1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01
2 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
8 <meta name="GENERATOR" content=
9 "Modular DocBook HTML Stylesheet Version 1.79">
10 <link rel="HOME" title="Privoxy 3.0.25 User Manual" href="index.html">
11 <link rel="PREVIOUS" title="The Main Configuration File" href=
13 <link rel="NEXT" title="Filter Files" href="filter-file.html">
14 <link rel="STYLESHEET" type="text/css" href="../p_doc.css">
15 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
16 <link rel="STYLESHEET" type="text/css" href="p_doc.css">
18 <body class="SECT1" bgcolor="#EEEEEE" text="#000000" link="#0000FF" vlink=
19 "#840084" alink="#0000FF">
20 <div class="NAVHEADER">
21 <table summary="Header navigation table" width="100%" border="0"
22 cellpadding="0" cellspacing="0">
24 <th colspan="3" align="center">
25 Privoxy 3.0.25 User Manual
29 <td width="10%" align="left" valign="bottom">
30 <a href="config.html" accesskey="P">Prev</a>
32 <td width="80%" align="center" valign="bottom">
34 <td width="10%" align="right" valign="bottom">
35 <a href="filter-file.html" accesskey="N">Next</a>
39 <hr align="LEFT" width="100%">
43 <a name="ACTIONS-FILE">8. Actions Files</a>
46 The actions files are used to define what <span class="emphasis"><i
47 class="EMPHASIS">actions</i></span> <span class=
48 "APPLICATION">Privoxy</span> takes for which URLs, and thus
49 determines how ad images, cookies and various other aspects of HTTP
50 content and transactions are handled, and on which sites (or even
51 parts thereof). There are a number of such actions, with a wide range
52 of functionality. Each action does something a little different.
53 These actions give us a veritable arsenal of tools with which to
54 exert our control, preferences and independence. Actions can be
55 combined so that their effects are aggregated when applied against a
59 There are three action files included with <span class=
60 "APPLICATION">Privoxy</span> with differing purposes:
67 <tt class="FILENAME">match-all.action</tt> - is used to define
68 which <span class="QUOTE">"actions"</span> relating to
69 banner-blocking, images, pop-ups, content modification, cookie
70 handling etc should be applied by default. It should be the first
76 <tt class="FILENAME">default.action</tt> - defines many
77 exceptions (both positive and negative) from the default set of
78 actions that's configured in <tt class=
79 "FILENAME">match-all.action</tt>. It is a set of rules that
80 should work reasonably well as-is for most users. This file is
81 only supposed to be edited by the developers. It should be the
82 second actions file loaded.
87 <tt class="FILENAME">user.action</tt> - is intended to be for
88 local site preferences and exceptions. As an example, if your ISP
89 or your bank has specific requirements, and need special
90 handling, this kind of thing should go here. This file will not
96 <span class="GUIBUTTON">Edit</span> <span class="GUIBUTTON">Set
97 to Cautious</span> <span class="GUIBUTTON">Set to Medium</span>
98 <span class="GUIBUTTON">Set to Advanced</span>
101 These have increasing levels of aggressiveness <span class=
102 "emphasis"><i class="EMPHASIS">and have no influence on your
103 browsing unless you select them explicitly in the
104 editor</i></span>. A default installation should be pre-set to
105 <tt class="LITERAL">Cautious</tt>. New users should try this for
106 a while before adjusting the settings to more aggressive levels.
107 The more aggressive the settings, then the more likelihood there
108 is of problems such as sites not working as they should.
111 The <span class="GUIBUTTON">Edit</span> button allows you to turn
112 each action on/off individually for fine-tuning. The <span class=
113 "GUIBUTTON">Cautious</span> button changes the actions list to
114 low/safe settings which will activate ad blocking and a minimal
115 set of <span class="APPLICATION">Privoxy</span>'s features, and
116 subsequently there will be less of a chance for accidental
117 problems. The <span class="GUIBUTTON">Medium</span> button sets
118 the list to a medium level of other features and a low level set
119 of privacy features. The <span class="GUIBUTTON">Advanced</span>
120 button sets the list to a high level of ad blocking and medium
121 level of privacy. See the chart below. The latter three buttons
122 over-ride any changes via with the <span class=
123 "GUIBUTTON">Edit</span> button. More fine-tuning can be done in
124 the lower sections of this internal page.
127 While the actions file editor allows to enable these settings in
128 all actions files, they are only supposed to be enabled in the
129 first one to make sure you don't unintentionally overrule earlier
133 The default profiles, and their associated actions, as
134 pre-defined in <tt class="FILENAME">default.action</tt> are:
139 <a name="AEN2750"></a>
141 <b>Table 1. Default Configurations</b>
143 <table border="1" frame="border" rules="all" class="CALSTABLE">
144 <col width="1*" title="C1">
145 <col width="1*" title="C2">
146 <col width="1*" title="C3">
147 <col width="1*" title="C4">
167 Ad-blocking Aggressiveness
354 The list of actions files to be used are defined in the main
355 configuration file, and are processed in the order they are defined
356 (e.g. <tt class="FILENAME">default.action</tt> is typically processed
357 before <tt class="FILENAME">user.action</tt>). The content of these
358 can all be viewed and edited from <a href=
359 "http://config.privoxy.org/show-status" target=
360 "_top">http://config.privoxy.org/show-status</a>. The over-riding
361 principle when applying actions, is that the last action that matches
362 a given URL wins. The broadest, most general rules go first (defined
363 in <tt class="FILENAME">default.action</tt>), followed by any
364 exceptions (typically also in <tt class=
365 "FILENAME">default.action</tt>), which are then followed lastly by
366 any local preferences (typically in <span class="emphasis"><i class=
367 "EMPHASIS">user</i></span><tt class="FILENAME">.action</tt>).
368 Generally, <tt class="FILENAME">user.action</tt> has the last word.
371 An actions file typically has multiple sections. If you want to use
372 <span class="QUOTE">"aliases"</span> in an actions file, you have to
373 place the (optional) <a href="actions-file.html#ALIASES">alias
374 section</a> at the top of that file. Then comes the default set of
375 rules which will apply universally to all sites and pages (be <span
376 class="emphasis"><i class="EMPHASIS">very careful</i></span> with
377 using such a universal set in <tt class="FILENAME">user.action</tt>
378 or any other actions file after <tt class=
379 "FILENAME">default.action</tt>, because it will override the result
380 from consulting any previous file). And then below that, exceptions
381 to the defined universal policies. You can regard <tt class=
382 "FILENAME">user.action</tt> as an appendix to <tt class=
383 "FILENAME">default.action</tt>, with the advantage that it is a
384 separate file, which makes preserving your personal settings across
385 <span class="APPLICATION">Privoxy</span> upgrades easier.
388 Actions can be used to block anything you want, including ads,
389 banners, or just some obnoxious URL whose content you would rather
390 not see. Cookies can be accepted or rejected, or accepted only during
391 the current browser session (i.e. not written to disk), content can
392 be modified, some JavaScripts tamed, user-tracking fooled, and much
393 more. See below for a <a href="actions-file.html#ACTIONS">complete
398 <a name="RIGHT-MIX">8.1. Finding the Right Mix</a>
401 Note that some <a href="actions-file.html#ACTIONS">actions</a>,
402 like cookie suppression or script disabling, may render some sites
403 unusable that rely on these techniques to work properly. Finding
404 the right mix of actions is not always easy and certainly a matter
405 of personal taste. And, things can always change, requiring
406 refinements in the configuration. In general, it can be said that
407 the more <span class="QUOTE">"aggressive"</span> your default
408 settings (in the top section of the actions file) are, the more
409 exceptions for <span class="QUOTE">"trusted"</span> sites you will
410 have to make later. If, for example, you want to crunch all cookies
411 per default, you'll have to make exceptions from that rule for
412 sites that you regularly use and that require cookies for actually
413 useful purposes, like maybe your bank, favorite shop, or newspaper.
416 We have tried to provide you with reasonable rules to start from in
417 the distribution actions files. But there is no general rule of
418 thumb on these things. There just are too many variables, and sites
419 are constantly changing. Sooner or later you will want to change
420 the rules (and read this chapter again :).
425 <a name="HOW-TO-EDIT">8.2. How to Edit</a>
428 The easiest way to edit the actions files is with a browser by
429 using our browser-based editor, which can be reached from <a href=
430 "http://config.privoxy.org/show-status" target=
431 "_top">http://config.privoxy.org/show-status</a>. Note: the config
433 "config.html#ENABLE-EDIT-ACTIONS">enable-edit-actions</a> must be
434 enabled for this to work. The editor allows both fine-grained
435 control over every single feature on a per-URL basis, and easy
436 choosing from wholesale sets of defaults like <span class=
437 "QUOTE">"Cautious"</span>, <span class="QUOTE">"Medium"</span> or
438 <span class="QUOTE">"Advanced"</span>. Warning: the <span class=
439 "QUOTE">"Advanced"</span> setting is more aggressive, and will be
440 more likely to cause problems for some sites. Experienced users
444 If you prefer plain text editing to GUIs, you can of course also
445 directly edit the the actions files with your favorite text editor.
446 Look at <tt class="FILENAME">default.action</tt> which is richly
447 commented with many good examples.
452 <a name="ACTIONS-APPLY">8.3. How Actions are Applied to
456 Actions files are divided into sections. There are special
457 sections, like the <span class="QUOTE">"<a href=
458 "actions-file.html#ALIASES">alias</a>"</span> sections which will
459 be discussed later. For now let's concentrate on regular sections:
460 They have a heading line (often split up to multiple lines for
461 readability) which consist of a list of actions, separated by
462 whitespace and enclosed in curly braces. Below that, there is a
463 list of URL and tag patterns, each on a separate line.
466 To determine which actions apply to a request, the URL of the
467 request is compared to all URL patterns in each <span class=
468 "QUOTE">"action file"</span>. Every time it matches, the list of
469 applicable actions for the request is incrementally updated, using
470 the heading of the section in which the pattern is located. The
471 same is done again for tags and tag patterns later on.
474 If multiple applying sections set the same action differently, the
475 last match wins. If not, the effects are aggregated. E.g. a URL
476 might match a regular section with a heading line of <tt class=
477 "LITERAL">{ +<a href=
478 "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a> }</tt>,
479 then later another one with just <tt class="LITERAL">{ +<a href=
480 "actions-file.html#BLOCK">block</a> }</tt>, resulting in <span
481 class="emphasis"><i class="EMPHASIS">both</i></span> actions to
482 apply. And there may well be cases where you will want to combine
483 actions together. Such a section then might look like:
487 <table border="0" bgcolor="#E0E0E0" width="100%">
491 { +<tt class="LITERAL">handle-as-image</tt> +<tt class=
492 "LITERAL">block{Banner ads.}</tt> }
493 # Block these as if they were images. Send no block page.
495 media.example.com/.*banners
496 .example.com/images/ads/
503 You can trace this process for URL patterns and any given URL by
504 visiting <a href="http://config.privoxy.org/show-url-info" target=
505 "_top">http://config.privoxy.org/show-url-info</a>.
508 Examples and more detail on this is provided in the Appendix, <a
509 href="appendix.html#ACTIONSANAT">Troubleshooting: Anatomy of an
515 <a name="AF-PATTERNS">8.4. Patterns</a>
518 As mentioned, <span class="APPLICATION">Privoxy</span> uses <span
519 class="QUOTE">"patterns"</span> to determine what <span class=
520 "emphasis"><i class="EMPHASIS">actions</i></span> might apply to
521 which sites and pages your browser attempts to access. These <span
522 class="QUOTE">"patterns"</span> use wild card type <span class=
523 "emphasis"><i class="EMPHASIS">pattern</i></span> matching to
524 achieve a high degree of flexibility. This allows one expression to
525 be expanded and potentially match against many similar patterns.
528 Generally, an URL pattern has the form <tt class=
529 "LITERAL"><host><port>/<path></tt>, where the <tt
530 class="LITERAL"><host></tt>, the <tt class=
531 "LITERAL"><port></tt> and the <tt class=
532 "LITERAL"><path></tt> are optional. (This is why the special
533 <tt class="LITERAL">/</tt> pattern matches all URLs). Note that the
534 protocol portion of the URL pattern (e.g. <tt class=
535 "LITERAL">http://</tt>) should <span class="emphasis"><i class=
536 "EMPHASIS">not</i></span> be included in the pattern. This is
540 The pattern matching syntax is different for the host and path
541 parts of the URL. The host part uses a simple globbing type
542 matching technique, while the path part uses more flexible <a href=
543 "http://en.wikipedia.org/wiki/Regular_expressions" target=
544 "_top"><span class="QUOTE">"Regular Expressions"</span></a> (POSIX
548 The port part of a pattern is a decimal port number preceded by a
549 colon (<tt class="LITERAL">:</tt>). If the host part contains a
550 numerical IPv6 address, it has to be put into angle brackets (<tt
551 class="LITERAL"><</tt>, <tt class="LITERAL">></tt>).
553 <div class="VARIABLELIST">
556 <tt class="LITERAL">www.example.com/</tt>
560 is a host-only pattern and will match any request to <tt
561 class="LITERAL">www.example.com</tt>, regardless of which
562 document on that server is requested. So ALL pages in this
563 domain would be covered by the scope of this action. Note
564 that a simple <tt class="LITERAL">example.com</tt> is
565 different and would NOT match.
569 <tt class="LITERAL">www.example.com</tt>
573 means exactly the same. For host-only patterns, the trailing
574 <tt class="LITERAL">/</tt> may be omitted.
578 <tt class="LITERAL">www.example.com/index.html</tt>
582 matches all the documents on <tt class=
583 "LITERAL">www.example.com</tt> whose name starts with <tt
584 class="LITERAL">/index.html</tt>.
588 <tt class="LITERAL">www.example.com/index.html$</tt>
592 matches only the single document <tt class=
593 "LITERAL">/index.html</tt> on <tt class=
594 "LITERAL">www.example.com</tt>.
598 <tt class="LITERAL">/index.html$</tt>
602 matches the document <tt class="LITERAL">/index.html</tt>,
603 regardless of the domain, i.e. on <span class="emphasis"><i
604 class="EMPHASIS">any</i></span> web server anywhere.
608 <tt class="LITERAL">/</tt>
612 Matches any URL because there's no requirement for either the
613 domain or the path to match anything.
617 <tt class="LITERAL">:8000/</tt>
621 Matches any URL pointing to TCP port 8000.
625 <tt class="LITERAL">10.0.0.1/</tt>
629 Matches any URL with the host address <tt class=
630 "LITERAL">10.0.0.1</tt>. (Note that the real URL uses plain
631 brackets, not angle brackets.)
635 <tt class="LITERAL"><2001:db8::1>/</tt>
639 Matches any URL with the host address <tt class=
640 "LITERAL">2001:db8::1</tt>. (Note that the real URL uses
641 plain brackets, not angle brackets.)
