X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=TODO;h=11b4d8068003ad1fa06a175ddbc45d126a7f4191;hp=4758341175fa938ed940550ab8269ec2d54c3f42;hb=8312f8334ca6a0b29eab44ffcda8320cbd64b424;hpb=d718332b42f884d9c3c2fd0cfa9b83f4973c6971

diff --git a/TODO b/TODO
index 47583411..11b4d806 100644
--- a/TODO
+++ b/TODO
@@ -6,13 +6,14 @@ https://www.privoxy.org/gitweb/?p=privoxy.git;a=blob_plain;f=TODO;hb=HEAD
 
 There's work in progress to fund development on these items using
 donations. If you want to donate, please have a look at:
-https://www.privoxy.org/faq/general.html#DONATE
+https://www.privoxy.org/donate
 
 1)  Add more regression tests. Filters should be tested automatically
     (variables too). Could probably reuse large parts of Privoxy-Filter-Test.
     Note that there is currently work in progress to leverage curl's
     test suite, patches have been submitted upstream:
     https://curl.se/mail/lib-2014-06/0070.html
+    https://curl.se/mail/lib-2021-01/0068.html
 
 3)  Fix some more XXX: comments.
 
@@ -49,8 +50,6 @@ https://www.privoxy.org/faq/general.html#DONATE
 
 12) Support pipelining for outgoing connections.
 
-14) Allow to filter POST parameters.
-
 19) enable-forward-fallback. Syntax? Suggested by K.R.
 
 21) User Manual delivery doesn't accept multiple slashes. Should it?
@@ -166,7 +165,9 @@ https://www.privoxy.org/faq/general.html#DONATE
 
 75) Create a tool that creates Privoxy action (and filter?) files
     out of adblock files. Could be implemented as option for
-    url-pattern-translator.pl.
+    url-pattern-translator.pl. Before doing that, the already
+    existing solutions should probably be evaluated to see if
+    they do the job already or could be improved.
 
 76) Cache DNS responses. Note that this has been requested
     several times by users, but is not a developer priority.
@@ -188,9 +189,7 @@ https://www.privoxy.org/faq/general.html#DONATE
 86) Add a server-body-tagger action. This is trivial as as all the
     functionality required to do it already exists.
 
-87) Add a client-body-tagger action. This is less trivial as we currently
-    don't buffer client bodies. After 14) is implemented it would be
-    trivial, though.
+87) Add a client-body-tagger action. Work in progress.
 
 88) Investigate if there's a Perl module that Privoxy-Regression-Test
     could optionally use to keep connections alive, preferably while
@@ -344,8 +343,6 @@ https://www.privoxy.org/faq/general.html#DONATE
 
 136) Make builds reproducible.
 
-137) Add a (preferably vector-based) logo.
-
 138) Bring back the scripts to provide actions file feedback.
 
      Once upon a time (~2003) there were scripts on the webserver
@@ -359,8 +356,6 @@ https://www.privoxy.org/faq/general.html#DONATE
      probably shouldn't be affected (such as actions like
      forward-override). Investigate and fix or document.
 
-142) Remove or update the "internal" pcre version.
-
 143) Add support for OpenBSD's pledge feature once it's stablelized.
      This should be a lot less work then #124.
 
@@ -433,10 +428,6 @@ https://www.privoxy.org/faq/general.html#DONATE
 
 165) Add a max-connections-per-client directive.
 
-166) Figure out how to ship Windows binaries with external libraries
-     like pcre and MbedTLS. Required for #142. Somewhat related:
-     https://lists.privoxy.org/pipermail/privoxy-devel/2020-November/000400.html
-
 167) Set up a public Privoxy-Filter-Test instance.
 
 168) Add a privacy policy.
@@ -444,7 +435,7 @@ https://www.privoxy.org/faq/general.html#DONATE
 169) Preserve all relevant copyright and license statements in binary
      packages we distribute.
 
-170) Serve the ca-cert-file through the CGI interface so client's
+170) Serve the ca-cert-file through the CGI interface so clients
      can conveniently import it (insecurely).
 
 171) Create a "view page using Privoxy" website where users can input
@@ -453,6 +444,94 @@ https://www.privoxy.org/faq/general.html#DONATE
 
 172) Create a public git repository for Privoxy-Filter-Test.
 
+173) Document Privoxy's governance model.
+
+174) Let the Tor Onion Service for the privoxy website
+     serve gitweb and the git repository as well.
+
+175) Add more screenshots to the documentation and website.
+
+176) Find a new fiduciary sponsor as a replacement for Zwiebelfreunde e.V.,
+     so that we can continue to receive tax-deductible donations in Europe.
+
+177) Support https-inspection for intercepted requests.
+
+178) Warn on http://config.privoxy.org/client-tags if a Tag name
+     hasn't at least one matching action section.
+
+179) Add a add-server-header{} action to add headers to the response
+     sent to the client (including responses generated by Privoxy itself).
+
+180) Add support for GnuTLS.
+
+181) Allow to upgrade an http request to https behind the
+     client's back using a client-header filter.
+
+182) Before enforcing the client-header-order, check that the
+     client headers actually need sorting. Should reduce log
+     messages and memory allocations.
+
+183) Properly deal with proxy responses that arrive in multiple pieces
+     when https inspecting while using a forwarding proxy.
+
+184) Add support for wolfSSL. Work in progress, expected to be
+     committed after the 3.0.34 release. Funded with donations
+     made to the Privoxy project.
+
+185) The mbedTLS and OpenSSL versions of generate_host_certificate()
+     should only be called when necessary and the check should be
+     done without holding the certificate mutex.
+
+186) Privoxy should handle "OPTIONS *" requests properly.
+
+187) There should be a convenient way to see the versions of
+     the libraries Privoxy is using.
+
+188) In the windows config.txt file, add the line
+       user-manual ./doc/user-manual/
+     right after
+       # Copyright ...
+       #
+
+189) Bring back binary packages for macOS, preferably for both Intel and M1.
+     The first step would be getting at least one build system, either
+     donated or bought with donations earmarked for this.
+     Interested donors: 0.
+
+190) The socks5 authentication code should send user name an password
+     seperately or we should increase the cbuf size to allow longer
+     user names and passwords.
+
+191) The cipher-list directive should be split into cipher-list-server
+     and cipher-list-client.
+
+192) The client TLS contexts should probably be shared among threads
+     to spend less time and memory loading the root certificates.
+
+193) Use SHA256 instead of MD5 for the host hash used when generating file
+     names for host certificates and keys.
+
+194) There should be a way to force gif deanimation if the server does not
+     declare the content as gif.
+
+195) We should probably cache the server TLS contexts.
+
+196) Investigate if it's worth adding an optional mutex for the CGI handler.
+     Could reduce memory use and increase performance on single core systems
+     for some tests.
+
+197) Investigate if parts of Privoxy should get optional replacements
+     written in Rust.
+
+198) Add a config directive that prevent's IP addresses from being logged
+     (when logging is enabled).
+
+199) In actions.c the "#define DEFINE_ACTION_ALIAS 0" lines should probably
+     be changed to "#undef DEFINE_ACTION_ALIAS" or removed.
+
+200) Add a config directive that causes Privoxy to remove all
+     host certificates before exiting.
+
 ##########################################################################
 
 Hosting wish list (relevant for #53)