X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fwebserver%2Fuser-manual%2Factions-file.html;h=c9652e6cdb4045d64145f558ab78ff777b924876;hp=3c82adf592f3d7272ff6e04e4bed0d38b15823d8;hb=e1cb1adbdddac3bd536132926479436743fe46a0;hpb=b47cbf4db0d9e96ddba749f3b44e714f7288443b diff --git a/doc/webserver/user-manual/actions-file.html b/doc/webserver/user-manual/actions-file.html index 3c82adf5..c9652e6c 100644 --- a/doc/webserver/user-manual/actions-file.html +++ b/doc/webserver/user-manual/actions-file.html @@ -6,7 +6,7 @@ Actions Files - + @@ -21,7 +21,7 @@ - + @@ -117,7 +117,7 @@ in default.action are:

- +

Table 1. Default Configurations

@@ -314,7 +314,7 @@ actions.

-

8.1. Finding the Right +

8.1. Finding the Right Mix

Note that some actions, like @@ -339,7 +339,7 @@

-

8.2. How to +

8.2. How to Edit

The easiest way to edit the actions files is with a browser by using @@ -430,8 +430,8 @@ and potentially match against many similar patterns.

Generally, an URL pattern has the form <domain><port>/<path>, where the - <domain>, the <host><port>/<path>, where the + <host>, the <port> and the <path> are optional. (This is why the special / pattern matches all URLs). Note that the @@ -440,15 +440,15 @@ "EMPHASIS">not be included in the pattern. This is assumed already!

-

The pattern matching syntax is different for the domain and path - parts of the URL. The domain part uses a simple globbing type matching +

The pattern matching syntax is different for the host and path parts + of the URL. The host part uses a simple globbing type matching technique, while the path part uses more flexible "Regular Expressions" (POSIX 1003.2).

The port part of a pattern is a decimal port number preceded by a - colon (:). If the domain part contains a + colon (:). If the host part contains a numerical IPv6 address, it has to be put into angle brackets (<, >).

@@ -457,7 +457,7 @@
www.example.com/
-

is a domain-only pattern and will match any request to +

is a host-only pattern and will match any request to www.example.com, regardless of which document on that server is requested. So ALL pages in this domain would be covered by the scope of this action. Note that a simple @@ -468,7 +468,7 @@

www.example.com
-

means exactly the same. For domain-only patterns, the trailing +

means exactly the same. For host-only patterns, the trailing / may be omitted.

@@ -510,6 +510,14 @@

Matches any URL pointing to TCP port 8000.

+
10.0.0.1/
+ +
+

Matches any URL with the host address 10.0.0.1. (Note that the real URL uses plain + brackets, not angle brackets.)

+
+
<2001:db8::1>/
@@ -529,12 +537,14 @@

-

8.4.1. The Domain - Pattern

+

8.4.1. The + Host Pattern

-

The matching of the domain part offers some flexible options: if - the domain starts or ends with a dot, it becomes unanchored at that - end. For example:

+

The matching of the host part offers some flexible options: if the + host pattern starts or ends with a dot, it becomes unanchored at that + end. The host pattern is often referred to as domain pattern as it is + usually used to match domain names and not IP addresses. For + example:

@@ -634,7 +644,7 @@
-

8.4.2. The Path +

8.4.2. The Path Pattern

Privoxy uses

+ +
+

8.4.4. The Negative Tag Patterns

+ +

To match requests that do not have a certain tag, specify a + negative tag pattern by prefixing the tag pattern line with either + "NO-REQUEST-TAG:" or "NO-RESPONSE-TAG:" instead of "TAG:".

+ +

Negative tag patterns created with "NO-REQUEST-TAG:" are checked after all client headers + are scanned, the ones created with "NO-RESPONSE-TAG:" are checked after all server + headers are scanned. In both cases all the created tags are + considered.

+
@@ -1971,9 +1999,104 @@ problem-host.example.com
+
+

8.5.14. external-filter

+ +
+
+
Typical use:
+ +
+

Modify content using a programming language of your + choice.

+
+ +
Effect:
+ +
+

All instances of text-based type, most notably HTML and + JavaScript, to which this action applies, can be filtered + on-the-fly through the specified external filter. By default + plain text documents are exempted from filtering, because web + servers often use the text/plain MIME + type for all files whose type they don't know.)

+
+ +
Type:
+ +
+

Parameterized.

+
+ +
Parameter:
+ +
+

The name of an external content filter, as defined in the + filter file. External filters + can be defined in one or more files as defined by the + filterfile option in the + config file.

+ +

When used in its negative form, and without parameters, + all + filtering with external filters is completely disabled.

+
+ +
Notes:
+ +
+

External filters are scripts or programs that can modify the + content in case common filters aren't powerful + enough. With the exception that this action doesn't use + pcrs-based filters, the notes in the filter + section apply.