645 <tt class="LITERAL">index.html</tt>
649 matches nothing, since it would be interpreted as a domain
650 name and there is no top-level domain called <tt class=
651 "LITERAL">.html</tt>. So its a mistake.
658 <a name="HOST-PATTERN">8.4.1. The Host Pattern</a>
661 The matching of the host part offers some flexible options: if
662 the host pattern starts or ends with a dot, it becomes unanchored
663 at that end. The host pattern is often referred to as domain
664 pattern as it is usually used to match domain names and not IP
665 addresses. For example:
667 <div class="VARIABLELIST">
670 <tt class="LITERAL">.example.com</tt>
674 matches any domain with first-level domain <tt class=
675 "LITERAL">com</tt> and second-level domain <tt class=
676 "LITERAL">example</tt>. For example <tt class=
677 "LITERAL">www.example.com</tt>, <tt class=
678 "LITERAL">example.com</tt> and <tt class=
679 "LITERAL">foo.bar.baz.example.com</tt>. Note that it
680 wouldn't match if the second-level domain was <tt class=
681 "LITERAL">another-example</tt>.
685 <tt class="LITERAL">www.</tt>
689 matches any domain that <span class="emphasis"><i class=
690 "EMPHASIS">STARTS</i></span> with <tt class=
691 "LITERAL">www.</tt> (It also matches the domain <tt class=
692 "LITERAL">www</tt> but most of the time that doesn't
697 <tt class="LITERAL">.example.</tt>
701 matches any domain that <span class="emphasis"><i class=
702 "EMPHASIS">CONTAINS</i></span> <tt class=
703 "LITERAL">.example.</tt>. And, by the way, also included
704 would be any files or documents that exist within that
705 domain since no path limitations are specified. (Correctly
706 speaking: It matches any FQDN that contains <tt class=
707 "LITERAL">example</tt> as a domain.) This might be <tt
708 class="LITERAL">www.example.com</tt>, <tt class=
709 "LITERAL">news.example.de</tt>, or <tt class=
710 "LITERAL">www.example.net/cgi/testing.pl</tt> for instance.
711 All these cases are matched.
717 Additionally, there are wild-cards that you can use in the domain
718 names themselves. These work similarly to shell globbing type
719 wild-cards: <span class="QUOTE">"*"</span> represents zero or
720 more arbitrary characters (this is equivalent to the <a href=
721 "http://en.wikipedia.org/wiki/Regular_expressions" target=
722 "_top"><span class="QUOTE">"Regular Expression"</span></a> based
723 syntax of <span class="QUOTE">".*"</span>), <span class=
724 "QUOTE">"?"</span> represents any single character (this is
725 equivalent to the regular expression syntax of a simple <span
726 class="QUOTE">"."</span>), and you can define <span class=
727 "QUOTE">"character classes"</span> in square brackets which is
728 similar to the same regular expression technique. All of this can
731 <div class="VARIABLELIST">
734 <tt class="LITERAL">ad*.example.com</tt>
738 matches <span class="QUOTE">"adserver.example.com"</span>,
739 <span class="QUOTE">"ads.example.com"</span>, etc but not
740 <span class="QUOTE">"sfads.example.com"</span>
744 <tt class="LITERAL">*ad*.example.com</tt>
748 matches all of the above, and then some.
752 <tt class="LITERAL">.?pix.com</tt>
756 matches <tt class="LITERAL">www.ipix.com</tt>, <tt class=
757 "LITERAL">pictures.epix.com</tt>, <tt class=
758 "LITERAL">a.b.c.d.e.upix.com</tt> etc.
762 <tt class="LITERAL">www[1-9a-ez].example.c*</tt>
766 matches <tt class="LITERAL">www1.example.com</tt>, <tt
767 class="LITERAL">www4.example.cc</tt>, <tt class=
768 "LITERAL">wwwd.example.cy</tt>, <tt class=
769 "LITERAL">wwwz.example.com</tt> etc., but <span class=
770 "emphasis"><i class="EMPHASIS">not</i></span> <tt class=
771 "LITERAL">wwww.example.com</tt>.
777 While flexible, this is not the sophistication of full regular
778 expression based syntax.
783 <a name="PATH-PATTERN">8.4.2. The Path Pattern</a>
786 <span class="APPLICATION">Privoxy</span> uses <span class=
787 "QUOTE">"modern"</span> POSIX 1003.2 <a href=
788 "http://en.wikipedia.org/wiki/Regular_expressions" target=
789 "_top"><span class="QUOTE">"Regular Expressions"</span></a> for
790 matching the path portion (after the slash), and is thus more
794 There is an <a href="appendix.html#REGEX">Appendix</a> with a
795 brief quick-start into regular expressions, you also might want
796 to have a look at your operating system's documentation on
797 regular expressions (try <tt class="LITERAL">man re_format</tt>).
800 Note that the path pattern is automatically left-anchored at the
801 <span class="QUOTE">"/"</span>, i.e. it matches as if it would
802 start with a <span class="QUOTE">"^"</span> (regular expression
803 speak for the beginning of a line).
806 Please also note that matching in the path is <span class=
807 "emphasis"><i class="EMPHASIS">CASE INSENSITIVE</i></span> by
808 default, but you can switch to case sensitive at any point in the
809 pattern by using the <span class="QUOTE">"(?-i)"</span> switch:
810 <tt class="LITERAL">www.example.com/(?-i)PaTtErN.*</tt> will
811 match only documents whose path starts with <tt class=
812 "LITERAL">PaTtErN</tt> in <span class="emphasis"><i class=
813 "EMPHASIS">exactly</i></span> this capitalization.
815 <div class="VARIABLELIST">
818 <tt class="LITERAL">.example.com/.*</tt>
822 Is equivalent to just <span class=
823 "QUOTE">".example.com"</span>, since any documents within
824 that domain are matched with or without the <span class=
825 "QUOTE">".*"</span> regular expression. This is redundant
829 <tt class="LITERAL">.example.com/.*/index.html$</tt>
833 Will match any page in the domain of <span class=
834 "QUOTE">"example.com"</span> that is named <span class=
835 "QUOTE">"index.html"</span>, and that is part of some path.
836 For example, it matches <span class=
837 "QUOTE">"www.example.com/testing/index.html"</span> but NOT
838 <span class="QUOTE">"www.example.com/index.html"</span>
839 because the regular expression called for at least two
840 <span class="QUOTE">"/'s"</span>, thus the path
841 requirement. It also would match <span class=
842 "QUOTE">"www.example.com/testing/index_html"</span>,
843 because of the special meta-character <span class=
848 <tt class="LITERAL">.example.com/(.*/)?index\.html$</tt>
852 This regular expression is conditional so it will match any
853 page named <span class="QUOTE">"index.html"</span>
854 regardless of path which in this case can have one or more
855 <span class="QUOTE">"/'s"</span>. And this one must contain
856 exactly <span class="QUOTE">".html"</span> (but does not
857 have to end with that!).
862 "LITERAL">.example.com/(.*/)(ads|banners?|junk)</tt>
866 This regular expression will match any path of <span class=
867 "QUOTE">"example.com"</span> that contains any of the words
868 <span class="QUOTE">"ads"</span>, <span class=
869 "QUOTE">"banner"</span>, <span class=
870 "QUOTE">"banners"</span> (because of the <span class=
871 "QUOTE">"?"</span>) or <span class="QUOTE">"junk"</span>.
872 The path does not have to end in these words, just contain
878 "LITERAL">.example.com/(.*/)(ads|banners?|junk)/.*\.(jpe?g|gif|png)$</tt>
882 This is very much the same as above, except now it must end
883 in either <span class="QUOTE">".jpg"</span>, <span class=
884 "QUOTE">".jpeg"</span>, <span class="QUOTE">".gif"</span>
885 or <span class="QUOTE">".png"</span>. So this one is
886 limited to common image formats.
892 There are many, many good examples to be found in <tt class=
893 "FILENAME">default.action</tt>, and more tutorials below in <a
894 href="appendix.html#REGEX">Appendix on regular expressions</a>.
899 <a name="TAG-PATTERN">8.4.3. The Request Tag Pattern</a>
902 Request tag patterns are used to change the applying actions
903 based on the request's tags. Tags can be created based on HTTP
904 headers with either the <a href=
905 "actions-file.html#CLIENT-HEADER-TAGGER">client-header-tagger</a>
907 "actions-file.html#SERVER-HEADER-TAGGER">server-header-tagger</a>
911 Request tag patterns have to start with <span class=
912 "QUOTE">"TAG:"</span>, so <span class=
913 "APPLICATION">Privoxy</span> can tell them apart from other
914 patterns. Everything after the colon including white space, is
915 interpreted as a regular expression with path pattern syntax,
916 except that tag patterns aren't left-anchored automatically
917 (<span class="APPLICATION">Privoxy</span> doesn't silently add a
918 <span class="QUOTE">"^"</span>, you have to do it yourself if you
922 To match all requests that are tagged with <span class=
923 "QUOTE">"foo"</span> your pattern line should be <span class=
924 "QUOTE">"TAG:^foo$"</span>, <span class="QUOTE">"TAG:foo"</span>
925 would work as well, but it would also match requests whose tags
926 contain <span class="QUOTE">"foo"</span> somewhere. <span class=
927 "QUOTE">"TAG: foo"</span> wouldn't work as it requires white
931 Sections can contain URL and request tag patterns at the same
932 time, but request tag patterns are checked after the URL patterns
933 and thus always overrule them, even if they are located before
937 Once a new request tag is added, Privoxy checks right away if
938 it's matched by one of the request tag patterns and updates the
939 action settings accordingly. As a result request tags can be used
940 to activate other tagger actions, as long as these other taggers
941 look for headers that haven't already be parsed.
944 For example you could tag client requests which use the <tt
945 class="LITERAL">POST</tt> method, then use this tag to activate
946 another tagger that adds a tag if cookies are sent, and then use
947 a block action based on the cookie tag. This allows the outcome
948 of one action, to be input into a subsequent action. However if
949 you'd reverse the position of the described taggers, and
950 activated the method tagger based on the cookie tagger, no method
951 tags would be created. The method tagger would look for the
952 request line, but at the time the cookie tag is created, the
953 request line has already been parsed.
956 While this is a limitation you should be aware of, this kind of
957 indirection is seldom needed anyway and even the example doesn't
963 <a name="NEGATIVE-TAG-PATTERNS">8.4.4. The Negative Request Tag
967 To match requests that do not have a certain request tag, specify
968 a negative tag pattern by prefixing the tag pattern line with
969 either <span class="QUOTE">"NO-REQUEST-TAG:"</span> or <span
970 class="QUOTE">"NO-RESPONSE-TAG:"</span> instead of <span class=
971 "QUOTE">"TAG:"</span>.
974 Negative request tag patterns created with <span class=
975 "QUOTE">"NO-REQUEST-TAG:"</span> are checked after all client
976 headers are scanned, the ones created with <span class=
977 "QUOTE">"NO-RESPONSE-TAG:"</span> are checked after all server
978 headers are scanned. In both cases all the created tags are
984 <a name="CLIENT-TAG-PATTERN">8.4.5. The Client Tag Pattern</a>
986 <div class="WARNING">
987 <table class="WARNING" border="1" width="100%">
996 This is an experimental feature. The syntax is likely to
997 change in future versions.
1004 Client tag patterns are not set based on HTTP headers but based
1005 on the client's IP address. Users can enable them themselves, but
1006 the Privoxy admin controls which tags are available and what
1010 After a client-specific tag has been defined with the <a href=
1011 "config.html#CLIENT-SPECIFIC-TAG">client-specific-tag</a>,
1012 directive, action sections can be activated based on the tag by
1013 using a CLIENT-TAG pattern. The CLIENT-TAG pattern is evaluated
1014 at the same priority as URL patterns, as a result the last
1015 matching pattern wins. Tags that are created based on client or
1016 server headers are evaluated later on and can overrule CLIENT-TAG
1020 The tag is set for all requests that come from clients that
1021 requested it to be set. Note that "clients" are differentiated by
1022 IP address, if the IP address changes the tag has to be requested
1026 Clients can request tags to be set by using the CGI interface <a
1027 href="http://config.privoxy.org/client-tags" target=
1028 "_top">http://config.privoxy.org/client-tags</a>.
1035 <table border="0" bgcolor="#E0E0E0" width="100%">
1038 <pre class="SCREEN">
1039 # If the admin defined the client-specific-tag circumvent-blocks,
1040 # and the request comes from a client that previously requested
1041 # the tag to be set, overrule all previous +block actions that
1042 # are enabled based on URL to CLIENT-TAG patterns.
1044 CLIENT-TAG:^circumvent-blocks$
1046 # This section is not overruled because it's located after
1048 {+block{Nobody is supposed to request this.}}
1049 example.org/blocked-example-page
1058 <a name="ACTIONS">8.5. Actions</a>
1061 All actions are disabled by default, until they are explicitly
1062 enabled somewhere in an actions file. Actions are turned on if
1063 preceded with a <span class="QUOTE">"+"</span>, and turned off if
1064 preceded with a <span class="QUOTE">"-"</span>. So a <tt class=
1065 "LITERAL">+action</tt> means <span class="QUOTE">"do that
1066 action"</span>, e.g. <tt class="LITERAL">+block</tt> means <span
1067 class="QUOTE">"please block URLs that match the following
1068 patterns"</span>, and <tt class="LITERAL">-block</tt> means <span
1069 class="QUOTE">"don't block URLs that match the following patterns,
1070 even if <tt class="LITERAL">+block</tt> previously
1071 applied."</span>
1074 Again, actions are invoked by placing them on a line, enclosed in
1075 curly braces and separated by whitespace, like in <tt class=
1076 "LITERAL">{+some-action -some-other-action{some-parameter}}</tt>,
1077 followed by a list of URL patterns, one per line, to which they
1078 apply. Together, the actions line and the following pattern lines
1079 make up a section of the actions file.
1082 Actions fall into three categories:
1089 Boolean, i.e the action can only be <span class=
1090 "QUOTE">"enabled"</span> or <span class=
1091 "QUOTE">"disabled"</span>. Syntax:
1095 <table border="0" bgcolor="#E0E0E0" width="90%">
1098 <pre class="SCREEN">
1099 +<tt class="REPLACEABLE"><i>name</i></tt> # enable action <tt class=
1100 "REPLACEABLE"><i>name</i></tt>
1101 -<tt class="REPLACEABLE"><i>name</i></tt> # disable action <tt
1102 class="REPLACEABLE"><i>name</i></tt>
1109 Example: <tt class="LITERAL">+handle-as-image</tt>
1114 Parameterized, where some value is required in order to enable
1115 this type of action. Syntax:
1119 <table border="0" bgcolor="#E0E0E0" width="90%">
1122 <pre class="SCREEN">
1123 +<tt class="REPLACEABLE"><i>name</i></tt>{<tt class=
1124 "REPLACEABLE"><i>param</i></tt>} # enable action and set parameter to <tt
1125 class="REPLACEABLE"><i>param</i></tt>,
1126 # overwriting parameter from previous match if necessary
1128 "REPLACEABLE"><i>name</i></tt> # disable action. The parameter can be omitted
1135 Note that if the URL matches multiple positive forms of a
1136 parameterized action, the last match wins, i.e. the params from
1137 earlier matches are simply ignored.
