X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fsource%2Fuser-manual.sgml;h=8008218c812d4d3f0ca2ee930d966687419ae27a;hp=b1ba3ce378ff79fba49a2e5b210eaf6c46189481;hb=d65b7df9b986c4de1014b6b1b237d678e7b59fa8;hpb=60523aeb81032f680bc2d568fb710203dec0a454
diff --git a/doc/source/user-manual.sgml b/doc/source/user-manual.sgml
index b1ba3ce3..8008218c 100644
--- a/doc/source/user-manual.sgml
+++ b/doc/source/user-manual.sgml
@@ -13,7 +13,7 @@
-
+
@@ -30,15 +30,11 @@
Privoxy">
]>
- Copyright &my-copy; 2001-2014 by
- Privoxy Developers
+ Copyright &my-copy; 2001-2018 by
+ Privoxy Developers
-$Id: user-manual.sgml,v 2.206 2016/03/17 10:43:07 fabiankeil Exp $
-
@@ -101,14 +95,11 @@ Hal.
You can find the latest version of the Privoxy User Manual at http://www.privoxy.org/user-manual/.
+ url="https://www.privoxy.org/user-manual/">https://www.privoxy.org/user-manual/.
Please see the Contact section on how to
contact the developers.
-
-
-
@@ -162,7 +153,7 @@ Hal.
Privoxy is available both in convenient pre-compiled
packages for a wide range of operating systems, and as raw source code.
For most users, we recommend using the packages, which can be downloaded from our
- Privoxy Project
+ Privoxy Project
Page.
@@ -244,7 +235,6 @@ How to install the binary packages depends on your operating system:
system. Check that no Junkbuster
or Privoxy objects are in
your startup folder.
-
@@ -349,38 +339,163 @@ How to install the binary packages depends on your operating system:
Building from Source
- The most convenient way to obtain the Privoxy sources
- is to download the source tarball from our
- project download
- page.
-
-
-
- If you like to live on the bleeding edge and are not afraid of using
- possibly unstable development versions, you can check out the up-to-the-minute
- version directly from the
- CVS repository.
-
+ The most convenient way to obtain the Privoxy source
+ code is to download the source tarball from our
+
+ project download page,
+ or you can get the up-to-the-minute, possibly unstable, development version from
+ https://www.privoxy.org/.
&buildsource;
+
+ Windows
+
+ Setup
+
+ Install the Cygwin utilities needed to build Privoxy.
+ If you have a 64 bit CPU (which most people do by now), get the
+ Cygwin setup-x86_64.exe program here
+ (the .sig file is here).
+
+
+ Run the setup program and from View / Category select:
+
+
+ Devel
+ autoconf 2.5
+ automake 1.15
+ binutils
+ cmake
+ gcc-core
+ gcc-g++
+ git
+ make
+ mingw64-i686-gcc-core
+ mingw64-i686-zlib
+ Editors
+ vim
+ Libs
+ libxslt: GNOME XSLT library (runtime)
+ Net
+ curl
+ openssh
+ Text
+ docbook-dssl
+ docbook-sgml31
+ docbook-utils
+ openjade
+ Utils
+ gnupg
+ Web
+ w3m
+
+
+
+ If you haven't already downloaded the Privoxy source code, get it now:
+
+
+ mkdir <root-dir>
+ cd <root-dir>
+ git clone https://www.privoxy.org/git/privoxy.git
+
+
+
+ Get the source code (.zip or .tar.gz) for tidy from
+
+ https://github.com/htacg/tidy-html5/releases,
+ unzip into <root-dir> and build the software:
+
+
+ cd <root-dir>
+ cd tidy-html5-x.y.z/build/cmake
+ cmake ../.. -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIB:BOOL=OFF -DCMAKE_INSTALL_PREFIX=/usr/local
+ make && make install
+
+
+
+ If you want to be able to make a Windows release package, get the NSIS .zip file from
+
+
+ https://sourceforge.net/projects/nsis/files/NSIS%203/
+ and extract the NSIS directory to privoxy/windows.
+ Then edit the windows/GNUmakefile to set the location of the NSIS executable - eg:
+
+
+# Path to NSIS
+MAKENSIS = ./nsis/makensis.exe
+
+
+
+
+ Build
+
+
+ To build just the Privoxy executable and not the whole installation package, do:
+
+
+ cd <root-dir>/privoxy
+ ./windows/MYconfigure && make
+
+
+
+ Privoxy uses the GNU Autotools
+ for building software, so the process is:
+
+
+ $ autoheader # creates config.h.in
+ $ autoconf # uses config.h.in to create the configure shell script
+ $ ./configure [options] # creates GNUmakefile
+ $ make [options] # builds the program
+
+
+
+ The usual configure options for building a native Windows application under cygwin are
+
+
+
+ --host=i686-w64-mingw32
+ --enable-mingw32
+ --enable-zlib
+ --enable-static-linking
+ --disable-pthread
+ --disable-dynamic-pcre
+
+
+
+ You can set the CFLAGS and LDFLAGS envars before
+ running configure to set compiler and linker flags. For example:
+
+
+
+ $ export CFLAGS="-O2" # set gcc optimization level
+ $ export LDFLAGS="-Wl,--nxcompat" # Enable DEP
+ $ ./configure --host=i686-w64-mingw32 --enable-mingw32 --enable-zlib \
+ > --enable-static-linking --disable-pthread --disable-dynamic-pcre
+ $ make # build Privoxy
+
+
+
+ See the Developer's Manual
+ for building a Windows release package.
