-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="CONFIG"
->7.3. The Main Configuration File</A
-></H2
-><P
-> Again, the main configuration file is named <TT
-CLASS="FILENAME"
->config</TT
-> on
- Linux/Unix/BSD and OS/2, and <TT
-CLASS="FILENAME"
->config.txt</TT
-> on Windows.
- Configuration lines consist of an initial keyword followed by a list of
- values, all separated by whitespace (any number of spaces or tabs). For
- example:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->confdir /etc/privoxy</I
-><br>
- </P
->
- </TT
-> </P
-><P
-> Assigns the value <TT
-CLASS="LITERAL"
->/etc/privoxy</TT
-> to the option
- <TT
-CLASS="LITERAL"
->confdir</TT
-> and thus indicates that the configuration
- directory is named <SPAN
-CLASS="QUOTE"
->"/etc/privoxy/"</SPAN
->.</P
-><P
-> All options in the config file except for <TT
-CLASS="LITERAL"
->confdir</TT
-> and
- <TT
-CLASS="LITERAL"
->logdir</TT
-> are optional. Watch out in the below description
- for what happens if you leave them unset.</P
-><P
-> The main config file controls all aspects of <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->'s
- operation that are not location dependent (i.e. they apply universally, no matter
- where you may be surfing).</P
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="CONF-LOG-LOC"
->7.3.1. Configuration and Log File Locations</A
-></H3
-><P
-> <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> can (and normally does) use a number of
- other files for additional configuration and logging.
- This section of the configuration file tells <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- where to find those other files. </P
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="CONFDIR"
->7.3.1.1. confdir</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
->The directory where the other configuration files are located</P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->Path name</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->/etc/privoxy (Unix) <I
-CLASS="EMPHASIS"
->or</I
-> <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> installation dir (Windows) </P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Mandatory</I
-></P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> No trailing <SPAN
-CLASS="QUOTE"
->"<TT
-CLASS="LITERAL"
->/</TT
->"</SPAN
->, please
- </P
-><P
-> When development goes modular and multi-user, the blocker, filter, and
- per-user config will be stored in subdirectories of <SPAN
-CLASS="QUOTE"
->"confdir"</SPAN
->.
- For now, the configuration directory structure is flat, except for
- <TT
-CLASS="FILENAME"
->confdir/templates</TT
->, where the HTML templates for CGI
- output reside (e.g. <SPAN
-CLASS="APPLICATION"
->Privoxy's</SPAN
-> 404 error page).
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="LOGDIR"
->7.3.1.2. logdir</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> The directory where all logging takes place (i.e. where <TT
-CLASS="FILENAME"
->logfile</TT
-> and
- <TT
-CLASS="FILENAME"
->jarfile</TT
-> are located)
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->Path name</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->/var/log/privoxy (Unix) <I
-CLASS="EMPHASIS"
->or</I
-> <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> installation dir (Windows) </P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Mandatory</I
-></P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> No trailing <SPAN
-CLASS="QUOTE"
->"<TT
-CLASS="LITERAL"
->/</TT
->"</SPAN
->, please
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="ACTIONSFILE"
->7.3.1.3. <A
-NAME="DEFAULT.ACTION"
-></A
->
-<A
-NAME="STANDARD.ACTION"
-></A
->
-<A
-NAME="USER.ACTION"
-></A
->
-actionsfile</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> The <A
-HREF="configuration.html#ACTIONS"
->actions</A
-> file(s) to use
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->File name, relative to <TT
-CLASS="LITERAL"
->confdir</TT
-></P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <P
-CLASS="LITERALLAYOUT"
-> standard # Internal purposes, recommended not editing</P
->
- </TD
-></TR
-><TR
-><TD
-> <P
-CLASS="LITERALLAYOUT"
-> default # Main actions file</P
->
- </TD
-></TR
-><TR
-><TD
-> <P
-CLASS="LITERALLAYOUT"
-> user # User customizations</P
->
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> No actions are taken at all. Simple neutral proxying.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Multiple <TT
-CLASS="LITERAL"
->actionsfile</TT
-> lines are OK and are in fact recommended!
- </P
-><P
->
- The default values include standard.action, which is used for internal
- purposes and should be loaded, default.action, which is the
- <SPAN
-CLASS="QUOTE"
->"main"</SPAN
-> actions file maintained by the developers, and
- <TT
-CLASS="FILENAME"
->user.action</TT
->, where you can make your personal additions.
- </P
-><P
->
- There is no point in using <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> without an actions file.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="FILTERFILE"
->7.3.1.4. <A
-NAME="DEFAULT.FILTER"
-></A
->filterfile</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> The <A
-HREF="configuration.html#FILTER"
->filter</A
-> file to use
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->File name, relative to <TT
-CLASS="LITERAL"
->confdir</TT
-></P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->default.filter (Unix) <I
-CLASS="EMPHASIS"
->or</I
-> default.filter.txt (Windows)</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> No textual content filtering takes place, i.e. all
- <TT
-CLASS="LITERAL"
->+filter{<TT
-CLASS="REPLACEABLE"
-><I
->name</I
-></TT
->}</TT
->
- actions in the actions files are turned off
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The <SPAN
-CLASS="QUOTE"
->"default.filter"</SPAN
-> file contains content modification rules
- that use <SPAN
-CLASS="QUOTE"
->"regular expressions"</SPAN
->. These rules permit powerful
- changes on the content of Web pages, e.g., you could disable your favorite
- JavaScript annoyances, re-write the actual displayed text, or just have some
- fun replacing <SPAN
-CLASS="QUOTE"
->"Microsoft"</SPAN
-> with <SPAN
-CLASS="QUOTE"
->"MicroSuck"</SPAN
-> wherever
- it appears on a Web page.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="LOGFILE"
->7.3.1.5. logfile</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> The log file to use
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->File name, relative to <TT
-CLASS="LITERAL"
->logdir</TT
-></P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->logfile (Unix) <I
-CLASS="EMPHASIS"
->or</I
-> privoxy.log (Windows)</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> No log file is used, all log messages go to the console (<TT
-CLASS="LITERAL"
->stderr</TT
->).
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The windows version will additionally log to the console.
- </P
-><P
-> The logfile is where all logging and error messages are written. The level
- of detail and number of messages are set with the <TT
-CLASS="LITERAL"
->debug</TT
->
- option (see below). The logfile can be useful for tracking down a problem with
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> (e.g., it's not blocking an ad you
- think it should block) but in most cases you probably will never look at it.
- </P
-><P
-> Your logfile will grow indefinitely, and you will probably want to
- periodically remove it. On Unix systems, you can do this with a cron job
- (see <SPAN
-CLASS="QUOTE"
->"man cron"</SPAN
->). For Red Hat, a <B
-CLASS="COMMAND"
->logrotate</B
->
- script has been included.
- </P
-><P
-> On SuSE Linux systems, you can place a line like <SPAN
-CLASS="QUOTE"
->"/var/log/privoxy.*
- +1024k 644 nobody.nogroup"</SPAN
-> in <TT
-CLASS="FILENAME"
->/etc/logfiles</TT
->, with
- the effect that cron.daily will automatically archive, gzip, and empty the
- log, when it exceeds 1M size.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="JARFILE"
->7.3.1.6. jarfile</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> The file to store intercepted cookies in
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->File name, relative to <TT
-CLASS="LITERAL"
->logdir</TT
-></P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->jarfile (Unix) <I
-CLASS="EMPHASIS"
->or</I
-> privoxy.jar (Windows)</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Intercepted cookies are not stored at all.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The jarfile may grow to ridiculous sizes over time.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="TRUSTFILE"
->7.3.1.7. trustfile</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> The trust file to use
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->File name, relative to <TT
-CLASS="LITERAL"
->confdir</TT
-></P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Unset (commented out)</I
->. When activated: trust (Unix) <I
-CLASS="EMPHASIS"
->or</I
-> trust.txt (Windows)</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> The whole trust mechanism is turned off.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The trust mechanism is an experimental feature for building white-lists and should
- be used with care. It is <I
-CLASS="EMPHASIS"
->NOT</I
-> recommended for the casual user.
- </P
-><P
-> If you specify a trust file, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will only allow
- access to sites that are named in the trustfile.
- You can also mark sites as trusted referrers (with <TT
-CLASS="LITERAL"
->+</TT
->), with
- the effect that access to untrusted sites will be granted, if a link from a
- trusted referrer was used.
- The link target will then be added to the <SPAN
-CLASS="QUOTE"
->"trustfile"</SPAN
->.
- Possible applications include limiting Internet access for children.
- </P
-><P
-> If you use <TT
-CLASS="LITERAL"
->+</TT
-> operator in the trust file, it may grow considerably over time.
- </P
-></DD
-></DL
-></DIV
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="LOCAL-SET-UP"
->7.3.2. Local Set-up Documentation</A
-></H3
-><P
-> If you intend to operate <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> for more users
- that just yourself, it might be a good idea to let them know how to reach
- you, what you block and why you do that, your policies etc.
- </P
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="TRUST-INFO-URL"
->7.3.2.1. trust-info-url</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> A URL to be displayed in the error page that users will see if access to an untrusted page is denied.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->URL</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->Two example URL are provided</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> No links are displayed on the "untrusted" error page.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The value of this option only matters if the experimental trust mechanism has been
- activated. (See <TT
-CLASS="LITERAL"
->trustfile</TT
-> above.)
- </P
-><P
-> If you use the trust mechanism, it is a good idea to write up some on-line
- documentation about your trust policy and to specify the URL(s) here.
- Use multiple times for multiple URLs.
- </P
-><P
-> The URL(s) should be added to the trustfile as well, so users don't end up
- locked out from the information on why they were locked out in the first place!
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="ADMIN-ADDRESS"
->7.3.2.2. admin-address</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> An email address to reach the proxy administrator.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->Email address</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Unset</I
-></P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> No email address is displayed on error pages and the CGI user interface.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If both <TT
-CLASS="LITERAL"
->admin-address</TT
-> and <TT
-CLASS="LITERAL"
->proxy-info-url</TT
->
- are unset, the whole "Local Privoxy Support" box on all generated pages will
- not be shown.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="PROXY-INFO-URL"
->7.3.2.3. proxy-info-url</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> A URL to documentation about the local <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> setup,
- configuration or policies.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->URL</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Unset</I
-></P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> No link to local documentation is displayed on error pages and the CGI user interface.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If both <TT
-CLASS="LITERAL"
->admin-address</TT
-> and <TT
-CLASS="LITERAL"
->proxy-info-url</TT
->
- are unset, the whole "Local Privoxy Support" box on all generated pages will
- not be shown.
