X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=ChangeLog;h=6749892d7a56c0271da435db9cdc6046072215a0;hp=9202e2f1dd4a0c134eec11f2d2282ce14ab9f4cd;hb=49d50fe297696103a2e15ce74eb0e38dea868896;hpb=f117b6e0d9539e387dc3b1c2ac58c8abcba74725 diff --git a/ChangeLog b/ChangeLog index 9202e2f1..6749892d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,7 +1,151 @@ -------------------------------------------------------------------- ChangeLog for Privoxy -------------------------------------------------------------------- -*** Since 3.0.6 *** +*** Since 3.0.10 + +- The mingw32 version uses mutex locks now which prevents + log message corruption under load. As a side effect, + the "no thread-safe PRNG" warning could be removed as well. +- Support for remote toggling is controlled by the configure + option --disable-toggle only. In previous versions it also + depended on the action editor and thus configuring with the + --disable-editor option would disable remote toggling support + as well. +- The hide-forwarded-for-headers action has been replaced with + the change-x-forwarded-for{} action which can also be used to + add X-Forwarded-For headers. The latter functionality already + existed in Privoxy versions prior to 3.0.7 but has been removed + as it was often used unintentionally (by not using the + hide-forwarded-for-headers action). + +*** Version 3.0.10 *** + +- Ordinary configuration file changes no longer cause program + termination on OS/2 if the name of the logfile hasn't been + changed as well. This regression probably crept in with the + logging improvements in 3.0.7. Reported by Maynard. +- The img-reorder filter is less likely to mess up JavaScript code in + img tags. Problem and solution reported by Glenn Washburn in #2014552. +- The source tar ball now includes Privoxy-Log-Parser, + a syntax-highlighter for Privoxy logs. For fancy screenshots see: + http://www.fabiankeil.de/sourcecode/privoxy-log-parser/ + Documentation is available through perldoc(1). + +*** Version 3.0.9 Beta *** + +- Added SOCKS5 support (with address resolution done by + the SOCKS5 server). Patch provided by Eric M. Hopper. +- The "blocked" CGI pages include a block reason that was + provided as argument to the last-applying block action. +- If enable-edit-actions is disabled (the default since 3.0.7 beta) + the show-status page hides the edit buttons and explains why. + Previously the user would get the "this feature has been disabled" + message after using the edit button. +- Forbidden CONNECT requests are treated like blocks by default. + The now-pointless treat-forbidden-connects-like-blocks action + has been removed. +- Not enabling limit-connect now allows CONNECT requests to all ports. + In previous versions it would only allow CONNECT requests to port 443. + Use +limit-connect{443} if you think you need the old default behaviour. +- The CGI editor gets turned off after three edit requests with invalid + file modification timestamps. This makes life harder for attackers + who can leverage browser bugs to send fake Referers and intend to + brute-force edit URLs. +- Action settings for multiple patterns in the same section are + shared in memory. As a result these sections take up less space + (and are loaded slightly faster). Problem reported by Franz Schwartau. +- Linear white space in HTTP headers will be normalized to single + spaces before parsing the header's content, headers split across + multiple lines get merged first. This should prevent problems like: + * letting the session-cookies-only action slip + some Cookies through unmodified, + * only suppressing the first line of a header, + thus creating an invalid one, and + * to incorrectly block headers with valid timestamps + that weren't properly recognized. + Headers that could trigger these problems are unlikely to appear + in "normal" web traffic, but could be intentionally generated to + fool some of Privoxy's header parsers. +- Host information is gathered outside the main thread so it's less + likely to delay other incoming connections if the host is misconfigured. +- New config option "hostname" to use a hostname other than + the one returned by the operating system. Useful to speed-up responses + for CGI requests on misconfigured systems. Requested by Max Khon. +- The CGI editor supports the "disable all filters of this type" + directives "-client-header-filter", "-server-header-filter", + "-client-header-tagger" and "-server-header-tagger". +- Fixed false-positives with the link-by-url filter and URLs that + contain the pattern "/jump/". +- The less-download-windows filter no longer messes + "Content-Type: application/x-shockwave-flash" headers up. +- In the show-url-info page's "Final results" section active and + inactive actions are listed separately. Patch provided by Lee. +- The GNUmakefile supports the DESTDIR variable. Patch for + the install target submitted by Radoslaw Zielinski. +- Embedding the content of configuration files in the show-status + page is significantly faster now. For a largish action file (1 MB) + a speedup of about 2450 times has been measured. This is mostly + interesting if you are using large action files or regularly use + Privoxy-Regression-Test while running Privoxy through Valgrind, + for stock configuration files it doesn't really matter. +- If zlib support is unavailable and there are content + filters active but the prevent-compression action is disabled, + the show-url-info page includes a warning that compression + might prevent filtering. +- The show-url-info page provides an OpenSearch Description that + allows to access the page through browser search plugins. +- Custom client-header filters that rewrite the request line + incorrectly no longer cause Privoxy to crash. Reported by din_a4. +- The obsolete kill-popups action has been removed as the + PCRS-based popup filters can do the same and are slightly + less unreliable. +- The inspect-jpegs action has been removed. +- The send-wafer and send-vanilla-wafer actions have been removed. + They weren't particular useful and their behaviour could be emulated + with add-header anyway. +- Privoxy-Regression-Test has been significantly improved. +- Most sections in the default.action file contain tests for + Privoxy-Regression-Test to verify that they are working as intended. +- Parts of Privoxy have been refactored to increase maintainability. +- Building with zlib (if available) is done by default. + +*** Version 3.0.8 *** + +- Fixed a small memory leak when listen-address only specifies the port. +- The source tar balls now include Privoxy-Regression-Test which + (upon other things) can be used to automatically detect some + packaging problems. Packagers are welcome to give it a try. +- Reverted a change in 3.0.7 that caused path patterns to be checked + even if the host pattern match already failed. While this doesn't + noticeable affect the performance, it makes it less likely to run + out of stack space with overly-complex path patterns the user might + have added. +- Updated the msn, yahoo and google filters to work as advertised again. +- The warning message shown by the show-status CGI page is easier to + understand. Previously it wasn't clear that the error message + is shown below the invalid directive. (Reported by Lee) +- When regenerating Content-Disposition headers the more common + spelling is used for the name. Previously it was written without caps. +- Less confusing log message if the content type isn't overwritten + because force-text-type wasn't used but the old type doesn't look + like content that would be filtered normally. +- Better log messages if the user tries to execute filters that + don't exist. +- Treat the non-standard Request-Range headers like standard range + headers and suppress them if content filtering is enabled. +- Prevent the log messages for CONNECT requests to unacceptable + ports from printing the limit-connect argument as [null] if + limit-connect hasn't been explicitly enabled. +- Don't disable the mingw32 log window if the logfile directive + isn't used. While it was an intentional change in 3.0.7 at least + one user perceived it as a regression and the same effect can + be achieved by disabling all debug directives. +- Fixed two minor problems related to the win32 build process: a css + file was not being in the installer and the trustfile comment in the + config.txt referenced a nonexisting file +- Minor documentation fixes. + +*** Version 3.0.7 Beta *** - Added zlib support to filter content with gzip and deflate encoding. (Patch provided by Wil Mahan) @@ -135,7 +279,8 @@ ChangeLog for Privoxy Earlier Privoxy versions would buffer and then forward the content unmodified which caused some browsers to simply show empty pages. - Fix double free in cgi_edit_actions_list(). Reported by Venustech AD-LAB. -- The code to add X-Forwarded-For headers has been removed. +- The code to add X-Forwarded-For headers when the hide-forwarded-for-headers + action isn't being used has been removed. - Fixed trustfile feature which previously didn't work without FEATURE_TOGGLE. Reported by Lee. - Minor code clean-ups, filter and action file updates. @@ -156,7 +301,7 @@ ChangeLog for Privoxy - Changed webinterface default values for hide-user-agent, hide-referrer and set-image-blocker. -*** Version 3.0.5 *** +*** Version 3.0.5 Beta *** - Windows version can be installed/started as a service. - Windows icon stays blue when Privoxy is idle, green when busy. @@ -473,7 +618,7 @@ being a mix of "U.S. English", "U.K. English" and "Irish English". ---------------------------------------------------------------------- -Copyright : Written by and Copyright (C) 2001-2007 the SourceForge +Copyright : Written by and Copyright (C) 2001-2008 the SourceForge Privoxy team. http://www.privoxy.org/ Based on the Internet Junkbuster originally written @@ -497,12 +642,3 @@ Copyright : Written by and Copyright (C) 2001-2007 the SourceForge http://www.gnu.org/copyleft/gpl.html or write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - Note that parts of Privoxy are under licenses that are - GPL-compatible but less restrictive - for details see - Privoxy's source code. The Privoxy team doesn't hold the - copyright for these parts and doesn't relicense them either. - You are free to extract them again to distribute them under - their own license. - -set vi:tw=68