+
+
+
+
+
+
Keeping your Installation Up-to-Date
If you wish to receive an email notification whenever we release updates of
Privoxy or the actions file, subscribe
- to our announce mailing list, ijbswa-announce@lists.sourceforge.net.
+ url="https://lists.privoxy.org/mailman/listinfo/privoxy-announce">subscribe
+ to our announce mailing list, privoxy-announce@lists.privoxy.org.
@@ -415,7 +530,6 @@ How to install the binary packages depends on your operating system:
versions of Privoxy:
-
@@ -500,11 +614,9 @@ How to install the binary packages depends on your operating system:
that filtering does not work on compressed pages, so if you use, or want to
use, filtering, you will need to force compression off. Example:
-
{ +filter{google} +prevent-compression }
.google.
-
Or if you use a number of filters, or filter many sites, you may just want
to turn off compression for all sites in
@@ -532,14 +644,13 @@ How to install the binary packages depends on your operating system:
-->
-Quickstart to Using Privoxy
-
+
@@ -639,7 +750,6 @@ How to install the binary packages depends on your operating system:
-
@@ -716,7 +826,6 @@ How to install the binary packages depends on your operating system:
set-image-blocker:
-
@@ -791,7 +900,6 @@ How to install the binary packages depends on your operating system:
-
Advanced users will eventually want to explore &my-app;
@@ -837,7 +945,6 @@ How to install the binary packages depends on your operating system:
A quick and simple step by step example:
-
@@ -861,7 +968,6 @@ How to install the binary packages depends on your operating system:
- Actions Files in Use
@@ -872,7 +978,6 @@ How to install the binary packages depends on your operating system:
-
@@ -907,7 +1012,6 @@ How to install the binary packages depends on your operating system:
-
This is a very crude and simple example. There might be good reasons to use a
@@ -955,7 +1059,6 @@ How to install the binary packages depends on your operating system:
- Proxy Configuration Showing
Mozilla/Netscape HTTP and HTTPS (SSL) Settings
@@ -967,7 +1070,6 @@ How to install the binary packages depends on your operating system:
-
@@ -976,7 +1078,6 @@ How to install the binary packages depends on your operating system:
Tools -> Options -> Advanced -> Network ->Connection -> Settings
-
@@ -985,7 +1086,6 @@ How to install the binary packages depends on your operating system:
Edit -> Preferences -> General -> Connection Settings -> Manual Proxy Configuration
-
@@ -999,7 +1099,6 @@ How to install the binary packages depends on your operating system:
Edit -> Preferences -> Advanced -> Proxies -> HTTP Proxy
-
@@ -1019,7 +1118,6 @@ How to install the binary packages depends on your operating system:
- Proxy Configuration Showing
Internet Explorer HTTP and HTTPS (Secure) Settings
@@ -1031,7 +1129,6 @@ How to install the binary packages depends on your operating system:
-
@@ -1059,11 +1156,9 @@ How to install the binary packages depends on your operating system:
/etc/privoxy/config as its main configuration
file.
-
# /etc/init.d/privoxy start
-
@@ -1082,11 +1177,9 @@ How to install the binary packages depends on your operating system:
To start Privoxy manually, run:
-
# service privoxy onestart
-
@@ -1112,11 +1205,9 @@ Click on the &my-app; Icon to start Privoxy. If no co
Example Unix startup command:
-
# /usr/sbin/privoxy --user privoxy /etc/privoxy/config
-
Note that if you installed Privoxy through
a package manager, the package will probably contain a platform-specific
@@ -1263,7 +1354,6 @@ must find a better place for this paragraph
command-line options:
-
@@ -1379,7 +1469,6 @@ must find a better place for this paragraph
-
On MS Windows only there are two additional
@@ -1416,14 +1505,12 @@ for details.
(shortcut: http://p.p/),
which is a built-in page and works without Internet access.
You will see the following section:
-
-
+ Privoxy Menu
-
▪ View & change the current configuration
@@ -1442,7 +1529,7 @@ for details.
▪ Documentation
+ url="https://www.privoxy.org/&p-version;/user-manual/">Documentation
@@ -1487,9 +1574,9 @@ for details.
Configuration Files Overview
- For Unix, *BSD and Linux, all configuration files are located in
- /etc/privoxy/ by default. For MS Windows, OS/2, and
- AmigaOS these are all in the same directory as the
+ For Unix, *BSD and GNU/Linux, all configuration files are located in
+ /etc/privoxy/ by default. For MS Windows and OS/2
+ these are all in the same directory as the
Privoxy executable.
@@ -1501,13 +1588,12 @@ for details.
principle configuration files are:
-
The main configuration file is named config
- on Linux, Unix, BSD, OS/2, and AmigaOS and config.txt
+ on GNU/Linux, Unix, BSD, and OS/2, and config.txt
on Windows. This is a required file.
@@ -1559,7 +1645,6 @@ for details.
-
The syntax of the configuration and filter files may change between different
@@ -1645,7 +1730,6 @@ for details.
are three action files included with Privoxy with
differing purposes:
-
@@ -1708,7 +1792,6 @@ for details.
The default profiles, and their associated actions, as pre-defined in
default.action are:
-
Default Configurations
@@ -1826,11 +1909,9 @@ for details.
-
-
The list of actions files to be used are defined in the main configuration
@@ -1954,14 +2035,12 @@ for details.
might look like:
-
{ +handle-as-image +block{Banner ads.} }
# Block these as if they were images. Send no block page.
banners.example.com
media.example.com/.*banners
.example.com/images/ads/
-
You can trace this process for URL patterns and any given URL by visiting index.html regardless of path which in this case can
have one or more /'s. And this one must contain exactly
- .html (but does not have to end with that!).
