+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>Privoxy Configuration</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.64
-"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
-TITLE="Privoxy User Manual"
+TITLE="Privoxy 3.0.9 User Manual"
HREF="index.html"><LINK
REL="PREVIOUS"
-TITLE="Quickstart to Using Privoxy"
-HREF="quickstart.html"><LINK
+TITLE="Starting Privoxy"
+HREF="startup.html"><LINK
REL="NEXT"
-TITLE="Contacting the Developers, Bug Reporting and Feature
-Requests"
-HREF="contact.html"><LINK
+TITLE="The Main Configuration File"
+HREF="config.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
-HREF="../p_doc.css"></HEAD
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
><BODY
CLASS="SECT1"
BGCOLOR="#EEEEEE"
><DIV
CLASS="NAVHEADER"
><TABLE
+SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
><TH
COLSPAN="3"
ALIGN="center"
->Privoxy User Manual</TH
+>Privoxy 3.0.9 User Manual</TH
></TR
><TR
><TD
ALIGN="left"
VALIGN="bottom"
><A
-HREF="quickstart.html"
+HREF="startup.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
ALIGN="right"
VALIGN="bottom"
><A
-HREF="contact.html"
+HREF="config.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
CLASS="SECT1"
><A
NAME="CONFIGURATION"
->5. <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> Configuration</A
+>6. Privoxy Configuration</A
></H1
><P
> All <SPAN
>Privoxy</SPAN
> can
also be controlled easily with a web browser.
-
</P
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN324"
->5.1. Controlling <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> with Your Web Browser</A
+NAME="AEN806"
+>6.1. Controlling Privoxy with Your Web Browser</A
></H2
><P
> <SPAN
>),
which is a built-in page and works without Internet access.
You will see the following section: </P
-><P
-> <TABLE
+><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TD
><PRE
CLASS="SCREEN"
-> Please choose from the following options:
-
- * Privoxy main page
- * Show information about the current configuration
- * Show the source code version numbers
- * Show the request headers.
- * Show which actions apply to a URL and why
- * Toggle Privoxy on or off
- * Edit the actions list
-
- </PRE
-></TD
+> <H2
+CLASS="BRIDGEHEAD"
+><A
+NAME="AEN814"
+></A
+> Privoxy Menu</H2
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+> ▪ <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>View & change the current configuration</A
+>
+ </TD
+></TR
+><TR
+><TD
+> ▪ <A
+HREF="http://config.privoxy.org/show-version"
+TARGET="_top"
+>View the source code version numbers</A
+>
+ </TD
+></TR
+><TR
+><TD
+> ▪ <A
+HREF="http://config.privoxy.org/show-request"
+TARGET="_top"
+>View the request headers.</A
+>
+ </TD
+></TR
+><TR
+><TD
+> ▪ <A
+HREF="http://config.privoxy.org/show-url-info"
+TARGET="_top"
+>Look up which actions apply to a URL and why</A
+>
+ </TD
+></TR
+><TR
+><TD
+> ▪ <A
+HREF="http://config.privoxy.org/toggle"
+TARGET="_top"
+>Toggle Privoxy on or off</A
+>
+ </TD
+></TR
+><TR
+><TD
+> ▪ <A
+HREF="http://www.privoxy.org/ 3.0.9/user-manual/"
+TARGET="_top"
+>Documentation</A
+>
+ </TD
></TR
+></TBODY
></TABLE
+><P
></P
+></PRE
+></TD
+></TR
+></TABLE
><P
-> This should be self-explanatory. Note the last item is an editor for the
- <SPAN
-CLASS="QUOTE"
->"actions list"</SPAN
->, which is where much of the ad, banner, cookie,
- and URL blocking magic is configured as well as other advanced features of
+> This should be self-explanatory. Note the first item leads to an editor for the
+ <A
+HREF="actions-file.html"
+>actions files</A
+>, which is where the ad, banner,
+ cookie, and URL blocking magic is configured as well as other advanced features of
<SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
> continues
- to run as a proxy in this case, but all filtering is disabled. There
+ to run as a proxy in this case, but all manipulation is disabled, i.e.
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> acts like a normal forwarding proxy. There
is even a toggle <A
HREF="appendix.html#BOOKMARKLETS"
>Bookmarklet</A
>Privoxy</SPAN
> with one click from
your browser.</P
+><P
+> Note that several of the features described above are disabled by default
+ in <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 3.0.7 beta and later.
+ Check the
+ <A
+HREF="config.html"
+TARGET="_top"
+>configuration file</A
+> to learn why
+ and in which cases it's safe to enable them again.</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN343"
->5.2. Configuration Files Overview</A
+NAME="CONFOVERVIEW"
+>6.2. Configuration Files Overview</A
></H2
><P
> For Unix, *BSD and Linux, all configuration files are located in
and number of configuration files has changed from previous versions, and is
subject to change as development progresses.</P
><P
-> The installed defaults provide a reasonable starting point, though possibly
- aggressive by some standards. For the time being, there are only three
- default configuration files (this may change in time):</P
+> The installed defaults provide a reasonable starting point, though
+ some settings may be aggressive by some standards. For the time being, the
+ principle configuration files are:</P
><P
> <P
></P
><UL
><LI
><P
-> The main configuration file is named <TT
+> The <A
+HREF="config.html"
+>main configuration file</A
+> is named <TT
CLASS="FILENAME"
>config</TT
>
CLASS="FILENAME"
>config.txt</TT
>
- on Windows.
+ on Windows. This is a required file.
</P
></LI
><LI
> <TT
CLASS="FILENAME"
>default.action</TT
-> (the actions file) is used to define
- which of a set of various <SPAN
+> (the main <A
+HREF="actions-file.html"
+>actions file</A
+>)
+ is used to define which <SPAN
CLASS="QUOTE"
>"actions"</SPAN
-> relating to images, banners,
- pop-ups, access restrictions, banners and cookies are to be applied, and where.
- There is a web based editor for this file that can be accessed at <A
-HREF="http://config.privoxy.org/edit-actions/"
+> relating to banner-blocking, images, pop-ups,
+ content modification, cookie handling etc should be applied by default. It also defines many
+ exceptions (both positive and negative) from this default set of actions that enable
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to selectively eliminate the junk, and only the junk, on
+ as many websites as possible.
+ </P
+><P
+> Multiple actions files may be defined in <TT
+CLASS="FILENAME"
+>config</TT
+>. These
+ are processed in the order they are defined. Local customizations and locally
+ preferred exceptions to the default policies as defined in
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+> (which you will most probably want
+ to define sooner or later) are probably best applied in
+ <TT
+CLASS="FILENAME"
+>user.action</TT
+>, where you can preserve them across
+ upgrades. <TT
+CLASS="FILENAME"
+>standard.action</TT
+> is only for
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> internal use.
+ </P
+><P
+>
+ There is also a web based editor that can be accessed from
+ <A
+HREF="http://config.privoxy.org/show-status"
TARGET="_top"
->http://config.privoxy.org/edit-actions/</A
+>http://config.privoxy.org/show-status</A
>
(Shortcut: <A
-HREF="http://p.p/edit-actions/"
+HREF="http://p.p/show-status"
TARGET="_top"
->http://p.p/edit-actions/</A
->).
- (Other actions files are included as well with differing levels of filtering
- and blocking, e.g. <TT
-CLASS="FILENAME"
->basic.action</TT
->.)
+>http://p.p/show-status</A
+>) for the
+ various actions files.
</P
></LI
><LI
><P
-> <TT
+> <SPAN
+CLASS="QUOTE"
+>"Filter files"</SPAN
+> (the <A
+HREF="filter-file.html"
+>filter
+ file</A
+>) can be used to re-write the raw page content, including
+ viewable text as well as embedded HTML and JavaScript, and whatever else
+ lurks on any given web page. The filtering jobs are only pre-defined here;
+ whether to apply them or not is up to the actions files.
+ <TT
CLASS="FILENAME"
>default.filter</TT
-> (the filter file) can be used to re-write the raw
- page content, including viewable text as well as embedded HTML and JavaScript,
- and whatever else lurks on any given web page. The filtering jobs are only
- pre-defined here; whether to apply them or not is up to the actions file.
+> includes various filters made
+ available for use by the developers. Some are much more intrusive than
+ others, and all should be used with caution. You may define additional
+ filter files in <TT
+CLASS="FILENAME"
+>config</TT
+> as you can with
+ actions files. We suggest <TT
+CLASS="FILENAME"
+>user.filter</TT
+> for any
+ locally defined filters or customizations.
</P
></LI
></UL
></P
><P
+> The syntax of the configuration and filter files may change between different
+ Privoxy versions, unfortunately some enhancements cost backwards compatibility.
+ </P
+><P
> All files use the <SPAN
CLASS="QUOTE"
>"<TT
>#</TT
> in front of an otherwise
valid configuration line to prevent it from being interpreted is called "commenting
- out" that line.</P
+ out" that line. Blank lines are ignored.</P
><P
-> <TT
-CLASS="FILENAME"
->default.action</TT
-> and <TT
-CLASS="FILENAME"
->default.filter</TT
->
+> The actions files and filter files
can use Perl style <A
HREF="appendix.html#REGEX"
>regular expressions</A
CLASS="QUOTE"
>"wake up"</SPAN
> requests
- must obviously be sent to the <I
+ must obviously be sent to the <SPAN
+CLASS="emphasis"
+><I
CLASS="EMPHASIS"
>old</I
+></SPAN
> listening address.</P
><P
> While under development, the configuration content is subject to change.
> setting, may change, so
please check all your configuration files on important issues.</P
></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN383"
->5.3. The Main Configuration File</A
-></H2
-><P
-> Again, the main configuration file is named <TT
-CLASS="FILENAME"
->config</TT
-> on
- Linux/Unix/BSD and OS/2, and <TT
-CLASS="FILENAME"
->config.txt</TT
-> on Windows.
- Configuration lines consist of an initial keyword followed by a list of
- values, all separated by whitespace (any number of spaces or tabs). For
- example:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->confdir /etc/privoxy</I
-><br>
- </P
->
- </TT
-> </P
-><P
-> Assigns the value <TT
-CLASS="LITERAL"
->/etc/privoxy</TT
-> to the option
- <TT
-CLASS="LITERAL"
->confdir</TT
-> and thus indicates that the configuration
- directory is named <SPAN
-CLASS="QUOTE"
->"/etc/privoxy/"</SPAN
->.</P
-><P
-> All options in the config file except for <TT
-CLASS="LITERAL"
->confdir</TT
-> and
- <TT
-CLASS="LITERAL"
->logdir</TT
-> are optional. Watch out in the below description
- for what happens if you leave them unset.</P
-><P
-> The main config file controls all aspects of <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->'s
- operation that are not location dependent (i.e. they apply universally, no matter
- where you may be surfing).</P
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN402"
->5.3.1. Configuration and Log File Locations</A
-></H3
-><P
-> <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> can (and normally does) use a number of
- other files for additional configuration and logging.
