Note to Upgraders

[ Edit ] Actions FilesPrivoxy 3.0.3 User ManualPrivoxy 3.0.4 User Manual8. Actions Files8. Actions Files

The actions files are used to define what actions

8.1. Finding the Right Mix

8.1. Finding the Right Mix
Note that some
8.2. How to Edit
8.2. How to Edit
The easiest way to edit the actions files is with a browser by using our browser-based editor, which can be reached from 8.3. How Actions are Applied to URLs8.3. How Actions are Applied to URLs
Actions files are divided into sections. There are special sections, like the
To determine which actions apply to a request, the URL of the request is - compared to all patterns in each action file file. Every time it matches, the list of + compared to all patterns in each "action file" file. Every time it matches, the list of applicable actions for the URL is incrementally updated, using the heading of the section in which the pattern is located. If multiple matches for the same URL set the same action differently, the last match wins. If not, the effects are aggregated. E.g. a URL might match a regular section with - a heading line of { +handle-as-image } }, - then later another one with just { +block } }, resulting in 8.4. Patterns8.4. Patterns
As mentioned, Privoxy pattern has the form - <domain>/<path><domain>/<path>, where both the - <domain> and <domain> and <path><path> are - optional. (This is why the special // pattern matches all URLs). Note that the protocol portion of the URL pattern (e.g. - http://http://) should
www.example.com/www.example.com/
is a domain-only pattern and will match any request to is a domain-only pattern and will match any request to www.example.comwww.example.com, regardless of which document on that server is requested.
www.example.comwww.example.com
means exactly the same. For domain-only patterns, the trailing means exactly the same. For domain-only patterns, the trailing // may be omitted.
www.example.com/index.htmlwww.example.com/index.html
matches only the single document matches only the single document /index.html/index.html - on www.example.comwww.example.com.
/index.html/index.html
matches the document matches the document /index.html/index.html, regardless of the domain, i.e. on
index.htmlindex.html
matches nothing, since it would be interpreted as a domain name and - there is no top-level domain called .html.html.
8.4.1. The Domain Pattern
8.4.1. The Domain Pattern
The matching of the domain part offers some flexible options: if the domain starts or ends with a dot, it becomes unanchored at that end. @@ -709,9 +882,9 @@ NAME="AEN1833" CLASS="VARIABLELIST" >
.example.com.example.com
ENDS in - .example.com.example.com
www.www.
STARTS with - www.www.
.example..example.
CONTAINS .example..example. - (Correctly speaking: It matches any FQDN that contains exampleexample as a domain.)
ad*.example.comad*.example.com
*ad*.example.com*ad*.example.com
.?pix.com.?pix.com
matches matches www.ipix.comwww.ipix.com, - pictures.epix.com, pictures.epix.com, a.b.c.d.e.upix.coma.b.c.d.e.upix.com etc.
www[1-9a-ez].example.c*www[1-9a-ez].example.c*
matches matches www1.example.comwww1.example.com, - www4.example.cc, www4.example.cc, wwwd.example.cywwwd.example.cy, - wwwz.example.comwwwz.example.com etc., but not - wwww.example.comwwww.example.com.
8.4.2. The Path Pattern
8.4.2. The Path Pattern
http://www.pcre.org/man.txt. - You might also find the Perl man page on regular expressions (man perlreman perlre) useful, which is available on-line at "(?-i)" switch: switch: www.example.com/(?-i)PaTtErN.*www.example.com/(?-i)PaTtErN.* will match - only documents whose path starts with PaTtErNPaTtErN in 8.5. Actions8.5. Actions
All actions are disabled by default, until they are explicitly enabled somewhere in an actions file. Actions are turned on if preceded with a @@ -973,29 +1146,29 @@ CLASS="QUOTE" CLASS="QUOTE" >"-". So a - +action+action means "do that action", e.g. - +block+block means "please block URLs that match the following patterns", and , and -block-block means "don't - block URLs that match the following patterns, even if +block+block previously applied."
Again, actions are invoked by placing them on a line, enclosed in curly braces and separated by whitespace, like in - {+some-action -some-other-action{some-parameter}}{+some-action -some-other-action{some-parameter}}, followed by a list of URL patterns, one per line, to which they apply. Together, the actions line and the following pattern lines make up a section @@ -1038,19 +1211,27 @@ WIDTH="90%" >

- Example: +block+block

- Example: +hide-user-agent{ Mozilla 1.0 }+hide-user-agent{ Mozilla 1.0 }

- Examples: +add-header{X-Fun-Header: Some text}+add-header{X-Fun-Header: Some text} and - +filter{html-annoyances}+filter{html-annoyances}

8.5.1. add-header8.5.1. add-header
Any string value is possible. Validity of the defined HTTP headers is not checked. It is recommended that you use the ""X-X-" prefix for custom headers. @@ -1304,8 +1507,8 @@ CLASS="SECT3" CLASS="SECT3" >8.5.2. block8.5.2. block
Requests for URLs to which this action applies are blocked, i.e. the requests are not forwarded to the remote server, but answered locally with a substitute page or image, - as determined by the handle-as-image - and set-image-blocker actions.
both - block and block and handle-as-image, apply to the same request: it will then be replaced by an image. If - set-image-blocker (see below) also applies, the type of image will be determined by its parameter, if not, the standard checkerboard pattern is sent. @@ -1423,12 +1626,12 @@ CLASS="APPLICATION" ads and other unwanted content.
The The filter action can perform a very similar task, by
8.5.3. crunch-incoming-cookies
8.5.3. content-type-overwrite
Typical use:
Prevent the web server from setting any cookies on your system -
Stop useless download menus from popping up, or change the browser's rendering mode
Effect:
Deletes any Replaces the "Set-Cookie:" HTTP headers from server replies. +>"Content-Type:" HTTP server header.
Type:
Boolean.
Parameterized.
Parameter:
N/A +> Any string.
Notes:
This action is only concerned with incoming cookies. For +> The "Content-Type:" HTTP server header is used by the + browser to decide what to do with the document. The value of this + header can cause the browser to open a download menu instead of + displaying the document by itself, even if the document's format is + supported by the browser. +
The declared content type can also affect which rendering mode + the browser chooses. If XHTML is delivered as "text/html", + many browsers treat it as yet another broken HTML document. + If it is send as "application/xml", browsers with + XHTML support will only display it, if the syntax is correct. +
If you see a web site that proudly uses XHTML buttons, but sets outgoing cookies, use - "Content-Type: text/html", you can use Privoxy + to overwrite it with "application/xml" and validate + the web master's claim inside your XHTML-supporting browser. + If the syntax is incorrect, the browser will complain loudly. +
You can also go the opposite direction: if your browser prints + error messages instead of rendering a document falsely declared + as XHTML, you can overwrite the content type with + "text/html" and have it rendered as broken HTML document. +
By default content-type-overwrite only replaces + "Content-Type:" headers that look like some kind of text. + If you want to overwrite it unconditionally, you have to combine it with + crunch-outgoing-cookiesforce-text-mode. - Use both to disable cookies completely. + This limitation exists for a reason, think twice before circumventing it.
It makes no sense at all to use this action in conjunction - with the Most of the time it's easier to enable + session-cookies-onlyaction, - since it would prevent the session cookies from being set. See also - filter-server-headers + and replace this action with a custom regular expression. It allows you + to activate it for every document of a certain site and it will still + only replace the content types you aimed at. +
Of course you can apply filter-content-cookies. +>content-type-overwrite + to a whole site and then make URL based exceptions, but it's a lot + more work to get the same precision.
Example usage:
Example usage (sections):

Feature	Cautious	Medium	Adventuresome
Ad-blocking by URL	yes	yes	yes
Ad-filtering by size	yes	yes	yes
GIF de-animation	no	yes	yes
Referer forging	no	yes	yes
Cookie handling	none	session-only	kill
Pop-up killing	unsolicited	unsolicited	all
Fast redirects	no	no	yes
HTML taming	yes	yes	yes
JavaScript taming	yes	yes	yes
Web-bug killing	yes	yes	yes
Fun text replacements	no	no	yes
Image tag reordering	no	no	yes
Ad-filtering by link	no	no	yes
Demoronizer	no	no	yes
+ `+name` `# enable action name` # enable action `namename` - -`name` # disable action `name # disable action namename`
+ `+name{name`{`param} # enable action and set parameter to param`} # enable action and set parameter to `paramparam`, # overwriting parameter from previous match if necessary - -`name`name # disable action. The parameter can be omitted
+ `+name{name`{`param} # enable action and add param`} # enable action and add `paramparam` to the list of parameters - -`name`{`name{param} # remove the parameter param`} # remove the parameter `paramparam` from the list of parameters # If it was the last one left, disable the action. - `-name`-name # disable this action completely and remove all parameters from the list

+crunch-incoming-cookies

# Check if www.example.net/ really uses valid XHTML +{+content-type-overwrite {application/xml}} +www.example.net/ +# but leave the content type unmodified if the URL looks like a style sheet +{-content-type-overwrite} +www.example.net/*.\.css$ +www.example.net/*.style

8.5.4. crunch-outgoing-cookies

8.5.4. crunch-server-header
Typical use:
Prevent the web server from reading any cookies from your system -
Remove a client header Privoxy has no dedicated action for.
Effect:
Deletes any "Cookie:" HTTP headers from client requests. +> Deletes every header send by the client that contains the string the user supplied as parameter.
Type:
Boolean.
Parameterized.
Parameter:
N/A +> Any string.
Notes:
This action is only concerned with outgoing cookies. For +> This action allows you to block client headers for which no dedicated incoming cookies, use - crunch-incoming-cookies. - Use both to disable cookies completely. +CLASS="APPLICATION" +>Privoxy action exists. + Privoxy will remove every client header that + contains the string you supplied as parameter.
It makes Regular expressions are no sense at allnot supported to use this action in conjunction - with the and you can't + use this action to block different headers in the same request, unless + they contain the same string. +
crunch-client-header is only meant for quick tests. + If you have to block several different headers, or only want to modify + parts of them, you should enable + session-cookies-only action, - since it would prevent the session cookies from being read. +HREF="filter-file.html#FILTER-CLIENT-HEADERS" +>filter-client-headers + and create your own filter.
Example usage:

Warning
+crunch-outgoing-cookies
Don't block any header without understanding the consequences. +
Example usage (section):

# Block the non-existent "Privacy-Violation:" client header +{+crunch-client-header {Privacy-Violation:}} +/ +
@@ -1710,9 +1968,9 @@ CLASS="SECT3" >
8.5.5. deanimate-gifs
8.5.5. crunch-if-none-match
Typical use:
Stop those annoying, distracting animated GIF images.
Prevent yet another way to track the user's steps between sessions.
Effect:
De-animate GIF animations, i.e. reduce them to their first or last image. +> Deletes the "If-None-Match:" HTTP client header.
Type:
Parameterized.
Boolean.
Parameter:
"last" or "first" +> N/A
Notes:
This will also shrink the images considerably (in bytes, not pixels!). If - the option Removing the "first" is given, the first frame of the animation - is used as the replacement. If "If-None-Match:" HTTP client header + is useful for filter testing, where you want to force a real + reload instead of getting status code "last" is given, the last - frame of the animation is used instead, which probably makes more sense for - most banner animations, but also has the risk of not showing the entire - last frame (if it is only a delta to an earlier frame). +>"304" which + would cause the browser to use a cached copy of the page.
You can safely use this action with patterns that will also match non-GIF - objects, because no attempt will be made at anything that doesn't look like - a GIF. +> It is also useful to make sure the header isn't used as a cookie + replacement. +
Blocking the "If-None-Match:" header shouldn't cause any + caching problems, as long as the "If-Modified-Since:" header + isn't blocked as well. +
It is recommended to use this action together with + hide-if-modified-since + and + overwrite-last-modified.
Example usage:
Example usage (section):

+deanimate-gifs{last}
# Let the browser revalidate cached documents without being tracked across sessions +{+hide-if-modified-since {-1} \ ++overwrite-last-modified {randomize} \ ++crunch-if-none-match} +/
-
8.5.6. downgrade-http-version
8.5.6. crunch-incoming-cookies
Typical use:
Work around (very rare) problems with HTTP/1.1
Prevent the web server from setting any cookies on your system +
Effect:
Downgrades HTTP/1.1 client requests and server replies to HTTP/1.0. +> Deletes any "Set-Cookie:" HTTP headers from server replies.
Notes:
This is a left-over from the time when Privoxy - didn't support important HTTP/1.1 features well. It is left here for the - unlikely case that you experience HTTP/1.1 related problems with some server - out there. Not all (optional) HTTP/1.1 features are supported yet, so there - is a chance you might need this action. +> This action is only concerned with incoming cookies. For + outgoing cookies, use + crunch-outgoing-cookies. + Use both to disable cookies completely. +
It makes no sense at all to use this action in conjunction + with the session-cookies-only action, + since it would prevent the session cookies from being set. See also + filter-content-cookies.
Example usage (section):
Example usage:

