2 File : doc/source/changelog.sgml
4 Purpose : Entity included in other project documents.
6 Copyright (C) 2013-2018 Privoxy Developers https://www.privoxy.org/
9 ======================================================================
10 This file used for inclusion with other documents only.
11 ======================================================================
13 If you make changes to this file, please verify the finished
14 docs all display as intended.
16 This file is included into:
23 The SGML ChangeLog can be generated with: utils/changelog2doc.pl ChangeLog
27 <application>Privoxy 3.0.30</application> fixes a couple of bugs
28 and introduces a few new features.
31 Changes in <application>Privoxy 3.0.30</application> stable:
41 Check the actual URL for redirects when https inspecting requests.
42 Previously Privoxy would only check the path which resulted in
43 rewrite results being rejected as invalid URLs.
44 Reported by withoutname in #1736.
49 Let the hide-referrer code tolerate Referer headers with https:// URLs.
50 Previously they would always be treated like a changed host.
55 Use the https headers if the show-request handler is reached through
56 https://. Previously Privoxy would use the http headers which
57 may be empty on a reused connection.
62 Make CGI_PREFIX protocol-relative when building with FEATURE_HTTPS_INSPECTION.
63 This unbreaks (at least) https://config.privoxy.org/client-tags whose
64 buttons would previously use a http:// URL resulting in browser warnings.
69 Support using https-inspection and client-header-order at the same time.
70 Previously Privoxy would crash.
71 Reported by: Kai Raven
76 Properly reject rewrites from http to https as they currently
77 aren't supported. Previously Privoxy would wait for the client
78 to establish an encrypted connection which obviously would not happen.
83 When https inspection is enabled and Privoxy has been compiled with
84 FEATURE_GRACEFUL_TERMINATION (not recommended for production builds),
85 the TLS backend resources are free'd later on and only if no active
86 connections are left. Prevents crashes when exiting "gracefully" at the
99 Allow to rewrite the request destination for https-inspected
100 requests behind the client's back. The documentation already sort
101 of claimed that it was supported by not especially mentioning that
102 it didn't work for https-inspected requests.
103 Fixes SF bug #923 reported by withoutname.
108 Add support for filtering client request bodies by using
109 CLIENT-BODY-FILTER filters which can be enabled with the
110 client-body-filter action.
111 Patch submitted by Maxim Antonov.
112 Sponsored by: Robert Klemme
117 Add the new action suppress-tag{} which can be used to prevent
118 a tagger from adding a tag. Patch submitted by Maxim Antonov.
119 Sponsored by: Robert Klemme
124 Gracefully handle existing website keys without matching certificates.
125 This can happen if Privoxy was previously running with an invalid
126 TLS configuration that didn't allow it to create a certificate.
131 Recycle debug bit 4 for Tagging-related messages.
136 Improve the message shown when the client-tags CGI page
137 is requested with no tags configured.
142 Shorten the 'donate' and 'participate' links used by templates
143 using redirects. Currently the redirects lead to the FAQ entries
144 but in the future we may want to relocate the content and using
145 redirects makes this more convenient.
150 Log an error when a PCRE-HOST-PATTERN is used with
151 FEATURE_PCRE_HOST_PATTERNS disabled. Don't treat this a
152 fatal error so the regression tests can be used with and
153 without FEATURE_PCRE_HOST_PATTERNS.
158 The code compiles with older C compilers again.
163 The chdir() return code is checked to fix a compiler warning.
168 The packages feed has been removed from the source tarball.
169 It's usually out of date when the source tarball is generated
175 Fixed harmless compiler warnings from GCC9 with -D_FORTIFY_SOURCE=2.
180 windows: Remove obsolete '$(DEST)/doc/images' target.
185 windows: Install the images referenced in the user manual.
190 Remove obsolete 'gnu_regex.@OBJEXT@' target.
195 When installing from the GNUMAkefile, don't create an 'images'
196 directory which is no longer used. The images were relocated to
197 the user-manual directory years ago.
202 Add new FEATURES to the show-status page and resort list.
207 Remove unused variable in the OpenSSL-specific code.
212 Update bug tracker URL in cgi_error_unknown().
217 Saved a couple of memory allocations when sorting client headers.
222 Improved a couple of error messages.
227 Saved memory allocations when using OpenSSL and checking if a
233 The configure script will bail out if OpenSSL and mbedTLS are
234 enabled at the same time.
239 Log a message right before exiting gracefully.
244 A couple of structures have been rearranged to require slightly
250 When https inspection is enabled and the certificate is invalid
251 the error message is now sent with status code 403 instead of 200.