- </P
-><P
-> This URL shouldn't be blocked ;-)
- </P
-></DD
-></DL
-></DIV
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="DEBUGGING"
->7.3.3. Debugging</A
-></H3
-><P
-> These options are mainly useful when tracing a problem.
- Note that you might also want to invoke
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> with the <TT
-CLASS="LITERAL"
->--no-daemon</TT
->
- command line option when debugging.
- </P
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="DEBUG"
->7.3.3.1. debug</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Key values that determine what information gets logged.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->Integer values</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->12289 (i.e.: URLs plus informational and warning messages)</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Nothing gets logged.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The available debug levels are:
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="PROGRAMLISTING"
-> debug 1 # show each GET/POST/CONNECT request
- debug 2 # show each connection status
- debug 4 # show I/O status
- debug 8 # show header parsing
- debug 16 # log all data into the logfile
- debug 32 # debug force feature
- debug 64 # debug regular expression filter
- debug 128 # debug fast redirects
- debug 256 # debug GIF de-animation
- debug 512 # Common Log Format
- debug 1024 # debug kill pop-ups
- debug 4096 # Startup banner and warnings.
- debug 8192 # Non-fatal errors</PRE
-></TD
-></TR
-></TABLE
->
- </P
-><P
-> To select multiple debug levels, you can either add them or use
- multiple <TT
-CLASS="LITERAL"
->debug</TT
-> lines.
- </P
-><P
-> A debug level of 1 is informative because it will show you each request
- as it happens. <I
-CLASS="EMPHASIS"
->1, 4096 and 8192 are highly recommended</I
->
- so that you will notice when things go wrong. The other levels are probably
- only of interest if you are hunting down a specific problem. They can produce
- a hell of an output (especially 16).
-
- </P
-><P
-> The reporting of <I
-CLASS="EMPHASIS"
->fatal</I
-> errors (i.e. ones which crash
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->) is always on and cannot be disabled.
- </P
-><P
-> If you want to use CLF (Common Log Format), you should set <SPAN
-CLASS="QUOTE"
->"debug
- 512"</SPAN
-> <I
-CLASS="EMPHASIS"
->ONLY</I
-> and not enable anything else.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="SINGLE-THREADED"
->7.3.3.2. single-threaded</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Whether to run only one server thread
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->None</I
-></P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Unset</I
-></P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Multi-threaded (or, where unavailable: forked) operation, i.e. the ability to
- serve multiple requests simultaneously.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This option is only there for debug purposes and you should never
- need to use it. <I
-CLASS="EMPHASIS"
->It will drastically reduce performance.</I
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="ACCESS-CONTROL"
->7.3.4. Access Control and Security</A
-></H3
-><P
-> This section of the config file controls the security-relevant aspects
- of <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->'s configuration.
- </P
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="LISTEN-ADDRESS"
->7.3.4.1. listen-address</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> The IP address and TCP port on which <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will
- listen for client requests.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->[<TT
-CLASS="REPLACEABLE"
-><I
->IP-Address</I
-></TT
->]:<TT
-CLASS="REPLACEABLE"
-><I
->Port</I
-></TT
-></P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->localhost:8118</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Bind to localhost (127.0.0.1), port 8118. This is suitable and recommended for
- home users who run <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> on the same machine as
- their browser.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> You will need to configure your browser(s) to this proxy address and port.
- </P
-><P
-> If you already have another service running on port 8118, or if you want to
- serve requests from other machines (e.g. on your local network) as well, you
- will need to override the default.
- </P
-><P
-> If you leave out the IP address, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will
- bind to all interfaces (addresses) on your machine and may become reachable
- from the Internet. In that case, consider using access control lists (ACL's)
- (see <SPAN
-CLASS="QUOTE"
->"ACLs"</SPAN
-> below), or a firewall.
- </P
-></DD
-><DT
->Example:</DT
-><DD
-><P
-> Suppose you are running <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> on
- a machine which has the address 192.168.0.1 on your local private network
- (192.168.0.0) and has another outside connection with a different address.
- You want it to serve requests from inside only:
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="PROGRAMLISTING"
-> listen-address 192.168.0.1:8118</PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="TOGGLE"
->7.3.4.2. toggle</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Initial state of "toggle" status
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->1 or 0</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->1</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Act as if toggled on
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If set to 0, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will start in
- <SPAN
-CLASS="QUOTE"
->"toggled off"</SPAN
-> mode, i.e. behave like a normal, content-neutral
- proxy. See <TT
-CLASS="LITERAL"
->enable-remote-toggle</TT
->
- below. This is not really useful anymore, since toggling is much easier
- via <A
-HREF="http://config.privoxy.org/toggle"
-TARGET="_top"
->the web
- interface</A
-> then via editing the <TT
-CLASS="FILENAME"
->conf</TT
-> file.
- </P
-><P
-> The windows version will only display the toggle icon in the system tray
- if this option is present.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="ENABLE-REMOTE-TOGGLE"
->7.3.4.3. enable-remote-toggle</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Whether or not the <A
-HREF="http://config.privoxy.org/toggle"
-TARGET="_top"
->web-based toggle
- feature</A
-> may be used
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->0 or 1</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->1</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> The web-based toggle feature is disabled.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> When toggled off, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> acts like a normal,
- content-neutral proxy, i.e. it acts as if none of the actions applied to
- any URL.
- </P
-><P
-> For the time being, access to the toggle feature can <I
-CLASS="EMPHASIS"
->not</I
-> be
- controlled separately by <SPAN
-CLASS="QUOTE"
->"ACLs"</SPAN
-> or HTTP authentication,
- so that everybody who can access <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> (see
- <SPAN
-CLASS="QUOTE"
->"ACLs"</SPAN
-> and <TT
-CLASS="LITERAL"
->listen-address</TT
-> above) can
- toggle it for all users. So this option is <I
-CLASS="EMPHASIS"
->not recommended</I
->
- for multi-user environments with untrusted users.
- </P
-><P
-> Note that you must have compiled <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> with
- support for this feature, otherwise this option has no effect.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="ENABLE-EDIT-ACTIONS"
->7.3.4.4. enable-edit-actions</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Whether or not the <A
-HREF="http://config.privoxy.org/show-status"
-TARGET="_top"
->web-based actions
- file editor</A
-> may be used
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->0 or 1</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->1</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> The web-based actions file editor is disabled.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> For the time being, access to the editor can <I
-CLASS="EMPHASIS"
->not</I
-> be
- controlled separately by <SPAN
-CLASS="QUOTE"
->"ACLs"</SPAN
-> or HTTP authentication,
- so that everybody who can access <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> (see
- <SPAN
-CLASS="QUOTE"
->"ACLs"</SPAN
-> and <TT
-CLASS="LITERAL"
->listen-address</TT
-> above) can
- modify its configuration for all users. So this option is <I
-CLASS="EMPHASIS"
->not
- recommended</I
-> for multi-user environments with untrusted users.
- </P
-><P
-> Note that you must have compiled <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> with
- support for this feature, otherwise this option has no effect.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="ACLS"
->7.3.4.5. <A
-NAME="PERMIT-ACCES"
-></A
->
-<A
-NAME="DENY-ACCES"
-></A
->
-ACLs: permit-access and deny-access</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Who can access what.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
-> <TT
-CLASS="REPLACEABLE"
-><I
->src_addr</I
-></TT
->[/<TT
-CLASS="REPLACEABLE"
-><I
->src_masklen</I
-></TT
->]
- [<TT
-CLASS="REPLACEABLE"
-><I
->dst_addr</I
-></TT
->[/<TT
-CLASS="REPLACEABLE"
-><I
->dst_masklen</I
-></TT
->]]
- </P
-><P
-> Where <TT
-CLASS="REPLACEABLE"
-><I
->src_addr</I
-></TT
-> and
- <TT
-CLASS="REPLACEABLE"
-><I
->dst_addr</I
-></TT
-> are IP addresses in dotted decimal notation or valid
- DNS names, and <TT
-CLASS="REPLACEABLE"
-><I
->src_masklen</I
-></TT
-> and
- <TT
-CLASS="REPLACEABLE"
-><I
->dst_masklen</I
-></TT
-> are subnet masks in CIDR notation, i.e. integer
- values from 2 to 30 representing the length (in bits) of the network address. The masks and the whole
- destination part are optional.
- </P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Unset</I
-></P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Don't restrict access further than implied by <TT
-CLASS="LITERAL"
->listen-address</TT
->
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Access controls are included at the request of ISPs and systems
- administrators, and <I
-CLASS="EMPHASIS"
->are not usually needed by individual users</I
->.
- For a typical home user, it will normally suffice to ensure that
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> only listens on the localhost or internal (home)
- network address by means of the <TT
-CLASS="LITERAL"
->listen-address</TT
-> option.
- </P
-><P
-> Please see the warnings in the FAQ that this proxy is not intended to be a substitute
- for a firewall or to encourage anyone to defer addressing basic security
- weaknesses.
- </P
-><P
-> Multiple ACL lines are OK.
- If any ACLs are specified, then the <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- talks only to IP addresses that match at least one <TT
-CLASS="LITERAL"
->permit-access</TT
-> line
- and don't match any subsequent <TT
-CLASS="LITERAL"
->deny-access</TT
-> line. In other words, the
- last match wins, with the default being <TT
-CLASS="LITERAL"
->deny-access</TT
->.
- </P
-><P
-> If <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> is using a forwarder (see <TT
-CLASS="LITERAL"
->forward</TT
-> below)
- for a particular destination URL, the <TT
-CLASS="REPLACEABLE"
-><I
->dst_addr</I
-></TT
->
- that is examined is the address of the forwarder and <I
-CLASS="EMPHASIS"
->NOT</I
-> the address
- of the ultimate target. This is necessary because it may be impossible for the local
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> to determine the IP address of the
- ultimate target (that's often what gateways are used for).
- </P
-><P
-> You should prefer using IP addresses over DNS names, because the address lookups take
- time. All DNS names must resolve! You can <I
-CLASS="EMPHASIS"
->not</I
-> use domain patterns
- like <SPAN
-CLASS="QUOTE"
->"*.org"</SPAN
-> or partial domain names. If a DNS name resolves to multiple
- IP addresses, only the first one is used.
