Note that there is currently work in progress to leverage curl's
test suite, patches have been submitted upstream:
https://curl.se/mail/lib-2014-06/0070.html
+ https://curl.se/mail/lib-2021-01/0068.html
3) Fix some more XXX: comments.
12) Support pipelining for outgoing connections.
-14) Allow to filter POST parameters.
- Work in progress: https://sourceforge.net/p/ijbswa/patches/145/
-
19) enable-forward-fallback. Syntax? Suggested by K.R.
21) User Manual delivery doesn't accept multiple slashes. Should it?
75) Create a tool that creates Privoxy action (and filter?) files
out of adblock files. Could be implemented as option for
- url-pattern-translator.pl.
+ url-pattern-translator.pl. Before doing that, the already
+ existing solutions should probably be evaluated to see if
+ they do the job already or could be improved.
76) Cache DNS responses. Note that this has been requested
several times by users, but is not a developer priority.
86) Add a server-body-tagger action. This is trivial as as all the
functionality required to do it already exists.
-87) Add a client-body-tagger action. This is less trivial as we currently
- don't buffer client bodies. After 14) is implemented it would be
- trivial, though.
+87) Add a client-body-tagger action. Work in progress.
88) Investigate if there's a Perl module that Privoxy-Regression-Test
could optionally use to keep connections alive, preferably while
136) Make builds reproducible.
-137) Add a (preferably vector-based) logo.
-
138) Bring back the scripts to provide actions file feedback.
Once upon a time (~2003) there were scripts on the webserver
probably shouldn't be affected (such as actions like
forward-override). Investigate and fix or document.
-142) Remove or update the "internal" pcre version.
-
143) Add support for OpenBSD's pledge feature once it's stablelized.
This should be a lot less work then #124.
currently can result in client requests to config.privoxy.org on the
Internet which may not be desirable.
-150) Add blacklistd support.
+150) Add blocklistd support (https://man.netbsd.org/blocklistd.8).
151) Let the dok-tidy target work cross-platform without introducing
a ton of white-space changes that hide the content changes.
163) Use subdirectories in the certificate-directory to lower the number
of files per directory.
-164) Evaluate switching from pcreposix(3) to pcre's native api
- for URL matching which allows to compile the patterns once
- at load-time.
-
165) Add a max-connections-per-client directive.
-166) Figure out how to ship Windows binaries with external libraries
- like pcre and MbedTLS. Required for #142. Somewhat related:
- https://lists.privoxy.org/pipermail/privoxy-devel/2020-November/000400.html
-
167) Set up a public Privoxy-Filter-Test instance.
168) Add a privacy policy.
169) Preserve all relevant copyright and license statements in binary
packages we distribute.
-170) Serve the ca-cert-file through the CGI interface so client's
+170) Serve the ca-cert-file through the CGI interface so clients
can conveniently import it (insecurely).
171) Create a "view page using Privoxy" website where users can input
174) Let the Tor Onion Service for the privoxy website
serve gitweb and the git repository as well.
+175) Add more screenshots to the documentation and website.
+
+176) Find a new fiduciary sponsor as a replacement for Zwiebelfreunde e.V.,
+ so that we can continue to receive tax-deductible donations in Europe.
+
+177) Support https-inspection for intercepted requests.
+
+178) Warn on http://config.privoxy.org/client-tags if a Tag name
+ hasn't at least one matching action section.
+
+179) Add a add-server-header{} action to add headers to the response
+ sent to the client (including responses generated by Privoxy itself).
+
+180) Add support for GnuTLS.
+
+181) Allow to upgrade an http request to https behind the
+ client's back using a client-header filter.
+
+182) Before enforcing the client-header-order, check that the
+ client headers actually need sorting. Should reduce log
+ messages and memory allocations.
+
+183) Properly deal with proxy responses that arrive in multiple pieces
+ when https inspecting while using a forwarding proxy.
+
+184) Add support for wolfSSL. Work in progress, expected to be
+ committed after the 3.0.34 release. Funded with donations
+ made to the Privoxy project.
+
+185) The mbedTLS and OpenSSL versions of generate_host_certificate()
+ should only be called when necessary and the check should be
+ done without holding the certificate mutex.
+
+186) Privoxy should handle "OPTIONS *" requests properly.
+
+187) There should be a convenient way to see the versions of
+ the libraries Privoxy is using.
+
+188) In the windows config.txt file, add the line
+ user-manual ./doc/user-manual/
+ right after
+ # Copyright ...
+ #
+
+189) Bring back binary packages for macOS, preferably for both Intel and M1.
+ The first step would be getting at least one build system, either
+ donated or bought with donations earmarked for this.
+ Interested donors: 0.
+
+190) The socks5 authentication code should send user name an password
+ seperately or we should increase the cbuf size to allow longer
+ user names and passwords.
+
+191) The cipher-list directive should be split into cipher-list-server
+ and cipher-list-client.
+
+192) The client TLS contexts should probably be shared among threads
+ to spend less time and memory loading the root certificates.
+
+193) Use SHA256 instead of MD5 for the host hash used when generating file
+ names for host certificates and keys.
+
+194) There should be a way to force gif deanimation if the server does not
+ declare the content as gif.
+
+195) We should probably cache the server TLS contexts.
+
+196) Investigate if it's worth adding an optional mutex for the CGI handler.
+ Could reduce memory use and increase performance on single core systems
+ for some tests.
+
+197) Investigate if parts of Privoxy should get optional replacements
+ written in Rust.
+
+198) Add a config directive that prevent's IP addresses from being logged
+ (when logging is enabled).
+
+199) In actions.c the "#define DEFINE_ACTION_ALIAS 0" lines should probably
+ be changed to "#undef DEFINE_ACTION_ALIAS" or removed.
+
+200) Add a config directive that causes Privoxy to remove all
+ host certificates before exiting.
+
+201) Add an action to change the trusted-cas-file for a section.
+ This should be useful in countries where a person-in-the-middle
+ attack is known to happen on some domains but should not be tolerated
+ on others. It would also allow to limit the accepted CA certificates
+ for given domains instead of accepting all that are specified with
+ the trusted-cas-file directive.
+
+202) Allow to use multiple log files with different debug settings.
+ Suggested by Jonathan Marten in FR#607.
+
+203) Add HTTP/2 support.
+
+204) Make the Privoxy website available over IPv6.
+
+205) Document how commit messages should look like.
+
##########################################################################
Hosting wish list (relevant for #53)