- This section of the configuration file tells <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- where to find those other files. </P
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN407"
->5.3.1.1. confdir</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
->The directory where the other configuration files are located</P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->Path name</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->/etc/privoxy (Unix) <I
-CLASS="EMPHASIS"
->or</I
-> <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> installation dir (Windows) </P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Mandatory</I
-></P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> No trailing <SPAN
-CLASS="QUOTE"
->"<TT
-CLASS="LITERAL"
->/</TT
->"</SPAN
->, please
- </P
-><P
-> When development goes modular and multi-user, the blocker, filter, and
- per-user config will be stored in subdirectories of <SPAN
-CLASS="QUOTE"
->"confdir"</SPAN
->.
- For now, the configuration directory structure is flat, except for
- <TT
-CLASS="FILENAME"
->confdir/templates</TT
->, where the HTML templates for CGI
- output reside (e.g. <SPAN
-CLASS="APPLICATION"
->Privoxy's</SPAN
-> 404 error page).
- </P
-></DD
-></DL
-></DIV
></DIV
><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
><A
-NAME="AEN439"
->5.3.1.2. logdir</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> The directory where all logging takes place (i.e. where <TT
-CLASS="FILENAME"
->logfile</TT
-> and
- <TT
-CLASS="FILENAME"
->jarfile</TT
-> are located)
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->Path name</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->/var/log/privoxy (Unix) <I
-CLASS="EMPHASIS"
->or</I
-> <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> installation dir (Windows) </P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Mandatory</I
-></P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> No trailing <SPAN
-CLASS="QUOTE"
->"<TT
-CLASS="LITERAL"
->/</TT
->"</SPAN
->, please
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
+HREF="startup.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
><A
-NAME="AEN469"
->5.3.1.3. actionsfile</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> The actions file to use
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->File name, relative to <TT
-CLASS="LITERAL"
->confdir</TT
-></P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->default.action (Unix) <I
-CLASS="EMPHASIS"
->or</I
-> default.action.txt (Windows)</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> No action is taken at all. Simple neutral proxying.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> There is no point in using <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> without
- an actions file. There are three different actions files included in the
- distribution, with varying degrees of aggressiveness:
- <TT
-CLASS="FILENAME"
->default.action</TT
->, <TT
-CLASS="FILENAME"
->intermediate.action</TT
-> and
- <TT
-CLASS="FILENAME"
->advanced.action</TT
->.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
><A
-NAME="AEN498"
->5.3.1.4. filterfile</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> The filter file to use
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->File name, relative to <TT
-CLASS="LITERAL"
->confdir</TT
-></P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->default.filter (Unix) <I
-CLASS="EMPHASIS"
->or</I
-> default.filter.txt (Windows)</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> No textual content filtering takes place, i.e. all
- <TT
-CLASS="LITERAL"
->+filter{<TT
-CLASS="REPLACEABLE"
-><I
->name</I
-></TT
->}</TT
->
- actions in the actions file are turned off
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The <SPAN
-CLASS="QUOTE"
->"default.filter"</SPAN
-> file contains content modification rules
- that use <SPAN
-CLASS="QUOTE"
->"regular expressions"</SPAN
->. These rules permit powerful
- changes on the content of Web pages, e.g., you could disable your favorite
- JavaScript annoyances, re-write the actual displayed text, or just have some
- fun replacing <SPAN
-CLASS="QUOTE"
->"Microsoft"</SPAN
-> with <SPAN
-CLASS="QUOTE"
->"MicroSuck"</SPAN
-> wherever
- it appears on a Web page.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN529"
->5.3.1.5. logfile</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> The log file to use
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->File name, relative to <TT
-CLASS="LITERAL"
->logdir</TT
-></P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->logfile (Unix) <I
-CLASS="EMPHASIS"
->or</I
-> privoxy.log (Windows)</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> No log file is used, all log messages go to the console (<TT
-CLASS="LITERAL"
->stderr</TT
->).
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The windows version will additionally log to the console.
- </P
-><P
-> The logfile is where all logging and error messages are written. The level
- of detail and number of messages are set with the <TT
-CLASS="LITERAL"
->debug</TT
->
- option (see below). The logfile can be useful for tracking down a problem with
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> (e.g., it's not blocking an ad you
- think it should block) but in most cases you probably will never look at it.
- </P
-><P
-> Your logfile will grow indefinitely, and you will probably want to
- periodically remove it. On Unix systems, you can do this with a cron job
- (see <SPAN
-CLASS="QUOTE"
->"man cron"</SPAN
->). For Red Hat, a <B
-CLASS="COMMAND"
->logrotate</B
->
- script has been included.
- </P
-><P
-> On SuSE Linux systems, you can place a line like <SPAN
-CLASS="QUOTE"
->"/var/log/privoxy.*
- +1024k 644 nobody.nogroup"</SPAN
-> in <TT
-CLASS="FILENAME"
->/etc/logfiles</TT
->, with
- the effect that cron.daily will automatically archive, gzip, and empty the
- log, when it exceeds 1M size.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN564"
->5.3.1.6. jarfile</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> The file to store intercepted cookies in
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->File name, relative to <TT
-CLASS="LITERAL"
->logdir</TT
-></P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->jarfile (Unix) <I
-CLASS="EMPHASIS"
->or</I
-> privoxy.jar (Windows)</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Intercepted cookies are not stored at all.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The jarfile may grow to ridiculous sizes over time.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN589"
->5.3.1.7. trustfile</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> The trust file to use
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->File name, relative to <TT
-CLASS="LITERAL"
->confdir</TT
-></P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Unset (commented out)</I
->. When activated: trust (Unix) <I
-CLASS="EMPHASIS"
->or</I
-> trust.txt (Windows)</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> The whole trust mechanism is turned off.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The trust mechanism is an experimental feature for building white-lists and should
- be used with care. It is <I
-CLASS="EMPHASIS"
->NOT</I
-> recommended for the casual user.
- </P
-><P
-> If you specify a trust file, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will only allow
- access to sites that are named in the trustfile.
- You can also mark sites as trusted referrers (with <TT
-CLASS="LITERAL"
->+</TT
->), with
- the effect that access to untrusted sites will be granted, if a link from a
- trusted referrer was used.
- The link target will then be added to the <SPAN
-CLASS="QUOTE"
->"trustfile"</SPAN
->.
- Possible applications include limiting Internet access for children.
- </P
-><P
-> If you use <TT
-CLASS="LITERAL"
->+</TT
-> operator in the trust file, it may grow considerably over time.
- </P
-></DD
-></DL
-></DIV
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN622"
->5.3.2. Local Set-up Documentation</A
-></H3
-><P
-> If you intend to operate <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> for more users
- that just yourself, it might be a good idea to let them know how to reach
- you, what you block and why you do that, your policies etc.
- </P
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN626"
->5.3.2.1. trust-info-url</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> A URL to be displayed in the error page that users will see if access to an untrusted page is denied.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->URL</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->Two example URL are provided</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> No links are displayed on the "untrusted" error page.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The value of this option only matters if the experimental trust mechanism has been
- activated. (See <TT
-CLASS="LITERAL"
->trustfile</TT
-> above.)
- </P
-><P
-> If you use the trust mechanism, it is a good idea to write up some on-line
- documentation about your trust policy and to specify the URL(s) here.
- Use multiple times for multiple URLs.
- </P
-><P
-> The URL(s) should be added to the trustfile as well, so users don't end up
- locked out from the information on why they were locked out in the first place!
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN652"
->5.3.2.2. admin-address</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> An email address to reach the proxy administrator.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->Email address</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Unset</I
-></P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> No email address is displayed on error pages and the CGI user interface.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If both <TT
-CLASS="LITERAL"
->admin-address</TT
-> and <TT
-CLASS="LITERAL"
->proxy-info-url</TT
->
- are unset, the whole "Local Privoxy Support" box on all generated pages will
- not be shown.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN678"
->5.3.2.3. proxy-info-url</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> A URL to documentation about the local <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> setup,
- configuration or policies.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->URL</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Unset</I
-></P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> No link to local documentation is displayed on error pages and the CGI user interface.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If both <TT
-CLASS="LITERAL"
->admin-address</TT
-> and <TT
-CLASS="LITERAL"
->proxy-info-url</TT
->
- are unset, the whole "Local Privoxy Support" box on all generated pages will
- not be shown.
- </P
-><P
-> This URL shouldn't be blocked ;-)
- </P
-></DD
-></DL
-></DIV
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN706"
->5.3.3. Debugging</A
-></H3
-><P
-> These options are mainly useful when tracing a problem.
- Note that you might also want to invoke
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> with the <TT
-CLASS="LITERAL"
->--no-daemon</TT
->
- command line option when debugging.
- </P
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN711"
->5.3.3.1. debug</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Key values that determine what information gets logged.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->Integer values</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->12289 (i.e.: URLs plus informational and warning messages)</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Nothing gets logged.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The available debug levels are:
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="PROGRAMLISTING"
-> debug 1 # show each GET/POST/CONNECT request
- debug 2 # show each connection status
- debug 4 # show I/O status
- debug 8 # show header parsing
- debug 16 # log all data into the logfile
- debug 32 # debug force feature
- debug 64 # debug regular expression filter
- debug 128 # debug fast redirects
- debug 256 # debug GIF de-animation
- debug 512 # Common Log Format
- debug 1024 # debug kill pop-ups
- debug 4096 # Startup banner and warnings.
- debug 8192 # Non-fatal errors
- </PRE
-></TD
-></TR
-></TABLE
->
- </P
-><P
-> To select multiple debug levels, you can either add them or use
- multiple <TT
-CLASS="LITERAL"
->debug</TT
-> lines.
- </P
-><P
-> A debug level of 1 is informative because it will show you each request
- as it happens. <I
-CLASS="EMPHASIS"
->1, 4096 and 8192 are highly recommended</I
->
- so that you will notice when things go wrong. The other levels are probably
- only of interest if you are hunting down a specific problem. They can produce
- a hell of an output (especially 16).
-
- </P
-><P
-> The reporting of <I
-CLASS="EMPHASIS"
->fatal</I
-> errors (i.e. ones which crash
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->) is always on and cannot be disabled.
- </P
-><P
-> If you want to use CLF (Common Log Format), you should set <SPAN
-CLASS="QUOTE"
->"debug
- 512"</SPAN
-> <I
-CLASS="EMPHASIS"
->ONLY</I
-> and not enable anything else.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN746"
->5.3.3.2. single-threaded</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Whether to run only one server thread
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->None</I
-></P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Unset</I
-></P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Multi-threaded (or, where unavailable: forked) operation, i.e. the ability to
- serve multiple requests simultaneously.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This option is only there for debug purposes and you should never
- need to use it. <I
-CLASS="EMPHASIS"
->It will drastically reduce performance.</I
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN772"
->5.3.4. Access Control and Security</A
-></H3
-><P
-> This section of the config file controls the security-relevant aspects
- of <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->'s configuration.