256 The Slackware rc script template has been renamed to
257 slackware/rc.privoxy.in to silence complaints when building
263 When building with MbedTLS support, mbedtls_md5_ret() is used
264 instead of mbedtls_md5() which is deprecated and causes a warning
273 Action file improvements:
277 Block requests to eu-tlp03.kameleoon.com/.
282 Unblock metrics.sr.ht/.
287 Disable fast-redirects for .fsf.org/.
292 Disable fast-redirects for .gravater.com/.
297 Disable fast-redirects for .ksta.de/.
302 Block requests to tag.crsspxl.com/.
307 Block requests to analytics.slashdotmedia.com/.
312 Block requests to ml314.com/.
317 Block requests to .adroll.com/.
322 Block requests to fastlane.rubiconproject.com/.
327 Block requests to api.theadex.com/.
332 Block requests to ih.adscale.de/.
337 Block requests to .s400.meetrics.net/.
342 Block requests for pp.lp4.io/.
347 Block requests for trc-events.taboola.com/.
355 Filter file improvements:
359 A allow-autocompletion filter has been added which changes
360 autocomplete="off" to "on" on input fields to allow autocompletion.
361 Requested by Jamie Zawinski in #370.
362 Filter based on a submission by Aaron Linville.
367 Added an imdb filter.
372 Added a sourceforge filter that reduces the amount of ads
373 for proprietary software.
378 Added a github filter that removes the annoying "Sign-Up"
379 banner and the Cookie disclaimer.
384 Removed a duplicated pcrs command from the js-annoyances filter.
389 The crude-parental filter now provides a short reason when blocking,
390 inserts a link to Privoxy's webinterface and adds a new line at
391 the end of the generated page.
403 Highlight a few more messages.
408 Add a handler for tagging messages.
413 Properly deal with 'Certificate error' crunches
414 Previously the error description was highlighted as 'host'.
419 Log truncated LOG_LEVEL_CLF messages more gracefully
420 and note that the statistics will be imprecise.
430 Bump version to 0.9.2.
438 Privoxy-Regression-Test:
442 Use http://127.0.0.1:8118/ as default Privoxy address
443 unless http_proxy is set through the environment.
448 Add a --privoxy-cgi-prefix option that specifies the prefix
449 to use when building URLs that are supposed to reach Privoxy's
450 CGI interface. If it's not set, http://p.p/ is used, which is
451 supposed to work with the default Privoxy configuration.
452 If Privoxy has been built with FEATURE_HTTPS_INSPECTION enabled,
453 and if https inspection is activated with the +https-inspection
454 action, this option can be used with "https://p.p/" provided the
455 system running Privoxy-Regression-Test has been configured to
456 trust the certificate used by Privoxy.
457 Note that there are currently two tests in the official
458 regression-tests.action file that are expected to fail
459 when using "https://p.p/" as privoxy-cgi-prefix.
464 Skip the connection-established response in get_status_code()
465 when looking for the status code with a CGI prefix
466 that starts with https://. We care about the status code
467 sent by the impersonated web server.
472 Use --proxy-header when using a CGI prefix with https://
473 and a "Host:" header.
478 Allow '|' in tokens and values to allow tag patterns like
479 "TAG:^(application|text)/(x-)?javascript$".
484 When get_cgi_page_or_else() fails, include the URL of the
485 requested page in the log message.
490 Added a --check-bad-ssl option that can be used to verify that
491 Privoxy detects certificate problems when accessing the test
492 sites from badssl.com.
497 Bumped version to 0.7.2
509 Update example output.
514 Recommend the use of the https-inspection action in the documentation.
519 Upgrade a couple of URLs to https://.
524 Add ElectroBSD to the list of operating systems.
529 Bumped generated Firefox version to 78 (ESR).
534 Bumped version to 1.2.2.
546 Remove reference to 'How to Report Bugs Effectively'.
547 It was only rendered as text without URL in the README anyway
548 and there's no indication that users read it ...
553 Let the dok-readme target fix the location embedded into the
554 README file. This used to be done by CVS but since the git migration
555 it has to be done through other means.
560 Remove 'experimental' warning for client-specific-tag-related directives.
561 They seem to work reliably and there is no obvious reason
562 why we would change the syntax in the near future.
567 Describe how to check if Privoxy has been built with
568 FEATURE_HTTPS_INSPECTION.
573 Add a link to the trusted-cas-file documentation
574 that explains how the user can create the file herself.
579 Don't explicitly mention the license for the code coming from
580 'Anonymous Coders' and Junkbusters. It's obviously licensed under
581 the GNU GPL like the rest of Privoxy or we wouldn't be allowed to
587 Update the +hide-user-agent example with uagen output.
592 Slightly improve the wording of the ca-key-file documentation.
597 Explicitly mention Windows 10 as supported so search engines and
598 users looking for it can find it.
603 Import a bunch of contributors from the ChangeLog.
608 Remove obsolete doc/gpl.html.
613 Upgrade a couple of links to https://.
618 Don't prefer the SourceForge patch tracker over the
619 privoxy-devel mailing list. While at it, link to the
620 SourceForge patch tracker.
625 Mention http-inspection in the 'my browser warns me about
626 unauthenticated content' FAQ entry.