1140 Example: <tt class="LITERAL">+hide-user-agent{Mozilla/5.0 (X11;
1141 U; FreeBSD i386; en-US; rv:1.8.1.4) Gecko/20070602
1142 Firefox/2.0.0.4}</tt>
1147 Multi-value. These look exactly like parameterized actions, but
1148 they behave differently: If the action applies multiple times
1149 to the same URL, but with different parameters, <span class=
1150 "emphasis"><i class="EMPHASIS">all</i></span> the parameters
1151 from <span class="emphasis"><i class="EMPHASIS">all</i></span>
1152 matches are remembered. This is used for actions that can be
1153 executed for the same request repeatedly, like adding multiple
1154 headers, or filtering through multiple filters. Syntax:
1158 <table border="0" bgcolor="#E0E0E0" width="90%">
1161 <pre class="SCREEN">
1162 +<tt class="REPLACEABLE"><i>name</i></tt>{<tt class=
1163 "REPLACEABLE"><i>param</i></tt>} # enable action and add <tt class=
1164 "REPLACEABLE"><i>param</i></tt> to the list of parameters
1165 -<tt class="REPLACEABLE"><i>name</i></tt>{<tt class=
1166 "REPLACEABLE"><i>param</i></tt>} # remove the parameter <tt class=
1167 "REPLACEABLE"><i>param</i></tt> from the list of parameters
1168 # If it was the last one left, disable the action.
1170 "REPLACEABLE"><i>-name</i></tt> # disable this action completely and remove all parameters from the list
1177 Examples: <tt class="LITERAL">+add-header{X-Fun-Header: Some
1178 text}</tt> and <tt class=
1179 "LITERAL">+filter{html-annoyances}</tt>
1185 If nothing is specified in any actions file, no <span class=
1186 "QUOTE">"actions"</span> are taken. So in this case <span class=
1187 "APPLICATION">Privoxy</span> would just be a normal, non-blocking,
1188 non-filtering proxy. You must specifically enable the privacy and
1189 blocking features you need (although the provided default actions
1190 files will give a good starting point).
1193 Later defined action sections always over-ride earlier ones of the
1194 same type. So exceptions to any rules you make, should come in the
1195 latter part of the file (or in a file that is processed later when
1196 using multiple actions files such as <tt class=
1197 "FILENAME">user.action</tt>). For multi-valued actions, the actions
1198 are applied in the order they are specified. Actions files are
1199 processed in the order they are defined in <tt class=
1200 "FILENAME">config</tt> (the default installation has three actions
1201 files). It also quite possible for any given URL to match more than
1202 one <span class="QUOTE">"pattern"</span> (because of wildcards and
1203 regular expressions), and thus to trigger more than one set of
1204 actions! Last match wins.
1207 The list of valid <span class="APPLICATION">Privoxy</span> actions
1212 <a name="ADD-HEADER">8.5.1. add-header</a>
1214 <div class="VARIABLELIST">
1221 Confuse log analysis, custom applications
1229 Sends a user defined HTTP header to the web server.
1245 Any string value is possible. Validity of the defined HTTP
1246 headers is not checked. It is recommended that you use the
1247 <span class="QUOTE">"<tt class="LITERAL">X-</tt>"</span>
1248 prefix for custom headers.
1256 This action may be specified multiple times, in order to
1257 define multiple headers. This is rarely needed for the
1258 typical user. If you don't know what <span class=
1259 "QUOTE">"HTTP headers"</span> are, you definitely don't
1260 need to worry about this one.
1263 Headers added by this action are not modified by other
1273 <table border="0" bgcolor="#E0E0E0" width="90%">
1276 <pre class="SCREEN">
1277 # Add a DNT ("Do not track") header to all requests,
1278 # event to those that already have one.
1280 # This is just an example, not a recommendation.
1282 # There is no reason to believe that user-tracking websites care
1283 # about the DNT header and depending on the User-Agent, adding the
1284 # header may make user-tracking easier.
1285 {+add-header{DNT: 1}}
1297 <a name="BLOCK">8.5.2. block</a>
1299 <div class="VARIABLELIST">
1306 Block ads or other unwanted content
1314 Requests for URLs to which this action applies are blocked,
1315 i.e. the requests are trapped by <span class=
1316 "APPLICATION">Privoxy</span> and the requested URL is never
1317 retrieved, but is answered locally with a substitute page
1318 or image, as determined by the <tt class="LITERAL"><a href=
1319 "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt>,
1320 <tt class="LITERAL"><a href=
1321 "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a></tt>,
1322 and <tt class="LITERAL"><a href=
1323 "actions-file.html#HANDLE-AS-EMPTY-DOCUMENT">handle-as-empty-document</a></tt>
1340 A block reason that should be given to the user.
1348 <span class="APPLICATION">Privoxy</span> sends a special
1349 <span class="QUOTE">"BLOCKED"</span> page for requests to
1350 blocked pages. This page contains the block reason given as
1351 parameter, a link to find out why the block action applies,
1352 and a click-through to the blocked content (the latter only
1353 if the force feature is available and enabled).
1356 A very important exception occurs if <span class=
1357 "emphasis"><i class="EMPHASIS">both</i></span> <tt class=
1358 "LITERAL">block</tt> and <tt class="LITERAL"><a href=
1359 "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt>,
1360 apply to the same request: it will then be replaced by an
1361 image. If <tt class="LITERAL"><a href=
1362 "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a></tt>
1363 (see below) also applies, the type of image will be
1364 determined by its parameter, if not, the standard
1365 checkerboard pattern is sent.
1368 It is important to understand this process, in order to
1369 understand how <span class="APPLICATION">Privoxy</span>
1370 deals with ads and other unwanted content. Blocking is a
1371 core feature, and one upon which various other features
1375 The <tt class="LITERAL"><a href=
1376 "actions-file.html#FILTER">filter</a></tt> action can
1377 perform a very similar task, by <span class=
1378 "QUOTE">"blocking"</span> banner images and other content
1379 through rewriting the relevant URLs in the document's HTML
1380 source, so they don't get requested in the first place.
1381 Note that this is a totally different technique, and it's
1382 easy to confuse the two.
1386 Example usage (section):
1391 <table border="0" bgcolor="#E0E0E0" width="90%">
1394 <pre class="SCREEN">
1395 {+block{No nasty stuff for you.}}
1396 # Block and replace with "blocked" page
1397 .nasty-stuff.example.com
1399 {+block{Doubleclick banners.} +handle-as-image}
1400 # Block and replace with image
1404 {+block{Layered ads.} +handle-as-empty-document}
1405 # Block and then ignore
1406 adserver.example.net/.*\.js$
1417 <a name="CHANGE-X-FORWARDED-FOR">8.5.3.
1418 change-x-forwarded-for</a>
1420 <div class="VARIABLELIST">
1427 Improve privacy by not forwarding the source of the request
1428 in the HTTP headers.
1436 Deletes the <span class="QUOTE">"X-Forwarded-For:"</span>
1437 HTTP header from the client request, or adds a new one.
1455 <span class="QUOTE">"block"</span> to delete the
1461 <span class="QUOTE">"add"</span> to create the header
1462 (or append the client's IP address to an already
1473 It is safe and recommended to use <tt class=
1474 "LITERAL">block</tt>.
1477 Forwarding the source address of the request may make sense
1478 in some multi-user setups but is also a privacy risk.
1487 <table border="0" bgcolor="#E0E0E0" width="90%">
1490 <pre class="SCREEN">
1491 +change-x-forwarded-for{block}
1502 <a name="CLIENT-HEADER-FILTER">8.5.4. client-header-filter</a>
1504 <div class="VARIABLELIST">
1511 Rewrite or remove single client headers.
1519 All client headers to which this action applies are
1520 filtered on-the-fly through the specified regular
1521 expression based substitutions.
1537 The name of a client-header filter, as defined in one of
1538 the <a href="filter-file.html">filter files</a>.
1546 Client-header filters are applied to each header on its
1547 own, not to all at once. This makes it easier to diagnose
1548 problems, but on the downside you can't write filters that
1549 only change header x if header y's value is z. You can do
1550 that by using tags though.
1553 Client-header filters are executed after the other header
1554 actions have finished and use their output as input.
1557 If the request URI gets changed, <span class=
1558 "APPLICATION">Privoxy</span> will detect that and use the
1559 new one. This can be used to rewrite the request
1560 destination behind the client's back, for example to
1561 specify a Tor exit relay for certain requests.
1564 Please refer to the <a href="filter-file.html">filter file
1565 chapter</a> to learn which client-header filters are
1566 available by default, and how to create your own.
1570 Example usage (section):
1575 <table border="0" bgcolor="#E0E0E0" width="90%">
1578 <pre class="SCREEN">
1579 # Hide Tor exit notation in Host and Referer Headers
1580 {+client-header-filter{hide-tor-exit-notation}}
1593 <a name="CLIENT-HEADER-TAGGER">8.5.5. client-header-tagger</a>
1595 <div class="VARIABLELIST">
1602 Block requests based on their headers.
1610 Client headers to which this action applies are filtered
1611 on-the-fly through the specified regular expression based
1612 substitutions, the result is used as tag.
1628 The name of a client-header tagger, as defined in one of
1629 the <a href="filter-file.html">filter files</a>.
1637 Client-header taggers are applied to each header on its
1638 own, and as the header isn't modified, each tagger <span
1639 class="QUOTE">"sees"</span> the original.
1642 Client-header taggers are the first actions that are
1643 executed and their tags can be used to control every other
1648 Example usage (section):
1653 <table border="0" bgcolor="#E0E0E0" width="90%">
1656 <pre class="SCREEN">
1657 # Tag every request with the User-Agent header
1658 {+client-header-tagger{user-agent}}
1661 # Tagging itself doesn't change the action
1662 # settings, sections with TAG patterns do:
1664 # If it's a download agent, use a different forwarding proxy,
1665 # show the real User-Agent and make sure resume works.
1666 {+forward-override{forward-socks5 10.0.0.2:2222 .} \
1667 -hide-if-modified-since \
1668 -overwrite-last-modified \
1673 TAG:^User-Agent: NetBSD-ftp/
1674 TAG:^User-Agent: Novell ZYPP Installer
1675 TAG:^User-Agent: RPM APT-HTTP/
1676 TAG:^User-Agent: fetch libfetch/
1677 TAG:^User-Agent: Ubuntu APT-HTTP/
1678 TAG:^User-Agent: MPlayer/
1687 <table border="0" bgcolor="#E0E0E0" width="90%">
1690 <pre class="SCREEN">
1691 # Tag all requests with the Range header set
1692 {+client-header-tagger{range-requests}}
1695 # Disable filtering for the tagged requests.
1697 # With filtering enabled Privoxy would remove the Range headers
1698 # to be able to filter the whole response. The downside is that
1699 # it prevents clients from resuming downloads or skipping over
1700 # parts of multimedia files.
1701 {-filter -deanimate-gifs}
1714 <a name="CONTENT-TYPE-OVERWRITE">8.5.6.
1715 content-type-overwrite</a>
1717 <div class="VARIABLELIST">
1724 Stop useless download menus from popping up, or change the
1725 browser's rendering mode
1733 Replaces the <span class="QUOTE">"Content-Type:"</span>
1758 The <span class="QUOTE">"Content-Type:"</span> HTTP server
1759 header is used by the browser to decide what to do with the
1760 document. The value of this header can cause the browser to
1761 open a download menu instead of displaying the document by
1762 itself, even if the document's format is supported by the
1766 The declared content type can also affect which rendering
1767 mode the browser chooses. If XHTML is delivered as <span
1768 class="QUOTE">"text/html"</span>, many browsers treat it as
1769 yet another broken HTML document. If it is send as <span
1770 class="QUOTE">"application/xml"</span>, browsers with XHTML
1771 support will only display it, if the syntax is correct.
1774 If you see a web site that proudly uses XHTML buttons, but
1775 sets <span class="QUOTE">"Content-Type: text/html"</span>,
1776 you can use <span class="APPLICATION">Privoxy</span> to
1777 overwrite it with <span class=
1778 "QUOTE">"application/xml"</span> and validate the web
1779 master's claim inside your XHTML-supporting browser. If the
1780 syntax is incorrect, the browser will complain loudly.
1783 You can also go the opposite direction: if your browser
1784 prints error messages instead of rendering a document
1785 falsely declared as XHTML, you can overwrite the content
1786 type with <span class="QUOTE">"text/html"</span> and have
1787 it rendered as broken HTML document.
1790 By default <tt class="LITERAL">content-type-overwrite</tt>
1791 only replaces <span class="QUOTE">"Content-Type:"</span>
1792 headers that look like some kind of text. If you want to
1793 overwrite it unconditionally, you have to combine it with
1794 <tt class="LITERAL"><a href=
1795 "actions-file.html#FORCE-TEXT-MODE">force-text-mode</a></tt>.
1796 This limitation exists for a reason, think twice before
1800 Most of the time it's easier to replace this action with a
1801 custom <tt class="LITERAL"><a href=
1802 "actions-file.html#SERVER-HEADER-FILTER">server-header
1803 filter</a></tt>. It allows you to activate it for every
1804 document of a certain site and it will still only replace
1805 the content types you aimed at.
1808 Of course you can apply <tt class=
1809 "LITERAL">content-type-overwrite</tt> to a whole site and
1810 then make URL based exceptions, but it's a lot more work to
1811 get the same precision.
1815 Example usage (sections):
1820 <table border="0" bgcolor="#E0E0E0" width="90%">
1823 <pre class="SCREEN">
1824 # Check if www.example.net/ really uses valid XHTML
1825 { +content-type-overwrite{application/xml} }
1828 # but leave the content type unmodified if the URL looks like a style sheet
1829 {-content-type-overwrite}
1830 www.example.net/.*\.css$
1831 www.example.net/.*style
1842 <a name="CRUNCH-CLIENT-HEADER">8.5.7. crunch-client-header</a>
1844 <div class="VARIABLELIST">
1851 Remove a client header <span class=
1852 "APPLICATION">Privoxy</span> has no dedicated action for.
1860 Deletes every header sent by the client that contains the
1861 string the user supplied as parameter.
1885 This action allows you to block client headers for which no
1886 dedicated <span class="APPLICATION">Privoxy</span> action
1887 exists. <span class="APPLICATION">Privoxy</span> will
1888 remove every client header that contains the string you
1889 supplied as parameter.