{+downgrade-http-version} -problem-host.example.com
+crunch-incoming-cookies
-
8.5.7. fast-redirects
8.5.7. crunch-server-header
Typical use:
Fool some click-tracking scripts and speed up indirect links
Remove a server header Privoxy has no dedicated action for.
Effect:
Cut off all but the last valid URL from requests. +> Deletes every header sent by the server that contains the string the user supplied as parameter.
Type:
Boolean.
Parameterized.
Parameter:
N/A +> Any string.
Notes:
- Many sites, like yahoo.com, don't just link to other sites. Instead, they - will link to some script on their own servers, giving the destination as a - parameter, which will then redirect you to the final target. URLs - resulting from this scheme typically look like: +> This action allows you to block server headers for which no dedicated Privoxy action exists. Privoxy + will remove every server header that contains the string you supplied as parameter. +
Regular expressions are http://some.place/click-tracker.cgi?target=http://some.where.elsenot supported. -
Sometimes, there are even multiple consecutive redirects encoded in the - URL. These redirections via scripts make your web browsing more traceable, - since the server from which you follow such a link can see where you go - to. Apart from that, valuable bandwidth and time is wasted, while your - browser ask the server for one redirect after the other. Plus, it feeds - the advertisers. +> and you can't + use this action to block different headers in the same request, unless + they contain the same string.
This feature is currently not very smart and is scheduled for improvement. - It is likely to break some sites. You should expect to need possibly - many exceptions to this action, if it is enabled by default in +> crunch-server-header is only meant for quick tests. + If you have to block several different headers, or only want to modify + parts of them, you should enable default.action. Some sites just don't work without - it. +CLASS="LITERAL" +>filter-server-headers + and create your own filter.
Warning
Don't block any header without understanding the consequences. +
Example usage:
Example usage (section):

{+fast-redirects}
# Crunch server headers that try to prevent caching +{+crunch-server-header {no-cache}} +/
-
8.5.8. filter
8.5.8. crunch-outgoing-cookies
Typical use:
Get rid of HTML and JavaScript annoyances, banner advertisements (by size), do fun text replacements, etc.
Prevent the web server from reading any cookies from your system +
Effect:
All files of text-based type, most notably HTML and JavaScript, to which this - action applies, are filtered on-the-fly through the specified regular expression - based substitutions. (Note: as of version 3.0.3 plain text documents - are exempted from filtering, because web servers often use the - text/plain MIME type for all files whose type they - don't know.) +> Deletes any "Cookie:" HTTP headers from client requests.
Type:
Parameterized.
Boolean.
Parameter:
The name of a filter, as defined in the filter file - (typically default.filter, set by the - filterfile - option in the config file). When used in its negative form, - and without parameters, filtering is completely disabled. +> N/A
Notes:
For your convenience, there are a number of pre-defined filters available - in the distribution filter file that you can use. See the examples below for - a list. -
Filtering requires buffering the page content, which may appear to - slow down page rendering since nothing is displayed until all content has - passed the filters. (It does not really take longer, but seems that way - since the page is not incrementally displayed.) This effect will be more - noticeable on slower connections. -
This is very powerful feature, but "rolling your own" - filters requires a knowledge of regular expressions and HTML. -
The amount of data that can be filtered is limited to the - buffer-limit - option in the main config file. The - default is 4096 KB (4 Megs). Once this limit is exceeded, the buffered - data, and all pending data, is passed through unfiltered. -
Inadequate MIME types, such as zipped files, are not filtered at all. - (Again, only text-based types except plain text). Encrypted SSL data - (from HTTPS servers) cannot be filtered either, since this would violate - the integrity of the secure transaction. In some situations it might - be necessary to protect certain text, like source code, from filtering - by defining appropriate -filter sections. -
At this time, Privoxy cannot (yet!) uncompress compressed - documents. If you want filtering to work on all documents, even those that - would normally be sent compressed, use the - This action is only concerned with outgoing cookies. For + incoming cookies, use + prevent-compression- action in conjunction with filtercrunch-incoming-cookies. + Use both to disable cookies completely.
Filtering can achieve some of the same effects as the - It makes no sense at all to use this action in conjunction + with the block- action, i.e. it can be used to block ads and banners. But the mechanism - works quite differently. One effective use, is to block ad banners - based on their size (see below), since many of these seem to be somewhat - standardized. -
Feedback with suggestions for new or - improved filters is particularly welcome! -
The below list has only the names and a one-line description of each - predefined filter. There are more - verbose explanations of what these filters do in the filter file chapter. +HREF="actions-file.html#SESSION-COOKIES-ONLY" +>session-cookies-only action, + since it would prevent the session cookies from being read.
Example usage (with filters from the distribution default.filter file). - See the Predefined Filters section for - more explanation on each:
Example usage:
-

+filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse
+crunch-outgoing-cookies

-
+filter{js-events} # Kill all JS event bindings (Radically destructive! Only for extra nasty sites)
+>8.5.9. deanimate-gifs

Typical use:

Stop those annoying, distracting animated GIF images.

Effect:

De-animate GIF animations, i.e. reduce them to their first or last image.

Type:

-
+filter{html-annoyances} # Get rid of particularly annoying HTML abuse
Parameterized.

Parameter:

"last" or "first"

Notes:

-
+filter{content-cookies} # Kill cookies that come in the HTML or JS content
+> This will also shrink the images considerably (in bytes, not pixels!). If + the option "first" is given, the first frame of the animation + is used as the replacement. If "last" is given, the last + frame of the animation is used instead, which probably makes more sense for + most banner animations, but also has the risk of not showing the entire + last frame (if it is only a delta to an earlier frame).

- You can safely use this action with patterns that will also match non-GIF + objects, because no attempt will be made at anything that doesn't look like + a GIF. +
Example usage:

+filter{refresh-tags} # Kill automatic refresh tags (for dial-on-demand setups)
+deanimate-gifs{last}
-

-
+filter{unsolicited-popups} # Disable only unsolicited pop-up windows
+>8.5.10. downgrade-http-version

Typical use:

Work around (very rare) problems with HTTP/1.1

Effect:

Downgrades HTTP/1.1 client requests and server replies to HTTP/1.0.

Type:

-
+filter{all-popups} # Kill all popups in JavaScript and HTML
+>Boolean.

Parameter:

N/A

Notes:

-
+filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective
This is a left-over from the time when Privoxy + didn't support important HTTP/1.1 features well. It is left here for the + unlikely case that you experience HTTP/1.1 related problems with some server + out there. Not all (optional) HTTP/1.1 features are supported yet, so there + is a chance you might need this action.

Example usage (section):

-

+filter{banners-by-size} # Kill banners by size
{+downgrade-http-version} +problem-host.example.com
+

8.5.11. fast-redirects

Typical use:

Fool some click-tracking scripts and speed up indirect links.

Effect:

Detects redirection URLs and redirects the browser without contacting + the redirection server first.

Type:

-
+filter{banners-by-link} # Kill banners by their links to known clicktrackers
Parameterized.

Parameter:

"simple-check" to just search for the string "http://" + to detect redirection URLs. +
"check-decoded-url" to decode URLs (if necessary) before searching + for redirection URLs. +

Notes:

+ Many sites, like yahoo.com, don't just link to other sites. Instead, they + will link to some script on their own servers, giving the destination as a + parameter, which will then redirect you to the final target. URLs + resulting from this scheme typically look like: + "http://www.example.org/click-tracker.cgi?target=http%3a//www.example.net/". +

Sometimes, there are even multiple consecutive redirects encoded in the + URL. These redirections via scripts make your web browsing more traceable, + since the server from which you follow such a link can see where you go + to. Apart from that, valuable bandwidth and time is wasted, while your + browser asks the server for one redirect after the other. Plus, it feeds + the advertisers.

This feature is currently not very smart and is scheduled for improvement. + If it is enabled by default, you will have to create some exceptions to + this action. It can lead to failures in several ways: +

Not every URLs with other URLs as parameters is evil. + Some sites offer a real service that requires this information to work. + For example a validation service needs to know, which document to validate. + fast-redirects assumes that every URL parameter that + looks like another URL is a redirection target, and will always redirect to + the last one. Most of the time the assumption is correct, but if it isn't, + the user gets redirected anyway. +

Another failure occurs if the URL contains other parameters after the URL parameter. + The URL: + "http://www.example.org/?redirect=http%3a//www.example.net/&foo=bar". + contains the redirection URL "http://www.example.net/", + followed by another parameter. fast-redirects doesn't know that + and will cause a redirect to "http://www.example.net/&foo=bar". + Depending on the target server configuration, the parameter will be silently ignored + or lead to a "page not found" error. It is possible to fix these redirected + requests with filter-client-headers -
To detect a redirection URL, fast-redirects only + looks for the string "http://", either in plain text + (invalid but often used) or encoded as "http%3a//". + Some sites use their own URL encoding scheme, encrypt the address + of the target server or replace it with a database id. In theses cases + fast-redirects is fooled and the request reaches the + redirection server where it probably gets logged. +
Example usage:

+filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking)
+fast-redirects{simple-check}
-

-

+filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap
+fast-redirects{check-decoded-url}
-

-
8.5.12. filter
Typical use:
Get rid of HTML and JavaScript annoyances, banner advertisements (by size), do fun text replacements, etc.
Effect:
All files of text-based type, most notably HTML and JavaScript, to which this + action applies, are filtered on-the-fly through the specified regular expression + based substitutions. (Note: as of version 3.0.3 plain text documents + are exempted from filtering, because web servers often use the + text/plain MIME type for all files whose type they + don't know.) +
Type:
Parameterized.
Parameter:
The name of a filter, as defined in the filter file. + Filters can be defined in one or more files as defined by the + filterfile + option in the config file. + default.filter is the collection of filters + supplied by the developers. Locally defined filters should go + in their own file, such as user.filter. +
When used in its negative form, + and without parameters, filtering is completely disabled. +
Notes:
For your convenience, there are a number of pre-defined filters available + in the distribution filter file that you can use. See the examples below for + a list. +
Filtering requires buffering the page content, which may appear to + slow down page rendering since nothing is displayed until all content has + passed the filters. (It does not really take longer, but seems that way + since the page is not incrementally displayed.) This effect will be more + noticeable on slower connections. +
This is very powerful feature, and "rolling your own" + filters requires a knowledge of regular expressions and HTML. +
The amount of data that can be filtered is limited to the + buffer-limit + option in the main config file. The + default is 4096 KB (4 Megs). Once this limit is exceeded, the buffered + data, and all pending data, is passed through unfiltered. +
Inadequate MIME types, such as zipped files, are not filtered at all. + (Again, only text-based types except plain text). Encrypted SSL data + (from HTTPS servers) cannot be filtered either, since this would violate + the integrity of the secure transaction. In some situations it might + be necessary to protect certain text, like source code, from filtering + by defining appropriate -filter sections. +
At this time, Privoxy cannot (yet!) uncompress compressed + documents. If you want filtering to work on all documents, even those that + would normally be sent compressed, use the + prevent-compression + action in conjunction with filter. +
Filtering can achieve some of the same effects as the + block + action, i.e. it can be used to block ads and banners. But the mechanism + works quite differently. One effective use, is to block ad banners + based on their size (see below), since many of these seem to be somewhat + standardized. +
Feedback with suggestions for new or + improved filters is particularly welcome! +
The below list has only the names and a one-line description of each + predefined filter. There are more + verbose explanations of what these filters do in the filter file chapter. +
Example usage (with filters from the distribution default.filter file). + See the Predefined Filters section for + more explanation on each:
+
+filter{jumping-windows} # Prevent windows from resizing and moving themselves
+filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse

+filter{frameset-borders} # Give frames a border and make them resizable
+filter{js-events} # Kill all JS event bindings (Radically destructive! Only for extra nasty sites)

+filter{demoronizer} # Fix MS's non-standard use of standard charsets
+filter{html-annoyances} # Get rid of particularly annoying HTML abuse

+filter{shockwave-flash} # Kill embedded Shockwave Flash objects
+filter{content-cookies} # Kill cookies that come in the HTML or JS content

+filter{quicktime-kioskmode} # Make Quicktime movies saveable
+filter{refresh-tags} # Kill automatic refresh tags (for dial-on-demand setups)
+

+
+filter{unsolicited-popups} # Disable only unsolicited pop-up windows
+

+
+filter{all-popups} # Kill all popups in JavaScript and HTML

- +

+filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective
+

+
+filter{banners-by-size} # Kill banners by size
+

+
+filter{banners-by-link} # Kill banners by their links to known clicktrackers
+

+
+filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking)
+

+
+filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap
+

+
+filter{jumping-windows} # Prevent windows from resizing and moving themselves
+

+
+filter{frameset-borders} # Give frames a border and make them resizable
+

+
+filter{demoronizer} # Fix MS's non-standard use of standard charsets
+

+
+filter{shockwave-flash} # Kill embedded Shockwave Flash objects
+

+
+filter{quicktime-kioskmode} # Make Quicktime movies saveable
+

+
+filter{fun} # Text replacements for subversive browsing fun!
+

+
+filter{crude-parental} # Crude parental filtering (demo only)
+

+
+filter{ie-exploits} # Disable some known Internet Explorer bug exploits
+

8.5.13. force-text-mode

Typical use:

Force Privoxy to treat a document as if it was in some kind of text format.

