X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fsource%2Ffaq.sgml;h=c3f4d8571b686ef2365de18f89d17066b844e503;hp=3dc15a1081ee010a4c9d23806c71e7fc5e7f0ecf;hb=d32e97dce787ca5afc7791215e78a01e0db76f0b;hpb=cbb36e79de8b2330e39ed4a88a08229851d31a7d
diff --git a/doc/source/faq.sgml b/doc/source/faq.sgml
index 3dc15a10..c3f4d857 100644
--- a/doc/source/faq.sgml
+++ b/doc/source/faq.sgml
@@ -8,10 +8,10 @@
-
-
-
-
+
+
+
+
@@ -21,15 +21,11 @@
Privoxy">
]>
- Copyright &my-copy; 2001-2016 by
+ Copyright &my-copy; 2001-2020 by
Privoxy Developers
-$Id: faq.sgml,v 2.133 2017/02/20 13:45:25 fabiankeil Exp $
-
@@ -166,9 +156,9 @@ me?
strengths is that it is highly configurable giving you the ability to
completely personalize your installation. Being familiar with, or at least
having an interest in learning about HTTP and other networking
- protocols, HTML, and
- Regular
+ url="https://en.wikipedia.org/wiki/Http">HTTP and other networking
+ protocols, HTML, and
+ Regular
Expressions
will be a big plus and will help you get the most out of &my-app;.
A new installation just includes a very basic configuration. The user
@@ -178,9 +168,9 @@ me?
Much of Privoxy's configuration can be done
- with a Web browser.
+ with a Web browser.
But there are areas where configuration is done using a
- text editor
+ text editor
to edit configuration files. Also note that the web-based action editor
doesn't use authentication and should only be enabled in environments
where all clients with access to &my-app; listening port can be trusted.
@@ -190,13 +180,13 @@ me?
What is a <quote>proxy</quote>? How does
Privoxy work?
- A web proxy
+ A web proxy
is a service, based on a software such as &my-app;, that clients
(i.e. browsers) can use instead of connecting to web servers directly.
The clients then ask the proxy to request objects (web pages, images, movies etc)
on their behalf and to forward the data to the clients.
It is a go-between. For details, see
- Wikipedia's proxy definition.
+ Wikipedia's proxy definition.
There are many reasons to use web proxies, such as security (firewalling),
@@ -271,7 +261,7 @@ from the old Junkbuster?
Junkbuster left off.
Privoxy still blocks ads and banners,
still manages cookies, and still
+ url="https://en.wikipedia.org/wiki/Browser_cookie">cookies, and still
helps protect your privacy. But, most of these features have been enhanced,
and many new ones have been added, all in the same vein.
@@ -411,12 +401,11 @@ Privoxy. Why should I use Privoxy at all?
Is there is a license or fee? What about a
warranty? Registration?
- Privoxy is free software and licensed under the GNU General Public License (GPL) version 2.
- It is free to use, copy, modify or distribute as you wish under the terms of this
- license. Please see the Copyright section for more
- information on the license and copyright. Or the LICENSE file
- that should be included.
+ Privoxy is free software.
+ It is free to use, copy, modify or distribute as you wish under the terms of its
+ license.
+ Please see the Copyright section for more
+ information on the license and copyright.
There is no warranty of any kind, expressed, implied or otherwise.
@@ -491,7 +480,7 @@ warranty? Registration?
While it is partly out of date, it's still worth reading.
- Our TODO list
+ Our TODO list
may be of interest to you as well.
Please let us know if you want to work on one of the items listed.
@@ -500,7 +489,7 @@ warranty? Registration?
Would you like to donate?
Donations are welcome. Our
- TODO list
+ TODO list
is rather long and being able to pay one (or more) developers to work on Privoxy
would make a huge difference, even if it was only for a couple of weeks. Donations may
also be used for Privoxy-related travel expenses (for example to attend conferences),
@@ -509,38 +498,13 @@ warranty? Registration?
Privoxy is an associated
- project of Software
+ project of Software
in the Public Interest (SPI), which allows us to receive
tax-deductible donations in the United States.
You can donate via Paypal
- and Click & Pledge.
+ and Click & Pledge.
For details, please have a look at
- SPI's general donation page.
-
-
-
- You can also donate to Privoxy using a bank account or a "Paypal" address:
-
-
- Name on account: Zwiebelfreunde e.V.
- IBAN: DE95430609671126825604
- BIC: GENODEM1GLS
- Bank: GLS Bank
-
-
- "Paypal" address: privoxy@zwiebelfreunde.de
-
-
- Donations made through Zwiebelfreunde e.V. are tax-deductible in Germany
- and other countries that recognize German charitable clubs. Feel free to
- use the Subject field to provide a name to be credited and a list of TODO
- list items you are interested in the most. For example: Max Mustermann: #16, #1, #14.