+ .html (and end with that!).
@@ -2293,6 +2372,7 @@ for details.
that contains any of the words ads, banner,
banners (because of the ?) or junk.
The path does not have to end in these words, just contain them.
+ The path has to contain at least two slashes (including the one at the beginning).
@@ -2393,6 +2473,7 @@ for details.
are checked after all server headers are scanned. In both cases all the created
tags are considered.
+
The Client Tag Pattern
@@ -2429,14 +2510,13 @@ for details.
Clients can request tags to be set by using the CGI interface http://config.privoxy.org/show-client-tags.
+ url="http://config.privoxy.org/client-tags">http://config.privoxy.org/client-tags.
Example:
-
# If the admin defined the client-specific-tag circumvent-blocks,
# and the request comes from a client that previously requested
@@ -2449,7 +2529,8 @@ CLIENT-TAG:^circumvent-blocks$
# the previous one.
{+block{Nobody is supposed to request this.}}
example.org/blocked-example-page
-
+
+
@@ -2469,7 +2550,6 @@ example.org/blocked-example-page
following patterns, and -block means don't
block URLs that match the following patterns, even if +block
previously applied.
-
@@ -2485,18 +2565,15 @@ example.org/blocked-example-page
Actions fall into three categories:
-
Boolean, i.e the action can only be enabled or
disabled. Syntax:
-
+name # enable action name
-name # disable action name
-
Example: +handle-as-image
@@ -2508,12 +2585,10 @@ example.org/blocked-example-page
Parameterized, where some value is required in order to enable this type of action.
Syntax:
-
+name{param} # enable action and set parameter to param,
# overwriting parameter from previous match if necessary
-name # disable action. The parameter can be omitted
-
Note that if the URL matches multiple positive forms of a parameterized action,
the last match wins, i.e. the params from earlier matches are simply ignored.
@@ -2532,13 +2607,11 @@ example.org/blocked-example-page
that can be executed for the same request repeatedly, like adding multiple
headers, or filtering through multiple filters. Syntax:
-
+name{param} # enable action and add param to the list of parameters
-name{param} # remove the parameter param from the list of parameters
# If it was the last one left, disable the action.
-name # disable this action completely and remove all parameters from the list
-
Examples: +add-header{X-Fun-Header: Some text} and
+filter{html-annoyances}
@@ -2546,7 +2619,6 @@ example.org/blocked-example-page
-
If nothing is specified in any actions file, no actions are
@@ -2641,7 +2713,6 @@ example.org/blocked-example-page
Example usage:
- # Add a DNT ("Do not track") header to all requests,
# event to those that already have one.
#
@@ -2652,7 +2723,6 @@ example.org/blocked-example-page
# header may make user-tracking easier.
{+add-header{DNT: 1}}
/
-
@@ -2741,7 +2811,6 @@ example.org/blocked-example-page
Example usage (section):
- {+block{No nasty stuff for you.}}
# Block and replace with "blocked" page
.nasty-stuff.example.com
@@ -2754,7 +2823,6 @@ example.org/blocked-example-page
{+block{Layered ads.} +handle-as-empty-document}
# Block and then ignore
adserver.example.net/.*\.js$
-
@@ -2825,9 +2893,7 @@ example.org/blocked-example-page
Example usage:
- +change-x-forwarded-for{block}
-
@@ -2905,13 +2971,11 @@ example.org/blocked-example-page
Example usage (section):
-
# Hide Tor exit notation in Host and Referer Headers
{+client-header-filter{hide-tor-exit-notation}}
/
-
-
+
@@ -2980,7 +3044,6 @@ example.org/blocked-example-page
Example usage (section):
-
# Tag every request with the User-Agent header
{+client-header-tagger{user-agent}}
@@ -3004,9 +3067,8 @@ TAG:^User-Agent: RPM APT-HTTP/
TAG:^User-Agent: fetch libfetch/
TAG:^User-Agent: Ubuntu APT-HTTP/
TAG:^User-Agent: MPlayer/
-
-
-
+
+
# Tag all requests with the Range header set
{+client-header-tagger{range-requests}}
@@ -3020,8 +3082,21 @@ TAG:^User-Agent: MPlayer/
# parts of multimedia files.
{-filter -deanimate-gifs}
TAG:^RANGE-REQUEST$
-
-
+
+
+
+# Tag all requests with the client IP address
+#
+# (Technically the client IP address isn't included in the
+# client headers but client-header taggers can set it anyway.
+# For details see the tagger in default.filter)
+{+client-header-tagger{client-ip-address}}
+/
+
+# Change forwarding settings for requests coming from address 10.0.0.1
+{+forward-override{forward-socks5 127.0.1.2:2222 .}}
+TAG:^IP-ADDRESS: 10\.0\.0\.1$
+
@@ -3121,7 +3196,6 @@ TAG:^RANGE-REQUEST$
Example usage (sections):
- # Check if www.example.net/ really uses valid XHTML
{ +content-type-overwrite{application/xml} }
www.example.net/
@@ -3131,7 +3205,6 @@ www.example.net/
www.example.net/.*\.css$
www.example.net/.*style
-
@@ -3210,12 +3283,10 @@ new action
Example usage (section):
- # Block the non-existent "Privacy-Violation:" client header
{ +crunch-client-header{Privacy-Violation:} }
/
-
-
+
@@ -3292,14 +3363,13 @@ new action
Example usage (section):