Effect:

Declares a document as text, even if the "Content-Type:" isn't detected as such. +

Type:

Boolean.

Parameter:

N/A +

Notes:

As explained above, + Privoxy tries to only filter files that are + in some kind of text format. The same restrictions apply to + content-type-overwrite. + force-text-mode declares a document as text, + without looking at the "Content-Type:" first. +

Warning

Think twice before activating this action. Filtering binary data + with regular expressions can cause file damage. +

Example usage:

+force-text-mode +
+

8.5.14. handle-as-empty-document

Typical use:

Mark URLs that should be replaced by empty documents if they get blocked

Effect:

This action alone doesn't do anything noticeable. It just marks URLs. + If the block action also applies, + the presence or absence of this mark decides whether an HTML "blocked" + page, or an empty document will be sent to the client as a substitute for the blocked content. + The empty document isn't literally empty, but actually contains a single space. +

Type:

Boolean.

Parameter:

N/A +

Notes:

Some browsers complain about syntax errors if JavaScript documents + are blocked with Privoxy's + default HTML page; this option can be used to silence them. +

The content type for the empty document can be specified with + content-type-overwrite{}, + but usually this isn't necessary. +

Example usage:

# Block all documents on example.org that end with ".js", +# but send an empty document instead of the usual HTML message. +{+block +handle-as-empty-document} +example.org/.*\.js$ +
+

8.5.15. handle-as-image

Typical use:

Mark URLs as belonging to images (so they'll be replaced by imagee if they get blocked)

Effect:

This action alone doesn't do anything noticeable. It just marks URLs as images. + If the block action also applies, + the presence or absence of this mark decides whether an HTML "blocked" + page, or a replacement image (as determined by the set-image-blocker action) will be sent to the + client as a substitute for the blocked content. +

Type:

Boolean.

Parameter:

N/A +

Notes:

The below generic example section is actually part of default.action. + It marks all URLs with well-known image file name extensions as images and should + be left intact. +

Users will probably only want to use the handle-as-image action in conjunction with + block, to block sources of banners, whose URLs don't + reflect the file type, like in the second example section. +

Note that you cannot treat HTML pages as images in most cases. For instance, (in-line) ad + frames require an HTML page to be sent, or they won't display properly. + Forcing handle-as-image in this situation will not replace the + ad frame with an image, but lead to error messages. +

Example usage (sections):

# Generic image extensions: +# +{+handle-as-image} +/.*\.(gif|jpg|jpeg|png|bmp|ico)$ + +# These don't look like images, but they're banners and should be +# blocked as images: +# +{+block +handle-as-image} +some.nasty-banner-server.com/junk.cgi?output=trash + +# Banner source! Who cares if they also have non-image content? +ad.doubleclick.net
+

8.5.16. hide-accept-language

Typical use:

Pretend to use different language settings.

Effect:

Deletes or replaces the "Accept-Language:" HTTP header in client requests. +

Type:

Parameterized.

Parameter:

Keyword: "block", or any user defined value. +

Notes:

Faking the browser's language settings can be useful to make a + foreign User-Agent set with + hide-user-agent + more believable. +

However some sites with content in different languages check the + "Accept-Language:" to decide which one to take by default. + Sometimes it isn't possible to later switch to another language without + changing the "Accept-Language:" header first. +

Therefore it's a good idea to either only change the + "Accept-Language:" header to languages you understand, + or to languages that aren't wide spread. +

Before setting the "Accept-Language:" header + to a rare language, you should consider that it helps to + make your requests unique and thus easier to trace. + If you don't plan to change this header frequently, + you should stick to a common language. +

Example usage (section):

+filter{fun} # Text replacements for subversive browsing fun!
# Pretend to use Canadian language settings. +{+hide-accept-language{en-ca} \ ++hide-user-agent{Mozilla/5.0 (X11; U; OpenBSD i386; en-CA; rv:1.8.0.4) Gecko/20060628 Firefox/1.5.0.4} \ +} +/

-
+filter{crude-parental} # Crude parental filtering (demo only)
+>8.5.17. hide-content-disposition

Typical use:

Prevent download menus for content you prefer to view inside the browser.

Effect:

Deletes or replaces the "Content-Disposition:" HTTP header set by some servers.

Type:

- Parameterized.
Parameter:
Keyword: "block", or any user defined value. +
Notes:
Some servers set the "Content-Disposition:" HTTP header for + documents they assume you want to save locally before viewing them. + The "Content-Disposition:" header contains the file name + the browser is supposed to use by default. +
In most browsers that understand this header, it makes it impossible to + just view the document, without downloading it first, + even if it's just a simple text file or an image. +
Removing the "Content-Disposition:" header helps + to prevent this annoyance, but some browsers additionally check the + "Content-Type:" header, before they decide if they can + display a document without saving it first. In these cases, you have + to change this header as well, before the browser stops displaying + download menus. +
It is also possible to change the server's file name suggestion + to another one, but in most cases it isn't worth the time to set + it up. +
Example usage:

+filter{ie-exploits} # Disable some known Internet Explorer bug exploits
# Disarm the download link in Sourceforge's patch tracker +{-filter\ ++content-type-overwrite {text/plain}\ ++hide-content-disposition {block} } +.sourceforge.net/tracker/download.php

8.5.9. handle-as-image

8.5.18. hide-if-modified-since
Typical use:

Mark URLs as belonging to images (so they'll be replaced by images if they get blocked)

Prevent yet another way to track the user's steps between sessions.

Effect:

This action alone doesn't do anything noticeable. It just marks URLs as images. - If the block action also applies, - the presence or absence of this mark decides whether an HTML Deletes the "blocked" - page, or a replacement image (as determined by the set-image-blocker action) will be sent to the - client as a substitute for the blocked content. +>"If-Modified-Since:" HTTP client header or modifies its value.

Type:

Boolean.

Parameterized.

Parameter:

N/A +> Keyword: "block", or a user defined value that specifies a range of hours.

Notes:

The below generic example section is actually part of default.action. - It marks all URLs with well-known image file name extensions as images and should - be left intact. +> Removing this header is useful for filter testing, where you want to force a real + reload instead of getting status code "304", which would cause the + browser to use a cached copy of the page.

Users will probably only want to use the handle-as-image action in conjunction with - Instead of removing the header, hide-if-modified-since can + also add or substract a random amount of time to/from the headers value. + You specify a range of hours were the random factor should be chosen from and + Privoxy does the rest. A negative value means + subtracting, a positive value adding. +

Randomizing the value of the "If-Modified-Since:" makes + sure it isn't used as a cookie replacement, but you will run into + caching problems if the random range is too high. +

It is a good idea to only use a small negative value and let + block, to block sources of banners, whose URLs don't - reflect the file type, like in the second example section. +HREF="actions-file.html#OVERWRITE-LAST-MODIFIED" +>overwrite-last-modified + handle the greater changes.

Note that you cannot treat HTML pages as images in most cases. For instance, (in-line) ad - frames require an HTML page to be sent, or they won't display properly. - Forcing It is also recommended to use this action together with + handle-as-imagein this situation will not replace the - ad frame with an image, but lead to error messages. +>crunch-if-none-match.

Example usage (sections):

Example usage (section):

# Generic image extensions: -# -{+handle-as-image} -/.*\.(gif|jpg|jpeg|png|bmp|ico)$ - -# These don't look like images, but they're banners and should be -# blocked as images: -# -{+block +handle-as-image} -some.nasty-banner-server.com/junk.cgi?output=trash - -# Banner source! Who cares if they also have non-image content? -ad.doubleclick.net
# Let the browser revalidate without being tracked across sessions +{+hide-if-modified-since {-1}\ ++overwrite-last-modified {randomize}\ ++crunch-if-none-match} +/
8.5.10. hide-forwarded-for-headers8.5.19. hide-forwarded-for-headers
8.5.11. hide-from-header8.5.20. hide-from-header
"block" will completely remove the header - (not to be confused with the block action).
8.5.12. hide-referrer8.5.21. hide-referrer
"conditional-block" to delete the header completely if the host has changed.
"block" to delete the header completely.
to delete the header unconditionally.
Notes:
conditional-block is the only parameter, + that isn't easily detected in the server's log file. If it blocks the + referrer, the request will look like the visitor used a bookmark or + typed in the address directly. +
Leaving the referrer unmodified for requests on the same host + allows the server owner to see the visitor's "forge" is the preferred option here, since some servers will - not send images back otherwise, in an attempt to prevent their valuable - content from being embedded elsewhere (and hence, without being surrounded - by their banners). +>"click path", + but in most cases she could also get that information by comparing + other parts of the log file: for example the User-Agent if it isn't + a very common one, or the user's IP address if it doesn't change between + different requests. +
Always blocking the referrer, or using a custom one, can lead to + failures on servers that check the referrer before they answer any + requests, in an attempt to prevent their valuable content from being + embedded or linked to elsewhere. +
Both conditional-block and forge + will work with referrer checks, as long as content and valid referring page + are on the same host. Most of the time that's the case.
- hide-refererhide-referer is an alternate spelling of - hide-referrerhide-referrer and the two can be can be freely - substituted with each other. ("referrer" is the - correct English spelling, however the HTTP specification has a bug - it - requires it to be spelled as "referer".) -
Example usage:
8.5.13. hide-user-agent8.5.22. hide-user-agent
This breaks many web sites that depend on looking at this header in order - to customize their content for different browsers (which, by the +> This can lead to problems on web sites that depend on looking at this header in + order to customize their content for different browsers (which, by the way, is NOT a smart way to do - that!). +> the right thing to do: good web sites + work browser-independently). +
This action is scheduled for improvement. +> This action is scheduled for improvement. +
Example usage:

+hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}
+

8.5.23. inspect-jpegs

Typical use:

To protect against the MS buffer over-run in JPEG processing

Effect:

To protect against a known exploit +

Type:

Boolean.

Parameter:

N/A +

Notes:

See Microsoft Security Bulletin MS04-028. JPEG images are one of the most + common image types found across the Internet. The exploit as described can + allow execution of code on the target system, giving an attacker access + to the system in question by merely planting an altered JPEG image, which + would have no obvious indications of what lurks inside. This action + prevents unwanted intrusion.

Example usage:

+hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}
+inspect-jpegs
-

8.5.14. kill-popups 8.5.24. kill-popups
This action is basically a built-in, hardwired special-purpose filter - action, but there are important differences: For kill-popupskill-popups, the document need not be buffered, so it can be incrementally rendered while - downloading. But kill-popupskill-popups doesn't catch as many pop-ups as - filter{filter{all-popupsall-popups} - does and is not as smart as filter{filter{unsolicited-popupsunsolicited-popups} -is.
Think of it as a fast and efficient replacement for a filter that you can use if you don't want any filtering at all. Note that it doesn't make - sense to combine it with any filter action, - since as soon as one filter applies, the whole document needs to be buffered anyway, which destroys the advantage of - the kill-popupskill-popups action over its filter equivalent.
Killing all pop-ups unconditionally is problematic. Many shops and banks rely on - pop-ups to display forms, shopping carts etc, and the filter{filter{unsolicited-popupsunsolicited-popups} - does a fairly good job of catching only the unwanted ones.
windows that appear when you close an other one), you might want to use - filter{{js-annoyances}js-annoyances} instead.
8.5.15. limit-connect8.5.25. limit-connect
Prevent abuse of Privoxy as a TCP proxy relay
as a TCP proxy relay or disable SSL for untrusted sites
Effect:
Parameter:
A comma-separated list of ports or port ranges (the latter using dashes, with the minimum - defaulting to 0 and the maximum to 65K). +> A comma-separated list of ports or port ranges (the latter using dashes, with the minimum + defaulting to 0 and the maximum to 65K). +
Notes:
By default, i.e. if no limit-connect action applies, + Privoxy only allows HTTP CONNECT + requests to port 443 (the standard, secure HTTPS port). Use + limit-connect if more fine-grained control is desired + for some or all destinations. +
The CONNECT methods exists in HTTP to allow access to secure websites + ("https://" URLs) through proxies. It works very simply: + the proxy connects to the server on the specified port, and then + short-circuits its connections to the client and to the remote server. + This can be a big security hole, since CONNECT-enabled proxies can be + abused as TCP relays very easily. +
Privoxy relays HTTPS traffic without seeing + the decoded content. Websites can leverage this limitation to circumvent Privoxy's + filters. By specifying an invalid port range you can disable HTTPS entirely. + If you plan to disable SSL by default, consider enabling + treat-forbidden-connects-like-blocks + as well, to be able to quickly create exceptions. +
Example usages:

+limit-connect{443} # This is the default and need not be specified. ++limit-connect{80,443} # Ports 80 and 443 are OK. ++limit-connect{-3, 7, 20-100, 500-} # Ports less than 3, 7, 20 to 100 and above 500 are OK. ++limit-connect{-} # All ports are OK ++limit-connect{,} # No HTTPS traffic is allowed
+

8.5.26. prevent-compression

Typical use:

Ensure that servers send the content uncompressed, so it can be + passed through filters. +

Effect:

Removes the Accept-Encoding header which can be used to ask for compressed transfer. +

Type:

Boolean.

