X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=TODO;h=11b4d8068003ad1fa06a175ddbc45d126a7f4191;hp=ab0b0d6f4b1b68ce4716000e33d899cc73ba6055;hb=8312f8334ca6a0b29eab44ffcda8320cbd64b424;hpb=b834a2860cef555c4b62dc22360dd987018b30df diff --git a/TODO b/TODO index ab0b0d6f..11b4d806 100644 --- a/TODO +++ b/TODO @@ -13,6 +13,7 @@ https://www.privoxy.org/donate Note that there is currently work in progress to leverage curl's test suite, patches have been submitted upstream: https://curl.se/mail/lib-2014-06/0070.html + https://curl.se/mail/lib-2021-01/0068.html 3) Fix some more XXX: comments. @@ -164,7 +165,9 @@ https://www.privoxy.org/donate 75) Create a tool that creates Privoxy action (and filter?) files out of adblock files. Could be implemented as option for - url-pattern-translator.pl. + url-pattern-translator.pl. Before doing that, the already + existing solutions should probably be evaluated to see if + they do the job already or could be improved. 76) Cache DNS responses. Note that this has been requested several times by users, but is not a developer priority. @@ -186,7 +189,7 @@ https://www.privoxy.org/donate 86) Add a server-body-tagger action. This is trivial as as all the functionality required to do it already exists. -87) Add a client-body-tagger action. This, too, is trivial. +87) Add a client-body-tagger action. Work in progress. 88) Investigate if there's a Perl module that Privoxy-Regression-Test could optionally use to keep connections alive, preferably while @@ -353,8 +356,6 @@ https://www.privoxy.org/donate probably shouldn't be affected (such as actions like forward-override). Investigate and fix or document. -142) Remove or update the "internal" pcre version. - 143) Add support for OpenBSD's pledge feature once it's stablelized. This should be a lot less work then #124. @@ -427,10 +428,6 @@ https://www.privoxy.org/donate 165) Add a max-connections-per-client directive. -166) Figure out how to ship Windows binaries with external libraries - like pcre and MbedTLS. Required for #142. Somewhat related: - https://lists.privoxy.org/pipermail/privoxy-devel/2020-November/000400.html - 167) Set up a public Privoxy-Filter-Test instance. 168) Add a privacy policy. @@ -438,7 +435,7 @@ https://www.privoxy.org/donate 169) Preserve all relevant copyright and license statements in binary packages we distribute. -170) Serve the ca-cert-file through the CGI interface so client's +170) Serve the ca-cert-file through the CGI interface so clients can conveniently import it (insecurely). 171) Create a "view page using Privoxy" website where users can input @@ -460,7 +457,7 @@ https://www.privoxy.org/donate 177) Support https-inspection for intercepted requests. 178) Warn on http://config.privoxy.org/client-tags if a Tag name - has't at least one matching action section. + hasn't at least one matching action section. 179) Add a add-server-header{} action to add headers to the response sent to the client (including responses generated by Privoxy itself). @@ -470,6 +467,71 @@ https://www.privoxy.org/donate 181) Allow to upgrade an http request to https behind the client's back using a client-header filter. +182) Before enforcing the client-header-order, check that the + client headers actually need sorting. Should reduce log + messages and memory allocations. + +183) Properly deal with proxy responses that arrive in multiple pieces + when https inspecting while using a forwarding proxy. + +184) Add support for wolfSSL. Work in progress, expected to be + committed after the 3.0.34 release. Funded with donations + made to the Privoxy project. + +185) The mbedTLS and OpenSSL versions of generate_host_certificate() + should only be called when necessary and the check should be + done without holding the certificate mutex. + +186) Privoxy should handle "OPTIONS *" requests properly. + +187) There should be a convenient way to see the versions of + the libraries Privoxy is using. + +188) In the windows config.txt file, add the line + user-manual ./doc/user-manual/ + right after + # Copyright ... + # + +189) Bring back binary packages for macOS, preferably for both Intel and M1. + The first step would be getting at least one build system, either + donated or bought with donations earmarked for this. + Interested donors: 0. + +190) The socks5 authentication code should send user name an password + seperately or we should increase the cbuf size to allow longer + user names and passwords. + +191) The cipher-list directive should be split into cipher-list-server + and cipher-list-client. + +192) The client TLS contexts should probably be shared among threads + to spend less time and memory loading the root certificates. + +193) Use SHA256 instead of MD5 for the host hash used when generating file + names for host certificates and keys. + +194) There should be a way to force gif deanimation if the server does not + declare the content as gif. + +195) We should probably cache the server TLS contexts. + +196) Investigate if it's worth adding an optional mutex for the CGI handler. + Could reduce memory use and increase performance on single core systems + for some tests. + +197) Investigate if parts of Privoxy should get optional replacements + written in Rust. + +198) Add a config directive that prevent's IP addresses from being logged + (when logging is enabled). + +199) In actions.c the "#define DEFINE_ACTION_ALIAS 0" lines should probably + be changed to "#undef DEFINE_ACTION_ALIAS" or removed. + +200) Add a config directive that causes Privoxy to remove all + host certificates before exiting. + ########################################################################## Hosting wish list (relevant for #53)