1892 Regular expressions are <span class="emphasis"><i class=
1893 "EMPHASIS">not supported</i></span> and you can't use this
1894 action to block different headers in the same request,
1895 unless they contain the same string.
1898 <tt class="LITERAL">crunch-client-header</tt> is only meant
1899 for quick tests. If you have to block several different
1900 headers, or only want to modify parts of them, you should
1901 use a <tt class="LITERAL"><a href=
1902 "actions-file.html#CLIENT-HEADER-FILTER">client-header
1905 <div class="WARNING">
1906 <table class="WARNING" border="1" width="90%">
1915 Don't block any header without understanding the
1924 Example usage (section):
1929 <table border="0" bgcolor="#E0E0E0" width="90%">
1932 <pre class="SCREEN">
1933 # Block the non-existent "Privacy-Violation:" client header
1934 { +crunch-client-header{Privacy-Violation:} }
1947 <a name="CRUNCH-IF-NONE-MATCH">8.5.8. crunch-if-none-match</a>
1949 <div class="VARIABLELIST">
1956 Prevent yet another way to track the user's steps between
1965 Deletes the <span class="QUOTE">"If-None-Match:"</span>
1990 Removing the <span class="QUOTE">"If-None-Match:"</span>
1991 HTTP client header is useful for filter testing, where you
1992 want to force a real reload instead of getting status code
1993 <span class="QUOTE">"304"</span> which would cause the
1994 browser to use a cached copy of the page.
1997 It is also useful to make sure the header isn't used as a
1998 cookie replacement (unlikely but possible).
2001 Blocking the <span class="QUOTE">"If-None-Match:"</span>
2002 header shouldn't cause any caching problems, as long as the
2003 <span class="QUOTE">"If-Modified-Since:"</span> header
2004 isn't blocked or missing as well.
2007 It is recommended to use this action together with <tt
2008 class="LITERAL"><a href=
2009 "actions-file.html#HIDE-IF-MODIFIED-SINCE">hide-if-modified-since</a></tt>
2010 and <tt class="LITERAL"><a href=
2011 "actions-file.html#OVERWRITE-LAST-MODIFIED">overwrite-last-modified</a></tt>.
2015 Example usage (section):
2020 <table border="0" bgcolor="#E0E0E0" width="90%">
2023 <pre class="SCREEN">
2024 # Let the browser revalidate cached documents but don't
2025 # allow the server to use the revalidation headers for user tracking.
2026 {+hide-if-modified-since{-60} \
2027 +overwrite-last-modified{randomize} \
2028 +crunch-if-none-match}
2040 <a name="CRUNCH-INCOMING-COOKIES">8.5.9.
2041 crunch-incoming-cookies</a>
2043 <div class="VARIABLELIST">
2050 Prevent the web server from setting HTTP cookies on your
2059 Deletes any <span class="QUOTE">"Set-Cookie:"</span> HTTP
2060 headers from server replies.
2084 This action is only concerned with <span class=
2085 "emphasis"><i class="EMPHASIS">incoming</i></span> HTTP
2086 cookies. For <span class="emphasis"><i class=
2087 "EMPHASIS">outgoing</i></span> HTTP cookies, use <tt class=
2089 "actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a></tt>.
2090 Use <span class="emphasis"><i class=
2091 "EMPHASIS">both</i></span> to disable HTTP cookies
2095 It makes <span class="emphasis"><i class="EMPHASIS">no
2096 sense at all</i></span> to use this action in conjunction
2097 with the <tt class="LITERAL"><a href=
2098 "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a></tt>
2099 action, since it would prevent the session cookies from
2100 being set. See also <tt class="LITERAL"><a href=
2101 "actions-file.html#FILTER-CONTENT-COOKIES">filter-content-cookies</a></tt>.
2110 <table border="0" bgcolor="#E0E0E0" width="90%">
2113 <pre class="SCREEN">
2114 +crunch-incoming-cookies
2125 <a name="CRUNCH-SERVER-HEADER">8.5.10. crunch-server-header</a>
2127 <div class="VARIABLELIST">
2134 Remove a server header <span class=
2135 "APPLICATION">Privoxy</span> has no dedicated action for.
2143 Deletes every header sent by the server that contains the
2144 string the user supplied as parameter.
2168 This action allows you to block server headers for which no
2169 dedicated <span class="APPLICATION">Privoxy</span> action
2170 exists. <span class="APPLICATION">Privoxy</span> will
2171 remove every server header that contains the string you
2172 supplied as parameter.
2175 Regular expressions are <span class="emphasis"><i class=
2176 "EMPHASIS">not supported</i></span> and you can't use this
2177 action to block different headers in the same request,
2178 unless they contain the same string.
2181 <tt class="LITERAL">crunch-server-header</tt> is only meant
2182 for quick tests. If you have to block several different
2183 headers, or only want to modify parts of them, you should
2184 use a custom <tt class="LITERAL"><a href=
2185 "actions-file.html#SERVER-HEADER-FILTER">server-header
2188 <div class="WARNING">
2189 <table class="WARNING" border="1" width="90%">
2198 Don't block any header without understanding the
2207 Example usage (section):
2212 <table border="0" bgcolor="#E0E0E0" width="90%">
2215 <pre class="SCREEN">
2216 # Crunch server headers that try to prevent caching
2217 { +crunch-server-header{no-cache} }
2229 <a name="CRUNCH-OUTGOING-COOKIES">8.5.11.
2230 crunch-outgoing-cookies</a>
2232 <div class="VARIABLELIST">
2239 Prevent the web server from reading any HTTP cookies from
2248 Deletes any <span class="QUOTE">"Cookie:"</span> HTTP
2249 headers from client requests.
2273 This action is only concerned with <span class=
2274 "emphasis"><i class="EMPHASIS">outgoing</i></span> HTTP
2275 cookies. For <span class="emphasis"><i class=
2276 "EMPHASIS">incoming</i></span> HTTP cookies, use <tt class=
2278 "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a></tt>.
2279 Use <span class="emphasis"><i class=
2280 "EMPHASIS">both</i></span> to disable HTTP cookies
2284 It makes <span class="emphasis"><i class="EMPHASIS">no
2285 sense at all</i></span> to use this action in conjunction
2286 with the <tt class="LITERAL"><a href=
2287 "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a></tt>
2288 action, since it would prevent the session cookies from
2298 <table border="0" bgcolor="#E0E0E0" width="90%">
2301 <pre class="SCREEN">
2302 +crunch-outgoing-cookies
2313 <a name="DEANIMATE-GIFS">8.5.12. deanimate-gifs</a>
2315 <div class="VARIABLELIST">
2322 Stop those annoying, distracting animated GIF images.
2330 De-animate GIF animations, i.e. reduce them to their first
2347 <span class="QUOTE">"last"</span> or <span class=
2348 "QUOTE">"first"</span>
2356 This will also shrink the images considerably (in bytes,
2357 not pixels!). If the option <span class=
2358 "QUOTE">"first"</span> is given, the first frame of the
2359 animation is used as the replacement. If <span class=
2360 "QUOTE">"last"</span> is given, the last frame of the
2361 animation is used instead, which probably makes more sense
2362 for most banner animations, but also has the risk of not
2363 showing the entire last frame (if it is only a delta to an
2367 You can safely use this action with patterns that will also
2368 match non-GIF objects, because no attempt will be made at
2369 anything that doesn't look like a GIF.
2378 <table border="0" bgcolor="#E0E0E0" width="90%">
2381 <pre class="SCREEN">
2382 +deanimate-gifs{last}
2393 <a name="DOWNGRADE-HTTP-VERSION">8.5.13.
2394 downgrade-http-version</a>
2396 <div class="VARIABLELIST">
2403 Work around (very rare) problems with HTTP/1.1
2411 Downgrades HTTP/1.1 client requests and server replies to
2436 This is a left-over from the time when <span class=
2437 "APPLICATION">Privoxy</span> didn't support important
2438 HTTP/1.1 features well. It is left here for the unlikely
2439 case that you experience HTTP/1.1-related problems with
2440 some server out there.
2443 Note that enabling this action is only a workaround. It
2444 should not be enabled for sites that work without it. While
2445 it shouldn't break any pages, it has an (usually negative)
2449 If you come across a site where enabling this action helps,
2450 please report it, so the cause of the problem can be
2451 analyzed. If the problem turns out to be caused by a bug in
2452 <span class="APPLICATION">Privoxy</span> it should be fixed
2453 so the following release works without the work around.
2457 Example usage (section):
2462 <table border="0" bgcolor="#E0E0E0" width="90%">
2465 <pre class="SCREEN">
2466 {+downgrade-http-version}
2467 problem-host.example.com
2478 <a name="EXTERNAL-FILTER">8.5.14. external-filter</a>
2480 <div class="VARIABLELIST">
2487 Modify content using a programming language of your choice.
2495 All instances of text-based type, most notably HTML and
2496 JavaScript, to which this action applies, can be filtered
2497 on-the-fly through the specified external filter. By
2498 default plain text documents are exempted from filtering,
2499 because web servers often use the <tt class=
2500 "LITERAL">text/plain</tt> MIME type for all files whose
2501 type they don't know.)
2517 The name of an external content filter, as defined in the
2518 <a href="filter-file.html">filter file</a>. External
2519 filters can be defined in one or more files as defined by
2520 the <tt class="LITERAL"><a href=
2521 "config.html#FILTERFILE">filterfile</a></tt> option in the
2522 <a href="config.html">config file</a>.
2525 When used in its negative form, and without parameters,
2526 <span class="emphasis"><i class="EMPHASIS">all</i></span>
2527 filtering with external filters is completely disabled.
2535 External filters are scripts or programs that can modify
2536 the content in case common <tt class="LITERAL"><a href=
2537 "actions-file.html#FILTER">filters</a></tt> aren't powerful
2538 enough. With the exception that this action doesn't use
2539 pcrs-based filters, the notes in the <tt class="LITERAL"><a
2540 href="actions-file.html#FILTER">filter</a></tt> section
2543 <div class="WARNING">
2544 <table class="WARNING" border="1" width="90%">
2553 Currently external filters are executed with <span
2554 class="APPLICATION">Privoxy</span>'s privileges.
2555 Only use external filters you understand and trust.
2562 This feature is experimental, the <tt class="LITERAL"><a
2564 "filter-file.html#EXTERNAL-FILTER-SYNTAX">syntax</a></tt>
2565 may change in the future.
2574 <table border="0" bgcolor="#E0E0E0" width="90%">
2577 <pre class="SCREEN">
2578 +external-filter{fancy-filter}
2589 <a name="FAST-REDIRECTS">8.5.15. fast-redirects</a>
2591 <div class="VARIABLELIST">
2598 Fool some click-tracking scripts and speed up indirect
2607 Detects redirection URLs and redirects the browser without
2608 contacting the redirection server first.
2626 <span class="QUOTE">"simple-check"</span> to just
2627 search for the string <span class=
2628 "QUOTE">"http://"</span> to detect redirection URLs.
2633 <span class="QUOTE">"check-decoded-url"</span> to
2634 decode URLs (if necessary) before searching for
2645 Many sites, like yahoo.com, don't just link to other sites.
2646 Instead, they will link to some script on their own
2647 servers, giving the destination as a parameter, which will
2648 then redirect you to the final target. URLs resulting from
2649 this scheme typically look like: <span class=
2650 "QUOTE">"http://www.example.org/click-tracker.cgi?target=http%3a//www.example.net/"</span>.
2653 Sometimes, there are even multiple consecutive redirects
2654 encoded in the URL. These redirections via scripts make
2655 your web browsing more traceable, since the server from
2656 which you follow such a link can see where you go to. Apart
2657 from that, valuable bandwidth and time is wasted, while
2658 your browser asks the server for one redirect after the
2659 other. Plus, it feeds the advertisers.
2662 This feature is currently not very smart and is scheduled
2663 for improvement. If it is enabled by default, you will have
2664 to create some exceptions to this action. It can lead to
2665 failures in several ways:
2668 Not every URLs with other URLs as parameters is evil. Some
2669 sites offer a real service that requires this information
2670 to work. For example a validation service needs to know,
2671 which document to validate. <tt class=
2672 "LITERAL">fast-redirects</tt> assumes that every URL
2673 parameter that looks like another URL is a redirection
2674 target, and will always redirect to the last one. Most of
2675 the time the assumption is correct, but if it isn't, the
2676 user gets redirected anyway.
2679 Another failure occurs if the URL contains other parameters
2680 after the URL parameter. The URL: <span class=
2681 "QUOTE">"http://www.example.org/?redirect=http%3a//www.example.net/&foo=bar"</span>.
2682 contains the redirection URL <span class=
2683 "QUOTE">"http://www.example.net/"</span>, followed by
2684 another parameter. <tt class="LITERAL">fast-redirects</tt>
2685 doesn't know that and will cause a redirect to <span class=
2686 "QUOTE">"http://www.example.net/&foo=bar"</span>.
2687 Depending on the target server configuration, the parameter
2688 will be silently ignored or lead to a <span class=
2689 "QUOTE">"page not found"</span> error. You can prevent this
2690 problem by first using the <tt class="LITERAL"><a href=
2691 "actions-file.html#REDIRECT">redirect</a></tt> action to
2692 remove the last part of the URL, but it requires a little
2696 To detect a redirection URL, <tt class=
2697 "LITERAL">fast-redirects</tt> only looks for the string
2698 <span class="QUOTE">"http://"</span>, either in plain text
2699 (invalid but often used) or encoded as <span class=
2700 "QUOTE">"http%3a//"</span>. Some sites use their own URL
2701 encoding scheme, encrypt the address of the target server
2702 or replace it with a database id. In theses cases <tt
2703 class="LITERAL">fast-redirects</tt> is fooled and the
2704 request reaches the redirection server where it probably
2714 <table border="0" bgcolor="#E0E0E0" width="90%">
2717 <pre class="SCREEN">
2718 { +fast-redirects{simple-check} }
2721 { +fast-redirects{check-decoded-url} }
2722 another.example.com/testing
2733 <a name="FILTER">8.5.16. filter</a>
2735 <div class="VARIABLELIST">
2742 Get rid of HTML and JavaScript annoyances, banner
2743 advertisements (by size), do fun text replacements, add
2744 personalized effects, etc.
2752 All instances of text-based type, most notably HTML and
2753 JavaScript, to which this action applies, can be filtered
2754 on-the-fly through the specified regular expression based
2755 substitutions. (Note: as of version 3.0.3 plain text
2756 documents are exempted from filtering, because web servers
2757 often use the <tt class="LITERAL">text/plain</tt> MIME type
2758 for all files whose type they don't know.)