Parameter:

N/A +

Notes:

More and more websites send their content compressed by default, which + is generally a good idea and saves bandwidth. But for the filter, deanimate-gifs + and kill-popups actions to work, + Privoxy needs access to the uncompressed data. + Unfortunately, Privoxy can't yet(!) uncompress, filter, and + re-compress the content on the fly. So if you want to ensure that all websites, including + those that normally compress, can be filtered, you need to use this action. +

This will slow down transfers from those websites, though. If you use any of the above-mentioned + actions, you will typically want to use prevent-compression in conjunction + with them. +

Note that some (rare) ill-configured sites don't handle requests for uncompressed + documents correctly (they send an empty document body). If you use prevent-compression + per default, you'll have to add exceptions for those sites. See the example for how to do that. +

Example usage (sections):

# Set default: +# +{+prevent-compression} +/ # Match all sites + +# Make exceptions for ill sites: +# +{-prevent-compression} +www.debianhelp.org +www.pclinuxonline.com
+

8.5.27. overwrite-last-modified

Typical use:

Prevent yet another way to track the user's steps between sessions.

Effect:

Deletes the "Last-Modified:" HTTP server header or modifies its value. +

Type:

Parameterized.

Parameter:

One of the keywords: "block", "reset-to-request-time" + and "randomize"

Notes:

By default, i.e. if no limit-connect action applies, +> Removing the "Last-Modified:" header is useful for filter + testing, where you want to force a real reload instead of getting status + code "304", which would cause the browser to reuse the old + version of the page. +

The "randomize" option overwrites the value of the Privoxy only allows HTTP CONNECT - requests to port 443 (the standard, secure HTTPS port). Use - "Last-Modified:" header with a randomly chosen time + between the original value and the current time. In theory the server + could send each document with a different "Last-Modified:" + header to track visits without using cookies. "Randomize" + makes it impossible and the browser can still revalidate cached documents. +

"reset-to-request-time" overwrites the value of the + "Last-Modified:" header with the current time. You could use + this option together with + limit-connect if more fine-grained control is desired - for some or all destinations. +>hided-if-modified-since + to further customize your random range.

The CONNECT methods exists in HTTP to allow access to secure websites - ( The preferred parameter here is "https://" URLs) through proxies. It works very simply: - the proxy connects to the server on the specified port, and then - short-circuits its connections to the client and to the remote server. - This can be a big security hole, since CONNECT-enabled proxies can be - abused as TCP relays very easily. -

"randomize". It is safe + to use, as long as the time settings are more or less correct. + If the server sets the "Last-Modified:" header to the time + of the request, the random range becomes zero and the value stays the same. + Therefore you should later randomize it a second time with + hided-if-modified-since, + just to be sure. +
If you don't know what any of this means, there probably is no reason to - change this one, since the default is already very restrictive. -
It is also recommended to use this action together with + crunch-if-none-match. +

Example usages:

Example usage:

+limit-connect{443} # This is the default and need not be specified. -+limit-connect{80,443} # Ports 80 and 443 are OK. -+limit-connect{-3, 7, 20-100, 500-} # Ports less than 3, 7, 20 to 100 and above 500 are OK. -+limit-connect{-} # All ports are OK (gaping security hole!)
# Let the browser revalidate without being tracked across sessions +{+hide-if-modified-since {-1}\ ++overwrite-last-modified {randomize}\ ++crunch-if-none-match} +/
8.5.16. prevent-compression
8.5.28. redirect
Typical use:
Ensure that servers send the content uncompressed, so it can be - passed through filters +> Redirect requests to other sites.
Effect:
Adds a header to the request that asks for uncompressed transfer. +> Convinces the browser that the requested document has been moved + to another location and the browser should get it from there.
Type:
Boolean.
Parameterized
Parameter:
N/A +> Any URL.
Notes:
More and more websites send their content compressed by default, which - is generally a good idea and saves bandwidth. But for the This action is useful to replace whole documents with your own + ones. For that to work, they have to be available on another server. +
You can do the same by combining the actions + filter, block, + deanimate-gifs - and handle-as-image and + kill-popups actions to work, - Privoxy needs access to the uncompressed data. - Unfortunately, Privoxy can't yet(!) uncompress, filter, and - re-compress the content on the fly. So if you want to ensure that all websites, including - those that normally compress, can be filtered, you need to use this action. -
This will slow down transfers from those websites, though. If you use any of the above-mentioned - actions, you will typically want to use prevent-compression in conjunction - with them. +HREF="actions-file.html#SET-IMAGE-BLOCKER" +>set-image-blocker{URL}. + It doesn't sound right for non-image documents, and that's why this action + was created.
Note that some (rare) ill-configured sites don't handle requests for uncompressed - documents correctly (they send an empty document body). If you use This action will be ignored if you use it together with + prevent-compression- per default, you'll have to add exceptions for those sites. See the example for how to do that. +>block.
Example usage (sections):
Example usage:

# Set default: -# -{+prevent-compression} -/ # Match all sites - -# Make exceptions for ill sites: -# -{-prevent-compression} -www.debianhelp.org -www.pclinuxonline.com
# Replace example.com's style sheet with another one +{+redirect{http://localhost/css-replacements/example.com.css}} +example.com/stylesheet.css
8.5.17. send-vanilla-wafer8.5.29. send-vanilla-wafer
8.5.18. send-wafer8.5.30. send-wafer
A string of the form ""name=name=valuevalue".
8.5.19. session-cookies-only8.5.31. session-cookies-only
Notes:
This is less strict than This is less strict than crunch-incoming-cookies / - crunch-outgoing-cookies and allows you to browse websites that insist or rely on setting cookies, without compromising your privacy too badly.
Most browsers will not permanently store cookies that have been processed by - session-cookies-onlysession-cookies-only and will forget about them between sessions. This makes profiling cookies useless, but won't break sites which require cookies so that you can log in for transactions. This is generally turned on for all @@ -3780,23 +5640,23 @@ CLASS="emphasis" CLASS="EMPHASIS" >no sense at all to use to use session-cookies-onlysession-cookies-only - together with crunch-incoming-cookies or - crunch-outgoing-cookies. If you do, cookies will be plainly killed.
content-cookies filter to block some types of cookies. Content cookies are not effected by - session-cookies-onlysession-cookies-only.
8.5.20. set-image-blocker8.5.32. set-image-blocker
both - block and handle-as-image ""target-urltarget-url" to - send a redirect to target-urltarget-url. You can redirect - to any image anywhere, even in your local filesystem (via "file:///" URL). +> URL. + (But note that not all browsers support redirecting to a local file system).
A good application of redirects is to use special Privoxy-built-in - URLs, which send the built-in images, as target-urltarget-url. This has the same visual effect as specifying
The URLs for the built-in images are "http://config.privoxy.org/send-banner?type="http://config.privoxy.org/send-banner?type=typetype", where , where typetype is either NOT to be - used in set-image-blockerset-image-blocker, but meant for use from filters
8.5.33. treat-forbidden-connects-like-blocks
Typical use:
Block forbidden connects with an easy to find error message.
Effect:
If this action is enabled, Privoxy no longer + makes a difference between forbidden connects and ordinary blocks. +
Type:
Boolean
Parameter:
N/A
Notes:
By default Privoxy answers + forbidden "Connect" requests + with a short error message inside the headers. If the browser doesn't display + headers (most don't), you just see an empty page. +
With this action enabled, Privoxy displays + the message that is used for ordinary blocks instead. If you decide + to make an exception for the page in question, you can do so by + following the "See why" link. +
For "Connect" requests the clients tell + Privoxy which host they are interested + in, but not which document they plan to get later. As a result, the + "Go there anyway" link becomes rather useless: + it lets the client request the home page of the forbidden host + through unencrypted HTTP, still using the port of the last request. +
If you previously configured Privoxy to do the + request through a SSL tunnel, everything will work. Most likely you haven't + and the server will responds with an error message because it is expecting + HTTPS. +
Example usage:

+treat-forbidden-connects-like-blocks
+
8.5.21. Summary
8.5.34. Summary
Note that many of these actions have the potential to cause a page to misbehave, possibly even not to display at all. There are many ways @@ -4127,8 +6119,8 @@ CLASS="SECT2" CLASS="SECT2" >8.6. Aliases8.6. Aliases
Custom 8.7. Actions Files Tutorial8.7. Actions Files Tutorial
The above chapters have shown
8.7.1. default.action
8.7.1. default.action
Every config file should start with a short comment stating its purpose:
# Sample default.action file <developers@privoxy.org>
# Sample default.action file <ijbswa-developers@lists.sourceforge.net> The first regular section is probably the most important. It has only one pattern, ""//", but this pattern fragilefragile alias instead of stating the list of actions explicitly:
The The fast-redirects action, which we enabled per default above, breaks some sites. So disable it for popular sites where we know it misbehaves:
and - information). We can mark any URL as an image with the handle-as-image action, and marking all URLs that end in a known image file extension is a good start:
mark them as images in one go, with the help of our - block-as-imageblock-as-image alias defined above. (We could of - course just as well use +handle-as-image here.) Remember that the type of the replacement image is chosen by the - set-image-blocker action. Since all URLs have matched the default section with its - +set-image-blocker{pattern}{pattern} action before, it still applies and needn't be repeated:
"blocked" - by the filter{banners-by-size}{banners-by-size} action, which we enabled above, and which deletes the references to banner images from the pages while they are loaded, so the browser doesn't request them anymore, and hence they don't need to be blocked here. But this naturally doesn't catch all banners, and some people choose not to use filters, so we need a comprehensive list of patterns for banner URLs here, and apply the - block action to them.
First comes a bunch of generic patterns, which do most of the work, by @@ -5057,9 +7049,11 @@ count*. >
You wouldn't believe how many advertisers actually call their banner - servers ads.companycompany.com, or call the directory in which the banners are stored simply
But being very generic, they necessarily also catch URLs that we don't want - to block. The pattern .*ads..*ads. e.g. catches l.some-provider.net." So here come some - well-known exceptions to the +block section above.
"downloads.sourcefroge.net": Initially, all actions are deactivated, so it wouldn't get blocked. Then comes the defaults section, which matches the - URL, but just deactivates the block - action once again. Then it matches .*ads..*ads., an exception to the general non-blocking policy, and suddenly - +block applies. And now, it'll match - .*loads., where .*loads., where -block applies, so (unless it matches again further down) it ends up - with no block action applying.
"cvs" in them. Note that - -filter disables
8.7.2. user.action
8.7.2. user.action
So far we are painting with a broad brush by setting general policies, which would be a reasonable starting point for many people. Now, @@ -5358,9 +7352,9 @@ allow-ads = -block -filter{banners-by-size} -filter{banners-by-link} Say you have accounts on some sites that you visit regularly, and you don't want to have to log in manually each time. So you'd like to allow persistent cookies for these sites. The - allow-all-cookiesallow-all-cookies alias defined above does exactly that, i.e. it disables crunching of cookies in any direction, and the processing of cookies to make them only temporary.
"copy image location" and pasted the URL below while removing the leading http://, into a - { +block } section. Note that { +block } section. Note that { +handle-as-image - }need not be specified, since all URLs ending in - .gif.gif will be tagged as images by the general rules as set in default.action anyway:
Privoxy to guess the file type just by looking at the URL. - You can use the +block-as-image+block-as-image alias defined above for these cases. Note that objects which match this rule but then turn out NOT to be an @@ -5515,9 +7509,9 @@ ar.atwola.com/feedback, so - you just used the fragilefragile alias on the site, and -- whoa! -- it worked. The -- it worked. The fragilefragile aliases disables those actions that are most likely to break a site. Also, good for testing purposes to see if it is

Note that Note that allow-adsallow-ads has been aliased to - -block, - -filter{banners-by-size}, and - -filter{banners-by-link} above.
The Filter FileFilter Files
AppendixPrivoxy 3.0.3 User ManualPrivoxy 3.0.4 User Manual14. Appendix14. Appendix14.1. Regular Expressions 14.1. Regular Expressions PCRE and - PCRSPCRS libraries.

