6e4183ad6652ff076a3a2de52930f53e1fcb5d7e
[privoxy.git] / doc / webserver / user-manual / actions-file.html
1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
2 "http://www.w3.org/TR/html4/loose.dtd">
3
4 <html>
5 <head>
6   <title>Actions Files</title>
7   <meta name="GENERATOR" content=
8   "Modular DocBook HTML Stylesheet Version 1.79">
9   <link rel="HOME" title="Privoxy 3.0.25 User Manual" href="index.html">
10   <link rel="PREVIOUS" title="The Main Configuration File" href=
11   "config.html">
12   <link rel="NEXT" title="Filter Files" href="filter-file.html">
13   <link rel="STYLESHEET" type="text/css" href="../p_doc.css">
14   <meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
15   <link rel="STYLESHEET" type="text/css" href="p_doc.css">
16 </head>
17
18 <body class="SECT1" bgcolor="#EEEEEE" text="#000000" link="#0000FF" vlink=
19 "#840084" alink="#0000FF">
20   <div class="NAVHEADER">
21     <table summary="Header navigation table" width="100%" border="0"
22     cellpadding="0" cellspacing="0">
23       <tr>
24         <th colspan="3" align="center">Privoxy 3.0.25 User Manual</th>
25       </tr>
26
27       <tr>
28         <td width="10%" align="left" valign="bottom"><a href="config.html"
29         accesskey="P">Prev</a></td>
30
31         <td width="80%" align="center" valign="bottom"></td>
32
33         <td width="10%" align="right" valign="bottom"><a href=
34         "filter-file.html" accesskey="N">Next</a></td>
35       </tr>
36     </table>
37     <hr align="left" width="100%">
38   </div>
39
40   <div class="SECT1">
41     <h1 class="SECT1"><a name="ACTIONS-FILE" id="ACTIONS-FILE">8. Actions
42     Files</a></h1>
43
44     <p>The actions files are used to define what <span class=
45     "emphasis"><i class="EMPHASIS">actions</i></span> <span class=
46     "APPLICATION">Privoxy</span> takes for which URLs, and thus determines
47     how ad images, cookies and various other aspects of HTTP content and
48     transactions are handled, and on which sites (or even parts thereof).
49     There are a number of such actions, with a wide range of functionality.
50     Each action does something a little different. These actions give us a
51     veritable arsenal of tools with which to exert our control, preferences
52     and independence. Actions can be combined so that their effects are
53     aggregated when applied against a given set of URLs.</p>
54
55     <p>There are three action files included with <span class=
56     "APPLICATION">Privoxy</span> with differing purposes:</p>
57
58     <ul>
59       <li>
60         <p><tt class="FILENAME">match-all.action</tt> - is used to define
61         which <span class="QUOTE">"actions"</span> relating to
62         banner-blocking, images, pop-ups, content modification, cookie
63         handling etc should be applied by default. It should be the first
64         actions file loaded</p>
65       </li>
66
67       <li>
68         <p><tt class="FILENAME">default.action</tt> - defines many exceptions
69         (both positive and negative) from the default set of actions that's
70         configured in <tt class="FILENAME">match-all.action</tt>. It is a set
71         of rules that should work reasonably well as-is for most users. This
72         file is only supposed to be edited by the developers. It should be
73         the second actions file loaded.</p>
74       </li>
75
76       <li>
77         <p><tt class="FILENAME">user.action</tt> - is intended to be for
78         local site preferences and exceptions. As an example, if your ISP or
79         your bank has specific requirements, and need special handling, this
80         kind of thing should go here. This file will not be upgraded.</p>
81       </li>
82
83       <li>
84         <p><span class="GUIBUTTON">Edit</span> <span class="GUIBUTTON">Set to
85         Cautious</span> <span class="GUIBUTTON">Set to Medium</span>
86         <span class="GUIBUTTON">Set to Advanced</span></p>
87
88         <p>These have increasing levels of aggressiveness <span class=
89         "emphasis"><i class="EMPHASIS">and have no influence on your browsing
90         unless you select them explicitly in the editor</i></span>. A default
91         installation should be pre-set to <tt class="LITERAL">Cautious</tt>.
92         New users should try this for a while before adjusting the settings
93         to more aggressive levels. The more aggressive the settings, then the
94         more likelihood there is of problems such as sites not working as
95         they should.</p>
96
97         <p>The <span class="GUIBUTTON">Edit</span> button allows you to turn
98         each action on/off individually for fine-tuning. The <span class=
99         "GUIBUTTON">Cautious</span> button changes the actions list to
100         low/safe settings which will activate ad blocking and a minimal set
101         of <span class="APPLICATION">Privoxy</span>'s features, and
102         subsequently there will be less of a chance for accidental problems.
103         The <span class="GUIBUTTON">Medium</span> button sets the list to a
104         medium level of other features and a low level set of privacy
105         features. The <span class="GUIBUTTON">Advanced</span> button sets the
106         list to a high level of ad blocking and medium level of privacy. See
107         the chart below. The latter three buttons over-ride any changes via
108         with the <span class="GUIBUTTON">Edit</span> button. More fine-tuning
109         can be done in the lower sections of this internal page.</p>
110
111         <p>While the actions file editor allows to enable these settings in
112         all actions files, they are only supposed to be enabled in the first
113         one to make sure you don't unintentionally overrule earlier
114         rules.</p>
115
116         <p>The default profiles, and their associated actions, as pre-defined
117         in <tt class="FILENAME">default.action</tt> are:</p>
118
119         <div class="TABLE">
120           <a name="AEN2682" id="AEN2682"></a>
121
122           <p><b>Table 1. Default Configurations</b></p>
123
124           <table border="1" frame="border" rules="all" class="CALSTABLE">
125             <col width="1*" title="C1">
126             <col width="1*" title="C2">
127             <col width="1*" title="C3">
128             <col width="1*" title="C4">
129
130             <thead>
131               <tr>
132                 <th>Feature</th>
133
134                 <th>Cautious</th>
135
136                 <th>Medium</th>
137
138                 <th>Advanced</th>
139               </tr>
140             </thead>
141
142             <tbody>
143               <tr>
144                 <td>Ad-blocking Aggressiveness</td>
145
146                 <td>medium</td>
147
148                 <td>high</td>
149
150                 <td>high</td>
151               </tr>
152
153               <tr>
154                 <td>Ad-filtering by size</td>
155
156                 <td>no</td>
157
158                 <td>yes</td>
159
160                 <td>yes</td>
161               </tr>
162
163               <tr>
164                 <td>Ad-filtering by link</td>
165
166                 <td>no</td>
167
168                 <td>no</td>
169
170                 <td>yes</td>
171               </tr>
172
173               <tr>
174                 <td>Pop-up killing</td>
175
176                 <td>blocks only</td>
177
178                 <td>blocks only</td>
179
180                 <td>blocks only</td>
181               </tr>
182
183               <tr>
184                 <td>Privacy Features</td>
185
186                 <td>low</td>
187
188                 <td>medium</td>
189
190                 <td>medium/high</td>
191               </tr>
192
193               <tr>
194                 <td>Cookie handling</td>
195
196                 <td>none</td>
197
198                 <td>session-only</td>
199
200                 <td>kill</td>
201               </tr>
202
203               <tr>
204                 <td>Referer forging</td>
205
206                 <td>no</td>
207
208                 <td>yes</td>
209
210                 <td>yes</td>
211               </tr>
212
213               <tr>
214                 <td>GIF de-animation</td>
215
216                 <td>no</td>
217
218                 <td>yes</td>
219
220                 <td>yes</td>
221               </tr>
222
223               <tr>
224                 <td>Fast redirects</td>
225
226                 <td>no</td>
227
228                 <td>no</td>
229
230                 <td>yes</td>
231               </tr>
232
233               <tr>
234                 <td>HTML taming</td>
235
236                 <td>no</td>
237
238                 <td>no</td>
239
240                 <td>yes</td>
241               </tr>
242
243               <tr>
244                 <td>JavaScript taming</td>
245
246                 <td>no</td>
247
248                 <td>no</td>
249
250                 <td>yes</td>
251               </tr>
252
253               <tr>
254                 <td>Web-bug killing</td>
255
256                 <td>no</td>
257
258                 <td>yes</td>
259
260                 <td>yes</td>
261               </tr>
262
263               <tr>
264                 <td>Image tag reordering</td>
265
266                 <td>no</td>
267
268                 <td>yes</td>
269
270                 <td>yes</td>
271               </tr>
272             </tbody>
273           </table>
274         </div>
275       </li>
276     </ul>
277
278     <p>The list of actions files to be used are defined in the main
279     configuration file, and are processed in the order they are defined (e.g.
280     <tt class="FILENAME">default.action</tt> is typically processed before
281     <tt class="FILENAME">user.action</tt>). The content of these can all be
282     viewed and edited from <a href="http://config.privoxy.org/show-status"
283     target="_top">http://config.privoxy.org/show-status</a>. The over-riding
284     principle when applying actions, is that the last action that matches a
285     given URL wins. The broadest, most general rules go first (defined in
286     <tt class="FILENAME">default.action</tt>), followed by any exceptions
287     (typically also in <tt class="FILENAME">default.action</tt>), which are
288     then followed lastly by any local preferences (typically in <span class=
289     "emphasis"><i class="EMPHASIS">user</i></span><tt class=
290     "FILENAME">.action</tt>). Generally, <tt class=
291     "FILENAME">user.action</tt> has the last word.</p>
292
293     <p>An actions file typically has multiple sections. If you want to use
294     <span class="QUOTE">"aliases"</span> in an actions file, you have to
295     place the (optional) <a href="actions-file.html#ALIASES">alias
296     section</a> at the top of that file. Then comes the default set of rules
297     which will apply universally to all sites and pages (be <span class=
298     "emphasis"><i class="EMPHASIS">very careful</i></span> with using such a
299     universal set in <tt class="FILENAME">user.action</tt> or any other
300     actions file after <tt class="FILENAME">default.action</tt>, because it
301     will override the result from consulting any previous file). And then
302     below that, exceptions to the defined universal policies. You can regard
303     <tt class="FILENAME">user.action</tt> as an appendix to <tt class=
304     "FILENAME">default.action</tt>, with the advantage that it is a separate
305     file, which makes preserving your personal settings across <span class=
306     "APPLICATION">Privoxy</span> upgrades easier.</p>
307
308     <p>Actions can be used to block anything you want, including ads,
309     banners, or just some obnoxious URL whose content you would rather not
310     see. Cookies can be accepted or rejected, or accepted only during the
311     current browser session (i.e. not written to disk), content can be
312     modified, some JavaScripts tamed, user-tracking fooled, and much more.
313     See below for a <a href="actions-file.html#ACTIONS">complete list of
314     actions</a>.</p>
315
316     <div class="SECT2">
317       <h2 class="SECT2"><a name="RIGHT-MIX" id="RIGHT-MIX">8.1. Finding the
318       Right Mix</a></h2>
319
320       <p>Note that some <a href="actions-file.html#ACTIONS">actions</a>, like
321       cookie suppression or script disabling, may render some sites unusable
322       that rely on these techniques to work properly. Finding the right mix
323       of actions is not always easy and certainly a matter of personal taste.
324       And, things can always change, requiring refinements in the
325       configuration. In general, it can be said that the more <span class=
326       "QUOTE">"aggressive"</span> your default settings (in the top section
327       of the actions file) are, the more exceptions for <span class=
328       "QUOTE">"trusted"</span> sites you will have to make later. If, for
329       example, you want to crunch all cookies per default, you'll have to
330       make exceptions from that rule for sites that you regularly use and
331       that require cookies for actually useful purposes, like maybe your
332       bank, favorite shop, or newspaper.</p>
333
334       <p>We have tried to provide you with reasonable rules to start from in
335       the distribution actions files. But there is no general rule of thumb
336       on these things. There just are too many variables, and sites are
337       constantly changing. Sooner or later you will want to change the rules
338       (and read this chapter again :).</p>
339     </div>
340
341     <div class="SECT2">
342       <h2 class="SECT2"><a name="HOW-TO-EDIT" id="HOW-TO-EDIT">8.2. How to
343       Edit</a></h2>
344
345       <p>The easiest way to edit the actions files is with a browser by using
346       our browser-based editor, which can be reached from <a href=
347       "http://config.privoxy.org/show-status" target=
348       "_top">http://config.privoxy.org/show-status</a>. Note: the config file
349       option <a href=
350       "config.html#ENABLE-EDIT-ACTIONS">enable-edit-actions</a> must be
351       enabled for this to work. The editor allows both fine-grained control
352       over every single feature on a per-URL basis, and easy choosing from
353       wholesale sets of defaults like <span class="QUOTE">"Cautious"</span>,
354       <span class="QUOTE">"Medium"</span> or <span class=
355       "QUOTE">"Advanced"</span>. Warning: the <span class=
356       "QUOTE">"Advanced"</span> setting is more aggressive, and will be more
357       likely to cause problems for some sites. Experienced users only!</p>
358
359       <p>If you prefer plain text editing to GUIs, you can of course also
360       directly edit the the actions files with your favorite text editor.
361       Look at <tt class="FILENAME">default.action</tt> which is richly
362       commented with many good examples.</p>
363     </div>
364
365     <div class="SECT2">
366       <h2 class="SECT2"><a name="ACTIONS-APPLY" id="ACTIONS-APPLY">8.3. How
367       Actions are Applied to Requests</a></h2>
368
369       <p>Actions files are divided into sections. There are special sections,
370       like the <span class="QUOTE">"<a href=
371       "actions-file.html#ALIASES">alias</a>"</span> sections which will be
372       discussed later. For now let's concentrate on regular sections: They
373       have a heading line (often split up to multiple lines for readability)
374       which consist of a list of actions, separated by whitespace and
375       enclosed in curly braces. Below that, there is a list of URL and tag
376       patterns, each on a separate line.</p>
377
378       <p>To determine which actions apply to a request, the URL of the
379       request is compared to all URL patterns in each <span class=
380       "QUOTE">"action file"</span>. Every time it matches, the list of
381       applicable actions for the request is incrementally updated, using the
382       heading of the section in which the pattern is located. The same is
383       done again for tags and tag patterns later on.</p>
384
385       <p>If multiple applying sections set the same action differently, the
386       last match wins. If not, the effects are aggregated. E.g. a URL might
387       match a regular section with a heading line of <tt class="LITERAL">{
388       +<a href="actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a>
389       }</tt>, then later another one with just <tt class="LITERAL">{
390       +<a href="actions-file.html#BLOCK">block</a> }</tt>, resulting in
391       <span class="emphasis"><i class="EMPHASIS">both</i></span> actions to
392       apply. And there may well be cases where you will want to combine
393       actions together. Such a section then might look like:</p>
394
395       <table border="0" bgcolor="#E0E0E0" width="100%">
396         <tr>
397           <td>
398             <pre class="SCREEN">
399   { +<tt class="LITERAL">handle-as-image</tt>  +<tt class=
400 "LITERAL">block{Banner ads.}</tt> }
401   # Block these as if they were images. Send no block page.
402    banners.example.com
403    media.example.com/.*banners
404    .example.com/images/ads/
405 </pre>
406           </td>
407         </tr>
408       </table>
409
410       <p>You can trace this process for URL patterns and any given URL by
411       visiting <a href="http://config.privoxy.org/show-url-info" target=
412       "_top">http://config.privoxy.org/show-url-info</a>.</p>
413
414       <p>Examples and more detail on this is provided in the Appendix,
415       <a href="appendix.html#ACTIONSANAT">Troubleshooting: Anatomy of an
416       Action</a> section.</p>
417     </div>
418
419     <div class="SECT2">
420       <h2 class="SECT2"><a name="AF-PATTERNS" id="AF-PATTERNS">8.4.
421       Patterns</a></h2>
422
423       <p>As mentioned, <span class="APPLICATION">Privoxy</span> uses
424       <span class="QUOTE">"patterns"</span> to determine what <span class=
425       "emphasis"><i class="EMPHASIS">actions</i></span> might apply to which
426       sites and pages your browser attempts to access. These <span class=
427       "QUOTE">"patterns"</span> use wild card type <span class=
428       "emphasis"><i class="EMPHASIS">pattern</i></span> matching to achieve a
429       high degree of flexibility. This allows one expression to be expanded
430       and potentially match against many similar patterns.</p>
431
432       <p>Generally, an URL pattern has the form <tt class=
433       "LITERAL">&lt;host&gt;&lt;port&gt;/&lt;path&gt;</tt>, where the
434       <tt class="LITERAL">&lt;host&gt;</tt>, the <tt class=
435       "LITERAL">&lt;port&gt;</tt> and the <tt class=
436       "LITERAL">&lt;path&gt;</tt> are optional. (This is why the special
437       <tt class="LITERAL">/</tt> pattern matches all URLs). Note that the
438       protocol portion of the URL pattern (e.g. <tt class=
439       "LITERAL">http://</tt>) should <span class="emphasis"><i class=
440       "EMPHASIS">not</i></span> be included in the pattern. This is assumed
441       already!</p>
442
443       <p>The pattern matching syntax is different for the host and path parts
444       of the URL. The host part uses a simple globbing type matching
445       technique, while the path part uses more flexible <a href=
446       "http://en.wikipedia.org/wiki/Regular_expressions" target=
447       "_top"><span class="QUOTE">"Regular Expressions"</span></a> (POSIX
448       1003.2).</p>
449
450       <p>The port part of a pattern is a decimal port number preceded by a
451       colon (<tt class="LITERAL">:</tt>). If the host part contains a
452       numerical IPv6 address, it has to be put into angle brackets
453       (<tt class="LITERAL">&lt;</tt>, <tt class="LITERAL">&gt;</tt>).</p>
454
455       <div class="VARIABLELIST">
456         <dl>
457           <dt><tt class="LITERAL">www.example.com/</tt></dt>
458
459           <dd>
460             <p>is a host-only pattern and will match any request to
461             <tt class="LITERAL">www.example.com</tt>, regardless of which
462             document on that server is requested. So ALL pages in this domain
463             would be covered by the scope of this action. Note that a simple
464             <tt class="LITERAL">example.com</tt> is different and would NOT
465             match.</p>
466           </dd>
467
468           <dt><tt class="LITERAL">www.example.com</tt></dt>
469
470           <dd>
471             <p>means exactly the same. For host-only patterns, the trailing
472             <tt class="LITERAL">/</tt> may be omitted.</p>
473           </dd>
474
475           <dt><tt class="LITERAL">www.example.com/index.html</tt></dt>
476
477           <dd>
478             <p>matches all the documents on <tt class=
479             "LITERAL">www.example.com</tt> whose name starts with <tt class=
480             "LITERAL">/index.html</tt>.</p>
481           </dd>
482
483           <dt><tt class="LITERAL">www.example.com/index.html$</tt></dt>
484
485           <dd>
486             <p>matches only the single document <tt class=
487             "LITERAL">/index.html</tt> on <tt class=
488             "LITERAL">www.example.com</tt>.</p>
489           </dd>
490
491           <dt><tt class="LITERAL">/index.html$</tt></dt>
492
493           <dd>
494             <p>matches the document <tt class="LITERAL">/index.html</tt>,
495             regardless of the domain, i.e. on <span class=
496             "emphasis"><i class="EMPHASIS">any</i></span> web server
497             anywhere.</p>
498           </dd>
499
500           <dt><tt class="LITERAL">/</tt></dt>
501
502           <dd>
503             <p>Matches any URL because there's no requirement for either the
504             domain or the path to match anything.</p>
505           </dd>
506
507           <dt><tt class="LITERAL">:8000/</tt></dt>
508
509           <dd>
510             <p>Matches any URL pointing to TCP port 8000.</p>
511           </dd>
512
513           <dt><tt class="LITERAL">10.0.0.1/</tt></dt>
514
515           <dd>
516             <p>Matches any URL with the host address <tt class=
517             "LITERAL">10.0.0.1</tt>. (Note that the real URL uses plain
518             brackets, not angle brackets.)</p>
519           </dd>
520
521           <dt><tt class="LITERAL">&lt;2001:db8::1&gt;/</tt></dt>
522
523           <dd>
524             <p>Matches any URL with the host address <tt class=
525             "LITERAL">2001:db8::1</tt>. (Note that the real URL uses plain
526             brackets, not angle brackets.)</p>
527           </dd>
528
529           <dt><tt class="LITERAL">index.html</tt></dt>
530
531           <dd>
532             <p>matches nothing, since it would be interpreted as a domain
533             name and there is no top-level domain called <tt class=
534             "LITERAL">.html</tt>. So its a mistake.</p>
535           </dd>
536         </dl>
537       </div>
538
539       <div class="SECT3">
540         <h3 class="SECT3"><a name="HOST-PATTERN" id="HOST-PATTERN">8.4.1. The
541         Host Pattern</a></h3>
542
543         <p>The matching of the host part offers some flexible options: if the
544         host pattern starts or ends with a dot, it becomes unanchored at that
545         end. The host pattern is often referred to as domain pattern as it is
546         usually used to match domain names and not IP addresses. For
547         example:</p>
548
549         <div class="VARIABLELIST">
550           <dl>
551             <dt><tt class="LITERAL">.example.com</tt></dt>
552
553             <dd>
554               <p>matches any domain with first-level domain <tt class=
555               "LITERAL">com</tt> and second-level domain <tt class=
556               "LITERAL">example</tt>. For example <tt class=
557               "LITERAL">www.example.com</tt>, <tt class=
558               "LITERAL">example.com</tt> and <tt class=
559               "LITERAL">foo.bar.baz.example.com</tt>. Note that it wouldn't
560               match if the second-level domain was <tt class=
561               "LITERAL">another-example</tt>.</p>
562             </dd>
563
564             <dt><tt class="LITERAL">www.</tt></dt>
565
566             <dd>
567               <p>matches any domain that <span class="emphasis"><i class=
568               "EMPHASIS">STARTS</i></span> with <tt class="LITERAL">www.</tt>
569               (It also matches the domain <tt class="LITERAL">www</tt> but
570               most of the time that doesn't matter.)</p>
571             </dd>
572
573             <dt><tt class="LITERAL">.example.</tt></dt>
574
575             <dd>
576               <p>matches any domain that <span class="emphasis"><i class=
577               "EMPHASIS">CONTAINS</i></span> <tt class=
578               "LITERAL">.example.</tt>. And, by the way, also included would
579               be any files or documents that exist within that domain since
580               no path limitations are specified. (Correctly speaking: It
581               matches any FQDN that contains <tt class="LITERAL">example</tt>
582               as a domain.) This might be <tt class=
583               "LITERAL">www.example.com</tt>, <tt class=
584               "LITERAL">news.example.de</tt>, or <tt class=
585               "LITERAL">www.example.net/cgi/testing.pl</tt> for instance. All
586               these cases are matched.</p>
587             </dd>
588           </dl>
589         </div>
590
591         <p>Additionally, there are wild-cards that you can use in the domain
592         names themselves. These work similarly to shell globbing type
593         wild-cards: <span class="QUOTE">"*"</span> represents zero or more
594         arbitrary characters (this is equivalent to the <a href=
595         "http://en.wikipedia.org/wiki/Regular_expressions" target=
596         "_top"><span class="QUOTE">"Regular Expression"</span></a> based
597         syntax of <span class="QUOTE">".*"</span>), <span class=
598         "QUOTE">"?"</span> represents any single character (this is
599         equivalent to the regular expression syntax of a simple <span class=
600         "QUOTE">"."</span>), and you can define <span class=
601         "QUOTE">"character classes"</span> in square brackets which is
602         similar to the same regular expression technique. All of this can be
603         freely mixed:</p>
604
605         <div class="VARIABLELIST">
606           <dl>
607             <dt><tt class="LITERAL">ad*.example.com</tt></dt>
608
609             <dd>
610               <p>matches <span class="QUOTE">"adserver.example.com"</span>,
611               <span class="QUOTE">"ads.example.com"</span>, etc but not
612               <span class="QUOTE">"sfads.example.com"</span></p>
613             </dd>
614
615             <dt><tt class="LITERAL">*ad*.example.com</tt></dt>
616
617             <dd>
618               <p>matches all of the above, and then some.</p>
619             </dd>
620
621             <dt><tt class="LITERAL">.?pix.com</tt></dt>
622
623             <dd>
624               <p>matches <tt class="LITERAL">www.ipix.com</tt>, <tt class=
625               "LITERAL">pictures.epix.com</tt>, <tt class=
626               "LITERAL">a.b.c.d.e.upix.com</tt> etc.</p>
627             </dd>
628
629             <dt><tt class="LITERAL">www[1-9a-ez].example.c*</tt></dt>
630
631             <dd>
632               <p>matches <tt class="LITERAL">www1.example.com</tt>,
633               <tt class="LITERAL">www4.example.cc</tt>, <tt class=
634               "LITERAL">wwwd.example.cy</tt>, <tt class=
635               "LITERAL">wwwz.example.com</tt> etc., but <span class=
636               "emphasis"><i class="EMPHASIS">not</i></span> <tt class=
637               "LITERAL">wwww.example.com</tt>.</p>
638             </dd>
639           </dl>
640         </div>
641
642         <p>While flexible, this is not the sophistication of full regular
643         expression based syntax.</p>
644       </div>
645
646       <div class="SECT3">
647         <h3 class="SECT3"><a name="PATH-PATTERN" id="PATH-PATTERN">8.4.2. The
648         Path Pattern</a></h3>
649
650         <p><span class="APPLICATION">Privoxy</span> uses <span class=
651         "QUOTE">"modern"</span> POSIX 1003.2 <a href=
652         "http://en.wikipedia.org/wiki/Regular_expressions" target=
653         "_top"><span class="QUOTE">"Regular Expressions"</span></a> for
654         matching the path portion (after the slash), and is thus more
655         flexible.</p>
656
657         <p>There is an <a href="appendix.html#REGEX">Appendix</a> with a
658         brief quick-start into regular expressions, you also might want to
659         have a look at your operating system's documentation on regular
660         expressions (try <tt class="LITERAL">man re_format</tt>).</p>
661
662         <p>Note that the path pattern is automatically left-anchored at the
663         <span class="QUOTE">"/"</span>, i.e. it matches as if it would start
664         with a <span class="QUOTE">"^"</span> (regular expression speak for
665         the beginning of a line).</p>
666
667         <p>Please also note that matching in the path is <span class=
668         "emphasis"><i class="EMPHASIS">CASE INSENSITIVE</i></span> by
669         default, but you can switch to case sensitive at any point in the
670         pattern by using the <span class="QUOTE">"(?-i)"</span> switch:
671         <tt class="LITERAL">www.example.com/(?-i)PaTtErN.*</tt> will match
672         only documents whose path starts with <tt class=
673         "LITERAL">PaTtErN</tt> in <span class="emphasis"><i class=
674         "EMPHASIS">exactly</i></span> this capitalization.</p>
675
676         <div class="VARIABLELIST">
677           <dl>
678             <dt><tt class="LITERAL">.example.com/.*</tt></dt>
679
680             <dd>
681               <p>Is equivalent to just <span class=
682               "QUOTE">".example.com"</span>, since any documents within that
683               domain are matched with or without the <span class=
684               "QUOTE">".*"</span> regular expression. This is redundant</p>
