X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fwebserver%2Fuser-manual%2Fwhatsnew.html;h=1a0036b3ea9618394621698948557cdd3cb62460;hp=ee02865b48282f345edf68987ae65da8240142c0;hb=107c84d0c43b24ad437933c75774276f67165959;hpb=ce9a355cca433c4b6370c630830304f584e5f9ab diff --git a/doc/webserver/user-manual/whatsnew.html b/doc/webserver/user-manual/whatsnew.html index ee02865b..1a0036b3 100644 --- a/doc/webserver/user-manual/whatsnew.html +++ b/doc/webserver/user-manual/whatsnew.html @@ -1,957 +1,566 @@ - - + -
-Privoxy 3.0.20 is a beta release. The - changes since 3.0.19 stable are:
- -Bug fixes:
- -Client sockets are now properly shutdown and drained before - being closed. This fixes page truncation issues with clients that - aggressively pipeline data on platforms that otherwise discard - already written data. The issue mainly affected Opera users and - was initially reported by Kevin in #3464439, szotsaki provided - additional information to track down the cause.
-Fix latency calculation for shared connections (disabled by - default). It was broken since their introduction in 2009. The - calculated latency for most connections would be 0 in which case - the timeout detection failed to account for the real latency.
-Reject URLs with invalid port. Previously they were parsed - incorrectly and characters between the port number and the first - slash were silently dropped as shown by curl test 187.
-The default-server-timeout and socket-timeout directives - accept 0 as valid value.
-Fix a race condition on Windows that could cause Privoxy to - become unresponsive after toggling it on or off through the - taskbar icon. Reported by Tim H. in #3525694.
-Fix the compilation on Windows when configured without IPv6 - support.
-Fix an assertion that could cause debug builds to abort() in - case of socks5 connection failures with "debug 2" enabled.
-Fix an assertion that could cause debug builds to abort() if a - filter contained nul bytes in the replacement text.
-General improvements:
- -Significantly improved keep-alive support for both client and - server connections.
-New debug log level 65536 which logs all actions that were - applied to the request.
-New directive client-header-order to forward client headers in - a different order than the one in which they arrived.
-New directive tolerate-pipelining to allow client-side - pipelining. If enabled (3.0.20 beta enables it by default), - Privoxy will keep pipelined client requests around to deal with - them once the current request has been served.
-New --config-test option to let Privoxy exit after checking - whether or not the configuration seems valid. The limitations - noted in TODO #22 and #23 still apply. Based on a patch by - Ramkumar Chinchani.
-New limit-cookie-lifetime{} action to let cookies expire - before the end of the session. Suggested by Rick Sykes in - #1049575.
-Increase the hard-coded maximum number of actions and filter - files from 10 to 30 (each). It doesn't significantly affect - Privoxy's memory usage and recompiling wasn't an option for all - Privoxy users that reached the limit.
-Add support for chunk-encoded client request bodies. - Previously chunk-encoded request bodies weren't guaranteed to be - forwarded correctly, so this can also be considered a bug fix - although chunk-encoded request bodies aren't commonly used in the - real world.
-Add support for Tor's optimistic-data SOCKS extension, which - can reduce the latency for requests on newly created connections. - Currently only the headers are sent optimistically and only if - the client request has already been read completely which rules - out requests with large bodies.
-After preventing the client from pipelining, don't signal - keep-alive intentions. When looking at the response headers - alone, it previously wasn't obvious from the client's perspective - that no additional responses should be expected.
-Stop considering client sockets tainted after receving a - request with body. It hasn't been necessary for a while now and - unnecessarily causes test failures when using curl's test - suite.
-Allow HTTP/1.0 clients to signal interest in keep-alive - through the Proxy-Connection header. While such client are rare - in the real world, it doesn't hurt and couple of curl tests rely - on it.
-Only remove duplicated Content-Type headers when filters are - enabled. If they are not it doesn't cause ill effects and the - user might not want it. Downgrade the removal message to - LOG_LEVEL_HEADER to clarify that it's not an error in Privoxy and - is unlikely to cause any problems in general. Anonymously - reported in #3599335.
