X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fwebserver%2Fuser-manual%2Fappendix.html;h=c3f69d72dbf7fd15813a7a23f202c8815710a6da;hp=5206ae5e240917a67842e85de37c42e0701eaa6f;hb=3db7a58b2bbed7b6356b2a0600e93ec4f2846499;hpb=0a3750f6302df8349b5be2e15a9a4fefe3c35889 diff --git a/doc/webserver/user-manual/appendix.html b/doc/webserver/user-manual/appendix.html index 5206ae5e..c3f69d72 100644 --- a/doc/webserver/user-manual/appendix.html +++ b/doc/webserver/user-manual/appendix.html @@ -1,20 +1,25 @@ +
Privoxy User Manual | Privoxy 3.0.17 User Manual|||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Prev | 11. Appendix14. Appendix 11.1. Regular Expressions14.1. Regular Expressions Privoxy can use uses Perl-style "regular expressions" - in various config files. Assuming support for "pcre" (Perl - Compatible Regular Expressions) is compiled in, which is the default. Such - configuration directives do not require regular expressions, but they can be - used to increase flexibility by matching a pattern with wild-cards against - URLs. "regular + expressions" in its actions + files and filter file, + through the PCRE and + PCRS libraries.If you are reading this, you probably don't understand what "regular expressions" are, or what they can do. So this will be a very brief - introduction only. A full explanation would require a book ;-) book ;-)Regular expressions provide a language to describe patterns that can be + run against strings of characters (letter, numbers, etc), to see if they + match the string or not. The patterns are themselves (sometimes complex) + strings of literal characters, combined with wild-cards, and other special + characters, called meta-characters. The "Regular expressions" is a way of matching one character - expression against another to see if it matches or not. One of the +>"meta-characters" have + special meanings and are used to build complex patterns to be matched against. + Perl Compatible Regular Expressions are an especially convenient "expressions" is a literal string of readable characters - (letter, numbers, etc), and the other is a complex string of literal - characters combined with wild-cards, and other special characters, called - meta-characters. The "meta-characters" have special meanings and - are used to build the complex pattern to be matched against. Perl Compatible - Regular Expressions is an enhanced form of the regular expression language - with backward compatibility. "dialect" of the regular expression language. To make a simple analogy, we do something similar when we use wild-card
characters when listing files with the These are just some of the ones you are likely to use when matching URLs with
/.*/banners/.* - A simple example
that uses the common combination of in the path
somewhere. A now something a little more complex: /.*/adv((er)?ts?|ertis(ing|ements?))?/ -
We have several literal forward slashes again (".*", so we are matching against any conceivable sub-path, just so
- it matches our expression. The only true literal that must
match our pattern is adv"ing"
- OR "ements?", which would then match
either spelling. /.*/advert[0-9]+\.(gif|jpe?g) - Again
another path statement with forward slashes. Anything in the square brackets
"[]""[ ]" can be matched. This is using "0-9" is not
in the expression anywhere). s/microsoft(?!.com)/MicroSuck/i - This is
- a substitution. "MicroSuck" will replace any occurrence of
- "microsoft". The "i" at the end of the expression
- means ignore case. The "(?!.com)" means
- the match should fail if "microsoft" is followed by
- ".com". In other words, this acts like a "NOT"
- modifier. In case this is a hyperlink, we don't want to break it ;-). We are barely scratching the surface of regular expressions here so that you
can understand the default More reading on Perl Compatible Regular expressions:
http://www.perldoc.com/perl5.6/pod/perlre.htmlhttp://perldoc.perl.org/perlre.html For information on regular expression based substitutions and their applications
+ in filters, please see the filter file tutorial
+ in this manual. Since Alternately, this may be reached at There is a shortcut: http://p.p/, but this
- variation may not work as reliably as the above in some configurations.
+> (But it
+ doesn't provide a fall-back to a real page, in case the request is not
+ sent through Privoxy)
- Toggle Privoxy on or off. In this case, config file. When toggled "off", "Privoxy" continues
- to run, but only as a pass-through proxy, with no actions taking place:
+>
+ continues to run, but only as a pass-through proxy, with no actions taking
+ place:
Below are some Privoxy - Enable
@@ -1024,7 +1030,7 @@ TARGET="_top"
> Privoxy - Disable
@@ -1033,7 +1039,7 @@ TARGET="_top"
> Privoxy - Toggle Privoxy (Toggles between enabled and disabled)
@@ -1051,18 +1057,18 @@ TARGET="_top"
> Privoxy - Submit Filter FeedbackPrivoxy - Why?