685             </dd>
686
687             <dt><tt class="LITERAL">.example.com/.*/index.html$</tt></dt>
688
689             <dd>
690               <p>Will match any page in the domain of <span class=
691               "QUOTE">"example.com"</span> that is named <span class=
692               "QUOTE">"index.html"</span>, and that is part of some path. For
693               example, it matches <span class=
694               "QUOTE">"www.example.com/testing/index.html"</span> but NOT
695               <span class="QUOTE">"www.example.com/index.html"</span> because
696               the regular expression called for at least two <span class=
697               "QUOTE">"/'s"</span>, thus the path requirement. It also would
698               match <span class=
699               "QUOTE">"www.example.com/testing/index_html"</span>, because of
700               the special meta-character <span class="QUOTE">"."</span>.</p>
701             </dd>
702
703             <dt><tt class="LITERAL">.example.com/(.*/)?index\.html$</tt></dt>
704
705             <dd>
706               <p>This regular expression is conditional so it will match any
707               page named <span class="QUOTE">"index.html"</span> regardless
708               of path which in this case can have one or more <span class=
709               "QUOTE">"/'s"</span>. And this one must contain exactly
710               <span class="QUOTE">".html"</span> (but does not have to end
711               with that!).</p>
712             </dd>
713
714             <dt><tt class=
715             "LITERAL">.example.com/(.*/)(ads|banners?|junk)</tt></dt>
716
717             <dd>
718               <p>This regular expression will match any path of <span class=
719               "QUOTE">"example.com"</span> that contains any of the words
720               <span class="QUOTE">"ads"</span>, <span class=
721               "QUOTE">"banner"</span>, <span class="QUOTE">"banners"</span>
722               (because of the <span class="QUOTE">"?"</span>) or <span class=
723               "QUOTE">"junk"</span>. The path does not have to end in these
724               words, just contain them.</p>
725             </dd>
726
727             <dt><tt class=
728             "LITERAL">.example.com/(.*/)(ads|banners?|junk)/.*\.(jpe?g|gif|png)$</tt></dt>
729
730             <dd>
731               <p>This is very much the same as above, except now it must end
732               in either <span class="QUOTE">".jpg"</span>, <span class=
733               "QUOTE">".jpeg"</span>, <span class="QUOTE">".gif"</span> or
734               <span class="QUOTE">".png"</span>. So this one is limited to
735               common image formats.</p>
736             </dd>
737           </dl>
738         </div>
739
740         <p>There are many, many good examples to be found in <tt class=
741         "FILENAME">default.action</tt>, and more tutorials below in <a href=
742         "appendix.html#REGEX">Appendix on regular expressions</a>.</p>
743       </div>
744
745       <div class="SECT3">
746         <h3 class="SECT3"><a name="TAG-PATTERN" id="TAG-PATTERN">8.4.3. The
747         Request Tag Pattern</a></h3>
748
749         <p>Request tag patterns are used to change the applying actions based
750         on the request's tags. Tags can be created based on HTTP headers with
751         either the <a href=
752         "actions-file.html#CLIENT-HEADER-TAGGER">client-header-tagger</a> or
753         the <a href=
754         "actions-file.html#SERVER-HEADER-TAGGER">server-header-tagger</a>
755         action.</p>
756
757         <p>Request tag patterns have to start with <span class=
758         "QUOTE">"TAG:"</span>, so <span class="APPLICATION">Privoxy</span>
759         can tell them apart from other patterns. Everything after the colon
760         including white space, is interpreted as a regular expression with
761         path pattern syntax, except that tag patterns aren't left-anchored
762         automatically (<span class="APPLICATION">Privoxy</span> doesn't
763         silently add a <span class="QUOTE">"^"</span>, you have to do it
764         yourself if you need it).</p>
765
766         <p>To match all requests that are tagged with <span class=
767         "QUOTE">"foo"</span> your pattern line should be <span class=
768         "QUOTE">"TAG:^foo$"</span>, <span class="QUOTE">"TAG:foo"</span>
769         would work as well, but it would also match requests whose tags
770         contain <span class="QUOTE">"foo"</span> somewhere. <span class=
771         "QUOTE">"TAG: foo"</span> wouldn't work as it requires white
772         space.</p>
773
774         <p>Sections can contain URL and request tag patterns at the same
775         time, but request tag patterns are checked after the URL patterns and
776         thus always overrule them, even if they are located before the URL
777         patterns.</p>
778
779         <p>Once a new request tag is added, Privoxy checks right away if it's
780         matched by one of the request tag patterns and updates the action
781         settings accordingly. As a result request tags can be used to
782         activate other tagger actions, as long as these other taggers look
783         for headers that haven't already be parsed.</p>
784
785         <p>For example you could tag client requests which use the <tt class=
786         "LITERAL">POST</tt> method, then use this tag to activate another
787         tagger that adds a tag if cookies are sent, and then use a block
788         action based on the cookie tag. This allows the outcome of one
789         action, to be input into a subsequent action. However if you'd
790         reverse the position of the described taggers, and activated the
791         method tagger based on the cookie tagger, no method tags would be
792         created. The method tagger would look for the request line, but at
793         the time the cookie tag is created, the request line has already been
794         parsed.</p>
795
796         <p>While this is a limitation you should be aware of, this kind of
797         indirection is seldom needed anyway and even the example doesn't make
798         too much sense.</p>
799       </div>
800
801       <div class="SECT3">
802         <h3 class="SECT3"><a name="NEGATIVE-TAG-PATTERNS" id=
803         "NEGATIVE-TAG-PATTERNS">8.4.4. The Negative Request Tag
804         Patterns</a></h3>
805
806         <p>To match requests that do not have a certain request tag, specify
807         a negative tag pattern by prefixing the tag pattern line with either
808         <span class="QUOTE">"NO-REQUEST-TAG:"</span> or <span class=
809         "QUOTE">"NO-RESPONSE-TAG:"</span> instead of <span class=
810         "QUOTE">"TAG:"</span>.</p>
811
812         <p>Negative request tag patterns created with <span class=
813         "QUOTE">"NO-REQUEST-TAG:"</span> are checked after all client headers
814         are scanned, the ones created with <span class=
815         "QUOTE">"NO-RESPONSE-TAG:"</span> are checked after all server
816         headers are scanned. In both cases all the created tags are
817         considered.</p>
818       </div>
819
820       <div class="SECT3">
821         <h3 class="SECT3"><a name="CLIENT-TAG-PATTERN" id=
822         "CLIENT-TAG-PATTERN">8.4.5. The Client Tag Pattern</a></h3>
823
824         <div class="WARNING">
825           <table class="WARNING" border="1" width="100%">
826             <tr>
827               <td align="center"><b>Warning</b></td>
828             </tr>
829
830             <tr>
831               <td align="left">
832                 <p>This is an experimental feature. The syntax is likely to
833                 change in future versions.</p>
834               </td>
835             </tr>
836           </table>
837         </div>
838
839         <p>Client tag patterns are not set based on HTTP headers but based on
840         the client's IP address. Users can enable them themselves, but the
841         Privoxy admin controls which tags are available and what their effect
842         is.</p>
843
844         <p>After a client-specific tag has been defined with the <a href=
845         "config.html#CLIENT-SPECIFIC-TAG">client-specific-tag</a>, directive,
846         action sections can be activated based on the tag by using a
847         CLIENT-TAG pattern. The CLIENT-TAG pattern is evaluated at the same
848         priority as URL patterns, as a result the last matching pattern wins.
849         Tags that are created based on client or server headers are evaluated
850         later on and can overrule CLIENT-TAG and URL patterns!</p>
851
852         <p>The tag is set for all requests that come from clients that
853         requested it to be set. Note that "clients" are differentiated by IP
854         address, if the IP address changes the tag has to be requested
855         again.</p>
856
857         <p>Clients can request tags to be set by using the CGI interface
858         <a href="http://config.privoxy.org/client-tags" target=
859         "_top">http://config.privoxy.org/client-tags</a>.</p>
860
861         <p>Example:</p>
862
863         <table border="0" bgcolor="#E0E0E0" width="100%">
864           <tr>
865             <td>
866               <pre class="SCREEN">
867 # If the admin defined the client-specific-tag circumvent-blocks,
868 # and the request comes from a client that previously requested
869 # the tag to be set, overrule all previous +block actions that
870 # are enabled based on URL to CLIENT-TAG patterns.
871 {-block}
872 CLIENT-TAG:^circumvent-blocks$
873
874 # This section is not overruled because it's located after
875 # the previous one.
876 {+block{Nobody is supposed to request this.}}
877 example.org/blocked-example-page
878 </pre>
879             </td>
880           </tr>
881         </table>
882       </div>
883     </div>
884
885     <div class="SECT2">
886       <h2 class="SECT2"><a name="ACTIONS" id="ACTIONS">8.5. Actions</a></h2>
887
888       <p>All actions are disabled by default, until they are explicitly
889       enabled somewhere in an actions file. Actions are turned on if preceded
890       with a <span class="QUOTE">"+"</span>, and turned off if preceded with
891       a <span class="QUOTE">"-"</span>. So a <tt class="LITERAL">+action</tt>
892       means <span class="QUOTE">"do that action"</span>, e.g. <tt class=
893       "LITERAL">+block</tt> means <span class="QUOTE">"please block URLs that
894       match the following patterns"</span>, and <tt class=
895       "LITERAL">-block</tt> means <span class="QUOTE">"don't block URLs that
896       match the following patterns, even if <tt class="LITERAL">+block</tt>
897       previously applied."</span></p>
898
899       <p>Again, actions are invoked by placing them on a line, enclosed in
900       curly braces and separated by whitespace, like in <tt class=
901       "LITERAL">{+some-action -some-other-action{some-parameter}}</tt>,
902       followed by a list of URL patterns, one per line, to which they apply.
903       Together, the actions line and the following pattern lines make up a
904       section of the actions file.</p>
905
906       <p>Actions fall into three categories:</p>
907
908       <ul>
909         <li>
910           <p>Boolean, i.e the action can only be <span class=
911           "QUOTE">"enabled"</span> or <span class="QUOTE">"disabled"</span>.
912           Syntax:</p>
913
914           <table border="0" bgcolor="#E0E0E0" width="90%">
915             <tr>
916               <td>
917                 <pre class="SCREEN">
918   +<tt class="REPLACEABLE"><i>name</i></tt>        # enable action <tt class=
919 "REPLACEABLE"><i>name</i></tt>
920   -<tt class=
921 "REPLACEABLE"><i>name</i></tt>        # disable action <tt class="REPLACEABLE"><i>name</i></tt>
922 </pre>
923               </td>
924             </tr>
925           </table>
926
927           <p>Example: <tt class="LITERAL">+handle-as-image</tt></p>
928         </li>
929
930         <li>
931           <p>Parameterized, where some value is required in order to enable
932           this type of action. Syntax:</p>
933
934           <table border="0" bgcolor="#E0E0E0" width="90%">
935             <tr>
936               <td>
937                 <pre class="SCREEN">
938   +<tt class="REPLACEABLE"><i>name</i></tt>{<tt class=
939 "REPLACEABLE"><i>param</i></tt>}  # enable action and set parameter to <tt class="REPLACEABLE"><i>param</i></tt>,
940                # overwriting parameter from previous match if necessary
941   -<tt class=
942 "REPLACEABLE"><i>name</i></tt>         # disable action. The parameter can be omitted
943 </pre>
944               </td>
945             </tr>
946           </table>
947
948           <p>Note that if the URL matches multiple positive forms of a
949           parameterized action, the last match wins, i.e. the params from
950           earlier matches are simply ignored.</p>
951
952           <p>Example: <tt class="LITERAL">+hide-user-agent{Mozilla/5.0 (X11;
953           U; FreeBSD i386; en-US; rv:1.8.1.4) Gecko/20070602
954           Firefox/2.0.0.4}</tt></p>
955         </li>
956
957         <li>
958           <p>Multi-value. These look exactly like parameterized actions, but
959           they behave differently: If the action applies multiple times to
960           the same URL, but with different parameters, <span class=
961           "emphasis"><i class="EMPHASIS">all</i></span> the parameters from
962           <span class="emphasis"><i class="EMPHASIS">all</i></span> matches
963           are remembered. This is used for actions that can be executed for
964           the same request repeatedly, like adding multiple headers, or
965           filtering through multiple filters. Syntax:</p>
966
967           <table border="0" bgcolor="#E0E0E0" width="90%">
968             <tr>
969               <td>
970                 <pre class="SCREEN">
971   +<tt class="REPLACEABLE"><i>name</i></tt>{<tt class=
972 "REPLACEABLE"><i>param</i></tt>}   # enable action and add <tt class=
973 "REPLACEABLE"><i>param</i></tt> to the list of parameters
974   -<tt class="REPLACEABLE"><i>name</i></tt>{<tt class=
975 "REPLACEABLE"><i>param</i></tt>}   # remove the parameter <tt class=
976 "REPLACEABLE"><i>param</i></tt> from the list of parameters
977                 # If it was the last one left, disable the action.
978   <tt class=
979 "REPLACEABLE"><i>-name</i></tt>          # disable this action completely and remove all parameters from the list
980 </pre>
981               </td>
982             </tr>
983           </table>
984
985           <p>Examples: <tt class="LITERAL">+add-header{X-Fun-Header: Some
986           text}</tt> and <tt class=
987           "LITERAL">+filter{html-annoyances}</tt></p>
988         </li>
989       </ul>
990
991       <p>If nothing is specified in any actions file, no <span class=
992       "QUOTE">"actions"</span> are taken. So in this case <span class=
993       "APPLICATION">Privoxy</span> would just be a normal, non-blocking,
994       non-filtering proxy. You must specifically enable the privacy and
995       blocking features you need (although the provided default actions files
996       will give a good starting point).</p>
997
998       <p>Later defined action sections always over-ride earlier ones of the
999       same type. So exceptions to any rules you make, should come in the
1000       latter part of the file (or in a file that is processed later when
1001       using multiple actions files such as <tt class=
1002       "FILENAME">user.action</tt>). For multi-valued actions, the actions are
1003       applied in the order they are specified. Actions files are processed in
1004       the order they are defined in <tt class="FILENAME">config</tt> (the
1005       default installation has three actions files). It also quite possible
1006       for any given URL to match more than one <span class=
1007       "QUOTE">"pattern"</span> (because of wildcards and regular
1008       expressions), and thus to trigger more than one set of actions! Last
1009       match wins.</p>
1010
1011       <p>The list of valid <span class="APPLICATION">Privoxy</span> actions
1012       are:</p>
1013
1014       <div class="SECT3">
1015         <h4 class="SECT3"><a name="ADD-HEADER" id="ADD-HEADER">8.5.1.
1016         add-header</a></h4>
1017
1018         <div class="VARIABLELIST">
1019           <dl>
1020             <dt>Typical use:</dt>
1021
1022             <dd>
1023               <p>Confuse log analysis, custom applications</p>
1024             </dd>
1025
1026             <dt>Effect:</dt>
1027
1028             <dd>
1029               <p>Sends a user defined HTTP header to the web server.</p>
1030             </dd>
1031
1032             <dt>Type:</dt>
1033
1034             <dd>
1035               <p>Multi-value.</p>
1036             </dd>
1037
1038             <dt>Parameter:</dt>
1039
1040             <dd>
1041               <p>Any string value is possible. Validity of the defined HTTP
1042               headers is not checked. It is recommended that you use the
1043               <span class="QUOTE">"<tt class="LITERAL">X-</tt>"</span> prefix
1044               for custom headers.</p>
1045             </dd>
1046
1047             <dt>Notes:</dt>
1048
1049             <dd>
1050               <p>This action may be specified multiple times, in order to
1051               define multiple headers. This is rarely needed for the typical
1052               user. If you don't know what <span class="QUOTE">"HTTP
1053               headers"</span> are, you definitely don't need to worry about
1054               this one.</p>
1055
1056               <p>Headers added by this action are not modified by other
1057               actions.</p>
1058             </dd>
1059
1060             <dt>Example usage:</dt>
1061
1062             <dd>
1063               <table border="0" bgcolor="#E0E0E0" width="90%">
1064                 <tr>
1065                   <td>
1066                     <pre class="SCREEN">
1067 # Add a DNT ("Do not track") header to all requests,
1068 # event to those that already have one.
1069 #
1070 # This is just an example, not a recommendation.
1071 #
1072 # There is no reason to believe that user-tracking websites care
1073 # about the DNT header and depending on the User-Agent, adding the
1074 # header may make user-tracking easier.
1075 {+add-header{DNT: 1}}
1076 /
1077 </pre>
1078                   </td>
1079                 </tr>
1080               </table>
1081             </dd>
1082           </dl>
1083         </div>
1084       </div>
1085
1086       <div class="SECT3">
1087         <h4 class="SECT3"><a name="BLOCK" id="BLOCK">8.5.2. block</a></h4>
1088
1089         <div class="VARIABLELIST">
1090           <dl>
1091             <dt>Typical use:</dt>
1092
1093             <dd>
1094               <p>Block ads or other unwanted content</p>
1095             </dd>
1096
1097             <dt>Effect:</dt>
1098
1099             <dd>
1100               <p>Requests for URLs to which this action applies are blocked,
1101               i.e. the requests are trapped by <span class=
1102               "APPLICATION">Privoxy</span> and the requested URL is never
1103               retrieved, but is answered locally with a substitute page or
1104               image, as determined by the <tt class="LITERAL"><a href=
1105               "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt>,
1106               <tt class="LITERAL"><a href=
1107               "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a></tt>,
1108               and <tt class="LITERAL"><a href=
1109               "actions-file.html#HANDLE-AS-EMPTY-DOCUMENT">handle-as-empty-document</a></tt>
1110               actions.</p>
1111             </dd>
1112
1113             <dt>Type:</dt>
1114
1115             <dd>
1116               <p>Parameterized.</p>
1117             </dd>
1118
1119             <dt>Parameter:</dt>
1120
1121             <dd>
1122               <p>A block reason that should be given to the user.</p>
1123             </dd>
1124
1125             <dt>Notes:</dt>
1126
1127             <dd>
1128               <p><span class="APPLICATION">Privoxy</span> sends a special
1129               <span class="QUOTE">"BLOCKED"</span> page for requests to
1130               blocked pages. This page contains the block reason given as
1131               parameter, a link to find out why the block action applies, and
1132               a click-through to the blocked content (the latter only if the
1133               force feature is available and enabled).</p>
1134
1135               <p>A very important exception occurs if <span class=
1136               "emphasis"><i class="EMPHASIS">both</i></span> <tt class=
1137               "LITERAL">block</tt> and <tt class="LITERAL"><a href=
1138               "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt>,
1139               apply to the same request: it will then be replaced by an
1140               image. If <tt class="LITERAL"><a href=
1141               "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a></tt>
1142               (see below) also applies, the type of image will be determined
1143               by its parameter, if not, the standard checkerboard pattern is
1144               sent.</p>
1145
1146               <p>It is important to understand this process, in order to
1147               understand how <span class="APPLICATION">Privoxy</span> deals
1148               with ads and other unwanted content. Blocking is a core
1149               feature, and one upon which various other features depend.</p>
1150
1151               <p>The <tt class="LITERAL"><a href=
1152               "actions-file.html#FILTER">filter</a></tt> action can perform a
1153               very similar task, by <span class="QUOTE">"blocking"</span>
1154               banner images and other content through rewriting the relevant
1155               URLs in the document's HTML source, so they don't get requested
1156               in the first place. Note that this is a totally different
1157               technique, and it's easy to confuse the two.</p>
1158             </dd>
1159
1160             <dt>Example usage (section):</dt>
1161
1162             <dd>
1163               <table border="0" bgcolor="#E0E0E0" width="90%">
1164                 <tr>
1165                   <td>
1166                     <pre class="SCREEN">
1167 {+block{No nasty stuff for you.}}
1168 # Block and replace with "blocked" page
1169  .nasty-stuff.example.com
1170
1171 {+block{Doubleclick banners.} +handle-as-image}
1172 # Block and replace with image
1173  .ad.doubleclick.net
1174  .ads.r.us/banners/
1175
1176 {+block{Layered ads.} +handle-as-empty-document}
1177 # Block and then ignore
1178  adserver.example.net/.*\.js$
1179 </pre>
1180                   </td>
1181                 </tr>
1182               </table>
1183             </dd>
1184           </dl>
1185         </div>
1186       </div>
1187
1188       <div class="SECT3">
1189         <h4 class="SECT3"><a name="CHANGE-X-FORWARDED-FOR" id=
1190         "CHANGE-X-FORWARDED-FOR">8.5.3. change-x-forwarded-for</a></h4>
1191
1192         <div class="VARIABLELIST">
1193           <dl>
1194             <dt>Typical use:</dt>
1195
1196             <dd>
1197               <p>Improve privacy by not forwarding the source of the request
1198               in the HTTP headers.</p>
1199             </dd>
1200
1201             <dt>Effect:</dt>
1202
1203             <dd>
1204               <p>Deletes the <span class="QUOTE">"X-Forwarded-For:"</span>
1205               HTTP header from the client request, or adds a new one.</p>
1206             </dd>
1207
1208             <dt>Type:</dt>
1209
1210             <dd>
1211               <p>Parameterized.</p>
1212             </dd>
1213
1214             <dt>Parameter:</dt>
1215
1216             <dd>
1217               <ul>
1218                 <li>
1219                   <p><span class="QUOTE">"block"</span> to delete the
1220                   header.</p>
1221                 </li>
1222
1223                 <li>
1224                   <p><span class="QUOTE">"add"</span> to create the header
1225                   (or append the client's IP address to an already existing
1226                   one).</p>
1227                 </li>
1228               </ul>
1229             </dd>
1230
1231             <dt>Notes:</dt>
1232
1233             <dd>
1234               <p>It is safe and recommended to use <tt class=
1235               "LITERAL">block</tt>.</p>
1236
1237               <p>Forwarding the source address of the request may make sense
1238               in some multi-user setups but is also a privacy risk.</p>
1239             </dd>
1240
1241             <dt>Example usage:</dt>
1242
1243             <dd>
1244               <table border="0" bgcolor="#E0E0E0" width="90%">
1245                 <tr>
1246                   <td>
1247                     <pre class="SCREEN">
1248 +change-x-forwarded-for{block}
1249 </pre>
1250                   </td>
1251                 </tr>
1252               </table>
1253             </dd>
1254           </dl>
1255         </div>
1256       </div>
1257
1258       <div class="SECT3">
1259         <h4 class="SECT3"><a name="CLIENT-HEADER-FILTER" id=
1260         "CLIENT-HEADER-FILTER">8.5.4. client-header-filter</a></h4>
1261
1262         <div class="VARIABLELIST">
1263           <dl>
1264             <dt>Typical use:</dt>
1265
1266             <dd>
1267               <p>Rewrite or remove single client headers.</p>
1268             </dd>
1269
1270             <dt>Effect:</dt>
1271
1272             <dd>
1273               <p>All client headers to which this action applies are filtered
1274               on-the-fly through the specified regular expression based
1275               substitutions.</p>
1276             </dd>
1277
1278             <dt>Type:</dt>
1279
1280             <dd>
1281               <p>Multi-value.</p>
1282             </dd>
1283
1284             <dt>Parameter:</dt>
1285
1286             <dd>
1287               <p>The name of a client-header filter, as defined in one of the
1288               <a href="filter-file.html">filter files</a>.</p>
1289             </dd>
1290
1291             <dt>Notes:</dt>
1292
1293             <dd>
1294               <p>Client-header filters are applied to each header on its own,
1295               not to all at once. This makes it easier to diagnose problems,
1296               but on the downside you can't write filters that only change
1297               header x if header y's value is z. You can do that by using
1298               tags though.</p>
1299
1300               <p>Client-header filters are executed after the other header
1301               actions have finished and use their output as input.</p>
1302
1303               <p>If the request URI gets changed, <span class=
1304               "APPLICATION">Privoxy</span> will detect that and use the new
1305               one. This can be used to rewrite the request destination behind
1306               the client's back, for example to specify a Tor exit relay for
1307               certain requests.</p>
1308
1309               <p>Please refer to the <a href="filter-file.html">filter file
1310               chapter</a> to learn which client-header filters are available
1311               by default, and how to create your own.</p>
1312             </dd>
1313
1314             <dt>Example usage (section):</dt>
1315
1316             <dd>
1317               <table border="0" bgcolor="#E0E0E0" width="90%">
1318                 <tr>
1319                   <td>
1320                     <pre class="SCREEN">
1321 # Hide Tor exit notation in Host and Referer Headers
1322 {+client-header-filter{hide-tor-exit-notation}}
1323 /
1324
1325 </pre>
1326                   </td>
1327                 </tr>
1328               </table>
1329             </dd>
1330           </dl>
1331         </div>
1332       </div>
1333
1334       <div class="SECT3">
1335         <h4 class="SECT3"><a name="CLIENT-HEADER-TAGGER" id=
1336         "CLIENT-HEADER-TAGGER">8.5.5. client-header-tagger</a></h4>
1337
1338         <div class="VARIABLELIST">
1339           <dl>
1340             <dt>Typical use:</dt>
1341
1342             <dd>
1343               <p>Block requests based on their headers.</p>
1344             </dd>
1345
1346             <dt>Effect:</dt>
1347
1348             <dd>
1349               <p>Client headers to which this action applies are filtered
1350               on-the-fly through the specified regular expression based
1351               substitutions, the result is used as tag.</p>
1352             </dd>
1353
1354             <dt>Type:</dt>
1355
1356             <dd>
1357               <p>Multi-value.</p>
1358             </dd>
1359
1360             <dt>Parameter:</dt>
1361
1362             <dd>
1363               <p>The name of a client-header tagger, as defined in one of the
1364               <a href="filter-file.html">filter files</a>.</p>
1365             </dd>
1366
1367             <dt>Notes:</dt>
1368
1369             <dd>
1370               <p>Client-header taggers are applied to each header on its own,
1371               and as the header isn't modified, each tagger <span class=
1372               "QUOTE">"sees"</span> the original.</p>
1373
1374               <p>Client-header taggers are the first actions that are
1375               executed and their tags can be used to control every other
1376               action.</p>
1377             </dd>
1378
1379             <dt>Example usage (section):</dt>
1380
1381             <dd>
1382               <table border="0" bgcolor="#E0E0E0" width="90%">
1383                 <tr>
1384                   <td>
1385                     <pre class="SCREEN">
1386 # Tag every request with the User-Agent header
1387 {+client-header-tagger{user-agent}}
1388 /
1389
1390 # Tagging itself doesn't change the action
1391 # settings, sections with TAG patterns do:
1392 #
1393 # If it's a download agent, use a different forwarding proxy,
1394 # show the real User-Agent and make sure resume works.