- # Let the browser revalidate cached documents but don't
# allow the server to use the revalidation headers for user tracking.
{+hide-if-modified-since{-60} \
+overwrite-last-modified{randomize} \
+crunch-if-none-match}
-/
-
+/
+
@@ -3367,9 +3437,7 @@ new action
Example usage:
- +crunch-incoming-cookies
-
@@ -3446,11 +3514,10 @@ new action
Example usage (section):
- # Crunch server headers that try to prevent caching
{ +crunch-server-header{no-cache} }
-/
-
+/
+
@@ -3517,9 +3584,7 @@ new action
Example usage:
- +crunch-outgoing-cookies
-
@@ -3587,9 +3652,7 @@ new action
Example usage:
- +deanimate-gifs{last}
-
@@ -3659,10 +3722,8 @@ new action
Example usage (section):
- {+downgrade-http-version}
problem-host.example.com
-
@@ -3749,9 +3810,7 @@ problem-host.example.com
Example usage:
- +external-filter{fancy-filter}
-
@@ -3866,14 +3925,12 @@ problem-host.example.com
Example usage:
-
{ +fast-redirects{simple-check} }
one.example.com
{ +fast-redirects{check-decoded-url} }
another.example.com/testing
-
@@ -4015,112 +4072,112 @@ problem-host.example.com
- +filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse.
+ +filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse.
- +filter{js-events} # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).
+ +filter{js-events} # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).
- +filter{html-annoyances} # Get rid of particularly annoying HTML abuse.
+ +filter{html-annoyances} # Get rid of particularly annoying HTML abuse.
- +filter{content-cookies} # Kill cookies that come in the HTML or JS content.
+ +filter{content-cookies} # Kill cookies that come in the HTML or JS content.
- +filter{refresh-tags} # Kill automatic refresh tags if refresh time is larger than 9 seconds.
+ +filter{refresh-tags} # Kill automatic refresh tags if refresh time is larger than 9 seconds.
- +filter{unsolicited-popups} # Disable only unsolicited pop-up windows.
+ +filter{unsolicited-popups} # Disable only unsolicited pop-up windows.
- +filter{all-popups} # Kill all popups in JavaScript and HTML.
+ +filter{all-popups} # Kill all popups in JavaScript and HTML.
- +filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective.
+ +filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective.
- +filter{banners-by-size} # Kill banners by size.
+ +filter{banners-by-size} # Kill banners by size.
- +filter{banners-by-link} # Kill banners by their links to known clicktrackers.
+ +filter{banners-by-link} # Kill banners by their links to known clicktrackers.
- +filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking).
+ +filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking).
- +filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap.
+ +filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap.
- +filter{jumping-windows} # Prevent windows from resizing and moving themselves.
+ +filter{jumping-windows} # Prevent windows from resizing and moving themselves.
- +filter{frameset-borders} # Give frames a border and make them resizable.
+ +filter{frameset-borders} # Give frames a border and make them resizable.
- +filter{iframes} # Removes all detected iframes. Should only be enabled for individual sites.
+ +filter{iframes} # Removes all detected iframes. Should only be enabled for individual sites.
- +filter{demoronizer} # Fix MS's non-standard use of standard charsets.
+ +filter{demoronizer} # Fix MS's non-standard use of standard charsets.
- +filter{shockwave-flash} # Kill embedded Shockwave Flash objects.
+ +filter{shockwave-flash} # Kill embedded Shockwave Flash objects.
- +filter{quicktime-kioskmode} # Make Quicktime movies saveable.
+ +filter{quicktime-kioskmode} # Make Quicktime movies saveable.
- +filter{fun} # Text replacements for subversive browsing fun!
+ +filter{fun} # Text replacements for subversive browsing fun!
- +filter{crude-parental} # Crude parental filtering. Note that this filter doesn't work reliably.
+ +filter{crude-parental} # Crude parental filtering. Note that this filter doesn't work reliably.
- +filter{ie-exploits} # Disable some known Internet Explorer bug exploits.
+ +filter{ie-exploits} # Disable some known Internet Explorer bug exploits.
- +filter{site-specifics} # Cure for site-specific problems. Don't apply generally!
+ +filter{site-specifics} # Cure for site-specific problems. Don't apply generally!
- +filter{no-ping} # Removes non-standard ping attributes in <a> and <area> tags.
+ +filter{no-ping} # Removes non-standard ping attributes in <a> and <area> tags.
- +filter{google} # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.
+ +filter{google} # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.
- +filter{yahoo} # CSS-based block for Yahoo text ads. Also removes a width limitation.
+ +filter{yahoo} # CSS-based block for Yahoo text ads. Also removes a width limitation.
- +filter{msn} # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.
+ +filter{msn} # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.
- +filter{blogspot} # Cleans up some Blogspot blogs. Read the fine print before using this.
+ +filter{blogspot} # Cleans up some Blogspot blogs. Read the fine print before using this.
@@ -4190,11 +4247,9 @@ new action
Example usage:
-
+force-text-mode
-
-
+
@@ -4323,7 +4378,6 @@ new action
Example usage:
-
# Use an ssh tunnel for requests previously tagged as
# User-Agent: fetch libfetch/2.0 and make sure
@@ -4340,8 +4394,7 @@ new action
-overwrite-last-modified \
}
TAG:^User-Agent: fetch libfetch/2\.0$
-
-
+
@@ -4413,13 +4466,11 @@ new action
Example usage:
- # Block all documents on example.org that end with ".js",
# but send an empty document instead of the usual HTML message.
{+block{Blocked JavaScript} +handle-as-empty-document}
example.org/.*\.js$
-
-
+
@@ -4494,7 +4545,6 @@ example.org/.*\.js$
Example usage (sections):
- # Generic image extensions:
#
{+handle-as-image}
@@ -4506,7 +4556,6 @@ example.org/.*\.js$
{+block{Nasty banners.} +handle-as-image}
nasty-banner-server.example.com/junk.cgi\?output=trash
-
@@ -4586,13 +4635,12 @@ new action
Example usage (section):
- # Pretend to use Canadian language settings.