-Set the socket option SO_LINGER for the client socket.
-Move several variable declarations to the beginning of their - code block. It's required when compiling with gcc 2.95 which is - still used on some platforms. Initial patch submitted by Simon - South in #3564815.
-Optionally try to sanity-check strptime() results before - trusting them. Broken strptime() implementations have caused - problems in the past and the most recent offender seems to be - FreeBSD's libc (standards/173421).
-When filtering is enabled, let Range headers pass if the range - starts at the beginning. This should work around (or at least - reduce ) the video playback issues with various Apple clients as - reported by Duc in #3426305.
-Do not confuse a client hanging up with a connection time out. - If a client closes its side of the connection without sending a - request line, do not send the CLIENT_CONNECTION_TIMEOUT_RESPONSE, - but report the condition properly.
-Allow closing curly braces as part of action values as long as - they are escaped.
-On Windows, the logfile is now written before showing the GUI - error message which blocks until the user acknowledges it. - Reported by Adriaan in #3593603.
-Remove an unreasonable parameter limit in the CGI interface. - The new parameter limit depends on the memory available and is - currently unlikely to be reachable, due to other limits in both - Privoxy and common clients. Reported by Andrew on - ijbswa-users@.
-Decrease the chances of parse failures after requests with - unsupported methods were sent to the CGI interface.
-Action file improvements:
- -Remove the comment that indicated that updated default.action - versions are released on their own.
-Block 'optimize.indieclick.com/' and - 'optimized-by.rubiconproject.com/'
-Unblock 'adjamblog.wordpress.com/' and - 'adjamblog.files.wordpress.com/'. Reported by Ryan Farmer in - #3496116.
-Unblock '/.*Bugtracker'. Reported by pwhk in #3522341.
-Add test URLs for '.freebsd.org' and '.watson.org'.
-Unblock '.urbandictionary.com/popular'.
-Block '.adnxs.com/'.
-Block 'farm.plista.com/widgetdata.php'.
-Block 'rotation.linuxnewmedia.com/'.
-Block 'reklamy.sfd.pl/'. Reported by kacperdominik in - #3399948.
-Block 'g.adspeed.net/'.
-Unblock 'websupport.wdc.com/'. Reported by Adam Piggot in - #3577851.
-Block '/openx/www/delivery/'.
-Disable fast-redirects for '.googleapis.com/'.
-Block 'imp.double.net/'. Reported by David Bo in #3070411.
-Block 'gm-link.com/' whis is used for email tracking. Reported - by David Bo in #1812733.
-Verify that requests to "bwp." are blocked. URL taken from - #1736879 submitted by Francois Marier.
-Block '/.*bannerid='. Reported by Adam Piggott in - #2975779.
-Block 'cltomedia.info/delivery/' and '.adexprt.com/'. - Anonymously reported in #2965254.
-Block 'de17a.com/'. Reported by David Bo in #3061472.
-Block 'oskar.tradera.com/'. Reported by David Bo in - #3060596.
-Block '/scripts/webtrends\.js'. Reported by johnd16 in - #3002729.
-Block requests for 'pool.*.adhese.com/'. Reported by johnd16 - in #3002716.
-Update path pattern for Coremetrics and add tests. Pattern and - URLs submitted by Adam Piggott #3168443.
-Enable +fast-redirects{check-decoded-url} for 'tr.anp.se/'. - Reported by David Bo in #3268832.
-Unblock '.conrad.se/newsletter/banners/'. Reported by David Bo - in #3413824.
-Block '.tynt.com/'. Reported by Dan Stahlke in #3421767.
-Unblock '.bbci.co.uk/radio/'. Reported by Adam Piggott in - #3569603.
-Block requests to 'service.maxymiser.net/'. Reported by - johnd16 in #3118401 (with a previous URL).
-Disable fast-redirects for Google's "let's pretend your - computer is infected" page.
-Unblock '/.*download' to resolve actionsfile feedback - #3498129. Submitted by Steven Kolins (soundcloud.com not - working).
