1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
2 "http://www.w3.org/TR/html4/loose.dtd">
6 <title>What's New in this Release</title>
7 <meta name="GENERATOR" content=
8 "Modular DocBook HTML Stylesheet Version 1.79">
9 <link rel="HOME" title="Privoxy 3.0.22 User Manual" href="index.html">
10 <link rel="PREVIOUS" title="Installation" href="installation.html">
11 <link rel="NEXT" title="Quickstart to Using Privoxy" href=
13 <link rel="STYLESHEET" type="text/css" href="../p_doc.css">
14 <meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
15 <link rel="STYLESHEET" type="text/css" href="p_doc.css">
18 <body class="SECT1" bgcolor="#EEEEEE" text="#000000" link="#0000FF" vlink=
19 "#840084" alink="#0000FF">
20 <div class="NAVHEADER">
21 <table summary="Header navigation table" width="100%" border="0"
22 cellpadding="0" cellspacing="0">
24 <th colspan="3" align="center">Privoxy 3.0.22 User Manual</th>
28 <td width="10%" align="left" valign="bottom"><a href=
29 "installation.html" accesskey="P">Prev</a></td>
31 <td width="80%" align="center" valign="bottom"></td>
33 <td width="10%" align="right" valign="bottom"><a href=
34 "quickstart.html" accesskey="N">Next</a></td>
37 <hr align="left" width="100%">
41 <h1 class="SECT1"><a name="WHATSNEW" id="WHATSNEW">3. What's New in this
44 <p><span class="APPLICATION">Privoxy 3.0.22</span> stable is mainly a
45 bug-fix release, it also has a couple of new features, though. Note that
46 the first two entries in the ChangeLog below refer to security
55 <p>Fixed a memory leak when rejecting client connections due to
56 the socket limit being reached (CID 66382). This affected Privoxy
57 3.0.21 when compiled with IPv6 support (on most platforms this is
62 <p>Fixed an immediate-use-after-free bug (CID 66394) and two
63 additional unconfirmed use-after-free complaints made by Coverity
64 scan (CID 66391, CID 66376).</p>
68 <p>Actually show the FORCE_PREFIX value on the show-status
73 <p>Properly deal with Keep-Alive headers with timeout= parameters
74 If the timeout still can't be parsed, use the configured timeout
75 instead of preventing the client from keeping the connection
76 alive. Fixes #3615312/#870 reported by Bernard Guillot.</p>
80 <p>Not using any filter files no longer results in warning
81 messages unless an action file is referencing header taggers or
82 filters. Reported by Stefan Kurtz in #3614835.</p>
86 <p>Fixed a bug that prevented Privoxy from reusing some reusable
87 connections. Two bit masks with different purpose unintentionally
88 shared the same bit.</p>
92 <p>A couple of additional bugs were discovered by Coverity Scan.
93 The fixes that are not expected to affect users are not
94 explicitly mentioned here, for details please have a look at the
101 <p>General improvements:</p>
105 <p>Introduced negative tag patterns NO-REQUEST-TAG and
106 NO-RESPONSE-TAG. They apply if no matching tag is found after
107 parsing client or server headers.</p>
111 <p>Add support for external filters which allow to process the
112 response body with a script or program written in any language
113 the platform supports. External filters are enabled with
114 +external-filter{} after they have been defined in one of the
115 filter files with a header line starting with "EXTERNAL-FILTER:".