1395 {+forward-override{forward-socks5 10.0.0.2:2222 .} \
1396  -hide-if-modified-since      \
1397  -overwrite-last-modified     \
1398  -hide-user-agent             \
1399  -filter                      \
1400  -deanimate-gifs              \
1401 }
1402 TAG:^User-Agent: NetBSD-ftp/
1403 TAG:^User-Agent: Novell ZYPP Installer
1404 TAG:^User-Agent: RPM APT-HTTP/
1405 TAG:^User-Agent: fetch libfetch/
1406 TAG:^User-Agent: Ubuntu APT-HTTP/
1407 TAG:^User-Agent: MPlayer/
1408
1409 </pre>
1410                   </td>
1411                 </tr>
1412               </table>
1413
1414               <table border="0" bgcolor="#E0E0E0" width="90%">
1415                 <tr>
1416                   <td>
1417                     <pre class="SCREEN">
1418 # Tag all requests with the Range header set
1419 {+client-header-tagger{range-requests}}
1420 /
1421
1422 # Disable filtering for the tagged requests.
1423 #
1424 # With filtering enabled Privoxy would remove the Range headers
1425 # to be able to filter the whole response. The downside is that
1426 # it prevents clients from resuming downloads or skipping over
1427 # parts of multimedia files.
1428 {-filter -deanimate-gifs}
1429 TAG:^RANGE-REQUEST$
1430
1431 </pre>
1432                   </td>
1433                 </tr>
1434               </table>
1435             </dd>
1436           </dl>
1437         </div>
1438       </div>
1439
1440       <div class="SECT3">
1441         <h4 class="SECT3"><a name="CONTENT-TYPE-OVERWRITE" id=
1442         "CONTENT-TYPE-OVERWRITE">8.5.6. content-type-overwrite</a></h4>
1443
1444         <div class="VARIABLELIST">
1445           <dl>
1446             <dt>Typical use:</dt>
1447
1448             <dd>
1449               <p>Stop useless download menus from popping up, or change the
1450               browser's rendering mode</p>
1451             </dd>
1452
1453             <dt>Effect:</dt>
1454
1455             <dd>
1456               <p>Replaces the <span class="QUOTE">"Content-Type:"</span> HTTP
1457               server header.</p>
1458             </dd>
1459
1460             <dt>Type:</dt>
1461
1462             <dd>
1463               <p>Parameterized.</p>
1464             </dd>
1465
1466             <dt>Parameter:</dt>
1467
1468             <dd>
1469               <p>Any string.</p>
1470             </dd>
1471
1472             <dt>Notes:</dt>
1473
1474             <dd>
1475               <p>The <span class="QUOTE">"Content-Type:"</span> HTTP server
1476               header is used by the browser to decide what to do with the
1477               document. The value of this header can cause the browser to
1478               open a download menu instead of displaying the document by
1479               itself, even if the document's format is supported by the
1480               browser.</p>
1481
1482               <p>The declared content type can also affect which rendering
1483               mode the browser chooses. If XHTML is delivered as <span class=
1484               "QUOTE">"text/html"</span>, many browsers treat it as yet
1485               another broken HTML document. If it is send as <span class=
1486               "QUOTE">"application/xml"</span>, browsers with XHTML support
1487               will only display it, if the syntax is correct.</p>
1488
1489               <p>If you see a web site that proudly uses XHTML buttons, but
1490               sets <span class="QUOTE">"Content-Type: text/html"</span>, you
1491               can use <span class="APPLICATION">Privoxy</span> to overwrite
1492               it with <span class="QUOTE">"application/xml"</span> and
1493               validate the web master's claim inside your XHTML-supporting
1494               browser. If the syntax is incorrect, the browser will complain
1495               loudly.</p>
1496
1497               <p>You can also go the opposite direction: if your browser
1498               prints error messages instead of rendering a document falsely
1499               declared as XHTML, you can overwrite the content type with
1500               <span class="QUOTE">"text/html"</span> and have it rendered as
1501               broken HTML document.</p>
1502
1503               <p>By default <tt class="LITERAL">content-type-overwrite</tt>
1504               only replaces <span class="QUOTE">"Content-Type:"</span>
1505               headers that look like some kind of text. If you want to
1506               overwrite it unconditionally, you have to combine it with
1507               <tt class="LITERAL"><a href=
1508               "actions-file.html#FORCE-TEXT-MODE">force-text-mode</a></tt>.
1509               This limitation exists for a reason, think twice before
1510               circumventing it.</p>
1511
1512               <p>Most of the time it's easier to replace this action with a
1513               custom <tt class="LITERAL"><a href=
1514               "actions-file.html#SERVER-HEADER-FILTER">server-header
1515               filter</a></tt>. It allows you to activate it for every
1516               document of a certain site and it will still only replace the
1517               content types you aimed at.</p>
1518
1519               <p>Of course you can apply <tt class=
1520               "LITERAL">content-type-overwrite</tt> to a whole site and then
1521               make URL based exceptions, but it's a lot more work to get the
1522               same precision.</p>
1523             </dd>
1524
1525             <dt>Example usage (sections):</dt>
1526
1527             <dd>
1528               <table border="0" bgcolor="#E0E0E0" width="90%">
1529                 <tr>
1530                   <td>
1531                     <pre class="SCREEN">
1532 # Check if www.example.net/ really uses valid XHTML
1533 { +content-type-overwrite{application/xml} }
1534 www.example.net/
1535
1536 # but leave the content type unmodified if the URL looks like a style sheet
1537 {-content-type-overwrite}
1538 www.example.net/.*\.css$
1539 www.example.net/.*style
1540 </pre>
1541                   </td>
1542                 </tr>
1543               </table>
1544             </dd>
1545           </dl>
1546         </div>
1547       </div>
1548
1549       <div class="SECT3">
1550         <h4 class="SECT3"><a name="CRUNCH-CLIENT-HEADER" id=
1551         "CRUNCH-CLIENT-HEADER">8.5.7. crunch-client-header</a></h4>
1552
1553         <div class="VARIABLELIST">
1554           <dl>
1555             <dt>Typical use:</dt>
1556
1557             <dd>
1558               <p>Remove a client header <span class=
1559               "APPLICATION">Privoxy</span> has no dedicated action for.</p>
1560             </dd>
1561
1562             <dt>Effect:</dt>
1563
1564             <dd>
1565               <p>Deletes every header sent by the client that contains the
1566               string the user supplied as parameter.</p>
1567             </dd>
1568
1569             <dt>Type:</dt>
1570
1571             <dd>
1572               <p>Parameterized.</p>
1573             </dd>
1574
1575             <dt>Parameter:</dt>
1576
1577             <dd>
1578               <p>Any string.</p>
1579             </dd>
1580
1581             <dt>Notes:</dt>
1582
1583             <dd>
1584               <p>This action allows you to block client headers for which no
1585               dedicated <span class="APPLICATION">Privoxy</span> action
1586               exists. <span class="APPLICATION">Privoxy</span> will remove
1587               every client header that contains the string you supplied as
1588               parameter.</p>
1589
1590               <p>Regular expressions are <span class="emphasis"><i class=
1591               "EMPHASIS">not supported</i></span> and you can't use this
1592               action to block different headers in the same request, unless
1593               they contain the same string.</p>
1594
1595               <p><tt class="LITERAL">crunch-client-header</tt> is only meant
1596               for quick tests. If you have to block several different
1597               headers, or only want to modify parts of them, you should use a
1598               <tt class="LITERAL"><a href=
1599               "actions-file.html#CLIENT-HEADER-FILTER">client-header
1600               filter</a></tt>.</p>
1601
1602               <div class="WARNING">
1603                 <table class="WARNING" border="1" width="90%">
1604                   <tr>
1605                     <td align="center"><b>Warning</b></td>
1606                   </tr>
1607
1608                   <tr>
1609                     <td align="left">
1610                       <p>Don't block any header without understanding the
1611                       consequences.</p>
1612                     </td>
1613                   </tr>
1614                 </table>
1615               </div>
1616             </dd>
1617
1618             <dt>Example usage (section):</dt>
1619
1620             <dd>
1621               <table border="0" bgcolor="#E0E0E0" width="90%">
1622                 <tr>
1623                   <td>
1624                     <pre class="SCREEN">
1625 # Block the non-existent "Privacy-Violation:" client header
1626 { +crunch-client-header{Privacy-Violation:} }
1627 /
1628
1629 </pre>
1630                   </td>
1631                 </tr>
1632               </table>
1633             </dd>
1634           </dl>
1635         </div>
1636       </div>
1637
1638       <div class="SECT3">
1639         <h4 class="SECT3"><a name="CRUNCH-IF-NONE-MATCH" id=
1640         "CRUNCH-IF-NONE-MATCH">8.5.8. crunch-if-none-match</a></h4>
1641
1642         <div class="VARIABLELIST">
1643           <dl>
1644             <dt>Typical use:</dt>
1645
1646             <dd>
1647               <p>Prevent yet another way to track the user's steps between
1648               sessions.</p>
1649             </dd>
1650
1651             <dt>Effect:</dt>
1652
1653             <dd>
1654               <p>Deletes the <span class="QUOTE">"If-None-Match:"</span> HTTP
1655               client header.</p>
1656             </dd>
1657
1658             <dt>Type:</dt>
1659
1660             <dd>
1661               <p>Boolean.</p>
1662             </dd>
1663
1664             <dt>Parameter:</dt>
1665
1666             <dd>
1667               <p>N/A</p>
1668             </dd>
1669
1670             <dt>Notes:</dt>
1671
1672             <dd>
1673               <p>Removing the <span class="QUOTE">"If-None-Match:"</span>
1674               HTTP client header is useful for filter testing, where you want
1675               to force a real reload instead of getting status code
1676               <span class="QUOTE">"304"</span> which would cause the browser
1677               to use a cached copy of the page.</p>
1678
1679               <p>It is also useful to make sure the header isn't used as a
1680               cookie replacement (unlikely but possible).</p>
1681
1682               <p>Blocking the <span class="QUOTE">"If-None-Match:"</span>
1683               header shouldn't cause any caching problems, as long as the
1684               <span class="QUOTE">"If-Modified-Since:"</span> header isn't
1685               blocked or missing as well.</p>
1686
1687               <p>It is recommended to use this action together with
1688               <tt class="LITERAL"><a href=
1689               "actions-file.html#HIDE-IF-MODIFIED-SINCE">hide-if-modified-since</a></tt>
1690               and <tt class="LITERAL"><a href=
1691               "actions-file.html#OVERWRITE-LAST-MODIFIED">overwrite-last-modified</a></tt>.</p>
1692             </dd>
1693
1694             <dt>Example usage (section):</dt>
1695
1696             <dd>
1697               <table border="0" bgcolor="#E0E0E0" width="90%">
1698                 <tr>
1699                   <td>
1700                     <pre class="SCREEN">
1701 # Let the browser revalidate cached documents but don't
1702 # allow the server to use the revalidation headers for user tracking.
1703 {+hide-if-modified-since{-60} \
1704  +overwrite-last-modified{randomize} \
1705  +crunch-if-none-match}
1706 /
1707 </pre>
1708                   </td>
1709                 </tr>
1710               </table>
1711             </dd>
1712           </dl>
1713         </div>
1714       </div>
1715
1716       <div class="SECT3">
1717         <h4 class="SECT3"><a name="CRUNCH-INCOMING-COOKIES" id=
1718         "CRUNCH-INCOMING-COOKIES">8.5.9. crunch-incoming-cookies</a></h4>
1719
1720         <div class="VARIABLELIST">
1721           <dl>
1722             <dt>Typical use:</dt>
1723
1724             <dd>
1725               <p>Prevent the web server from setting HTTP cookies on your
1726               system</p>
1727             </dd>
1728
1729             <dt>Effect:</dt>
1730
1731             <dd>
1732               <p>Deletes any <span class="QUOTE">"Set-Cookie:"</span> HTTP
1733               headers from server replies.</p>
1734             </dd>
1735
1736             <dt>Type:</dt>
1737
1738             <dd>
1739               <p>Boolean.</p>
1740             </dd>
1741
1742             <dt>Parameter:</dt>
1743
1744             <dd>
1745               <p>N/A</p>
1746             </dd>
1747
1748             <dt>Notes:</dt>
1749
1750             <dd>
1751               <p>This action is only concerned with <span class=
1752               "emphasis"><i class="EMPHASIS">incoming</i></span> HTTP
1753               cookies. For <span class="emphasis"><i class=
1754               "EMPHASIS">outgoing</i></span> HTTP cookies, use <tt class=
1755               "LITERAL"><a href=
1756               "actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a></tt>.
1757               Use <span class="emphasis"><i class="EMPHASIS">both</i></span>
1758               to disable HTTP cookies completely.</p>
1759
1760               <p>It makes <span class="emphasis"><i class="EMPHASIS">no sense
1761               at all</i></span> to use this action in conjunction with the
1762               <tt class="LITERAL"><a href=
1763               "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a></tt>
1764               action, since it would prevent the session cookies from being
1765               set. See also <tt class="LITERAL"><a href=
1766               "actions-file.html#FILTER-CONTENT-COOKIES">filter-content-cookies</a></tt>.</p>
1767             </dd>
1768
1769             <dt>Example usage:</dt>
1770
1771             <dd>
1772               <table border="0" bgcolor="#E0E0E0" width="90%">
1773                 <tr>
1774                   <td>
1775                     <pre class="SCREEN">
1776 +crunch-incoming-cookies
1777 </pre>
1778                   </td>
1779                 </tr>
1780               </table>
1781             </dd>
1782           </dl>
1783         </div>
1784       </div>
1785
1786       <div class="SECT3">
1787         <h4 class="SECT3"><a name="CRUNCH-SERVER-HEADER" id=
1788         "CRUNCH-SERVER-HEADER">8.5.10. crunch-server-header</a></h4>
1789
1790         <div class="VARIABLELIST">
1791           <dl>
1792             <dt>Typical use:</dt>
1793
1794             <dd>
1795               <p>Remove a server header <span class=
1796               "APPLICATION">Privoxy</span> has no dedicated action for.</p>
1797             </dd>
1798
1799             <dt>Effect:</dt>
1800
1801             <dd>
1802               <p>Deletes every header sent by the server that contains the
1803               string the user supplied as parameter.</p>
1804             </dd>
1805
1806             <dt>Type:</dt>
1807
1808             <dd>
1809               <p>Parameterized.</p>
1810             </dd>
1811
1812             <dt>Parameter:</dt>
1813
1814             <dd>
1815               <p>Any string.</p>
1816             </dd>
1817
1818             <dt>Notes:</dt>
1819
1820             <dd>
1821               <p>This action allows you to block server headers for which no
1822               dedicated <span class="APPLICATION">Privoxy</span> action
1823               exists. <span class="APPLICATION">Privoxy</span> will remove
1824               every server header that contains the string you supplied as
1825               parameter.</p>
1826
1827               <p>Regular expressions are <span class="emphasis"><i class=
1828               "EMPHASIS">not supported</i></span> and you can't use this
1829               action to block different headers in the same request, unless
1830               they contain the same string.</p>
1831
1832               <p><tt class="LITERAL">crunch-server-header</tt> is only meant
1833               for quick tests. If you have to block several different
1834               headers, or only want to modify parts of them, you should use a
1835               custom <tt class="LITERAL"><a href=
1836               "actions-file.html#SERVER-HEADER-FILTER">server-header
1837               filter</a></tt>.</p>
1838
1839               <div class="WARNING">
1840                 <table class="WARNING" border="1" width="90%">
1841                   <tr>
1842                     <td align="center"><b>Warning</b></td>
1843                   </tr>
1844
1845                   <tr>
1846                     <td align="left">
1847                       <p>Don't block any header without understanding the
1848                       consequences.</p>
1849                     </td>
1850                   </tr>
1851                 </table>
1852               </div>
1853             </dd>
1854
1855             <dt>Example usage (section):</dt>
1856
1857             <dd>
1858               <table border="0" bgcolor="#E0E0E0" width="90%">
1859                 <tr>
1860                   <td>
1861                     <pre class="SCREEN">
1862 # Crunch server headers that try to prevent caching
1863 { +crunch-server-header{no-cache} }
1864 /
1865 </pre>
1866                   </td>
1867                 </tr>
1868               </table>
1869             </dd>
1870           </dl>
1871         </div>
1872       </div>
1873
1874       <div class="SECT3">
1875         <h4 class="SECT3"><a name="CRUNCH-OUTGOING-COOKIES" id=
1876         "CRUNCH-OUTGOING-COOKIES">8.5.11. crunch-outgoing-cookies</a></h4>
1877
1878         <div class="VARIABLELIST">
1879           <dl>
1880             <dt>Typical use:</dt>
1881
1882             <dd>
1883               <p>Prevent the web server from reading any HTTP cookies from
1884               your system</p>
1885             </dd>
1886
1887             <dt>Effect:</dt>
1888
1889             <dd>
1890               <p>Deletes any <span class="QUOTE">"Cookie:"</span> HTTP
1891               headers from client requests.</p>
1892             </dd>
1893
1894             <dt>Type:</dt>
1895
1896             <dd>
1897               <p>Boolean.</p>
1898             </dd>
1899
1900             <dt>Parameter:</dt>
1901
1902             <dd>
1903               <p>N/A</p>
1904             </dd>
1905
1906             <dt>Notes:</dt>
1907
1908             <dd>
1909               <p>This action is only concerned with <span class=
1910               "emphasis"><i class="EMPHASIS">outgoing</i></span> HTTP
1911               cookies. For <span class="emphasis"><i class=
1912               "EMPHASIS">incoming</i></span> HTTP cookies, use <tt class=
1913               "LITERAL"><a href=
1914               "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a></tt>.
1915               Use <span class="emphasis"><i class="EMPHASIS">both</i></span>
1916               to disable HTTP cookies completely.</p>
1917
1918               <p>It makes <span class="emphasis"><i class="EMPHASIS">no sense
1919               at all</i></span> to use this action in conjunction with the
1920               <tt class="LITERAL"><a href=
1921               "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a></tt>
1922               action, since it would prevent the session cookies from being
1923               read.</p>
1924             </dd>
1925
1926             <dt>Example usage:</dt>
1927
1928             <dd>
1929               <table border="0" bgcolor="#E0E0E0" width="90%">
1930                 <tr>
1931                   <td>
1932                     <pre class="SCREEN">
1933 +crunch-outgoing-cookies
1934 </pre>
1935                   </td>
1936                 </tr>
1937               </table>
1938             </dd>
1939           </dl>
1940         </div>
1941       </div>
1942
1943       <div class="SECT3">
1944         <h4 class="SECT3"><a name="DEANIMATE-GIFS" id=
1945         "DEANIMATE-GIFS">8.5.12. deanimate-gifs</a></h4>
1946
1947         <div class="VARIABLELIST">
1948           <dl>
1949             <dt>Typical use:</dt>
1950
1951             <dd>
1952               <p>Stop those annoying, distracting animated GIF images.</p>
1953             </dd>
1954
1955             <dt>Effect:</dt>
1956
1957             <dd>
1958               <p>De-animate GIF animations, i.e. reduce them to their first
1959               or last image.</p>
1960             </dd>
1961
1962             <dt>Type:</dt>
1963
1964             <dd>
1965               <p>Parameterized.</p>
1966             </dd>
1967
1968             <dt>Parameter:</dt>
1969
1970             <dd>
1971               <p><span class="QUOTE">"last"</span> or <span class=
1972               "QUOTE">"first"</span></p>
1973             </dd>
1974
1975             <dt>Notes:</dt>
1976
1977             <dd>
1978               <p>This will also shrink the images considerably (in bytes, not
1979               pixels!). If the option <span class="QUOTE">"first"</span> is
1980               given, the first frame of the animation is used as the
1981               replacement. If <span class="QUOTE">"last"</span> is given, the
1982               last frame of the animation is used instead, which probably
1983               makes more sense for most banner animations, but also has the
1984               risk of not showing the entire last frame (if it is only a
1985               delta to an earlier frame).</p>
1986
1987               <p>You can safely use this action with patterns that will also
1988               match non-GIF objects, because no attempt will be made at
1989               anything that doesn't look like a GIF.</p>
1990             </dd>
1991
1992             <dt>Example usage:</dt>
1993
1994             <dd>
1995               <table border="0" bgcolor="#E0E0E0" width="90%">
1996                 <tr>
1997                   <td>
1998                     <pre class="SCREEN">
1999 +deanimate-gifs{last}
2000 </pre>
2001                   </td>
2002                 </tr>
2003               </table>
2004             </dd>
2005           </dl>
2006         </div>
2007       </div>
2008
2009       <div class="SECT3">
2010         <h4 class="SECT3"><a name="DOWNGRADE-HTTP-VERSION" id=
2011         "DOWNGRADE-HTTP-VERSION">8.5.13. downgrade-http-version</a></h4>
2012
2013         <div class="VARIABLELIST">
2014           <dl>
2015             <dt>Typical use:</dt>
2016
2017             <dd>
2018               <p>Work around (very rare) problems with HTTP/1.1</p>
2019             </dd>
2020
2021             <dt>Effect:</dt>
2022
2023             <dd>
2024               <p>Downgrades HTTP/1.1 client requests and server replies to
2025               HTTP/1.0.</p>
2026             </dd>
2027
2028             <dt>Type:</dt>
2029
2030             <dd>
2031               <p>Boolean.</p>
2032             </dd>
2033
2034             <dt>Parameter:</dt>
2035
2036             <dd>
2037               <p>N/A</p>
2038             </dd>
2039
2040             <dt>Notes:</dt>
2041
2042             <dd>
2043               <p>This is a left-over from the time when <span class=
2044               "APPLICATION">Privoxy</span> didn't support important HTTP/1.1
2045               features well. It is left here for the unlikely case that you
2046               experience HTTP/1.1-related problems with some server out
2047               there.</p>
2048
2049               <p>Note that enabling this action is only a workaround. It
2050               should not be enabled for sites that work without it. While it
2051               shouldn't break any pages, it has an (usually negative)
2052               performance impact.</p>
2053
2054               <p>If you come across a site where enabling this action helps,
2055               please report it, so the cause of the problem can be analyzed.