If you are reading this, you probably don't understand what dir command in DOS. - *.**.* matches all filenames. The "special" character here is the asterisk which matches any and all characters. We can be - more specific and use ?? to match just individual characters. So /.*/banners/.*/.*/banners/.* - A simple example @@ -485,9 +484,9 @@ CLASS="QUOTE" CLASS="emphasis" >/.*/adv((er)?ts?|ertis(ing|ements?))?//.*/adv((er)?ts?|ertis(ing|ements?))?/ - @@ -609,9 +608,9 @@ CLASS="QUOTE" CLASS="emphasis" >/.*/advert[0-9]+\.(gif|jpe?g)/.*/advert[0-9]+\.(gif|jpe?g) - Again @@ -744,12 +743,12 @@ CLASS="SECT2" >

14.2. Privoxy's Internal Pages

's Internal Pages

Since

Short cuts. Turn off, then on:
14.2.1. Bookmarklets14.2.1. Bookmarklets
Below are some
Privoxy - Submit Actions File Feedback -
Privoxy - Why?14.3. Chain of Events14.3. Chain of Events
Let's take a quick look at the basic sequence of events when a web page is requested by your browser and default.filter) are processed against the buffered - content. Filters are applied in the order they are specified in the - default.filter file. Animated GIFs, if present, are + content. Filters are applied in the order they are specified in one of the + filter files. Animated GIFs, if present, are reduced to either the first or last frame, depending on the action setting.The entire page, which is now filtered, is then sent by 14.4. Anatomy of an Action14.4. Anatomy of an Action
The way "+filter" action) from - the default.filter file since this is handled very + one of the filter files since this is handled very differently and not so easy to trap! It also will not tell you about any other URLs that may be embedded within the URL you are testing. For instance, images such as ads are expressed as URLs within the raw page source of HTML pages. So @@ -1638,7 +1622,8 @@ CLASS="QUOTE" > and "session-cookies-only".
, + which are actived specifically for this site in our configuration.
Now another example,
Now the page displays ;-) Be sure to flush your browser's caches when - making such changes. Or, try using Shift+ReloadShift+Reload.
But now what about a situation where we get no explicit matches like diff --git a/doc/webserver/user-manual/config.html b/doc/webserver/user-manual/config.html index 6e6354c2..c48743b8 100644 --- a/doc/webserver/user-manual/config.html +++ b/doc/webserver/user-manual/config.html @@ -1,13 +1,13 @@ - The Main Configuration FilePrivoxy 3.0.3 User ManualPrivoxy 3.0.4 User Manual7. The Main Configuration File7. The Main Configuration File
Again, the main configuration file is named

- Assigns the value Assigns the value /etc/privoxy/etc/privoxy to the option - confdirconfdir and thus indicates that the configuration directory is named "/etc/privoxy/".
All options in the config file except for All options in the config file except for confdirconfdir and - logdirlogdir are optional. Watch out in the below description for what happens if you leave them unset.
7.1. Configuration and Log File Locations7.1. Configuration and Log File Locations
7.1.1. confdir7.1.1. confdir
No trailing ""//", please
7.1.2. logdir7.1.2. logdir
No trailing ""//", please
7.1.3. actionsfile7.1.3. actionsfileType of value:
File name, relative to File name, relative to confdir, without the confdir, without the .action.action suffix
Notes:
Multiple Multiple actionsfileactionsfile lines are permitted, and are in fact recommended!
7.1.4. filterfile7.1.4. filterfileType of value:
File name, relative to File name, relative to confdirconfdir
No textual content filtering takes place, i.e. all - +filter{{name}name} actions in the actions files are turned neutral.
The - +filter{{name}name} - actions rely on the relevant filter (namename) to be defined in the filter file!
default.filter that contains a bunch of handy filters for common problems is included in the distribution. - See the section on the filter action for a list.
7.1.5. logfile7.1.5. logfile
Type of value:
File name, relative to File name, relative to logdirlogdir
Effect if unset:
No log file is used, all log messages go to the console ( No log file is used, all log messages go to the console (STDERRSTDERR).
The logfile is where all logging and error messages are written. The level - of detail and number of messages are set with the debugdebug option (see below). The logfile can be useful for tracking down a problem with 7.1.6. jarfile7.1.6. jarfile
Type of value:
File name, relative to File name, relative to logdirlogdir
7.1.7. trustfile7.1.7. trustfile
Type of value:
File name, relative to File name, relative to confdirconfdir
Prepending a Prepending a ~~ character limits access to this site only (and any sub-paths within this site), e.g. - ~www.example.com~www.example.com.
trusted referrers, by - prepending the name with a ++ character. The effect is that access to untrusted sites will be granted -- but only if a link from this trusted referrer was used. The link target will then be added to the @@ -836,15 +842,15 @@ CLASS="QUOTE" >"trustfile" so that future, direct accesses will be granted. Sites added via this mechanism do not become trusted referrers themselves - (i.e. they are added with a ~~ designation).
If you use the If you use the ++ operator in the trust file, it may grow considerably over time.
Privoxy be compiled with - the --disable-force, --disable-force, --disable-toggle--disable-toggle and - --disable-editor --disable-editor options, if this feature is to be used.
7.2. Local Set-up Documentation7.2. Local Set-up Documentation
If you intend to operate 7.2.1. user-manual7.2.1. user-manual
http://www.privoxy.org/http://www.privoxy.org/versionversion/user-manual/ - will be used, where versionversion is the Privoxy
  user-manual  file:///usr/share/doc/privoxy-3.0.3/user-manual/
user-manual file:///usr/share/doc/privoxy-3.0.4/user-manual/
  user-manual  file:/c:/some-dir/privoxy-3.0.3/user-manual/
user-manual file:/c:/some-dir/privoxy-3.0.4/user-manual/
  user-manual  file://///some-server/some-path/privoxy-3.0.3/user-manual/
user-manual file://///some-server/some-path/privoxy-3.0.4/user-manual/7.2.2. trust-info-url7.2.2. trust-info-url
7.2.3. admin-address7.2.3. admin-address
Notes:
If both If both admin-address and admin-address and proxy-info-urlproxy-info-url are unset, the whole "Local Privoxy Support" box on all generated pages will not be shown. @@ -1218,8 +1228,8 @@ CLASS="SECT3" CLASS="SECT3" >7.2.4. proxy-info-url7.2.4. proxy-info-url
Notes:
If both If both admin-address and admin-address and proxy-info-urlproxy-info-url are unset, the whole "Local Privoxy Support" box on all generated pages will not be shown. @@ -1289,17 +1299,17 @@ CLASS="SECT2" CLASS="SECT2" >7.3. Debugging7.3. Debugging
These options are mainly useful when tracing a problem. Note that you might also want to invoke Privoxy with the with the --no-daemon--no-daemon command line option when debugging.
7.3.1. debug7.3.1. debug
To select multiple debug levels, you can either add them or use - multiple debugdebug lines.
7.3.2. single-threaded7.3.2. single-threaded
7.4. Access Control and Security7.4. Access Control and Security
This section of the config file controls the security-relevant aspects of 7.4.1. listen-address7.4.1. listen-address
Type of value:
[[IP-Address]:IP-Address]:PortPort
Privoxy to untrusted users, you will - also want to turn off the enable-edit-actions and - enable-remote-toggle options!
7.4.2. toggle7.4.2. toggle
"toggled off" mode, i.e. behave like a normal, content-neutral proxy where all ad blocking, filtering, etc are disabled. See - enable-remote-toggleenable-remote-toggle below. This is not really useful anymore, since toggling is much easier via 7.4.3. enable-remote-toggle7.4.3. enable-remote-toggle
"ACLs" and and listen-addresslisten-address above) can toggle it for all users. So this option is 7.4.4. enable-edit-actions7.4.4. enable-edit-actions
"ACLs" and and listen-addresslisten-address above) can modify its configuration for all users. So this option is 7.4.5. ACLs: permit-access and deny-access7.4.5. ACLs: permit-access and deny-accessType of value:
src_addr[/src_addr[/src_masklensrc_masklen] - [dst_addr[/dst_addr[/dst_masklendst_masklen]]
Where Where src_addrsrc_addr and - dst_addrdst_addr are IP addresses in dotted decimal notation or valid - DNS names, and src_masklensrc_masklen and - dst_masklendst_masklen are subnet masks in CIDR notation, i.e. integer values from 2 to 30 representing the length (in bits) of the network address. The masks and the whole destination part are optional. @@ -1996,9 +2026,9 @@ CLASS="EMPHASIS" >Effect if unset:
Don't restrict access further than implied by Don't restrict access further than implied by listen-addresslisten-address
Privoxy - talks only to IP addresses that match at least one permit-accesspermit-access line - and don't match any subsequent deny-accessdeny-access line. In other words, the - last match wins, with the default being deny-accessdeny-access.
If Privoxy is using a forwarder (see is using a forwarder (see forwardforward below) - for a particular destination URL, the dst_addrdst_addr that is examined is the address of the forwarder and
Explicitly define the default behavior if no ACL and - listen-addresslisten-address are set: "localhost" - is OK. The absence of a dst_addrdst_addr implies that 7.4.6. buffer-limit7.4.6. buffer-limit
Notes:
For content filtering, i.e. the For content filtering, i.e. the +filter+filter and - +deanimate-gif+deanimate-gif actions, it is necessary that
When a document buffer size reaches the When a document buffer size reaches the buffer-limitbuffer-limit, it is flushed to the client unfiltered and no further attempt to filter the rest of the document is made. Remember that there may be multiple threads - running, which might require up to buffer-limitbuffer-limit Kbytes 7.5. Forwarding7.5. Forwarding
This feature allows routing of HTTP requests through a chain of multiple proxies. @@ -2307,8 +2341,8 @@ CLASS="SECT3" CLASS="SECT3" >7.5.1. forward7.5.1. forward
Type of value:
target_patterntarget_pattern - http_parent[:http_parent[:portport]
where where target_patterntarget_pattern is a URL pattern - that specifies to which requests (i.e. URLs) this forward rule shall apply. Use // to denote "all URLs". - http_parent[:http_parent[:portport] is the DNS name or IP address of the parent HTTP proxy through which the requests should be forwarded, optionally followed by its listening port (default: 8080). - Use a single dot (..) to denote "no forwarding"Notes:
If If http_parenthttp_parent is "."7.5.2. forward-socks4 and forward-socks4a7.5.2. forward-socks4 and forward-socks4aType of value:
target_patterntarget_pattern - socks_proxy[:socks_proxy[:portport] - http_parent[:http_parent[:portport]
where where target_patterntarget_pattern is a URL pattern - that specifies to which requests (i.e. URLs) this forward rule shall apply. Use // to denote "all URLs". - http_parent and http_parent and socks_proxysocks_proxy - are IP addresses in dotted decimal notation or valid DNS names (http_parenthttp_parent may be "no HTTP forwarding"), and the optional - portport parameters are TCP ports, i.e. integer values from 1 to 64535
Multiple lines are OK, they are checked in sequence, and the last match wins.
The difference between The difference between forward-socks4 and forward-socks4 and forward-socks4aforward-socks4a is that in the SOCKS 4A protocol, the DNS resolution of the target hostname happens on the SOCKS server, while in SOCKS 4 it happens locally.
If If http_parenthttp_parent is "."7.5.3. Advanced Forwarding Examples7.5.3. Advanced Forwarding Examples
If you have links to multiple ISPs that provide various special content only to their subscribers, you can configure multiple squid locally, then chain as - browser -> squid -> privoxybrowser -> squid -> privoxy is the recommended way.
Assuming that squid's address and port. - Squid normally uses port 3128. If unsure consult http_porthttp_port in squid.conf.
You could just as well decide to only forward requests for Windows executables through - a virus-scanning parent proxy, say, on antivir.example.comantivir.example.com, port 8010:
7.6. Windows GUI Options7.6. Windows GUI Options
"Privoxy" is active. To turn off, set to 0.