{+hide-accept-language{en-ca} \
+hide-user-agent{Mozilla/5.0 (X11; U; OpenBSD i386; en-CA; rv:1.8.0.4) Gecko/20060628 Firefox/1.5.0.4} \
}
-/
-
+/
+
@@ -4676,13 +4724,11 @@ new action
Example usage:
- # Disarm the download link in Sourceforge's patch tracker
{ -filter \
+content-type-overwrite{text/plain}\
+hide-content-disposition{block} }
.sourceforge.net/tracker/download\.php
-
@@ -4765,13 +4811,11 @@ new action
Example usage (section):
- # Let the browser revalidate but make tracking based on the time less likely.
{+hide-if-modified-since{-60} \
+overwrite-last-modified{randomize} \
+crunch-if-none-match}
/
-
@@ -4840,10 +4884,9 @@ new action
Example usage:
-
- +hide-from-header{block} or
+ +hide-from-header{block}
+ or+hide-from-header{spam-me-senseless@sittingduck.example.com}
-
@@ -4944,10 +4987,9 @@ new action
Example usage:
-
- +hide-referrer{forge} or
+ +hide-referrer{forge}
+ or+hide-referrer{http://www.yahoo.com/}
-
@@ -5026,9 +5068,7 @@ new action
Example usage:
- +hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}
-
@@ -5104,13 +5144,11 @@ new action
- +limit-connect{443} # Port 443 is OK.
+limit-connect{80,443} # Ports 80 and 443 are OK.
+limit-connect{-3, 7, 20-100, 500-} # Ports less than 3, 7, 20 to 100 and above 500 are OK.
+limit-connect{-} # All ports are OK
+limit-connect{,} # No HTTPS/SSL traffic is allowed
-
@@ -5195,10 +5233,7 @@ new action
Example usages:
-
- +limit-cookie-lifetime{60}
-
-
+ +limit-cookie-lifetime{60}
@@ -5284,7 +5319,6 @@ new action
Example usage (sections):
-
# Selectively turn off compression, and enable a filter
#
@@ -5303,7 +5337,6 @@ new action
#
{ -prevent-compression }
.compusa.com/
-
@@ -5395,13 +5428,11 @@ new action
Example usage:
- # Let the browser revalidate without being tracked across sessions
{ +hide-if-modified-since{-60} \
+overwrite-last-modified{randomize} \
+crunch-if-none-match}
/
-
@@ -5492,14 +5523,13 @@ new action
Example usages:
- # Replace example.com's style sheet with another one
{ +redirect{http://localhost/css-replacements/example.com.css} }
example.com/stylesheet\.css
# Create a short, easy to remember nickname for a favorite site
# (relies on the browser to accept and forward invalid URLs to &my-app;)
-{ +redirect{http://www.privoxy.org/user-manual/actions-file.html} }
+{ +redirect{https://www.privoxy.org/user-manual/actions-file.html} }
a
# Always use the expanded view for Undeadly.org articles
@@ -5533,7 +5563,6 @@ i[0-9][0-9][0-9][0-9]*/
# to the local version delivered by Privoxy
{+redirect{s@^http://www@http://config@}}
www.privoxy.org/user-manual/
-
@@ -5607,15 +5636,13 @@ www.privoxy.org/user-manual/
Example usage (section):
-
{+server-header-filter{html-to-xml}}
example.org/xml-instance-that-is-delivered-as-html
{+server-header-filter{xml-to-html}}
example.org/instance-that-is-delivered-as-xml-but-is-not
-
-
+
@@ -5692,7 +5719,6 @@ example.org/instance-that-is-delivered-as-xml-but-is-not
Example usage (section):
-
# Tag every request with the content type declared by the server
{+server-header-tagger{content-type}}
@@ -5705,8 +5731,7 @@ example.org/instance-that-is-delivered-as-xml-but-is-not
# silly example.
{+external-filter{rotate-image} +force-text-mode}
TAG:^image/
-
-
+
@@ -5799,9 +5824,7 @@ TAG:^image/
Example usage:
- +session-cookies-only
-
@@ -5901,21 +5924,15 @@ TAG:^image/
Built-in pattern:
- +set-image-blocker{pattern}
-
Redirect to the BSD daemon:
- +set-image-blocker{http://www.freebsd.org/gifs/dae_up3.gif}
-
Redirect to the built-in pattern for better caching:
- +set-image-blocker{http://config.privoxy.org/send-banner?type=pattern}
-
@@ -5982,7 +5999,6 @@ TAG:^image/
Now let's define some aliases...
-
# Useful custom aliases we can use later.
#
@@ -6010,7 +6026,6 @@ TAG:^image/
#
c0 = +crunch-all-cookies
c1 = -crunch-all-cookies
-
...and put them to use. These sections would appear in the lower part of an
@@ -6018,7 +6033,6 @@ TAG:^image/
up for the / pattern):
-
# These sites are either very complex or very keen on
# user data and require minimal interference to work:
@@ -6042,7 +6056,6 @@ TAG:^image/
{-filter{all-popups} -filter{unsolicited-popups}}
.dabs.com
.overclockers.co.uk
-
Aliases like shop and fragile are typically used for
@@ -6093,7 +6106,6 @@ hal stop here
multiple lines with line continuation.