- </P
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN776"
->5.3.4.1. listen-address</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> The IP address and TCP port on which <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will
- listen for client requests.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->[<TT
-CLASS="REPLACEABLE"
-><I
->IP-Address</I
-></TT
->]:<TT
-CLASS="REPLACEABLE"
-><I
->Port</I
-></TT
-></P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->localhost:8118</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Bind to localhost (127.0.0.1), port 8118. This is suitable and recommended for
- home users who run <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> on the same machine as
- their browser.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> You will need to configure your browser(s) to this proxy address and port.
- </P
-><P
-> If you already have another service running on port 8118, or if you want to
- serve requests from other machines (e.g. on your local network) as well, you
- will need to override the default.
- </P
-><P
-> If you leave out the IP address, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will
- bind to all interfaces (addresses) on your machine and may become reachable
- from the Internet. In that case, consider using access control lists (acl's)
- (see <SPAN
-CLASS="QUOTE"
->"ACLs"</SPAN
-> below), or a firewall.
- </P
-></DD
-><DT
->Example:</DT
-><DD
-><P
-> Suppose you are running <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> on
- a machine which has the address 192.168.0.1 on your local private network
- (192.168.0.0) and has another outside connection with a different address.
- You want it to serve requests from inside only:
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="PROGRAMLISTING"
-> listen-address 192.168.0.1:8118
- </PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN814"
->5.3.4.2. toggle</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Initial state of "toggle" status
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->1 or 0</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->1</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Act as if toggled on
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If set to 0, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will start in
- <SPAN
-CLASS="QUOTE"
->"toggled off"</SPAN
-> mode, i.e. behave like a normal, content-neutral
- proxy. See <TT
-CLASS="LITERAL"
->enable-remote-toggle</TT
->
- below. This is not really useful anymore, since toggling is much easier
- via <A
-HREF="http://config.privoxy.org/toggle"
-TARGET="_top"
->the web
- interface</A
-> then via editing the <TT
-CLASS="FILENAME"
->conf</TT
-> file.
- </P
-><P
-> The windows version will only display the toggle icon in the system tray
- if this option is present.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN843"
->5.3.4.3. enable-remote-toggle</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Whether or not the <A
-HREF="http://config.privoxy.org/toggle"
-TARGET="_top"
->web-based toggle
- feature</A
-> may be used
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->0 or 1</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->1</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> The web-based toggle feature is disabled.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> When toggled off, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> acts like a normal,
- content-neutral proxy, i.e. it acts as if none of the actions applied to
- any URL.
- </P
-><P
-> For the time being, access to the toggle feature can <I
-CLASS="EMPHASIS"
->not</I
-> be
- controlled separately by <SPAN
-CLASS="QUOTE"
->"ACLs"</SPAN
-> or HTTP authentication,
- so that everybody who can access <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> (see
- <SPAN
-CLASS="QUOTE"
->"ACLs"</SPAN
-> and <TT
-CLASS="LITERAL"
->listen-address</TT
-> above) can
- toggle it for all users. So this option is <I
-CLASS="EMPHASIS"
->not recommended</I
->
- for multi-user environments with untrusted users.
- </P
-><P
-> Note that you must have compiled <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> with
- support for this feature, otherwise this option has no effect.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN877"
->5.3.4.4. enable-edit-actions</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Whether or not the <A
-HREF="http://config.privoxy.org/edit-actions"
-TARGET="_top"
->web-based actions
- file editor</A
-> may be used
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->0 or 1</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->1</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> The web-based actions file editor is disabled.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> For the time being, access to the editor can <I
-CLASS="EMPHASIS"
->not</I
-> be
- controlled separately by <SPAN
-CLASS="QUOTE"
->"ACLs"</SPAN
-> or HTTP authentication,
- so that everybody who can access <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> (see
- <SPAN
-CLASS="QUOTE"
->"ACLs"</SPAN
-> and <TT
-CLASS="LITERAL"
->listen-address</TT
-> above) can
- modify its configuration for all users. So this option is <I
-CLASS="EMPHASIS"
->not
- recommended</I
-> for multi-user environments with untrusted users.
- </P
-><P
-> Note that you must have compiled <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> with
- support for this feature, otherwise this option has no effect.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN909"
->5.3.4.5. ACLs: permit-access and deny-access</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Who can access what.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
-> <TT
-CLASS="REPLACEABLE"
-><I
->src_addr</I
-></TT
->[/<TT
-CLASS="REPLACEABLE"
-><I
->src_masklen</I
-></TT
->]
- [<TT
-CLASS="REPLACEABLE"
-><I
->dst_addr</I
-></TT
->[/<TT
-CLASS="REPLACEABLE"
-><I
->dst_masklen</I
-></TT
->]]
- </P
-><P
-> Where <TT
-CLASS="REPLACEABLE"
-><I
->src_addr</I
-></TT
-> and
- <TT
-CLASS="REPLACEABLE"
-><I
->dst_addr</I
-></TT
-> are IP addresses in dotted decimal notation or valid
- DNS names, and <TT
-CLASS="REPLACEABLE"
-><I
->src_masklen</I
-></TT
-> and
- <TT
-CLASS="REPLACEABLE"
-><I
->dst_masklen</I
-></TT
-> are subnet masks in CIDR notation, i.e. integer
- values from 2 to 30 representing the length (in bits) of the network address. The masks and the whole
- destination part are optional.
- </P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Unset</I
-></P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Don't restrict access further than implied by <TT
-CLASS="LITERAL"
->listen-address</TT
->
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Access controls are included at the request of ISPs and systems
- administrators, and <I
-CLASS="EMPHASIS"
->are not usually needed by individual users</I
->.
- For a typical home user, it will normally suffice to ensure that
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> only listens on the localhost or internal (home)
- network address by means of the <TT
-CLASS="LITERAL"
->listen-address</TT
-> option.
- </P
-><P
-> Please see the warnings in the FAQ that this proxy is not intended to be a substitute
- for a firewall or to encourage anyone to defer addressing basic security
- weaknesses.
- </P
-><P
-> Multiple ACL lines are OK.
- If any ACLs are specified, then the <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- talks only to IP addresses that match at least one <TT
-CLASS="LITERAL"
->permit-access</TT
-> line
- and don't match any subsequent <TT
-CLASS="LITERAL"
->deny-access</TT
-> line. In other words, the
- last match wins, with the default being <TT
-CLASS="LITERAL"
->deny-access</TT
->.
- </P
-><P
-> If <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> is using a forwarder (see <TT
-CLASS="LITERAL"
->forward</TT
-> below)
- for a particular destination URL, the <TT
-CLASS="REPLACEABLE"
-><I
->dst_addr</I
-></TT
->
- that is examined is the address of the forwarder and <I
-CLASS="EMPHASIS"
->NOT</I
-> the address
- of the ultimate target. This is necessary because it may be impossible for the local
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> to determine the IP address of the
- ultimate target (that's often what gateways are used for).
- </P
-><P
-> You should prefer using IP addresses over DNS names, because the address lookups take
- time. All DNS names must resolve! You can <I
-CLASS="EMPHASIS"
->not</I
-> use domain patterns
- like <SPAN
-CLASS="QUOTE"
->"*.org"</SPAN
-> or partial domain names. If a DNS name resolves to multiple
- IP addresses, only the first one is used.
- </P
-><P
-> Denying access to particular sites by ACL may have undesired side effects
- if the site in question is hosted on a machine which also hosts other sites.
- </P
-></DD
-><DT
->Examples:</DT
-><DD
-><P
-> Explicitly define the default behavior if no ACL and
- <TT
-CLASS="LITERAL"
->listen-address</TT
-> are set: <SPAN
-CLASS="QUOTE"
->"localhost"</SPAN
->
- is OK. The absence of a <TT
-CLASS="REPLACEABLE"
-><I
->dst_addr</I
-></TT
-> implies that
- <I
-CLASS="EMPHASIS"
->all</I
-> destination addresses are OK:
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> permit-access localhost
- </PRE
-></TD
-></TR
-></TABLE
->
- </P
-><P
-> Allow any host on the same class C subnet as www.privoxy.org access to
- nothing but www.example.com:
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> permit-access www.privoxy.org/24 www.example.com/32
- </PRE
-></TD
-></TR
-></TABLE
->
- </P
-><P
-> Allow access from any host on the 26-bit subnet 192.168.45.64 to anywhere,
- with the exception that 192.168.45.73 may not access www.dirty-stuff.example.com:
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> permit-access 192.168.45.64/26
- deny-access 192.168.45.73 www.dirty-stuff.example.com
- </PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN978"
->5.3.4.6. buffer-limit</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Maximum size of the buffer for content filtering.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->Size in Kbytes</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->4096</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Use a 4MB (4096 KB) limit.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> For content filtering, i.e. the <TT
-CLASS="LITERAL"
->+filter</TT
-> and
- <TT
-CLASS="LITERAL"
->+deanimate-gif</TT
-> actions, it is necessary that
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> buffers the entire document body.
- This can be potentially dangerous, since a server could just keep sending
- data indefinitely and wait for your RAM to exhaust -- with nasty consequences.
- Hence this option.
- </P
-><P
-> When a document buffer size reaches the <TT
-CLASS="LITERAL"
->buffer-limit</TT
->, it is
- flushed to the client unfiltered and no further attempt to
- filter the rest of the document is made. Remember that there may be multiple threads
- running, which might require up to <TT
-CLASS="LITERAL"
->buffer-limit</TT
-> Kbytes
- <I
-CLASS="EMPHASIS"
->each</I
->, unless you have enabled <SPAN
-CLASS="QUOTE"
->"single-threaded"</SPAN
->
- above.
- </P
-></DD
-></DL
-></DIV
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="FORWARDING"
->5.3.5. Forwarding</A
-></H3
-><P
-> This feature allows routing of HTTP requests through a chain of
- multiple proxies.