2774 The name of a content filter, as defined in the <a href=
2775 "filter-file.html">filter file</a>. Filters can be defined
2776 in one or more files as defined by the <tt class=
2778 "config.html#FILTERFILE">filterfile</a></tt> option in the
2779 <a href="config.html">config file</a>. <tt class=
2780 "FILENAME">default.filter</tt> is the collection of filters
2781 supplied by the developers. Locally defined filters should
2782 go in their own file, such as <tt class=
2783 "FILENAME">user.filter</tt>.
2786 When used in its negative form, and without parameters,
2787 <span class="emphasis"><i class="EMPHASIS">all</i></span>
2788 filtering is completely disabled.
2796 For your convenience, there are a number of pre-defined
2797 filters available in the distribution filter file that you
2798 can use. See the examples below for a list.
2801 Filtering requires buffering the page content, which may
2802 appear to slow down page rendering since nothing is
2803 displayed until all content has passed the filters. (The
2804 total time until the page is completely rendered doesn't
2805 change much, but it may be perceived as slower since the
2806 page is not incrementally displayed.) This effect will be
2807 more noticeable on slower connections.
2810 <span class="QUOTE">"Rolling your own"</span> filters
2811 requires a knowledge of <a href=
2812 "http://en.wikipedia.org/wiki/Regular_expressions" target=
2813 "_top"><span class="QUOTE">"Regular Expressions"</span></a>
2814 and <a href="http://en.wikipedia.org/wiki/Html" target=
2815 "_top"><span class="QUOTE">"HTML"</span></a>. This is very
2816 powerful feature, and potentially very intrusive. Filters
2817 should be used with caution, and where an equivalent <span
2818 class="QUOTE">"action"</span> is not available.
2821 The amount of data that can be filtered is limited to the
2822 <tt class="LITERAL"><a href=
2823 "config.html#BUFFER-LIMIT">buffer-limit</a></tt> option in
2824 the main <a href="config.html">config file</a>. The default
2825 is 4096 KB (4 Megs). Once this limit is exceeded, the
2826 buffered data, and all pending data, is passed through
2830 Inappropriate MIME types, such as zipped files, are not
2831 filtered at all. (Again, only text-based types except plain
2832 text). Encrypted SSL data (from HTTPS servers) cannot be
2833 filtered either, since this would violate the integrity of
2834 the secure transaction. In some situations it might be
2835 necessary to protect certain text, like source code, from
2836 filtering by defining appropriate <tt class=
2837 "LITERAL">-filter</tt> exceptions.
2840 Compressed content can't be filtered either, but if <span
2841 class="APPLICATION">Privoxy</span> is compiled with zlib
2842 support and a supported compression algorithm is used (gzip
2843 or deflate), <span class="APPLICATION">Privoxy</span> can
2844 first decompress the content and then filter it.
2847 If you use a <span class="APPLICATION">Privoxy</span>
2848 version without zlib support, but want filtering to work on
2849 as much documents as possible, even those that would
2850 normally be sent compressed, you must use the <tt class=
2852 "actions-file.html#PREVENT-COMPRESSION">prevent-compression</a></tt>
2853 action in conjunction with <tt class="LITERAL">filter</tt>.
2856 Content filtering can achieve some of the same effects as
2857 the <tt class="LITERAL"><a href=
2858 "actions-file.html#BLOCK">block</a></tt> action, i.e. it
2859 can be used to block ads and banners. But the mechanism
2860 works quite differently. One effective use, is to block ad
2861 banners based on their size (see below), since many of
2862 these seem to be somewhat standardized.
2865 <a href="contact.html">Feedback</a> with suggestions for
2866 new or improved filters is particularly welcome!
2869 The below list has only the names and a one-line
2870 description of each predefined filter. There are <a href=
2871 "filter-file.html#PREDEFINED-FILTERS">more verbose
2872 explanations</a> of what these filters do in the <a href=
2873 "filter-file.html">filter file chapter</a>.
2877 Example usage (with filters from the distribution <tt class=
2878 "FILENAME">default.filter</tt> file). See <a href=
2879 "filter-file.html#PREDEFINED-FILTERS">the Predefined Filters
2880 section</a> for more explanation on each:
2884 <a name="FILTER-JS-ANNOYANCES"></a>
2886 <table border="0" bgcolor="#E0E0E0" width="90%">
2889 <pre class="SCREEN">
2890 +filter{js-annoyances} # Get rid of particularly annoying JavaScript abuse.
2897 <a name="FILTER-JS-EVENTS"></a>
2899 <table border="0" bgcolor="#E0E0E0" width="90%">
2902 <pre class="SCREEN">
2903 +filter{js-events} # Kill JavaScript event bindings and timers (Radically destructive! Only for extra nasty sites).
2910 <a name="FILTER-HTML-ANNOYANCES"></a>
2912 <table border="0" bgcolor="#E0E0E0" width="90%">
2915 <pre class="SCREEN">
2916 +filter{html-annoyances} # Get rid of particularly annoying HTML abuse.
2923 <a name="FILTER-CONTENT-COOKIES"></a>
2925 <table border="0" bgcolor="#E0E0E0" width="90%">
2928 <pre class="SCREEN">
2929 +filter{content-cookies} # Kill cookies that come in the HTML or JS content.
2936 <a name="FILTER-REFRESH-TAGS"></a>
2938 <table border="0" bgcolor="#E0E0E0" width="90%">
2941 <pre class="SCREEN">
2942 +filter{refresh-tags} # Kill automatic refresh tags if refresh time is larger than 9 seconds.
2949 <a name="FILTER-UNSOLICITED-POPUPS"></a>
2951 <table border="0" bgcolor="#E0E0E0" width="90%">
2954 <pre class="SCREEN">
2955 +filter{unsolicited-popups} # Disable only unsolicited pop-up windows.
2962 <a name="FILTER-ALL-POPUPS"></a>
2964 <table border="0" bgcolor="#E0E0E0" width="90%">
2967 <pre class="SCREEN">
2968 +filter{all-popups} # Kill all popups in JavaScript and HTML.
2975 <a name="FILTER-IMG-REORDER"></a>
2977 <table border="0" bgcolor="#E0E0E0" width="90%">
2980 <pre class="SCREEN">
2981 +filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective.
2988 <a name="FILTER-BANNERS-BY-SIZE"></a>
2990 <table border="0" bgcolor="#E0E0E0" width="90%">
2993 <pre class="SCREEN">
2994 +filter{banners-by-size} # Kill banners by size.
3001 <a name="FILTER-BANNERS-BY-LINK"></a>
3003 <table border="0" bgcolor="#E0E0E0" width="90%">
3006 <pre class="SCREEN">
3007 +filter{banners-by-link} # Kill banners by their links to known clicktrackers.
3014 <a name="FILTER-WEBBUGS"></a>
3016 <table border="0" bgcolor="#E0E0E0" width="90%">
3019 <pre class="SCREEN">
3020 +filter{webbugs} # Squish WebBugs (1x1 invisible GIFs used for user tracking).
3027 <a name="FILTER-TINY-TEXTFORMS"></a>
3029 <table border="0" bgcolor="#E0E0E0" width="90%">
3032 <pre class="SCREEN">
3033 +filter{tiny-textforms} # Extend those tiny textareas up to 40x80 and kill the hard wrap.
3040 <a name="FILTER-JUMPING-WINDOWS"></a>
3042 <table border="0" bgcolor="#E0E0E0" width="90%">
3045 <pre class="SCREEN">
3046 +filter{jumping-windows} # Prevent windows from resizing and moving themselves.
3053 <a name="FILTER-FRAMESET-BORDERS"></a>
3055 <table border="0" bgcolor="#E0E0E0" width="90%">
3058 <pre class="SCREEN">
3059 +filter{frameset-borders} # Give frames a border and make them resizable.
3066 <a name="FILTER-IFRAMES"></a>
3068 <table border="0" bgcolor="#E0E0E0" width="90%">
3071 <pre class="SCREEN">
3072 +filter{iframes} # Removes all detected iframes. Should only be enabled for individual sites.
3079 <a name="FILTER-DEMORONIZER"></a>
3081 <table border="0" bgcolor="#E0E0E0" width="90%">
3084 <pre class="SCREEN">
3085 +filter{demoronizer} # Fix MS's non-standard use of standard charsets.
3092 <a name="FILTER-SHOCKWAVE-FLASH"></a>
3094 <table border="0" bgcolor="#E0E0E0" width="90%">
3097 <pre class="SCREEN">
3098 +filter{shockwave-flash} # Kill embedded Shockwave Flash objects.
3105 <a name="FILTER-QUICKTIME-KIOSKMODE"></a>
3107 <table border="0" bgcolor="#E0E0E0" width="90%">
3110 <pre class="SCREEN">
3111 +filter{quicktime-kioskmode} # Make Quicktime movies saveable.
3118 <a name="FILTER-FUN"></a>
3120 <table border="0" bgcolor="#E0E0E0" width="90%">
3123 <pre class="SCREEN">
3124 +filter{fun} # Text replacements for subversive browsing fun!
3131 <a name="FILTER-CRUDE-PARENTAL"></a>
3133 <table border="0" bgcolor="#E0E0E0" width="90%">
3136 <pre class="SCREEN">
3137 +filter{crude-parental} # Crude parental filtering. Note that this filter doesn't work reliably.
3144 <a name="FILTER-IE-EXPLOITS"></a>
3146 <table border="0" bgcolor="#E0E0E0" width="90%">
3149 <pre class="SCREEN">
3150 +filter{ie-exploits} # Disable some known Internet Explorer bug exploits.
3157 <a name="FILTER-SITE-SPECIFICS"></a>
3159 <table border="0" bgcolor="#E0E0E0" width="90%">
3162 <pre class="SCREEN">
3163 +filter{site-specifics} # Cure for site-specific problems. Don't apply generally!
3170 <a name="FILTER-NO-PING"></a>
3172 <table border="0" bgcolor="#E0E0E0" width="90%">
3175 <pre class="SCREEN">
3176 +filter{no-ping} # Removes non-standard ping attributes in <a> and <area> tags.
3183 <a name="FILTER-GOOGLE"></a>
3185 <table border="0" bgcolor="#E0E0E0" width="90%">
3188 <pre class="SCREEN">
3189 +filter{google} # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.
3196 <a name="FILTER-YAHOO"></a>
3198 <table border="0" bgcolor="#E0E0E0" width="90%">
3201 <pre class="SCREEN">
3202 +filter{yahoo} # CSS-based block for Yahoo text ads. Also removes a width limitation.
3209 <a name="FILTER-MSN"></a>
3211 <table border="0" bgcolor="#E0E0E0" width="90%">
3214 <pre class="SCREEN">
3215 +filter{msn} # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.
3222 <a name="FILTER-BLOGSPOT"></a>
3224 <table border="0" bgcolor="#E0E0E0" width="90%">
3227 <pre class="SCREEN">
3228 +filter{blogspot} # Cleans up some Blogspot blogs. Read the fine print before using this.
3239 <a name="FORCE-TEXT-MODE">8.5.17. force-text-mode</a>
3241 <div class="VARIABLELIST">
3248 Force <span class="APPLICATION">Privoxy</span> to treat a
3249 document as if it was in some kind of <span class=
3250 "emphasis"><i class="EMPHASIS">text</i></span> format.
3258 Declares a document as text, even if the <span class=
3259 "QUOTE">"Content-Type:"</span> isn't detected as such.
3283 As explained <tt class="LITERAL"><a href=
3284 "actions-file.html#FILTER">above</a></tt>, <span class=
3285 "APPLICATION">Privoxy</span> tries to only filter files
3286 that are in some kind of text format. The same restrictions
3287 apply to <tt class="LITERAL"><a href=
3288 "actions-file.html#CONTENT-TYPE-OVERWRITE">content-type-overwrite</a></tt>.
3289 <tt class="LITERAL">force-text-mode</tt> declares a
3290 document as text, without looking at the <span class=
3291 "QUOTE">"Content-Type:"</span> first.
3293 <div class="WARNING">
3294 <table class="WARNING" border="1" width="90%">
3303 Think twice before activating this action.
3304 Filtering binary data with regular expressions can
3318 <table border="0" bgcolor="#E0E0E0" width="90%">
3321 <pre class="SCREEN">
3334 <a name="FORWARD-OVERRIDE">8.5.18. forward-override</a>
3336 <div class="VARIABLELIST">
3343 Change the forwarding settings based on User-Agent or
3352 Overrules the forward directives in the configuration file.
3370 <span class="QUOTE">"forward ."</span> to use a direct
3371 connection without any additional proxies.
3376 <span class="QUOTE">"forward 127.0.0.1:8123"</span> to
3377 use the HTTP proxy listening at 127.0.0.1 port 8123.
3382 <span class="QUOTE">"forward-socks4a 127.0.0.1:9050
3383 ."</span> to use the socks4a proxy listening at
3384 127.0.0.1 port 9050. Replace <span class=
3385 "QUOTE">"forward-socks4a"</span> with <span class=
3386 "QUOTE">"forward-socks4"</span> to use a socks4
3387 connection (with local DNS resolution) instead, use
3388 <span class="QUOTE">"forward-socks5"</span> for socks5
3389 connections (with remote DNS resolution).
3394 <span class="QUOTE">"forward-socks4a 127.0.0.1:9050
3395 proxy.example.org:8000"</span> to use the socks4a proxy
3396 listening at 127.0.0.1 port 9050 to reach the HTTP
3397 proxy listening at proxy.example.org port 8000. Replace
3398 <span class="QUOTE">"forward-socks4a"</span> with <span
3399 class="QUOTE">"forward-socks4"</span> to use a socks4
3400 connection (with local DNS resolution) instead, use
3401 <span class="QUOTE">"forward-socks5"</span> for socks5
3402 connections (with remote DNS resolution).
3407 <span class="QUOTE">"forward-webserver
3408 127.0.0.1:80"</span> to use the HTTP server listening
3409 at 127.0.0.1 port 80 without adjusting the request
3413 This makes it more convenient to use Privoxy to make
3414 existing websites available as onion services as well.
3417 Many websites serve content with hardcoded URLs and
3418 can't be easily adjusted to change the domain based on
3419 the one used by the client.
3422 Putting Privoxy between Tor and the webserver (or an
3423 stunnel that forwards to the webserver) allows to
3424 rewrite headers and content to make client and server
3425 happy at the same time.
3428 Using Privoxy for webservers that are only reachable
3429 through onion addresses and whose location is supposed
3430 to be secret is not recommended and should not be
3441 This action takes parameters similar to the <a href=
3442 "config.html#FORWARDING">forward</a> directives in the
3443 configuration file, but without the URL pattern. It can be
3444 used as replacement, but normally it's only used in cases
3445 where matching based on the request URL isn't sufficient.
3447 <div class="WARNING">
3448 <table class="WARNING" border="1" width="90%">
3457 Please read the description for the <a href=
3458 "config.html#FORWARDING">forward</a> directives
3459 before using this action. Forwarding to the wrong
3460 people will reduce your privacy and increase the
3461 chances of man-in-the-middle attacks.