- </P
-><P
-> Denying access to particular sites by ACL may have undesired side effects
- if the site in question is hosted on a machine which also hosts other sites.
- </P
-></DD
-><DT
->Examples:</DT
-><DD
-><P
-> Explicitly define the default behavior if no ACL and
- <TT
-CLASS="LITERAL"
->listen-address</TT
-> are set: <SPAN
-CLASS="QUOTE"
->"localhost"</SPAN
->
- is OK. The absence of a <TT
-CLASS="REPLACEABLE"
-><I
->dst_addr</I
-></TT
-> implies that
- <I
-CLASS="EMPHASIS"
->all</I
-> destination addresses are OK:
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> permit-access localhost</PRE
-></TD
-></TR
-></TABLE
->
- </P
-><P
-> Allow any host on the same class C subnet as www.privoxy.org access to
- nothing but www.example.com:
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> permit-access www.privoxy.org/24 www.example.com/32</PRE
-></TD
-></TR
-></TABLE
->
- </P
-><P
-> Allow access from any host on the 26-bit subnet 192.168.45.64 to anywhere,
- with the exception that 192.168.45.73 may not access www.dirty-stuff.example.com:
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> permit-access 192.168.45.64/26
- deny-access 192.168.45.73 www.dirty-stuff.example.com</PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="BUFFER-LIMIT"
->7.3.4.6. buffer-limit</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Maximum size of the buffer for content filtering.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
->Size in Kbytes</P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
->4096</P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Use a 4MB (4096 KB) limit.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> For content filtering, i.e. the <TT
-CLASS="LITERAL"
->+filter</TT
-> and
- <TT
-CLASS="LITERAL"
->+deanimate-gif</TT
-> actions, it is necessary that
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> buffers the entire document body.
- This can be potentially dangerous, since a server could just keep sending
- data indefinitely and wait for your RAM to exhaust -- with nasty consequences.
- Hence this option.
- </P
-><P
-> When a document buffer size reaches the <TT
-CLASS="LITERAL"
->buffer-limit</TT
->, it is
- flushed to the client unfiltered and no further attempt to
- filter the rest of the document is made. Remember that there may be multiple threads
- running, which might require up to <TT
-CLASS="LITERAL"
->buffer-limit</TT
-> Kbytes
- <I
-CLASS="EMPHASIS"
->each</I
->, unless you have enabled <SPAN
-CLASS="QUOTE"
->"single-threaded"</SPAN
->
- above.
- </P
-></DD
-></DL
-></DIV
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="FORWARDING"
->7.3.5. Forwarding</A
-></H3
-><P
-> This feature allows routing of HTTP requests through a chain of
- multiple proxies.
- It can be used to better protect privacy and confidentiality when
- accessing specific domains by routing requests to those domains
- through an anonymous public proxy (see e.g. <A
-HREF="http://www.multiproxy.org/anon_list.htm"
-TARGET="_top"
->http://www.multiproxy.org/anon_list.htm</A
->)
- Or to use a caching proxy to speed up browsing. Or chaining to a parent
- proxy may be necessary because the machine that <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- runs on has no direct Internet access.</P
-><P
-> Also specified here are SOCKS proxies. <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- supports the SOCKS 4 and SOCKS 4A protocols.</P
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="FORWARD"
->7.3.5.1. forward</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> To which parent HTTP proxy specific requests should be routed.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
-> <TT
-CLASS="REPLACEABLE"
-><I
->target_domain</I
-></TT
->[:<TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
->]
- <TT
-CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
->[/<TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
->]
- </P
-><P
-> Where <TT
-CLASS="REPLACEABLE"
-><I
->target_domain</I
-></TT
-> is a domain name pattern (see the
- chapter on domain matching in the <TT
-CLASS="FILENAME"
->default.action</TT
-> file),
- <TT
-CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
-> is the address of the parent HTTP proxy
- as an IP addresses in dotted decimal notation or as a valid DNS name (or <SPAN
-CLASS="QUOTE"
->"."</SPAN
-> to denote
- <SPAN
-CLASS="QUOTE"
->"no forwarding"</SPAN
->, and the optional
- <TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
-> parameters are TCP ports, i.e. integer
- values from 1 to 64535
- </P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Unset</I
-></P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Don't use parent HTTP proxies.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If <TT
-CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
-> is <SPAN
-CLASS="QUOTE"
->"."</SPAN
->, then requests are not
- forwarded to another HTTP proxy but are made directly to the web servers.
- </P
-><P
-> Multiple lines are OK, they are checked in sequence, and the last match wins.
- </P
-></DD
-><DT
->Examples:</DT
-><DD
-><P
-> Everything goes to an example anonymizing proxy, except SSL on port 443 (which it doesn't handle):
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> forward .* anon-proxy.example.org:8080
- forward :443 .</PRE
-></TD
-></TR
-></TABLE
->
- </P
-><P
-> Everything goes to our example ISP's caching proxy, except for requests
- to that ISP's sites:
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> forward .*. caching-proxy.example-isp.net:8000
- forward .example-isp.net .</PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="SOCKS"
->7.3.5.2. <A
-NAME="FORWARD-SOCKS4"
-></A
->
-<A
-NAME="FORWARD-SOCKS4A"
-></A
->
-forward-socks4 and forward-socks4a</A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Specifies:</DT
-><DD
-><P
-> Through which SOCKS proxy (and to which parent HTTP proxy) specific requests should be routed.
- </P
-></DD
-><DT
->Type of value:</DT
-><DD
-><P
-> <TT
-CLASS="REPLACEABLE"
-><I
->target_domain</I
-></TT
->[:<TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
->]
- <TT
-CLASS="REPLACEABLE"
-><I
->socks_proxy</I
-></TT
->[/<TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
->]
- <TT
-CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
->[/<TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
->]
- </P
-><P
-> Where <TT
-CLASS="REPLACEABLE"
-><I
->target_domain</I
-></TT
-> is a domain name pattern (see the
- chapter on domain matching in the <TT
-CLASS="FILENAME"
->default.action</TT
-> file),
- <TT
-CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
-> and <TT
-CLASS="REPLACEABLE"
-><I
->socks_proxy</I
-></TT
->
- are IP addresses in dotted decimal notation or valid DNS names (<TT
-CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
->
- may be <SPAN
-CLASS="QUOTE"
->"."</SPAN
-> to denote <SPAN
-CLASS="QUOTE"
->"no HTTP forwarding"</SPAN
->), and the optional
- <TT
-CLASS="REPLACEABLE"
-><I
->port</I
-></TT
-> parameters are TCP ports, i.e. integer values from 1 to 64535
- </P
-></DD
-><DT
->Default value:</DT
-><DD
-><P
-><I
-CLASS="EMPHASIS"
->Unset</I
-></P
-></DD
-><DT
->Effect if unset:</DT
-><DD
-><P
-> Don't use SOCKS proxies.
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Multiple lines are OK, they are checked in sequence, and the last match wins.
- </P
-><P
-> The difference between <TT
-CLASS="LITERAL"
->forward-socks4</TT
-> and <TT
-CLASS="LITERAL"
->forward-socks4a</TT
->
- is that in the SOCKS 4A protocol, the DNS resolution of the target hostname happens on the SOCKS
- server, while in SOCKS 4 it happens locally.
- </P
-><P
-> If <TT
-CLASS="REPLACEABLE"
-><I
->http_parent</I
-></TT
-> is <SPAN
-CLASS="QUOTE"
->"."</SPAN
->, then requests are not
- forwarded to another HTTP proxy but are made (HTTP-wise) directly to the web servers, albeit through
- a SOCKS proxy.
- </P
-></DD
-><DT
->Examples:</DT
-><DD
-><P
-> From the company example.com, direct connections are made to all
- <SPAN
-CLASS="QUOTE"
->"internal"</SPAN
-> domains, but everything outbound goes through
- their ISP's proxy by way of example.com's corporate SOCKS 4A gateway to
- the Internet.
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> forward-socks4a .*. socks-gw.example.com:1080 www-cache.example-isp.net:8080
- forward .example.com .</PRE
-></TD
-></TR
-></TABLE
->
- </P
-><P
-> A rule that uses a SOCKS 4 gateway for all destinations but no HTTP parent looks like this:
- </P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="90%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> forward-socks4 .*. socks-gw.example.com:1080 .</PRE
-></TD
-></TR
-></TABLE
->
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="ADVANCED-FORWARDING-EXAMPLES"
->7.3.5.3. Advanced Forwarding Examples</A
-></H4
-><P
-> If you have links to multiple ISPs that provide various special content
- only to their subscribers, you can configure multiple <SPAN
-CLASS="APPLICATION"
->Privoxies</SPAN
->
- which have connections to the respective ISPs to act as forwarders to each other, so that
- <I
-CLASS="EMPHASIS"
->your</I
-> users can see the internal content of all ISPs.</P
-><P
-> Assume that host-a has a PPP connection to isp-a.net. And host-b has a PPP connection to
- isp-b.net. Both run <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->. Their forwarding
- configuration can look like this:</P
-><P
-> host-a:</P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="100%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> forward .*. .
- forward .isp-b.net host-b:8118</PRE
-></TD
-></TR
-></TABLE
-></P
-><P
-> host-b:</P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="100%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> forward .*. .
- forward .isp-a.net host-a:8118</PRE
-></TD
-></TR
-></TABLE
-></P
-><P
-> Now, your users can set their browser's proxy to use either
- host-a or host-b and be able to browse the internal content
- of both isp-a and isp-b.</P
-><P
-> If you intend to chain <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> and
- <SPAN
-CLASS="APPLICATION"
->squid</SPAN
-> locally, then chain as
- <TT
-CLASS="LITERAL"
->browser -> squid -> privoxy</TT
-> is the recommended way. </P
-><P
-> Assuming that <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> and <SPAN
-CLASS="APPLICATION"
->squid</SPAN
->
- run on the same box, your squid configuration could then look like this:</P
-><P
-> <TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="100%"
-><TR
-><TD
-><PRE
-CLASS="SCREEN"
-> # Define Privoxy as parent proxy (without ICP)
- cache_peer 127.0.0.1 parent 8118 7 no-query
-
- # Define ACL for protocol FTP
- acl ftp proto FTP
-
- # Do not forward FTP requests to Privoxy
- always_direct allow ftp
-
- # Forward all the rest to Privoxy
- never_direct allow all</PRE
-></TD
-></TR
-></TABLE
-></P
-><P
-> You would then need to change your browser's proxy settings to <SPAN
-CLASS="APPLICATION"
->squid</SPAN
->'s address and port.