-
-
-
- Note that donations made through Zwiebelfreunde e.V. currently can't be checked
- automatically so you may not get credited right away. The credits currently
- reflect donations received before 2016-01-14.
+ SPI's general donation page.
@@ -557,10 +521,10 @@ warranty? Registration?
- Gold (10000 EUR/year)
+ Gold (12000 USD/year)
- Logo shown at the bottom of the
+ Logo or text link shown at the bottom of the
Privoxy homepage.
Logo, link and self description on the
sponsor page.
@@ -568,10 +532,10 @@ warranty? Registration?
- Silver (1000 EUR/year)
+ Silver (1200 USD/year)
- Logo shown randomly at the bottom of the
+ Logo or text link shown at the bottom of the
Privoxy homepage.
Logo, link and self description on the
sponsor page.
@@ -579,7 +543,7 @@ warranty? Registration?
- Bronze (500 EUR/year)
+ Bronze (600 USD/year)
Logo and link on the sponsor page.
@@ -592,13 +556,18 @@ warranty? Registration?
our server, no requests are made to the sponsor website unless
the links are being used.
+
+ Link targets are without path (https://www.example.org/
+ not https://www.example.org/seo/keyword/spam/).
+
The details may change over time but changes will only affect new sponsors
(or existing sponsors that explicitly agreed to the changes).
If you want to become a sponsor, please contact
- Fabian Keil.
+ Fabian Keil
+ and include the link target in the mail.
New sponsors are only accepted if no developer objects.
@@ -688,8 +657,7 @@ special I have to do now?
the User Manual for more
details. You should also flush your browser's memory and disk
cache to get rid of any cached junk items, and remove any stored
- cookies.
-
+ cookies.
@@ -824,7 +792,7 @@ Privoxy is running and being used.
for single URLs, whole web sites, groups or parts thereof etc. Actions can also be
grouped together and then applied to requests matching one or more patterns.
There are many possible actions that might apply to any given site. As an example,
- if you are blocking cookies
+ if you are blocking cookies
as one of your default actions, but need to accept cookies from a given site,
you would need to define an exception for this site in one of your actions
files, preferably in user.action.
@@ -866,7 +834,7 @@ way to do this?
-
+There are several different <quote>actions</quote> files. What are
the differences?
@@ -879,10 +847,9 @@ the differences?
Where can I get updated Actions Files?
Based on your feedback and the continuing development, updates of
- default.action will be
- made available from time to time on the files section of
- our project page.
+ default.action are available from
+ git.
@@ -931,34 +898,30 @@ the differences?
The default configuration shouldn't impact the usability of any of these services.
It may, however, make all cookies
+ url="https://en.wikipedia.org/wiki/Browser_cookie">cookies
temporary, so that your browser will forget your
login credentials in between browser sessions. If you would like not to have to log
in manually each time you access those websites, simply turn off all cookie handling
for them in the user.action file. An example for yahoo might
look like:
- # Allow all cookies for Yahoo login:
#
{ -crunch-incoming-cookies -crunch-outgoing-cookies -session-cookies-only }
.login.yahoo.com
-
These kinds of sites are often quite complex and heavy with
- Javascript and
+ Javascript and
thus fragile. So if still a problem,
we have an alias just for such
sticky situations:
- # Gmail is a _fragile_ site:
#
{ fragile }
# Gmail is ...
mail.google.com
-
Be sure to flush your browser's caches whenever making these kinds of
changes, just to make sure the changes take.
@@ -1109,10 +1072,8 @@ with a browser? Does that not raise security issues?
should look like:
-
listen-address 192.168.1.1:8118
-
Save the file, and restart Privoxy. Configure
@@ -1124,10 +1085,8 @@ with a browser? Does that not raise security issues?
all available interfaces:
-
listen-address :8118
-
And then use Privoxy's
@@ -1221,18 +1180,12 @@ instead of the checkerboard image. Why and how do I get rid of this?
Can Privoxy run as a service
on Win2K/NT/XP?
-Windows service
- functionality. See
+ Yes. Full Windows service
+ functionality was introduced in Privoxy 3.0.5.
+ See
the User Manual for details on how to install and configure
Privoxy as a service.
-
- Earlier ]]>3.x versions could run as a system service using srvany.exe.
- See the discussion at https://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118,
- for details, and a sample configuration.
-
@@ -1336,7 +1289,8 @@ and thus avoid individual browser configuration?