- It can be used to better protect privacy and confidentiality when
- accessing specific domains by routing requests to those domains
- through an anonymous public proxy (see e.g. <A
-HREF="http://www.multiproxy.org/anon_list.htm"
-TARGET="_top"
->http://www.multiproxy.org/anon_list.htm</A
->)
- Or to use a caching proxy to speed up browsing. Or chaining to a parent
- proxy may be necessary because the machine that <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- runs on has no direct Internet access.</P
-><P
-> Also specified here are SOCKS proxies. <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- supports the SOCKS 4 and SOCKS 4A protocols.</P
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN1016"
->5.3.5.1. forward</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> To which parent HTTP proxy specific requests should be routed.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
-> <TT
-CLASS="REPLACEABLE"
-><I
->target_domain</I
-></TT
->[:<TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
->]
- <TT
-CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
->[/<TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
->]
- </P
-><P
-> Where <TT
-CLASS="REPLACEABLE"
-><I
->target_domain</I
-></TT
-> is a domain name pattern (see the
- chapter on domain matching in the actions file),
- <TT
-CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
-> is the address of the parent HTTP proxy
- as an IP addresses in dotted decimal notation or as a valid DNS name (or <SPAN
-CLASS="QUOTE"
->"."</SPAN
-> to denote
- <SPAN
-CLASS="QUOTE"
->"no forwarding"</SPAN
->, and the optional
- <TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
-> parameters are TCP ports, i.e. integer
- values from 1 to 64535
- </P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Unset</I
-></P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Don't use parent HTTP proxies.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If <TT
-CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
-> is <SPAN
-CLASS="QUOTE"
->"."</SPAN
->, then requests are not
- forwarded to another HTTP proxy but are made directly to the web servers.
- </P
-><P
-> Multiple lines are OK, they are checked in sequence, and the last match wins.
- </P
-></DD
-><DT
->Examples:</DT
-><DD
-><P
-> Everything goes to an example anonymizing proxy, except SSL on port 443 (which it doesn't handle):
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> forward .* anon-proxy.example.org:8080
- forward :443 .
- </PRE
-></TD
-></TR
-></TABLE
->
- </P
-><P
-> Everything goes to our example ISP's caching proxy, except for requests
- to that ISP's sites:
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> forward .*. caching-proxy.example-isp.net:8000
- forward .example-isp.net .
- </PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN1062"
->5.3.5.2. forward-socks4 and forward-socks4a</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Through which SOCKS proxy (and to which parent HTTP proxy) specific requests should be routed.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
-> <TT
-CLASS="REPLACEABLE"
-><I
->target_domain</I
-></TT
->[:<TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
->]
- <TT
-CLASS="REPLACEABLE"
-><I
->socks_proxy</I
-></TT
->[/<TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
->]
- <TT
-CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
->[/<TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
->]
- </P
-><P
-> Where <TT
-CLASS="REPLACEABLE"
-><I
->target_domain</I
-></TT
-> is a domain name pattern (see the
- chapter on domain matching in the actions file),
- <TT
-CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
-> and <TT
-CLASS="REPLACEABLE"
-><I
->socks_proxy</I
-></TT
->
- are IP addresses in dotted decimal notation or valid DNS names (<TT
-CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
->
- may be <SPAN
-CLASS="QUOTE"
->"."</SPAN
-> to denote <SPAN
-CLASS="QUOTE"
->"no HTTP forwarding"</SPAN
->), and the optional
- <TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
-> parameters are TCP ports, i.e. integer values from 1 to 64535
- </P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Unset</I
-></P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Don't use SOCKS proxies.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Multiple lines are OK, they are checked in sequence, and the last match wins.
- </P
-><P
-> The difference between <TT
-CLASS="LITERAL"
->forward-socks4</TT
-> and <TT
-CLASS="LITERAL"
->forward-socks4a</TT
->
- is that in the SOCKS 4A protocol, the DNS resolution of the target hostname happens on the SOCKS
- server, while in SOCKS 4 it happens locally.
- </P
-><P
-> If <TT
-CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
-> is <SPAN
-CLASS="QUOTE"
->"."</SPAN
->, then requests are not
- forwarded to another HTTP proxy but are made (HTTP-wise) directly to the web servers, albeit through
- a SOCKS proxy.
- </P
-></DD
-><DT
->Examples:</DT
-><DD
-><P
-> From the company example.com, direct connections are made to all
- <SPAN
-CLASS="QUOTE"
->"internal"</SPAN
-> domains, but everything outbound goes through
- their ISP's proxy by way of example.com's corporate SOCKS 4A gateway to
- the Internet.
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> forward-socks4a .*. socks-gw.example.com:1080 www-cache.example-isp.net:8080
- forward .example.com .
- </PRE
-></TD
-></TR
-></TABLE
->
- </P
-><P
-> A rule that uses a SOCKS 4 gateway for all destinations but no HTTP parent looks like this:
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> forward-socks4 .*. socks-gw.example.com:1080 .
- </PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN1116"
->5.3.5.3. Advanced Forwarding Examples</A
-></H4
-><P
-> If you have links to multiple ISPs that provide various special content
- only to their subscribers, you can configure multiple <SPAN
-CLASS="APPLICATION"
->Privoxies</SPAN
->
- which have connections to the respective ISPs to act as forwarders to each other, so that
- <I
-CLASS="EMPHASIS"
->your</I
-> users can see the internal content of all ISPs.</P
-><P
-> Assume that host-a has a PPP connection to isp-a.net. And host-b has a PPP connection to
- isp-b.net. Both run <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->. Their forwarding
- configuration can look like this:</P
-><P
-> host-a:</P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="100%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> forward .*. .
- forward .isp-b.net host-b:8118
- </PRE
-></TD
-></TR
-></TABLE
-></P
-><P
-> host-b:</P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="100%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> forward .*. .
- forward .isp-a.net host-a:8118
- </PRE
-></TD
-></TR
-></TABLE
-></P
-><P
-> Now, your users can set their browser's proxy to use either
- host-a or host-b and be able to browse the internal content
- of both isp-a and isp-b.</P
-><P
-> If you intend to chain <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> and
- <SPAN
-CLASS="APPLICATION"
->squid</SPAN
-> locally, then chain as
- <TT
-CLASS="LITERAL"
->browser -> squid -> privoxy</TT
-> is the recommended way. </P
-><P
-> Assuming that <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> and <SPAN
-CLASS="APPLICATION"
->squid</SPAN
->
- run on the same box, your squid configuration could then look like this:</P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="100%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> # Define Privoxy as parent proxy (without ICP)
- cache_peer 127.0.0.1 parent 8118 7 no-query
-
- # Define ACL for protocol FTP
- acl ftp proto FTP
-
- # Do not forward FTP requests to Privoxy
- always_direct allow ftp
-
- # Forward all the rest to Privoxy
- never_direct allow all
- </PRE
-></TD
-></TR
-></TABLE
-></P
-><P
-> You would then need to change your browser's proxy settings to <SPAN
-CLASS="APPLICATION"
->squid</SPAN
->'s address and port.
- Squid normally uses port 3128. If unsure consult <TT
-CLASS="LITERAL"
->http_port</TT
-> in <TT
-CLASS="FILENAME"
->squid.conf</TT
->.</P
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN1143"
->5.3.6. Windows GUI Options</A
-></H3
-><P
-> <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> has a number of options specific to the
- Windows GUI interface:</P
-><P
-> If <SPAN
-CLASS="QUOTE"
->"activity-animation"</SPAN
-> is set to 1, the
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> icon will animate when
- <SPAN
-CLASS="QUOTE"
->"Privoxy"</SPAN
-> is active. To turn off, set to 0.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->activity-animation 1</I
-><br>
- </P
->
- </TT
-></P
-><P
-> If <SPAN
-CLASS="QUOTE"
->"log-messages"</SPAN
-> is set to 1,
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will log messages to the console
- window:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-messages 1</I
-><br>
- </P
->
- </TT
-></P
-><P
->
- If <SPAN
-CLASS="QUOTE"
->"log-buffer-size"</SPAN
-> is set to 1, the size of the log buffer,
- i.e. the amount of memory used for the log messages displayed in the
- console window, will be limited to <SPAN
-CLASS="QUOTE"
->"log-max-lines"</SPAN
-> (see below).</P
-><P
-> Warning: Setting this to 0 will result in the buffer to grow infinitely and
- eat up all your memory!</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-buffer-size 1</I
-><br>
- </P
->
- </TT
-></P
-><P
-> <SPAN
-CLASS="APPLICATION"
->log-max-lines</SPAN
-> is the maximum number of lines held
- in the log buffer. See above.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-max-lines 200</I
-><br>
- </P
->
- </TT
-></P
-><P
-> If <SPAN
-CLASS="QUOTE"
->"log-highlight-messages"</SPAN
-> is set to 1,
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will highlight portions of the log
- messages with a bold-faced font:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-highlight-messages 1</I
-><br>
- </P
->
- </TT
-></P
-><P
-> The font used in the console window:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-font-name Comic Sans MS</I
-><br>
- </P
->
- </TT
-></P
-><P
-> Font size used in the console window:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-font-size 8</I
-><br>
- </P
->
- </TT
-></P
-><P
->
- <SPAN
-CLASS="QUOTE"
->"show-on-task-bar"</SPAN
-> controls whether or not
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will appear as a button on the Task bar
- when minimized:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->show-on-task-bar 0</I
-><br>
- </P
->
- </TT
-></P
-><P
-> If <SPAN
-CLASS="QUOTE"
->"close-button-minimizes"</SPAN
-> is set to 1, the Windows close
- button will minimize <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> instead of closing
- the program (close with the exit option on the File menu).</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->close-button-minimizes 1</I
-><br>
- </P
->
- </TT
-></P
-><P
-> The <SPAN
-CLASS="QUOTE"
->"hide-console"</SPAN
-> option is specific to the MS-Win console
- version of <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->. If this option is used,
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will disconnect from and hide the
- command console.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> #hide-console<br>
- </P
->
- </TT
-></P
-></DIV
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="ACTIONSFILE"
->5.4. The Actions File</A
-></H2
-><P
-> The actions file (<TT
-CLASS="FILENAME"
->default.action</TT
->, formerly:
- <TT
-CLASS="FILENAME"
->actionsfile</TT
-> or <TT
-CLASS="FILENAME"
->ijb.action</TT
->) is used
- to define what actions <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> takes for which
- URLs, and thus determines how ad images, cookies and various other aspects
- of HTTP content and transactions are handled on which sites (or even parts
- thereof).</P
-><P
->
- Anything you want can blocked, including ads, banners, or just some obnoxious
- URL that you would rather not see. Cookies can be accepted or rejected, or
- accepted only during the current browser session (i.e. not written to disk),
- content can be modified, JavaScripts tamed, user-tracking fooled, and much more.
- See below for a complete list of available actions.</P
-><P
-> An actions file typically has sections. At the top, <SPAN
-CLASS="QUOTE"
->"aliases"</SPAN
-> are
- defined (discussed below), then the default set of rules which will apply
- universally to all sites and pages. And then below that is generally a lengthy
- set of exceptions to the defined universal policies.</P
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN1234"
->5.4.1. Finding the Right Mix</A
-></H3
-><P
-> Note that some actions like cookie suppression or script disabling may
- render some sites unusable, which rely on these techniques to work properly.
