X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=TODO;h=fbc5dc03df9df0ecd91c7bd5a2b269ca09aecf1e;hp=3f605bea046eed9658d4a0a2d74e9810d7deeb3c;hb=6b12a8f1704e127a1553e08541cd007dbdfc462e;hpb=24d2ea4ae0d8c02803e0441f748a977b8015750f

diff --git a/TODO b/TODO
index 3f605bea..fbc5dc03 100644
--- a/TODO
+++ b/TODO
@@ -1,4 +1,4 @@
-$Id: TODO,v 1.139 2016/01/16 12:30:05 fabiankeil Exp $
+$Id: TODO,v 1.165 2017/05/29 10:40:28 fabiankeil Exp $
 
 Some Privoxy-related tasks, sorted by the time they
 have been added, not by priority.
@@ -53,9 +53,6 @@ http://www.privoxy.org/faq/general.html#DONATE
 
 14) Allow to filter POST parameters.
 
-15) If trusted CGI pages are requested without trusted referrer,
-    set the status code to 403 instead of 200.
-
 16) Filter SSL encrypted content as well.
 
     At the beginning we could use a unencrypted connection between
@@ -65,7 +62,7 @@ http://www.privoxy.org/faq/general.html#DONATE
     This should be good enough for most of the content the
     user would want to filter.
 
-    Interested donors: 1.
+    Interested donors: 2.
 
 19) enable-forward-fallback. Syntax? Suggested by K.R.
 
@@ -105,7 +102,7 @@ http://www.privoxy.org/faq/general.html#DONATE
     Figure out a way to solve this. Introduce a cwd config option?
 
 41) Change documentation framework to one that works cross-platform.
-    Evaluate WML.
+    Evaluate WML and txt2tags.
 
 42) Add a DTrace USDT provider. Now that FreeBSD has userland DTrace
     support there's no longer any reason not to.
@@ -129,15 +126,21 @@ http://www.privoxy.org/faq/general.html#DONATE
     It would probably also make sense to look into what other
     projects did when migrating away from SF.
 
-    2014-05-13: Work in progress. Hosting wish list at the end
-    of this file.
+    2014-05: Work in progress. Hosting wish list at the end
+             of this file. Looks like most of the other projects
+             that left SF had lower standards and moved to hosters
+             that don't come close to sattisfying the requirements.
+    2016-03: The website has been moved away from SF infrastructure
+             and is also available through https:// now.
+    2016-04: Server rent for a year has been sponsored by ChameleonJohn.
+    2016-04: The SF mailing lists have been deprecated, the new ones
+             are available at: https://lists.privoxy.org/
 
     Interested donors: 1.
 
 54) Move away from CVS to a more modern revision control system.
-    Find out if there are any objection against going with Git.
-    Using Git would also have the advantage that SF now pretends
-    to support it, so we could do it independently from 53).
+    The move to git is work in progress:
+    https://sourceforge.net/p/ijbswa/mailman/message/34994343/
 
 58) Move more template strings from the code into the actual templates.
 
@@ -156,8 +159,8 @@ http://www.privoxy.org/faq/general.html#DONATE
     is no legal entity.
 
 65) Polish Website. Probably involves ditching the Docbook
-    mess in favour of wml. There are already several threads
-    in the mailinglist archives about this. See also #41.
+    mess. There are already several threads in the mailinglist
+    archives about this. See also #41.
 
 66) Stop hard-coding the number of action and filter files.
 
@@ -167,6 +170,9 @@ http://www.privoxy.org/faq/general.html#DONATE
 68) Use standard make syntax so we don't depend on GNU make.
 
 69) Update autoconf setup (or move away from it).
+    Unfortunately the autoconf files can't be simply updated
+    due to license issues:
+    https://lists.privoxy.org/pipermail/privoxy-devel/2016-April/000008.html
 
 70) If the server connection is reset but the headers are
     received, consider passing the mess to the client instead
@@ -212,7 +218,7 @@ http://www.privoxy.org/faq/general.html#DONATE
 82) Detect if the system time goes back in time let the user
     know if it caused any connections to get closed.
 
-85) Once #84 is done, write a script that populates a directory with
+85) Once #51 is done, write a script that populates a directory with
     various common third-party icons (stumbleupon.png, facebook.png ...)
     and redirect requests for them to Privoxy.
 
@@ -278,6 +284,7 @@ http://www.privoxy.org/faq/general.html#DONATE
 100) Create a cross-platform Privoxy control program and retire
      the win32 GUI. Integrate support for Privoxy-Regression-Test,
      Privoxy-Log-Parser, Privoxy-Filter-Test, uagen and similar tools.
+     Interested donors: 1.
 
 102) Add an include directive to split the config file into several parts.
 