For a good discussion of some of the issues involved (including privacy and
security issues), see
- https://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118.
+ https://sourceforge.net/p/ijbswa/support-requests/107/.
@@ -1344,19 +1298,20 @@ and thus avoid individual browser configuration?
I sometimes notice cookies sneaking through. How?Cookies can be
+ url="https://en.wikipedia.org/wiki/Browser_cookie">Cookies can be
set in several ways. The classic method is via the
Set-Cookie HTTP header. This is straightforward, and an
easy one to manipulate, such as the &my-app; concept of
session-cookies-only.
There is also the possibility of using
- Javascript to
+ Javascript to
set cookies (&my-app; calls these content-cookies). This
is trickier because the syntax can vary widely, and thus requires a certain
amount of guesswork. It is not realistic to catch all of these short of
disabling Javascript, which would break many sites. And lastly, if the
cookies are embedded in a HTTPS/SSL secure session via Javascript, they are beyond
- Privoxy's reach.
+ Privoxy's reach unless you enable
+ https-inspection.
All in all, &my-app; can help manage cookies in general, can help minimize
@@ -1370,7 +1325,7 @@ and thus avoid individual browser configuration?
No, in fact there are many beneficial uses of
cookies. Cookies are just a
+ url="https://en.wikipedia.org/wiki/Browser_cookie">cookies. Cookies are just a
method that browsers can use to store data between pages, or between browser
sessions. Sometimes there is a good reason for this, and the user's life is a
bit easier as a result. But there is a long history of some websites taking
@@ -1382,7 +1337,7 @@ and thus avoid individual browser configuration?
See the
- Wikipedia cookie
+ Wikipedia cookie
definition for more.
@@ -1400,11 +1355,9 @@ and thus avoid individual browser configuration?
To disable all cookie actions, so that cookies are allowed unrestricted,
both in and out, for example.com:
-
{ -crunch-incoming-cookies -crunch-outgoing-cookies -session-cookies-only -filter{content-cookies} }
.example.com
-
Place the above in user.action. Note that some of these may
be off by default anyway, so this might be redundant, but there is no harm
@@ -1495,16 +1448,13 @@ and thus avoid individual browser configuration?
can very easily over-ride all blocking with the
following very simple rule in your user.action:
-
# Unblock everybody, everywhere
{ -block }
/ # UN-Block *all* URLs
-
Or even a more comprehensive reversing of various ad related actions:
-
# Unblock everybody, everywhere, and turn off appropriate filtering, etc
{ -block \
@@ -1513,7 +1463,6 @@ and thus avoid individual browser configuration?
allow-popups \
}
/ # UN-Block *all* URLs and allow ads
-
This last action in this compound statement,
allow-popups, is an
during upgrades. You can, however, create completely new templates,
place them in another directory and specify the alternate path in the main
config. For details, have a look at the templdir option.
+ url="../user-manual/config.html#TEMPLDIR">templdir option.
@@ -1554,10 +1503,8 @@ the BLOCKED page?
available as compile-time options. You should
configure the sources as follows:
-
./configure --disable-toggle --disable-editor --disable-force
-
This will create an executable with hard-coded security features so that
&my-app; does not allow easy bypassing of blocked sites, or changing the
@@ -1858,11 +1805,9 @@ us help you. Your efforts are not wasted, and we do appreciate them.
forwarding section
and uncomment the line:
-
# forward-socks5t / 127.0.0.1:9050 .
-
-
+
Note that if you got Tor through one of the bundles, you may
have to change the port from 9050 to 9150 (or even another one).
@@ -1875,13 +1820,11 @@ us help you. Your efforts are not wasted, and we do appreciate them.
uncomment the following forward rules, to make sure your local network is still
reachable through Privoxy:
-
# forward 192.168.*.*/ .
# forward 10.*.*.*/ .
# forward 127.*.*.*/ .
-
-
+
Unencrypted connections to systems in these address ranges will
be as (un)secure as the local network is, but the alternative is
@@ -1895,11 +1838,9 @@ us help you. Your efforts are not wasted, and we do appreciate them.
network by using their names, you will need additional exceptions
that look like this:
-
# forward localhost/ .
-
-
+
Save the modified configuration file and open
http://config.privoxy.org/show-status
@@ -2025,9 +1966,17 @@ ads used to be. Why?
How can Privoxy filter Secure (HTTPS) URLs?
- Since secure HTTP connections are encrypted SSL sessions between your browser
- and the secure site, and are meant to be reliably secure,
- there is little that Privoxy can do but hand the raw
+ If you enable
+ https-inspection
+ Privoxy will impersonate the destination
+ server and can thus filter encrypted requests and responses as well.