-Unblock '.wlxrs.com/' which is required by hotmail.com. Fixes - #3413827 submitted by David Bo.
-Add two unblock patterns for popup radio and TV players. - Submitted by Adam Piggott in #3596089.
-Filter file improvements & bug fixes:
- -Add a referer tagger.
-Reduce the likelihood that the google filter messes up - HTML-generating JavaScript. Reported by Zeno Kugy in - #3520260.
-Documentation improvements:
- -Revised all OS X sections due to new packaging module - (OSXPackageBuilder).
-Update the list of supported operating systems to clarify that - all Windows versions after 95 are expected to work and note that - the platform-specific code for AmigaOS and QNX currently isn't - maintained.
-Update 'Signals' section, the only explicitly handled signals - are SIGINT, SIGTERM and SIGHUP.
-Add Haiku to the list of operating systems on which Privoxy is - known to run.
-Add DragonFly to the list of BSDs on which Privoxy is known to - run.
-Removed references to redhat-specific documentation set since - it no longer exists.
-Removed references to building PDFs since we no longer do - so.
-Multiple listen-address directives are supported since 3.0.18, - correct the documentation to say so.
-Remove bogus section about long and short being preferable to - int.
-Corrected some Internet JunkBuster references to Privoxy.
-Removed references to www.junkbusters.com since it is no - longer maintained. Reported by Angelina Matson.
-Various grammar and spelling corrections
-Add a client-header-tagger{} example for disabling filtering - for range requests.
-Correct a URL in the "Privoxy with Tor" FAQ.
-Spell 'refresh-tags' correctly. Reported by Don in - #3571927.
-Sort manpage options alphabetically.
-Remove an incorrect sentence in the toggle section. The toggle - state doesn't affect whether or not the Windows version uses the - tray icon. Reported by Zeno Kugy in #3596395.
-Add new contributors since 3.0.19.
-Log message improvements:
- -When stopping to watch a client socket due to pipelining, - additionally log the socket number.
-Log the client socket and its condition before closing it. - This makes it more obvious that the socket actually gets closed - and should help when diagnosing problems like #3464439.
-In case of SOCKS5 failures, do not explicitly log the server's - response. It hasn't helped so far and the response can already be - logged by enabling "debug 32768" anyway. This reverts v1.81 and - the follow-up bug fix v1.84.
-Relocate the connection-accepted message from listen_loop() to - serve(). This way it's printed by the thread that is actually - serving the connection which is nice when grepping for thread ids - in log files.
-Code cleanups:
- -Remove compatibility layer for versions prior to 3.0 since it - has been obsolete for more than 10 years now.
-Remove the ijb_isupper() and ijb_tolower() macros from - parsers.c since they aren't used in this file.
-Removed the 'Functions declared include:' comment sections - since they tend to be incomplete, incorrect and out of date and - the benefit seems questionable.
-Various comment grammar and comprehensibility - improvements.
-Remove a pointless fflush() call in chat(). Flushing all - streams pretty much all the time for no obvious reason is - ridiculous.
-Relocate ijb_isupper()'s definition to project.h and get the - ijb_tolower() definition from there, too.
-Relocate ijb_isdigit()'s definition to project.h.
-Rename ijb_foo macros to privoxy_foo.
-Add malloc_or_die() which will allow to simplify code paths - where malloc() failures don't need to be handled gracefully.
-Add strdup_or_die() which will allow to simplify code paths - where strdup() failures don't need to be handled gracefully.
-Replace strdup() calls with strdup_or_die() calls where it's - safe and simplifies the code.
-Fix white-space around parentheses.
-Add missing white-space behind if's and the following - parentheses.
-Unwrap a memcpy() call in resolve_hostname_to_ip().
-Declare pcrs_get_delimiter()'s delimiters[] static const.
-Various optimisations to remove dead code and merge - inefficient code structures for improved clarity, performance or - code compactness.
-Various data type corrections.
-Change visibility of several code segments when compiling - without FEATURE_CONNECTION_KEEP_ALIVE enabled for clarity.
-In pcrs_get_delimiter(), do not use delimiters ouside the - ASCII range. Fixes a clang complaint.