2056               If the problem turns out to be caused by a bug in <span class=
2057               "APPLICATION">Privoxy</span> it should be fixed so the
2058               following release works without the work around.</p>
2059             </dd>
2060
2061             <dt>Example usage (section):</dt>
2062
2063             <dd>
2064               <table border="0" bgcolor="#E0E0E0" width="90%">
2065                 <tr>
2066                   <td>
2067                     <pre class="SCREEN">
2068 {+downgrade-http-version}
2069 problem-host.example.com
2070 </pre>
2071                   </td>
2072                 </tr>
2073               </table>
2074             </dd>
2075           </dl>
2076         </div>
2077       </div>
2078
2079       <div class="SECT3">
2080         <h4 class="SECT3"><a name="EXTERNAL-FILTER" id=
2081         "EXTERNAL-FILTER">8.5.14. external-filter</a></h4>
2082
2083         <div class="VARIABLELIST">
2084           <dl>
2085             <dt>Typical use:</dt>
2086
2087             <dd>
2088               <p>Modify content using a programming language of your
2089               choice.</p>
2090             </dd>
2091
2092             <dt>Effect:</dt>
2093
2094             <dd>
2095               <p>All instances of text-based type, most notably HTML and
2096               JavaScript, to which this action applies, can be filtered
2097               on-the-fly through the specified external filter. By default
2098               plain text documents are exempted from filtering, because web
2099               servers often use the <tt class="LITERAL">text/plain</tt> MIME
2100               type for all files whose type they don't know.)</p>
2101             </dd>
2102
2103             <dt>Type:</dt>
2104
2105             <dd>
2106               <p>Multi-value.</p>
2107             </dd>
2108
2109             <dt>Parameter:</dt>
2110
2111             <dd>
2112               <p>The name of an external content filter, as defined in the
2113               <a href="filter-file.html">filter file</a>. External filters
2114               can be defined in one or more files as defined by the
2115               <tt class="LITERAL"><a href=
2116               "config.html#FILTERFILE">filterfile</a></tt> option in the
2117               <a href="config.html">config file</a>.</p>
2118
2119               <p>When used in its negative form, and without parameters,
2120               <span class="emphasis"><i class="EMPHASIS">all</i></span>
2121               filtering with external filters is completely disabled.</p>
2122             </dd>
2123
2124             <dt>Notes:</dt>
2125
2126             <dd>
2127               <p>External filters are scripts or programs that can modify the
2128               content in case common <tt class="LITERAL"><a href=
2129               "actions-file.html#FILTER">filters</a></tt> aren't powerful
2130               enough. With the exception that this action doesn't use
2131               pcrs-based filters, the notes in the <tt class=
2132               "LITERAL"><a href="actions-file.html#FILTER">filter</a></tt>
2133               section apply.</p>
2134
2135               <div class="WARNING">
2136                 <table class="WARNING" border="1" width="90%">
2137                   <tr>
2138                     <td align="center"><b>Warning</b></td>
2139                   </tr>
2140
2141                   <tr>
2142                     <td align="left">
2143                       <p>Currently external filters are executed with
2144                       <span class="APPLICATION">Privoxy</span>'s privileges.
2145                       Only use external filters you understand and trust.</p>
2146                     </td>
2147                   </tr>
2148                 </table>
2149               </div>
2150
2151               <p>This feature is experimental, the <tt class=
2152               "LITERAL"><a href=
2153               "filter-file.html#EXTERNAL-FILTER-SYNTAX">syntax</a></tt> may
2154               change in the future.</p>
2155             </dd>
2156
2157             <dt>Example usage:</dt>
2158
2159             <dd>
2160               <table border="0" bgcolor="#E0E0E0" width="90%">
2161                 <tr>
2162                   <td>
2163                     <pre class="SCREEN">
2164 +external-filter{fancy-filter}
2165 </pre>
2166                   </td>
2167                 </tr>
2168               </table>
2169             </dd>
2170           </dl>
2171         </div>
2172       </div>
2173
2174       <div class="SECT3">
2175         <h4 class="SECT3"><a name="FAST-REDIRECTS" id=
2176         "FAST-REDIRECTS">8.5.15. fast-redirects</a></h4>
2177
2178         <div class="VARIABLELIST">
2179           <dl>
2180             <dt>Typical use:</dt>
2181
2182             <dd>
2183               <p>Fool some click-tracking scripts and speed up indirect
2184               links.</p>
2185             </dd>
2186
2187             <dt>Effect:</dt>
2188
2189             <dd>
2190               <p>Detects redirection URLs and redirects the browser without
2191               contacting the redirection server first.</p>
2192             </dd>
2193
2194             <dt>Type:</dt>
2195
2196             <dd>
2197               <p>Parameterized.</p>
2198             </dd>
2199
2200             <dt>Parameter:</dt>
2201
2202             <dd>
2203               <ul>
2204                 <li>
2205                   <p><span class="QUOTE">"simple-check"</span> to just search
2206                   for the string <span class="QUOTE">"http://"</span> to
2207                   detect redirection URLs.</p>
2208                 </li>
2209
2210                 <li>
2211                   <p><span class="QUOTE">"check-decoded-url"</span> to decode
2212                   URLs (if necessary) before searching for redirection
2213                   URLs.</p>
2214                 </li>
2215               </ul>
2216             </dd>
2217
2218             <dt>Notes:</dt>
2219
2220             <dd>
2221               <p>Many sites, like yahoo.com, don't just link to other sites.
2222               Instead, they will link to some script on their own servers,
2223               giving the destination as a parameter, which will then redirect
2224               you to the final target. URLs resulting from this scheme
2225               typically look like: <span class=
2226               "QUOTE">"http://www.example.org/click-tracker.cgi?target=http%3a//www.example.net/"</span>.</p>
2227
2228               <p>Sometimes, there are even multiple consecutive redirects
2229               encoded in the URL. These redirections via scripts make your
2230               web browsing more traceable, since the server from which you
2231               follow such a link can see where you go to. Apart from that,
2232               valuable bandwidth and time is wasted, while your browser asks
2233               the server for one redirect after the other. Plus, it feeds the
2234               advertisers.</p>
2235
2236               <p>This feature is currently not very smart and is scheduled
2237               for improvement. If it is enabled by default, you will have to
2238               create some exceptions to this action. It can lead to failures
2239               in several ways:</p>
2240
2241               <p>Not every URLs with other URLs as parameters is evil. Some
2242               sites offer a real service that requires this information to
2243               work. For example a validation service needs to know, which
2244               document to validate. <tt class="LITERAL">fast-redirects</tt>
2245               assumes that every URL parameter that looks like another URL is
2246               a redirection target, and will always redirect to the last one.
2247               Most of the time the assumption is correct, but if it isn't,
2248               the user gets redirected anyway.</p>
2249
2250               <p>Another failure occurs if the URL contains other parameters
2251               after the URL parameter. The URL: <span class=
2252               "QUOTE">"http://www.example.org/?redirect=http%3a//www.example.net/&amp;foo=bar"</span>.
2253               contains the redirection URL <span class=
2254               "QUOTE">"http://www.example.net/"</span>, followed by another
2255               parameter. <tt class="LITERAL">fast-redirects</tt> doesn't know
2256               that and will cause a redirect to <span class=
2257               "QUOTE">"http://www.example.net/&amp;foo=bar"</span>. Depending
2258               on the target server configuration, the parameter will be
2259               silently ignored or lead to a <span class="QUOTE">"page not
2260               found"</span> error. You can prevent this problem by first
2261               using the <tt class="LITERAL"><a href=
2262               "actions-file.html#REDIRECT">redirect</a></tt> action to remove
2263               the last part of the URL, but it requires a little effort.</p>
2264
2265               <p>To detect a redirection URL, <tt class=
2266               "LITERAL">fast-redirects</tt> only looks for the string
2267               <span class="QUOTE">"http://"</span>, either in plain text
2268               (invalid but often used) or encoded as <span class=
2269               "QUOTE">"http%3a//"</span>. Some sites use their own URL
2270               encoding scheme, encrypt the address of the target server or
2271               replace it with a database id. In theses cases <tt class=
2272               "LITERAL">fast-redirects</tt> is fooled and the request reaches
2273               the redirection server where it probably gets logged.</p>
2274             </dd>
2275
2276             <dt>Example usage:</dt>
2277
2278             <dd>
2279               <table border="0" bgcolor="#E0E0E0" width="90%">
2280                 <tr>
2281                   <td>
2282                     <pre class="SCREEN">
2283  { +fast-redirects{simple-check} }
2284    one.example.com
2285
2286  { +fast-redirects{check-decoded-url} }
2287    another.example.com/testing
2288 </pre>
2289                   </td>
2290                 </tr>
2291               </table>
2292             </dd>
2293           </dl>
2294         </div>
2295       </div>
2296
2297       <div class="SECT3">
2298         <h4 class="SECT3"><a name="FILTER" id="FILTER">8.5.16.
2299         filter</a></h4>
2300
2301         <div class="VARIABLELIST">
2302           <dl>
2303             <dt>Typical use:</dt>
2304
2305             <dd>
2306               <p>Get rid of HTML and JavaScript annoyances, banner
2307               advertisements (by size), do fun text replacements, add
2308               personalized effects, etc.</p>
2309             </dd>
2310
2311             <dt>Effect:</dt>
2312
2313             <dd>
2314               <p>All instances of text-based type, most notably HTML and
2315               JavaScript, to which this action applies, can be filtered
2316               on-the-fly through the specified regular expression based
2317               substitutions. (Note: as of version 3.0.3 plain text documents
2318               are exempted from filtering, because web servers often use the
2319               <tt class="LITERAL">text/plain</tt> MIME type for all files
2320               whose type they don't know.)</p>
2321             </dd>
2322
2323             <dt>Type:</dt>
2324
2325             <dd>
2326               <p>Multi-value.</p>
2327             </dd>
2328
2329             <dt>Parameter:</dt>
2330
2331             <dd>
2332               <p>The name of a content filter, as defined in the <a href=
2333               "filter-file.html">filter file</a>. Filters can be defined in
2334               one or more files as defined by the <tt class=
2335               "LITERAL"><a href="config.html#FILTERFILE">filterfile</a></tt>
2336               option in the <a href="config.html">config file</a>. <tt class=
2337               "FILENAME">default.filter</tt> is the collection of filters
2338               supplied by the developers. Locally defined filters should go
2339               in their own file, such as <tt class=
2340               "FILENAME">user.filter</tt>.</p>
2341
2342               <p>When used in its negative form, and without parameters,
2343               <span class="emphasis"><i class="EMPHASIS">all</i></span>
2344               filtering is completely disabled.</p>
2345             </dd>
2346
2347             <dt>Notes:</dt>
2348
2349             <dd>
2350               <p>For your convenience, there are a number of pre-defined
2351               filters available in the distribution filter file that you can
2352               use. See the examples below for a list.</p>
2353
2354               <p>Filtering requires buffering the page content, which may
2355               appear to slow down page rendering since nothing is displayed
2356               until all content has passed the filters. (The total time until
2357               the page is completely rendered doesn't change much, but it may
2358               be perceived as slower since the page is not incrementally
2359               displayed.) This effect will be more noticeable on slower
2360               connections.</p>
2361
2362               <p><span class="QUOTE">"Rolling your own"</span> filters
2363               requires a knowledge of <a href=
2364               "http://en.wikipedia.org/wiki/Regular_expressions" target=
2365               "_top"><span class="QUOTE">"Regular Expressions"</span></a> and
2366               <a href="http://en.wikipedia.org/wiki/Html" target=
2367               "_top"><span class="QUOTE">"HTML"</span></a>. This is very
2368               powerful feature, and potentially very intrusive. Filters
2369               should be used with caution, and where an equivalent
2370               <span class="QUOTE">"action"</span> is not available.</p>
2371
2372               <p>The amount of data that can be filtered is limited to the
2373               <tt class="LITERAL"><a href=
2374               "config.html#BUFFER-LIMIT">buffer-limit</a></tt> option in the
2375               main <a href="config.html">config file</a>. The default is 4096
2376               KB (4 Megs). Once this limit is exceeded, the buffered data,
2377               and all pending data, is passed through unfiltered.</p>
2378
2379               <p>Inappropriate MIME types, such as zipped files, are not
2380               filtered at all. (Again, only text-based types except plain
2381               text). Encrypted SSL data (from HTTPS servers) cannot be
2382               filtered either, since this would violate the integrity of the
2383               secure transaction. In some situations it might be necessary to
2384               protect certain text, like source code, from filtering by
2385               defining appropriate <tt class="LITERAL">-filter</tt>
2386               exceptions.</p>
2387
2388               <p>Compressed content can't be filtered either, but if
2389               <span class="APPLICATION">Privoxy</span> is compiled with zlib
2390               support and a supported compression algorithm is used (gzip or
2391               deflate), <span class="APPLICATION">Privoxy</span> can first
2392               decompress the content and then filter it.</p>
2393
2394               <p>If you use a <span class="APPLICATION">Privoxy</span>
2395               version without zlib support, but want filtering to work on as
2396               much documents as possible, even those that would normally be
2397               sent compressed, you must use the <tt class="LITERAL"><a href=
2398               "actions-file.html#PREVENT-COMPRESSION">prevent-compression</a></tt>
2399               action in conjunction with <tt class="LITERAL">filter</tt>.</p>
2400
2401               <p>Content filtering can achieve some of the same effects as
2402               the <tt class="LITERAL"><a href=
2403               "actions-file.html#BLOCK">block</a></tt> action, i.e. it can be
2404               used to block ads and banners. But the mechanism works quite
2405               differently. One effective use, is to block ad banners based on
2406               their size (see below), since many of these seem to be somewhat
2407               standardized.</p>
2408
2409               <p><a href="contact.html">Feedback</a> with suggestions for new
2410               or improved filters is particularly welcome!</p>
2411
2412               <p>The below list has only the names and a one-line description
2413               of each predefined filter. There are <a href=
2414               "filter-file.html#PREDEFINED-FILTERS">more verbose
2415               explanations</a> of what these filters do in the <a href=
2416               "filter-file.html">filter file chapter</a>.</p>
2417             </dd>
2418
2419             <dt>Example usage (with filters from the distribution <tt class=
2420             "FILENAME">default.filter</tt> file). See <a href=
2421             "filter-file.html#PREDEFINED-FILTERS">the Predefined Filters
2422             section</a> for more explanation on each:</dt>
2423
2424             <dd>
2425               <p><a name="FILTER-JS-ANNOYANCES" id=
2426               "FILTER-JS-ANNOYANCES"></a></p>
2427
2428               <table border="0" bgcolor="#E0E0E0" width="90%">
2429                 <tr>
2430                   <td>
2431                     <pre class="SCREEN">
2432 +filter{js-annoyances}       # Get rid of particularly annoying JavaScript abuse.
2433 </pre>
2434                   </td>
2435                 </tr>
2436               </table>
2437
2438               <p><a name="FILTER-JS-EVENTS" id="FILTER-JS-EVENTS"></a></p>
2439
2440               <table border="0" bgcolor="#E0E0E0" width="90%">
2441                 <tr>
2442                   <td>
2443                     <pre class="SCREEN">
2444 +filter{js-events}           # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).
2445 </pre>
2446                   </td>
2447                 </tr>
2448               </table>
2449
2450               <p><a name="FILTER-HTML-ANNOYANCES" id=
2451               "FILTER-HTML-ANNOYANCES"></a></p>
2452
2453               <table border="0" bgcolor="#E0E0E0" width="90%">
2454                 <tr>
2455                   <td>
2456                     <pre class="SCREEN">
2457 +filter{html-annoyances}     # Get rid of particularly annoying HTML abuse.
2458 </pre>
2459                   </td>
2460                 </tr>
2461               </table>
2462
2463               <p><a name="FILTER-CONTENT-COOKIES" id=
2464               "FILTER-CONTENT-COOKIES"></a></p>
2465
2466               <table border="0" bgcolor="#E0E0E0" width="90%">
2467                 <tr>
2468                   <td>
2469                     <pre class="SCREEN">
2470 +filter{content-cookies}     # Kill cookies that come in the HTML or JS content.
2471 </pre>
2472                   </td>
2473                 </tr>
2474               </table>
2475
2476               <p><a name="FILTER-REFRESH-TAGS" id=
2477               "FILTER-REFRESH-TAGS"></a></p>
2478
2479               <table border="0" bgcolor="#E0E0E0" width="90%">
2480                 <tr>
2481                   <td>
2482                     <pre class="SCREEN">
2483 +filter{refresh-tags}        # Kill automatic refresh tags if refresh time is larger than 9 seconds.
2484 </pre>
2485                   </td>
2486                 </tr>
2487               </table>
2488
2489               <p><a name="FILTER-UNSOLICITED-POPUPS" id=
2490               "FILTER-UNSOLICITED-POPUPS"></a></p>
2491
2492               <table border="0" bgcolor="#E0E0E0" width="90%">
2493                 <tr>
2494                   <td>
2495                     <pre class="SCREEN">
2496 +filter{unsolicited-popups}  # Disable only unsolicited pop-up windows.
2497 </pre>
2498                   </td>
2499                 </tr>
2500               </table>
2501
2502               <p><a name="FILTER-ALL-POPUPS" id="FILTER-ALL-POPUPS"></a></p>
2503
2504               <table border="0" bgcolor="#E0E0E0" width="90%">
2505                 <tr>
2506                   <td>
2507                     <pre class="SCREEN">
2508 +filter{all-popups}          # Kill all popups in JavaScript and HTML.
2509 </pre>
2510                   </td>
2511                 </tr>
2512               </table>
2513
2514               <p><a name="FILTER-IMG-REORDER" id=
2515               "FILTER-IMG-REORDER"></a></p>
2516
2517               <table border="0" bgcolor="#E0E0E0" width="90%">
2518                 <tr>
2519                   <td>
2520                     <pre class="SCREEN">
2521 +filter{img-reorder}         # Reorder attributes in &lt;img&gt; tags to make the banners-by-* filters more effective.
2522 </pre>
2523                   </td>
2524                 </tr>
2525               </table>
2526
2527               <p><a name="FILTER-BANNERS-BY-SIZE" id=
2528               "FILTER-BANNERS-BY-SIZE"></a></p>
2529
2530               <table border="0" bgcolor="#E0E0E0" width="90%">
2531                 <tr>
2532                   <td>
2533                     <pre class="SCREEN">
2534 +filter{banners-by-size}     # Kill banners by size.
2535 </pre>
2536                   </td>
2537                 </tr>
2538               </table>
2539
2540               <p><a name="FILTER-BANNERS-BY-LINK" id=
2541               "FILTER-BANNERS-BY-LINK"></a></p>
2542
2543               <table border="0" bgcolor="#E0E0E0" width="90%">
2544                 <tr>
2545                   <td>
2546                     <pre class="SCREEN">
2547 +filter{banners-by-link}     # Kill banners by their links to known clicktrackers.
2548 </pre>
2549                   </td>
2550                 </tr>
2551               </table>
2552
2553               <p><a name="FILTER-WEBBUGS" id="FILTER-WEBBUGS"></a></p>
2554
2555               <table border="0" bgcolor="#E0E0E0" width="90%">
2556                 <tr>
2557                   <td>
2558                     <pre class="SCREEN">
2559 +filter{webbugs}             # Squish WebBugs (1x1 invisible GIFs used for user tracking).
2560 </pre>
2561                   </td>
2562                 </tr>
2563               </table>
2564
2565               <p><a name="FILTER-TINY-TEXTFORMS" id=
2566               "FILTER-TINY-TEXTFORMS"></a></p>
2567
2568               <table border="0" bgcolor="#E0E0E0" width="90%">
2569                 <tr>
2570                   <td>
2571                     <pre class="SCREEN">
2572 +filter{tiny-textforms}      # Extend those tiny textareas up to 40x80 and kill the hard wrap.
2573 </pre>
2574                   </td>
2575                 </tr>
2576               </table>
2577
2578               <p><a name="FILTER-JUMPING-WINDOWS" id=
2579               "FILTER-JUMPING-WINDOWS"></a></p>
2580
2581               <table border="0" bgcolor="#E0E0E0" width="90%">
2582                 <tr>
2583                   <td>
2584                     <pre class="SCREEN">
2585 +filter{jumping-windows}     # Prevent windows from resizing and moving themselves.
2586 </pre>
2587                   </td>
2588                 </tr>
2589               </table>
2590
2591               <p><a name="FILTER-FRAMESET-BORDERS" id=
2592               "FILTER-FRAMESET-BORDERS"></a></p>
2593
2594               <table border="0" bgcolor="#E0E0E0" width="90%">
2595                 <tr>
2596                   <td>
2597                     <pre class="SCREEN">
2598 +filter{frameset-borders}    # Give frames a border and make them resizable.
2599 </pre>
2600                   </td>
2601                 </tr>
2602               </table>
2603
2604               <p><a name="FILTER-IFRAMES" id="FILTER-IFRAMES"></a></p>
2605
2606               <table border="0" bgcolor="#E0E0E0" width="90%">
2607                 <tr>
2608                   <td>
2609                     <pre class="SCREEN">
2610 +filter{iframes}             # Removes all detected iframes. Should only be enabled for individual sites.
2611 </pre>
2612                   </td>
2613                 </tr>
2614               </table>
2615
2616               <p><a name="FILTER-DEMORONIZER" id=
2617               "FILTER-DEMORONIZER"></a></p>
2618
2619               <table border="0" bgcolor="#E0E0E0" width="90%">
2620                 <tr>
2621                   <td>
2622                     <pre class="SCREEN">
2623 +filter{demoronizer}         # Fix MS's non-standard use of standard charsets.
2624 </pre>
2625                   </td>
2626                 </tr>
2627               </table>
2628
2629               <p><a name="FILTER-SHOCKWAVE-FLASH" id=
2630               "FILTER-SHOCKWAVE-FLASH"></a></p>
2631
2632               <table border="0" bgcolor="#E0E0E0" width="90%">
2633                 <tr>
2634                   <td>
2635                     <pre class="SCREEN">
2636 +filter{shockwave-flash}     # Kill embedded Shockwave Flash objects.
2637 </pre>
2638                   </td>
2639                 </tr>
2640               </table>
2641
2642               <p><a name="FILTER-QUICKTIME-KIOSKMODE" id=
2643               "FILTER-QUICKTIME-KIOSKMODE"></a></p>
2644
2645               <table border="0" bgcolor="#E0E0E0" width="90%">
2646                 <tr>
2647                   <td>
2648                     <pre class="SCREEN">
2649 +filter{quicktime-kioskmode} # Make Quicktime movies saveable.
2650 </pre>
2651                   </td>
2652                 </tr>
2653               </table>
2654
2655               <p><a name="FILTER-FUN" id="FILTER-FUN"></a></p>
2656
2657               <table border="0" bgcolor="#E0E0E0" width="90%">
2658                 <tr>
2659                   <td>
2660                     <pre class="SCREEN">
2661 +filter{fun}                 # Text replacements for subversive browsing fun!
2662 </pre>
2663                   </td>
2664                 </tr>
2665               </table>
2666
2667               <p><a name="FILTER-CRUDE-PARENTAL" id=
2668               "FILTER-CRUDE-PARENTAL"></a></p>
2669
2670               <table border="0" bgcolor="#E0E0E0" width="90%">
2671                 <tr>
2672                   <td>
2673                     <pre class="SCREEN">
2674 +filter{crude-parental}      # Crude parental filtering. Note that this filter doesn't work reliably.
2675 </pre>
2676                   </td>
2677                 </tr>
2678               </table>
2679
2680               <p><a name="FILTER-IE-EXPLOITS" id=
2681               "FILTER-IE-EXPLOITS"></a></p>
2682
2683               <table border="0" bgcolor="#E0E0E0" width="90%">
2684                 <tr>
2685                   <td>
2686                     <pre class="SCREEN">
2687 +filter{ie-exploits}         # Disable some known Internet Explorer bug exploits.
2688 </pre>
2689                   </td>
2690                 </tr>
2691               </table>
2692
2693               <p><a name="FILTER-SITE-SPECIFICS" id=
2694               "FILTER-SITE-SPECIFICS"></a></p>
2695
2696               <table border="0" bgcolor="#E0E0E0" width="90%">
2697                 <tr>
2698                   <td>
2699                     <pre class="SCREEN">
2700 +filter{site-specifics}      # Cure for site-specific problems. Don't apply generally!
2701 </pre>
2702                   </td>
2703                 </tr>
2704               </table>
2705
2706               <p><a name="FILTER-NO-PING" id="FILTER-NO-PING"></a></p>
2707
2708               <table border="0" bgcolor="#E0E0E0" width="90%">
2709                 <tr>
2710                   <td>
2711                     <pre class="SCREEN">
2712 +filter{no-ping}             # Removes non-standard ping attributes in &lt;a&gt; and &lt;area&gt; tags.
2713 </pre>
2714                   </td>
2715                 </tr>
2716               </table>
2717
2718               <p><a name="FILTER-GOOGLE" id="FILTER-GOOGLE"></a></p>
2719
2720               <table border="0" bgcolor="#E0E0E0" width="90%">
2721                 <tr>
2722                   <td>
2723                     <pre class="SCREEN">
2724 +filter{google}              # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.
2725 </pre>
2726                   </td>
2727                 </tr>
2728               </table>
2729
2730               <p><a name="FILTER-YAHOO" id="FILTER-YAHOO"></a></p>
2731
2732               <table border="0" bgcolor="#E0E0E0" width="90%">
2733                 <tr>
2734                   <td>
2735                     <pre class="SCREEN">
2736 +filter{yahoo}               # CSS-based block for Yahoo text ads. Also removes a width limitation.
