new
+ or improved filters is particularly welcome!</p>
+
+ <p>The below list has only the names and a one-line description
+ of each predefined filter. There are <a href=
+ "filter-file.html#PREDEFINED-FILTERS">more verbose
+ explanations</a> of what these filters do in the <a href=
+ "filter-file.html">filter file chapter</a>.</p>
+ </dd>
+
+ <dt>Example usage (with filters from the distribution <tt class=
+ "FILENAME">default.filter</tt> file). See <a href=
+ "filter-file.html#PREDEFINED-FILTERS">the Predefined Filters
+ section</a> for more explanation on each:</dt>
+
+ <dd>
+ <p><a name="FILTER-JS-ANNOYANCES" id=
+ "FILTER-JS-ANNOYANCES"></a></p>
+
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
++filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p><a name="FILTER-JS-EVENTS" id="FILTER-JS-EVENTS"></a></p>
+
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
++filter{js-events} # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p><a name="FILTER-HTML-ANNOYANCES" id=
+ "FILTER-HTML-ANNOYANCES"></a></p>
+
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
++filter{html-annoyances} # Get rid of particularly annoying HTML abuse.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p><a name="FILTER-CONTENT-COOKIES" id=
+ "FILTER-CONTENT-COOKIES"></a></p>
+
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
++filter{content-cookies} # Kill cookies that come in the HTML or JS content.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p><a name="FILTER-REFRESH-TAGS" id=
+ "FILTER-REFRESH-TAGS"></a></p>
+
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
++filter{refresh-tags} # Kill automatic refresh tags if refresh time is larger than 9 seconds.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p><a name="FILTER-UNSOLICITED-POPUPS" id=
+ "FILTER-UNSOLICITED-POPUPS"></a></p>
+
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
++filter{unsolicited-popups} # Disable only unsolicited pop-up windows.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p><a name="FILTER-ALL-POPUPS" id="FILTER-ALL-POPUPS"></a></p>
+
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
++filter{all-popups} # Kill all popups in JavaScript and HTML.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p><a name="FILTER-IMG-REORDER" id=
+ "FILTER-IMG-REORDER"></a></p>
+
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
++filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective.
+</pre>
+ </td>
+ </tr>
+ </table>
+
+ <p><a name="FILTER-BANNERS-BY-SIZE" id=
+ "FILTER-BANNERS-BY-SIZE"></a></p>
+
+ <table border="0" bgcolor="#E0E0E0" width="90%">
+ <tr>
+ <td>
+ <pre class="SCREEN">
++filter{banners-by-size} # Kill banners by size.
+</pre>
+ </td>
+ </tr>
+ </table>