-Fix an error message in get_last_url() nobody is supposed to - see. Reported by Matthew Fischer in #3507301.
-Fix a typo in the no-zlib-support complaint. Patch submitted - by Matthew Fischer in #3507304.
-Shorten ssplit()'s prototype by removing the last two - arguments. We always want to skip empty fields and ignore leading - delimiters, so having parameters for this only complicates the - API.
-Use an enum for the type of the action value.
-Rename action_name's member takes_value to value_type as it - isn't used as boolean.
-Turn family mismatches in match_sockaddr() into fatal - errors.
-Let enlist_unique_header() verify that the caller didn't pass - a header containing either \r or \n.
-Change the hashes used in load_config() to unsigned int. - That's what hash_string() actually returns and using a - potentiallly larger type is at best useless.
-Use privoxy_tolower() instead of vanilla tolower() with manual - casting of the argument.
-Catch ssplit() failures in parse_cgi_parameters().
-Privoxy-Regression-Test:
- -Add an 'Overwrite condition' directive to skip any matching - tests before it. As it has a global scope, using it is more - convenient than clowning around with the Ignore directive.
-Log to STDOUT instead of STDERR.
-Include the Privoxy version in the output.
-Various grammar and spelling corrections in documentation and - code.
-Additional tests for range requests with filtering - enabled.
-Tests with mostly invalid range request.
-Add a couple of hide-if-modified-since{} tests with different - date formats.
-Cleaned up the format of the regression-tests.action file to - match the format of default.action.
-Remove the "Copyright" line from print_version(). When using - --help, every line of screen space matters and thus shouldn't be - wasted on things the user doesn't care about.
-Privoxy-Log-Parser:
- -Improve the --statistics performance by skipping sanity checks - for input that shouldn't affect the results anyway. Add a - --strict-checks option that enables some of the checks again, - just in case anybody cares.
-The distribution of client requests per connection is included - in the --statistic output.
-The --accept-unknown-messages option has been removed and the - behavior is now the default.
-Accept and (mostly) highlight new log messages introduced with - Privoxy 3.0.20.
-uagen:
- -Bump generated Firefox version to 17.
-GNUmakefile improvements:
- -The dok-tidy target no longer taints documents with a - tidy-mark
-Change RA_MODE from 0664 to 0644. Suggested by Markus Dittrich - in #3505445.
-Remove tidy's clean flag as it changes the scope of - attributes. Link-specific colors end up being applied to all - text. Reported by Adam Piggott in #3569551.
-Leave it up to the user whether or not smart tags are - inserted.
-Let w3m itself do the line wrapping for the config file. It - works better than fmt as it can honour pre tags causing less - unintentional line breaks.
-Ditch a pointless '-r' passed to rm to delete files.
-The config-file target now requires less manual intervention - and updates the original config.
-Change WDUMP to generate ASCII. Add WDUMP_UTF8 to allow UTF-8 - in the AUTHORS file so the names are right.
-Stop pretending that lynx and links are supported for the - documentation.
-configure improvements:
- -On Haiku, do not pass -lpthread to the compiler. Haiku's - pthreads implementation is contained in its system library, - libroot, so no additional library needs to be searched. Patch - submitted by Simon South in #3564815.
-Additional Haiku-specific improvements. Disable checks - intended for multi-user systems as Haiku is presently - single-user. Group Haiku-specific settings in their own section, - following the pattern for Solaris, OS/2 and AmigaOS. Add - additional library-related settings to remove the need for - providing configure with custom LDFLAGS. Submitted by Simon South - in #3574538.
-A quick list of things to be aware of before upgrading from earlier - versions of Privoxy:
- + ++ Privoxy 3.0.25 beta introduces + client-specific tags and includes a couple of minor improvements. It + will be followed by a stable release in the near future. +
++
The recommended way to upgrade Privoxy is to backup your old configuration - files, install the new ones, verify that Privoxy is working correctly and finally merge - back your changes using diff and - maybe patch.