- Squid normally uses port 3128. If unsure consult <TT
-CLASS="LITERAL"
->http_port</TT
-> in <TT
-CLASS="FILENAME"
->squid.conf</TT
->.</P
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="WINDOWS-GUI"
->7.3.6. Windows GUI Options</A
-></H3
-><P
-> <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> has a number of options specific to the
- Windows GUI interface:</P
-><A
-NAME="ACTIVITY-ANIMATION"
-></A
-><P
-> If <SPAN
-CLASS="QUOTE"
->"activity-animation"</SPAN
-> is set to 1, the
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> icon will animate when
- <SPAN
-CLASS="QUOTE"
->"Privoxy"</SPAN
-> is active. To turn off, set to 0.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->activity-animation 1</I
-><br>
- </P
->
- </TT
-></P
-><A
-NAME="LOG-MESSAGES"
-></A
-><P
-> If <SPAN
-CLASS="QUOTE"
->"log-messages"</SPAN
-> is set to 1,
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will log messages to the console
- window:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-messages 1</I
-><br>
- </P
->
- </TT
-></P
-><A
-NAME="LOG-BUFFER-SIZE"
-></A
-><P
->
- If <SPAN
-CLASS="QUOTE"
->"log-buffer-size"</SPAN
-> is set to 1, the size of the log buffer,
- i.e. the amount of memory used for the log messages displayed in the
- console window, will be limited to <SPAN
-CLASS="QUOTE"
->"log-max-lines"</SPAN
-> (see below).</P
-><P
-> Warning: Setting this to 0 will result in the buffer to grow infinitely and
- eat up all your memory!</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-buffer-size 1</I
-><br>
- </P
->
- </TT
-></P
-><A
-NAME="LOG-MAX-LINES"
-></A
-><P
-> <SPAN
-CLASS="APPLICATION"
->log-max-lines</SPAN
-> is the maximum number of lines held
- in the log buffer. See above.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-max-lines 200</I
-><br>
- </P
->
- </TT
-></P
-><A
-NAME="LOG-HIGHLIGHT-MESSAGES"
-></A
-><P
-> If <SPAN
-CLASS="QUOTE"
->"log-highlight-messages"</SPAN
-> is set to 1,
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will highlight portions of the log
- messages with a bold-faced font:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-highlight-messages 1</I
-><br>
- </P
->
- </TT
-></P
-><A
-NAME="LOG-FONT-NAME"
-></A
-><P
-> The font used in the console window:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-font-name Comic Sans MS</I
-><br>
- </P
->
- </TT
-></P
-><A
-NAME="LOG-FONT-SIZE"
-></A
-><P
-> Font size used in the console window:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->log-font-size 8</I
-><br>
- </P
->
- </TT
-></P
-><A
-NAME="SHOW-ON-TASK-BAR"
-></A
-><P
->
- <SPAN
-CLASS="QUOTE"
->"show-on-task-bar"</SPAN
-> controls whether or not
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will appear as a button on the Task bar
- when minimized:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->show-on-task-bar 0</I
-><br>
- </P
->
- </TT
-></P
-><A
-NAME="CLOSE-BUTTON-MINIMIZES"
-></A
-><P
-> If <SPAN
-CLASS="QUOTE"
->"close-button-minimizes"</SPAN
-> is set to 1, the Windows close
- button will minimize <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> instead of closing
- the program (close with the exit option on the File menu).</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->close-button-minimizes 1</I
-><br>
- </P
->
- </TT
-></P
-><A
-NAME="HIDE-CONSOLE"
-></A
-><P
-> The <SPAN
-CLASS="QUOTE"
->"hide-console"</SPAN
-> option is specific to the MS-Win console
- version of <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->. If this option is used,
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> will disconnect from and hide the
- command console.</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> #hide-console<br>
- </P
->
- </TT
-></P
-></DIV
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="ACTIONS-FILE"
->7.4. Actions Files</A
-></H2
-><P
-> The actions files are used to define what actions
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> takes for which URLs, and thus determines
- how ad images, cookies and various other aspects of HTTP content and
- transactions are handled, and on which sites (or even parts thereof). There
- are three such files included with <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->,
- with slightly different purposes. <TT
-CLASS="FILENAME"
->default.action</TT
-> sets
- the default policies. <TT
-CLASS="FILENAME"
->standard.action</TT
-> is used by
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> and the web based editor to set
- pre-defined values (and normally should not be edited). Local exceptions
- are best done in <TT
-CLASS="FILENAME"
->user.action</TT
->. The content of these
- can all be viewed and edited from <A
-HREF="http://config.privoxy.org/show-status"
-TARGET="_top"
->http://config.privoxy.org/show-status</A
->.
- </P
-><P
->
- Anything you want can blocked, including ads, banners, or just some obnoxious
- URL that you would rather not see is done here. Cookies can be accepted or rejected, or
- accepted only during the current browser session (i.e. not written to disk),
- content can be modified, JavaScripts tamed, user-tracking fooled, and much more.
- See below for a complete list of available actions.</P
-><P
-> An actions file typically has sections. Near the top, <SPAN
-CLASS="QUOTE"
->"aliases"</SPAN
-> are
- optionally defined (discussed <A
-HREF="configuration.html#ALIASES"
-TARGET="_top"
->below</A
->), then the default set of rules
- which will apply universally to all sites and pages. And then below that,
- exceptions to the defined universal policies. </P
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN1285"
->7.4.1. Finding the Right Mix</A
-></H3
-><P
-> Note that some <A
-HREF="configuration.html#ACTIONS"
->actions</A
-> like cookie suppression
- or script disabling may render some sites unusable, which rely on these
- techniques to work properly. Finding the right mix of actions is not easy and
- certainly a matter of personal taste. In general, it can be said that the more
- <SPAN
-CLASS="QUOTE"
->"aggressive"</SPAN
-> your default settings (in the top section of the
- actions file) are, the more exceptions for <SPAN
-CLASS="QUOTE"
->"trusted"</SPAN
-> sites you
- will have to make later. If, for example, you want to kill popup windows per
- default, you'll have to make exceptions from that rule for sites that you
- regularly use and that require popups for actually useful content, like maybe
- your bank, favorite shop, or newspaper.</P
-><P
-> We have tried to provide you with reasonable rules to start from in the
- distribution actions files. But there is no general rule of thumb on these
- things. There just are too many variables, and sites are constantly changing.
- Sooner or later you will want to change the rules (and read this chapter again :).</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN1292"
->7.4.2. How to Edit</A
-></H3
-><P
-> The easiest way to edit the <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
-> files is with a browser by
- using our browser-based editor, which can be reached from <A
-HREF="http://config.privoxy.org/show-status"
-TARGET="_top"
->http://config.privoxy.org/show-status</A
->.</P
-><P
-> If you prefer plain text editing to GUIs, you can of course also directly edit the
- the actions files.</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN1298"
->7.4.3. How Actions are Applied to URLs</A
-></H3
-><P
-> Actions files are divided into sections. There are special sections,
- like the <SPAN
-CLASS="QUOTE"
->"<A
-HREF="configuration.html#ALIASES"
->alias</A
->"</SPAN
-> sections which will be discussed later. For now
- let's concentrate on regular sections: They have a heading line (often split
- up to multiple lines for readability) which consist of a list of actions,
- separated by whitespace and enclosed in curly braces. Below that, there
- is a list of URL patterns, each on a separate line.</P
-><P
-> To determine which actions apply to a request, the URL of the request is
- compared to all patterns in this file. Every time it matches, the list of
- applicable actions for the URL is incrementally updated, using the heading
- of the section in which the pattern is located. If multiple matches for
- the same URL set the same action differently, the last match wins. If not,
- the effects are aggregated (e.g. a URL might match both the
- <A
-HREF="configuration.html#HANDLE-AS-IMAGE"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+handle-as-image"</SPAN
-></A
->
- and <A
-HREF="configuration.html#BLOCK"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-></A
-> actions).
- </P
-><P
-> You can trace this process by visiting <A
-HREF="http://config.privoxy.org/show-url-info"
-TARGET="_top"
->http://config.privoxy.org/show-url-info</A
->.</P
-><P
-> More detail on this is provided in the Appendix, <A
-HREF="appendix.html#ACTIONSANAT"
-> Anatomy of an Action</A
->.</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN1312"
->7.4.4. Patterns</A
-></H3
-><P
-> Generally, a pattern has the form <TT
-CLASS="LITERAL"
-><domain>/<path></TT
->,
- where both the <TT
-CLASS="LITERAL"
-><domain></TT
-> and <TT
-CLASS="LITERAL"
-><path></TT
->
- are optional. (This is why the pattern <TT
-CLASS="LITERAL"
->/</TT
-> matches all URLs).</P
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
-><TT
-CLASS="LITERAL"
->www.example.com/</TT
-></DT
-><DD
-><P
-> is a domain-only pattern and will match any request to <TT
-CLASS="LITERAL"
->www.example.com</TT
->,
- regardless of which document on that server is requested.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->www.example.com</TT
-></DT
-><DD
-><P
-> means exactly the same. For domain-only patterns, the trailing <TT
-CLASS="LITERAL"
->/</TT
-> may
- be omitted.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->www.example.com/index.html</TT
-></DT
-><DD
-><P
-> matches only the single document <TT
-CLASS="LITERAL"
->/index.html</TT
->
- on <TT
-CLASS="LITERAL"
->www.example.com</TT
->.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->/index.html</TT
-></DT
-><DD
-><P
-> matches the document <TT
-CLASS="LITERAL"
->/index.html</TT
->, regardless of the domain,
- i.e. on <I
-CLASS="EMPHASIS"
->any</I
-> web server.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->index.html</TT
-></DT
-><DD
-><P
-> matches nothing, since it would be interpreted as a domain name and
- there is no top-level domain called <TT
-CLASS="LITERAL"
->.html</TT
->.
- </P
-></DD
-></DL
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN1352"
->7.4.4.1. The Domain Pattern</A
-></H4
-><P
-> The matching of the domain part offers some flexible options: if the
- domain starts or ends with a dot, it becomes unanchored at that end.
