X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fsource%2Fuser-manual.sgml;h=08ba0597bcf9817beaadb20d1fbef873ce18cb64;hp=3ff9a8c7f9bd47a4f2c741a84798269dcc6f970b;hb=2f84790ebbdce45364ef2bde8e42fcf3372b22c2;hpb=dfd5fc0277170f121ff5b4a1daa88406ea549f2b diff --git a/doc/source/user-manual.sgml b/doc/source/user-manual.sgml index 3ff9a8c7..08ba0597 100644 --- a/doc/source/user-manual.sgml +++ b/doc/source/user-manual.sgml @@ -10,14 +10,15 @@ + - - + + - - + + @@ -34,7 +35,7 @@ Purpose : user manual - Copyright (C) 2001-2018 Privoxy Developers https://www.privoxy.org/ + Copyright (C) 2001-2020 Privoxy Developers https://www.privoxy.org/ See LICENSE. ======================================================================== @@ -53,7 +54,7 @@ - Copyright &my-copy; 2001-2018 by + Copyright &my-copy; 2001-2020 by Privoxy Developers @@ -121,7 +122,8 @@ Hal. Since this is a &p-status; version, not all new features are well tested. This documentation may be slightly out of sync as a result (especially with - CVS sources). And there may be bugs, though hopefully + git sources). + And there may be bugs, though hopefully not many! ]]> @@ -225,31 +227,6 @@ How to install the binary packages depends on your operating system: - -OS/2 - - - First, make sure that no previous installations of - Junkbuster and / or - Privoxy are left on your - system. Check that no Junkbuster - or Privoxy objects are in - your startup folder. - - - - Then, just double-click the WarpIN self-installing archive, which will - guide you through the installation process. A shadow of the - Privoxy executable will be placed in your - startup folder so it will start automatically whenever OS/2 starts. - - - - The directory you choose to install Privoxy - into will contain all of the configuration files. - - - Mac OS X @@ -1060,13 +1037,13 @@ MAKENSIS = ./nsis/makensis.exe
Proxy Configuration Showing - Mozilla/Netscape HTTP and HTTPS (SSL) Settings + Mozilla Firefox HTTP and HTTPS (SSL) Settings - [ Screenshot of Mozilla Proxy Configuration ] + [ Screenshot of Mozilla Firefox Proxy Configuration ]
@@ -1077,7 +1054,7 @@ MAKENSIS = ./nsis/makensis.exe - Tools -> Options -> Advanced -> Network ->Connection -> Settings + Edit -> Preferences -> Network Settings -> Settings @@ -1216,16 +1193,6 @@ Example Unix startup command: - -OS/2 - - During installation, Privoxy is configured to - start automatically when the system restarts. You can start it manually by - double-clicking on the Privoxy icon in the - Privoxy folder. - - - Mac OS X @@ -1516,7 +1483,7 @@ for details.         ▪  View & change the current configuration -         ▪  View the source code version numbers +         ▪  View or toggle the tags that can be set based on the client's address         ▪  View the request headers. @@ -1574,8 +1541,8 @@ for details. Configuration Files Overview - For Unix, *BSD and Linux, all configuration files are located in - /etc/privoxy/ by default. For MS Windows and OS/2 + For Unix, *BSD and GNU/Linux, all configuration files are located in + /etc/privoxy/ by default. For MS Windows these are all in the same directory as the Privoxy executable. The main configuration file is named config - on Linux, Unix, BSD, and OS/2, and config.txt + on GNU/Linux, Unix, BSD, and config.txt on Windows. This is a required file. @@ -2292,6 +2259,12 @@ for details. While flexible, this is not the sophistication of full regular expression based syntax. + + When compiled with FEATURE_PCRE_HOST_PATTERNS patterns can be prefixed with + PCRE-HOST-PATTERN: in which case full regular expression + (PCRE) can be used for the host pattern as well. + + @@ -3658,6 +3631,76 @@ new action + + + +delay-response + + + + Typical use: + + Delay responses to the client to reduce the load + + + + + Effect: + + + Delays responses to the client by sending the response in ca. 10 byte chunks. + + + + + + Type: + + + Parameterized. + + + + + Parameter: + + + Number of milliseconds + + + + + + Notes: + + + Sometimes when JavaScript code is used to fetch advertisements + it doesn't respect Privoxy's blocks and retries to fetch the + same resource again causing unnecessary load on the client. + + + This action delays responses to the client and can be combined + with blocks + to slow down the JavaScript code, thus reducing + the load on the client. + + + When used without blocks + the action can also be used to simulate a slow internet connection. + + + + + + Example usage: + + +delay-response{100} + + + + + + downgrade-http-version @@ -3730,6 +3773,7 @@ problem-host.example.com + external-filter @@ -3915,7 +3959,7 @@ problem-host.example.com looks for the string http://, either in plain text (invalid but often used) or encoded as http%3a//. Some sites use their own URL encoding scheme, encrypt the address - of the target server