X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fwebserver%2Fuser-manual%2Factions-file.html;h=da04b8a36692f49521bd482471b975735d0fffcb;hp=48968c4cbbc9025caae2a8d19f4c33148be6e60a;hb=a034442e634c7b54d3dfe42c1a53234f3369b091;hpb=d5bba1fd0bce2185b191b7a8280cae9a62c829d6 diff --git a/doc/webserver/user-manual/actions-file.html b/doc/webserver/user-manual/actions-file.html index 48968c4c..da04b8a3 100644 --- a/doc/webserver/user-manual/actions-file.html +++ b/doc/webserver/user-manual/actions-file.html @@ -73,7 +73,7 @@

The default profiles, and their associated actions, as pre-defined in default.action are:

- +

Table 1. Default Configurations

@@ -394,6 +394,9 @@

While flexible, this is not the sophistication of full regular expression based syntax.

+

When compiled with FEATURE_PCRE_HOST_PATTERNS patterns can be prefixed with "PCRE-HOST-PATTERN:" in which case full regular expression (PCRE) can be used for the host + pattern as well.

8.4.2. The Path Pattern

@@ -1524,7 +1527,7 @@ problem-host.example.com

To detect a redirection URL, fast-redirects only looks for the string "http://", either in plain text (invalid but often used) or encoded as "http%3a//". Some sites use their own URL encoding scheme, encrypt the address - of the target server or replace it with a database id. In theses cases fast-redirects is fooled and the request reaches the redirection server where it probably gets logged.

@@ -1622,8 +1625,8 @@ problem-host.example.com
- 
-                    +filter{js-annoyances}       # Get rid of particularly annoying JavaScript abuse.
+ 
+filter{js-annoyances}       # Get rid of particularly annoying JavaScript abuse.
@@ -1631,8 +1634,8 @@ problem-host.example.com
- 
-                    +filter{js-events}           # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).
+ 
+filter{js-events}           # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).
@@ -1640,8 +1643,8 @@ problem-host.example.com
- 
-                    +filter{html-annoyances}     # Get rid of particularly annoying HTML abuse.
+ 
+filter{html-annoyances}     # Get rid of particularly annoying HTML abuse.
@@ -1649,8 +1652,8 @@ problem-host.example.com
- 
-                    +filter{content-cookies}     # Kill cookies that come in the HTML or JS content.
+ 
+filter{content-cookies}     # Kill cookies that come in the HTML or JS content.
@@ -1658,8 +1661,8 @@ problem-host.example.com
- 
-                    +filter{refresh-tags}        # Kill automatic refresh tags if refresh time is larger than 9 seconds.
+ 
+filter{refresh-tags}        # Kill automatic refresh tags if refresh time is larger than 9 seconds.
@@ -1683,8 +1686,8 @@ problem-host.example.com
- 
-                    +filter{img-reorder}         # Reorder attributes in <img> tags to make the banners-by-* filters more effective.
+ 
+filter{img-reorder}         # Reorder attributes in <img> tags to make the banners-by-* filters more effective.
@@ -1700,8 +1703,8 @@ problem-host.example.com
- 
-                    +filter{banners-by-link}     # Kill banners by their links to known clicktrackers.
+ 
+filter{banners-by-link}     # Kill banners by their links to known clicktrackers.
@@ -1709,8 +1712,8 @@ problem-host.example.com
- 
-                    +filter{webbugs}             # Squish WebBugs (1x1 invisible GIFs used for user tracking).
+ 
+filter{webbugs}             # Squish WebBugs (1x1 invisible GIFs used for user tracking).
@@ -1718,8 +1721,8 @@ problem-host.example.com
- 
-                    +filter{tiny-textforms}      # Extend those tiny textareas up to 40x80 and kill the hard wrap.
+ 
+filter{tiny-textforms}      # Extend those tiny textareas up to 40x80 and kill the hard wrap.
@@ -1727,8 +1730,8 @@ problem-host.example.com
- 
-                    +filter{jumping-windows}     # Prevent windows from resizing and moving themselves.
+ 
+filter{jumping-windows}     # Prevent windows from resizing and moving themselves.
@@ -1736,8 +1739,8 @@ problem-host.example.com
- 
-                    +filter{frameset-borders}    # Give frames a border and make them resizable.
+ 
+filter{frameset-borders}    # Give frames a border and make them resizable.
@@ -1745,8 +1748,8 @@ problem-host.example.com
- 
-                    +filter{iframes}             # Removes all detected iframes. Should only be enabled for individual sites.
+ 
+filter{iframes}             # Removes all detected iframes. Should only be enabled for individual sites.
@@ -1754,8 +1757,8 @@ problem-host.example.com
- 
-                    +filter{demoronizer}         # Fix MS's non-standard use of standard charsets.
+ 
+filter{demoronizer}         # Fix MS's non-standard use of standard charsets.
@@ -1779,8 +1782,8 @@ problem-host.example.com
- 
-                    +filter{fun}                 # Text replacements for subversive browsing fun!
+ 
+filter{fun}                 # Text replacements for subversive browsing fun!
@@ -1788,8 +1791,8 @@ problem-host.example.com
- 
-                    +filter{crude-parental}      # Crude parental filtering. Note that this filter doesn't work reliably.
+ 
+filter{crude-parental}      # Crude parental filtering. Note that this filter doesn't work reliably.
@@ -1797,8 +1800,8 @@ problem-host.example.com
- 
-                    +filter{ie-exploits}         # Disable some known Internet Explorer bug exploits.
+ 
+filter{ie-exploits}         # Disable some known Internet Explorer bug exploits.
@@ -1806,8 +1809,8 @@ problem-host.example.com
- 
-                    +filter{site-specifics}      # Cure for site-specific problems. Don't apply generally!
+ 
+filter{site-specifics}      # Cure for site-specific problems. Don't apply generally!
@@ -1815,8 +1818,8 @@ problem-host.example.com
- 
-                    +filter{no-ping}             # Removes non-standard ping attributes in <a> and <area> tags.
+ 
+filter{no-ping}             # Removes non-standard ping attributes in <a> and <area> tags.
@@ -1824,8 +1827,8 @@ problem-host.example.com
- 
-                    +filter{google}              # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.
+ 
+filter{google}              # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.
@@ -1833,8 +1836,8 @@ problem-host.example.com
- 
-                    +filter{yahoo}               # CSS-based block for Yahoo text ads. Also removes a width limitation.
+ 
+filter{yahoo}               # CSS-based block for Yahoo text ads. Also removes a width limitation.
@@ -1842,8 +1845,8 @@ problem-host.example.com
- 
-                    +filter{msn}                 # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.
+ 
+filter{msn}                 # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.
@@ -1851,8 +1854,8 @@ problem-host.example.com
- 
-                    +filter{blogspot}            # Cleans up some Blogspot blogs. Read the fine print before using this.
+ 
+filter{blogspot}            # Cleans up some Blogspot blogs. Read the fine print before using this.
@@ -2499,7 +2502,100 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
-