- For example:</P
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
-><TT
-CLASS="LITERAL"
->.example.com</TT
-></DT
-><DD
-><P
-> matches any domain that <I
-CLASS="EMPHASIS"
->ENDS</I
-> in
- <TT
-CLASS="LITERAL"
->.example.com</TT
->
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->www.</TT
-></DT
-><DD
-><P
-> matches any domain that <I
-CLASS="EMPHASIS"
->STARTS</I
-> with
- <TT
-CLASS="LITERAL"
->www.</TT
->
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->.example.</TT
-></DT
-><DD
-><P
-> matches any domain that <I
-CLASS="EMPHASIS"
->CONTAINS</I
-> <TT
-CLASS="LITERAL"
->.example.</TT
->
- (Correctly speaking: It matches any FQDN that contains <TT
-CLASS="LITERAL"
->example</TT
-> as a domain.)
- </P
-></DD
-></DL
-></DIV
-><P
-> Additionally, there are wild-cards that you can use in the domain names
- themselves. They work pretty similar to shell wild-cards: <SPAN
-CLASS="QUOTE"
->"*"</SPAN
->
- stands for zero or more arbitrary characters, <SPAN
-CLASS="QUOTE"
->"?"</SPAN
-> stands for
- any single character, you can define character classes in square
- brackets and all of that can be freely mixed:</P
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
-><TT
-CLASS="LITERAL"
->ad*.example.com</TT
-></DT
-><DD
-><P
-> matches <SPAN
-CLASS="QUOTE"
->"adserver.example.com"</SPAN
->,
- <SPAN
-CLASS="QUOTE"
->"ads.example.com"</SPAN
->, etc but not <SPAN
-CLASS="QUOTE"
->"sfads.example.com"</SPAN
->
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->*ad*.example.com</TT
-></DT
-><DD
-><P
-> matches all of the above, and then some.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->.?pix.com</TT
-></DT
-><DD
-><P
-> matches <TT
-CLASS="LITERAL"
->www.ipix.com</TT
->,
- <TT
-CLASS="LITERAL"
->pictures.epix.com</TT
->, <TT
-CLASS="LITERAL"
->a.b.c.d.e.upix.com</TT
-> etc.
- </P
-></DD
-><DT
-><TT
-CLASS="LITERAL"
->www[1-9a-ez].example.c*</TT
-></DT
-><DD
-><P
-> matches <TT
-CLASS="LITERAL"
->www1.example.com</TT
->,
- <TT
-CLASS="LITERAL"
->www4.example.cc</TT
->, <TT
-CLASS="LITERAL"
->wwwd.example.cy</TT
->,
- <TT
-CLASS="LITERAL"
->wwwz.example.com</TT
-> etc., but <I
-CLASS="EMPHASIS"
->not</I
->
- <TT
-CLASS="LITERAL"
->wwww.example.com</TT
->.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="AEN1414"
->7.4.4.2. The Path Pattern</A
-></H4
-><P
-> <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> uses Perl compatible regular expressions
- (through the <A
-HREF="http://www.pcre.org/"
-TARGET="_top"
->PCRE</A
-> library) for
- matching the path.</P
-><P
-> There is an <A
-HREF="appendix.html#REGEX"
->Appendix</A
-> with a brief quick-start into regular
- expressions, and full (very technical) documentation on PCRE regex syntax is available on-line
- at <A
-HREF="http://www.pcre.org/man.txt"
-TARGET="_top"
->http://www.pcre.org/man.txt</A
->.
- You might also find the Perl man page on regular expressions (<TT
-CLASS="LITERAL"
->man perlre</TT
->)
- useful, which is available on-line at <A
-HREF="http://www.perldoc.com/perl5.6/pod/perlre.html"
-TARGET="_top"
->http://www.perldoc.com/perl5.6/pod/perlre.html</A
->.</P
-><P
-> Note that the path pattern is automatically left-anchored at the <SPAN
-CLASS="QUOTE"
->"/"</SPAN
->,
- i.e. it matches as if it would start with a <SPAN
-CLASS="QUOTE"
->"^"</SPAN
-> (regular expression speak
- for the beginning of a line).</P
-><P
-> Please also note that matching in the path is case
- <I
-CLASS="EMPHASIS"
->INSENSITIVE</I
-> by default, but you can switch to case
- sensitive at any point in the pattern by using the
- <SPAN
-CLASS="QUOTE"
->"(?-i)"</SPAN
-> switch:
- <TT
-CLASS="LITERAL"
->www.example.com/(?-i)PaTtErN.*</TT
-> will match only
- documents whose path starts with <TT
-CLASS="LITERAL"
->PaTtErN</TT
-> in
- <I
-CLASS="EMPHASIS"
->exactly</I
-> this capitalization.</P
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="ACTIONS"
->7.4.5. Actions</A
-></H3
-><P
-> All actions are disabled by default, until they are explicitly enabled
- somewhere in an actions file. Actions are turned on if preceded with a
- <SPAN
-CLASS="QUOTE"
->"+"</SPAN
->, and turned off if preceded with a <SPAN
-CLASS="QUOTE"
->"-"</SPAN
->. So a
- <SPAN
-CLASS="QUOTE"
->"+action"</SPAN
-> means <SPAN
-CLASS="QUOTE"
->"do that action"</SPAN
->, e.g.
- <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-> means please <SPAN
-CLASS="QUOTE"
->"block the following URL
- patterns"</SPAN
->. </P
-><P
->
- Actions are invoked by enclosing the action name in curly braces (e.g.
- {+some_action}), followed by a list of URLs (or patterns that match URLs) to
- which the action applies. There are three classes of actions: </P
-><P
-> <P
-></P
-><UL
-><LI
-><P
->
- Boolean, i.e the action can only be <SPAN
-CLASS="QUOTE"
->"on"</SPAN
-> or
- <SPAN
-CLASS="QUOTE"
->"off"</SPAN
->. Examples:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+name}</I
-> # enable this action<br>
- <I
-CLASS="EMPHASIS"
->{-name}</I
-> # disable this action<br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
- Parameterized, e.g. <SPAN
-CLASS="QUOTE"
->"+/-hide-user-agent{ Mozilla 1.0 }"</SPAN
->,
- where some value is required in order to enable this type of action.
- Examples:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+name{param}}</I
-> # enable action and set parameter to <SPAN
-CLASS="QUOTE"
->"param"</SPAN
-><br>
- <I
-CLASS="EMPHASIS"
->{-name}</I
-> # disable action (<SPAN
-CLASS="QUOTE"
->"parameter"</SPAN
->) can be omitted<br>
- </P
->
- </TT
->
- </P
-></LI
-><LI
-><P
->
-
- Multi-value, e.g. <SPAN
-CLASS="QUOTE"
->"{+/-add-header{Name: value}}"</SPAN
-> or
- <SPAN
-CLASS="QUOTE"
->"{+/-send-wafer{name=value}}"</SPAN
->), where some value needs to be defined
- in addition to simply enabling the action. Examples:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+name{param=value}}</I
-> # enable action and set <SPAN
-CLASS="QUOTE"
->"param"</SPAN
-> to <SPAN
-CLASS="QUOTE"
->"value"</SPAN
-><br>
- <I
-CLASS="EMPHASIS"
->{-name{param=value}}</I
-> # remove the parameter <SPAN
-CLASS="QUOTE"
->"param"</SPAN
-> completely<br>
- <I
-CLASS="EMPHASIS"
->{-name}</I
-> # disable this action totally and remove <SPAN
-CLASS="APPLICATION"
->param</SPAN
-> too<br>
- </P
->
- </TT
->
- </P
-></LI
-></UL
-></P
-><P
-> If nothing is specified in any actions file, no <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
-> are
- taken. So in this case <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> would just be a
- normal, non-blocking, non-anonymizing proxy. You must specifically enable the
- privacy and blocking features you need (although the provided default actions
- files will give a good starting point).</P
-><P
-> Later defined actions always over-ride earlier ones. So exceptions
- to any rules you make, should come in the latter part of the file. For
- multi-valued actions, the actions are applied in the order they are
- specified. Actions files are processed in the order they are defined
- in <TT
-CLASS="FILENAME"
->config</TT
-> (the default installation has three
- actions files). It also quite possible for any given URL pattern to
- match more than one action!</P
-><P
-> The list of valid <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
-> are:</P
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="ADD-HEADER"
->7.4.5.1. <I
-CLASS="EMPHASIS"
->+add-header{Name: value}</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Multi-value.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Send a user defined HTTP header to the web server.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> Any value is possible. Validity of the defined HTTP headers is not checked.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+add-header{X-User-Tracking: sucks}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This action may be specified multiple times, in order to define multiple
- headers. This is rarely needed for the typical user. If you don't know what
- <SPAN
-CLASS="QUOTE"
->"HTTP headers"</SPAN
-> are, you definitely don't need to worry about this
- one.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="BLOCK"
->7.4.5.2. <I
-CLASS="EMPHASIS"
->+block</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Used to block a URL from reaching your browser. The URL may be
- anything, but is typically used to block ads or other obnoxious
- content.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
->N/A</P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+block}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.banners.example.com</I
-><br>
- <I
-CLASS="EMPHASIS"
->.ads.r.us</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If a URL matches one of the blocked patterns, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- will intercept the URL and display its special <SPAN
-CLASS="QUOTE"
->"BLOCKED"</SPAN
-> page
- instead. If there is sufficient space, a large red banner will appear with
- a friendly message about why the page was blocked, and a way to go there
- anyway. If there is insufficient space a smaller blocked page will appear
- without the red banner.
- <A
-HREF="http://ads.bannerserver.example.com/nasty-ads/sponsor.html"
-TARGET="_top"
->Click here</A
->
- to view the default blocked HTML page (<SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> must be running
- for this to work as intended!).
- </P
-><P
->
- A very important exception is if the URL <I
-CLASS="EMPHASIS"
->matches both</I
->
- <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-> and <A
-HREF="configuration.html#HANDLE-AS-IMAGE"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+handle-as-image"</SPAN
-></A
->,
- then it will be handled by
- <A
-HREF="configuration.html#SET-IMAGE-BLOCKER"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+set-image-blocker"</SPAN
-></A
->
- (see below). It is important to understand this process, in order
- to understand how <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> is able to deal with
- ads and other objectionable content.
- </P
-><P
-> The <A
-HREF="configuration.html#FILTER"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+filter"</SPAN
-></A
->
- action can also perform some of the
- same functionality as <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
->, but by virtue of very
- different programming techniques, and is most often used for different
- reasons.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="DEANIMATE-GIFS"
->7.4.5.3. <I
-CLASS="EMPHASIS"
->+deanimate-gifs</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> To stop those annoying, distracting animated GIF images.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> <SPAN
-CLASS="QUOTE"
->"last"</SPAN
-> or <SPAN
-CLASS="QUOTE"
->"first"</SPAN
->
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+deanimate-gifs{last}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> De-animate all animated GIF images, i.e. reduce them to their last frame.