+
+
+ Without
+ https-inspection
+ secure HTTP connections are encrypted SSL sessions between your
+ browser and the secure site, and there is little
+ that Privoxy can do but hand the raw
gibberish data though from one end to the other unprocessed.
@@ -2054,6 +2003,21 @@ ads used to be. Why?
+
+Does Privoxy support HTTP/2?
+
+ Privoxy currently doesn't parse HTTP/2 but applications
+ can tunnel HTTP/2 through Privoxy if Privoxy is configured
+ to allow CONNECT requests (default) which are also used
+ for HTTPS.
+
+
+ Adding HTTP/2 support is on the
+ TODO
+ list but currently nobody is known to work on it.
+
+
+
Privoxy runs as a <quote>server</quote>. How
secure is it? Do I need to take any special precautions?
@@ -2230,14 +2194,12 @@ altered it! Yikes, what is wrong!
your hosts list is neglected by Privoxy's
configuration, consider adding your list to your user.action file:
-
{ +block }
www.ad.example1.com
ad.example2.com
ads.galore.example.com
etc.example.com
-
@@ -2333,7 +2295,6 @@ and related issues?
There are several possibilities:
-Privoxy is not running. Solution: verify
@@ -2353,7 +2314,6 @@ and related issues?
try disabling or removing the firewall as a simple test.
-
@@ -2406,7 +2366,6 @@ still getting through. How?
our job a little easier. &my-app; has crunched (meaning caught
and BLOCKED) quite a few items in this example, but perhaps missed a few as well.
-
-
Despite 12 out of 32 requests being blocked, the page looked, and seemed to
behave perfectly normal (minus some ads, of course).
@@ -2734,7 +2692,7 @@ Why?
Upgrading Privoxy, or going to the most recent
default.action file available from SourceForge
+ url="https://www.privoxy.org/gitweb/?p=privoxy.git;a=blob_plain;f=default.action.master;hb=HEAD">git
might be worth a try, too.
@@ -2788,7 +2746,7 @@ Why?
Privoxy is attempting to disable malicious
- Javascript
+ Javascript
in this case, with the unsolicited-popups
filter. Privoxy cannot tell very well
good code snippets from bad code snippets.
@@ -2904,14 +2862,12 @@ browsing has slowed to a crawl. What gives?
To do that, enable logging to figure out which requests get blocked by
&my-app; and add the hosts (no path patterns) to a section like this:
-
-
Additionally you have to configure your browser to contact
127.0.0.1:0 directly (instead of through &my-app;).
@@ -3022,7 +2978,7 @@ browsing has slowed to a crawl. What gives?
this is not considered a Privoxy bug.
- To prevent the crashes you can rewrite your filter to use less ressources,
+ To prevent the crashes you can rewrite your filter to use less resources,
increase the relevant memory limit or recompile pcre to use less stack space.
For details please see the
pcrestack man page
@@ -3030,6 +2986,47 @@ browsing has slowed to a crawl. What gives?
+
+What to do if editing the config file of privoxy is access denied?
+
+ Your userid probably isn't allowed to edit the file.
+
+ On Windows you can use the windows equivalent of sudo:
+
+ runas /user:administrator "notepad \privoxy\config.txt"
+
+
+ or fix the file permissions:
+
+C:\Privoxy>icacls config.txt
+config.txt BUILTIN\Administrators:(I)(F)
+ NT AUTHORITY\SYSTEM:(I)(F)
+ BUILTIN\Users:(I)(RX)
+ NT AUTHORITY\Authenticated Users:(I)(M)
+
+Successfully processed 1 files; Failed processing 0 files
+
+C:\Privoxy>icacls config.txt /grant Lee:F
+processed file: config.txt
+Successfully processed 1 files; Failed processing 0 files
+
+C:\Privoxy>icacls config.txt
+config.txt I3668\Lee:(F)
+ BUILTIN\Administrators:(I)(F)
+ NT AUTHORITY\SYSTEM:(I)(F)
+ BUILTIN\Users:(I)(RX)
+ NT AUTHORITY\Authenticated Users:(I)(M)
+
+Successfully processed 1 files; Failed processing 0 files
+
+C:\Privoxy>
+
+
+ or try to point-n-click your way through adjusting the file
+ permissions in windows explorer.
+
+
+
@@ -3054,7 +3051,7 @@ browsing has slowed to a crawl. What gives?
- License
+ License
&license;
@@ -3062,7 +3059,7 @@ browsing has slowed to a crawl. What gives?
- History
+ History
&history;