- Finding the right mix of actions is not easy and certainly a matter of personal
- taste. In general, it can be said that the more <SPAN
-CLASS="QUOTE"
->"aggressive"</SPAN
->
- your default settings (in the top section of the actions file) are,
- the more exceptions for <SPAN
-CLASS="QUOTE"
->"trusted"</SPAN
-> sites you will have to
- make later. If, for example, you want to kill popup windows per default, you'll
- have to make exceptions from that rule for sites that you regularly use
- and that require popups for actually useful content, like maybe your bank,
- favorite shop, or newspaper.</P
-><P
-> We have tried to provide you with reasonable rules to start from in the
- distribution actions file. But there is no general rule of thumb on these
- things. There just are too many variables, and sites are constantly changing.
- Sooner or later you will want to change the rules (and read this chapter).</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN1240"
->5.4.2. How to Edit</A
-></H3
-><P
-> The easiest way to edit the <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
-> file is with a browser by
- using our browser-based editor, which is available at <A
-HREF="http://config.privoxy.org/edit-actions"
-TARGET="_top"
->http://config.privoxy.org/edit-actions</A
->.</P
-><P
-> If you prefer plain text editing to GUIs, you can of course also directly edit the
- <TT
-CLASS="FILENAME"
->default.action</TT
-> file.</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN1247"
->5.4.3. How Actions are Applied to URLs</A
-></H3
-><P
-> The actions file is divided into sections. There are special sections,
- like the <SPAN
-CLASS="QUOTE"
->"alias"</SPAN
-> sections which will be discussed later. For now
- let's concentrate on regular sections: They have a heading line (often split
- up to multiple lines for readability) which consist of a list of actions,
- separated by whitespace and enclosed in curly braces. Below that, there
- is a list of URL patterns, each on a separate line.</P
-><P
-> To determine which actions apply to a request, the URL of the request is
- compared to all patterns in this file. Every time it matches, the list of
- applicable actions for the URL is incrementally updated, using the heading
- of the section in which the pattern is located. If multiple matches for
- the same URL set the same action differently, the last match wins.</P
-><P
-> You can trace this process by visiting <A
-HREF="http://config.privoxy.org/show-url-info"
-TARGET="_top"
->http://config.privoxy.org/show-url-info</A
->.</P
-><P
-> More detail on this is provided in the Appendix, <A
-HREF="appendix.html#ACTIONSANAT"
-> Anatomy of an Action</A
->.</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN1256"
->5.4.4. Patterns</A
-></H3
-><P
-> Generally, a pattern has the form <TT
-CLASS="LITERAL"
-><domain>/<path></TT
->,
- where both the <TT
-CLASS="LITERAL"
-><domain></TT
-> and <TT
-CLASS="LITERAL"
-><path></TT
->
- are optional. (This is why the pattern <TT
-CLASS="LITERAL"
->/</TT
-> matches all URLs).</P
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
-><TT
-CLASS="LITERAL"
->www.example.com/</TT
-></DT
-><DD
-><P
-> is a domain-only pattern and will match any request to <TT
-CLASS="LITERAL"
->www.example.com</TT
->,
- regardless of which document on that server is requested.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->www.example.com</TT
-></DT
-><DD
-><P
-> means exactly the same. For domain-only patterns, the trailing <TT
-CLASS="LITERAL"
->/</TT
-> may
- be omitted.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->www.example.com/index.html</TT
-></DT
-><DD
-><P
-> matches only the single document <TT
-CLASS="LITERAL"
->/index.html</TT
->
- on <TT
-CLASS="LITERAL"
->www.example.com</TT
->.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->/index.html</TT
-></DT
-><DD
-><P
-> matches the document <TT
-CLASS="LITERAL"
->/index.html</TT
->, regardless of the domain,
- i.e. on <I
-CLASS="EMPHASIS"
->any</I
-> web server.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->index.html</TT
-></DT
-><DD
-><P
-> matches nothing, since it would be interpreted as a domain name and
- there is no top-level domain called <TT
-CLASS="LITERAL"
->.html</TT
->.
- </P
-></DD
-></DL
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN1296"
->5.4.4.1. The Domain Pattern</A
-></H4
-><P
-> The matching of the domain part offers some flexible options: if the
- domain starts or ends with a dot, it becomes unanchored at that end.
- For example:</P
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
-><TT
-CLASS="LITERAL"
->.example.com</TT
-></DT
-><DD
-><P
-> matches any domain that <I
-CLASS="EMPHASIS"
->ENDS</I
-> in
- <TT
-CLASS="LITERAL"
->.example.com</TT
->
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->www.</TT
-></DT
-><DD
-><P
-> matches any domain that <I
-CLASS="EMPHASIS"
->STARTS</I
-> with
- <TT
-CLASS="LITERAL"
->www.</TT
->
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->.example.</TT
-></DT
-><DD
-><P
-> matches any domain that <I
-CLASS="EMPHASIS"
->CONTAINS</I
-> <TT
-CLASS="LITERAL"
->.example.</TT
->
- (Correctly speaking: It matches any FQDN that contains <TT
-CLASS="LITERAL"
->example</TT
-> as a domain.)
- </P
-></DD
-></DL
-></DIV
-><P
-> Additionally, there are wild-cards that you can use in the domain names
- themselves. They work pretty similar to shell wild-cards: <SPAN
-CLASS="QUOTE"
->"*"</SPAN
->
- stands for zero or more arbitrary characters, <SPAN
-CLASS="QUOTE"
->"?"</SPAN
-> stands for
- any single character, you can define character classes in square
- brackets and all of that can be freely mixed:</P
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
-><TT
-CLASS="LITERAL"
->ad*.example.com</TT
-></DT
-><DD
-><P
-> matches <SPAN
-CLASS="QUOTE"
->"adserver.example.com"</SPAN
->,
- <SPAN
-CLASS="QUOTE"
->"ads.example.com"</SPAN
->, etc but not <SPAN
-CLASS="QUOTE"
->"sfads.example.com"</SPAN
->
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->*ad*.example.com</TT
-></DT
-><DD
-><P
-> matches all of the above, and then some.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->.?pix.com</TT
-></DT
-><DD
-><P
-> matches <TT
-CLASS="LITERAL"
->www.ipix.com</TT
->,
- <TT
-CLASS="LITERAL"
->pictures.epix.com</TT
->, <TT
-CLASS="LITERAL"
->a.b.c.d.e.upix.com</TT
-> etc.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->www[1-9a-ez].example.c*</TT
-></DT
-><DD
-><P
-> matches <TT
-CLASS="LITERAL"
->www1.example.com</TT
->,
- <TT
-CLASS="LITERAL"
->www4.example.cc</TT
->, <TT
-CLASS="LITERAL"
->wwwd.example.cy</TT
->,
- <TT
-CLASS="LITERAL"
->wwwz.example.com</TT
-> etc., but <I
-CLASS="EMPHASIS"
->not</I
->
- <TT
-CLASS="LITERAL"
->wwww.example.com</TT
->.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN1358"
->5.4.4.2. The Path Pattern</A
-></H4
-><P
-> <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> uses Perl compatible regular expressions
- (through the <A
-HREF="http://www.pcre.org/"
-TARGET="_top"
->PCRE</A
-> library) for
- matching the path.</P
-><P
-> There is an <A
-HREF="appendix.html#REGEX"
->Appendix</A
-> with a brief quick-start into regular
- expressions, and full (very technical) documentation on PCRE regex syntax is available on-line
- at <A
-HREF="http://www.pcre.org/man.txt"
-TARGET="_top"
->http://www.pcre.org/man.txt</A
->.
- You might also find the Perl man page on regular expressions (<TT
-CLASS="LITERAL"
->man perlre</TT
->)
- useful, which is available on-line at <A
-HREF="http://www.perldoc.com/perl5.6/pod/perlre.html"
-TARGET="_top"
->http://www.perldoc.com/perl5.6/pod/perlre.html</A
->.</P
-><P
-> Note that the path pattern is automatically left-anchored at the <SPAN
-CLASS="QUOTE"
->"/"</SPAN
->,
- i.e. it matches as if it would start with a <SPAN
-CLASS="QUOTE"
->"^"</SPAN
->.</P
-><P
-> Please also note that matching in the path is case
- <I
-CLASS="EMPHASIS"
->INSENSITIVE</I
-> by default, but you can switch to case
- sensitive at any point in the pattern by using the
- <SPAN
-CLASS="QUOTE"
->"(?-i)"</SPAN
-> switch:
- <TT
-CLASS="LITERAL"
->www.example.com/(?-i)PaTtErN.*</TT
-> will match only
- documents whose path starts with <TT
-CLASS="LITERAL"
->PaTtErN</TT
-> in
- <I
-CLASS="EMPHASIS"
->exactly</I
-> this capitalization.</P
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="ACTIONS"
->5.4.5. Actions</A
-></H3
-><P
-> Actions are enabled if preceded with a <SPAN
-CLASS="QUOTE"
->"+"</SPAN
->, and disabled if
- preceded with a <SPAN
-CLASS="QUOTE"
->"-"</SPAN
->. So a <SPAN
-CLASS="QUOTE"
->"+action"</SPAN
-> means
- <SPAN
-CLASS="QUOTE"
->"do that action"</SPAN
->, e.g. <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-> means please
- <SPAN
-CLASS="QUOTE"
->"block the following URLs and/or patterns"</SPAN
->. All actions are
- disabled by default, until they are explicitly enabled somewhere in an actions
- file.</P
-><P
->
- Actions are invoked by enclosing the action name in curly braces (e.g.
- {+some_action}), followed by a list of URLs (or patterns that match URLs) to
- which the action applies. There are three classes of actions: </P
-><P
-> <P
-></P
-><UL
-><LI
-><P
->
- Boolean, i.e the action can only be <SPAN
-CLASS="QUOTE"
->"on"</SPAN
-> or
- <SPAN
-CLASS="QUOTE"
->"off"</SPAN
->. Examples:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+name}</I
-> # enable this action<br>
- <I
-CLASS="EMPHASIS"
->{-name}</I
-> # disable this action<br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- Parameterized, e.g. <SPAN
-CLASS="QUOTE"
->"+/-hide-user-agent{ Mozilla 1.0 }"</SPAN
->,
- where some value is required in order to enable this type of action.