-
{ \
+change-x-forwarded-for{block} \
@@ -6101,8 +6113,7 @@ hal stop here
+set-image-blocker{pattern} \
}
/ # Match all URLs
-
-
+
The default behavior is now set.
@@ -6129,14 +6140,12 @@ hal stop here
that prevents older &my-app; versions from reading the file:
-
##########################################################################
# Settings -- Don't change! For internal Privoxy use ONLY.
##########################################################################
{{settings}}
for-privoxy-version=3.0.11
-
After that comes the (optional) alias section. We'll use the example
@@ -6144,7 +6153,6 @@ for-privoxy-version=3.0.11
that also explains why and how aliases are used:
-
##########################################################################
# Aliases
@@ -6164,18 +6172,16 @@ for-privoxy-version=3.0.11
#
fragile = -block -filter -crunch-all-cookies -fast-redirects -hide-referrer
shop = -crunch-all-cookies -filter{all-popups}
-
The first of our specialized sections is concerned with fragile
sites, i.e. sites that require minimum interference, because they are either
very complex or very keen on tracking you (and have mechanisms in place that
- make them unusable for people who avoid being tracked). We will simply use
+ make them unusable for people who avoid being tracked). We will use
our pre-defined fragile alias instead of stating the list
of actions explicitly:
-
##########################################################################
# Exceptions for sites that'll break under the default action set:
@@ -6187,7 +6193,6 @@ for-privoxy-version=3.0.11
.office.microsoft.com # surprise, surprise!
.windowsupdate.microsoft.com
mail.google.com
-
Shopping sites are not as fragile, but they typically
@@ -6195,7 +6200,6 @@ mail.google.com
carts or item details. Again, we'll use a pre-defined alias:
-
# Shopping sites:
#
@@ -6204,7 +6208,6 @@ mail.google.com
.worldpay.com # for quietpc.com
.jungle.com
.scan.co.uk
-
The fast-redirects
@@ -6212,7 +6215,6 @@ mail.google.com
breaks some sites. So disable it for popular sites where we know it misbehaves:
-
{ -fast-redirects }
login.yahoo.com
@@ -6221,7 +6223,6 @@ edit.*.yahoo.com
.altavista.com/.*(like|url|link):http
.altavista.com/trans.*urltext=http
.nytimes.com
-
It is important that Privoxy knows which
@@ -6236,7 +6237,6 @@ edit.*.yahoo.com
good start:
-
##########################################################################
# Images:
@@ -6247,7 +6247,6 @@ edit.*.yahoo.com
#
{ +handle-as-image }
/.*\.(gif|jpe?g|png|bmp|ico)$
-
And then there are known banner sources. They often use scripts to
@@ -6264,7 +6263,6 @@ edit.*.yahoo.com
action before, it still applies and needn't be repeated:
-
# Known ad generators:
#
@@ -6276,7 +6274,6 @@ ar.atwola.com
.a[0-9].yimg.com/(?:(?!/i/).)*$
bs*.gsanet.com
.qkimg.net
-
One of the most important jobs of Privoxy
@@ -6296,7 +6293,6 @@ bs*.gsanet.com
to keep the example short:
-
##########################################################################
# Block these fine banners:
@@ -6315,12 +6311,11 @@ count*.
# Site-specific patterns (abbreviated):
#
.hitbox.com
-
It's quite remarkable how many advertisers actually call their banner
servers ads.company.com, or call the directory
- in which the banners are stored simply banners. So the above
+ in which the banners are stored literally banners. So the above
generic patterns are surprisingly effective.
@@ -6345,7 +6340,6 @@ count*.
with no block action applying.
-
##########################################################################
# Save some innocent victims of the above generic block patterns:
@@ -6369,7 +6363,6 @@ ad[ud]*. # (adult.* and add.*)
#
www.globalintersec.com/adv # (adv = advanced)
www.ugu.com/sui/ugu/adv
-
Filtering source code can have nasty side effects,
@@ -6379,7 +6372,6 @@ www.ugu.com/sui/ugu/adv
disables all filters in one fell swoop!
-
# Don't filter code!
#
@@ -6389,7 +6381,6 @@ bugzilla.
developer.
wiki.
.sourceforge.net
-
The actual default.action is of course much more
@@ -6423,10 +6414,8 @@ wiki.
-
# My user.action file. <fred@example.com>
-
As aliases are local to the actions
@@ -6434,7 +6423,6 @@ wiki.
default.action, unless you repeat them here:
-
# Aliases are local to the file they are defined in.
# (Re-)define aliases for this file:
@@ -6465,8 +6453,6 @@ allow-ads = -block -filter{banners-by-size} -filter{banners-by-link}
# MIME types. We want the browser to force these to be text documents.
handle-as-text = -filter +-content-type-overwrite{text/plain} +-force-text-mode -hide-content-disposition
-
-
Say you have accounts on some sites that you visit regularly, and
you don't want to have to log in manually each time. So you'd like
@@ -6476,30 +6462,25 @@ handle-as-text = -filter +-filter }
.your-home-banking-site.com
-
Some file types you may not want to filter for various reasons:
-
# Technical documentation is likely to contain strings that might
# erroneously get altered by the JavaScript-oriented filters:
@@ -6511,7 +6492,6 @@ handle-as-text = -filter +-block action. Say you've
@@ -6524,12 +6504,10 @@ stupid-server.example.com/
in default.action anyway:
-
{ +block{Nasty ads.} }
www.example.com/nasty-ads/sponsor\.gif
another.example.net/more/junk/here/
-
The URLs of dynamically generated banners, especially from large banner
@@ -6543,14 +6521,12 @@ stupid-server.example.com/
browser. Use cautiously.