Credit: The site which gave me the general idea for these bookmarklets is
+> Credit: The site which gave us the general idea for these bookmarklets is
www.bookmarklets.com. They
@@ -1075,14 +1081,15 @@ CLASS="SECT2"
CLASS="SECT2"
>11.3. Chain of Events14.3. Chain of Events Let's take a quick look at the basic sequence of events when a web page is
- requested by your browser and Let's take a quick look at how some of Privoxy is on duty: If the URL pattern matches the "+fast-redirects" Now the rest of the client browser's request headers are processed. If any
of these match any of the relevant actions (e.g. "+hide-user-agent" Now the web server starts sending its response back (i.e. typically a web page and related
- data).
+> Now the web server starts sending its response back (i.e. typically a web
+ page).
First, the server headers are read and processed to determine, among other
things, the MIME type (document type) and encoding. The headers are then
- filtered as deterimed by the
+ filtered as determined by the
"+prevent-setting-cookies""+crunch-incoming-cookies",
"+session-cookies-only",
and "+downgrade-http-version" If the "+kill-popups"
- action applies, and it is an HTML or JavaScript document, the popup-code in the
- response is filtered on-the-fly as it is received.
- If a If any "+filter"
+> action
or "+deanimate-gifs"default.filter) are processed against the buffered
- content. Filters are applied in the order they are specified in the
- default.filter file. Animated GIFs, if present, are
- reduced to either the first or last frame, depending on the action
+> and any other filter files) are
+ processed against the buffered content. Filters are applied in the order
+ they are specified in one of the filter files. Animated GIFs, if present,
+ are reduced to either the first or last frame, depending on the action
setting.The entire page, which is now filtered, is then sent by
back to your browser.
If neither If neither a "+filter"
+> action
or "+deanimate-gifs" As the browser receives the now (probably filtered) page content, it
+> As the browser receives the now (possibly filtered) page content, it
reads and then requests any URLs that may be embedded within the page
source, e.g. ad images, stylesheets, JavaScript, other HTML documents (e.g.
- frames), sounds, etc. For each of these objects, the browser issues a new
- request. And each such request is in turn processed as above. Note that a
- complex web page may have many such embedded URLs.
+ frames), sounds, etc. For each of these objects, the browser issues a
+ separate request (this is easily viewable in Privoxy's
+ logs). And each such request is in turn processed just as above. Note that a
+ complex web page will have many, many such embedded URLs. If these
+ secondary requests are to a different server, then quite possibly a very
+ differing set of actions is triggered.
NOTE: This is somewhat of a simplistic overview of what happens with each URL
+ request. For the sake of brevity and simplicity, we have focused on
+ Privoxy's core features only. The way Privoxy applies
"actions"
- and "filters"actions and filters
to any given URL can be complex, and not always so
easy to understand what is happening. And sometimes we need to be able to
- see just what Privoxy is doing
is causing us a problem inadvertently. It can be a little daunting to look at
the actions and filters files themselves, since they tend to be filled with
- "regular expressions" whose consequences are not always
- so obvious. One quick test to see if the Bookmarklets section on a quick
- and easy way to do this (be sure to flush caches afterward!). Another easy troubleshooting step to try is if you have done any
+ customization of your installation, revert back to the installed
+ defaults and see if that helps. There are times the developers get complaints
+ about one thing or another, and the problem is more related to a customized
+ configuration issue. will tell us
how the current configuration will handle it. This will not
help with filtering effects (i.e. the "+filter" action) from
- the default.filter file since this is handled very
+ one of the filter files since this is handled very
differently and not so easy to trap! It also will not tell you about any other
URLs that may be embedded within the URL you are testing. For instance, images
such as ads are expressed as URLs within the raw page source of HTML pages. So
@@ -1419,7 +1429,8 @@ HREF="http://google.com"
TARGET="_top"
>google.com,
- and look at it one section at a time: This tells us how we have defined our
+> This is telling us how we have defined our
"actions", and
- which ones match for our example, "google.com". The first listing
- is any matches for the standard.action file. No hits at
- all here on .