- Examples:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+name{param}}</I
-> # enable action and set parameter to <SPAN
-CLASS="QUOTE"
->"param"</SPAN
-><br>
- <I
-CLASS="EMPHASIS"
->{-name}</I
-> # disable action (<SPAN
-CLASS="QUOTE"
->"parameter"</SPAN
->) can be omitted<br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
-
- Multi-value, e.g. <SPAN
-CLASS="QUOTE"
->"{+/-add-header{Name: value}}"</SPAN
-> ot
- <SPAN
-CLASS="QUOTE"
->"{+/-wafer{name=value}}"</SPAN
->), where some value needs to be defined
- in addition to simply enabling the actino. Examples:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+name{param=value}}</I
-> # enable action and set <SPAN
-CLASS="QUOTE"
->"param"</SPAN
-> to <SPAN
-CLASS="QUOTE"
->"value"</SPAN
-><br>
- <I
-CLASS="EMPHASIS"
->{-name{param=value}}</I
-> # remove the parameter <SPAN
-CLASS="QUOTE"
->"param"</SPAN
-> completely<br>
- <I
-CLASS="EMPHASIS"
->{-name}</I
-> # disable this action totally and remove <SPAN
-CLASS="APPLICATION"
->param</SPAN
-> too<br>
- </P
->
- </TT
->
- </P
-></LI
-></UL
-></P
-><P
-> If nothing is specified in this file, no <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
-> are taken.
- So in this case <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> would just be a
- normal, non-blocking, non-anonymizing proxy. You must specifically
- enable the privacy and blocking features you need (although the
- provided default <TT
-CLASS="FILENAME"
->default.action</TT
-> file will
- give a good starting point).</P
-><P
-> Later defined actions always over-ride earlier ones. So exceptions
- to any rules you make, should come in the latter part of the file. For
- multi-valued actions, the actions are applied in the order they are
- specified.</P
-><P
-> The list of valid <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
-> are:</P
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="ADD-HEADER"
->5.4.5.1. <I
-CLASS="EMPHASIS"
->+add-header{Name: value}</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Multi-value.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Send a user defined HTTP header to the web server.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> Any value is possible. Validity of the defined HTTP headers is not checked.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+add-header{X-User-Tracking: sucks}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This action may be specified multiple times, in order to define multiple
- headers. This is rarely needed for the typical user. If you don't know what
- <SPAN
-CLASS="QUOTE"
->"HTTP headers"</SPAN
-> are, you definitely don't need to worry about this
- one.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="BLOCK"
->5.4.5.2. <I
-CLASS="EMPHASIS"
->+block</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Used to block a URL from reaching your browser. The URL may be
- anything, but is typically used to block ads or other obnoxious
- content.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
->N/A</P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+block}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- <I
-CLASS="EMPHASIS"
->.ads.r.us</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will display its
- special <SPAN
-CLASS="QUOTE"
->"BLOCKED"</SPAN
-> page if a URL matches one of the
- blocked patterns. If there is sufficient space, a large red
- banner will appear with a friendly message about why the page
- was blocked, and a way to go there anyway. If there is insufficient
- space a smaller blocked page will appear without the red banner.
- One exception is if the URL matches both <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
->
- and <SPAN
-CLASS="QUOTE"
->"+image"</SPAN
->, then it can be handled by
- <SPAN
-CLASS="QUOTE"
->"+image-blocker"</SPAN
-> (see below).
- </P
-><P
-> The <SPAN
-CLASS="QUOTE"
->"+filter"</SPAN
-> action can also perform some of the
- same functionality as <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
->, but by virtue of very
- different programming techniques, and is typically used for different
- reasons.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="DEANIMATE-GIFS"
->5.4.5.3. <I
-CLASS="EMPHASIS"
->+deanimate-gifs</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> To stop those annoying, distracting animated GIF images.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> <SPAN
-CLASS="QUOTE"
->"last"</SPAN
-> or <SPAN
-CLASS="QUOTE"
->"first"</SPAN
->
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+deanimate-gifs{last}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> De-animate all animated GIF images, i.e. reduce them to their last frame.
- This will also shrink the images considerably (in bytes, not pixels!). If
- the option <SPAN
-CLASS="QUOTE"
->"first"</SPAN
-> is given, the first frame of the animation
- is used as the replacement. If <SPAN
-CLASS="QUOTE"
->"last"</SPAN
-> is given, the last
- frame of the animation is used instead, which probably makes more sense for
- most banner animations, but also has the risk of not showing the entire
- last frame (if it is only a delta to an earlier frame).
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="DOWNGRADE"
->5.4.5.4. <I
-CLASS="EMPHASIS"
->+downgrade</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> <SPAN
-CLASS="QUOTE"
->"+downgrade"</SPAN
-> will downgrade HTTP/1.1 client requests to
- HTTP/1.0 and downgrade the responses as well.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+downgrade}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Use this action for servers that use HTTP/1.1 protocol features that
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> doesn't handle well yet. HTTP/1.1 is
- only partially implemented. Default is not to downgrade requests. This is
- an infrequently needed action, and is used to help with problem sites only.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="FAST-REDIRECTS"
->5.4.5.5. <I
-CLASS="EMPHASIS"
->+fast-redirects</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> The <SPAN
-CLASS="QUOTE"
->"+fast-redirects"</SPAN
-> action enables interception of
- <SPAN
-CLASS="QUOTE"
->"redirect"</SPAN
-> requests from one server to another, which
- are used to track users.<SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> can cut off
- all but the last valid URL in redirect request and send a local redirect
- back to your browser without contacting the intermediate site(s).
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+fast-redirects}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
->
- Many sites, like yahoo.com, don't just link to other sites. Instead, they
- will link to some script on their own server, giving the destination as a
- parameter, which will then redirect you to the final target. URLs
- resulting from this scheme typically look like:
- <I
-CLASS="EMPHASIS"
->http://some.place/some_script?http://some.where-else</I
->.
- </P
-><P
-> Sometimes, there are even multiple consecutive redirects encoded in the
- URL. These redirections via scripts make your web browsing more traceable,
- since the server from which you follow such a link can see where you go
- to. Apart from that, valuable bandwidth and time is wasted, while your
- browser ask the server for one redirect after the other. Plus, it feeds
- the advertisers.
- </P
-><P
-> This is a normally on feature, and often requires exceptions for sites that
- are sensitive to defeating this mechanism.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="FILTER"
->5.4.5.6. <I
-CLASS="EMPHASIS"
->+filter</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Apply page filtering as defined by named sections of the
- <TT
-CLASS="FILENAME"
->default.filter</TT
-> file to the specified site(s).
- <SPAN
-CLASS="QUOTE"
->"Filtering"</SPAN
-> can be any modification of the raw
- page content, including re-writing or deletion of content.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> <SPAN
-CLASS="QUOTE"
->"+filter"</SPAN
-> must include the name of one of the section identifiers
- from <TT
-CLASS="FILENAME"
->default.filter</TT
-> (or whatever
- <I
-CLASS="EMPHASIS"
->filterfile</I
-> is specified in <TT
-CLASS="FILENAME"
->config</TT
->).
- </P
-></DD
-><DT
->Example usage (from the current <TT
-CLASS="FILENAME"
->default.filter</TT
->):</DT
-><DD
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{html-annoyances}</I
->: Get rid of particularly annoying HTML abuse.
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{js-annoyances}</I
->: Get rid of particularly annoying JavaScript abuse
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{content-cookies}</I
->: Kill cookies that come in the HTML or JS content
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{popups}</I
->: Kill all popups in JS and HTML
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{frameset-borders}</I
->: Give frames a border and make them resizable
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{webbugs}</I
->: Squish WebBugs (1x1 invisible GIFs used for user tracking)
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{refresh-tags}</I
->: Kill automatic refresh tags (for dial-on-demand setups)
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{fun}</I
->: Text replacements for subversive browsing fun!
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{nimda}</I
->: Remove Nimda (virus) code.
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{banners-by-size}</I
->: Kill banners by size (<I
-CLASS="EMPHASIS"
->very</I
-> efficient!)
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{shockwave-flash}</I
->: Kill embedded Shockwave Flash objects
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{crude-parental}</I
->: Kill all web pages that contain the words "sex" or "warez"
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This is potentially a very powerful feature! And requires a knowledge
- of regular expressions if you want to <SPAN
-CLASS="QUOTE"
->"roll your own"</SPAN
->.
- Filtering operates on a line by line basis.
- </P
-><P
-> Filtering requires buffering the page content, which may appear to
- slow down page rendering since nothing is displayed until all content has
- passed the filters. (It does not really take longer, but seems that way
- since the page is not incrementally displayed.) This effect will be more
- noticeable on slower connections.
- </P
-><P
-> Filtering can achieve some of the effects as the <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
->
- action, i.e. it can be used to block ads and banners. In the overall
- scheme of things, filtering is one of the last things <SPAN
-CLASS="QUOTE"
->"Privoxy"</SPAN
->
- does with a web page. So other actions are applied first.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="HIDE-FORWARDED"
->5.4.5.7. <I
-CLASS="EMPHASIS"
->+hide-forwarded</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Block any existing X-Forwarded-for HTTP header, and do not add a new one.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+hide-forwarded}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> It is fairly safe to leave this on. It does not seem to break many sites.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="HIDE-FROM"
->5.4.5.8. <I
-CLASS="EMPHASIS"
->+hide-from</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> To block the browser from sending your email address in a <SPAN
-CLASS="QUOTE"
->"From:"</SPAN
->
- header.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> Keyword: <SPAN
-CLASS="QUOTE"
->"block"</SPAN
->, or any user defined value.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+hide-from{block}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The keyword <SPAN
-CLASS="QUOTE"
->"block"</SPAN
-> will completely remove the header.
- Alternately, you can specify any value you prefer to send to the web
- server.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="HIDE-REFERER"
->5.4.5.9. <I
-CLASS="EMPHASIS"
->+hide-referer</I
-></A
-></H4
-><A
-NAME="HIDE-REFERRER"
-></A
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Don't send the <SPAN
-CLASS="QUOTE"
->"Referer:"</SPAN
-> (sic) HTTP header to the web site.
- Or, alternately send a forged header instead.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> Prevent the header from being sent with the keyword, <SPAN
-CLASS="QUOTE"
->"block"</SPAN
->.
- Or, <SPAN
-CLASS="QUOTE"
->"forge"</SPAN
-> a URL to one from the same server as the request.
- Or, set to user defined value of your choice.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+hide-referer{forge}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> <SPAN
-CLASS="QUOTE"
->"forge"</SPAN
-> is the preferred option here, since some servers will
- not send images back otherwise.
- </P
-><P
->
- <SPAN
-CLASS="QUOTE"
->"+hide-referrer"</SPAN
-> is an alternate spelling of
- <SPAN
-CLASS="QUOTE"
->"+hide-referer"</SPAN
->. It has the exact same parameters, and can be freely
- mixed with, <SPAN
-CLASS="QUOTE"
->"+hide-referer"</SPAN
->. (<SPAN
-CLASS="QUOTE"
->"referrer"</SPAN
-> is the
- correct English spelling, however the HTTP specification has a bug - it
- requires it to be spelled as <SPAN
-CLASS="QUOTE"
->"referer"</SPAN
->.)
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="HIDE-USER-AGENT"
->5.4.5.10. <I
-CLASS="EMPHASIS"
->+hide-user-agent</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> To change the <SPAN
-CLASS="QUOTE"
->"User-Agent:"</SPAN
-> header so web servers can't tell
- your browser type. Who's business is it anyway?