116 External filter support is experimental, not compiled by default
117 and known not to work on all platforms.</p>
121 <p>Add support for the 'PATCH' method as defined in RFC5789.</p>
125 <p>Reject requests with unsupported Expect header values. Fixes a
126 couple of Co-Advisor tests.</p>
130 <p>Normalize the HTTP-version in forwarded requests and
131 responses. This is an explicit RFC 2616 MUST and RFC 7230
132 mandates that intermediaries send their own HTTP-version in
133 forwarded messages.</p>
137 <p>Server 'Keep-Alive' headers are no longer forwarded. From a
138 user's point of view it doesn't really matter, but RFC 2616
139 (obsolete) mandates that the header is removed and this fixes a
140 Co-Advisor complaint.</p>
144 <p>Change declared template file encoding to UTF-8. The templates
145 already used a subset of UTF-8 anyway and changing the
146 declaration allows to properly display UTF-8 characters used in
147 the action files. This change may require existing action files
148 with ISO-8859-1 characters that aren't valid UTF-8 to be
149 converted to UTF-8. Requested by Sam Chen in #582.</p>
153 <p>Do not pass rejected keep-alive timeouts to the server. It
154 might not have caused any problems (we know of), but doing the
155 right thing shouldn't hurt either.</p>
159 <p>Let log_error() use its own buffer size #define to make
160 changing the log buffer size slightly less inconvenient.</p>
164 <p>Turned single-threaded into a "proper" toggle directive with
169 <p>CGI templates no longer enforce new windows for some
174 <p>Remove an undocumented workaround ('HOST' header removal) for
175 an Apple iTunes bug that according to #729900 got fixed in
182 <p>Action file improvements:</p>
186 <p>The pattern 'promotions.' is no longer being blocked. Reported
187 by rakista in #3608540.</p>
191 <p>Disable fast-redirects for .microsofttranslator.com/.</p>
195 <p>Disable filter{banners-by-size} for
196 .dgb-tagungszentren.de/.</p>
200 <p>Add adn.speedtest.net as a site-specific unblocker. Support
201 request #3612908.</p>
205 <p>Disable filter{banners-by-size} for creativecommons.org/.</p>
209 <p>Block requests to data.gosquared.com/. Reported by cbug in
214 <p>Unblock .conrad./newsletter/. Reported by David Bo in
219 <p>Unblock .bundestag.de/.</p>
223 <p>Unblock .rote-hilfe.de/.</p>
227 <p>Disable fast-redirects for .facebook.com/plugins/like.php.</p>
231 <p>Unblock Stackexchange popup URLs that aren't used to serve
232 ads. Reported by David Wagner in #3615179.</p>
236 <p>Disable fast-redirects for creativecommons.org/.</p>
240 <p>Unblock .stopwatchingus.info/.</p>
244 <p>Block requests for .adcash.com/script/. Reported by
245 Tyrexionibus in #3615289.</p>
249 <p>Disable HTML filters if the response was tagged as JavaScript.
250 Filtering JavaScript code with filters intended to deal with HTML
251 is usually a waste of time and, more importantly, may break
256 <p>Use a custom redirect{} for
257 .washingtonpost.com/wp-apps/imrs\.php\?src= Previously enabling
258 the 'Advanced' settings (or manually enabling +fast-redirects{})
259 prevented some images from being loaded properly.</p>
263 <p>Unblock "adina*." Fixes #919 reported by Morton A.
268 <p>Block '/.*DigiAd'.</p>
272 <p>Unblock 'adele*.'. Reported by Adele Lime in #1663.</p>
276 <p>Disable banners-by-size for kggp.de/.</p>
282 <p>Filter file improvements & bug fixes:</p>
286 <p>Decrease the chances that js-annoyances creates invalid
287 JavaScript. Submitted by John McGowan on ijbswa-users@.</p>
291 <p>Let the msn filter hide 'related' ads again.</p>
295 <p>Remove a stray '1' in the 'html-annoyances' filter.</p>
299 <p>Prevent img-reorder from messing up img tags with empty src
300 attributes. Fixes #880 reported by Duncan.</p>
306 <p>Documentation improvements:</p>
310 <p>Updated the 'Would you like to donate?' section.</p>
314 <p>Note that invalid forward-override{} parameter syntax isn't
315 detected until the parameter is used.</p>
319 <p>Add another +redirect{} example: a shortcut for illumos
324 <p>Make it more obvious that many operating systems support log
325 rotation out of the box.</p>
329 <p>Fixed dead links. Reported by Mark Nelson in #3614557.</p>
333 <p>Rephrased the 'Why is the configuration so complicated?'