+ Displayed is all the actions that are available to us. Remember,
+ the + sign denotes "standard". Then next is "on". -
+ denotes "default", or
- our "off". So some are "on" here, but many
+ are "off". Each example we try may provide a slightly different
+ end result, depending on our configuration directives. The first listing
+ is for our default.action file. The large, multi-line listing,
- is how the actions are set to match for all URLs, i.e. our default settings.
- If you look at your file. The large, multi-line
+ listing, is how the actions are set to match for all URLs, i.e. our default
+ settings. If you look at your "actions" file, this would be the section
- just below the file, this would be the
+ section just below the "aliases" section near the top. This will apply to
- all URLs as signified by the single forward slash at the end of the listing
- -- section near the top. This
+ will apply to all URLs as signified by the single forward slash at the end
+ of the listing -- "/"" / ". But we can define additional actions that would be exceptions to these general
- rules, and then list specific URLs (or patterns) that these exceptions would
- apply to. Last match wins. Just below this then are two explicit matches for
- But we have defined additional actions that would be exceptions to these general
+ rules, and then we list specific URLs (or patterns) that these exceptions
+ would apply to. Last match wins. Just below this then are two explicit
+ matches for ".google.com". The first is negating our previous cookie setting,
- which was for . The first is negating our previous
+ cookie setting, which was for "+session-cookies-only"
- (i.e. not persistent). So we will allow persistent cookies for google. The
- second turns off any
- any "+fast-redirects""www.google.com". So, apparently, we have these two actions
- defined somewhere in the lower part of our or "mail.google.com". But it would not
+ match "www.google.de"! So, apparently, we have these two actions
+ defined as exceptions to the general rules at the top somewhere in the lower
+ part of our default.action
- file, and file, and
+ "google.com" is referenced somewhere in these latter
- sections. Then, for our user.action file, we again have no hits. And finally we pull it all together in the bottom section and summarize how
|
Now another example,
{ +block +handle-as-image } - .ad.doubleclick.net - - { +block +handle-as-image } +> { +block{Domains starts with "ad"} } ad*. - { +block +handle-as-image } - .doubleclick.net
We'll just show the interesting part here, the explicit matches. It is - matched three different times. Each as an We'll just show the interesting part here - the explicit matches. It is + matched three different times. Two "+block +handle-as-image""+block{}" sections, + and a "+block{} +handle-as-image", which is the expanded form of one of our aliases that had been defined as: "+imageblock""+block-as-image". ("Aliases""ad.doubleclick.net" is done here -- as both a "+block""+block{}" - and an "+handle-as-image". The custom alias "+imageblock" just simplifies the process and make - it more readable.
"+block-as-image" just + simplifies the process and make it more readable.One last example. Let's try "http://www.rhapsodyk.net/adsl/HOWTO/""http://www.example.net/adsl/HOWTO/". - This one is giving us problems. We are getting a blank page. Hmmm...