or replace it with a database id. In theses cases + of the target server or replace it with a database id. In these cases fast-redirects is fooled and the request reaches the redirection server where it probably gets logged. @@ -5075,6 +5119,154 @@ new action + + +https-inspection + + + + Typical use: + + Filter encrypted requests and responses + + + + + Effect: + + + Encrypted requests are decrypted, filtered and forwarded encrypted. + + + + + + Type: + + + Boolean. + + + + + Parameter: + + + N/A + + + + + + Notes: + + + This action allows &my-app; to filter encrypted requests and responses. + For this to work &my-app; has to generate a certificate and send it + to the client which has to accept it. + + + Before this works the directives in the + HTTPS inspection section + of the config file have to be configured. + + + Note that the action has to be enabled based on the CONNECT + request which doesn't contain a path. Enabling it based on + a pattern with path doesn't work as the path is only seen + by &my-app; if the action is already enabled. + + + This is an experimental feature. + + + + + + Example usage (section): + + {+https-inspection} +www.example.com + + + + + + + + + +ignore-certificate-errors + + + + Typical use: + + Filter encrypted requests and responses without verifying the certificate + + + + + Effect: + + + Encrypted requests are forwarded to sites without verifying the certificate. + + + + + + Type: + + + Boolean. + + + + + Parameter: + + + N/A + + + + + + Notes: + + + When the + +https-inspection + action is used &my-app; by default verifies that the remote site uses a valid + certificate. + + + If the certificate can't be validated by &my-app; the connection is aborted. + + + This action disables the certificate check so requests to sites + with certificates that can't be validated are allowed. + + + Note that enabling this action allows Man-in-the-middle attacks. + + + + + + Example usage: + + + {+ignore-certificate-errors} + www.example.org + + + + + + + limit-connect @@ -5309,9 +5501,10 @@ new action Note that some (rare) ill-configured sites don't handle requests for uncompressed documents correctly. Broken PHP applications tend to send an empty document body, - some IIS versions only send the beginning of the content. If you enable - prevent-compression per default, you might want to add - exceptions for those sites. See the example for how to do that. + some IIS versions only send the beginning of the content and some content delivery + networks let the connection time out. + If you enable prevent-compression per default, you might + want to add exceptions for those sites. See the example for how to do that. @@ -5559,6 +5752,10 @@ example.com/.*toChange=(?!bar) # Redirect Destination = https://www.illumos.org/issues/4974 i[0-9][0-9][0-9][0-9]*/ +# Redirect requests for the old Tor Hidden Service of the Privoxy website to the new one +{+redirect{s@^http://jvauzb4sb3bwlsnc.onion/@http://l3tczdiiwoo63iwxty4lhs6p7eaxop5micbn7vbliydgv63x5zrrrfyd.onion/@}} +jvauzb4sb3bwlsnc.onion/ + # Redirect remote requests for this manual # to the local version delivered by Privoxy {+redirect{s@^http://www@http://config@}} @@ -7259,7 +7456,7 @@ pre-defined filters for your convenience: sometimes appear on some pages, or user agents that don't correct for this on the fly. @@ -7650,16 +7847,37 @@ Requests Privoxy is free software; you can - redistribute it and/or modify it under the terms of the - GNU General Public License, version 2, - as published by the Free Software Foundation and included in - the next section. + redistribute and/or modify its source code under the terms + of the GNU General Public License + as published by the Free Software Foundation, either version 2 + of the license, or (at your option) any later version. + + + + The same is true for Privoxy binaries + unless they are linked with a + mbed TLS version + that is licensed under the Apache 2.0 license in which + case you can redistribute and/or modify the Privoxy + binaries under the terms of the GNU General Public License + as published by the Free Software Foundation, either version 3 + of the license, or (at your option) any later version. + + + + Both licenses are included in the next section. License +GNU General Public License version 2 + + +GNU General Public License version 3 + + @@ -7970,23 +8188,23 @@ Requests - Show information about the current configuration, including viewing and - editing of actions files: + View and toggle client tags:
- http://config.privoxy.org/show-status + http://config.privoxy.org/client-tags
- Show the source code version numbers: + Show information about the current configuration, including viewing and + editing of actions files: -
+
- http://config.privoxy.org/show-version + http://config.privoxy.org/show-status