- -There are a number of new features in each Privoxy release and most of them have to be - explicitly enabled in the configuration files. Old configuration - files obviously don't do that and due to syntax changes using old - configuration files with a new Privoxy isn't always possible anyway.
++ Bug fixes: +
++ Always use the current toggle state for new requests. + Previously new requests on reused connections inherited the + toggle state from the previous request even though the toggle + state could have changed. Reported by Robert Klemme. +
++ Fixed two buffer-overflows in the (deprecated) static pcre + code. These bugs are not considered security issues as the + input is trusted. Found with afl-fuzz and ASAN. +
+Note that some installers remove earlier versions completely, - including configuration files, therefore you should really save any - important configuration files!
++ General improvements: +
++ Added support for client-specific tags which allow Privoxy + admins to pre-define tags that are set for all requests from + clients that previously opted in through the CGI interface. + They are useful in multi-user setups where admins may want to + allow users to disable certain actions and filters for + themselves without affecting others. In single-user setups + they are useful to allow more fine-grained toggling. For + example to disable request blocking while still crunching + cookies, or to disable experimental filters only. This is an + experimental feature, the syntax and behaviour may change in + future versions. Sponsored by Robert Klemme. +
++ Dynamic filters and taggers now support a $listen-address + variable which contains the address the request came in on. + For external filters the variable is called + $PRIVOXY_LISTEN_ADDRESS. Original patch contributed by + pursievro. +
++ Add client-header-tagger 'listen-address'. +
++ Include the listen-address in the log message when logging + new requests. Patch contributed by pursievro. +
++ Turn invalid max-client-connections values into fatal errors. +
++ The show-status page now shows whether or not dates before + 1970 and after 2038 are expected to be handled properly. This + is mainly useful for Privoxy-Regression-Test but could also + come handy when dealing with time-related support requests. +
++ On Mac OS X the thread id in log messages are more likely to + be unique now. +
++ When complaining about missing filters, the filter type is + logged as well. +
++ A couple of harmless coverity warnings were silenced (CID + #161202, CID #161203, CID #161211). +
+On the other hand, other installers don't overwrite existing - configuration files, thinking you will want to do that - yourself.
++ Action file improvements: +
++ Filtering is disabled for Range requests to let download + resumption and Windows updates work with the default + configuration. +
++ Unblock ".ardmediathek.de/". Reported by ThTomate in #932. +
+standard.action has been merged into - the default.action file.
++ Documentation improvements: +
++ Add FAQ entry for crashes caused by memory limits. +
++ Remove obsolete FAQ entry about a bug in PHP 4.2.3. +
++ Mention the new mailing lists were appropriate. As the + archives have not been migrated, continue to mention the + archives at SF in the contacting section for now. +
++ Note that the templates should be adjusted if Privoxy is + running as intercepting proxy without getting all requests. +
++ A bunch of links were converted to https://. +
++ Rephrase onion service paragraph to make it more obvious that + Tor is involved and that the whole website (and not just the + homepage) is available as onion service. +
++ Streamline the "More information" section on the homepage + further by additionally ditching the link to the 'See also' + section of the user manual. The section contains mostly links + that are directly reachable from the homepage already and the + rest is not significant enough to get a link from the + homepage. +
++ Change the add-header{} example to set the DNT header and use + a complete section to make copy and pasting more convenient. + Add a comment to make it obvious that adding the header is + not recommended for obvious reasons. Using the DNT header as + example was suggested by Leo Wzukw. +
++ Streamline the support-and-service template Instead of + linking to the various support trackers (whose URLs hopefully + change soon), link to the contact section of the user manual + to increase the chances that users actually read it. +
++ Add a FAQ entry for tainted sockets. +
++ More sections in the documentation have stable URLs now. +
++ FAQ: Explain why 'ping config.privoxy.org' is not expected to + reach a local Privoxy installation. +
++ Note that donations done through Zwiebelfreunde e.V. + currently can't be checked automatically. +
++ Updated section regarding starting Privoxy under OS X. +
++ Use dedicated start instructions for FreeBSD and ElectroBSD. +
++ Removed release instructions for AIX. They haven't been + working for years and unsurprisingly nobody seems to care. +
++ Removed obsolete reference to the solaris-dist target. +
++ Updated the release instructions for FreeBSD. +
++ Removed unfinished release instructions for Amiga OS and + HP-UX 11. +
++ Added a pointer to the Cygwin Time Machine for getting the + last release of Cygwin version 1.5 to use for building + Privoxy on Windows. +
++ Various typos have been fixed. +
+In the default configuration only fatal errors are logged now. - You can change that in the debug - section of the configuration file. You may also want to enable - more verbose logging until you verified that the new Privoxy version is working as expected.