Matches for http://www.rhapsodyk.net/adsl/HOWTO/: +> Matches for http://www.example.net/adsl/HOWTO/: - { -add-header -block +deanimate-gifs -downgrade-http-version +fast-redirects - +filter{html-annoyances} +filter{js-annoyances} +filter{kill-popups} - +filter{webbugs} +filter{nimda} +filter{banners-by-size} +filter{hal} - +filter{fun} +hide-forwarded-for-headers +hide-from-header{block} - +hide-referer{forge} -hide-user-agent -handle-as-image +set-image-blocker{blank} - +prevent-compression +session-cookies-only -prevent-setting-cookies - -prevent-reading-cookies +kill-popups -send-vanilla-wafer -send-wafer } + In file: default.action [ View ] [ Edit ] + + {-add-header + -block + +change-x-forwarded-for{block} + -client-header-filter{hide-tor-exit-notation} + -content-type-overwrite + -crunch-client-header + -crunch-if-none-match + -crunch-incoming-cookies + -crunch-outgoing-cookies + -crunch-server-header + +deanimate-gifs + -downgrade-http-version + +fast-redirects {check-decoded-url} + -filter {js-events} + -filter {content-cookies} + -filter {all-popups} + -filter {banners-by-link} + -filter {tiny-textforms} + -filter {frameset-borders} + -filter {demoronizer} + -filter {shockwave-flash} + -filter {quicktime-kioskmode} + -filter {fun} + -filter {crude-parental} + -filter {site-specifics} + -filter {js-annoyances} + -filter {html-annoyances} + +filter {refresh-tags} + -filter {unsolicited-popups} + +filter {img-reorder} + +filter {banners-by-size} + +filter {webbugs} + +filter {jumping-windows} + +filter {ie-exploits} + -filter {google} + -filter {yahoo} + -filter {msn} + -filter {blogspot} + -filter {no-ping} + -force-text-mode + -handle-as-empty-document + -handle-as-image + -hide-accept-language + -hide-content-disposition + +hide-from-header{block} + +hide-referer{forge} + -hide-user-agent + -overwrite-last-modified + +prevent-compression + -redirect + -server-header-filter{xml-to-html} + -server-header-filter{html-to-xml} + +session-cookies-only + +set-image-blocker{blank} } / - { +block +handle-as-image } + { +block{Path contains "ads".} +handle-as-image } /ads | is matching "/ads"! But
- we did not want this at all! Now we see why we get the blank page. We could
- now add a new action below this that explicitly does in our
+ configuration! But we did not want this at all! Now we see why we get the
+ blank page. It is actually triggering two different actions here, and
+ the effects are aggregated so that the URL is blocked, and Privoxy is told
+ to treat the block as if it were an image. But this is, of course, all wrong.
+ We could now add a new action below this (or better in our own
+ user.action file) that explicitly
+ not
- block (un blocks (
+ "{-block}") paths with ) paths with
+ "adsl". There are
- various ways to handle such exceptions. Example: in them (remember, last match in the configuration
+ wins). There are various ways to handle such exceptions. Example:
Now the page displays ;-) Be sure to flush your browser's caches when - making such changes. Or, try using Now the page displays ;-) + Remember to flush your browser's caches when making these kinds of changes to + your configuration to insure that you get a freshly delivered page! Or, try + using Shift+Reload.
{ +block +handle-as-image } +> { +block{Path starts with "ads".} +handle-as-image } /ads
That actually was very telling and pointed us quickly to where the problem +> That actually was very helpful and pointed us quickly to where the problem was. If you don't get this kind of match, then it means one of the default - rules in the first section is causing the problem. This would require some - guesswork, and maybe a little trial and error to isolate the offending rule. - One likely cause would be one of the default.action is causing + the problem. This would require some guesswork, and maybe a little trial and + error to isolate the offending rule. One likely cause would be one of the + "{+filter}" actions. Try - adding the URL for the site to one of aliases that turn off "+filter" actions. + These tend to be harder to troubleshoot. + Try adding the URL for the site to one of aliases that turn off + "+filter":
{shop} +> { shop } .quietpc.com .worldpay.com # for quietpc.com .jungle.com @@ -1805,14 +2010,20 @@ CLASS="SCREEN" > |
This would probably be most appropriately put in This would turn off all filtering for these sites. This is best + put in user.action, - for local site exceptions.
, for local site + exceptions. Note that when a simple domain pattern is used by itself (without + the subsequent path portion), all sub-pages within that domain are included + automatically in the scope of the action.Images that are inexplicably being blocked, may well be hitting the +"+filter{banners-by-size}" + rule, which assumes + that images of certain sizes are ad banners (works well + most of the time since these tend to be standardized).
"{fragile}" is an alias that disables most actions. This can be - used as a last resort for problem sites. Remember to flush caches! If this - still does not work, you will have to go through the remaining actions one by - one to find which one(s) is causing the problem.
"{ fragile }" is an alias that disables most + actions that are the most likely to cause trouble. This can be used as a + last resort for problem sites.
{ fragile } + # Handle with care: easy to break + mail.google. + mybank.example.com |
Remember to flush caches! Note that the + mail.google reference lacks the TLD portion (e.g. + ".com"). This will effectively match any TLD with + google in it, such as mail.google.de., + just as an example.
+ If this still does not work, you will have to go through the remaining + actions one by one to find which one(s) is causing the problem.