3464 If the ports are missing or invalid, default values
3465 will be used. This might change in the future and
3466 you shouldn't rely on it. Otherwise incorrect
3467 syntax causes Privoxy to exit. Due to design
3468 limitations, invalid parameter syntax isn't
3469 detected until the action is used the first time.
3473 "http://config.privoxy.org/show-url-info" target=
3474 "_top">show-url-info CGI page</a> to verify that
3475 your forward settings do what you thought the do.
3488 <table border="0" bgcolor="#E0E0E0" width="90%">
3491 <pre class="SCREEN">
3492 # Use an ssh tunnel for requests previously tagged as
3493 # <span class="QUOTE">"User-Agent: fetch libfetch/2.0"</span> and make sure
3494 # resuming downloads continues to work.
3496 # This way you can continue to use Tor for your normal browsing,
3497 # without overloading the Tor network with your FreeBSD ports updates
3498 # or downloads of bigger files like ISOs.
3500 # Note that HTTP headers are easy to fake and therefore their
3501 # values are as (un)trustworthy as your clients and users.
3502 {+forward-override{forward-socks5 10.0.0.2:2222 .} \
3503 -hide-if-modified-since \
3504 -overwrite-last-modified \
3506 TAG:^User-Agent: fetch libfetch/2\.0$
3518 <a name="HANDLE-AS-EMPTY-DOCUMENT">8.5.19.
3519 handle-as-empty-document</a>
3521 <div class="VARIABLELIST">
3528 Mark URLs that should be replaced by empty documents <span
3529 class="emphasis"><i class="EMPHASIS">if they get
3538 This action alone doesn't do anything noticeable. It just
3539 marks URLs. If the <tt class="LITERAL"><a href=
3540 "actions-file.html#BLOCK">block</a></tt> action <span
3541 class="emphasis"><i class="EMPHASIS">also
3542 applies</i></span>, the presence or absence of this mark
3543 decides whether an HTML <span class=
3544 "QUOTE">"BLOCKED"</span> page, or an empty document will be
3545 sent to the client as a substitute for the blocked content.
3546 The <span class="emphasis"><i class=
3547 "EMPHASIS">empty</i></span> document isn't literally empty,
3548 but actually contains a single space.
3572 Some browsers complain about syntax errors if JavaScript
3573 documents are blocked with <span class=
3574 "APPLICATION">Privoxy's</span> default HTML page; this
3575 option can be used to silence them. And of course this
3576 action can also be used to eliminate the <span class=
3577 "APPLICATION">Privoxy</span> BLOCKED message in frames.
3580 The content type for the empty document can be specified
3581 with <tt class="LITERAL"><a href=
3582 "actions-file.html#CONTENT-TYPE-OVERWRITE">content-type-overwrite{}</a></tt>,
3583 but usually this isn't necessary.
3592 <table border="0" bgcolor="#E0E0E0" width="90%">
3595 <pre class="SCREEN">
3596 # Block all documents on example.org that end with ".js",
3597 # but send an empty document instead of the usual HTML message.
3598 {+block{Blocked JavaScript} +handle-as-empty-document}
3611 <a name="HANDLE-AS-IMAGE">8.5.20. handle-as-image</a>
3613 <div class="VARIABLELIST">
3620 Mark URLs as belonging to images (so they'll be replaced by
3621 images <span class="emphasis"><i class="EMPHASIS">if they
3622 do get blocked</i></span>, rather than HTML pages)
3630 This action alone doesn't do anything noticeable. It just
3631 marks URLs as images. If the <tt class="LITERAL"><a href=
3632 "actions-file.html#BLOCK">block</a></tt> action <span
3633 class="emphasis"><i class="EMPHASIS">also
3634 applies</i></span>, the presence or absence of this mark
3635 decides whether an HTML <span class=
3636 "QUOTE">"blocked"</span> page, or a replacement image (as
3637 determined by the <tt class="LITERAL"><a href=
3638 "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a></tt>
3639 action) will be sent to the client as a substitute for the
3664 The below generic example section is actually part of <tt
3665 class="FILENAME">default.action</tt>. It marks all URLs
3666 with well-known image file name extensions as images and
3667 should be left intact.
3670 Users will probably only want to use the handle-as-image
3671 action in conjunction with <tt class="LITERAL"><a href=
3672 "actions-file.html#BLOCK">block</a></tt>, to block sources
3673 of banners, whose URLs don't reflect the file type, like in
3674 the second example section.
3677 Note that you cannot treat HTML pages as images in most
3678 cases. For instance, (in-line) ad frames require an HTML
3679 page to be sent, or they won't display properly. Forcing
3680 <tt class="LITERAL">handle-as-image</tt> in this situation
3681 will not replace the ad frame with an image, but lead to
3686 Example usage (sections):
3691 <table border="0" bgcolor="#E0E0E0" width="90%">
3694 <pre class="SCREEN">
3695 # Generic image extensions:
3698 /.*\.(gif|jpg|jpeg|png|bmp|ico)$
3700 # These don't look like images, but they're banners and should be
3701 # blocked as images:
3703 {+block{Nasty banners.} +handle-as-image}
3704 nasty-banner-server.example.com/junk.cgi\?output=trash
3715 <a name="HIDE-ACCEPT-LANGUAGE">8.5.21. hide-accept-language</a>
3717 <div class="VARIABLELIST">
3724 Pretend to use different language settings.
3732 Deletes or replaces the <span class=
3733 "QUOTE">"Accept-Language:"</span> HTTP header in client
3750 Keyword: <span class="QUOTE">"block"</span>, or any user
3759 Faking the browser's language settings can be useful to
3760 make a foreign User-Agent set with <tt class="LITERAL"><a
3762 "actions-file.html#HIDE-USER-AGENT">hide-user-agent</a></tt>
3766 However some sites with content in different languages
3767 check the <span class="QUOTE">"Accept-Language:"</span> to
3768 decide which one to take by default. Sometimes it isn't
3769 possible to later switch to another language without
3770 changing the <span class="QUOTE">"Accept-Language:"</span>
3774 Therefore it's a good idea to either only change the <span
3775 class="QUOTE">"Accept-Language:"</span> header to languages
3776 you understand, or to languages that aren't wide spread.
3779 Before setting the <span class=
3780 "QUOTE">"Accept-Language:"</span> header to a rare
3781 language, you should consider that it helps to make your
3782 requests unique and thus easier to trace. If you don't plan
3783 to change this header frequently, you should stick to a
3788 Example usage (section):
3793 <table border="0" bgcolor="#E0E0E0" width="90%">
3796 <pre class="SCREEN">
3797 # Pretend to use Canadian language settings.
3798 {+hide-accept-language{en-ca} \
3799 +hide-user-agent{Mozilla/5.0 (X11; U; OpenBSD i386; en-CA; rv:1.8.0.4) Gecko/20060628 Firefox/1.5.0.4} \
3812 <a name="HIDE-CONTENT-DISPOSITION">8.5.22.
3813 hide-content-disposition</a>
3815 <div class="VARIABLELIST">
3822 Prevent download menus for content you prefer to view
3831 Deletes or replaces the <span class=
3832 "QUOTE">"Content-Disposition:"</span> HTTP header set by
3849 Keyword: <span class="QUOTE">"block"</span>, or any user
3858 Some servers set the <span class=
3859 "QUOTE">"Content-Disposition:"</span> HTTP header for
3860 documents they assume you want to save locally before
3861 viewing them. The <span class=
3862 "QUOTE">"Content-Disposition:"</span> header contains the
3863 file name the browser is supposed to use by default.
3866 In most browsers that understand this header, it makes it
3867 impossible to <span class="emphasis"><i class=
3868 "EMPHASIS">just view</i></span> the document, without
3869 downloading it first, even if it's just a simple text file
3873 Removing the <span class=
3874 "QUOTE">"Content-Disposition:"</span> header helps to
3875 prevent this annoyance, but some browsers additionally
3876 check the <span class="QUOTE">"Content-Type:"</span>
3877 header, before they decide if they can display a document
3878 without saving it first. In these cases, you have to change
3879 this header as well, before the browser stops displaying
3883 It is also possible to change the server's file name
3884 suggestion to another one, but in most cases it isn't worth
3885 the time to set it up.
3888 This action will probably be removed in the future, use
3889 server-header filters instead.
3898 <table border="0" bgcolor="#E0E0E0" width="90%">
3901 <pre class="SCREEN">
3902 # Disarm the download link in Sourceforge's patch tracker
3904 +content-type-overwrite{text/plain}\
3905 +hide-content-disposition{block} }
3906 .sourceforge.net/tracker/download\.php
3917 <a name="HIDE-IF-MODIFIED-SINCE">8.5.23.
3918 hide-if-modified-since</a>
3920 <div class="VARIABLELIST">
3927 Prevent yet another way to track the user's steps between
3936 Deletes the <span class="QUOTE">"If-Modified-Since:"</span>
3937 HTTP client header or modifies its value.
3953 Keyword: <span class="QUOTE">"block"</span>, or a user
3954 defined value that specifies a range of hours.
3962 Removing this header is useful for filter testing, where
3963 you want to force a real reload instead of getting status
3964 code <span class="QUOTE">"304"</span>, which would cause
3965 the browser to use a cached copy of the page.
3968 Instead of removing the header, <tt class=
3969 "LITERAL">hide-if-modified-since</tt> can also add or
3970 subtract a random amount of time to/from the header's
3971 value. You specify a range of minutes where the random
3972 factor should be chosen from and <span class=
3973 "APPLICATION">Privoxy</span> does the rest. A negative
3974 value means subtracting, a positive value adding.
3977 Randomizing the value of the <span class=
3978 "QUOTE">"If-Modified-Since:"</span> makes it less likely
3979 that the server can use the time as a cookie replacement,
3980 but you will run into caching problems if the random range
3984 It is a good idea to only use a small negative value and
3985 let <tt class="LITERAL"><a href=
3986 "actions-file.html#OVERWRITE-LAST-MODIFIED">overwrite-last-modified</a></tt>
3987 handle the greater changes.
3990 It is also recommended to use this action together with <tt
3991 class="LITERAL"><a href=
3992 "actions-file.html#CRUNCH-IF-NONE-MATCH">crunch-if-none-match</a></tt>,
3993 otherwise it's more or less pointless.
3997 Example usage (section):
4002 <table border="0" bgcolor="#E0E0E0" width="90%">
4005 <pre class="SCREEN">
4006 # Let the browser revalidate but make tracking based on the time less likely.
4007 {+hide-if-modified-since{-60} \
4008 +overwrite-last-modified{randomize} \
4009 +crunch-if-none-match}
4021 <a name="HIDE-FROM-HEADER">8.5.24. hide-from-header</a>
4023 <div class="VARIABLELIST">
4030 Keep your (old and ill) browser from telling web servers
4039 Deletes any existing <span class="QUOTE">"From:"</span>
4040 HTTP header, or replaces it with the specified string.
4056 Keyword: <span class="QUOTE">"block"</span>, or any user
4065 The keyword <span class="QUOTE">"block"</span> will
4066 completely remove the header (not to be confused with the
4067 <tt class="LITERAL"><a href=
4068 "actions-file.html#BLOCK">block</a></tt> action).
4071 Alternately, you can specify any value you prefer to be
4072 sent to the web server. If you do, it is a matter of
4073 fairness not to use any address that is actually used by a
4077 This action is rarely needed, as modern web browsers don't
4078 send <span class="QUOTE">"From:"</span> headers anymore.
4087 <table border="0" bgcolor="#E0E0E0" width="90%">
4090 <pre class="SCREEN">
4091 +hide-from-header{block}
4097 <table border="0" bgcolor="#E0E0E0" width="90%">
4100 <pre class="SCREEN">
4101 +hide-from-header{spam-me-senseless@sittingduck.example.com}
4112 <a name="HIDE-REFERRER">8.5.25. hide-referrer</a>
4114 <a name="HIDE-REFERER"></a>
4115 <div class="VARIABLELIST">
4122 Conceal which link you followed to get to a particular site
4130 Deletes the <span class="QUOTE">"Referer:"</span> (sic)
4131 HTTP header from the client request, or replaces it with a
4150 <span class="QUOTE">"conditional-block"</span> to
4151 delete the header completely if the host has changed.
4156 <span class="QUOTE">"conditional-forge"</span> to forge
4157 the header if the host has changed.
4162 <span class="QUOTE">"block"</span> to delete the header
4168 <span class="QUOTE">"forge"</span> to pretend to be
4169 coming from the homepage of the server we are talking
4175 Any other string to set a user defined referrer.
4185 <tt class="LITERAL">conditional-block</tt> is the only
4186 parameter, that isn't easily detected in the server's log
4187 file. If it blocks the referrer, the request will look like
4188 the visitor used a bookmark or typed in the address
4192 Leaving the referrer unmodified for requests on the same
4193 host allows the server owner to see the visitor's <span
4194 class="QUOTE">"click path"</span>, but in most cases she
4195 could also get that information by comparing other parts of
4196 the log file: for example the User-Agent if it isn't a very
4197 common one, or the user's IP address if it doesn't change
4198 between different requests.
4201 Always blocking the referrer, or using a custom one, can
4202 lead to failures on servers that check the referrer before
4203 they answer any requests, in an attempt to prevent their
4204 content from being embedded or linked to elsewhere.
4207 Both <tt class="LITERAL">conditional-block</tt> and <tt
4208 class="LITERAL">forge</tt> will work with referrer checks,
4209 as long as content and valid referring page are on the same
4210 host. Most of the time that's the case.
4213 <tt class="LITERAL">hide-referer</tt> is an alternate
4214 spelling of <tt class="LITERAL">hide-referrer</tt> and the
4215 two can be can be freely substituted with each other.
4216 (<span class="QUOTE">"referrer"</span> is the correct
4217 English spelling, however the HTTP specification has a bug
4218 - it requires it to be spelled as <span class=
4219 "QUOTE">"referer"</span>.)
4228 <table border="0" bgcolor="#E0E0E0" width="90%">
4231 <pre class="SCREEN">
4232 +hide-referrer{forge}
4238 <table border="0" bgcolor="#E0E0E0" width="90%">
4241 <pre class="SCREEN">
4242 +hide-referrer{http://www.yahoo.com/}
4253 <a name="HIDE-USER-AGENT">8.5.26. hide-user-agent</a>
4255 <div class="VARIABLELIST">
4262 Try to conceal your type of browser and client operating
4271 Replaces the value of the <span class=
4272 "QUOTE">"User-Agent:"</span> HTTP header in client requests
4273 with the specified value.