- will log messages to the console window:     - Warning: Setting this to 0 will result in the buffer to grow infinitely and eat up all your memory!     - is the maximum number of lines held in the log buffer. See above.     - will highlight portions of the log messages with a bold-faced font:     - The font used in the console window:     - Font size used in the console window:     - will appear as a button on the Task bar when minimized:     - instead of closing the program (close with the exit option on the File menu).     - will disconnect from and hide the command console.     - Privoxy ConfigurationPrivoxy 3.0.4 User ManualPrivoxy 3.0.4 User ManualPrivoxy 3.0.4 User Manual
Privoxy 3.0.3 User Manual
6. Privoxy Configuration Configuration
All
6.1. Controlling Privoxy with Your Web Browser
with Your Web Browser

    Privoxy Menu
        ▪  Documentation @@ -251,8 +251,8 @@ CLASS="SECT2" CLASS="SECT2" >6.2. Configuration Files Overview6.2. Configuration Files Overview
For Unix, *BSD and Linux, all configuration files are located in Privoxy executable.
executable. The name + and number of configuration files has changed from previous versions, and is + subject to change as development progresses. The installed defaults provide a reasonable starting point, though some settings may be aggressive by some standards. For the time being, the @@ -352,9 +354,9 @@ TARGET="_top" > default.filter "Filter files" (the filter @@ -362,8 +364,22 @@ HREF="filter-file.html" >) can be used to re-write the raw page content, including viewable text as well as embedded HTML and JavaScript, and whatever else lurks on any given web page. The filtering jobs are only pre-defined here; - whether to apply them or not is up to the actions files. Only one filter - file may be defined. + whether to apply them or not is up to the actions files. + default.filter includes various filters made + available for use by the developers. Some are much more intrusive than + others, and all should be used with caution. You may define additional + filter files in config as you can with + actions files. We suggest user.filter for any + locally defined filters or customizations.
All files use the ""##" character to denote a comment (the rest of the line will be ignored) and understand line continuation - through placing a backslash ("\\") as the very last character - in a line. If the ## is preceded by a backslash, it looses - its special function. Placing a ## in front of an otherwise valid configuration line to prevent it from being interpreted is called "commenting out" that line.
The actions files and default.filter +> The actions files and filter files can use Perl style regular expressionsold listening address.
While under development, the configuration content is subject to change. + The below documentation may not be accurate by the time you read this. + Also, what constitutes a "default" setting, may change, so + please check all your configuration files on important issues.
<META NAME="GENERATOR" -CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK +CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+ +"><LINK REL="HOME" -TITLE="Privoxy 3.0.3 User Manual" +TITLE="Privoxy 3.0.4 User Manual" HREF="index.html"><LINK REL="PREVIOUS" TITLE="Templates" @@ -38,7 +38,7 @@ CELLSPACING="0" ><TH COLSPAN="3" ALIGN="center" ->Privoxy 3.0.3 User Manual</TH +>Privoxy 3.0.4 User Manual</TH ></TR ><TR ><TD @@ -75,9 +75,9 @@ CLASS="SECT1" CLASS="SECT1" ><A NAME="CONTACT" +></A >11. Contacting the Developers, Bug Reporting and Feature -Requests</A -></H1 +Requests</H1 ><P > We value your feedback. In fact, we rely on it to improve <SPAN @@ -92,8 +92,8 @@ CLASS="SECT2" CLASS="SECT2" ><A NAME="CONTACT-SUPPORT" ->11.1. Get Support</A -></H2 +></A +>11.1. Get Support</H2 ><P > For casual users, our <A @@ -120,9 +120,96 @@ CLASS="SECT2" ><H2 CLASS="SECT2" ><A +NAME="REPORTING" +></A +>11.2. Reporting Problems</H2 +><P +><SPAN +CLASS="QUOTE" +>"Problems"</SPAN +> for our purposes, come in two forms:</P +><P +></P +><UL +><LI +><P +> Configuration issues, such as ads that slip through, or sites that + don't function properly due to one <SPAN +CLASS="APPLICATION" +>Privoxy</SPAN +> + <SPAN +CLASS="QUOTE" +>"action"</SPAN +> or another being turned <SPAN +CLASS="QUOTE" +>"on"</SPAN +>. + </P +></LI +><LI +><P +> <SPAN +CLASS="QUOTE" +>"Bugs"</SPAN +> in the programming code that makes up + <SPAN +CLASS="APPLICATION" +>Privoxy</SPAN +>, such as that might cause a crash. + </P +></LI +></UL +><DIV +CLASS="SECT3" +><H3 +CLASS="SECT3" +><A +NAME="CONTACT-ADS" +></A +>11.2.1. Reporting Ads or Other Configuration Problems</H3 +><P +> Please send feedback on ads that slipped through, innocent images that were + blocked, sites that don't work properly, and other configuration related problem of + <TT +CLASS="FILENAME" +>default.action</TT +> file, to + <A +HREF="http://sourceforge.net/tracker/?group_id=11118&atid=460288" +TARGET="_top" +> http://sourceforge.net/tracker/?group_id=11118&atid=460288</A +>, + the Actions File Tracker.</P +><P +> New, improved <TT +CLASS="FILENAME" +>default.action</TT +> files may occasionally be made + available based on your feedback. These will be announced on the <A +HREF="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce" +TARGET="_top" +>ijbswa-announce</A +> + list and available from our the <A +HREF="http://sourceforge.net/project/showfiles.php?group_id=11118" +TARGET="_top" +>files section</A +> of + our <A +HREF="http://sf.net/projects/ijbswa/" +TARGET="_top" +>project page</A +>.</P +></DIV +><DIV +CLASS="SECT3" +><H3 +CLASS="SECT3" +><A NAME="CONTACT-BUGS" ->11.2. Report Bugs</A -></H2 +></A +>11.2.2. Reporting Bugs</H3 ><P > Please report all bugs <SPAN CLASS="emphasis" @@ -138,13 +225,20 @@ TARGET="_top" >http://sourceforge.net/tracker/?group_id=11118&atid=111118</A >. </P ><P -> Before doing so, please make sure that the bug has not already been submitted +> Before doing so, please make sure that the bug has <SPAN +CLASS="emphasis" +><I +CLASS="EMPHASIS" +>not already been submitted</I +></SPAN +> and observe the additional hints at the top of the <A HREF="http://sourceforge.net/tracker/?func=add&group_id=11118&atid=111118" TARGET="_top" >submit form</A ->.</P +>. If already submitted, please feel free to add any info to the + original report that might help solve the issue.</P ><P > Please try to verify that it is a <SPAN @@ -161,16 +255,10 @@ TARGET="_top" CLASS="APPLICATION" >Privoxy</SPAN >, and see if the problem persists. - The <A -HREF="http://www.privoxy.org/user-manual/appendix.html#ACTIONSANAT" -TARGET="_top" ->appendix - of the user manual</A -> also has helpful information - on action debugging. If you are using your own custom configuration, please try + If you are using your own custom configuration, please try the stock configs to see if the problem is configuration related.</P ><P -> If not using the latest version, chances are that the bug has been found +> If not using the latest version, the bug may have been found and fixed in the meantime. We would appreciate if you could take the time to <A HREF="http://www.privoxy.org/user-manual/installation.html" @@ -178,7 +266,127 @@ TARGET="_top" >upgrade to the latest version</A > (or even the latest CVS snapshot) and verify - your bug, but this is not required for reporting.</P + your bug.</P +><P +>Please be sure to provide the following information:</P +><P +> <P +></P +><UL +><LI +><P +> The exact <SPAN +CLASS="APPLICATION" +>Privoxy</SPAN +> version of the proxy software +(if you got the source from CVS, please also give the date). + </P +></LI +><LI +><P +> The operating system and verions you run + <SPAN +CLASS="APPLICATION" +>Privoxy</SPAN +> on, (e.g. <SPAN +CLASS="APPLICATION" +>Windows + XP</SPAN +>). + </P +></LI +><LI +><P +> The name, platform, and version of the <SPAN +CLASS="APPLICATION" +>browser</SPAN +> + you were using (e.g. <SPAN +CLASS="APPLICATION" +>Internet Explorer v5.5</SPAN +> for Mac). + </P +></LI +><LI +><P +> The URL where the problem occurred, or some way for us to duplicate the + problem (e.g. <TT +CLASS="LITERAL" +>http://somesite.example.com?somethingelse=123</TT +>). + </P +></LI +><LI +><P +> Whether your version of <SPAN +CLASS="APPLICATION" +>Privoxy</SPAN +> is one supplied + by the developers of <SPAN +CLASS="APPLICATION" +>Privoxy</SPAN +> via SourceForge, + or somewhere else. + </P +></LI +><LI +><P +> Whether you are using <SPAN +CLASS="APPLICATION" +>Privoxy</SPAN +> in tandem with + another proxy such as <SPAN +CLASS="APPLICATION" +>TOR</SPAN +>. If so, please try + disabling the other proxy. + </P +></LI +><LI +><P +> Whether you are using a personal firewall product. If so, does + <SPAN +CLASS="APPLICATION" +>Privoxy</SPAN +> work without it? + </P +></LI +><LI +><P +> Any other pertinent information to help identify the problem such as config + or log file excerpts (yes, you should have log file entries for each + action taken). + </P +></LI +><LI +><P +> <SPAN +CLASS="emphasis" +><I +CLASS="EMPHASIS" +>Please provide your SF login, or email address</I +></SPAN +>, in case we + need to contact you. + </P +></LI +></UL +></P +><P +> The <A +HREF="http://www.privoxy.org/user-manual/appendix.html#ACTIONSANAT" +TARGET="_top" +>appendix + of the user manual</A +> also has helpful information + on understanding <TT +CLASS="LITERAL" +>actions</TT +>, and <TT +CLASS="LITERAL" +>action</TT +> debugging. </P +></DIV ></DIV ><DIV CLASS="SECT2" @@ -186,8 +394,8 @@ CLASS="SECT2" CLASS="SECT2" ><A NAME="CONTACT-FEATURE" ->11.3. Request New Features</A -></H2 +></A +>11.3. Request New Features</H2 ><P > You are welcome to submit ideas on new features or other proposals for improvement through our feature request tracker at @@ -202,52 +410,9 @@ CLASS="SECT2" ><H2 CLASS="SECT2" ><A -NAME="CONTACT-ADS" ->11.4. Report Ads or Other Actions-Related Problems</A -></H2 -><P -> Please send feedback on ads that slipped through, innocent images that were blocked, - and any other problems relating to the <TT -CLASS="FILENAME" ->default.action</TT -> file through - our actions feedback mechanism located at - <A -HREF="javascript:w=Math.floor(screen.width/2);h=Math.floor(screen.height*0.9);void(window.open('http://www.privoxy.org/actions','Feedback','screenx='+w+',width='+w+',height='+h+',scrollbars=yes,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());" -TARGET="_top" ->http://www.privoxy.org/actions/</A ->. - On this page, you will also find a bookmark which will take you back there from - any troubled site and even pre-fill the form!</P -><P -> New, improved <TT -CLASS="FILENAME" ->default.action</TT -> files will occasionally be made - available based on your feedback. These will be announced on the <A -HREF="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce" -TARGET="_top" ->ijbswa-announce</A -> - list and available from our the <A -HREF="http://sourceforge.net/project/showfiles.php?group_id=11118" -TARGET="_top" ->files section</A -> of - our <A -HREF="http://sf.net/projects/ijbswa/" -TARGET="_top" ->project page</A ->.</P -></DIV -><DIV -CLASS="SECT2" -><H2 -CLASS="SECT2" -><A NAME="CONTACT-OTHER" ->11.5. Other</A -></H2 +></A +>11.4. Other</H2 ><P >For any other issues, feel free to use the mailing lists. Technically interested users and people who wish to contribute to the project are also welcome on the developers list! diff --git a/doc/webserver/user-manual/copyright.html b/doc/webserver/user-manual/copyright.html index 3e0331d4..7aa42b08 100644 --- a/doc/webserver/user-manual/copyright.html +++ b/doc/webserver/user-manual/copyright.html @@ -1,13 +1,13 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <HTML ><HEAD ><TITLE >Privoxy Copyright, License and History
Privoxy 3.0.3 User Manual
12. Privoxy Copyright, License and History Copyright, License and History
Copyright © 2001 - 2004 by Privoxy Developers Copyright © 2001 - 2006 by Privoxy Developers <developers@privoxy.org>ijbswa-developers@lists.sourceforge.net>
Some source code is based on code Copyright © 1997 by Anonymous Coders @@ -100,9 +100,9 @@ CLASS="SECT2" >
12.1. License
12.1. License
12.2. History12.2. History
In the beginning, there was the +> Along time ago, there was the Junkbusters Corporation. It saved many users a lot of pain in the early days of +>. This saved many users a lot of pain in the early days of web advertising and user tracking.
But the web, its protocols and standards, and with it, the techniques for - forcing users to consume ads, give up autonomy over their browsing, and - for spying on them, kept evolving. Unfortunately, the Internet Junkbuster12.3. Authors12.3. Authors
Current Developement Team:
Current Developement Team:
Hal Burgiss (docs)
- Andreas Oesterhelt
- David Schmidt (OS/2, Mac OSX ports)
-