2737 </pre>
2738                   </td>
2739                 </tr>
2740               </table>
2741
2742               <p><a name="FILTER-MSN" id="FILTER-MSN"></a></p>
2743
2744               <table border="0" bgcolor="#E0E0E0" width="90%">
2745                 <tr>
2746                   <td>
2747                     <pre class="SCREEN">
2748 +filter{msn}                 # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.
2749 </pre>
2750                   </td>
2751                 </tr>
2752               </table>
2753
2754               <p><a name="FILTER-BLOGSPOT" id="FILTER-BLOGSPOT"></a></p>
2755
2756               <table border="0" bgcolor="#E0E0E0" width="90%">
2757                 <tr>
2758                   <td>
2759                     <pre class="SCREEN">
2760 +filter{blogspot}            # Cleans up some Blogspot blogs. Read the fine print before using this.
2761 </pre>
2762                   </td>
2763                 </tr>
2764               </table>
2765             </dd>
2766           </dl>
2767         </div>
2768       </div>
2769
2770       <div class="SECT3">
2771         <h4 class="SECT3"><a name="FORCE-TEXT-MODE" id=
2772         "FORCE-TEXT-MODE">8.5.17. force-text-mode</a></h4>
2773
2774         <div class="VARIABLELIST">
2775           <dl>
2776             <dt>Typical use:</dt>
2777
2778             <dd>
2779               <p>Force <span class="APPLICATION">Privoxy</span> to treat a
2780               document as if it was in some kind of <span class=
2781               "emphasis"><i class="EMPHASIS">text</i></span> format.</p>
2782             </dd>
2783
2784             <dt>Effect:</dt>
2785
2786             <dd>
2787               <p>Declares a document as text, even if the <span class=
2788               "QUOTE">"Content-Type:"</span> isn't detected as such.</p>
2789             </dd>
2790
2791             <dt>Type:</dt>
2792
2793             <dd>
2794               <p>Boolean.</p>
2795             </dd>
2796
2797             <dt>Parameter:</dt>
2798
2799             <dd>
2800               <p>N/A</p>
2801             </dd>
2802
2803             <dt>Notes:</dt>
2804
2805             <dd>
2806               <p>As explained <tt class="LITERAL"><a href=
2807               "actions-file.html#FILTER">above</a></tt>, <span class=
2808               "APPLICATION">Privoxy</span> tries to only filter files that
2809               are in some kind of text format. The same restrictions apply to
2810               <tt class="LITERAL"><a href=
2811               "actions-file.html#CONTENT-TYPE-OVERWRITE">content-type-overwrite</a></tt>.
2812               <tt class="LITERAL">force-text-mode</tt> declares a document as
2813               text, without looking at the <span class=
2814               "QUOTE">"Content-Type:"</span> first.</p>
2815
2816               <div class="WARNING">
2817                 <table class="WARNING" border="1" width="90%">
2818                   <tr>
2819                     <td align="center"><b>Warning</b></td>
2820                   </tr>
2821
2822                   <tr>
2823                     <td align="left">
2824                       <p>Think twice before activating this action. Filtering
2825                       binary data with regular expressions can cause file
2826                       damage.</p>
2827                     </td>
2828                   </tr>
2829                 </table>
2830               </div>
2831             </dd>
2832
2833             <dt>Example usage:</dt>
2834
2835             <dd>
2836               <table border="0" bgcolor="#E0E0E0" width="90%">
2837                 <tr>
2838                   <td>
2839                     <pre class="SCREEN">
2840 +force-text-mode
2841
2842 </pre>
2843                   </td>
2844                 </tr>
2845               </table>
2846             </dd>
2847           </dl>
2848         </div>
2849       </div>
2850
2851       <div class="SECT3">
2852         <h4 class="SECT3"><a name="FORWARD-OVERRIDE" id=
2853         "FORWARD-OVERRIDE">8.5.18. forward-override</a></h4>
2854
2855         <div class="VARIABLELIST">
2856           <dl>
2857             <dt>Typical use:</dt>
2858
2859             <dd>
2860               <p>Change the forwarding settings based on User-Agent or
2861               request origin</p>
2862             </dd>
2863
2864             <dt>Effect:</dt>
2865
2866             <dd>
2867               <p>Overrules the forward directives in the configuration
2868               file.</p>
2869             </dd>
2870
2871             <dt>Type:</dt>
2872
2873             <dd>
2874               <p>Parameterized.</p>
2875             </dd>
2876
2877             <dt>Parameter:</dt>
2878
2879             <dd>
2880               <ul>
2881                 <li>
2882                   <p><span class="QUOTE">"forward ."</span> to use a direct
2883                   connection without any additional proxies.</p>
2884                 </li>
2885
2886                 <li>
2887                   <p><span class="QUOTE">"forward 127.0.0.1:8123"</span> to
2888                   use the HTTP proxy listening at 127.0.0.1 port 8123.</p>
2889                 </li>
2890
2891                 <li>
2892                   <p><span class="QUOTE">"forward-socks4a 127.0.0.1:9050
2893                   ."</span> to use the socks4a proxy listening at 127.0.0.1
2894                   port 9050. Replace <span class=
2895                   "QUOTE">"forward-socks4a"</span> with <span class=
2896                   "QUOTE">"forward-socks4"</span> to use a socks4 connection
2897                   (with local DNS resolution) instead, use <span class=
2898                   "QUOTE">"forward-socks5"</span> for socks5 connections
2899                   (with remote DNS resolution).</p>
2900                 </li>
2901
2902                 <li>
2903                   <p><span class="QUOTE">"forward-socks4a 127.0.0.1:9050
2904                   proxy.example.org:8000"</span> to use the socks4a proxy
2905                   listening at 127.0.0.1 port 9050 to reach the HTTP proxy
2906                   listening at proxy.example.org port 8000. Replace
2907                   <span class="QUOTE">"forward-socks4a"</span> with
2908                   <span class="QUOTE">"forward-socks4"</span> to use a socks4
2909                   connection (with local DNS resolution) instead, use
2910                   <span class="QUOTE">"forward-socks5"</span> for socks5
2911                   connections (with remote DNS resolution).</p>
2912                 </li>
2913
2914                 <li>
2915                   <p><span class="QUOTE">"forward-webserver
2916                   127.0.0.1:80"</span> to use the HTTP server listening at
2917                   127.0.0.1 port 80 without adjusting the request
2918                   headers.</p>
2919
2920                   <p>This makes it more convenient to use Privoxy to make
2921                   existing websites available as onion services as well.</p>
2922
2923                   <p>Many websites serve content with hardcoded URLs and
2924                   can't be easily adjusted to change the domain based on the
2925                   one used by the client.</p>
2926
2927                   <p>Putting Privoxy between Tor and the webserver (or an
2928                   stunnel that forwards to the webserver) allows to rewrite
2929                   headers and content to make client and server happy at the
2930                   same time.</p>
2931
2932                   <p>Using Privoxy for webservers that are only reachable
2933                   through onion addresses and whose location is supposed to
2934                   be secret is not recommended and should not be necessary
2935                   anyway.</p>
2936                 </li>
2937               </ul>
2938             </dd>
2939
2940             <dt>Notes:</dt>
2941
2942             <dd>
2943               <p>This action takes parameters similar to the <a href=
2944               "config.html#FORWARDING">forward</a> directives in the
2945               configuration file, but without the URL pattern. It can be used
2946               as replacement, but normally it's only used in cases where
2947               matching based on the request URL isn't sufficient.</p>
2948
2949               <div class="WARNING">
2950                 <table class="WARNING" border="1" width="90%">
2951                   <tr>
2952                     <td align="center"><b>Warning</b></td>
2953                   </tr>
2954
2955                   <tr>
2956                     <td align="left">
2957                       <p>Please read the description for the <a href=
2958                       "config.html#FORWARDING">forward</a> directives before
2959                       using this action. Forwarding to the wrong people will
2960                       reduce your privacy and increase the chances of
2961                       man-in-the-middle attacks.</p>
2962
2963                       <p>If the ports are missing or invalid, default values
2964                       will be used. This might change in the future and you
2965                       shouldn't rely on it. Otherwise incorrect syntax causes
2966                       Privoxy to exit. Due to design limitations, invalid
2967                       parameter syntax isn't detected until the action is
2968                       used the first time.</p>
2969
2970                       <p>Use the <a href=
2971                       "http://config.privoxy.org/show-url-info" target=
2972                       "_top">show-url-info CGI page</a> to verify that your
2973                       forward settings do what you thought the do.</p>
2974                     </td>
2975                   </tr>
2976                 </table>
2977               </div>
2978             </dd>
2979
2980             <dt>Example usage:</dt>
2981
2982             <dd>
2983               <table border="0" bgcolor="#E0E0E0" width="90%">
2984                 <tr>
2985                   <td>
2986                     <pre class="SCREEN">
2987 # Use an ssh tunnel for requests previously tagged as
2988 # <span class="QUOTE">"User-Agent: fetch libfetch/2.0"</span> and make sure
2989 # resuming downloads continues to work.
2990 #
2991 # This way you can continue to use Tor for your normal browsing,
2992 # without overloading the Tor network with your FreeBSD ports updates
2993 # or downloads of bigger files like ISOs.
2994 #
2995 # Note that HTTP headers are easy to fake and therefore their
2996 # values are as (un)trustworthy as your clients and users.
2997 {+forward-override{forward-socks5 10.0.0.2:2222 .} \
2998  -hide-if-modified-since      \
2999  -overwrite-last-modified     \
3000 }
3001 TAG:^User-Agent: fetch libfetch/2\.0$
3002
3003 </pre>
3004                   </td>
3005                 </tr>
3006               </table>
3007             </dd>
3008           </dl>
3009         </div>
3010       </div>
3011
3012       <div class="SECT3">
3013         <h4 class="SECT3"><a name="HANDLE-AS-EMPTY-DOCUMENT" id=
3014         "HANDLE-AS-EMPTY-DOCUMENT">8.5.19. handle-as-empty-document</a></h4>
3015
3016         <div class="VARIABLELIST">
3017           <dl>
3018             <dt>Typical use:</dt>
3019
3020             <dd>
3021               <p>Mark URLs that should be replaced by empty documents
3022               <span class="emphasis"><i class="EMPHASIS">if they get
3023               blocked</i></span></p>
3024             </dd>
3025
3026             <dt>Effect:</dt>
3027
3028             <dd>
3029               <p>This action alone doesn't do anything noticeable. It just
3030               marks URLs. If the <tt class="LITERAL"><a href=
3031               "actions-file.html#BLOCK">block</a></tt> action <span class=
3032               "emphasis"><i class="EMPHASIS">also applies</i></span>, the
3033               presence or absence of this mark decides whether an HTML
3034               <span class="QUOTE">"BLOCKED"</span> page, or an empty document
3035               will be sent to the client as a substitute for the blocked
3036               content. The <span class="emphasis"><i class=
3037               "EMPHASIS">empty</i></span> document isn't literally empty, but
3038               actually contains a single space.</p>
3039             </dd>
3040
3041             <dt>Type:</dt>
3042
3043             <dd>
3044               <p>Boolean.</p>
3045             </dd>
3046
3047             <dt>Parameter:</dt>
3048
3049             <dd>
3050               <p>N/A</p>
3051             </dd>
3052
3053             <dt>Notes:</dt>
3054
3055             <dd>
3056               <p>Some browsers complain about syntax errors if JavaScript
3057               documents are blocked with <span class=
3058               "APPLICATION">Privoxy's</span> default HTML page; this option
3059               can be used to silence them. And of course this action can also
3060               be used to eliminate the <span class=
3061               "APPLICATION">Privoxy</span> BLOCKED message in frames.</p>
3062
3063               <p>The content type for the empty document can be specified
3064               with <tt class="LITERAL"><a href=
3065               "actions-file.html#CONTENT-TYPE-OVERWRITE">content-type-overwrite{}</a></tt>,
3066               but usually this isn't necessary.</p>
3067             </dd>
3068
3069             <dt>Example usage:</dt>
3070
3071             <dd>
3072               <table border="0" bgcolor="#E0E0E0" width="90%">
3073                 <tr>
3074                   <td>
3075                     <pre class="SCREEN">
3076 # Block all documents on example.org that end with ".js",
3077 # but send an empty document instead of the usual HTML message.
3078 {+block{Blocked JavaScript} +handle-as-empty-document}
3079 example.org/.*\.js$
3080
3081 </pre>
3082                   </td>
3083                 </tr>
3084               </table>
3085             </dd>
3086           </dl>
3087         </div>
3088       </div>
3089
3090       <div class="SECT3">
3091         <h4 class="SECT3"><a name="HANDLE-AS-IMAGE" id=
3092         "HANDLE-AS-IMAGE">8.5.20. handle-as-image</a></h4>
3093
3094         <div class="VARIABLELIST">
3095           <dl>
3096             <dt>Typical use:</dt>
3097
3098             <dd>
3099               <p>Mark URLs as belonging to images (so they'll be replaced by
3100               images <span class="emphasis"><i class="EMPHASIS">if they do
3101               get blocked</i></span>, rather than HTML pages)</p>
3102             </dd>
3103
3104             <dt>Effect:</dt>
3105
3106             <dd>
3107               <p>This action alone doesn't do anything noticeable. It just
3108               marks URLs as images. If the <tt class="LITERAL"><a href=
3109               "actions-file.html#BLOCK">block</a></tt> action <span class=
3110               "emphasis"><i class="EMPHASIS">also applies</i></span>, the
3111               presence or absence of this mark decides whether an HTML
3112               <span class="QUOTE">"blocked"</span> page, or a replacement
3113               image (as determined by the <tt class="LITERAL"><a href=
3114               "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a></tt>
3115               action) will be sent to the client as a substitute for the
3116               blocked content.</p>
3117             </dd>
3118
3119             <dt>Type:</dt>
3120
3121             <dd>
3122               <p>Boolean.</p>
3123             </dd>
3124
3125             <dt>Parameter:</dt>
3126
3127             <dd>
3128               <p>N/A</p>
3129             </dd>
3130
3131             <dt>Notes:</dt>
3132
3133             <dd>
3134               <p>The below generic example section is actually part of
3135               <tt class="FILENAME">default.action</tt>. It marks all URLs
3136               with well-known image file name extensions as images and should
3137               be left intact.</p>
3138
3139               <p>Users will probably only want to use the handle-as-image
3140               action in conjunction with <tt class="LITERAL"><a href=
3141               "actions-file.html#BLOCK">block</a></tt>, to block sources of
3142               banners, whose URLs don't reflect the file type, like in the
3143               second example section.</p>
3144
3145               <p>Note that you cannot treat HTML pages as images in most
3146               cases. For instance, (in-line) ad frames require an HTML page
3147               to be sent, or they won't display properly. Forcing <tt class=
3148               "LITERAL">handle-as-image</tt> in this situation will not
3149               replace the ad frame with an image, but lead to error
3150               messages.</p>
3151             </dd>
3152
3153             <dt>Example usage (sections):</dt>
3154
3155             <dd>
3156               <table border="0" bgcolor="#E0E0E0" width="90%">
3157                 <tr>
3158                   <td>
3159                     <pre class="SCREEN">
3160 # Generic image extensions:
3161 #
3162 {+handle-as-image}
3163 /.*\.(gif|jpg|jpeg|png|bmp|ico)$
3164
3165 # These don't look like images, but they're banners and should be
3166 # blocked as images:
3167 #
3168 {+block{Nasty banners.} +handle-as-image}
3169 nasty-banner-server.example.com/junk.cgi\?output=trash
3170 </pre>
3171                   </td>
3172                 </tr>
3173               </table>
3174             </dd>
3175           </dl>
3176         </div>
3177       </div>
3178
3179       <div class="SECT3">
3180         <h4 class="SECT3"><a name="HIDE-ACCEPT-LANGUAGE" id=
3181         "HIDE-ACCEPT-LANGUAGE">8.5.21. hide-accept-language</a></h4>
3182
3183         <div class="VARIABLELIST">
3184           <dl>
3185             <dt>Typical use:</dt>
3186
3187             <dd>
3188               <p>Pretend to use different language settings.</p>
3189             </dd>
3190
3191             <dt>Effect:</dt>
3192
3193             <dd>
3194               <p>Deletes or replaces the <span class=
3195               "QUOTE">"Accept-Language:"</span> HTTP header in client
3196               requests.</p>
3197             </dd>
3198
3199             <dt>Type:</dt>
3200
3201             <dd>
3202               <p>Parameterized.</p>
3203             </dd>
3204
3205             <dt>Parameter:</dt>
3206
3207             <dd>
3208               <p>Keyword: <span class="QUOTE">"block"</span>, or any user
3209               defined value.</p>
3210             </dd>
3211
3212             <dt>Notes:</dt>
3213
3214             <dd>
3215               <p>Faking the browser's language settings can be useful to make
3216               a foreign User-Agent set with <tt class="LITERAL"><a href=
3217               "actions-file.html#HIDE-USER-AGENT">hide-user-agent</a></tt>
3218               more believable.</p>
3219
3220               <p>However some sites with content in different languages check
3221               the <span class="QUOTE">"Accept-Language:"</span> to decide
3222               which one to take by default. Sometimes it isn't possible to
3223               later switch to another language without changing the
3224               <span class="QUOTE">"Accept-Language:"</span> header first.</p>
3225
3226               <p>Therefore it's a good idea to either only change the
3227               <span class="QUOTE">"Accept-Language:"</span> header to
3228               languages you understand, or to languages that aren't wide
3229               spread.</p>
3230
3231               <p>Before setting the <span class=
3232               "QUOTE">"Accept-Language:"</span> header to a rare language,
3233               you should consider that it helps to make your requests unique
3234               and thus easier to trace. If you don't plan to change this
3235               header frequently, you should stick to a common language.</p>
3236             </dd>
3237
3238             <dt>Example usage (section):</dt>
3239
3240             <dd>
3241               <table border="0" bgcolor="#E0E0E0" width="90%">
3242                 <tr>
3243                   <td>
3244                     <pre class="SCREEN">
3245 # Pretend to use Canadian language settings.
3246 {+hide-accept-language{en-ca} \
3247 +hide-user-agent{Mozilla/5.0 (X11; U; OpenBSD i386; en-CA; rv:1.8.0.4) Gecko/20060628 Firefox/1.5.0.4} \
3248 }
3249 /
3250 </pre>
3251                   </td>
3252                 </tr>
3253               </table>
3254             </dd>
3255           </dl>
3256         </div>
3257       </div>
3258
3259       <div class="SECT3">
3260         <h4 class="SECT3"><a name="HIDE-CONTENT-DISPOSITION" id=
3261         "HIDE-CONTENT-DISPOSITION">8.5.22. hide-content-disposition</a></h4>
3262
3263         <div class="VARIABLELIST">
3264           <dl>
3265             <dt>Typical use:</dt>
3266
3267             <dd>
3268               <p>Prevent download menus for content you prefer to view inside
3269               the browser.</p>
3270             </dd>
3271
3272             <dt>Effect:</dt>
3273
3274             <dd>
3275               <p>Deletes or replaces the <span class=
3276               "QUOTE">"Content-Disposition:"</span> HTTP header set by some
3277               servers.</p>
3278             </dd>
3279
3280             <dt>Type:</dt>
3281
3282             <dd>
3283               <p>Parameterized.</p>
3284             </dd>
3285
3286             <dt>Parameter:</dt>
3287
3288             <dd>
3289               <p>Keyword: <span class="QUOTE">"block"</span>, or any user
3290               defined value.</p>
3291             </dd>
3292
3293             <dt>Notes:</dt>
3294
3295             <dd>
3296               <p>Some servers set the <span class=
3297               "QUOTE">"Content-Disposition:"</span> HTTP header for documents
3298               they assume you want to save locally before viewing them. The
3299               <span class="QUOTE">"Content-Disposition:"</span> header
3300               contains the file name the browser is supposed to use by
3301               default.</p>
3302
3303               <p>In most browsers that understand this header, it makes it
3304               impossible to <span class="emphasis"><i class="EMPHASIS">just
3305               view</i></span> the document, without downloading it first,
3306               even if it's just a simple text file or an image.</p>
3307
3308               <p>Removing the <span class=
3309               "QUOTE">"Content-Disposition:"</span> header helps to prevent
3310               this annoyance, but some browsers additionally check the
3311               <span class="QUOTE">"Content-Type:"</span> header, before they
3312               decide if they can display a document without saving it first.
3313               In these cases, you have to change this header as well, before
3314               the browser stops displaying download menus.</p>
3315
3316               <p>It is also possible to change the server's file name
3317               suggestion to another one, but in most cases it isn't worth the
3318               time to set it up.</p>
3319
3320               <p>This action will probably be removed in the future, use
3321               server-header filters instead.</p>
3322             </dd>
3323
3324             <dt>Example usage:</dt>
3325
3326             <dd>
3327               <table border="0" bgcolor="#E0E0E0" width="90%">
3328                 <tr>
3329                   <td>
3330                     <pre class="SCREEN">
3331 # Disarm the download link in Sourceforge's patch tracker
3332 { -filter \
3333  +content-type-overwrite{text/plain}\
3334  +hide-content-disposition{block} }
3335  .sourceforge.net/tracker/download\.php
3336 </pre>
3337                   </td>
3338                 </tr>
3339               </table>
3340             </dd>
3341           </dl>
3342         </div>
3343       </div>
3344
3345       <div class="SECT3">
3346         <h4 class="SECT3"><a name="HIDE-IF-MODIFIED-SINCE" id=
3347         "HIDE-IF-MODIFIED-SINCE">8.5.23. hide-if-modified-since</a></h4>
3348
3349         <div class="VARIABLELIST">
3350           <dl>
3351             <dt>Typical use:</dt>
3352
3353             <dd>
3354               <p>Prevent yet another way to track the user's steps between
3355               sessions.</p>
3356             </dd>
3357
3358             <dt>Effect:</dt>
3359
3360             <dd>
3361               <p>Deletes the <span class="QUOTE">"If-Modified-Since:"</span>
3362               HTTP client header or modifies its value.</p>
3363             </dd>
3364
3365             <dt>Type:</dt>
3366
3367             <dd>
3368               <p>Parameterized.</p>
3369             </dd>
3370
3371             <dt>Parameter:</dt>
3372
3373             <dd>
3374               <p>Keyword: <span class="QUOTE">"block"</span>, or a user
3375               defined value that specifies a range of hours.</p>
3376             </dd>
3377
3378             <dt>Notes:</dt>
3379
3380             <dd>
3381               <p>Removing this header is useful for filter testing, where you
3382               want to force a real reload instead of getting status code
3383               <span class="QUOTE">"304"</span>, which would cause the browser
3384               to use a cached copy of the page.</p>
3385
3386               <p>Instead of removing the header, <tt class=
3387               "LITERAL">hide-if-modified-since</tt> can also add or subtract
3388               a random amount of time to/from the header's value. You specify
3389               a range of minutes where the random factor should be chosen
3390               from and <span class="APPLICATION">Privoxy</span> does the
3391               rest. A negative value means subtracting, a positive value
3392               adding.</p>
3393
3394               <p>Randomizing the value of the <span class=
3395               "QUOTE">"If-Modified-Since:"</span> makes it less likely that
3396               the server can use the time as a cookie replacement, but you
3397               will run into caching problems if the random range is too
3398               high.</p>
3399
3400               <p>It is a good idea to only use a small negative value and let
3401               <tt class="LITERAL"><a href=
3402               "actions-file.html#OVERWRITE-LAST-MODIFIED">overwrite-last-modified</a></tt>
3403               handle the greater changes.</p>
3404
3405               <p>It is also recommended to use this action together with
3406               <tt class="LITERAL"><a href=
3407               "actions-file.html#CRUNCH-IF-NONE-MATCH">crunch-if-none-match</a></tt>,
3408               otherwise it's more or less pointless.</p>
3409             </dd>
3410
3411             <dt>Example usage (section):</dt>
3412
3413             <dd>
3414               <table border="0" bgcolor="#E0E0E0" width="90%">
3415                 <tr>
3416                   <td>
3417                     <pre class="SCREEN">
3418 # Let the browser revalidate but make tracking based on the time less likely.