4289 Any user-defined string.
4296 <div class="WARNING">
4297 <table class="WARNING" border="1" width="90%">
4306 This can lead to problems on web sites that depend
4307 on looking at this header in order to customize
4308 their content for different browsers (which, by the
4309 way, is <span class="emphasis"><i class=
4310 "EMPHASIS">NOT</i></span> the right thing to do:
4311 good web sites work browser-independently).
4318 Using this action in multi-user setups or wherever
4319 different types of browsers will access the same <span
4320 class="APPLICATION">Privoxy</span> is <span class=
4321 "emphasis"><i class="EMPHASIS">not recommended</i></span>.
4322 In single-user, single-browser setups, you might use it to
4323 delete your OS version information from the headers,
4324 because it is an invitation to exploit known bugs for your
4325 OS. It is also occasionally useful to forge this in order
4326 to access sites that won't let you in otherwise (though
4327 there may be a good reason in some cases).
4330 More information on known user-agent strings can be found
4331 at <a href="http://www.user-agents.org/" target=
4332 "_top">http://www.user-agents.org/</a> and <a href=
4333 "http://en.wikipedia.org/wiki/User_agent" target=
4334 "_top">http://en.wikipedia.org/wiki/User_agent</a>.
4343 <table border="0" bgcolor="#E0E0E0" width="90%">
4346 <pre class="SCREEN">
4347 +hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}
4358 <a name="LIMIT-CONNECT">8.5.27. limit-connect</a>
4360 <div class="VARIABLELIST">
4367 Prevent abuse of <span class="APPLICATION">Privoxy</span>
4368 as a TCP proxy relay or disable SSL for untrusted sites
4376 Specifies to which ports HTTP CONNECT requests are
4393 A comma-separated list of ports or port ranges (the latter
4394 using dashes, with the minimum defaulting to 0 and the
4403 By default, i.e. if no <tt class=
4404 "LITERAL">limit-connect</tt> action applies, <span class=
4405 "APPLICATION">Privoxy</span> allows HTTP CONNECT requests
4406 to all ports. Use <tt class="LITERAL">limit-connect</tt> if
4407 fine-grained control is desired for some or all
4411 The CONNECT methods exists in HTTP to allow access to
4412 secure websites (<span class="QUOTE">"https://"</span>
4413 URLs) through proxies. It works very simply: the proxy
4414 connects to the server on the specified port, and then
4415 short-circuits its connections to the client and to the
4416 remote server. This means CONNECT-enabled proxies can be
4417 used as TCP relays very easily.
4420 <span class="APPLICATION">Privoxy</span> relays HTTPS
4421 traffic without seeing the decoded content. Websites can
4422 leverage this limitation to circumvent <span class=
4423 "APPLICATION">Privoxy</span>'s filters. By specifying an
4424 invalid port range you can disable HTTPS entirely.
4433 <table border="0" bgcolor="#E0E0E0" width="90%">
4436 <pre class="SCREEN">
4437 +limit-connect{443} # Port 443 is OK.
4438 +limit-connect{80,443} # Ports 80 and 443 are OK.
4439 +limit-connect{-3, 7, 20-100, 500-} # Ports less than 3, 7, 20 to 100 and above 500 are OK.
4440 +limit-connect{-} # All ports are OK
4441 +limit-connect{,} # No HTTPS/SSL traffic is allowed
4452 <a name="LIMIT-COOKIE-LIFETIME">8.5.28. limit-cookie-lifetime</a>
4454 <div class="VARIABLELIST">
4461 Limit the lifetime of HTTP cookies to a couple of minutes
4470 Overwrites the expires field in Set-Cookie server headers
4471 if it's above the specified limit.
4487 The lifetime limit in minutes, or 0.
4495 This action reduces the lifetime of HTTP cookies coming
4496 from the server to the specified number of minutes,
4497 starting from the time the cookie passes Privoxy.
4500 Cookies with a lifetime below the limit are not modified.
4501 The lifetime of session cookies is set to the specified
4505 The effect of this action depends on the server.
4508 In case of servers which refresh their cookies with each
4509 response (or at least frequently), the lifetime limit set
4510 by this action is updated as well. Thus, a session
4511 associated with the cookie continues to work with this
4512 action enabled, as long as a new request is made before the
4513 last limit set is reached.
4516 However, some servers send their cookies once, with a
4517 lifetime of several years (the year 2037 is a popular
4518 choice), and do not refresh them until a certain event in
4519 the future, for example the user logging out. In this case
4520 this action may limit the absolute lifetime of the session,
4521 even if requests are made frequently.
4524 If the parameter is <span class="QUOTE">"0"</span>, this
4525 action behaves like <tt class="LITERAL"><a href=
4526 "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a></tt>.
4535 <table border="0" bgcolor="#E0E0E0" width="90%">
4538 <pre class="SCREEN">
4539 +limit-cookie-lifetime{60}
4551 <a name="PREVENT-COMPRESSION">8.5.29. prevent-compression</a>
4553 <div class="VARIABLELIST">
4560 Ensure that servers send the content uncompressed, so it
4561 can be passed through <tt class="LITERAL"><a href=
4562 "actions-file.html#FILTER">filter</a></tt>s.
4570 Removes the Accept-Encoding header which can be used to ask
4571 for compressed transfer.
4595 More and more websites send their content compressed by
4596 default, which is generally a good idea and saves
4597 bandwidth. But the <tt class="LITERAL"><a href=
4598 "actions-file.html#FILTER">filter</a></tt> and <tt class=
4600 "actions-file.html#DEANIMATE-GIFS">deanimate-gifs</a></tt>
4601 actions need access to the uncompressed data.
4604 When compiled with zlib support (available since <span
4605 class="APPLICATION">Privoxy</span> 3.0.7), content that
4606 should be filtered is decompressed on-the-fly and you don't
4607 have to worry about this action. If you are using an older
4608 <span class="APPLICATION">Privoxy</span> version, or one
4609 that hasn't been compiled with zlib support, this action
4610 can be used to convince the server to send the content
4614 Most text-based instances compress very well, the size is
4615 seldom decreased by less than 50%, for markup-heavy
4616 instances like news feeds saving more than 90% of the
4617 original size isn't unusual.
4620 Not using compression will therefore slow down the
4621 transfer, and you should only enable this action if you
4622 really need it. As of <span class=
4623 "APPLICATION">Privoxy</span> 3.0.7 it's disabled in all
4624 predefined action settings.
4627 Note that some (rare) ill-configured sites don't handle
4628 requests for uncompressed documents correctly. Broken PHP
4629 applications tend to send an empty document body, some IIS
4630 versions only send the beginning of the content. If you
4631 enable <tt class="LITERAL">prevent-compression</tt> per
4632 default, you might want to add exceptions for those sites.
4633 See the example for how to do that.
4637 Example usage (sections):
4642 <table border="0" bgcolor="#E0E0E0" width="90%">
4645 <pre class="SCREEN">
4646 # Selectively turn off compression, and enable a filter
4648 { +filter{tiny-textforms} +prevent-compression }
4649 # Match only these sites
4654 # Or instead, we could set a universal default:
4656 { +prevent-compression }
4659 # Then maybe make exceptions for broken sites:
4661 { -prevent-compression }
4673 <a name="OVERWRITE-LAST-MODIFIED">8.5.30.
4674 overwrite-last-modified</a>
4676 <div class="VARIABLELIST">
4683 Prevent yet another way to track the user's steps between
4692 Deletes the <span class="QUOTE">"Last-Modified:"</span>
4693 HTTP server header or modifies its value.
4709 One of the keywords: <span class="QUOTE">"block"</span>,
4710 <span class="QUOTE">"reset-to-request-time"</span> and
4711 <span class="QUOTE">"randomize"</span>
4719 Removing the <span class="QUOTE">"Last-Modified:"</span>
4720 header is useful for filter testing, where you want to
4721 force a real reload instead of getting status code <span
4722 class="QUOTE">"304"</span>, which would cause the browser
4723 to reuse the old version of the page.
4726 The <span class="QUOTE">"randomize"</span> option
4727 overwrites the value of the <span class=
4728 "QUOTE">"Last-Modified:"</span> header with a randomly
4729 chosen time between the original value and the current
4730 time. In theory the server could send each document with a
4731 different <span class="QUOTE">"Last-Modified:"</span>
4732 header to track visits without using cookies. <span class=
4733 "QUOTE">"Randomize"</span> makes it impossible and the
4734 browser can still revalidate cached documents.
4737 <span class="QUOTE">"reset-to-request-time"</span>
4738 overwrites the value of the <span class=
4739 "QUOTE">"Last-Modified:"</span> header with the current
4740 time. You could use this option together with <tt class=
4742 "actions-file.html#HIDE-IF-MODIFIED-SINCE">hide-if-modified-since</a></tt>
4743 to further customize your random range.
4746 The preferred parameter here is <span class=
4747 "QUOTE">"randomize"</span>. It is safe to use, as long as
4748 the time settings are more or less correct. If the server
4749 sets the <span class="QUOTE">"Last-Modified:"</span> header
4750 to the time of the request, the random range becomes zero
4751 and the value stays the same. Therefore you should later
4752 randomize it a second time with <tt class="LITERAL"><a
4754 "actions-file.html#HIDE-IF-MODIFIED-SINCE">hided-if-modified-since</a></tt>,
4758 It is also recommended to use this action together with <tt
4759 class="LITERAL"><a href=
4760 "actions-file.html#CRUNCH-IF-NONE-MATCH">crunch-if-none-match</a></tt>.
4769 <table border="0" bgcolor="#E0E0E0" width="90%">
4772 <pre class="SCREEN">
4773 # Let the browser revalidate without being tracked across sessions
4774 { +hide-if-modified-since{-60} \
4775 +overwrite-last-modified{randomize} \
4776 +crunch-if-none-match}
4788 <a name="REDIRECT">8.5.31. redirect</a>
4790 <div class="VARIABLELIST">
4797 Redirect requests to other sites.
4805 Convinces the browser that the requested document has been
4806 moved to another location and the browser should get it
4823 An absolute URL or a single pcrs command.
4831 Requests to which this action applies are answered with a
4832 HTTP redirect to URLs of your choosing. The new URL is
4833 either provided as parameter, or derived by applying a
4834 single pcrs command to the original URL.
4837 The syntax for pcrs commands is documented in the <a href=
4838 "filter-file.html">filter file</a> section.
4841 Requests can't be blocked and redirected at the same time,
4842 applying this action together with <tt class="LITERAL"><a
4843 href="actions-file.html#BLOCK">block</a></tt> is a
4844 configuration error. Currently the request is blocked and
4845 an error message logged, the behavior may change in the
4846 future and result in Privoxy rejecting the action file.
4849 This action can be combined with <tt class="LITERAL"><a
4851 "actions-file.html#FAST-REDIRECTS">fast-redirects{check-decoded-url}</a></tt>
4852 to redirect to a decoded version of a rewritten URL.
4855 Use this action carefully, make sure not to create
4856 redirection loops and be aware that using your own
4857 redirects might make it possible to fingerprint your
4861 In case of problems with your redirects, or simply to watch
4862 them working, enable <a href="config.html#DEBUG">debug
4872 <table border="0" bgcolor="#E0E0E0" width="90%">
4875 <pre class="SCREEN">
4876 # Replace example.com's style sheet with another one
4877 { +redirect{http://localhost/css-replacements/example.com.css} }
4878 example.com/stylesheet\.css
4880 # Create a short, easy to remember nickname for a favorite site
4881 # (relies on the browser to accept and forward invalid URLs to <span class=
4882 "APPLICATION">Privoxy</span>)
4883 { +redirect{https://www.privoxy.org/user-manual/actions-file.html} }
4886 # Always use the expanded view for Undeadly.org articles
4887 # (Note the $ at the end of the URL pattern to make sure
4888 # the request for the rewritten URL isn't redirected as well)
4889 {+redirect{s@$@&mode=expanded@}}
4890 undeadly.org/cgi\?action=article&sid=\d*$
4892 # Redirect Google search requests to MSN
4893 {+redirect{s@^http://[^/]*/search\?q=([^&]*).*@http://search.msn.com/results.aspx?q=$1@}}
4896 # Redirect MSN search requests to Yahoo
4897 {+redirect{s@^http://[^/]*/results\.aspx\?q=([^&]*).*@http://search.yahoo.com/search?p=$1@}}
4898 search.msn.com//results\.aspx\?q=
4900 # Redirect http://example.com/&bla=fasel&toChange=foo (and any other value but "bar")
4901 # to http://example.com/&bla=fasel&toChange=bar
4903 # The URL pattern makes sure that the following request isn't redirected again.
4904 {+redirect{s@toChange=[^&]+@toChange=bar@}}
4905 example.com/.*toChange=(?!bar)
4907 # Add a shortcut to look up illumos bugs
4908 {+redirect{s@^http://i([0-9]+)/.*@https://www.illumos.org/issues/$1@}}
4909 # Redirected URL = http://i4974/
4910 # Redirect Destination = https://www.illumos.org/issues/4974
4911 i[0-9][0-9][0-9][0-9]*/
4913 # Redirect remote requests for this manual
4914 # to the local version delivered by Privoxy
4915 {+redirect{s@^http://www@http://config@}}
4916 www.privoxy.org/user-manual/
4927 <a name="SERVER-HEADER-FILTER">8.5.32. server-header-filter</a>
4929 <div class="VARIABLELIST">
4936 Rewrite or remove single server headers.
4944 All server headers to which this action applies are
4945 filtered on-the-fly through the specified regular
4946 expression based substitutions.
4962 The name of a server-header filter, as defined in one of
4963 the <a href="filter-file.html">filter files</a>.
4971 Server-header filters are applied to each header on its
4972 own, not to all at once. This makes it easier to diagnose
4973 problems, but on the downside you can't write filters that
4974 only change header x if header y's value is z. You can do
4975 that by using tags though.
4978 Server-header filters are executed after the other header
4979 actions have finished and use their output as input.
4982 Please refer to the <a href="filter-file.html">filter file
4983 chapter</a> to learn which server-header filters are
4984 available by default, and how to create your own.
4988 Example usage (section):
4993 <table border="0" bgcolor="#E0E0E0" width="90%">
4996 <pre class="SCREEN">
4997 {+server-header-filter{html-to-xml}}
4998 example.org/xml-instance-that-is-delivered-as-html
5000 {+server-header-filter{xml-to-html}}
5001 example.org/instance-that-is-delivered-as-xml-but-is-not
5013 <a name="SERVER-HEADER-TAGGER">8.5.33. server-header-tagger</a>
5015 <div class="VARIABLELIST">
5022 Enable or disable filters based on the Content-Type header.
5030 Server headers to which this action applies are filtered
5031 on-the-fly through the specified regular expression based
5032 substitutions, the result is used as tag.
5048 The name of a server-header tagger, as defined in one of
5049 the <a href="filter-file.html">filter files</a>.
5057 Server-header taggers are applied to each header on its
5058 own, and as the header isn't modified, each tagger <span
5059 class="QUOTE">"sees"</span> the original.