-
{ +block-as-image }
.doubleclick.net
.fastclick.net
/Realmedia/ads/
ar.atwola.com/
-
Now you noticed that the default configuration breaks Forbes Magazine,
@@ -6564,13 +6540,11 @@ stupid-server.example.com/
that misbehave, and add those to our personalized list of troublemakers:
-
{ fragile }
.forbes.com
webmail.example.com
.mybank.com
-
You like the fun text replacements in default.filter,
@@ -6579,11 +6553,9 @@ stupid-server.example.com/
update-safe config, once and for all:
-
{ +filter{fun} }
/ # For ALL sites!
-
Note that the above is not really a good idea: There are exceptions
@@ -6600,13 +6572,11 @@ stupid-server.example.com/
sites that you feel provide value to you:
-
{ allow-ads }
.sourceforge.net
.slashdot.org
.osdn.net
-
Note that allow-ads has been aliased to
@@ -6622,11 +6592,9 @@ stupid-server.example.com/
it should I choose to.
-
{ handle-as-text }
/.*\.sh$
-user.action is generally the best place to define
@@ -6638,11 +6606,9 @@ stupid-server.example.com/
paths and patterns:
-
{ +set-image-blocker{blank} }
/ # ALL sites
-
@@ -6754,9 +6720,7 @@ stupid-server.example.com/
like this:
-FILTER: foo Replace all "foo" with "bar"
-
Below that line, and up to the next header line, come the jobs that
@@ -6776,8 +6740,10 @@ stupid-server.example.com/
The non-standard option letter D (dynamic) allows
to use the variables $host, $origin (the IP address the request came from),
- $path and $url. They will be replaced with the value they refer to before
- the filter is executed.
+ $path, $url and $listen-address (the address on which Privoxy accepted the
+ client request. Example: 127.0.0.1:8118).
+ They will be replaced with the value they refer to before the filter
+ is executed.
@@ -6820,9 +6786,7 @@ stupid-server.example.com/
needed:
-s/foo/bar/
-
But wait! Didn't the comment say that all occurrences
@@ -6831,17 +6795,14 @@ stupid-server.example.com/
we'll need to add the g option:
-s/foo/bar/g
-
Our complete filter now looks like this:
-
+
FILTER: foo Replace all "foo" with "bar"
s/foo/bar/g
-
Let's look at some real filters for more interesting examples. Here you see
@@ -6850,14 +6811,12 @@ s/foo/bar/g
-
FILTER: js-annoyances Get rid of particularly annoying JavaScript abuse
# Get rid of JavaScript referrer tracking. Test page: http://www.randomoddness.com/untitled.htm
#
s|(<script.*)document\.referrer(.*</script>)|$1"Not Your Business!"$2|Usg
-
Following the header line and a comment, you see the job. Note that it uses
@@ -6939,12 +6898,10 @@ s|(<script.*)document\.referrer(.*</script>)|$1"Not Your Business!"$2|U
this time only point out the constructs of special interest:
-
# The status bar is for displaying link targets, not pointless blahblah
#
s/window\.status\s*=\s*(['"]).*?\1/dUmMy=1/ig
-\s stands for whitespace characters (space, tab, newline,
@@ -6967,12 +6924,10 @@ s/window\.status\s*=\s*(['"]).*?\1/dUmMy=1/ig
you move your mouse over links.
-
# Kill OnUnload popups. Yummy. Test: http://www.zdnet.com/zdsubs/yahoo/tree/yfs.html
#
s/(<body [^>]*)onunload(.*>)/$1never$2/iU
-
Including the
@@ -6993,14 +6948,12 @@ s/(<body [^>]*)onunload(.*>)/$1never$2/iU
The last example is from the fun department:
-
FILTER: fun Fun text replacements
# Spice the daily news:
#
s/microsoft(?!\.com)/MicroSuck/ig
-
Note the (?!\.com) part (a so-called negative lookahead)
@@ -7010,7 +6963,6 @@ s/microsoft(?!\.com)/MicroSuck/ig
still replacing the word everywhere else.
-
# Buzzword Bingo (example for extended regex syntax)
#
@@ -7026,7 +6978,6 @@ s* industry[ -]leading \
| unrivalled \
*<font color="red"><b>BINGO!</b></font> \
*igx
-
The x option in this job turns on extended syntax, and allows for
@@ -7061,6 +7012,7 @@ pre-defined filters for your convenience:
The purpose of this filter is to get rid of particularly annoying JavaScript abuse.
To that end, it
+
@@ -7084,7 +7036,6 @@ pre-defined filters for your convenience:
-
Use with caution. This is an aggressive filter, and can break sites that
rely heavily on JavaScript.
@@ -7534,15 +7485,16 @@ pre-defined filters for your convenience:
External filters read the content from STDIN and write the rewritten
- content to STDOUT. The environment variables PRIVOXY_URL, PRIVOXY_PATH,
- PRIVOXY_HOST, PRIVOXY_ORIGIN can be used to get some details about the
- client request.
+ content to STDOUT.
+ The environment variables PRIVOXY_URL, PRIVOXY_PATH, PRIVOXY_HOST,
+ PRIVOXY_ORIGIN, PRIVOXY_LISTEN_ADDRESS can be used to get some details
+ about the client request.