David Schmidt
+ Fabian Keil
+
+Current Contributors:
+
+ Hal Burgiss
+ Johny Agotnes
+ Moritz Barsnick
+ Mattes Dolak
+ Roland Rosenfeld

Current and Former Project Contributors:
Former Project Developers and Contributors:
Johny Agotnes
- Rodrigo Barbosa (RPM specfiles)
- Moritz Barsnick
+>
+ Andreas Oesterhelt
+ Rodrigo Barbosa
Brian Dessent
- Mattes Dolak
Jon Foster
- Karsten Hopp (Red Hat)
+ Karsten Hopp
Alexander Lazic
Daniel Leite
Gábor Lipták
- Adam Lock (Win32)
+ Adam Lock
Guy Laroche
Haroon Rafique
- Roland Rosenfeld (Debian)
- Georg Sauthoff (Gentoo)
+ Georg Sauthoff
Thomas Steudten
- Joerg Strohmayer (Amiga)
+ Joerg Strohmayer
Rodney Stromlund
Sviatoslav Sviridov
Sarantis Paskalis
diff --git a/doc/webserver/user-manual/filter-file.html b/doc/webserver/user-manual/filter-file.html index 19642832..99edd6cd 100644 --- a/doc/webserver/user-manual/filter-file.html +++ b/doc/webserver/user-manual/filter-file.html @@ -1,13 +1,13 @@ - The Filter FileFilter Files
Privoxy 3.0.3 User Manual
9. The Filter File9. Filter Files
All text substitutions that can be invoked through the - filter action - must first be defined in the filter file, which is typically - called action which + must first be defined in a "filter file", such as + default.filter and which can be - selected through the . Mulitple filter files can be + defined through the filterfile config - option.
default.filter. It is recommended that any locally + defined or modified filters go in a separately defined file such as + user.filter. +
Typical reasons for doing such substitutions are to eliminate +> Typical reasons for doing these kinds of substitutions are to eliminate common annoyances in HTML and JavaScript, such as pop-up windows, exit consoles, crippled windows without navigation tools, the infamous <BLINK> tag etc, to suppress images with certain @@ -107,9 +120,9 @@ HREF="config.html#FILTERFILE" or just to have fun. The possibilities are endless.
Filtering works on any text-based document type, including - HTML, JavaScript, CSS etc. (all text/*text/* MIME types, except text/plaintext/plain). Substitutions are made at the source level, so if you want to keyword FILTER:FILTER:, followed by the filter's .
Once a filter called Once a filter called namename has been defined in the filter file, it can be invoked by using an action of the form - +filter{{name}name} in any Perl's - s///s/// operator. If you are familiar with Perl, you will find this to be quite intuitive, and may want to look at the - PCRS man page - for the subtle differences to Perl behaviour. Most notably, the non-standard - option letter U is supported, which turns the default - to ungreedy matching.
U is supported, + which turns the default to ungreedy matching.
If you are new to regular expressions, you might want to take a look at the the - s///s/// operator's syntax and
9.1. Filter File Tutorial
9.1. Filter File Tutorial
Now, let's complete our "foo" on each page. For global substitution, - we'll need to add the gg option:

Following the header line and a comment, you see the job. Note that it uses - | as the delimiter instead of | as the delimiter instead of //, because the pattern contains a forward slash, which would otherwise have to be escaped - by a backslash (\\).
Now, let's examine the pattern: it starts with the text Now, let's examine the pattern: it starts with the text <script.*<script.* - enclosed in parentheses. Since the dot matches any character, and ** means: text, i.e. it matches the whole page, from the start of the first <script> tag.
That's more than we want, but the pattern continues: That's more than we want, but the pattern continues: document\.referrerdocument\.referrer matches only the exact string
But there's still more pattern to go. The next element, again enclosed in parentheses, - is .*</script>. You already know what .*</script>. You already know what .*.* means, so the whole pattern translates to: Match from the start of the first <script> tag in a page to the end of the last <script> tag, provided that the text @@ -469,17 +481,17 @@ CLASS="QUOTE" >
This is still not the whole story, since we have ignored the options and the parentheses: The portions of the page matched by sub-patterns that are enclosed in parentheses, will be - remembered and be available through the variables $1, $2, ...$1, $2, ... in - the substitute. The UU option switches to ungreedy matching, which means - that the first .*.* in the pattern will only "eat up""document.referrer", and that the second , and that the second .*.* will only span the text up to the "</script>" - tag. Furthermore, the ss option says that the match may span - multiple lines in the page, and the gg option again means that the substitution is global.
"document.referrer" as as $1$1, and the part following - that string, up to and including the closing tag, as $2$2.
Now the pattern is deciphered, but wasn't this about substituting things? So - lets look at the substitute: $1"Not Your Business!"$2$1"Not Your Business!"$2 is - easy to read: The text remembered as $1$1, followed by - "Not Your Business!""Not Your Business!" (including - the quotation marks!), followed by the text remembered as $2$2. This produces an exact copy of the original string, with the middle part (the "document.referrer") replaced by ) replaced by "Not Your - Business!".
The whole job now reads: Replace "document.referrer" by - "Not Your Business!""Not Your Business!" wherever it appears inside a <script> tag. Note that this job won't break JavaScript syntax, since both the original and the replacement are syntactically valid @@ -604,31 +616,31 @@ s/window\.status\s*=\s*(['"]).*?\1/dUmMy=1/ig
\s\s stands for whitespace characters (space, tab, newline, - carriage return, form feed), so that \s*\s* means: "zero or more whitespace". The . The ? in ? in .*?.*? - makes this matching of arbitrary text ungreedy. (Note that the UU - option is not set). The ['"]['"] construct means: "a single @@ -639,13 +651,13 @@ CLASS="EMPHASIS" >or a double quote". Finally, . Finally, \1\1 is - a backreference to the first parenthesis just like $1$1 above, with the difference that in the "<body>" tags with the dummy word tags with the dummy word nevernever. - Note that the ii option makes the pattern matching case-insensitive. Also note that ungreedy matching alone doesn't always guarantee - a minimal match: In the first parenthesis, we had to use [^>]*[^>]* - instead of .*.* to prevent the match from exceeding the <body> tag if it doesn't contain
Note the Note the (?!\.com)(?!\.com) part (a so-called negative lookahead) in the job's pattern, which means: Don't match, if the string
The The xx option in this job turns on extended syntax, and allows for e.g. the liberal use of (non-interpreted!) whitespace for nicer formatting.
9.2. The Pre-defined Filters9.2. The Pre-defined Filters
The distribution
replaces JavaScript references to the browser's referrer information - with the string "Not Your Business!". This compliments the hide-referrer action on the content level.
This filter will undo many common instances of HTML based abuse. The The BLINK and BLINK and MARQUEEMARQUEE tags are neutralized (yeah baby!), and browser windows will be created as resizable (as of course they should be!), and will have location, @@ -936,19 +948,19 @@ CLASS="EMPHASIS" > Most cookies are set in the HTTP dialogue, where they can be intercepted by the - crunch-incoming-cookies - and crunch-outgoing-cookies actions. But web sites increasingly make use of HTML meta tags and JavaScript to sneak cookies to the browser on the content level. @@ -1031,12 +1043,12 @@ CLASS="EMPHASIS" >
This is a helper filter that has no value if used alone. It makes the - banners-by-size and banners-by-size and banners-by-linkbanners-by-link (see below) filters more effective and should be enabled together with them.
Many Microsoft products that generate HTML use non-standard extensions (read: - violations) of the ISO 8859-1 aka Latin-1 character set. This causes those + violations) of the ISO 8859-1 aka Latin-1 character set. This can cause those HTML documents to display with errors on standard-compliant platforms.
filter-server-headers

filter-client-headers

Privoxy 3.0.3 User ManualPrivoxy 3.0.4 User ManualPrivoxy 3.0.3 User ManualPrivoxy 3.0.4 User Manual

$Id: index.html,v 1.18.2.11 2004/01/31 00:05:44 oes Exp $

$Id: user-manual.sgml,v 2.13 2006/08/22 11:04:59 hal9 Exp $

The User Manual

3. What's New in this Release

3.1. Note to Upgraders

6.1. Controlling Privoxy 8.1. Finding the Right Mix 8.2. How to Edit 8.4.1. The Domain Pattern 8.4.2. The Path Pattern 8.5.3. content-type-overwrite 8.5.4. crunch-server-header 8.5.5. crunch-if-none-match 8.5.6. crunch-incoming-cookies 8.5.4. 8.5.7. crunch-server-header 8.5.8. crunch-outgoing-cookies 8.5.5. 8.5.9. deanimate-gifs 8.5.6. 8.5.10. downgrade-http-version 8.5.7. 8.5.11. fast-redirects 8.5.8. 8.5.12. filter 8.5.9. 8.5.13. force-text-mode 8.5.14. handle-as-empty-document 8.5.15. handle-as-image 8.5.10. 8.5.16. hide-accept-language 8.5.17. hide-content-disposition 8.5.18. hide-if-modified-since 8.5.19. hide-forwarded-for-headers 8.5.11. 8.5.20. hide-from-header 8.5.12. 8.5.21. hide-referrer 8.5.13. 8.5.22. hide-user-agent 8.5.14. 8.5.23. inspect-jpegs 8.5.24. kill-popups 8.5.15. 8.5.25. limit-connect 8.5.16. 8.5.26. prevent-compression 8.5.17. 8.5.27. overwrite-last-modified 8.5.28. redirect 8.5.29. send-vanilla-wafer 8.5.18. 8.5.30. send-wafer 8.5.19. 8.5.31. session-cookies-only 8.5.20. 8.5.32. set-image-blocker 8.5.21. 8.5.33. treat-forbidden-connects-like-blocks 8.5.34. Summary 8.7.1. default.action 8.7.2. user.action

9. The Filter FileFilter Files

9.1. Filter File Tutorial

11.2. Reporting Problems

11.2.1. Reporting Ads or Other Configuration Problems
11.2.2. Report BugsReporting Bugs

11.3.