334 answer to be slightly less condescending. Anonymously suggested
339 <p>Be more explicit about accept-intercepted-requests's lack of
344 <p>Make 'demoronizer' FAQ entries more generic.</p>
348 <p>Add an example hostname to the --pre-chroot-nslookup
353 <p>Add an example for a host pattern that matches an IP
358 <p>Rename the 'domain pattern' to 'host pattern' as it may
359 contain IP addresses as well.</p>
363 <p>Recommend forward-socks5t when using Tor. It seems to work
364 fine and modifying the Tor configuration to profit from it hasn't
365 been necessary for a while now.</p>
369 <p>Add another redirect{} example to stress that redirect loops
370 can and should be avoided.</p>
374 <p>The usual spelling and grammar fixes. Parts of them were
375 reported by Reuben Thomas in #3615276.</p>
379 <p>Mention the PCRS option letters T and D in the filter
384 <p>Clarify that handle-as-empty-doc-returns-ok is still useful
385 and will not be removed without replacement.</p>
389 <p>Note that security issues shouldn't be reported using the bug
394 <p>Clarify what Privoxy does if both +block{} and +redirect{}
399 <p>Removed the obsolete bookmarklets section.</p>
405 <p>Build system improvements:</p>
409 <p>Let --with-group properly deal with secondary groups. Patch
410 submitted by Anatoly Arzhnikov in #3615187.</p>
414 <p>Fix web-actions target.</p>
418 <p>Add a web-faq target that only updates the FAQ on the
423 <p>Remove already-commented-out non-portable DOSFILTER
428 <p>Remove the obsolete targets dok-put and dok-get.</p>
432 <p>Add a sf-shell target.</p>
439 <h2 class="SECT2"><a name="UPGRADERSNOTE" id="UPGRADERSNOTE">3.1. Note
440 to Upgraders</a></h2>
442 <p>A quick list of things to be aware of before upgrading from earlier
443 versions of <span class="APPLICATION">Privoxy</span>:</p>
447 <p>The recommended way to upgrade <span class=
448 "APPLICATION">Privoxy</span> is to backup your old configuration
449 files, install the new ones, verify that <span class=
450 "APPLICATION">Privoxy</span> is working correctly and finally merge
451 back your changes using <span class="APPLICATION">diff</span> and
452 maybe <span class="APPLICATION">patch</span>.</p>
454 <p>There are a number of new features in each <span class=
455 "APPLICATION">Privoxy</span> release and most of them have to be
456 explicitly enabled in the configuration files. Old configuration
457 files obviously don't do that and due to syntax changes using old
458 configuration files with a new <span class=
459 "APPLICATION">Privoxy</span> isn't always possible anyway.</p>
463 <p>Note that some installers remove earlier versions completely,
464 including configuration files, therefore you should really save any
465 important configuration files!</p>
469 <p>On the other hand, other installers don't overwrite existing
470 configuration files, thinking you will want to do that
475 <p>In the default configuration only fatal errors are logged now.
476 You can change that in the <a href="config.html#DEBUG">debug
477 section</a> of the configuration file. You may also want to enable
478 more verbose logging until you verified that the new <span class=
479 "APPLICATION">Privoxy</span> version is working as expected.</p>
483 <p>Three other config file settings are now off by default:
484 <a href="config.html#ENABLE-REMOTE-TOGGLE">enable-remote-toggle</a>,
486 "config.html#ENABLE-REMOTE-HTTP-TOGGLE">enable-remote-http-toggle</a>,
488 "config.html#ENABLE-EDIT-ACTIONS">enable-edit-actions</a>. If you
489 use or want these, you will need to explicitly enable them, and be
490 aware of the security issues involved.</p>
496 <div class="NAVFOOTER">
497 <hr align="left" width="100%">
499 <table summary="Footer navigation table" width="100%" border="0"
500 cellpadding="0" cellspacing="0">
502 <td width="33%" align="left" valign="top"><a href="installation.html"
503 accesskey="P">Prev</a></td>
505 <td width="34%" align="center" valign="top"><a href="index.html"
506 accesskey="H">Home</a></td>
508 <td width="33%" align="right" valign="top"><a href="quickstart.html"
509 accesskey="N">Next</a></td>
513 <td width="33%" align="left" valign="top">Installation</td>
515 <td width="34%" align="center" valign="top"> </td>
517 <td width="33%" align="right" valign="top">Quickstart to Using