- This will also shrink the images considerably (in bytes, not pixels!). If
- the option <SPAN
-CLASS="QUOTE"
->"first"</SPAN
-> is given, the first frame of the animation
- is used as the replacement. If <SPAN
-CLASS="QUOTE"
->"last"</SPAN
-> is given, the last
- frame of the animation is used instead, which probably makes more sense for
- most banner animations, but also has the risk of not showing the entire
- last frame (if it is only a delta to an earlier frame).
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="DOWNGRADE-HTTP-VERSION"
->7.4.5.4. <I
-CLASS="EMPHASIS"
->+downgrade-http-version</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> <SPAN
-CLASS="QUOTE"
->"+downgrade-http-version"</SPAN
-> will downgrade HTTP/1.1 client requests to
- HTTP/1.0 and downgrade the responses as well.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+downgrade-http-version}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Use this action for servers that use HTTP/1.1 protocol features that
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> doesn't handle well yet. HTTP/1.1 is
- only partially implemented. Default is not to downgrade requests. This is
- an infrequently needed action, and is used to help with rare problem sites only.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="FAST-REDIRECTS"
->7.4.5.5. <I
-CLASS="EMPHASIS"
->+fast-redirects</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> The <SPAN
-CLASS="QUOTE"
->"+fast-redirects"</SPAN
-> action enables interception of
- <SPAN
-CLASS="QUOTE"
->"redirect"</SPAN
-> requests from one server to another, which
- are used to track users.<SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> can cut off
- all but the last valid URL in a redirect request and send a local redirect
- back to your browser without contacting the intermediate site(s).
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+fast-redirects}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
->
- Many sites, like yahoo.com, don't just link to other sites. Instead, they
- will link to some script on their own server, giving the destination as a
- parameter, which will then redirect you to the final target. URLs
- resulting from this scheme typically look like:
- <I
-CLASS="EMPHASIS"
->http://some.place/some_script?http://some.where-else</I
->.
- </P
-><P
-> Sometimes, there are even multiple consecutive redirects encoded in the
- URL. These redirections via scripts make your web browsing more traceable,
- since the server from which you follow such a link can see where you go
- to. Apart from that, valuable bandwidth and time is wasted, while your
- browser ask the server for one redirect after the other. Plus, it feeds
- the advertisers.
- </P
-><P
-> This is a normally <SPAN
-CLASS="QUOTE"
->"on"</SPAN
-> feature, and often requires exceptions
- for sites that are sensitive to defeating this mechanism.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="FILTER"
->7.4.5.6. <I
-CLASS="EMPHASIS"
->+filter</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Apply page filtering as defined by named sections of the
- <TT
-CLASS="FILENAME"
->default.filter</TT
-> file to the specified site(s).
- <SPAN
-CLASS="QUOTE"
->"Filtering"</SPAN
-> can be any modification of the raw
- page content, including re-writing or deletion of content.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> <SPAN
-CLASS="QUOTE"
->"+filter"</SPAN
-> must include the name of one of the section identifiers
- from <TT
-CLASS="FILENAME"
->default.filter</TT
-> (or whatever
- <I
-CLASS="EMPHASIS"
->filterfile</I
-> is specified in <TT
-CLASS="FILENAME"
->config</TT
->).
- </P
-></DD
-><DT
->Example usage (from the current <TT
-CLASS="FILENAME"
->default.filter</TT
->):</DT
-><DD
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{html-annoyances}</I
->: Get rid of particularly annoying HTML abuse.
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{js-annoyances}</I
->: Get rid of particularly annoying JavaScript abuse
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{content-cookies}</I
->: Kill cookies that come in the HTML or JS content
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{popups}</I
->: Kill all popups in JS and HTML
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{frameset-borders}</I
->: Give frames a border and make them resizable
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{webbugs}</I
->: Squish WebBugs (1x1 invisible GIFs used for user tracking)
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{refresh-tags}</I
->: Kill automatic refresh tags (for dial-on-demand setups)
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{fun}</I
->: Text replacements for subversive browsing fun!
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{nimda}</I
->: Remove Nimda (virus) code.
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{banners-by-size}</I
->: Kill banners by size (<I
-CLASS="EMPHASIS"
->very</I
-> efficient!)
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{shockwave-flash}</I
->: Kill embedded Shockwave Flash objects
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
-> <I
-CLASS="EMPHASIS"
->+filter{crude-parental}</I
->: Kill all web pages that contain the words "sex" or "warez"
- </TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This is potentially a very powerful feature! And requires a knowledge
- of regular expressions if you want to <SPAN
-CLASS="QUOTE"
->"roll your own"</SPAN
->.
- Filtering operates on a line by line basis throughout the entire page.
- </P
-><P
-> Filtering requires buffering the page content, which may appear to
- slow down page rendering since nothing is displayed until all content has
- passed the filters. (It does not really take longer, but seems that way
- since the page is not incrementally displayed.) This effect will be more
- noticeable on slower connections.
- </P
-><P
-> Filtering can achieve some of the effects as the
- <A
-HREF="configuration.html#BLOCK"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-></A
->
- action, i.e. it can be used to block ads and banners. In the overall
- scheme of things, filtering is one of the first things <SPAN
-CLASS="QUOTE"
->"Privoxy"</SPAN
->
- does with a web page. So other most other actions are applied to the
- already <SPAN
-CLASS="QUOTE"
->"filtered"</SPAN
-> page.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="HIDE-FORWARDED-FOR-HEADERS"
->7.4.5.7. <I
-CLASS="EMPHASIS"
->+hide-forwarded-for-headers</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Block any existing X-Forwarded-for HTTP header, and do not add a new one.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+hide-forwarded-for-headers}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> It is fairly safe to leave this on. It does not seem to break many sites.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="HIDE-FROM-HEADER"
->7.4.5.8. <I
-CLASS="EMPHASIS"
->+hide-from-header</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> To block the browser from sending your email address in a <SPAN
-CLASS="QUOTE"
->"From:"</SPAN
->
- header.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> Keyword: <SPAN
-CLASS="QUOTE"
->"block"</SPAN
->, or any user defined value.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+hide-from-header{block}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The keyword <SPAN
-CLASS="QUOTE"
->"block"</SPAN
-> will completely remove the header
- (not to be confused with the <A
-HREF="configuration.html#BLOCK"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-></A
-> action).
- Alternately, you can specify any value you prefer to send to the web
- server.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="HIDE-REFERER"
->7.4.5.9. <I
-CLASS="EMPHASIS"
-><A
-NAME="HIDE-REFERRER"
-></A
->+hide-referer</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Don't send the <SPAN
-CLASS="QUOTE"
->"Referer:"</SPAN
-> (sic) HTTP header to the web site.
- Or, alternately send a forged header instead.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> Prevent the header from being sent with the keyword, <SPAN
-CLASS="QUOTE"
->"block"</SPAN
->.
- Or, <SPAN
-CLASS="QUOTE"
->"forge"</SPAN
-> a URL to one from the same server as the request.
- Or, set to user defined value of your choice.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+hide-referer{forge}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> <SPAN
-CLASS="QUOTE"
->"forge"</SPAN
-> is the preferred option here, since some servers will
- not send images back otherwise.
- </P
-><P
->
- <SPAN
-CLASS="QUOTE"
->"+hide-referrer"</SPAN
-> is an alternate spelling of
- <SPAN
-CLASS="QUOTE"
->"+hide-referer"</SPAN
->. It has the exact same parameters, and can be freely
- mixed with, <SPAN
-CLASS="QUOTE"
->"+hide-referer"</SPAN
->. (<SPAN
-CLASS="QUOTE"
->"referrer"</SPAN
-> is the
- correct English spelling, however the HTTP specification has a bug - it
- requires it to be spelled as <SPAN
-CLASS="QUOTE"
->"referer"</SPAN
->.)
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="HIDE-USER-AGENT"
->7.4.5.10. <I
-CLASS="EMPHASIS"
->+hide-user-agent</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> To change the <SPAN
-CLASS="QUOTE"
->"User-Agent:"</SPAN
-> header so web servers can't tell
- your browser type. Who's business is it anyway?
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> Any user defined string.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.msn.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Warning! This breaks many web sites that depend on this in order
- to determine how the target browser will respond to various
- requests. Use with caution.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="HANDLE-AS-IMAGE"
->7.4.5.11. <I
-CLASS="EMPHASIS"
->+handle-as-image</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> To define what <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> should treat
- automatically as an image, and is an important ingredient of how
- ads are handled.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+handle-as-image}</I
-><br>
- <I
-CLASS="EMPHASIS"
->/.*\.(gif|jpg|jpeg|png|bmp|ico)</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This only has meaning if the URL (or pattern) also is
- <SPAN
-CLASS="QUOTE"
->"+block"</SPAN
->ed, in which case a user definable image can
- be sent rather than a HTML page. This is integral to the whole concept of
- ad blocking: the URL must match <I
-CLASS="EMPHASIS"
->both</I
-> a <A
-HREF="configuration.html#BLOCK"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-></A
-> rule,
- <I
-CLASS="EMPHASIS"
->and</I
-> <SPAN
-CLASS="QUOTE"
->"+handle-as-image"</SPAN
->.
- (See <A
-HREF="configuration.html#SET-IMAGE-BLOCKER"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+set-image-blocker"</SPAN
-></A
->
- below for control over what will actually be displayed by the browser.)
- </P
-><P
-> There is little reason to change the default definition for this action.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="SET-IMAGE-BLOCKER"
->7.4.5.12. <I
-CLASS="EMPHASIS"
->+set-image-blocker</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Decide what to do with URLs that end up tagged with <I
-CLASS="EMPHASIS"
->both</I
->
- <A
-HREF="configuration.html#BLOCK"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+block"</SPAN
-></A
->
- and <A
-HREF="configuration.html#HANDLE-AS-IMAGE"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+handle-as-image"</SPAN
-></A
->,
- e.g an advertisement.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> There are four available options: <SPAN
-CLASS="QUOTE"
->"-set-image-blocker"</SPAN
-> will send a HTML
- <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
-> page, usually resulting in a <SPAN
-CLASS="QUOTE"
->"broken
- image"</SPAN
-> icon.