3419 {+hide-if-modified-since{-60} \
3420  +overwrite-last-modified{randomize} \
3421  +crunch-if-none-match}
3422 /
3423 </pre>
3424                   </td>
3425                 </tr>
3426               </table>
3427             </dd>
3428           </dl>
3429         </div>
3430       </div>
3431
3432       <div class="SECT3">
3433         <h4 class="SECT3"><a name="HIDE-FROM-HEADER" id=
3434         "HIDE-FROM-HEADER">8.5.24. hide-from-header</a></h4>
3435
3436         <div class="VARIABLELIST">
3437           <dl>
3438             <dt>Typical use:</dt>
3439
3440             <dd>
3441               <p>Keep your (old and ill) browser from telling web servers
3442               your email address</p>
3443             </dd>
3444
3445             <dt>Effect:</dt>
3446
3447             <dd>
3448               <p>Deletes any existing <span class="QUOTE">"From:"</span> HTTP
3449               header, or replaces it with the specified string.</p>
3450             </dd>
3451
3452             <dt>Type:</dt>
3453
3454             <dd>
3455               <p>Parameterized.</p>
3456             </dd>
3457
3458             <dt>Parameter:</dt>
3459
3460             <dd>
3461               <p>Keyword: <span class="QUOTE">"block"</span>, or any user
3462               defined value.</p>
3463             </dd>
3464
3465             <dt>Notes:</dt>
3466
3467             <dd>
3468               <p>The keyword <span class="QUOTE">"block"</span> will
3469               completely remove the header (not to be confused with the
3470               <tt class="LITERAL"><a href=
3471               "actions-file.html#BLOCK">block</a></tt> action).</p>
3472
3473               <p>Alternately, you can specify any value you prefer to be sent
3474               to the web server. If you do, it is a matter of fairness not to
3475               use any address that is actually used by a real person.</p>
3476
3477               <p>This action is rarely needed, as modern web browsers don't
3478               send <span class="QUOTE">"From:"</span> headers anymore.</p>
3479             </dd>
3480
3481             <dt>Example usage:</dt>
3482
3483             <dd>
3484               <table border="0" bgcolor="#E0E0E0" width="90%">
3485                 <tr>
3486                   <td>
3487                     <pre class="SCREEN">
3488 +hide-from-header{block}
3489 </pre>
3490                   </td>
3491                 </tr>
3492               </table>or
3493
3494               <table border="0" bgcolor="#E0E0E0" width="90%">
3495                 <tr>
3496                   <td>
3497                     <pre class="SCREEN">
3498 +hide-from-header{spam-me-senseless@sittingduck.example.com}
3499 </pre>
3500                   </td>
3501                 </tr>
3502               </table>
3503             </dd>
3504           </dl>
3505         </div>
3506       </div>
3507
3508       <div class="SECT3">
3509         <h4 class="SECT3"><a name="HIDE-REFERRER" id="HIDE-REFERRER">8.5.25.
3510         hide-referrer</a></h4><a name="HIDE-REFERER" id="HIDE-REFERER"></a>
3511
3512         <div class="VARIABLELIST">
3513           <dl>
3514             <dt>Typical use:</dt>
3515
3516             <dd>
3517               <p>Conceal which link you followed to get to a particular
3518               site</p>
3519             </dd>
3520
3521             <dt>Effect:</dt>
3522
3523             <dd>
3524               <p>Deletes the <span class="QUOTE">"Referer:"</span> (sic) HTTP
3525               header from the client request, or replaces it with a forged
3526               one.</p>
3527             </dd>
3528
3529             <dt>Type:</dt>
3530
3531             <dd>
3532               <p>Parameterized.</p>
3533             </dd>
3534
3535             <dt>Parameter:</dt>
3536
3537             <dd>
3538               <ul>
3539                 <li>
3540                   <p><span class="QUOTE">"conditional-block"</span> to delete
3541                   the header completely if the host has changed.</p>
3542                 </li>
3543
3544                 <li>
3545                   <p><span class="QUOTE">"conditional-forge"</span> to forge
3546                   the header if the host has changed.</p>
3547                 </li>
3548
3549                 <li>
3550                   <p><span class="QUOTE">"block"</span> to delete the header
3551                   unconditionally.</p>
3552                 </li>
3553
3554                 <li>
3555                   <p><span class="QUOTE">"forge"</span> to pretend to be
3556                   coming from the homepage of the server we are talking
3557                   to.</p>
3558                 </li>
3559
3560                 <li>
3561                   <p>Any other string to set a user defined referrer.</p>
3562                 </li>
3563               </ul>
3564             </dd>
3565
3566             <dt>Notes:</dt>
3567
3568             <dd>
3569               <p><tt class="LITERAL">conditional-block</tt> is the only
3570               parameter, that isn't easily detected in the server's log file.
3571               If it blocks the referrer, the request will look like the
3572               visitor used a bookmark or typed in the address directly.</p>
3573
3574               <p>Leaving the referrer unmodified for requests on the same
3575               host allows the server owner to see the visitor's <span class=
3576               "QUOTE">"click path"</span>, but in most cases she could also
3577               get that information by comparing other parts of the log file:
3578               for example the User-Agent if it isn't a very common one, or
3579               the user's IP address if it doesn't change between different
3580               requests.</p>
3581
3582               <p>Always blocking the referrer, or using a custom one, can
3583               lead to failures on servers that check the referrer before they
3584               answer any requests, in an attempt to prevent their content
3585               from being embedded or linked to elsewhere.</p>
3586
3587               <p>Both <tt class="LITERAL">conditional-block</tt> and
3588               <tt class="LITERAL">forge</tt> will work with referrer checks,
3589               as long as content and valid referring page are on the same
3590               host. Most of the time that's the case.</p>
3591
3592               <p><tt class="LITERAL">hide-referer</tt> is an alternate
3593               spelling of <tt class="LITERAL">hide-referrer</tt> and the two
3594               can be can be freely substituted with each other. (<span class=
3595               "QUOTE">"referrer"</span> is the correct English spelling,
3596               however the HTTP specification has a bug - it requires it to be
3597               spelled as <span class="QUOTE">"referer"</span>.)</p>
3598             </dd>
3599
3600             <dt>Example usage:</dt>
3601
3602             <dd>
3603               <table border="0" bgcolor="#E0E0E0" width="90%">
3604                 <tr>
3605                   <td>
3606                     <pre class="SCREEN">
3607 +hide-referrer{forge}
3608 </pre>
3609                   </td>
3610                 </tr>
3611               </table>or
3612
3613               <table border="0" bgcolor="#E0E0E0" width="90%">
3614                 <tr>
3615                   <td>
3616                     <pre class="SCREEN">
3617 +hide-referrer{http://www.yahoo.com/}
3618 </pre>
3619                   </td>
3620                 </tr>
3621               </table>
3622             </dd>
3623           </dl>
3624         </div>
3625       </div>
3626
3627       <div class="SECT3">
3628         <h4 class="SECT3"><a name="HIDE-USER-AGENT" id=
3629         "HIDE-USER-AGENT">8.5.26. hide-user-agent</a></h4>
3630
3631         <div class="VARIABLELIST">
3632           <dl>
3633             <dt>Typical use:</dt>
3634
3635             <dd>
3636               <p>Try to conceal your type of browser and client operating
3637               system</p>
3638             </dd>
3639
3640             <dt>Effect:</dt>
3641
3642             <dd>
3643               <p>Replaces the value of the <span class=
3644               "QUOTE">"User-Agent:"</span> HTTP header in client requests
3645               with the specified value.</p>
3646             </dd>
3647
3648             <dt>Type:</dt>
3649
3650             <dd>
3651               <p>Parameterized.</p>
3652             </dd>
3653
3654             <dt>Parameter:</dt>
3655
3656             <dd>
3657               <p>Any user-defined string.</p>
3658             </dd>
3659
3660             <dt>Notes:</dt>
3661
3662             <dd>
3663               <div class="WARNING">
3664                 <table class="WARNING" border="1" width="90%">
3665                   <tr>
3666                     <td align="center"><b>Warning</b></td>
3667                   </tr>
3668
3669                   <tr>
3670                     <td align="left">
3671                       <p>This can lead to problems on web sites that depend
3672                       on looking at this header in order to customize their
3673                       content for different browsers (which, by the way, is
3674                       <span class="emphasis"><i class=
3675                       "EMPHASIS">NOT</i></span> the right thing to do: good
3676                       web sites work browser-independently).</p>
3677                     </td>
3678                   </tr>
3679                 </table>
3680               </div>
3681
3682               <p>Using this action in multi-user setups or wherever different
3683               types of browsers will access the same <span class=
3684               "APPLICATION">Privoxy</span> is <span class=
3685               "emphasis"><i class="EMPHASIS">not recommended</i></span>. In
3686               single-user, single-browser setups, you might use it to delete
3687               your OS version information from the headers, because it is an
3688               invitation to exploit known bugs for your OS. It is also
3689               occasionally useful to forge this in order to access sites that
3690               won't let you in otherwise (though there may be a good reason
3691               in some cases).</p>
3692
3693               <p>More information on known user-agent strings can be found at
3694               <a href="http://www.user-agents.org/" target=
3695               "_top">http://www.user-agents.org/</a> and <a href=
3696               "http://en.wikipedia.org/wiki/User_agent" target=
3697               "_top">http://en.wikipedia.org/wiki/User_agent</a>.</p>
3698             </dd>
3699
3700             <dt>Example usage:</dt>
3701
3702             <dd>
3703               <table border="0" bgcolor="#E0E0E0" width="90%">
3704                 <tr>
3705                   <td>
3706                     <pre class="SCREEN">
3707 +hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}
3708 </pre>
3709                   </td>
3710                 </tr>
3711               </table>
3712             </dd>
3713           </dl>
3714         </div>
3715       </div>
3716
3717       <div class="SECT3">
3718         <h4 class="SECT3"><a name="LIMIT-CONNECT" id="LIMIT-CONNECT">8.5.27.
3719         limit-connect</a></h4>
3720
3721         <div class="VARIABLELIST">
3722           <dl>
3723             <dt>Typical use:</dt>
3724
3725             <dd>
3726               <p>Prevent abuse of <span class="APPLICATION">Privoxy</span> as
3727               a TCP proxy relay or disable SSL for untrusted sites</p>
3728             </dd>
3729
3730             <dt>Effect:</dt>
3731
3732             <dd>
3733               <p>Specifies to which ports HTTP CONNECT requests are
3734               allowable.</p>
3735             </dd>
3736
3737             <dt>Type:</dt>
3738
3739             <dd>
3740               <p>Parameterized.</p>
3741             </dd>
3742
3743             <dt>Parameter:</dt>
3744
3745             <dd>
3746               <p>A comma-separated list of ports or port ranges (the latter
3747               using dashes, with the minimum defaulting to 0 and the maximum
3748               to 65K).</p>
3749             </dd>
3750
3751             <dt>Notes:</dt>
3752
3753             <dd>
3754               <p>By default, i.e. if no <tt class=
3755               "LITERAL">limit-connect</tt> action applies, <span class=
3756               "APPLICATION">Privoxy</span> allows HTTP CONNECT requests to
3757               all ports. Use <tt class="LITERAL">limit-connect</tt> if
3758               fine-grained control is desired for some or all
3759               destinations.</p>
3760
3761               <p>The CONNECT methods exists in HTTP to allow access to secure
3762               websites (<span class="QUOTE">"https://"</span> URLs) through
3763               proxies. It works very simply: the proxy connects to the server
3764               on the specified port, and then short-circuits its connections
3765               to the client and to the remote server. This means
3766               CONNECT-enabled proxies can be used as TCP relays very
3767               easily.</p>
3768
3769               <p><span class="APPLICATION">Privoxy</span> relays HTTPS
3770               traffic without seeing the decoded content. Websites can
3771               leverage this limitation to circumvent <span class=
3772               "APPLICATION">Privoxy</span>'s filters. By specifying an
3773               invalid port range you can disable HTTPS entirely.</p>
3774             </dd>
3775
3776             <dt>Example usages:</dt>
3777
3778             <dd>
3779               <table border="0" bgcolor="#E0E0E0" width="90%">
3780                 <tr>
3781                   <td>
3782                     <pre class="SCREEN">
3783 +limit-connect{443}                   # Port 443 is OK.
3784 +limit-connect{80,443}                # Ports 80 and 443 are OK.
3785 +limit-connect{-3, 7, 20-100, 500-}   # Ports less than 3, 7, 20 to 100 and above 500 are OK.
3786 +limit-connect{-}                     # All ports are OK
3787 +limit-connect{,}                     # No HTTPS/SSL traffic is allowed
3788 </pre>
3789                   </td>
3790                 </tr>
3791               </table>
3792             </dd>
3793           </dl>
3794         </div>
3795       </div>
3796
3797       <div class="SECT3">
3798         <h4 class="SECT3"><a name="LIMIT-COOKIE-LIFETIME" id=
3799         "LIMIT-COOKIE-LIFETIME">8.5.28. limit-cookie-lifetime</a></h4>
3800
3801         <div class="VARIABLELIST">
3802           <dl>
3803             <dt>Typical use:</dt>
3804
3805             <dd>
3806               <p>Limit the lifetime of HTTP cookies to a couple of minutes or
3807               hours.</p>
3808             </dd>
3809
3810             <dt>Effect:</dt>
3811
3812             <dd>
3813               <p>Overwrites the expires field in Set-Cookie server headers if
3814               it's above the specified limit.</p>
3815             </dd>
3816
3817             <dt>Type:</dt>
3818
3819             <dd>
3820               <p>Parameterized.</p>
3821             </dd>
3822
3823             <dt>Parameter:</dt>
3824
3825             <dd>
3826               <p>The lifetime limit in minutes, or 0.</p>
3827             </dd>
3828
3829             <dt>Notes:</dt>
3830
3831             <dd>
3832               <p>This action reduces the lifetime of HTTP cookies coming from
3833               the server to the specified number of minutes, starting from
3834               the time the cookie passes Privoxy.</p>
3835
3836               <p>Cookies with a lifetime below the limit are not modified.
3837               The lifetime of session cookies is set to the specified
3838               limit.</p>
3839
3840               <p>The effect of this action depends on the server.</p>
3841
3842               <p>In case of servers which refresh their cookies with each
3843               response (or at least frequently), the lifetime limit set by
3844               this action is updated as well. Thus, a session associated with
3845               the cookie continues to work with this action enabled, as long
3846               as a new request is made before the last limit set is
3847               reached.</p>
3848
3849               <p>However, some servers send their cookies once, with a
3850               lifetime of several years (the year 2037 is a popular choice),
3851               and do not refresh them until a certain event in the future,
3852               for example the user logging out. In this case this action may
3853               limit the absolute lifetime of the session, even if requests
3854               are made frequently.</p>
3855
3856               <p>If the parameter is <span class="QUOTE">"0"</span>, this
3857               action behaves like <tt class="LITERAL"><a href=
3858               "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a></tt>.</p>
3859             </dd>
3860
3861             <dt>Example usages:</dt>
3862
3863             <dd>
3864               <table border="0" bgcolor="#E0E0E0" width="90%">
3865                 <tr>
3866                   <td>
3867                     <pre class="SCREEN">
3868 +limit-cookie-lifetime{60}
3869
3870 </pre>
3871                   </td>
3872                 </tr>
3873               </table>
3874             </dd>
3875           </dl>
3876         </div>
3877       </div>
3878
3879       <div class="SECT3">
3880         <h4 class="SECT3"><a name="PREVENT-COMPRESSION" id=
3881         "PREVENT-COMPRESSION">8.5.29. prevent-compression</a></h4>
3882
3883         <div class="VARIABLELIST">
3884           <dl>
3885             <dt>Typical use:</dt>
3886
3887             <dd>
3888               <p>Ensure that servers send the content uncompressed, so it can
3889               be passed through <tt class="LITERAL"><a href=
3890               "actions-file.html#FILTER">filter</a></tt>s.</p>
3891             </dd>
3892
3893             <dt>Effect:</dt>
3894
3895             <dd>
3896               <p>Removes the Accept-Encoding header which can be used to ask
3897               for compressed transfer.</p>
3898             </dd>
3899
3900             <dt>Type:</dt>
3901
3902             <dd>
3903               <p>Boolean.</p>
3904             </dd>
3905
3906             <dt>Parameter:</dt>
3907
3908             <dd>
3909               <p>N/A</p>
3910             </dd>
3911
3912             <dt>Notes:</dt>
3913
3914             <dd>
3915               <p>More and more websites send their content compressed by
3916               default, which is generally a good idea and saves bandwidth.
3917               But the <tt class="LITERAL"><a href=
3918               "actions-file.html#FILTER">filter</a></tt> and <tt class=
3919               "LITERAL"><a href=
3920               "actions-file.html#DEANIMATE-GIFS">deanimate-gifs</a></tt>
3921               actions need access to the uncompressed data.</p>
3922
3923               <p>When compiled with zlib support (available since
3924               <span class="APPLICATION">Privoxy</span> 3.0.7), content that
3925               should be filtered is decompressed on-the-fly and you don't
3926               have to worry about this action. If you are using an older
3927               <span class="APPLICATION">Privoxy</span> version, or one that
3928               hasn't been compiled with zlib support, this action can be used
3929               to convince the server to send the content uncompressed.</p>
3930
3931               <p>Most text-based instances compress very well, the size is
3932               seldom decreased by less than 50%, for markup-heavy instances
3933               like news feeds saving more than 90% of the original size isn't
3934               unusual.</p>
3935
3936               <p>Not using compression will therefore slow down the transfer,
3937               and you should only enable this action if you really need it.
3938               As of <span class="APPLICATION">Privoxy</span> 3.0.7 it's
3939               disabled in all predefined action settings.</p>
3940
3941               <p>Note that some (rare) ill-configured sites don't handle
3942               requests for uncompressed documents correctly. Broken PHP
3943               applications tend to send an empty document body, some IIS
3944               versions only send the beginning of the content. If you enable
3945               <tt class="LITERAL">prevent-compression</tt> per default, you
3946               might want to add exceptions for those sites. See the example
3947               for how to do that.</p>
3948             </dd>
3949
3950             <dt>Example usage (sections):</dt>
3951
3952             <dd>
3953               <table border="0" bgcolor="#E0E0E0" width="90%">
3954                 <tr>
3955                   <td>
3956                     <pre class="SCREEN">
3957 # Selectively turn off compression, and enable a filter
3958 #
3959 { +filter{tiny-textforms} +prevent-compression }
3960 # Match only these sites
3961  .google.
3962  sourceforge.net
3963  sf.net
3964
3965 # Or instead, we could set a universal default:
3966 #
3967 { +prevent-compression }
3968  / # Match all sites
3969
3970 # Then maybe make exceptions for broken sites:
3971 #
3972 { -prevent-compression }
3973 .compusa.com/
3974 </pre>
3975                   </td>
3976                 </tr>
3977               </table>
3978             </dd>
3979           </dl>
3980         </div>
3981       </div>
3982
3983       <div class="SECT3">
3984         <h4 class="SECT3"><a name="OVERWRITE-LAST-MODIFIED" id=
3985         "OVERWRITE-LAST-MODIFIED">8.5.30. overwrite-last-modified</a></h4>
3986
3987         <div class="VARIABLELIST">
3988           <dl>
3989             <dt>Typical use:</dt>
3990
3991             <dd>
3992               <p>Prevent yet another way to track the user's steps between
3993               sessions.</p>
3994             </dd>
3995
3996             <dt>Effect:</dt>
3997
3998             <dd>
3999               <p>Deletes the <span class="QUOTE">"Last-Modified:"</span> HTTP
4000               server header or modifies its value.</p>
4001             </dd>
4002
4003             <dt>Type:</dt>
4004
4005             <dd>
4006               <p>Parameterized.</p>
4007             </dd>
4008
4009             <dt>Parameter:</dt>
4010
4011             <dd>
4012               <p>One of the keywords: <span class="QUOTE">"block"</span>,
4013               <span class="QUOTE">"reset-to-request-time"</span> and
4014               <span class="QUOTE">"randomize"</span></p>
4015             </dd>
4016
4017             <dt>Notes:</dt>
4018
4019             <dd>
4020               <p>Removing the <span class="QUOTE">"Last-Modified:"</span>
4021               header is useful for filter testing, where you want to force a
4022               real reload instead of getting status code <span class=
4023               "QUOTE">"304"</span>, which would cause the browser to reuse
4024               the old version of the page.</p>
4025
4026               <p>The <span class="QUOTE">"randomize"</span> option overwrites
4027               the value of the <span class="QUOTE">"Last-Modified:"</span>
4028               header with a randomly chosen time between the original value
4029               and the current time. In theory the server could send each
4030               document with a different <span class=
4031               "QUOTE">"Last-Modified:"</span> header to track visits without
4032               using cookies. <span class="QUOTE">"Randomize"</span> makes it
4033               impossible and the browser can still revalidate cached
4034               documents.</p>
4035
4036               <p><span class="QUOTE">"reset-to-request-time"</span>
4037               overwrites the value of the <span class=
4038               "QUOTE">"Last-Modified:"</span> header with the current time.
4039               You could use this option together with <tt class=
4040               "LITERAL"><a href=
4041               "actions-file.html#HIDE-IF-MODIFIED-SINCE">hide-if-modified-since</a></tt>
4042               to further customize your random range.</p>
4043
4044               <p>The preferred parameter here is <span class=
4045               "QUOTE">"randomize"</span>. It is safe to use, as long as the
4046               time settings are more or less correct. If the server sets the
4047               <span class="QUOTE">"Last-Modified:"</span> header to the time
4048               of the request, the random range becomes zero and the value
4049               stays the same. Therefore you should later randomize it a
4050               second time with <tt class="LITERAL"><a href=
4051               "actions-file.html#HIDE-IF-MODIFIED-SINCE">hided-if-modified-since</a></tt>,
4052               just to be sure.</p>
4053
4054               <p>It is also recommended to use this action together with
4055               <tt class="LITERAL"><a href=
4056               "actions-file.html#CRUNCH-IF-NONE-MATCH">crunch-if-none-match</a></tt>.</p>
4057             </dd>
4058
4059             <dt>Example usage:</dt>
4060
4061             <dd>
4062               <table border="0" bgcolor="#E0E0E0" width="90%">
4063                 <tr>
4064                   <td>
4065                     <pre class="SCREEN">
4066 # Let the browser revalidate without being tracked across sessions
4067 { +hide-if-modified-since{-60} \
4068  +overwrite-last-modified{randomize} \
4069  +crunch-if-none-match}
4070 /
4071 </pre>
4072                   </td>
4073                 </tr>
4074               </table>
4075             </dd>
4076           </dl>
4077         </div>
4078       </div>
4079
4080       <div class="SECT3">
4081         <h4 class="SECT3"><a name="REDIRECT" id="REDIRECT">8.5.31.
4082         redirect</a></h4>
4083
4084         <div class="VARIABLELIST">
4085           <dl>
4086             <dt>Typical use:</dt>
4087
4088             <dd>
4089               <p>Redirect requests to other sites.</p>
4090             </dd>
4091
4092             <dt>Effect:</dt>
4093
4094             <dd>
4095               <p>Convinces the browser that the requested document has been
4096               moved to another location and the browser should get it from
4097               there.</p>
4098             </dd>
4099
4100             <dt>Type:</dt>
4101
4102             <dd>
4103               <p>Parameterized</p>
4104             </dd>
4105
4106             <dt>Parameter:</dt>
4107
4108             <dd>
4109               <p>An absolute URL or a single pcrs command.</p>
4110             </dd>
4111
4112             <dt>Notes:</dt>
4113
4114             <dd>
4115               <p>Requests to which this action applies are answered with a
4116               HTTP redirect to URLs of your choosing. The new URL is either
4117               provided as parameter, or derived by applying a single pcrs
4118               command to the original URL.</p>
4119
4120               <p>The syntax for pcrs commands is documented in the <a href=
4121               "filter-file.html">filter file</a> section.</p>
4122
4123               <p>Requests can't be blocked and redirected at the same time,
4124               applying this action together with <tt class="LITERAL"><a href=
4125               "actions-file.html#BLOCK">block</a></tt> is a configuration
4126               error. Currently the request is blocked and an error message
4127               logged, the behavior may change in the future and result in
4128               Privoxy rejecting the action file.</p>
4129
4130               <p>This action can be combined with <tt class=
4131               "LITERAL"><a href="actions-file.html#FAST-REDIRECTS">fast-redirects{check-decoded-url}</a></tt>
4132               to redirect to a decoded version of a rewritten URL.</p>
4133
4134               <p>Use this action carefully, make sure not to create
4135               redirection loops and be aware that using your own redirects
4136               might make it possible to fingerprint your requests.</p>
4137
4138               <p>In case of problems with your redirects, or simply to watch
4139               them working, enable <a href="config.html#DEBUG">debug
4140               128</a>.</p>
4141             </dd>
4142
4143             <dt>Example usages:</dt>
4144
4145             <dd>
4146               <table border="0" bgcolor="#E0E0E0" width="90%">
4147                 <tr>
4148                   <td>
4149                     <pre class="SCREEN">
4150 # Replace example.com's style sheet with another one
4151 { +redirect{http://localhost/css-replacements/example.com.css} }
4152  example.com/stylesheet\.css
4153
4154 # Create a short, easy to remember nickname for a favorite site
4155 # (relies on the browser to accept and forward invalid URLs to <span class=
4156 "APPLICATION">Privoxy</span>)
4157 { +redirect{https://www.privoxy.org/user-manual/actions-file.html} }
4158  a
4159
4160 # Always use the expanded view for Undeadly.org articles
4161 # (Note the $ at the end of the URL pattern to make sure
4162 # the request for the rewritten URL isn't redirected as well)
4163 {+redirect{s@$@&amp;mode=expanded@}}
4164 undeadly.org/cgi\?action=article&amp;sid=\d*$
4165
4166 # Redirect Google search requests to MSN
4167 {+redirect{s@^http://[^/]*/search\?q=([^&amp;]*).*@http://search.msn.com/results.aspx?q=$1@}}
4168 .google.com/search
4169
4170 # Redirect MSN search requests to Yahoo
4171 {+redirect{s@^http://[^/]*/results\.aspx\?q=([^&amp;]*).*@http://search.yahoo.com/search?p=$1@}}
4172 search.msn.com//results\.aspx\?q=
4173
4174 # Redirect http://example.com/&amp;bla=fasel&amp;toChange=foo (and any other value but "bar")
4175 # to       http://example.com/&amp;bla=fasel&amp;toChange=bar
4176 #
4177 # The URL pattern makes sure that the following request isn't redirected again.