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> Any user defined string.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.msn.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Warning! This breaks many web sites that depend on this in order
- to determine how the target browser will respond to various
- requests. Use with caution.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="IMAGE"
->5.4.5.11. <I
-CLASS="EMPHASIS"
->+image</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> To define what <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> should treat
- automatically as an image.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+image}</I
-><br>
- <I
-CLASS="EMPHASIS"
->/.*\.(gif|jpg|jpeg|png|bmp|ico)</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This only has meaning if the URL (or pattern) also is
- <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
->ed, in which case a <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
-> image can
- be sent rather than a HTML page. (See <SPAN
-CLASS="QUOTE"
->"+image-blocker{}"</SPAN
-> below
- for the control over what is actually sent.)
- </P
-><P
-> There is little reason to change the default definition for this.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="IMAGE-BLOCKER"
->5.4.5.12. <I
-CLASS="EMPHASIS"
->+image-blocker</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Decide what to do with URLs that end up tagged with both <SPAN
-CLASS="QUOTE"
->"{+block}"</SPAN
->
- and <SPAN
-CLASS="QUOTE"
->"{+image}"</SPAN
->, e.g an advertisement.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> There are four available options: <SPAN
-CLASS="QUOTE"
->"-image-blocker"</SPAN
-> will send a HTML
- <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
-> page, usually resulting in a <SPAN
-CLASS="QUOTE"
->"broken
- image"</SPAN
-> icon. <SPAN
-CLASS="QUOTE"
->"+image-blocker{blank}"</SPAN
-> will send a 1x1
- transparent GIF image. <SPAN
-CLASS="QUOTE"
->"+image-blocker{pattern}"</SPAN
-> will send a
- checkerboard type pattern (the default). And finally,
- <SPAN
-CLASS="QUOTE"
->"+image-blocker{http://xyz.com}"</SPAN
-> will send a HTTP temporary
- redirect to the specified image. This has the advantage of the icon being
- being cached by the browser, which will speed up the display.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+image-blocker{blank}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If you want <I
-CLASS="EMPHASIS"
->invisible</I
-> ads, they need to be both
- defined as <I
-CLASS="EMPHASIS"
->images</I
-> and <I
-CLASS="EMPHASIS"
->blocked</I
->.
- And then, <SPAN
-CLASS="QUOTE"
->"image-blocker"</SPAN
-> should be set to
- <SPAN
-CLASS="QUOTE"
->"blank"</SPAN
-> for invisibility. Note you cannot treat HTML pages as
- images in most cases. For instance, frames require an HTML page to display.
- So a frame that is an ad, cannot be treated as an image. Forcing an
- <SPAN
-CLASS="QUOTE"
->"image"</SPAN
-> in this situation just will not work.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="LIMIT-CONNECT"
->5.4.5.13. <I
-CLASS="EMPHASIS"
->+limit-connect</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> By default, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> only allows HTTP CONNECT
- requests to port 443 (the standard, secure HTTPS port). Use
- <SPAN
-CLASS="QUOTE"
->"+limit-connect"</SPAN
-> to disable this altogether, or to allow
- more ports.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> Any valid port number, or port number range.
- </P
-></DD
-><DT
->Example usages:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+limit-connect{443}</I
-> # This is the default and need not be specified.<br>
- <I
-CLASS="EMPHASIS"
->+limit-connect{80,443}</I
-> # Ports 80 and 443 are OK.<br>
- <I
-CLASS="EMPHASIS"
->+limit-connect{-3, 7, 20-100, 500-}</I
-> # Port less than 3, 7, 20 to 100 and above 500 are OK.<br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The CONNECT methods exists in HTTP to allow access to secure websites
- (https:// URLs) through proxies. It works very simply: the proxy connects
- to the server on the specified port, and then short-circuits its
- connections to the client <I
-CLASS="EMPHASIS"
->and</I
-> to the remote proxy.
- This can be a big security hole, since CONNECT-enabled proxies can be
- abused as TCP relays very easily.
- </P
-><P
->
- If you want to allow CONNECT for more ports than this, or want to forbid
- CONNECT altogether, you can specify a comma separated list of ports and
- port ranges (the latter using dashes, with the minimum defaulting to 0 and
- max to 65K).
- </P
-><P
-> If you don't know what any of this means, there probably is no reason to
- change this one.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="NO-COMPRESSION"
->5.4.5.14. <I
-CLASS="EMPHASIS"
->+no-compression</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Prevent the specified websites from compressing HTTP data.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+no-compression}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Some websites do this, which can be a problem for
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->, since <SPAN
-CLASS="QUOTE"
->"+filter"</SPAN
->,
- <SPAN
-CLASS="QUOTE"
->"+no-popup"</SPAN
-> and <SPAN
-CLASS="QUOTE"
->"+gif-deanimate"</SPAN
-> will not work
- on compressed data. This will slow down connections to those websites,
- though. Default typically is to turn <SPAN
-CLASS="QUOTE"
->"no-compression"</SPAN
-> on.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="NO-COOKIES-KEEP"
->5.4.5.15. <I
-CLASS="EMPHASIS"
->+no-cookies-keep</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Allow cookies for the current browser session only.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+no-cookies-keep}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If websites set cookies, <SPAN
-CLASS="QUOTE"
->"no-cookies-keep"</SPAN
-> will make sure
- they are erased when you exit and restart your web browser. This makes
- profiling cookies useless, but won't break sites which require cookies so
- that you can log in for transactions. This is generally turned on for all
- sites. Sometimes referred to as <SPAN
-CLASS="QUOTE"
->"session cookies"</SPAN
->.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="NO-COOKIES-READ"
->5.4.5.16. <I
-CLASS="EMPHASIS"
->+no-cookies-read</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Explicitly prevent the web server from reading any cookies on your
- system.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+no-cookies-read}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Often used in conjunction with <SPAN
-CLASS="QUOTE"
->"+no-cookies-set"</SPAN
-> to
- disable persistant cookies completely.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="NO-COOKIES-SET"
->5.4.5.17. <I
-CLASS="EMPHASIS"
->+no-cookies-set</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Explicitly block the web server from sending cookies to your
- system.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+no-cookies-set}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Often used in conjunction with <SPAN
-CLASS="QUOTE"
->"+no-cookies-read"</SPAN
-> to
- disable persistant cookies completely.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="NO-POPUP"
->5.4.5.18. <I
-CLASS="EMPHASIS"
->+no-popup</I
-></A
-></H4
-><A
-NAME="NO-POPUPS"
-></A
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Stop those annoying JavaScript pop-up windows!
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+no-popup}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> <SPAN
-CLASS="QUOTE"
->"+no-popup"</SPAN
-> uses a built in filter to disable pop-ups
- that use the <TT
-CLASS="LITERAL"
->window.open()</TT
-> function, etc.
- </P
-><P
-> An alternate spelling is <SPAN
-CLASS="QUOTE"
->"+no-popups"</SPAN
->, which is
- interchangeable.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="VANILLA-WAFER"
->5.4.5.19. <I
-CLASS="EMPHASIS"
->+vanilla-wafer</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Sends a cookie for every site stating that you do not accept any copyright
- on cookies sent to you, and asking them not to track you.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+vanilla-wafer}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This action only applies if you are using a <TT
-CLASS="FILENAME"
->jarfile</TT
->
- for saving cookies. Of course, this is a (relatively) unique header and
- could be used to track you.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="WAFER"
->5.4.5.20. <I
-CLASS="EMPHASIS"
->+wafer</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Multi-value.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> This allows you to send an arbitrary, user definable cookie.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> User specified cookie name and corresponding value.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+wafer{name=value}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This can be specified multiple times in order to add as many cookies as you
- like.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H3
-CLASS="SECT4"
-><A
-NAME="ACT-EXAMPLES"
->5.4.5.21. Actions Examples</A
-></H3
-><P
-> Note that the meaning of any of the above examples is reversed by preceding
- the action with a <SPAN
-CLASS="QUOTE"
->"-"</SPAN
->, in place of the <SPAN
-CLASS="QUOTE"
->"+"</SPAN
->. Also,
- that some actions are turned on in the default section of the actions file,
- and require little to no additional configuration. These are just <SPAN
-CLASS="QUOTE"
->"on"</SPAN
->.
- Some actions that are turned on the default section do typically require
- exceptions to be listed in the lower sections of actions file.</P
-><P
-> Some examples:</P
-><P
-> Turn off cookies by default, then allow a few through for specified sites:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Turn off all persistent cookies<br>
- { +no-cookies-read }<br>
- { +no-cookies-set }<br>
- <br>
- # Allow cookies for this browser session ONLY<br>
- { +no-cookies-keep }<br>
-<br>
- # Exceptions to the above, sites that benefit from persistent cookies<br>
- # that saved from one browser session to the next.<br>
- { -no-cookies-read }<br>
- { -no-cookies-set }<br>
- { -no-cookies-keep }<br>
- .javasoft.com<br>
- .sun.com<br>
- .yahoo.com<br>
- .msdn.microsoft.com<br>
- .redhat.com<br>
-<br>
- # Alternative way of saying the same thing<br>
- {-no-cookies-set -no-cookies-read -no-cookies-keep}<br>
- .sourceforge.net<br>
- .sf.net<br>
- </P
->
- </TT
-></P
-><P
-> Now turn off <SPAN
-CLASS="QUOTE"
->"fast redirects"</SPAN
->, and then we allow two exceptions:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Turn them off!<br>
- {+fast-redirects}<br>
- <br>
- # Reverse it for these two sites, which don't work right without it.<br>
- {-fast-redirects}<br>
- www.ukc.ac.uk/cgi-bin/wac\.cgi\?<br>
- login.yahoo.com<br>
- </P
->
- </TT
-></P
-><P
-> Turn on page filtering according to rules in the defined sections
- of <TT
-CLASS="FILENAME"
->default.filter</TT
->, and make one exception for
- Sourceforge:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Run everything through the filter file, using only the<br>
- # specified sections:<br>
- +filter{html-annoyances} +filter{js-annoyances} +filter{no-popups}\<br>
- +filter{webbugs} +filter{nimda} +filter{banners-by-size}<br>
- <br>
- # Then disable filtering of code from sourceforge!<br>
- {-filter}<br>
- .cvs.sourceforge.net<br>
- </P
->
- </TT
-></P
-><P
-> Now some URLs that we want <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
-> (normally generates
- the <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
-> banner). Many of these use
- <A
-HREF="appendix.html#REGEX"
->regular expressions</A
-> that will expand to match
- multiple URLs: </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Blocklist:<br>
- {+block}<br>
- /.*/(.*[-_.])?ads?[0-9]?(/|[-_.].*|\.(gif|jpe?g))<br>
- /.*/(.*[-_.])?count(er)?(\.cgi|\.dll|\.exe|[?/])<br>
- /.*/(ng)?adclient\.cgi<br>
- /.*/(plain|live|rotate)[-_.]?ads?/<br>
- /.*/(sponsor)s?[0-9]?/<br>
- /.*/_?(plain|live)?ads?(-banners)?/<br>
- /.*/abanners/<br>
- /.*/ad(sdna_image|gifs?)/<br>
- /.*/ad(server|stream|juggler)\.(cgi|pl|dll|exe)<br>
- /.*/adbanners/<br>
- /.*/adserver<br>
- /.*/adstream\.cgi<br>
- /.*/adv((er)?ts?|ertis(ing|ements?))?/<br>
- /.*/banner_?ads/<br>
- /.*/banners?/<br>
- /.*/banners?\.cgi/<br>
- /.*/cgi-bin/centralad/getimage<br>
- /.*/images/addver\.gif<br>
- /.*/images/marketing/.*\.(gif|jpe?g)<br>
- /.*/popupads/<br>
- /.*/siteads/<br>
- /.*/sponsor.*\.gif<br>
- /.*/sponsors?[0-9]?/<br>
- /.*/advert[0-9]+\.jpg<br>
- /Media/Images/Adds/<br>
- /ad_images/<br>
- /adimages/<br>
- /.*/ads/<br>
- /bannerfarm/<br>
- /grafikk/annonse/<br>
- /graphics/defaultAd/<br>
- /image\.ng/AdType<br>
- /image\.ng/transactionID<br>
- /images/.*/.*_anim\.gif # alvin brattli<br>
- /ip_img/.*\.(gif|jpe?g)<br>
- /rotateads/<br>
- /rotations/ <br>
- /worldnet/ad\.cgi<br>
- /cgi-bin/nph-adclick.exe/<br>
- /.*/Image/BannerAdvertising/<br>
- /.*/ad-bin/<br>
- /.*/adlib/server\.cgi<br>
- /autoads/<br>
- </P
->
- </TT
-></P
-><P
-> Note that many of these actions have the potential to cause a page to
- misbehave, possibly even not to display at all. There are many ways
- a site designer may choose to design his site, and what HTTP header
- content he may depend on. There is no way to have hard and fast rules
- for all sites. See the <A
-HREF="appendix.html#ACTIONSANAT"
->Appendix</A
->
- for a brief example on troubleshooting actions.</P
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN2110"
->5.4.6. Aliases</A
-></H3
-><P
-> Custom <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
->, known to <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- as <SPAN
-CLASS="QUOTE"
->"aliases"</SPAN
->, can be defined by combining other <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
->.