- <SPAN
-CLASS="QUOTE"
->"+set-image-blocker{<I
-CLASS="EMPHASIS"
->blank</I
->}"</SPAN
-> will send a
- 1x1 transparent GIF image.
- <SPAN
-CLASS="QUOTE"
->"+set-image-blocker{<I
-CLASS="EMPHASIS"
->pattern</I
->}"</SPAN
-> will send a
- checkerboard type pattern (the default). And finally,
- <SPAN
-CLASS="QUOTE"
->"+set-image-blocker{<I
-CLASS="EMPHASIS"
->http://xyz.com</I
->}"</SPAN
-> will
- send a HTTP temporary redirect to the specified image. This has the
- advantage of the icon being being cached by the browser, which will speed
- up the display.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+set-image-blocker{blank}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If you want <I
-CLASS="EMPHASIS"
->invisible</I
-> ads, they need to meet
- criteria as matching both <I
-CLASS="EMPHASIS"
->images</I
-> and <I
-CLASS="EMPHASIS"
->blocked</I
->
- actions. And then, <SPAN
-CLASS="QUOTE"
->"image-blocker"</SPAN
-> should be set to
- <SPAN
-CLASS="QUOTE"
->"blank"</SPAN
-> for invisibility. Note you cannot treat HTML pages as
- images in most cases. For instance, frames require an HTML page to
- display. So a frame that is an ad, typically cannot be treated as an image.
- Forcing an <SPAN
-CLASS="QUOTE"
->"image"</SPAN
-> in this situation just will not work
- reliably.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="LIMIT-CONNECT"
->7.4.5.13. <I
-CLASS="EMPHASIS"
->+limit-connect</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Parameterized.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> By default, <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> only allows HTTP CONNECT
- requests to port 443 (the standard, secure HTTPS port). Use
- <SPAN
-CLASS="QUOTE"
->"+limit-connect"</SPAN
-> to disable this altogether, or to allow
- more ports.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> Any valid port number, or port number range.
- </P
-></DD
-><DT
->Example usages:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->+limit-connect{443}</I
-> # This is the default and need not be specified.<br>
- <I
-CLASS="EMPHASIS"
->+limit-connect{80,443}</I
-> # Ports 80 and 443 are OK.<br>
- <I
-CLASS="EMPHASIS"
->+limit-connect{-3, 7, 20-100, 500-}</I
-> # Port less than 3, 7, 20 to 100 and above 500 are OK.<br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> The CONNECT methods exists in HTTP to allow access to secure websites
- (https:// URLs) through proxies. It works very simply: the proxy connects
- to the server on the specified port, and then short-circuits its
- connections to the client <I
-CLASS="EMPHASIS"
->and</I
-> to the remote proxy.
- This can be a big security hole, since CONNECT-enabled proxies can be
- abused as TCP relays very easily.
- </P
-><P
->
- If you want to allow CONNECT for more ports than this, or want to forbid
- CONNECT altogether, you can specify a comma separated list of ports and
- port ranges (the latter using dashes, with the minimum defaulting to 0 and
- max to 65K).
- </P
-><P
-> If you don't know what any of this means, there probably is no reason to
- change this one.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="PREVENT-COMPRESSION"
->7.4.5.14. <I
-CLASS="EMPHASIS"
->+prevent-compression</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Prevent the specified websites from compressing HTTP data.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+prevent-compression}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Some websites do this, which can be a problem for
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->, since
- <A
-HREF="configuration.html#FILTER"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+filter"</SPAN
-></A
->,
- <A
-HREF="configuration.html#KILL-POPUPS"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+kill-popups"</SPAN
-></A
->
- and <A
-HREF="configuration.html#GIF-DEANIMATE"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+gif-deanimate"</SPAN
-></A
->
- will not work on compressed data. This will slow down connections to those
- websites, though. Default typically is to turn
- <SPAN
-CLASS="QUOTE"
->"prevent-compression"</SPAN
-> on.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="SESSION-COOKIES-ONLY"
->7.4.5.15. <I
-CLASS="EMPHASIS"
->+session-cookies-only</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Allow cookies for the current browser session <I
-CLASS="EMPHASIS"
->only</I
->.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage (disabling):</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{-session-cookies-only}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> If websites set cookies, <SPAN
-CLASS="QUOTE"
->"+session-cookies-only"</SPAN
-> will make sure
- they are erased when you exit and restart your web browser. This makes
- profiling cookies useless, but won't break sites which require cookies so
- that you can log in for transactions. This is generally turned on for all
- sites, and is the recommended setting.
- </P
-><P
-> <SPAN
-CLASS="QUOTE"
->"+prevent-*-cookies"</SPAN
-> actions should be turned off as well (see
- below), for <SPAN
-CLASS="QUOTE"
->"+session-cookies-only"</SPAN
-> to work. Or, else no cookies
- will get through at all. For, <SPAN
-CLASS="QUOTE"
->"persistent"</SPAN
-> cookies that survive
- across browser sessions, see below as well.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="PREVENT-READING-COOKIES"
->7.4.5.16. <I
-CLASS="EMPHASIS"
->+prevent-reading-cookies</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Explicitly prevent the web server from reading any cookies on your
- system.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+prevent-reading-cookies}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Often used in conjunction with <SPAN
-CLASS="QUOTE"
->"+prevent-setting-cookies"</SPAN
-> to
- disable cookies completely. Note that
- <A
-HREF="configuration.html#SESSION-COOKIES-ONLY"
-TARGET="_top"
-><SPAN
-CLASS="QUOTE"
->"+session-cookies-only"</SPAN
-></A
->
- requires these to both be disabled (or else it never gets any cookies to cache).
- </P
-><P
-> For <SPAN
-CLASS="QUOTE"
->"persistent"</SPAN
-> cookies to work (i.e. they survive across browser
- sessions and reboots), all three cookie settings should be <SPAN
-CLASS="QUOTE"
->"off"</SPAN
->
- for the specified sites.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="PREVENT-SETTING-COOKIES"
->7.4.5.17. <I
-CLASS="EMPHASIS"
->+prevent-setting-cookies</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Explicitly block the web server from storing cookies on your
- system.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+prevent-setting-cookies}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> Often used in conjunction with <SPAN
-CLASS="QUOTE"
->"+prevent-reading-cookies"</SPAN
-> to
- disable cookies completely (see above).
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="KILL-POPUP"
->7.4.5.18. <I
-CLASS="EMPHASIS"
->+kill-popups<A
-NAME="KILL-POPUPS"
-></A
-></I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Stop those annoying JavaScript pop-up windows!
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+kill-popups}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> <SPAN
-CLASS="QUOTE"
->"+kill-popups"</SPAN
-> uses a built in filter to disable pop-ups
- that use the <TT
-CLASS="LITERAL"
->window.open()</TT
-> function, etc. This is
- one of the first actions processed by <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- as it contacts the remote web server. This action is not always 100% reliable,
- and is supplemented by <SPAN
-CLASS="QUOTE"
->"+filter{<I
-CLASS="EMPHASIS"
->popups</I
->}"</SPAN
->.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="SEND-VANILLA-WAFER"
->7.4.5.19. <I
-CLASS="EMPHASIS"
->+send-vanilla-wafer</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Boolean.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> Sends a cookie for every site stating that you do not accept any copyright
- on cookies sent to you, and asking them not to track you.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> N/A
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+send-vanilla-wafer}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This action only applies if you are using a <TT
-CLASS="FILENAME"
->jarfile</TT
->
- for saving cookies. Of course, this is a (relatively) unique header and
- could conceivably be used to track you.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H4
-CLASS="SECT4"
-><A
-NAME="SEND-WAFER"
->7.4.5.20. <I
-CLASS="EMPHASIS"
->+send-wafer</I
-></A
-></H4
-><P
-></P
-><DIV
-CLASS="VARIABLELIST"
-><DL
-><DT
->Type:</DT
-><DD
-><P
->Multi-value.</P
-></DD
-><DT
->Typical uses:</DT
-><DD
-><P
-> This allows you to send an arbitrary, user definable cookie.
- </P
-></DD
-><DT
->Possible values:</DT
-><DD
-><P
-> User specified cookie name and corresponding value.
- </P
-></DD
-><DT
->Example usage:</DT
-><DD
-><P
-CLASS="LITERALLAYOUT"
-> <I
-CLASS="EMPHASIS"
->{+send-wafer{name=value}}</I
-><br>
- <I
-CLASS="EMPHASIS"
->.example.com</I
-><br>
- </P
-></DD
-><DT
->Notes:</DT
-><DD
-><P
-> This can be specified multiple times in order to add as many cookies as you
- like.
- </P
-></DD
-></DL
-></DIV
-></DIV
-><DIV
-CLASS="SECT4"
-><H3
-CLASS="SECT4"
-><A
-NAME="ACT-EXAMPLES"
->7.4.5.21. Actions Examples</A
-></H3
-><P
-> Note that the meaning of any of the above examples is reversed by preceding
- the action with a <SPAN
-CLASS="QUOTE"
->"-"</SPAN
->, in place of the <SPAN
-CLASS="QUOTE"
->"+"</SPAN
->. Also,
- that some actions are turned on in the default section of the actions file,
- and require little to no additional configuration. These are just <SPAN
-CLASS="QUOTE"
->"on"</SPAN
->.