8.5.28. limit-connect

+

8.5.28. https-inspection

+
+
+
Typical use:
+
+

Filter encrypted requests and responses

+
+
Effect:
+
+

Encrypted requests are decrypted, filtered and forwarded encrypted.

+
+
Type:
+
+

Boolean.

+
+
Parameter:
+
+

N/A

+
+
Notes:
+
+

This action allows Privoxy to filter encrypted requests and + responses. For this to work Privoxy has to generate a certificate and + send it to the client which has to accept it.

+

Before this works the directives in the TLS section of the config file have to be configured.

+

Note that the action has to be enabled based on the CONNECT request which doesn't contain a path. + Enabling it based on a pattern with path doesn't work as the path is only seen by Privoxy if the action is already enabled.

+

This is an experimental feature.

+
+
Example usage (section):
+
+ + + + +
+ 
{+https-inspection}
+www.example.com
+
+
+
+
+
+
+

8.5.29. + ignore-certificate-errors

+
+
+
Typical use:
+
+

Filter encrypted requests and responses without verifying the certificate

+
+
Effect:
+
+

Encrypted requests are forwarded to sites without verifying the certificate.

+
+
Type:
+
+

Boolean.

+
+
Parameter:
+
+

N/A

+
+
Notes:
+
+

When the "+https-inspection" action is used Privoxy by default + verifies that the remote site uses a valid certificate.

+

If the certificate can't be validated by Privoxy the connection is + aborted.

+

This action disables the certificate check so requests to sites with certificates that can't be + validated are allowed.

+

Note that enabling this action allows Man-in-the-middle attacks.

+
+
Example usage:
+
+ + + + +
+ 
    {+ignore-certificate-errors}
+    www.example.org
+
+
+
+
+
+
+
+

8.5.30. limit-connect

Typical use:
@@ -2551,7 +2647,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
-

8.5.29. +

8.5.31. limit-cookie-lifetime

@@ -2603,7 +2699,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash

-

8.5.30. prevent-compression

+

8.5.32. prevent-compression

Typical use:
@@ -2641,8 +2737,9 @@ nasty-banner-server.example.com/junk.cgi\?output=trash action settings.

Note that some (rare) ill-configured sites don't handle requests for uncompressed documents correctly. Broken PHP applications tend to send an empty document body, some IIS versions only send the beginning of - the content. If you enable prevent-compression per default, you might want to - add exceptions for those sites. See the example for how to do that.

+ the content and some content delivery networks let the connection time out. If you enable prevent-compression per default, you might want to add exceptions for those sites. See the + example for how to do that.

Example usage (sections):
@@ -2674,7 +2771,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
-

8.5.31. +

8.5.33. overwrite-last-modified

@@ -2736,7 +2833,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash

-

8.5.32. redirect

+

8.5.34. redirect

Typical use:
@@ -2828,7 +2925,7 @@ www.privoxy.org/user-manual/
-

8.5.33. +

8.5.35. server-header-filter

@@ -2878,7 +2975,7 @@ example.org/instance-that-is-delivered-as-xml-but-is-not

-

8.5.34. +

8.5.36. server-header-tagger

@@ -2935,7 +3032,7 @@ TAG:^image/

-

8.5.35. +

8.5.37. session-cookies-only

@@ -2997,7 +3094,7 @@ TAG:^image/

-

8.5.36. set-image-blocker

+

8.5.38. set-image-blocker

Typical use:
@@ -3086,7 +3183,7 @@ TAG:^image/
-

8.5.37. Summary

+

8.5.39. Summary

Note that many of these actions have the potential to cause a page to misbehave, possibly even not to display at all. There are many ways a site designer may choose to design his site, and what HTTP header content, and other criteria, he may depend on. There is no way to have hard and fast rules for all sites. See