4178 {+redirect{s@toChange=[^&amp;]+@toChange=bar@}}
4179 example.com/.*toChange=(?!bar)
4180
4181 # Add a shortcut to look up illumos bugs
4182 {+redirect{s@^http://i([0-9]+)/.*@https://www.illumos.org/issues/$1@}}
4183 # Redirected URL = http://i4974/
4184 # Redirect Destination = https://www.illumos.org/issues/4974
4185 i[0-9][0-9][0-9][0-9]*/
4186
4187 # Redirect remote requests for this manual
4188 # to the local version delivered by Privoxy
4189 {+redirect{s@^http://www@http://config@}}
4190 www.privoxy.org/user-manual/
4191 </pre>
4192                   </td>
4193                 </tr>
4194               </table>
4195             </dd>
4196           </dl>
4197         </div>
4198       </div>
4199
4200       <div class="SECT3">
4201         <h4 class="SECT3"><a name="SERVER-HEADER-FILTER" id=
4202         "SERVER-HEADER-FILTER">8.5.32. server-header-filter</a></h4>
4203
4204         <div class="VARIABLELIST">
4205           <dl>
4206             <dt>Typical use:</dt>
4207
4208             <dd>
4209               <p>Rewrite or remove single server headers.</p>
4210             </dd>
4211
4212             <dt>Effect:</dt>
4213
4214             <dd>
4215               <p>All server headers to which this action applies are filtered
4216               on-the-fly through the specified regular expression based
4217               substitutions.</p>
4218             </dd>
4219
4220             <dt>Type:</dt>
4221
4222             <dd>
4223               <p>Multi-value.</p>
4224             </dd>
4225
4226             <dt>Parameter:</dt>
4227
4228             <dd>
4229               <p>The name of a server-header filter, as defined in one of the
4230               <a href="filter-file.html">filter files</a>.</p>
4231             </dd>
4232
4233             <dt>Notes:</dt>
4234
4235             <dd>
4236               <p>Server-header filters are applied to each header on its own,
4237               not to all at once. This makes it easier to diagnose problems,
4238               but on the downside you can't write filters that only change
4239               header x if header y's value is z. You can do that by using
4240               tags though.</p>
4241
4242               <p>Server-header filters are executed after the other header
4243               actions have finished and use their output as input.</p>
4244
4245               <p>Please refer to the <a href="filter-file.html">filter file
4246               chapter</a> to learn which server-header filters are available
4247               by default, and how to create your own.</p>
4248             </dd>
4249
4250             <dt>Example usage (section):</dt>
4251
4252             <dd>
4253               <table border="0" bgcolor="#E0E0E0" width="90%">
4254                 <tr>
4255                   <td>
4256                     <pre class="SCREEN">
4257 {+server-header-filter{html-to-xml}}
4258 example.org/xml-instance-that-is-delivered-as-html
4259
4260 {+server-header-filter{xml-to-html}}
4261 example.org/instance-that-is-delivered-as-xml-but-is-not
4262
4263 </pre>
4264                   </td>
4265                 </tr>
4266               </table>
4267             </dd>
4268           </dl>
4269         </div>
4270       </div>
4271
4272       <div class="SECT3">
4273         <h4 class="SECT3"><a name="SERVER-HEADER-TAGGER" id=
4274         "SERVER-HEADER-TAGGER">8.5.33. server-header-tagger</a></h4>
4275
4276         <div class="VARIABLELIST">
4277           <dl>
4278             <dt>Typical use:</dt>
4279
4280             <dd>
4281               <p>Enable or disable filters based on the Content-Type
4282               header.</p>
4283             </dd>
4284
4285             <dt>Effect:</dt>
4286
4287             <dd>
4288               <p>Server headers to which this action applies are filtered
4289               on-the-fly through the specified regular expression based
4290               substitutions, the result is used as tag.</p>
4291             </dd>
4292
4293             <dt>Type:</dt>
4294
4295             <dd>
4296               <p>Multi-value.</p>
4297             </dd>
4298
4299             <dt>Parameter:</dt>
4300
4301             <dd>
4302               <p>The name of a server-header tagger, as defined in one of the
4303               <a href="filter-file.html">filter files</a>.</p>
4304             </dd>
4305
4306             <dt>Notes:</dt>
4307
4308             <dd>
4309               <p>Server-header taggers are applied to each header on its own,
4310               and as the header isn't modified, each tagger <span class=
4311               "QUOTE">"sees"</span> the original.</p>
4312
4313               <p>Server-header taggers are executed before all other header
4314               actions that modify server headers. Their tags can be used to
4315               control all of the other server-header actions, the content
4316               filters and the crunch actions (<a href=
4317               "actions-file.html#REDIRECT">redirect</a> and <a href=
4318               "actions-file.html#BLOCK">block</a>).</p>
4319
4320               <p>Obviously crunching based on tags created by server-header
4321               taggers doesn't prevent the request from showing up in the
4322               server's log file.</p>
4323             </dd>
4324
4325             <dt>Example usage (section):</dt>
4326
4327             <dd>
4328               <table border="0" bgcolor="#E0E0E0" width="90%">
4329                 <tr>
4330                   <td>
4331                     <pre class="SCREEN">
4332 # Tag every request with the content type declared by the server
4333 {+server-header-tagger{content-type}}
4334 /
4335
4336 # If the response has a tag starting with 'image/' enable an external
4337 # filter that only applies to images.
4338 #
4339 # Note that the filter is not available by default, it's just a
4340 # <tt class="LITERAL"><a href=
4341 "filter-file.html#EXTERNAL-FILTER-SYNTAX">silly example</a></tt>.
4342 {+external-filter{rotate-image} +force-text-mode}
4343 TAG:^image/
4344
4345 </pre>
4346                   </td>
4347                 </tr>
4348               </table>
4349             </dd>
4350           </dl>
4351         </div>
4352       </div>
4353
4354       <div class="SECT3">
4355         <h4 class="SECT3"><a name="SESSION-COOKIES-ONLY" id=
4356         "SESSION-COOKIES-ONLY">8.5.34. session-cookies-only</a></h4>
4357
4358         <div class="VARIABLELIST">
4359           <dl>
4360             <dt>Typical use:</dt>
4361
4362             <dd>
4363               <p>Allow only temporary <span class="QUOTE">"session"</span>
4364               cookies (for the current browser session <span class=
4365               "emphasis"><i class="EMPHASIS">only</i></span>).</p>
4366             </dd>
4367
4368             <dt>Effect:</dt>
4369
4370             <dd>
4371               <p>Deletes the <span class="QUOTE">"expires"</span> field from
4372               <span class="QUOTE">"Set-Cookie:"</span> server headers. Most
4373               browsers will not store such cookies permanently and forget
4374               them in between sessions.</p>
4375             </dd>
4376
4377             <dt>Type:</dt>
4378
4379             <dd>
4380               <p>Boolean.</p>
4381             </dd>
4382
4383             <dt>Parameter:</dt>
4384
4385             <dd>
4386               <p>N/A</p>
4387             </dd>
4388
4389             <dt>Notes:</dt>
4390
4391             <dd>
4392               <p>This is less strict than <tt class="LITERAL"><a href=
4393               "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a></tt>
4394               / <tt class="LITERAL"><a href=
4395               "actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a></tt>
4396               and allows you to browse websites that insist or rely on
4397               setting cookies, without compromising your privacy too
4398               badly.</p>
4399
4400               <p>Most browsers will not permanently store cookies that have
4401               been processed by <tt class="LITERAL">session-cookies-only</tt>
4402               and will forget about them between sessions. This makes
4403               profiling cookies useless, but won't break sites which require
4404               cookies so that you can log in for transactions. This is
4405               generally turned on for all sites, and is the recommended
4406               setting.</p>
4407
4408               <p>It makes <span class="emphasis"><i class="EMPHASIS">no sense
4409               at all</i></span> to use <tt class=
4410               "LITERAL">session-cookies-only</tt> together with <tt class=
4411               "LITERAL"><a href=
4412               "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a></tt>
4413               or <tt class="LITERAL"><a href=
4414               "actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a></tt>.
4415               If you do, cookies will be plainly killed.</p>
4416
4417               <p>Note that it is up to the browser how it handles such
4418               cookies without an <span class="QUOTE">"expires"</span> field.
4419               If you use an exotic browser, you might want to try it out to
4420               be sure.</p>
4421
4422               <p>This setting also has no effect on cookies that may have
4423               been stored previously by the browser before starting
4424               <span class="APPLICATION">Privoxy</span>. These would have to
4425               be removed manually.</p>
4426
4427               <p><span class="APPLICATION">Privoxy</span> also uses the
4428               <a href=
4429               "actions-file.html#FILTER-CONTENT-COOKIES">content-cookies
4430               filter</a> to block some types of cookies. Content cookies are
4431               not effected by <tt class=
4432               "LITERAL">session-cookies-only</tt>.</p>
4433             </dd>
4434
4435             <dt>Example usage:</dt>
4436
4437             <dd>
4438               <table border="0" bgcolor="#E0E0E0" width="90%">
4439                 <tr>
4440                   <td>
4441                     <pre class="SCREEN">
4442 +session-cookies-only
4443 </pre>
4444                   </td>
4445                 </tr>
4446               </table>
4447             </dd>
4448           </dl>
4449         </div>
4450       </div>
4451
4452       <div class="SECT3">
4453         <h4 class="SECT3"><a name="SET-IMAGE-BLOCKER" id=
4454         "SET-IMAGE-BLOCKER">8.5.35. set-image-blocker</a></h4>
4455
4456         <div class="VARIABLELIST">
4457           <dl>
4458             <dt>Typical use:</dt>
4459
4460             <dd>
4461               <p>Choose the replacement for blocked images</p>
4462             </dd>
4463
4464             <dt>Effect:</dt>
4465
4466             <dd>
4467               <p>This action alone doesn't do anything noticeable. If
4468               <span class="emphasis"><i class="EMPHASIS">both</i></span>
4469               <tt class="LITERAL"><a href=
4470               "actions-file.html#BLOCK">block</a></tt> <span class=
4471               "emphasis"><i class="EMPHASIS">and</i></span> <tt class=
4472               "LITERAL"><a href=
4473               "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt>
4474               <span class="emphasis"><i class="EMPHASIS">also</i></span>
4475               apply, i.e. if the request is to be blocked as an image,
4476               <span class="emphasis"><i class="EMPHASIS">then</i></span> the
4477               parameter of this action decides what will be sent as a
4478               replacement.</p>
4479             </dd>
4480
4481             <dt>Type:</dt>
4482
4483             <dd>
4484               <p>Parameterized.</p>
4485             </dd>
4486
4487             <dt>Parameter:</dt>
4488
4489             <dd>
4490               <ul>
4491                 <li>
4492                   <p><span class="QUOTE">"pattern"</span> to send a built-in
4493                   checkerboard pattern image. The image is visually decent,
4494                   scales very well, and makes it obvious where banners were
4495                   busted.</p>
4496                 </li>
4497
4498                 <li>
4499                   <p><span class="QUOTE">"blank"</span> to send a built-in
4500                   transparent image. This makes banners disappear completely,
4501                   but makes it hard to detect where <span class=
4502                   "APPLICATION">Privoxy</span> has blocked images on a given
4503                   page and complicates troubleshooting if <span class=
4504                   "APPLICATION">Privoxy</span> has blocked innocent images,
4505                   like navigation icons.</p>
4506                 </li>
4507
4508                 <li>
4509                   <p><span class="QUOTE">"<tt class=
4510                   "REPLACEABLE"><i>target-url</i></tt>"</span> to send a
4511                   redirect to <tt class="REPLACEABLE"><i>target-url</i></tt>.
4512                   You can redirect to any image anywhere, even in your local
4513                   filesystem via <span class="QUOTE">"file:///"</span> URL.
4514                   (But note that not all browsers support redirecting to a
4515                   local file system).</p>
4516
4517                   <p>A good application of redirects is to use special
4518                   <span class="APPLICATION">Privoxy</span>-built-in URLs,
4519                   which send the built-in images, as <tt class=
4520                   "REPLACEABLE"><i>target-url</i></tt>. This has the same
4521                   visual effect as specifying <span class=
4522                   "QUOTE">"blank"</span> or <span class=
4523                   "QUOTE">"pattern"</span> in the first place, but enables
4524                   your browser to cache the replacement image, instead of
4525                   requesting it over and over again.</p>
4526                 </li>
4527               </ul>
4528             </dd>
4529
4530             <dt>Notes:</dt>
4531
4532             <dd>
4533               <p>The URLs for the built-in images are <span class=
4534               "QUOTE">"http://config.privoxy.org/send-banner?type=<tt class=
4535               "REPLACEABLE"><i>type</i></tt>"</span>, where <tt class=
4536               "REPLACEABLE"><i>type</i></tt> is either <span class=
4537               "QUOTE">"blank"</span> or <span class=
4538               "QUOTE">"pattern"</span>.</p>
4539
4540               <p>There is a third (advanced) type, called <span class=
4541               "QUOTE">"auto"</span>. It is <span class="emphasis"><i class=
4542               "EMPHASIS">NOT</i></span> to be used in <tt class=
4543               "LITERAL">set-image-blocker</tt>, but meant for use from
4544               <a href="filter-file.html">filters</a>. Auto will select the
4545               type of image that would have applied to the referring page,
4546               had it been an image.</p>
4547             </dd>
4548
4549             <dt>Example usage:</dt>
4550
4551             <dd>
4552               <p>Built-in pattern:</p>
4553
4554               <table border="0" bgcolor="#E0E0E0" width="90%">
4555                 <tr>
4556                   <td>
4557                     <pre class="SCREEN">
4558 +set-image-blocker{pattern}
4559 </pre>
4560                   </td>
4561                 </tr>
4562               </table>
4563
4564               <p>Redirect to the BSD daemon:</p>
4565
4566               <table border="0" bgcolor="#E0E0E0" width="90%">
4567                 <tr>
4568                   <td>
4569                     <pre class="SCREEN">
4570 +set-image-blocker{http://www.freebsd.org/gifs/dae_up3.gif}
4571 </pre>
4572                   </td>
4573                 </tr>
4574               </table>
4575
4576               <p>Redirect to the built-in pattern for better caching:</p>
4577
4578               <table border="0" bgcolor="#E0E0E0" width="90%">
4579                 <tr>
4580                   <td>
4581                     <pre class="SCREEN">
4582 +set-image-blocker{http://config.privoxy.org/send-banner?type=pattern}
4583 </pre>
4584                   </td>
4585                 </tr>
4586               </table>
4587             </dd>
4588           </dl>
4589         </div>
4590       </div>
4591
4592       <div class="SECT3">
4593         <h3 class="SECT3"><a name="SUMMARY" id="SUMMARY">8.5.36.
4594         Summary</a></h3>
4595
4596         <p>Note that many of these actions have the potential to cause a page
4597         to misbehave, possibly even not to display at all. There are many
4598         ways a site designer may choose to design his site, and what HTTP
4599         header content, and other criteria, he may depend on. There is no way
4600         to have hard and fast rules for all sites. See the <a href=
4601         "appendix.html#ACTIONSANAT">Appendix</a> for a brief example on
4602         troubleshooting actions.</p>
4603       </div>
4604     </div>
4605
4606     <div class="SECT2">
4607       <h2 class="SECT2"><a name="ALIASES" id="ALIASES">8.6. Aliases</a></h2>
4608
4609       <p>Custom <span class="QUOTE">"actions"</span>, known to <span class=
4610       "APPLICATION">Privoxy</span> as <span class="QUOTE">"aliases"</span>,
4611       can be defined by combining other actions. These can in turn be invoked
4612       just like the built-in actions. Currently, an alias name can contain
4613       any character except space, tab, <span class="QUOTE">"="</span>,
4614       <span class="QUOTE">"{"</span> and <span class="QUOTE">"}"</span>, but
4615       we <span class="emphasis"><i class="EMPHASIS">strongly
4616       recommend</i></span> that you only use <span class="QUOTE">"a"</span>
4617       to <span class="QUOTE">"z"</span>, <span class="QUOTE">"0"</span> to
4618       <span class="QUOTE">"9"</span>, <span class="QUOTE">"+"</span>, and
4619       <span class="QUOTE">"-"</span>. Alias names are not case sensitive, and
4620       are not required to start with a <span class="QUOTE">"+"</span> or
4621       <span class="QUOTE">"-"</span> sign, since they are merely textually
4622       expanded.</p>
4623
4624       <p>Aliases can be used throughout the actions file, but they
4625       <span class="emphasis"><i class="EMPHASIS">must be defined in a special
4626       section at the top of the file!</i></span> And there can only be one
4627       such section per actions file. Each actions file may have its own alias
4628       section, and the aliases defined in it are only visible within that
4629       file.</p>
4630
4631       <p>There are two main reasons to use aliases: One is to save typing for
4632       frequently used combinations of actions, the other one is a gain in
4633       flexibility: If you decide once how you want to handle shops by
4634       defining an alias called <span class="QUOTE">"shop"</span>, you can
4635       later change your policy on shops in <span class="emphasis"><i class=
4636       "EMPHASIS">one</i></span> place, and your changes will take effect
4637       everywhere in the actions file where the <span class=
4638       "QUOTE">"shop"</span> alias is used. Calling aliases by their purpose
4639       also makes your actions files more readable.</p>
4640
4641       <p>Currently, there is one big drawback to using aliases, though:
4642       <span class="APPLICATION">Privoxy</span>'s built-in web-based action
4643       file editor honors aliases when reading the actions files, but it
4644       expands them before writing. So the effects of your aliases are of
4645       course preserved, but the aliases themselves are lost when you edit
4646       sections that use aliases with it.</p>
4647
4648       <p>Now let's define some aliases...</p>
4649
4650       <table border="0" bgcolor="#E0E0E0" width="100%">
4651         <tr>
4652           <td>
4653             <pre class="SCREEN">
4654  # Useful custom aliases we can use later.
4655  #
4656  # Note the (required!) section header line and that this section
4657  # must be at the top of the actions file!
4658  #
4659  {{alias}}
4660
4661  # These aliases just save typing later:
4662  # (Note that some already use other aliases!)
4663  #
4664  +crunch-all-cookies = +<a href=
4665 "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a> +<a href="actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a>
4666  -crunch-all-cookies = -<a href=
4667 "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a> -<a href="actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a>
4668  +block-as-image      = +block{Blocked image.} +handle-as-image
4669  allow-all-cookies   = -crunch-all-cookies -<a href=
4670 "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a> -<a href=
4671 "actions-file.html#FILTER-CONTENT-COOKIES">filter{content-cookies}</a>
4672
4673  # These aliases define combinations of actions
4674  # that are useful for certain types of sites:
4675  #
4676  fragile     = -<a href="actions-file.html#BLOCK">block</a> -<a href=
4677 "actions-file.html#FILTER">filter</a> -crunch-all-cookies -<a href=
4678 "actions-file.html#FAST-REDIRECTS">fast-redirects</a> -<a href=
4679 "actions-file.html#HIDE-REFERER">hide-referrer</a> -<a href=
4680 "actions-file.html#PREVENT-COMPRESSION">prevent-compression</a>
4681
4682  shop        = -crunch-all-cookies -<a href=
4683 "actions-file.html#FILTER-ALL-POPUPS">filter{all-popups}</a>
4684
4685  # Short names for other aliases, for really lazy people ;-)
4686  #
4687  c0 = +crunch-all-cookies
4688  c1 = -crunch-all-cookies
4689 </pre>
4690           </td>
4691         </tr>
4692       </table>
4693
4694       <p>...and put them to use. These sections would appear in the lower
4695       part of an actions file and define exceptions to the default actions
4696       (as specified further up for the <span class="QUOTE">"/"</span>
4697       pattern):</p>
4698
4699       <table border="0" bgcolor="#E0E0E0" width="100%">
4700         <tr>
4701           <td>
4702             <pre class="SCREEN">
4703  # These sites are either very complex or very keen on
4704  # user data and require minimal interference to work:
4705  #
4706  {fragile}
4707  .office.microsoft.com
4708  .windowsupdate.microsoft.com
4709  # Gmail is really mail.google.com, not gmail.com
4710  mail.google.com
4711
4712  # Shopping sites:
4713  # Allow cookies (for setting and retrieving your customer data)
4714  #
4715  {shop}
4716  .quietpc.com
4717  .worldpay.com   # for quietpc.com
4718  mybank.example.com
4719
4720  # These shops require pop-ups:
4721  #
4722  {-filter{all-popups} -filter{unsolicited-popups}}
4723   .dabs.com
4724   .overclockers.co.uk
4725 </pre>
4726           </td>
4727         </tr>
4728       </table>
4729
4730       <p>Aliases like <span class="QUOTE">"shop"</span> and <span class=
4731       "QUOTE">"fragile"</span> are typically used for <span class=
4732       "QUOTE">"problem"</span> sites that require more than one action to be
4733       disabled in order to function properly.</p>
4734     </div>
4735
4736     <div class="SECT2">
4737       <h2 class="SECT2"><a name="ACT-EXAMPLES" id="ACT-EXAMPLES">8.7. Actions
4738       Files Tutorial</a></h2>
4739
4740       <p>The above chapters have shown <a href="actions-file.html">which
4741       actions files there are and how they are organized</a>, how actions are
4742       <a href="actions-file.html#ACTIONS">specified</a> and <a href=
4743       "actions-file.html#ACTIONS-APPLY">applied to URLs</a>, how <a href=
4744       "actions-file.html#AF-PATTERNS">patterns</a> work, and how to define
4745       and use <a href="actions-file.html#ALIASES">aliases</a>. Now, let's
4746       look at an example <tt class="FILENAME">match-all.action</tt>,
4747       <tt class="FILENAME">default.action</tt> and <tt class=
4748       "FILENAME">user.action</tt> file and see how all these pieces come
4749       together:</p>
4750
4751       <div class="SECT3">
4752         <h3 class="SECT3"><a name="MATCH-ALL" id="MATCH-ALL">8.7.1.
4753         match-all.action</a></h3>
4754
4755         <p>Remember <span class="emphasis"><i class="EMPHASIS">all actions
4756         are disabled when matching starts</i></span>, so we have to
4757         explicitly enable the ones we want.</p>
4758
4759         <p>While the <tt class="FILENAME">match-all.action</tt> file only
4760         contains a single section, it is probably the most important one. It
4761         has only one pattern, <span class="QUOTE">"<tt class=
4762         "LITERAL">/</tt>"</span>, but this pattern <a href=
4763         "actions-file.html#AF-PATTERNS">matches all URLs</a>. Therefore, the
4764         set of actions used in this <span class="QUOTE">"default"</span>
4765         section <span class="emphasis"><i class="EMPHASIS">will be applied to
4766         all requests as a start</i></span>. It can be partly or wholly
4767         overridden by other actions files like <tt class=
4768         "FILENAME">default.action</tt> and <tt class=
4769         "FILENAME">user.action</tt>, but it will still be largely responsible
4770         for your overall browsing experience.</p>
4771
4772         <p>Again, at the start of matching, all actions are disabled, so
4773         there is no need to disable any actions here. (Remember: a
4774         <span class="QUOTE">"+"</span> preceding the action name enables the
4775         action, a <span class="QUOTE">"-"</span> disables!). Also note how
4776         this long line has been made more readable by splitting it into
4777         multiple lines with line continuation.</p>
4778
4779         <table border="0" bgcolor="#E0E0E0" width="100%">
4780           <tr>
4781             <td>
4782               <pre class="SCREEN">
4783 { \
4784  +<a href=
4785 "actions-file.html#CHANGE-X-FORWARDED-FOR">change-x-forwarded-for{block}</a> \
4786  +<a href="actions-file.html#HIDE-FROM-HEADER">hide-from-header{block}</a> \
4787  +<a href=
4788 "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker{pattern}</a> \
4789 }
4790 / # Match all URLs
4791
4792 </pre>
4793             </td>
4794           </tr>
4795         </table>
4796
4797         <p>The default behavior is now set.</p>
4798       </div>
4799
4800       <div class="SECT3">
4801         <h3 class="SECT3"><a name="DEFAULT-ACTION" id="DEFAULT-ACTION">8.7.2.
4802         default.action</a></h3>
4803
4804         <p>If you aren't a developer, there's no need for you to edit the
4805         <tt class="FILENAME">default.action</tt> file. It is maintained by
4806         the <span class="APPLICATION">Privoxy</span> developers and if you
4807         disagree with some of the sections, you should overrule them in your
4808         <tt class="FILENAME">user.action</tt>.</p>
4809
4810         <p>Understanding the <tt class="FILENAME">default.action</tt> file
4811         can help you with your <tt class="FILENAME">user.action</tt>,
4812         though.</p>
4813
4814         <p>The first section in this file is a special section for internal
4815         use that prevents older <span class="APPLICATION">Privoxy</span>
4816         versions from reading the file:</p>
4817
4818         <table border="0" bgcolor="#E0E0E0" width="100%">
4819           <tr>
4820             <td>
4821               <pre class="SCREEN">
4822 ##########################################################################
4823 # Settings -- Don't change! For internal Privoxy use ONLY.