&my-app; will temporary store the content to filter in the
temporary-directory.
-
+
EXTERNAL-FILTER: cat Pointless example filter that doesn't actually modify the content
/bin/cat
@@ -7568,7 +7520,6 @@ EXTERNAL-FILTER: rotate-image Rotate an image by 180 degree. Test filter with li
EXTERNAL-FILTER: citation-needed Adds a "[citation needed]" tag to an image. The coordinates may need adjustment.
/usr/local/bin/convert - -pointsize 16 -fill white -annotate +17+418 "[citation needed]" -
-
@@ -7641,14 +7592,12 @@ EXTERNAL-FILTER: citation-needed Adds a "[citation needed]" tag to an image. The
is in an alpha or beta development stage:
-
<!-- @if-unstable-start -->
... beta warning HTML code goes here ...
<!-- if-unstable-end@ -->
-
If the "unstable" symbol is set, everything in between and including
@@ -7656,9 +7605,7 @@ EXTERNAL-FILTER: citation-needed Adds a "[citation needed]" tag to an image. The
will disappear, leaving nothing but an empty comment:
-<!-- -->
-
There's also an if-then-else construct and an #include
@@ -7711,9 +7658,8 @@ Requests
License
-
+
-
@@ -7802,35 +7748,35 @@ Requests
and then some examples:
-
+. - Matches any single character, e.g. a,
A, 4, :, or @.
-
+
-
+? - The preceding character or expression is matched ZERO or ONE
times. Either/or.
-
+
-
++ - The preceding character or expression is matched ONE or MORE
times.
-
+
-
+* - The preceding character or expression is matched ZERO or MORE
times.
-
+
-
+\ - The escape character denotes that
the following character should be taken literally. This is used where one of the
@@ -7839,25 +7785,25 @@ Requests
sure the period is recognized only as a period (and not expanded to its
meta-character meaning of any single character).
-
+
-
+[ ] - Characters enclosed in brackets will be matched if
any of the enclosed characters are encountered. For instance, [0-9]
matches any numeric digit (zero through nine). As an example, we can combine
this with + to match any digit one of more times: [0-9]+.
-
+
-
+( ) - parentheses are used to group a sub-expression,
or multiple sub-expressions.
-
+
-
+| - The bar character works like an
or conditional statement. A match is successful if the
@@ -7866,7 +7812,7 @@ Requests
and would match either this example or that
example, and nothing else.
-
+
These are just some of the ones you are likely to use when matching URLs with
@@ -7994,7 +7940,6 @@ Requests
rules and other configuration options, and even turn
Privoxy's filtering off, all with
a web browser.
-
@@ -8005,7 +7950,6 @@ Requests
necessary either.
-
@@ -8097,7 +8041,6 @@ Requests
-
@@ -8111,7 +8054,6 @@ Requests
page is requested by your browser:
-
@@ -8220,7 +8162,7 @@ Requests
-
+
NOTE: This is somewhat of a simplistic overview of what happens with each URL
request. For the sake of brevity and simplicity, we have focused on
@@ -8293,7 +8235,6 @@ Requests
configuration may vary):
-
Matches for http://www.google.com:
@@ -8323,7 +8264,6 @@ Requests
In file: user.action [ View ][ Edit ]
(no matches in this file)
-
This is telling us how we have defined our
@@ -8379,12 +8319,9 @@ In file: user.action [ View ][ Edit ]Privoxy is applying all its actions
to google.com:
-
-
-
Final results:
-add-header
@@ -8442,8 +8379,8 @@ In file: user.action [ View ][ Edit ]
-
+ +set-image-blocker {pattern}
+
Notice the only difference here to the previous listing, is to
@@ -8456,9 +8393,7 @@ In file: user.action [ View ][ Edit ]ad.doubleclick.net:
-
-
{ +block{Domains starts with "ad"} }
ad*.
@@ -8468,7 +8403,6 @@ In file: user.action [ View ][ Edit ]
-
We'll just show the interesting part here - the explicit matches. It is
@@ -8500,9 +8434,7 @@ In file: user.action [ View ][ Edit ]
-
-
Matches for http://www.example.net/adsl/HOWTO/:
In file: default.action [ View ][ Edit ]
@@ -8566,7 +8498,6 @@ In file: user.action [ View ][ Edit ]
-
Ooops, the /adsl/ is matching /ads in our
@@ -8582,13 +8513,10 @@ In file: user.action [ View ][ Edit ]
-
-
{ -block }
/adsl
-
Now the page displays ;-)
@@ -8602,13 +8530,10 @@ In file: user.action [ View ][ Edit ]
-
-
{ +block{Path starts with "ads".} +handle-as-image }
/ads
-
That actually was very helpful and pointed us quickly to where the problem
@@ -8622,9 +8547,7 @@ In file: user.action [ View ][ Edit ]+filter:
-
-
{ shop }
.quietpc.com
.worldpay.com # for quietpc.com
@@ -8632,25 +8555,20 @@ In file: user.action [ View ][ Edit ]
-{ shop } is an alias that expands to
{ -filter -session-cookies-only }.
Or you could do your own exception to negate filtering:
-
-
-
{ -filter }
# Disable ALL filter actions for sites in this section
.forbes.com
developer.ibm.com
localhost
-
This would turn off all filtering for these sites. This is best
@@ -8673,14 +8591,12 @@ In file: user.action [ View ][ Edit ]
-
-
+
{ fragile }
# Handle with care: easy to break
mail.google.
mybank.example.com
-