11.4. Report Ads or Other Actions-Related Problems

11.5. Other

12.1. License

14.2. Privoxy InstallationPrivoxy 3.0.3 User ManualPrivoxy 3.0.4 User Manual Next 2. Installation2. Installation
See the note to upgraders section below.
2.1. Binary Packages2.1. Binary Packages
How to install the binary packages depends on your operating system:
2.1.1. Red Hat, SuSE and Conectiva RPMs2.1.1. Red Hat, SuSE and Conectiva RPMs
RPMs can be installed with RPMs can be installed with rpm -Uvh privoxy-3.0.3-1.rpmrpm -Uvh privoxy-3.0.4-1.rpm, and will use
If you have problems with failed dependencies, try rebuilding the SRC RPM: - rpm --rebuild privoxy-3.0.3-1.src.rpmrpm --rebuild privoxy-3.0.4-1.src.rpm. This will use your locally installed libraries and RPM version.
2.1.2. Debian2.1.2. Debian
DEBs can be installed with DEBs can be installed with apt-get install privoxyapt-get install privoxy, and will use 2.1.3. Windows2.1.3. Windows
Just double-click the installer, which will guide you through the installation process. You will find the configuration files - in the same directory as you installed Privoxy in. We do not - use the registry of Windows.
2.1.4. Solaris, NetBSD, FreeBSD, HP-UX2.1.4. Solaris, NetBSD, FreeBSD, HP-UX Create a new directory, Create a new directory, cdcd to it, then unzip and untar the archive. For the most part, you'll have to figure out where things go. 2.1.5. OS/22.1.5. OS/2 First, make sure that no previous installations of 2.1.6. Mac OSX2.1.6. Mac OSX
Unzip the downloaded file (you can either double-click on the file from the finder, or from the desktop if you downloaded it there). Then, double-click on the package installer icon named - Privoxy.pkgPrivoxy.pkg and follow the installation process. Privoxy will be installed in the folder - /Library/Privoxy/Library/Privoxy. It will start automatically whenever you start up. To prevent it from starting automatically, remove or rename the folder - /Library/StartupItems/Privoxy/Library/StartupItems/Privoxy.
To start Privoxy by hand, double-click on - StartPrivoxy.commandStartPrivoxy.command in the - /Library/Privoxy/Library/Privoxy folder. Or, type this command in the Terminal:
2.1.7. AmigaOS2.1.7. AmigaOS
Copy and then unpack the 2.1.8. Gentoo2.1.8. Gentoo
Gentoo source packages (Ebuilds) for Privoxy under Gentoo just do - first emerge rsyncemerge rsync to get the latest changes from the - Portage tree. With emerge privoxyemerge privoxy you install the latest version.
, the documentation is in /usr/share/doc/privoxy-3.0.3/usr/share/doc/privoxy-3.0.4 and the Log directory is in 2.2. Building from Source2.2. Building from Source
The most convenient way to obtain the the CVS repository or simply download the nightly CVS - tarball.
. To build are required. When building from a source tarball (either release version or - nightly CVS - tarball), first unpack the source: tar xzvf privoxy-3.0.3-src* [.tgz or .tar.gz] - cd privoxy-3.0.3 tar xzvf privoxy-3.0.4-beta-src* [.tgz or .tar.gz] + cd privoxy-3.0.4-beta For retrieving the current CVS sources, you'll need CVS installed. Note that sources from CVS are development quality, and may not be - stable, or well tested. To download CVS source: , which will contain the source tree. Then, in either case, to build from unpacked tarball or CVS source: You can also check out any Privoxy + "branch", just exchange the current + name with the wanted branch name (Example: v_3_0_branch for the 3.0 cvs + tree). It is also strongly recommended to not run Privoxy + as root, and instead it is suggested to create a "privoxy" user + and group for this purpose. See your local documentation for the correct + command line to do this. /etc/passwd might then look like: cvs -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa login - cvs -z3 -d:pserver:anonymous@cvs.ijbswa.sourceforge.net:/cvsroot/ijbswa co current +> cvs -d:pserver:anonymous@ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa login + cvs -z3 -d:pserver:anonymous@ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa co current cd current privoxy:*:7777:7777:privoxy proxy:/no/home:/no/shell And then /etc/group, like: privoxy:*:7777: Some binary packages may do this for you. Then, to build from either unpacked tarball or CVS source: autoheader autoconf ./configure # (--help to see options) - make # (the make from gnu, gmake for *BSD) + make # (the make from GNU, sometimes called gmake) su make -n install # (to see where all the files will go) - make install # (to really install) If you have gnu make, you can have the first four steps +> If you have GNU make, you can have the first four steps automatically done for you by just typing: in the freshly downloaded or unpacked source directory. WARNING: If installing as root, the install will fail + unless a non-root user or group is specified, or a privoxy + user and group already exist on the system. If a non-root user is specified, + and no group, then the installation will try to also use a group of the same name + as "user". If a group is specified (and no user), then the + support files will be installed as writable by that group, and owned by the + user running the installation. configure accepts --with-user and + --with-group options for setting user and group ownership + of the configuration files (which need to be writable by the daemon). The + specified user must already exist. When starting + Privoxy, it should be run as this same user to + insure write access to configuration and log files. Alternately, you can specify user and group + on the make command line, but be sure both already exist: make -s install USER=privoxy GROUP=privoxy The default installation path for make install is + /usr/local. This may of course be customized with + the various ./configure path options. If you are doing + a root install to anywhere else besides /usr/local, be + sure to set the appropriate paths with the correct configure options + (./configure --help). If you do install to /usr/local, the install will use + sysconfdir=$prefix/etc/privoxy by default. All other + destinations, and the direct usage of --sysconfdir flag + behave like normal, i.e. will not add the extra privoxy + directory. This is for a safer install, as there may already exist another + program that uses a file with the "config" name, and thus makes + /usr/local/etc cleaner. If installing to /usr/local, the docs will go by default + to $prefix/share/doc. But if this directory doesn't + exist, it will then try $prefix/doc and install there before + creating a new $prefix/share/doc just for + Privoxy. Again, if the installs goes to /usr/local, the + localstatedir (ie: var/) will default + to /var instead of $prefix/var so + the logs will go to /var/log/privoxy/, and the pid file + will be created in /var/run/privoxy.pid. make install will attempt to set the correct values + in config (main configuration file). You may want + to check this to make sure all values are correct. If appropriate, + an init script will be installed, but it is up to the user to determine + how and where to start Privoxy. The init + script should be checked for correct paths and values, if anything other than + a default install is done. If install finds previous versions of any configuration files, these will not + be overwritten, and the new ones will be installed with a "new" + extension. You will then need to manually update the installed configuration + files as needed. All template files will be overwritten. If you have + customized, local templates, you should save these first. If a previous + version of Privoxy is already running, you will + have to restart it manually. For more detailed instructions on how to build Redhat and SuSE RPMs, Windows self-extracting installers, building on platforms with special requirements etc, please consult the 2.3. Keeping your Installation Up-to-Date2.3. Keeping your Installation Up-to-Date As user feedback comes in and development continues, we will make updated versions of both the main , ijbswa-announce@lists.sourceforge.net. In order not to loose your personal changes and adjustments when updating - to the latest In order not to lose your personal changes and adjustments when updating + to the latest default.actiondefault.action file we strongly recommend that you use that you use user.actionuser.action for your customization of NextNote to UpgradersWhat's New in this Release
IntroductionPrivoxy 3.0.3 User ManualPrivoxy 3.0.4 User Manual1. Introduction1. Introduction This documentation is included with the current stable version of +> This documentation is included with the current BETA version of Privoxy, v.3.0.3., v.3.0.4, + and is mostly complete at this point. The most up to date reference for the + time being is still the comments in the source files and in the individual + configuration files. Development of version 3.0 is currently nearing + completion, and includes many significant changes and enhancements over + earlier versions. The target release date for + stable v3.0 is "soon" ;-). Since this is a BETA version, not all new features are well tested. This + documentation may be slightly out of sync as a result (especially with + CVS sources). And there may be bugs, though hopefully + not many!
1.1. Features 1.1. Features In addition to Privoxy provides new features: provides new features, + some of them currently under development: Privoxy 3.0.3 User ManualPrivoxy 3.0.4 User Manual Quickstart to Using PrivoxyPrivoxy 3.0.3 User ManualPrivoxy 3.0.4 User ManualPrev4. Quickstart to Using Privoxy
If upgrading, from versions before 2.9.16, please back up any configuration - files. See the Note to Upgraders Section. -
Install PrivoxyPrivoxy as HTTP and HTTPS (SSL) proxy by setting the proxy configuration for address of - 127.0.0.1 and port 127.0.0.1 and port 81188118. (
Now enjoy surfing with enhanced comfort and privacy! +> Now enjoy surfing with enhanced control, comfort and privacy!
4.1. Quickstart to Ad Blocking4.1. Quickstart to Ad Blocking
Ad blocking is but one of
The actions we need to know about for ad blocking are: The actions we need to know about for ad blocking are: block, , handle-as-image, and - set-image-blocker:

block - this action stops any contact between your browser and any URL patterns that match this action's configuration. It can be used for blocking ads, but also anything @@ -414,12 +405,12 @@ CLASS="APPLICATION" >
handle-as-image - tells
set-image-blocker - tells Privoxy what to display in place of an ad image that has hit a block rule. For this to come into play, the URL must match a - block action somewhere in the configuration, and, it must also match an - handle-as-image action.

You should have a section with only - block listed under "Actions:". This will bring up a list of all actions. Find - block near the top, and click in the
Now, in the Now, in the block actions section, click the Copy Link Location". - Remove the http://http:// at the beginning of the URL. Then, click PrevNote to UpgradersWhat's New in this Release See AlsoPrivoxy 3.0.3 User ManualPrivoxy 3.0.4 User Manual13. See Also13. See Also
Other references and sites of interest to
-
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/ijbswa/contrib/, cool - and fun ideas from Privoxy users. -
+
-
http://www.waldherr.org/junkbuster/, - Stefan Waldherr's version of Junkbuster, from which Privoxy was - derived. -
+
Starting PrivoxyPrivoxy 3.0.4 User ManualPrivoxy 3.0.4 User ManualFilter Files

Privoxy 3.0.3 User Manual
5. Starting Privoxy
Before launching
With Firefox, this can be set under:
Tools
+   |_
+         Options
+                |_
+                        General
+                              |_
+                                    Connection Settings
+                                         |_
+                                                Manual Proxy Configuration
+ With Netscape (and Privoxy is typically started by specifying the +> itself is typically started by specifying the main configuration file to be used on the command line. If no configuration file is specified on the command line, 5.1. Red Hat and Conectiva5.1. Red Hat and Conectiva
We use a script. Note that Red Hat does not start Privoxy upon booting per default. It will use the file 5.2. Debian5.2. Debian
We use a script. Note that Debian starts Privoxy upon booting per default. It will use the file @@ -278,8 +310,8 @@ CLASS="SECT2" CLASS="SECT2" >5.3. SuSE5.3. SuSE
We use a script. It will use the file 5.4. Windows5.4. Windows
Click on the Privoxy Icon to start Privoxy. If no configuration file is specified on the command line, 5.5. Solaris, NetBSD, FreeBSD, HP-UX and others5.5. Solaris, NetBSD, FreeBSD, HP-UX and others
Example Unix startup command:
5.6. OS/25.6. OS/2
During installation, 5.7. Mac OSX5.7. Mac OSX
During installation, Privoxy is configured to start automatically when the system restarts. To start Privoxy by hand, - double-click on the StartPrivoxy.commandStartPrivoxy.command icon in the - /Library/Privoxy/Library/Privoxy folder. Or, type this command in the Terminal:
5.8. AmigaOS5.8. AmigaOS
Start 5.9. Gentoo5.9. Gentoo
A script is again used. It will use the file Privoxy is not automatically started at - boot time by default. You can change this with the rc-updaterc-update command.
5.10. Command Line Options5.10. Command Line Options
Templates
Privoxy 3.0.3 User Manual
10. Templates10. Templates
All Not recommended for the casual user). Note that - just like in configuration files, lines starting with ## are ignored when the templates are filled in.
The place-holders are of the form The place-holders are of the form @name@@name@, and you will find a list of available symbols, which vary from template to template, in the comments at the start of each file. Note that these comments are not @@ -170,7 +170,7 @@ CLASS="LITERAL" CLASS="APPLICATION" >Privoxy - in in an alpha or beta development stage:

If the "unstable" symbol is set, everything in between and including - @if-unstable-start and @if-unstable-start and if-unstable-end@if-unstable-end@ will disappear, leaving nothing but an empty comment:
There's also an if-then-else construct and an There's also an if-then-else construct and an #include#include mechanism, but you'll sure find out if you are inclined to edit the templates ;-)
http://config.privoxy.org/send-stylesheethttp://config.privoxy.org/send-stylesheet. This is, of course, locally served by The Filter File What's New in this Release
Privoxy 3.0.4 User Manual
Prev Next
3. What's New in this Release
There are many new features in Privoxy 3.0.4 + :

Mulitiple filter files can now be specifed in config. +
+ There are a number of new actions: +

content-type-overwrite +
crunch-client-header +
crunch-if-none-match +
crunch-server-header +
fast-redirects +
force-text-mode +
handle-as-empty-document +
hide-accept-language +
hide-content-disposition +
hide-if-modified-since +
hide-referrer +
inspect-jpegs +
overwrite-last-modified +
redirect +
treat-forbidden-connects-like-blocks +
+
MS-Windows versions can now be installed and + started as a service. +
In addition, there are various bug fixes and enhancements, including + error pages are no longer cached, better DNS error handling, and logging + improvements. +
3.1. Note to Upgraders
A quick list of things to be aware of before upgrading from earlier + versions of Privoxy:

+ Some installers may remove earlier versions completely, including + configuration files. Save any important configuration files! +
+ What constitutes a "default" configuration has changed, + and you may want to review which actions are "on" by + default. This is primarily a matter of emphasis, but some features + you may have been used to, may now be "off" by default. +
+ Some installers may not automatically start + Privoxy after installation. +
Prev Home Next
Installation Quickstart to Using Privoxy
\ No newline at end of file

- +filter{js-events} # Kill all JS event bindings (Radically destructive! Only for extra nasty sites) +>8.5.9. deanimate-gifs

- +filter{unsolicited-popups} # Disable only unsolicited pop-up windows +>8.5.10. downgrade-http-version

8.5.11. fast-redirects

8.5.12. filter

8.5.13. force-text-mode

8.5.14. handle-as-empty-document

8.5.15. handle-as-image

8.5.16. hide-accept-language

- +filter{crude-parental} # Crude parental filtering (demo only) +>8.5.17. hide-content-disposition

8.5.23. inspect-jpegs

8.5.26. prevent-compression

8.5.27. overwrite-last-modified

8.5.33. treat-forbidden-connects-like-blocks

14.2. Privoxy's Internal Pages

6.1. Controlling Privoxy with Your Web Browser

Privoxy Menu

3. What's New in this Release

3.1. Note to Upgraders

-
+filter{js-events} # Kill all JS event bindings (Radically destructive! Only for extra nasty sites)
+>8.5.9. deanimate-gifs

-
+filter{unsolicited-popups} # Disable only unsolicited pop-up windows
+>8.5.10. downgrade-http-version

-
+filter{crude-parental} # Crude parental filtering (demo only)
+>8.5.17. hide-content-disposition