+ +
+
Privoxy 3.0.20 User ManualPrivoxy 3.0.22 User Manual
+ + + + + + + +
Warning
+

Currently external filters are executed with + Privoxy's privileges. + Only use external filters you understand and trust.

+
+ + +

This feature is experimental, the syntax may + change in the future.

+ + +
Example usage:
+ +
+ + + + +
+ 
++external-filter{fancy-filter}
+
+
+
+ + + +

8.5.14. fast-redirects

+ "FAST-REDIRECTS">8.5.15. fast-redirects
@@ -2095,7 +2218,7 @@ problem-host.example.com
-

8.5.15. +

8.5.16. filter

@@ -2241,7 +2364,7 @@ problem-host.example.com 
-+filter{js-events}           # Kill all JS event bindings and timers (Radically destructive! Only for extra nasty sites).
++filter{js-events}           # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).
@@ -2280,7 +2403,7 @@ problem-host.example.com 
-+filter{refresh-tags}        # Kill automatic refresh tags (for dial-on-demand setups).
++filter{refresh-tags}        # Kill automatic refresh tags if refresh time is larger than 9 seconds.
@@ -2293,7 +2416,7 @@ problem-host.example.com 
-+filter{unsolicited-popups}  # Disable only unsolicited pop-up windows. Useful if your browser lacks this ability.
++filter{unsolicited-popups}  # Disable only unsolicited pop-up windows.
@@ -2305,7 +2428,7 @@ problem-host.example.com 
-+filter{all-popups}          # Kill all popups in JavaScript and HTML. Useful if your browser lacks this ability.
++filter{all-popups}          # Kill all popups in JavaScript and HTML.
@@ -2401,6 +2524,18 @@ problem-host.example.com +

+ + + + + +
+ 
++filter{iframes}             # Removes all detected iframes. Should only be enabled for individual sites.
+
+
+

@@ -2557,7 +2692,7 @@ problem-host.example.com

8.5.16. force-text-mode

+ "FORCE-TEXT-MODE">8.5.17. force-text-mode

@@ -2638,7 +2773,7 @@ problem-host.example.com

8.5.17. forward-override

+ "FORWARD-OVERRIDE">8.5.18. forward-override
@@ -2727,7 +2862,9 @@ problem-host.example.com

If the ports are missing or invalid, default values will be used. This might change in the future and you shouldn't rely on it. Otherwise incorrect syntax causes - Privoxy to exit.

+ Privoxy to exit. Due to design limitations, invalid + parameter syntax isn't detected until the action is + used the first time.

Use the 

-# Always use direct connections for requests previously tagged as
+# Use an ssh tunnel for requests previously tagged as
 # "User-Agent: fetch libfetch/2.0" and make sure
 # resuming downloads continues to work.
+#
 # This way you can continue to use Tor for your normal browsing,
 # without overloading the Tor network with your FreeBSD ports updates
 # or downloads of bigger files like ISOs.
+#
 # Note that HTTP headers are easy to fake and therefore their
 # values are as (un)trustworthy as your clients and users.
-{+forward-override{forward .} \
+{+forward-override{forward-socks5 10.0.0.2:2222 .} \
  -hide-if-modified-since      \
  -overwrite-last-modified     \
 }
@@ -2771,7 +2910,7 @@ TAG:^User-Agent: fetch libfetch/2\.0$
 
       

         
8.5.18. handle-as-empty-document

+        "HANDLE-AS-EMPTY-DOCUMENT">8.5.19. handle-as-empty-document
 
         

           

@@ -2849,7 +2988,7 @@ example.org/.*\.js$
 
       

         
8.5.19. handle-as-image

+        "HANDLE-AS-IMAGE">8.5.20. handle-as-image
 
         

           

@@ -2938,7 +3077,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
 
       

         
8.5.20. hide-accept-language

+        "HIDE-ACCEPT-LANGUAGE">8.5.21. hide-accept-language
 
         

           

@@ -3018,7 +3157,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
 
       

         
8.5.21. hide-content-disposition

+        "HIDE-CONTENT-DISPOSITION">8.5.22. hide-content-disposition
 
         

           

@@ -3104,7 +3243,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
 
       

         
8.5.22. hide-if-modified-since

+        "HIDE-IF-MODIFIED-SINCE">8.5.23. hide-if-modified-since
 
         

           

@@ -3191,7 +3330,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
 
       

         
8.5.23. hide-from-header

+        "HIDE-FROM-HEADER">8.5.24. hide-from-header
 
         

           

@@ -3266,7 +3405,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
       

 
       

-        
8.5.24.
+        
8.5.25.
         hide-referrer

 
         

@@ -3386,7 +3525,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
 
       

         
8.5.25. hide-user-agent

+        "HIDE-USER-AGENT">8.5.26. hide-user-agent

 
         

           

@@ -3475,7 +3614,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
       

 
       