- These can in turn be invoked just like the built-in <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
->.
- Currently, an alias can contain any character except space, tab, <SPAN
-CLASS="QUOTE"
->"="</SPAN
->,
- <SPAN
-CLASS="QUOTE"
->"{"</SPAN
-> or <SPAN
-CLASS="QUOTE"
->"}"</SPAN
->. But please use only <SPAN
-CLASS="QUOTE"
->"a"</SPAN
->-
- <SPAN
-CLASS="QUOTE"
->"z"</SPAN
->, <SPAN
-CLASS="QUOTE"
->"0"</SPAN
->-<SPAN
-CLASS="QUOTE"
->"9"</SPAN
->, <SPAN
-CLASS="QUOTE"
->"+"</SPAN
->, and
- <SPAN
-CLASS="QUOTE"
->"-"</SPAN
->. Alias names are not case sensitive, and
- <I
-CLASS="EMPHASIS"
->must be defined before anything</I
-> else in the
- <TT
-CLASS="FILENAME"
->default.action</TT
->file! And there can only be one set of
- <SPAN
-CLASS="QUOTE"
->"aliases"</SPAN
-> defined.</P
-><P
-> Now let's define a few aliases:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Useful custom aliases we can use later. These must come first!<br>
- {{alias}}<br>
- +no-cookies = +no-cookies-set +no-cookies-read<br>
- -no-cookies = -no-cookies-set -no-cookies-read<br>
- fragile = -block -no-cookies -filter -fast-redirects -hide-referer -no-popups<br>
- shop = -no-cookies -filter -fast-redirects<br>
- +imageblock = +block +image<br>
-<br>
- #For people who don't like to type too much: ;-)<br>
- c0 = +no-cookies<br>
- c1 = -no-cookies<br>
- c2 = -no-cookies-set +no-cookies-read<br>
- c3 = +no-cookies-set -no-cookies-read<br>
- #... etc. Customize to your heart's content.<br>
- </P
->
- </TT
-></P
-><P
-> Some examples using our <SPAN
-CLASS="QUOTE"
->"shop"</SPAN
-> and <SPAN
-CLASS="QUOTE"
->"fragile"</SPAN
->
- aliases from above:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # These sites are very complex and require<br>
- # minimal interference.<br>
- {fragile}<br>
- .office.microsoft.com<br>
- .windowsupdate.microsoft.com<br>
- .nytimes.com<br>
-<br>
- # Shopping sites - but we still want to block ads.<br>
- {shop}<br>
- .quietpc.com<br>
- .worldpay.com # for quietpc.com<br>
- .jungle.com<br>
- .scan.co.uk<br>
-<br>
- # These shops require pop-ups also <br>
- {shop -no-popups}<br>
- .dabs.com<br>
- .overclockers.co.uk<br>
- </P
->
- </TT
-></P
-><P
-> The <SPAN
-CLASS="QUOTE"
->"shop"</SPAN
-> and <SPAN
-CLASS="QUOTE"
->"fragile"</SPAN
-> aliases are often used for
- <SPAN
-CLASS="QUOTE"
->"problem"</SPAN
-> sites that require most actions to be disabled
- in order to function properly. </P
-></DIV
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="FILTERFILE"
->5.5. The Filter File</A
-></H2
-><P
-> Any web page can be dynamically modified with the filter file. This
- modification can be removal, or re-writing, of any web page content,
- including tags and non-visible content. The default filter file is
- <TT
-CLASS="FILENAME"
->default.filter</TT
->, located in the config directory. </P
-><P
-> This is potentially a very powerful feature, and requires knowledge of both
- <SPAN
-CLASS="QUOTE"
->"regular expression"</SPAN
-> and HTML in order create custom
- filters. But, there are a number of useful filters included with
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> for many common situations.</P
-><P
-> The included example file is divided into sections. Each section begins
- with the <TT
-CLASS="LITERAL"
->FILTER</TT
-> keyword, followed by the identifier
- for that section, e.g. <SPAN
-CLASS="QUOTE"
->"FILTER: webbugs"</SPAN
->. Each section performs
- a similar type of filtering, such as <SPAN
-CLASS="QUOTE"
->"html-annoyances"</SPAN
->.</P
-><P
-> This file uses regular expressions to alter or remove any string in the
- target page. The expressions can only operate on one line at a time. Some
- examples from the included default <TT
-CLASS="FILENAME"
->default.filter</TT
->:</P
-><P
-> Stop web pages from displaying annoying messages in the status bar by
- deleting such references:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> FILTER: html-annoyances<br>
-<br>
- # New browser windows should be resizeable and have a location and status<br>
- # bar. Make it so.<br>
- #<br>
- s/resizable="?(no|0)"?/resizable=1/ig s/noresize/yesresize/ig<br>
- s/location="?(no|0)"?/location=1/ig s/status="?(no|0)"?/status=1/ig<br>
- s/scrolling="?(no|0|Auto)"?/scrolling=1/ig<br>
- s/menubar="?(no|0)"?/menubar=1/ig <br>
-<br>
- # The <BLINK> tag was a crime!<br>
- #<br>
- s*<blink>|</blink>**ig<br>
-<br>
- # Is this evil? <br>
- #<br>
- #s/framespacing="?(no|0)"?//ig<br>
- #s/margin(height|width)=[0-9]*//gi<br>
- </P
->
- </TT
-></P
-><P
-> Just for kicks, replace any occurrence of <SPAN
-CLASS="QUOTE"
->"Microsoft"</SPAN
-> with
- <SPAN
-CLASS="QUOTE"
->"MicroSuck"</SPAN
->, and have a little fun with topical buzzwords: </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> FILTER: fun<br>
-<br>
- s/microsoft(?!.com)/MicroSuck/ig<br>
-<br>
- # Buzzword Bingo:<br>
- #<br>
- s/industry-leading|cutting-edge|award-winning/<font color=red><b>BINGO!</b></font>/ig<br>
- </P
->
- </TT
-></P
-><P
-> Kill those pesky little web-bugs:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)<br>
- FILTER: webbugs<br>
-<br>
- s/<img\s+[^>]*?(width|height)\s*=\s*['"]?1\D[^>]*?(width|height)\s*=\s*['"]?1(\D[^>]*?)?>/<!-- Squished WebBug -->/sig<br>
- </P
->
- </TT
-></P
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN2176"
->5.6. Templates</A
-></H2
-><P
-> When <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> displays one of its internal
- pages, such as a 404 Not Found error page, it uses the appropriate template.
- On Linux, BSD, and Unix, these are located in
- <TT
-CLASS="FILENAME"
->/etc/privoxy/templates</TT
-> by default. These may be
- customized, if desired. <TT
-CLASS="FILENAME"
->cgi-style.css</TT
-> is
- used to control the HTML attributes (fonts, etc).</P
-><P
-> The default <SPAN
-CLASS="QUOTE"
->"Blocked"</SPAN
-> banner page with the bright red top
- banner, is called just <SPAN
-CLASS="QUOTE"
->"<TT
-CLASS="FILENAME"
->blocked</TT
->"</SPAN
->. This
- may be customized or replaced with something else if desired. </P
-></DIV
-></DIV
-><DIV
-CLASS="NAVFOOTER"
-><HR
-ALIGN="LEFT"
-WIDTH="100%"><TABLE
-WIDTH="100%"
-BORDER="0"
-CELLPADDING="0"
-CELLSPACING="0"
-><TR
-><TD
-WIDTH="33%"
-ALIGN="left"
-VALIGN="top"
-><A
-HREF="quickstart.html"
->Prev</A
-></TD
-><TD
-WIDTH="34%"
-ALIGN="center"
-VALIGN="top"
-><A
-HREF="index.html"
->Home</A
-></TD
-><TD
-WIDTH="33%"
-ALIGN="right"
-VALIGN="top"
-><A
-HREF="contact.html"
+HREF="config.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
WIDTH="33%"
ALIGN="left"
VALIGN="top"
->Quickstart to Using <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-></TD
+>Starting Privoxy</TD
><TD
WIDTH="34%"
ALIGN="center"
WIDTH="33%"
ALIGN="right"
VALIGN="top"
->Contacting the Developers, Bug Reporting and Feature
-Requests</TD
+>The Main Configuration File</TD
></TR
></TABLE
></DIV
projects / privoxy.git / blobdiff