- But, other actions that are turned on the default section <I
-CLASS="EMPHASIS"
->do
- typically require</I
-> exceptions to be listed in the lower sections of
- actions file. E.g. by default no URLs are <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
-> (i.e. in
- the default definitions of <TT
-CLASS="FILENAME"
->default.action</TT
->). We need
- exceptions to this in order to enable ad blocking.</P
-><P
-> Some examples:</P
-><P
-> Turn off cookies by default, then allow a few through for specified sites
- (showing an excerpt from the <SPAN
-CLASS="QUOTE"
->"default"</SPAN
-> section of an actions
- file ONLY):</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Excerpt only:<br>
- # Allow cookies to and from the server, but<br>
- # for this browser session ONLY<br>
- { <br>
- # other actions normally listed here...<br>
- -prevent-setting-cookies \<br>
- -prevent-reading-cookies \<br>
- +session-cookies-only \ <br>
- }<br>
- / # match all URLs<br>
-<br>
- # Exceptions to the above, sites that benefit from persistent cookies<br>
- # that are saved from one browser session to the next.<br>
- { -session-cookies-only }<br>
- .javasoft.com<br>
- .sun.com<br>
- .yahoo.com<br>
- .msdn.microsoft.com<br>
- .redhat.com<br>
-<br>
- </P
->
- </TT
-></P
-><P
-> Now turn off <SPAN
-CLASS="QUOTE"
->"fast redirects"</SPAN
->, and then we allow two exceptions:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Turn them off (excerpt only)!<br>
- {<br>
- # other actions normally listed here...<br>
- +fast-redirects<br>
- }<br>
- / # match all URLs<br>
- <br>
- # Reverse it for these two sites, which don't work right without it.<br>
- {-fast-redirects}<br>
- www.ukc.ac.uk/cgi-bin/wac\.cgi\?<br>
- login.yahoo.com<br>
- </P
->
- </TT
-></P
-><P
-> Turn on page filtering according to rules in the defined sections
- of <TT
-CLASS="FILENAME"
->default.filter</TT
->, and make one exception for
- Sourceforge:
- </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Run everything through the filter file, using only certain<br>
- # specified sections:<br>
- {<br>
- # other actions normally listed here...<br>
- +filter{html-annoyances} +filter{js-annoyances} +filter{kill-popups}\<br>
- +filter{webbugs} +filter{nimda} +filter{banners-by-size}<br>
- }<br>
- / #match all URLs<br>
- <br>
- # Then disable filtering of code from all sourceforge domains!<br>
- {-filter}<br>
- .sourceforge.net<br>
- </P
->
- </TT
-></P
-><P
-> Now some URLs that we want <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
-> (normally generates
- the <SPAN
-CLASS="QUOTE"
->"blocked"</SPAN
-> banner). Typically, the <SPAN
-CLASS="QUOTE"
->"block"</SPAN
->
- action is off by default in the upper section of an actions file, then enabled
- against certain URLs and patterns in the lower part of the file. Many of these use <A
-HREF="appendix.html#REGEX"
->regular expressions</A
-> that will expand to match multiple
- URLs: </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Blocklist:<br>
- {+block}<br>
- ad*.<br>
- .*ads.<br>
- banner?.<br>
- count*.<br>
- /.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?)<br>
- /(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/<br>
- .hitbox.com <br>
- /.*/(ng)?adclient\.cgi<br>
- /.*/(plain|live|rotate)[-_.]?ads?/<br>
- /.*/abanners/<br>
- /autoads/<br>
- </P
->
- </TT
-></P
-><P
-> Note that many of these actions have the potential to cause a page to
- misbehave, possibly even not to display at all. There are many ways
- a site designer may choose to design his site, and what HTTP header
- content, and other criteria, he may depend on. There is no way to have hard
- and fast rules for all sites. See the <A
-HREF="appendix.html#ACTIONSANAT"
->Appendix</A
-> for a brief example on troubleshooting
- actions.</P
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="ALIASES"
->7.4.6. Aliases</A
-></H3
-><P
-> Custom <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
->, known to <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- as <SPAN
-CLASS="QUOTE"
->"aliases"</SPAN
->, can be defined by combining other <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
->.
- These can in turn be invoked just like the built-in <SPAN
-CLASS="QUOTE"
->"actions"</SPAN
->.
- Currently, an alias can contain any character except space, tab, <SPAN
-CLASS="QUOTE"
->"="</SPAN
->,
- <SPAN
-CLASS="QUOTE"
->"{"</SPAN
-> or <SPAN
-CLASS="QUOTE"
->"}"</SPAN
->. But please use only <SPAN
-CLASS="QUOTE"
->"a"</SPAN
->-
- <SPAN
-CLASS="QUOTE"
->"z"</SPAN
->, <SPAN
-CLASS="QUOTE"
->"0"</SPAN
->-<SPAN
-CLASS="QUOTE"
->"9"</SPAN
->, <SPAN
-CLASS="QUOTE"
->"+"</SPAN
->, and
- <SPAN
-CLASS="QUOTE"
->"-"</SPAN
->. Alias names are not case sensitive, and
- <I
-CLASS="EMPHASIS"
->must be defined before other actions</I
-> in the
- actions file! And there can only be one set of <SPAN
-CLASS="QUOTE"
->"aliases"</SPAN
->
- defined per file. Each actions file may have its own aliases, but they are
- only visible within that file.</P
-><P
-> Now let's define a few aliases:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # Useful custom aliases we can use later. These must come first!<br>
- {{alias}}<br>
- +prevent-cookies = +prevent-setting-cookies +prevent-reading-cookies<br>
- -prevent-cookies = -prevent-setting-cookies -prevent-reading-cookies<br>
- fragile = -block -prevent-cookies -filter -fast-redirects -hide-referer -kill-popups<br>
- shop = -prevent-cookies -filter -fast-redirects<br>
- +imageblock = +block +handle-as-image<br>
-<br>
- # Aliases defined from other aliases, for people who don't like to type <br>
- # too much: ;-)<br>
- c0 = +prevent-cookies<br>
- c1 = -prevent-cookies<br>
- #... etc. Customize to your heart's content.<br>
- </P
->
- </TT
-></P
-><P
-> Some examples using our <SPAN
-CLASS="QUOTE"
->"shop"</SPAN
-> and <SPAN
-CLASS="QUOTE"
->"fragile"</SPAN
->
- aliases from above. These would appear in the lower sections of an
- actions file as exceptions to the default actions (as defined in the
- upper section):</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # These sites are very complex and require<br>
- # minimal interference.<br>
- {fragile}<br>
- .office.microsoft.com<br>
- .windowsupdate.microsoft.com<br>
- .nytimes.com<br>
-<br>
- # Shopping sites - but we still want to block ads.<br>
- {shop}<br>
- .quietpc.com<br>
- .worldpay.com # for quietpc.com<br>
- .scan.co.uk<br>
-<br>
- # These shops require pop-ups also <br>
- {shop -kill-popups}<br>
- .dabs.com<br>
- .overclockers.co.uk<br>
- </P
->
- </TT
-></P
-><P
-> The <SPAN
-CLASS="QUOTE"
->"shop"</SPAN
-> and <SPAN
-CLASS="QUOTE"
->"fragile"</SPAN
-> aliases are often used for
- <SPAN
-CLASS="QUOTE"
->"problem"</SPAN
-> sites that require most actions to be disabled
- in order to function properly. </P
-></DIV
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="FILTER-FILE"
->7.5. The Filter File</A
-></H2
-><P
-> Any web page can be dynamically modified with the filter file. This
- modification can be removal, or re-writing, of any web page content,
- including tags and non-visible content. The default filter file is
- <TT
-CLASS="FILENAME"
->default.filter</TT
->, located in the config directory. </P
-><P
-> This is potentially a very powerful feature, and requires knowledge of both
- <SPAN
-CLASS="QUOTE"
->"regular expression"</SPAN
-> and HTML in order create custom
- filters. But, there are a number of useful filters included with
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> for many common situations.</P
-><P
-> The included example file is divided into sections. Each section begins
- with the <TT
-CLASS="LITERAL"
->FILTER</TT
-> keyword, followed by the identifier
- for that section, e.g. <SPAN
-CLASS="QUOTE"
->"FILTER: webbugs"</SPAN
->. Each section performs
- a similar type of filtering, such as <SPAN
-CLASS="QUOTE"
->"html-annoyances"</SPAN
->.</P
-><P
-> This file uses regular expressions to alter or remove any string in the
- target page. The expressions can only operate on one line at a time. Some
- examples from the included default <TT
-CLASS="FILENAME"
->default.filter</TT
->:</P
-><P
-> Stop web pages from displaying annoying messages in the status bar by
- deleting such references:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> FILTER: html-annoyances<br>
-<br>
- # New browser windows should be resizeable and have a location and status<br>
- # bar. Make it so.<br>
- #<br>
- s/resizable="?(no|0)"?/resizable=1/ig s/noresize/yesresize/ig<br>
- s/location="?(no|0)"?/location=1/ig s/status="?(no|0)"?/status=1/ig<br>
- s/scrolling="?(no|0|Auto)"?/scrolling=1/ig<br>
- s/menubar="?(no|0)"?/menubar=1/ig <br>
-<br>
- # The <BLINK> tag was a crime!<br>
- #<br>
- s*<blink>|</blink>**ig<br>
-<br>
- # Is this evil? <br>
- #<br>
- #s/framespacing="?(no|0)"?//ig<br>
- #s/margin(height|width)=[0-9]*//gi<br>
- </P
->
- </TT
-></P
-><P
-> Just for kicks, replace any occurrence of <SPAN
-CLASS="QUOTE"
->"Microsoft"</SPAN
-> with
- <SPAN
-CLASS="QUOTE"
->"MicroSuck"</SPAN
->, and have a little fun with topical buzzwords: </P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> FILTER: fun<br>
-<br>
- s/microsoft(?!.com)/MicroSuck/ig<br>
-<br>
- # Buzzword Bingo:<br>
- #<br>
- s/industry-leading|cutting-edge|award-winning/<font color=red><b>BINGO!</b></font>/ig<br>
- </P
->
- </TT
-></P
-><P
-> Kill those pesky little web-bugs:</P
-><P
-> <TT
-CLASS="LITERAL"
-> <P
-CLASS="LITERALLAYOUT"
-> # webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking)<br>
- FILTER: webbugs<br>
-<br>
- s/<img\s+[^>]*?(width|height)\s*=\s*['"]?1\D[^>]*?(width|height)\s*=\s*['"]?1(\D[^>]*?)?>/<!-- Squished WebBug -->/sig<br>
- </P
->
- </TT
-></P
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN2273"
->7.6. Templates</A
-></H2
-><P
-> When <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> displays one of its internal
- pages, such as a 404 Not Found error page, it uses the appropriate template.
- On Linux, BSD, and Unix, these are located in
- <TT
-CLASS="FILENAME"
->/etc/privoxy/templates</TT
-> by default. These may be
- customized, if desired. <TT
-CLASS="FILENAME"
->cgi-style.css</TT
-> is
- used to control the HTML attributes (fonts, etc).</P
-><P
-> The default <SPAN
-CLASS="QUOTE"
->"Blocked"</SPAN
-> banner page with the bright red top
- banner, is called just <SPAN
-CLASS="QUOTE"
->"<TT
-CLASS="FILENAME"
->blocked</TT
->"</SPAN
->. This
- may be customized or replaced with something else if desired. </P
-></DIV
projects / privoxy.git / commitdiff