-        
8.5.26.
+        
8.5.27.
         limit-connect

 
         

@@ -3556,7 +3695,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
 
       

         
8.5.27. limit-cookie-lifetime

+        "LIMIT-COOKIE-LIFETIME">8.5.28. limit-cookie-lifetime

 
         

           

@@ -3638,7 +3777,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
 
       

         
8.5.28. prevent-compression

+        "PREVENT-COMPRESSION">8.5.29. prevent-compression
 
         

           

@@ -3742,7 +3881,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
 
       

         
8.5.29. overwrite-last-modified

+        "OVERWRITE-LAST-MODIFIED">8.5.30. overwrite-last-modified
 
         

           

@@ -3838,7 +3977,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
       

 
       

-        
8.5.30.
+        
8.5.31.
         redirect

 
         

@@ -3880,11 +4019,15 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
               
The syntax for pcrs commands is documented in the filter file section.

 
-              
This action will be ignored if you use it together with
-              block. It can be combined
-              with fast-redirects{check-decoded-url}
+              
Requests can't be blocked and redirected at the same time,
+              applying this action together with block is a configuration
+              error. Currently the request is blocked and an error message
+              logged, the behavior may change in the future and result in
+              Privoxy rejecting the action file.

+
+              
This action can be combined with fast-redirects{check-decoded-url}
               to redirect to a decoded version of a rewritten URL.

 
               
Use this action carefully, make sure not to create
@@ -3908,7 +4051,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
  example.com/stylesheet\.css
 
 # Create a short, easy to remember nickname for a favorite site
-# (relies on the browser accept and forward invalid URLs to Privoxy)
 { +redirect{http://www.privoxy.org/user-manual/actions-file.html} }
  a
@@ -3927,6 +4070,19 @@ undeadly.org/cgi\?action=article&sid=\d*$
 {+redirect{s@^http://[^/]*/results\.aspx\?q=([^&]*).*@http://search.yahoo.com/search?p=$1@}}
 search.msn.com//results\.aspx\?q=
 
+# Redirect http://example.com/&bla=fasel&toChange=foo (and any other value but "bar")
+# to       http://example.com/&bla=fasel&toChange=bar
+#
+# The URL pattern makes sure that the following request isn't redirected again.
+{+redirect{s@toChange=[^&]+@toChange=bar@}}
+example.com/.*toChange=(?!bar)
+
+# Add a shortcut to look up illumos bugs
+{+redirect{s@^http://i([0-9]+)/.*@https://www.illumos.org/issues/$1@}}
+# Redirected URL = http://i4974/
+# Redirect Destination = https://www.illumos.org/issues/4974
+i[0-9][0-9][0-9][0-9]*/
+
 # Redirect remote requests for this manual
 # to the local version delivered by Privoxy
 {+redirect{s@^http://www@http://config@}}
@@ -3942,7 +4098,7 @@ www.privoxy.org/user-manual/
 
       

         
8.5.31. server-header-filter

+        "SERVER-HEADER-FILTER">8.5.32. server-header-filter

 
         

           

@@ -4014,7 +4170,7 @@ example.org/instance-that-is-delivered-as-xml-but-is-not
 
       

         
8.5.32. server-header-tagger

+        "SERVER-HEADER-TAGGER">8.5.33. server-header-tagger
 
         

           

@@ -4076,6 +4232,15 @@ example.org/instance-that-is-delivered-as-xml-but-is-not
 {+server-header-tagger{content-type}}
 /
 
+# If the response has a tag starting with 'image/' enable an external
+# filter that only applies to images.
+#
+# Note that the filter is not available by default, it's just a
+# silly example.
+{+external-filter{rotate-image} +force-text-mode}
+TAG:^image/
+
@@ -4087,7 +4252,7 @@ example.org/instance-that-is-delivered-as-xml-but-is-not

8.5.33. session-cookies-only

+ "SESSION-COOKIES-ONLY">8.5.34. session-cookies-only
@@ -4185,7 +4350,7 @@ example.org/instance-that-is-delivered-as-xml-but-is-not

8.5.34. set-image-blocker

+ "SET-IMAGE-BLOCKER">8.5.35. set-image-blocker
@@ -4324,7 +4489,7 @@ example.org/instance-that-is-delivered-as-xml-but-is-not
-

8.5.35. +

8.5.36. Summary

Note that many of these actions have the potential to cause a page @@ -4483,7 +4648,7 @@ example.org/instance-that-is-delivered-as-xml-but-is-not together:

-

8.7.1. +

8.7.1. match-all.action

Remember all actions @@ -4532,7 +4697,7 @@ example.org/instance-that-is-delivered-as-xml-but-is-not

-

8.7.2. +

8.7.2. default.action

If you aren't a developer, there's no need for you to edit the @@ -4875,7 +5040,7 @@ wiki.

-

8.7.3. +

8.7.3. user.action

So far we are painting with a broad brush by setting general