631 Simplify the 'Is there is a license or fee?' FAQ entry.
636 Add another +redirect{} example.
641 Explicitly mention that interested sponsors should include
642 the link target in their first mail.
647 Clarify that only Privoxy team members can object to new sponsors
648 and link to the list of current team members.
653 Note that sponsor URLs may not contain keyword spam.
658 Garbage collect doc/webserver/images which isn't referenced anymore.
663 Update the method to reach the proxy settings in Firefox.
668 Update proxy_setup.jpg description to refer to Firefox.
673 Regenerate proxy_setup.jpg with a more recent Firefox (78.0).
678 Regenerate files-in-use.jpg without obsolete standard.action
679 with modern colors and a slightly better quality.
684 Update URL to the actionsfile tracker.
689 Update a support request URL.
694 Rephrase the 'Can Privoxy run as service' FAQ entry and
695 remove an obsolete paragraph.
700 Let the 'Where can I get updated Actions Files?' entry link to
701 the gitweb version of default.action.master.
706 Update a link to the default.action file.
711 Update URLs for trackers and mailing lists.
716 Replace CVS reference with git.
721 Mention regression-tests.action in the config file.
726 Explicitly mention in the config file that access to the
727 CA key should be limited to Privoxy.
732 List more client-specific-tag examples for inspiration.
737 Add additional headers to the client-header-order example.
742 Note that actions aren't updated after rewrites.
747 Explicitly mention that upgrading from http to https with
748 a client-header filter is not supported
753 Note that protocol and host have to be added when rewriting
754 the destination host for https-inspected requests.
759 Explicitly mention that the CA key is used to sign certificates.
764 Put openssl command in 'command' tags.
769 The man page has been moved from section 1 to man section 8.
781 Flesh out the build instructions for Debian.
786 Remove the packaging instructions for RPM-based systems.
787 They don't work and we don't release RPM packages anymore anyway.
792 Remove the packaging instructions for Solaris.
793 They don't work and we don't release Solaris packages anymore anyway.
798 Update the suggested subject for the announce mails.
803 Update upload instructions.
804 ftp://upload.sourceforge.net is no longer functional.
809 Remove a couple of package-dependent upload instructions
810 that don't actually work.
815 Remove 'cd current' that no longer works.
820 Add regression-tests.action to the list of files that should be installed.
825 Stop claiming that there are text versions of the manuals.
826 We stopped building them in 2008 (9ed36a3c5e6f12).
831 Note that the 'webserver' target creates the link needed for the user-manual.
836 Suggest to use the master branch as reference when creating
837 the ChangeLog so the steps work when the current branch differs
838 from master which is likely as the developer manual
839 suggests to use a local branch for development.
844 Add the -s flag to the suggested 'git tag' command. We prefer signed tags.
849 Mention that merges into 'master' should be avoided.
854 Add git commands that should result in a merge-free history.
859 Mention Privoxy-Regression-Test.
864 Add a section id to reduce link churn.
869 Recommend the dok-tidy target when building docs for the webserver.
874 Add another plug for the privoxy-devel mailing list.
879 Let the intro link the copyright section in the user manual instead
880 of giving an incomplete summary of the license status.
885 Clarify that the webserver target uploads to the SourceForge webserver.
890 Mark the documentation for the Mac OS X installers as out of date and
891 change the SCM name back to CVS.
896 Fix the location of the installer modules for Mac OS X.
897 They are not actually available through git (yet).
902 Don't speak of Privoxy version 3 in the past tense.
907 Update the list of programs required for the release process.
912 Update description of the webserver target which uses ssh, not scp.
917 Remove obsolete reference to config.new.
929 Add another hide-referrer{conditional-block} test.
934 Add another hide-referrer{conditional-forge} test.
939 Fix a hide-referrer{conditional-forge} test
940 that expected an acceptable header to be forged.
945 Fix a hide-referrer{conditional-block} test
946 that expected an acceptable Referer to be removed.
951 Explain why the "Set Header = Host: whatever.example.org" test is
952 expected to fail when using a CGI prefix that starts with "https://".
957 Explain why a connection-sharing test is known to fail
958 when using "https://p.p/" as CGI prefix.
963 Add a link to Privoxy-Regression-Test to regression-tests.action
964 in case it isn't packaged.
969 Add regression tests for pcre host patterns.
977 Privoxy infrastructure:
981 Import a Privoxy logo for the website.
986 Update Tor onion service to HiddenServiceVersion 3.
991 Display the "model" photos in a single row and remove placeholder images.
996 Regenerate homepage with updated sponsor list.
1001 Use the '/sponsor' redirect for the link to the sponsor page.
1006 Git commit messages are sent to the Privoxy-commits mailing list.