++ Infrastructure improvements: +
++ The website is no longer hosted at SourceForge and can be + reached through https now. +
++ The mailing lists at SourceForge have been deprecated, you + can subscribe to the new ones at: https://lists.privoxy.org/ +
++ Migrating the remaining services from SourceForge is work in + progress (TODO list item #53). +
++ Build system improvements: +
++ Add configure argument to optimistically redefine FD_SETSIZE + with the intent to change the maximum number of client + connections Privoxy can handle. Only works with some libcs. + Sponsored by Robert Klemme. +
++ Let the tarball-dist target skip files in ".git". +
++ Let the tarball-dist target work in cwds other than current. +
++ Make the 'clean' target faster when run from a git + repository. +
++ Include tools in the generic distribution. +
++ Let the gen-dist target work in cwds other than current. +
++ Sort find output that is used for distribution tarballs to + get reproducible results. +
++ Don't add '-src' to the name of the tar ball generated by the + gen-dist target. The package isn't a source distribution but + a binary package. While at it, use a variable for the name to + reduce the chances that the various references get out of + sync and fix the gen-upload target which was looking in the + wrong directory. +
++ Add regression-tests.action to the files that are + distributed. +
++ The gen-dist target which was broken since 2002 (r1.92) has + been fixed. +
++ Remove genclspec.sh which has been obsolete since 2009. +
++ Remove obsolete reference to Redhat spec file. +
++ Remove the obsolete announce target which has been commented + out years ago. +
++ Let rsync skip files if the checksums match. +
+Three other config file settings are now off by default: - enable-remote-toggle, - enable-remote-http-toggle, - and enable-edit-actions. If you - use or want these, you will need to explicitly enable them, and be - aware of the security issues involved.
++ Privoxy-Regression-Test: +
++ Add a "Default level offset" directive which can be used to + change the default level by a given value. This directive + affects all tests located after it until the end of the file + or a another "Default level offset" directive is reached. The + purpose of this directive is to make it more convenient to + skip similar tests in a given file without having to remove + or disable the tests completely. +
++ Let test level 17 depend on FEATURE_64_BIT_TIME_T instead of + FEATURE_PTHREAD which has no direct connection to the time_t + size. +
++ Fix indentation in perldoc examples. +
++ Don't overlook directives in the first line of the action + file. +
++ Bump version to 0.7. +
++ Fix detection of the Privoxy version now that https:// is + used for the website. +
++ A quick list of things to be aware of before upgrading from earlier + versions of Privoxy: +
++
++ The recommended way to upgrade Privoxy is to backup your old + configuration files, install the new ones, verify that Privoxy is working correctly and + finally merge back your changes using diff and maybe patch. +
++ There are a number of new features in each Privoxy release and most of them have to + be explicitly enabled in the configuration files. Old + configuration files obviously don't do that and due to syntax + changes using old configuration files with a new Privoxy isn't always possible anyway. +
++ Note that some installers remove earlier versions completely, + including configuration files, therefore you should really save + any important configuration files! +
++ On the other hand, other installers don't overwrite existing + configuration files, thinking you will want to do that + yourself. +
++ In the default configuration only fatal errors are logged now. + You can change that in the debug + section of the configuration file. You may also want to + enable more verbose logging until you verified that the new + Privoxy version is working as + expected. +
++ Three other config file settings are now off by default: enable-remote-toggle, enable-remote-http-toggle, + and enable-edit-actions. If + you use or want these, you will need to explicitly enable them, + and be aware of the security issues involved. +
+