4824 ##########################################################################
4825 {{settings}}
4826 for-privoxy-version=3.0.11
4827 </pre>
4828             </td>
4829           </tr>
4830         </table>
4831
4832         <p>After that comes the (optional) alias section. We'll use the
4833         example section from the above <a href=
4834         "actions-file.html#ALIASES">chapter on aliases</a>, that also
4835         explains why and how aliases are used:</p>
4836
4837         <table border="0" bgcolor="#E0E0E0" width="100%">
4838           <tr>
4839             <td>
4840               <pre class="SCREEN">
4841 ##########################################################################
4842 # Aliases
4843 ##########################################################################
4844 {{alias}}
4845
4846  # These aliases just save typing later:
4847  # (Note that some already use other aliases!)
4848  #
4849  +crunch-all-cookies = +<a href=
4850 "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a> +<a href="actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a>
4851  -crunch-all-cookies = -<a href=
4852 "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a> -<a href="actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a>
4853  +block-as-image      = +block{Blocked image.} +handle-as-image
4854  mercy-for-cookies   = -crunch-all-cookies -<a href=
4855 "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a> -<a href=
4856 "actions-file.html#FILTER-CONTENT-COOKIES">filter{content-cookies}</a>
4857
4858  # These aliases define combinations of actions
4859  # that are useful for certain types of sites:
4860  #
4861  fragile     = -<a href="actions-file.html#BLOCK">block</a> -<a href=
4862 "actions-file.html#FILTER">filter</a> -crunch-all-cookies -<a href=
4863 "actions-file.html#FAST-REDIRECTS">fast-redirects</a> -<a href=
4864 "actions-file.html#HIDE-REFERER">hide-referrer</a>
4865  shop        = -crunch-all-cookies -<a href=
4866 "actions-file.html#FILTER-ALL-POPUPS">filter{all-popups}</a>
4867 </pre>
4868             </td>
4869           </tr>
4870         </table>
4871
4872         <p>The first of our specialized sections is concerned with
4873         <span class="QUOTE">"fragile"</span> sites, i.e. sites that require
4874         minimum interference, because they are either very complex or very
4875         keen on tracking you (and have mechanisms in place that make them
4876         unusable for people who avoid being tracked). We will simply use our
4877         pre-defined <tt class="LITERAL">fragile</tt> alias instead of stating
4878         the list of actions explicitly:</p>
4879
4880         <table border="0" bgcolor="#E0E0E0" width="100%">
4881           <tr>
4882             <td>
4883               <pre class="SCREEN">
4884 ##########################################################################
4885 # Exceptions for sites that'll break under the default action set:
4886 ##########################################################################
4887
4888 # "Fragile" Use a minimum set of actions for these sites (see alias above):
4889 #
4890 { fragile }
4891 .office.microsoft.com           # surprise, surprise!
4892 .windowsupdate.microsoft.com
4893 mail.google.com
4894 </pre>
4895             </td>
4896           </tr>
4897         </table>
4898
4899         <p>Shopping sites are not as fragile, but they typically require
4900         cookies to log in, and pop-up windows for shopping carts or item
4901         details. Again, we'll use a pre-defined alias:</p>
4902
4903         <table border="0" bgcolor="#E0E0E0" width="100%">
4904           <tr>
4905             <td>
4906               <pre class="SCREEN">
4907 # Shopping sites:
4908 #
4909 { shop }
4910 .quietpc.com
4911 .worldpay.com   # for quietpc.com
4912 .jungle.com
4913 .scan.co.uk
4914 </pre>
4915             </td>
4916           </tr>
4917         </table>
4918
4919         <p>The <tt class="LITERAL"><a href=
4920         "actions-file.html#FAST-REDIRECTS">fast-redirects</a></tt> action,
4921         which may have been enabled in <tt class=
4922         "FILENAME">match-all.action</tt>, breaks some sites. So disable it
4923         for popular sites where we know it misbehaves:</p>
4924
4925         <table border="0" bgcolor="#E0E0E0" width="100%">
4926           <tr>
4927             <td>
4928               <pre class="SCREEN">
4929 { -<a href="actions-file.html#FAST-REDIRECTS">fast-redirects</a> }
4930 login.yahoo.com
4931 edit.*.yahoo.com
4932 .google.com
4933 .altavista.com/.*(like|url|link):http
4934 .altavista.com/trans.*urltext=http
4935 .nytimes.com
4936 </pre>
4937             </td>
4938           </tr>
4939         </table>
4940
4941         <p>It is important that <span class="APPLICATION">Privoxy</span>
4942         knows which URLs belong to images, so that <span class=
4943         "emphasis"><i class="EMPHASIS">if</i></span> they are to be blocked,
4944         a substitute image can be sent, rather than an HTML page. Contacting
4945         the remote site to find out is not an option, since it would destroy
4946         the loading time advantage of banner blocking, and it would feed the
4947         advertisers information about you. We can mark any URL as an image
4948         with the <tt class="LITERAL"><a href=
4949         "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt> action,
4950         and marking all URLs that end in a known image file extension is a
4951         good start:</p>
4952
4953         <table border="0" bgcolor="#E0E0E0" width="100%">
4954           <tr>
4955             <td>
4956               <pre class="SCREEN">
4957 ##########################################################################
4958 # Images:
4959 ##########################################################################
4960
4961 # Define which file types will be treated as images, in case they get
4962 # blocked further down this file:
4963 #
4964 { +<a href="actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a> }
4965 /.*\.(gif|jpe?g|png|bmp|ico)$
4966 </pre>
4967             </td>
4968           </tr>
4969         </table>
4970
4971         <p>And then there are known banner sources. They often use scripts to
4972         generate the banners, so it won't be visible from the URL that the
4973         request is for an image. Hence we block them <span class=
4974         "emphasis"><i class="EMPHASIS">and</i></span> mark them as images in
4975         one go, with the help of our <tt class="LITERAL">+block-as-image</tt>
4976         alias defined above. (We could of course just as well use <tt class=
4977         "LITERAL">+<a href="actions-file.html#BLOCK">block</a> +<a href=
4978         "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt> here.)
4979         Remember that the type of the replacement image is chosen by the
4980         <tt class="LITERAL"><a href=
4981         "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a></tt>
4982         action. Since all URLs have matched the default section with its
4983         <tt class="LITERAL">+<a href=
4984         "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a>{pattern}</tt>
4985         action before, it still applies and needn't be repeated:</p>
4986
4987         <table border="0" bgcolor="#E0E0E0" width="100%">
4988           <tr>
4989             <td>
4990               <pre class="SCREEN">
4991 # Known ad generators:
4992 #
4993 { +block-as-image }
4994 ar.atwola.com
4995 .ad.doubleclick.net
4996 .ad.*.doubleclick.net
4997 .a.yimg.com/(?:(?!/i/).)*$
4998 .a[0-9].yimg.com/(?:(?!/i/).)*$
4999 bs*.gsanet.com
5000 .qkimg.net
5001 </pre>
5002             </td>
5003           </tr>
5004         </table>
5005
5006         <p>One of the most important jobs of <span class=
5007         "APPLICATION">Privoxy</span> is to block banners. Many of these can
5008         be <span class="QUOTE">"blocked"</span> by the <tt class=
5009         "LITERAL"><a href=
5010         "actions-file.html#FILTER">filter</a>{banners-by-size}</tt> action,
5011         which we enabled above, and which deletes the references to banner
5012         images from the pages while they are loaded, so the browser doesn't
5013         request them anymore, and hence they don't need to be blocked here.
5014         But this naturally doesn't catch all banners, and some people choose
5015         not to use filters, so we need a comprehensive list of patterns for
5016         banner URLs here, and apply the <tt class="LITERAL"><a href=
5017         "actions-file.html#BLOCK">block</a></tt> action to them.</p>
5018
5019         <p>First comes many generic patterns, which do most of the work, by
5020         matching typical domain and path name components of banners. Then
5021         comes a list of individual patterns for specific sites, which is
5022         omitted here to keep the example short:</p>
5023
5024         <table border="0" bgcolor="#E0E0E0" width="100%">
5025           <tr>
5026             <td>
5027               <pre class="SCREEN">
5028 ##########################################################################
5029 # Block these fine banners:
5030 ##########################################################################
5031 { <a href="actions-file.html#BLOCK">+block{Banner ads.}</a> }
5032
5033 # Generic patterns:
5034 #
5035 ad*.
5036 .*ads.
5037 banner?.
5038 count*.
5039 /.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?)
5040 /(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/
5041
5042 # Site-specific patterns (abbreviated):
5043 #
5044 .hitbox.com
5045 </pre>
5046             </td>
5047           </tr>
5048         </table>
5049
5050         <p>It's quite remarkable how many advertisers actually call their
5051         banner servers ads.<tt class="REPLACEABLE"><i>company</i></tt>.com,
5052         or call the directory in which the banners are stored simply
5053         <span class="QUOTE">"banners"</span>. So the above generic patterns
5054         are surprisingly effective.</p>
5055
5056         <p>But being very generic, they necessarily also catch URLs that we
5057         don't want to block. The pattern <tt class="LITERAL">.*ads.</tt> e.g.
5058         catches <span class="QUOTE">"nasty-<span class="emphasis"><i class=
5059         "EMPHASIS">ads</i></span>.nasty-corp.com"</span> as intended, but
5060         also <span class="QUOTE">"downlo<span class="emphasis"><i class=
5061         "EMPHASIS">ads</i></span>.sourcefroge.net"</span> or <span class=
5062         "QUOTE">"<span class="emphasis"><i class=
5063         "EMPHASIS">ads</i></span>l.some-provider.net."</span> So here come
5064         some well-known exceptions to the <tt class="LITERAL">+<a href=
5065         "actions-file.html#BLOCK">block</a></tt> section above.</p>
5066
5067         <p>Note that these are exceptions to exceptions from the default!
5068         Consider the URL <span class=
5069         "QUOTE">"downloads.sourcefroge.net"</span>: Initially, all actions
5070         are deactivated, so it wouldn't get blocked. Then comes the defaults
5071         section, which matches the URL, but just deactivates the <tt class=
5072         "LITERAL"><a href="actions-file.html#BLOCK">block</a></tt> action
5073         once again. Then it matches <tt class="LITERAL">.*ads.</tt>, an
5074         exception to the general non-blocking policy, and suddenly <tt class=
5075         "LITERAL"><a href="actions-file.html#BLOCK">+block</a></tt> applies.
5076         And now, it'll match <tt class="LITERAL">.*loads.</tt>, where
5077         <tt class="LITERAL"><a href="actions-file.html#BLOCK">-block</a></tt>
5078         applies, so (unless it matches <span class="emphasis"><i class=
5079         "EMPHASIS">again</i></span> further down) it ends up with no
5080         <tt class="LITERAL"><a href="actions-file.html#BLOCK">block</a></tt>
5081         action applying.</p>
5082
5083         <table border="0" bgcolor="#E0E0E0" width="100%">
5084           <tr>
5085             <td>
5086               <pre class="SCREEN">
5087 ##########################################################################
5088 # Save some innocent victims of the above generic block patterns:
5089 ##########################################################################
5090
5091 # By domain:
5092 #
5093 { -<a href="actions-file.html#BLOCK">block</a> }
5094 adv[io]*.  # (for advogato.org and advice.*)
5095 adsl.      # (has nothing to do with ads)
5096 adobe.     # (has nothing to do with ads either)
5097 ad[ud]*.   # (adult.* and add.*)
5098 .edu       # (universities don't host banners (yet!))
5099 .*loads.   # (downloads, uploads etc)
5100
5101 # By path:
5102 #
5103 /.*loads/
5104
5105 # Site-specific:
5106 #
5107 www.globalintersec.com/adv # (adv = advanced)
5108 www.ugu.com/sui/ugu/adv
5109 </pre>
5110             </td>
5111           </tr>
5112         </table>
5113
5114         <p>Filtering source code can have nasty side effects, so make an
5115         exception for our friends at sourceforge.net, and all paths with
5116         <span class="QUOTE">"cvs"</span> in them. Note that <tt class=
5117         "LITERAL">-<a href="actions-file.html#FILTER">filter</a></tt>
5118         disables <span class="emphasis"><i class="EMPHASIS">all</i></span>
5119         filters in one fell swoop!</p>
5120
5121         <table border="0" bgcolor="#E0E0E0" width="100%">
5122           <tr>
5123             <td>
5124               <pre class="SCREEN">
5125 # Don't filter code!
5126 #
5127 { -<a href="actions-file.html#FILTER">filter</a> }
5128 /(.*/)?cvs
5129 bugzilla.
5130 developer.
5131 wiki.
5132 .sourceforge.net
5133 </pre>
5134             </td>
5135           </tr>
5136         </table>
5137
5138         <p>The actual <tt class="FILENAME">default.action</tt> is of course
5139         much more comprehensive, but we hope this example made clear how it
5140         works.</p>
5141       </div>
5142
5143       <div class="SECT3">
5144         <h3 class="SECT3"><a name="USER-ACTION" id="USER-ACTION">8.7.3.
5145         user.action</a></h3>
5146
5147         <p>So far we are painting with a broad brush by setting general
5148         policies, which would be a reasonable starting point for many people.
5149         Now, you might want to be more specific and have customized rules
5150         that are more suitable to your personal habits and preferences. These
5151         would be for narrowly defined situations like your ISP or your bank,
5152         and should be placed in <tt class="FILENAME">user.action</tt>, which
5153         is parsed after all other actions files and hence has the last word,
5154         over-riding any previously defined actions. <tt class=
5155         "FILENAME">user.action</tt> is also a <span class=
5156         "emphasis"><i class="EMPHASIS">safe</i></span> place for your
5157         personal settings, since <tt class="FILENAME">default.action</tt> is
5158         actively maintained by the <span class="APPLICATION">Privoxy</span>
5159         developers and you'll probably want to install updated versions from
5160         time to time.</p>
5161
5162         <p>So let's look at a few examples of things that one might typically
5163         do in <tt class="FILENAME">user.action</tt>:</p>
5164
5165         <table border="0" bgcolor="#E0E0E0" width="100%">
5166           <tr>
5167             <td>
5168               <pre class="SCREEN">
5169 # My user.action file. &lt;fred@example.com&gt;
5170 </pre>
5171             </td>
5172           </tr>
5173         </table>
5174
5175         <p>As <a href="actions-file.html#ALIASES">aliases</a> are local to
5176         the actions file that they are defined in, you can't use the ones
5177         from <tt class="FILENAME">default.action</tt>, unless you repeat them
5178         here:</p>
5179
5180         <table border="0" bgcolor="#E0E0E0" width="100%">
5181           <tr>
5182             <td>
5183               <pre class="SCREEN">
5184 # Aliases are local to the file they are defined in.
5185 # (Re-)define aliases for this file:
5186 #
5187 {{alias}}
5188 #
5189 # These aliases just save typing later, and the alias names should
5190 # be self explanatory.
5191 #
5192 +crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
5193 -crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
5194  allow-all-cookies  = -crunch-all-cookies -session-cookies-only
5195  allow-popups       = -filter{all-popups}
5196 +block-as-image     = +block{Blocked as image.} +handle-as-image
5197 -block-as-image     = -block
5198
5199 # These aliases define combinations of actions that are useful for
5200 # certain types of sites:
5201 #
5202 fragile     = -block -crunch-all-cookies -filter -fast-redirects -hide-referrer
5203 shop        = -crunch-all-cookies allow-popups
5204
5205 # Allow ads for selected useful free sites:
5206 #
5207 allow-ads   = -block -filter{banners-by-size} -filter{banners-by-link}
5208
5209 # Alias for specific file types that are text, but might have conflicting
5210 # MIME types. We want the browser to force these to be text documents.
5211 handle-as-text = -<a href="actions-file.html#FILTER">filter</a> +-<a href=
5212 "actions-file.html#CONTENT-TYPE-OVERWRITE">content-type-overwrite{text/plain}</a> +-<a href="actions-file.html#FORCE-TEXT-MODE">force-text-mode</a> -<a href="actions-file.html#HIDE-CONTENT-DISPOSITION">hide-content-disposition</a>
5213 </pre>
5214             </td>
5215           </tr>
5216         </table>
5217
5218         <p>Say you have accounts on some sites that you visit regularly, and
5219         you don't want to have to log in manually each time. So you'd like to
5220         allow persistent cookies for these sites. The <tt class=
5221         "LITERAL">allow-all-cookies</tt> alias defined above does exactly
5222         that, i.e. it disables crunching of cookies in any direction, and the
5223         processing of cookies to make them only temporary.</p>
5224
5225         <table border="0" bgcolor="#E0E0E0" width="100%">
5226           <tr>
5227             <td>
5228               <pre class="SCREEN">
5229 { allow-all-cookies }
5230  sourceforge.net
5231  .yahoo.com
5232  .msdn.microsoft.com
5233  .redhat.com
5234 </pre>
5235             </td>
5236           </tr>
5237         </table>
5238
5239         <p>Your bank is allergic to some filter, but you don't know which, so
5240         you disable them all:</p>
5241
5242         <table border="0" bgcolor="#E0E0E0" width="100%">
5243           <tr>
5244             <td>
5245               <pre class="SCREEN">
5246 { -<a href="actions-file.html#FILTER">filter</a> }
5247  .your-home-banking-site.com
5248 </pre>
5249             </td>
5250           </tr>
5251         </table>
5252
5253         <p>Some file types you may not want to filter for various
5254         reasons:</p>
5255
5256         <table border="0" bgcolor="#E0E0E0" width="100%">
5257           <tr>
5258             <td>
5259               <pre class="SCREEN">
5260 # Technical documentation is likely to contain strings that might
5261 # erroneously get altered by the JavaScript-oriented filters:
5262 #
5263 .tldp.org
5264 /(.*/)?selfhtml/
5265
5266 # And this stupid host sends streaming video with a wrong MIME type,
5267 # so that Privoxy thinks it is getting HTML and starts filtering:
5268 #
5269 stupid-server.example.com/
5270 </pre>
5271             </td>
5272           </tr>
5273         </table>
5274
5275         <p>Example of a simple <a href="actions-file.html#BLOCK">block</a>
5276         action. Say you've seen an ad on your favourite page on example.com
5277         that you want to get rid of. You have right-clicked the image,
5278         selected <span class="QUOTE">"copy image location"</span> and pasted
5279         the URL below while removing the leading http://, into a <tt class=
5280         "LITERAL">{ +block{} }</tt> section. Note that <tt class="LITERAL">{
5281         +handle-as-image }</tt> need not be specified, since all URLs ending
5282         in <tt class="LITERAL">.gif</tt> will be tagged as images by the
5283         general rules as set in default.action anyway:</p>
5284
5285         <table border="0" bgcolor="#E0E0E0" width="100%">
5286           <tr>
5287             <td>
5288               <pre class="SCREEN">
5289 { +<a href="actions-file.html#BLOCK">block</a>{Nasty ads.} }
5290  www.example.com/nasty-ads/sponsor\.gif
5291  another.example.net/more/junk/here/
5292 </pre>
5293             </td>
5294           </tr>
5295         </table>
5296
5297         <p>The URLs of dynamically generated banners, especially from large
5298         banner farms, often don't use the well-known image file name
5299         extensions, which makes it impossible for <span class=
5300         "APPLICATION">Privoxy</span> to guess the file type just by looking
5301         at the URL. You can use the <tt class="LITERAL">+block-as-image</tt>
5302         alias defined above for these cases. Note that objects which match
5303         this rule but then turn out NOT to be an image are typically rendered
5304         as a <span class="QUOTE">"broken image"</span> icon by the browser.
5305         Use cautiously.</p>
5306
5307         <table border="0" bgcolor="#E0E0E0" width="100%">
5308           <tr>
5309             <td>
5310               <pre class="SCREEN">
5311 { +block-as-image }
5312  .doubleclick.net
5313  .fastclick.net
5314  /Realmedia/ads/
5315  ar.atwola.com/
5316 </pre>
5317             </td>
5318           </tr>
5319         </table>
5320
5321         <p>Now you noticed that the default configuration breaks Forbes
5322         Magazine, but you were too lazy to find out which action is the
5323         culprit, and you were again too lazy to give <a href=
5324         "contact.html">feedback</a>, so you just used the <tt class=
5325         "LITERAL">fragile</tt> alias on the site, and -- <span class=
5326         "emphasis"><i class="EMPHASIS">whoa!</i></span> -- it worked. The
5327         <tt class="LITERAL">fragile</tt> aliases disables those actions that
5328         are most likely to break a site. Also, good for testing purposes to
5329         see if it is <span class="APPLICATION">Privoxy</span> that is causing
5330         the problem or not. We later find other regular sites that misbehave,
5331         and add those to our personalized list of troublemakers:</p>
5332
5333         <table border="0" bgcolor="#E0E0E0" width="100%">
5334           <tr>
5335             <td>
5336               <pre class="SCREEN">
5337 { fragile }
5338  .forbes.com
5339  webmail.example.com
5340  .mybank.com
5341 </pre>
5342             </td>
5343           </tr>
5344         </table>
5345
5346         <p>You like the <span class="QUOTE">"fun"</span> text replacements in
5347         <tt class="FILENAME">default.filter</tt>, but it is disabled in the
5348         distributed actions file. So you'd like to turn it on in your
5349         private, update-safe config, once and for all:</p>
5350
5351         <table border="0" bgcolor="#E0E0E0" width="100%">
5352           <tr>
5353             <td>
5354               <pre class="SCREEN">
5355 { +<a href="actions-file.html#FILTER-FUN">filter{fun}</a> }
5356  / # For ALL sites!
5357 </pre>
5358             </td>
5359           </tr>
5360         </table>
5361
5362         <p>Note that the above is not really a good idea: There are
5363         exceptions to the filters in <tt class="FILENAME">default.action</tt>
5364         for things that really shouldn't be filtered, like code on
5365         CVS-&gt;Web interfaces. Since <tt class="FILENAME">user.action</tt>
5366         has the last word, these exceptions won't be valid for the
5367         <span class="QUOTE">"fun"</span> filtering specified here.</p>
5368
5369         <p>You might also worry about how your favourite free websites are
5370         funded, and find that they rely on displaying banner advertisements
5371         to survive. So you might want to specifically allow banners for those
5372         sites that you feel provide value to you:</p>
5373
5374         <table border="0" bgcolor="#E0E0E0" width="100%">
5375           <tr>
5376             <td>
5377               <pre class="SCREEN">
5378 { allow-ads }
5379  .sourceforge.net
5380  .slashdot.org
5381  .osdn.net
5382 </pre>
5383             </td>
5384           </tr>
5385         </table>
5386
5387         <p>Note that <tt class="LITERAL">allow-ads</tt> has been aliased to
5388         <tt class="LITERAL">-<a href=
5389         "actions-file.html#BLOCK">block</a></tt>, <tt class=
5390         "LITERAL">-<a href=
5391         "actions-file.html#FILTER-BANNERS-BY-SIZE">filter{banners-by-size}</a></tt>,
5392         and <tt class="LITERAL">-<a href=
5393         "actions-file.html#FILTER-BANNERS-BY-LINK">filter{banners-by-link}</a></tt>
5394         above.</p>
5395
5396         <p>Invoke another alias here to force an over-ride of the MIME type
5397         <tt class="LITERAL">application/x-sh</tt> which typically would open
5398         a download type dialog. In my case, I want to look at the shell
5399         script, and then I can save it should I choose to.</p>
5400
5401         <table border="0" bgcolor="#E0E0E0" width="100%">
5402           <tr>
5403             <td>
5404               <pre class="SCREEN">
5405 { handle-as-text }
5406  /.*\.sh$
5407 </pre>
5408             </td>
5409           </tr>
5410         </table>
5411
5412         <p><tt class="FILENAME">user.action</tt> is generally the best place
5413         to define exceptions and additions to the default policies of
5414         <tt class="FILENAME">default.action</tt>. Some actions are safe to
5415         have their default policies set here though. So let's set a default
5416         policy to have a <span class="QUOTE">"blank"</span> image as opposed
5417         to the checkerboard pattern for <span class="emphasis"><i class=
5418         "EMPHASIS">ALL</i></span> sites. <span class="QUOTE">"/"</span> of
5419         course matches all URL paths and patterns:</p>
5420
5421         <table border="0" bgcolor="#E0E0E0" width="100%">
5422           <tr>
5423             <td>
5424               <pre class="SCREEN">
5425 { +<a href=
5426 "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker{blank}</a> }
5427 / # ALL sites
5428 </pre>
5429             </td>
5430           </tr>
5431         </table>
5432       </div>
5433     </div>
5434   </div>
5435
5436   <div class="NAVFOOTER">
5437     <hr align="left" width="100%">
5438
5439     <table summary="Footer navigation table" width="100%" border="0"
5440     cellpadding="0" cellspacing="0">
5441       <tr>
5442         <td width="33%" align="left" valign="top"><a href="config.html"
5443         accesskey="P">Prev</a></td>
5444
5445         <td width="34%" align="center" valign="top"><a href="index.html"
5446         accesskey="H">Home</a></td>
5447
5448         <td width="33%" align="right" valign="top"><a href="filter-file.html"
5449         accesskey="N">Next</a></td>
5450       </tr>
5451
5452       <tr>
5453         <td width="33%" align="left" valign="top">The Main Configuration
5454         File</td>
5455
5456         <td width="34%" align="center" valign="top">&nbsp;</td>
5457
5458         <td width="33%" align="right" valign="top">Filter Files</td>
5459       </tr>
5460     </table>
5461   </div>
5462 </body>
5463 </html>