@@ -341,9 +348,10 @@ http://www.privoxy.org/faq/general.html#DONATE
      running out of stack space, causing the kernel to kill Privoxy
      ungracefully.
 
-121) Add HTTP/2 support. As a first step, incomming HTTP/1.x requests
+121) Add HTTP/2 support. As a first step, incoming HTTP/1.x requests
      should be translated to outgoing HTTP/2 requests where possible
      (and if desired by the user).
+     Interested donors: 1.
 
 122) Allow customized log messages.
 
@@ -381,12 +389,6 @@ http://www.privoxy.org/faq/general.html#DONATE
      an action so the behaviour can be enabled on a per-request basis.
      Interested donors: 1.
 
-132) Provide a Tor hidden service to reach the Privoxy website.
-     Work in progress: http://jvauzb4sb3bwlsnc.onion/
-     This hidden service serves a copy of the www.privoxy.org content
-     (filtered through Privoxy to replace some absolute URLs).
-     Interested donors: 1.
-
 133) Consider allowing bitcoin donations.
      Interested donors: 2.
 
@@ -407,39 +409,20 @@ http://www.privoxy.org/faq/general.html#DONATE
      but making the reporting mechanism available again would be a
      good idea.
 
-140) Toggling Privoxy off, currently also disables stuff that
-     probably shouldn't be affected (like forward-override based
-     on tags). Investigate and fix or document.
+140) Toggling Privoxy off currently also disables stuff that
+     probably shouldn't be affected (such as actions like
+     forward-override). Investigate and fix or document.
 
 141) Port Privoxy to CloudABI, which, despite the name, is actually
-     rather neet. https://github.com/NuxiNL/cloudlibc
+     rather neat. https://github.com/NuxiNL/cloudlibc
 
 142) Remove or update the "internal" pcre version.
 
 143) Add support for OpenBSD's pledge feature once it's stablelized.
      This should be a lot less work then #124.
 
-144) Allow Privoxy admins to pre-define tags that are be set for
-     clients that previously opted-in through the CGI interface.
-
-     This would be useful in multi-user setups where admins may
-     want to allow users to disable certain actions and filters
-     for themselves without affecting others.
-
-     Even in single-user setups this could be useful to allow
-     more fine-grained toggling. For example to disable request
-     blocking while still crunching cookies, or to disable
-     experimental filters only.
-
-     Interested donors: 1.
-
-145) Once #144 is implemented, allow clients to opt-in to the
-     tagging for a limited amount of time (or number of requests).
-
-     Interested donors: 1.
-
-146) Once #144 is implemented, optionally allow to save the opt-in
-     status to disk.
+146) Allow to save the internal client tag state to disk and
+     load it after restarts.
 
 147) Improve "Building from Source" section in the user manual.
      A common problem seems to be that it's not obvious to non-technical
@@ -448,6 +431,49 @@ http://www.privoxy.org/faq/general.html#DONATE
      technical users (like Privoxy developers) who want to install or test
      Privoxy on platforms they are not familiar with.
 
+148) Add a config directive to change the CGI_SITE_2_HOST
+     (default: config.privoxy.org).
+
+     If Privoxy is used as reverse proxy or intercepting proxy without
+     getting intercepted requests, error pages created from default templates
+     currently can result in client requests to config.privoxy.org on the
+     Internet which may not be desirable.
+
+150) Add blacklistd support.
+
+151) Let the dok-tidy target work cross-platform without introducing
+     a ton of white-space changes that hide the content changes.
+
+152) Fix CSS references in the website documentation.
+     For many pages p_doc.css is specified twice using different paths.
+     Usually at least one works, but not all of them do and the
+     duplicated requests are pointless even if they don't end up with
+     a 404.
+
+153) Catch SIGINT and use it to close the listen socket, serve
+     remaining connections and shut down. This would allow higher
+     uptime and make testing more convenient.
+
+154) Underline links in docs and cgi pages. More precisely,
+     don't mess with the browser defaults for link underlining.
+
+155) The sig_handler() shouldn't call log_error().
+     While it isn't known to cause actual problems in normal operation,
+     it's technically incorrect and causes crashes when running in
+     valgrind.
+
+156) Reject socks requests with an explicit error message similar
+     to the one used for ftp. Motivation:
+     https://lists.privoxy.org/pipermail/privoxy-users/2017-March/000195.html
+
+158) Use a single thread to wait for new requests on reused client connections.
+     Currently the thread that handles the first request on a connection
+     stays responsible for the client connect until it gets closed.
+     In case of lots of idle connections lots of waiting threads are used.
+     While it's conceivable that this ineffiency is irrelevant from a
+     performance point of view, using a single thread should reduce Privoxy's
+     memory footprint a bit which may be noticeable in case of multi-user setups
+     with hundreds of idle connections.
 ##########################################################################
 
 Hosting wish list (relevant for #53)