5062 Server-header taggers are executed before all other header
5063 actions that modify server headers. Their tags can be used
5064 to control all of the other server-header actions, the
5065 content filters and the crunch actions (<a href=
5066 "actions-file.html#REDIRECT">redirect</a> and <a href=
5067 "actions-file.html#BLOCK">block</a>).
5070 Obviously crunching based on tags created by server-header
5071 taggers doesn't prevent the request from showing up in the
5076 Example usage (section):
5081 <table border="0" bgcolor="#E0E0E0" width="90%">
5084 <pre class="SCREEN">
5085 # Tag every request with the content type declared by the server
5086 {+server-header-tagger{content-type}}
5089 # If the response has a tag starting with 'image/' enable an external
5090 # filter that only applies to images.
5092 # Note that the filter is not available by default, it's just a
5093 # <tt class="LITERAL"><a href=
5094 "filter-file.html#EXTERNAL-FILTER-SYNTAX">silly example</a></tt>.
5095 {+external-filter{rotate-image} +force-text-mode}
5108 <a name="SESSION-COOKIES-ONLY">8.5.34. session-cookies-only</a>
5110 <div class="VARIABLELIST">
5117 Allow only temporary <span class="QUOTE">"session"</span>
5118 cookies (for the current browser session <span class=
5119 "emphasis"><i class="EMPHASIS">only</i></span>).
5127 Deletes the <span class="QUOTE">"expires"</span> field from
5128 <span class="QUOTE">"Set-Cookie:"</span> server headers.
5129 Most browsers will not store such cookies permanently and
5130 forget them in between sessions.
5154 This is less strict than <tt class="LITERAL"><a href=
5155 "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a></tt>
5156 / <tt class="LITERAL"><a href=
5157 "actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a></tt>
5158 and allows you to browse websites that insist or rely on
5159 setting cookies, without compromising your privacy too
5163 Most browsers will not permanently store cookies that have
5164 been processed by <tt class=
5165 "LITERAL">session-cookies-only</tt> and will forget about
5166 them between sessions. This makes profiling cookies
5167 useless, but won't break sites which require cookies so
5168 that you can log in for transactions. This is generally
5169 turned on for all sites, and is the recommended setting.
5172 It makes <span class="emphasis"><i class="EMPHASIS">no
5173 sense at all</i></span> to use <tt class=
5174 "LITERAL">session-cookies-only</tt> together with <tt
5175 class="LITERAL"><a href=
5176 "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a></tt>
5177 or <tt class="LITERAL"><a href=
5178 "actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a></tt>.
5179 If you do, cookies will be plainly killed.
5182 Note that it is up to the browser how it handles such
5183 cookies without an <span class="QUOTE">"expires"</span>
5184 field. If you use an exotic browser, you might want to try
5188 This setting also has no effect on cookies that may have
5189 been stored previously by the browser before starting <span
5190 class="APPLICATION">Privoxy</span>. These would have to be
5194 <span class="APPLICATION">Privoxy</span> also uses the <a
5196 "actions-file.html#FILTER-CONTENT-COOKIES">content-cookies
5197 filter</a> to block some types of cookies. Content cookies
5198 are not effected by <tt class=
5199 "LITERAL">session-cookies-only</tt>.
5208 <table border="0" bgcolor="#E0E0E0" width="90%">
5211 <pre class="SCREEN">
5212 +session-cookies-only
5223 <a name="SET-IMAGE-BLOCKER">8.5.35. set-image-blocker</a>
5225 <div class="VARIABLELIST">
5232 Choose the replacement for blocked images
5240 This action alone doesn't do anything noticeable. If <span
5241 class="emphasis"><i class="EMPHASIS">both</i></span> <tt
5242 class="LITERAL"><a href=
5243 "actions-file.html#BLOCK">block</a></tt> <span class=
5244 "emphasis"><i class="EMPHASIS">and</i></span> <tt class=
5246 "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt>
5247 <span class="emphasis"><i class="EMPHASIS">also</i></span>
5248 apply, i.e. if the request is to be blocked as an image,
5249 <span class="emphasis"><i class="EMPHASIS">then</i></span>
5250 the parameter of this action decides what will be sent as a
5269 <span class="QUOTE">"pattern"</span> to send a built-in
5270 checkerboard pattern image. The image is visually
5271 decent, scales very well, and makes it obvious where
5272 banners were busted.
5277 <span class="QUOTE">"blank"</span> to send a built-in
5278 transparent image. This makes banners disappear
5279 completely, but makes it hard to detect where <span
5280 class="APPLICATION">Privoxy</span> has blocked images
5281 on a given page and complicates troubleshooting if
5282 <span class="APPLICATION">Privoxy</span> has blocked
5283 innocent images, like navigation icons.
5288 <span class="QUOTE">"<tt class=
5289 "REPLACEABLE"><i>target-url</i></tt>"</span> to send a
5290 redirect to <tt class=
5291 "REPLACEABLE"><i>target-url</i></tt>. You can redirect
5292 to any image anywhere, even in your local filesystem
5293 via <span class="QUOTE">"file:///"</span> URL. (But
5294 note that not all browsers support redirecting to a
5298 A good application of redirects is to use special <span
5299 class="APPLICATION">Privoxy</span>-built-in URLs, which
5300 send the built-in images, as <tt class=
5301 "REPLACEABLE"><i>target-url</i></tt>. This has the same
5302 visual effect as specifying <span class=
5303 "QUOTE">"blank"</span> or <span class=
5304 "QUOTE">"pattern"</span> in the first place, but
5305 enables your browser to cache the replacement image,
5306 instead of requesting it over and over again.
5316 The URLs for the built-in images are <span class=
5317 "QUOTE">"http://config.privoxy.org/send-banner?type=<tt
5318 class="REPLACEABLE"><i>type</i></tt>"</span>, where <tt
5319 class="REPLACEABLE"><i>type</i></tt> is either <span class=
5320 "QUOTE">"blank"</span> or <span class=
5321 "QUOTE">"pattern"</span>.
5324 There is a third (advanced) type, called <span class=
5325 "QUOTE">"auto"</span>. It is <span class="emphasis"><i
5326 class="EMPHASIS">NOT</i></span> to be used in <tt class=
5327 "LITERAL">set-image-blocker</tt>, but meant for use from <a
5328 href="filter-file.html">filters</a>. Auto will select the
5329 type of image that would have applied to the referring
5330 page, had it been an image.
5342 <table border="0" bgcolor="#E0E0E0" width="90%">
5345 <pre class="SCREEN">
5346 +set-image-blocker{pattern}
5353 Redirect to the BSD daemon:
5357 <table border="0" bgcolor="#E0E0E0" width="90%">
5360 <pre class="SCREEN">
5361 +set-image-blocker{http://www.freebsd.org/gifs/dae_up3.gif}
5368 Redirect to the built-in pattern for better caching:
5372 <table border="0" bgcolor="#E0E0E0" width="90%">
5375 <pre class="SCREEN">
5376 +set-image-blocker{http://config.privoxy.org/send-banner?type=pattern}
5387 <a name="SUMMARY">8.5.36. Summary</a>
5390 Note that many of these actions have the potential to cause a
5391 page to misbehave, possibly even not to display at all. There are
5392 many ways a site designer may choose to design his site, and what
5393 HTTP header content, and other criteria, he may depend on. There
5394 is no way to have hard and fast rules for all sites. See the <a
5395 href="appendix.html#ACTIONSANAT">Appendix</a> for a brief example
5396 on troubleshooting actions.
5402 <a name="ALIASES">8.6. Aliases</a>
5405 Custom <span class="QUOTE">"actions"</span>, known to <span class=
5406 "APPLICATION">Privoxy</span> as <span class=
5407 "QUOTE">"aliases"</span>, can be defined by combining other
5408 actions. These can in turn be invoked just like the built-in
5409 actions. Currently, an alias name can contain any character except
5410 space, tab, <span class="QUOTE">"="</span>, <span class=
5411 "QUOTE">"{"</span> and <span class="QUOTE">"}"</span>, but we <span
5412 class="emphasis"><i class="EMPHASIS">strongly recommend</i></span>
5413 that you only use <span class="QUOTE">"a"</span> to <span class=
5414 "QUOTE">"z"</span>, <span class="QUOTE">"0"</span> to <span class=
5415 "QUOTE">"9"</span>, <span class="QUOTE">"+"</span>, and <span
5416 class="QUOTE">"-"</span>. Alias names are not case sensitive, and
5417 are not required to start with a <span class="QUOTE">"+"</span> or
5418 <span class="QUOTE">"-"</span> sign, since they are merely
5422 Aliases can be used throughout the actions file, but they <span
5423 class="emphasis"><i class="EMPHASIS">must be defined in a special
5424 section at the top of the file!</i></span> And there can only be
5425 one such section per actions file. Each actions file may have its
5426 own alias section, and the aliases defined in it are only visible
5430 There are two main reasons to use aliases: One is to save typing
5431 for frequently used combinations of actions, the other one is a
5432 gain in flexibility: If you decide once how you want to handle
5433 shops by defining an alias called <span class=
5434 "QUOTE">"shop"</span>, you can later change your policy on shops in
5435 <span class="emphasis"><i class="EMPHASIS">one</i></span> place,
5436 and your changes will take effect everywhere in the actions file
5437 where the <span class="QUOTE">"shop"</span> alias is used. Calling
5438 aliases by their purpose also makes your actions files more
5442 Currently, there is one big drawback to using aliases, though:
5443 <span class="APPLICATION">Privoxy</span>'s built-in web-based
5444 action file editor honors aliases when reading the actions files,
5445 but it expands them before writing. So the effects of your aliases
5446 are of course preserved, but the aliases themselves are lost when
5447 you edit sections that use aliases with it.
5450 Now let's define some aliases...
5454 <table border="0" bgcolor="#E0E0E0" width="100%">
5457 <pre class="SCREEN">
5458 # Useful custom aliases we can use later.
5460 # Note the (required!) section header line and that this section
5461 # must be at the top of the actions file!
5465 # These aliases just save typing later:
5466 # (Note that some already use other aliases!)
5468 +crunch-all-cookies = +<a href=
5469 "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a> +<a
5470 href="actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a>
5471 -crunch-all-cookies = -<a href=
5472 "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a> -<a
5473 href="actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a>
5474 +block-as-image = +block{Blocked image.} +handle-as-image
5475 allow-all-cookies = -crunch-all-cookies -<a href=
5476 "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a> -<a href=
5477 "actions-file.html#FILTER-CONTENT-COOKIES">filter{content-cookies}</a>
5479 # These aliases define combinations of actions
5480 # that are useful for certain types of sites:
5482 fragile = -<a href="actions-file.html#BLOCK">block</a> -<a href=
5483 "actions-file.html#FILTER">filter</a> -crunch-all-cookies -<a href=
5484 "actions-file.html#FAST-REDIRECTS">fast-redirects</a> -<a href=
5485 "actions-file.html#HIDE-REFERER">hide-referrer</a> -<a href=
5486 "actions-file.html#PREVENT-COMPRESSION">prevent-compression</a>
5488 shop = -crunch-all-cookies -<a href=
5489 "actions-file.html#FILTER-ALL-POPUPS">filter{all-popups}</a>
5491 # Short names for other aliases, for really lazy people ;-)
5493 c0 = +crunch-all-cookies
5494 c1 = -crunch-all-cookies
5501 ...and put them to use. These sections would appear in the lower
5502 part of an actions file and define exceptions to the default
5503 actions (as specified further up for the <span class=
5504 "QUOTE">"/"</span> pattern):
5508 <table border="0" bgcolor="#E0E0E0" width="100%">
5511 <pre class="SCREEN">
5512 # These sites are either very complex or very keen on
5513 # user data and require minimal interference to work:
5516 .office.microsoft.com
5517 .windowsupdate.microsoft.com
5518 # Gmail is really mail.google.com, not gmail.com
5522 # Allow cookies (for setting and retrieving your customer data)
5526 .worldpay.com # for quietpc.com
5529 # These shops require pop-ups:
5531 {-filter{all-popups} -filter{unsolicited-popups}}
5540 Aliases like <span class="QUOTE">"shop"</span> and <span class=
5541 "QUOTE">"fragile"</span> are typically used for <span class=
5542 "QUOTE">"problem"</span> sites that require more than one action to
5543 be disabled in order to function properly.
5548 <a name="ACT-EXAMPLES">8.7. Actions Files Tutorial</a>
5551 The above chapters have shown <a href="actions-file.html">which
5552 actions files there are and how they are organized</a>, how actions
5553 are <a href="actions-file.html#ACTIONS">specified</a> and <a href=
5554 "actions-file.html#ACTIONS-APPLY">applied to URLs</a>, how <a href=
5555 "actions-file.html#AF-PATTERNS">patterns</a> work, and how to
5556 define and use <a href="actions-file.html#ALIASES">aliases</a>.
5557 Now, let's look at an example <tt class=
5558 "FILENAME">match-all.action</tt>, <tt class=
5559 "FILENAME">default.action</tt> and <tt class=
5560 "FILENAME">user.action</tt> file and see how all these pieces come
5565 <a name="MATCH-ALL">8.7.1. match-all.action</a>
5568 Remember <span class="emphasis"><i class="EMPHASIS">all actions
5569 are disabled when matching starts</i></span>, so we have to
5570 explicitly enable the ones we want.
5573 While the <tt class="FILENAME">match-all.action</tt> file only
5574 contains a single section, it is probably the most important one.
5575 It has only one pattern, <span class="QUOTE">"<tt class=
5576 "LITERAL">/</tt>"</span>, but this pattern <a href=
5577 "actions-file.html#AF-PATTERNS">matches all URLs</a>. Therefore,
5578 the set of actions used in this <span class=
5579 "QUOTE">"default"</span> section <span class="emphasis"><i class=
5580 "EMPHASIS">will be applied to all requests as a start</i></span>.
5581 It can be partly or wholly overridden by other actions files like
5582 <tt class="FILENAME">default.action</tt> and <tt class=
5583 "FILENAME">user.action</tt>, but it will still be largely
5584 responsible for your overall browsing experience.
5587 Again, at the start of matching, all actions are disabled, so
5588 there is no need to disable any actions here. (Remember: a <span
5589 class="QUOTE">"+"</span> preceding the action name enables the
5590 action, a <span class="QUOTE">"-"</span> disables!). Also note
5591 how this long line has been made more readable by splitting it
5592 into multiple lines with line continuation.
5596 <table border="0" bgcolor="#E0E0E0" width="100%">
5599 <pre class="SCREEN">
5602 "actions-file.html#CHANGE-X-FORWARDED-FOR">change-x-forwarded-for{block}</a> \
5603 +<a href="actions-file.html#HIDE-FROM-HEADER">hide-from-header{block}</a> \
5605 "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker{pattern}</a> \
5614 The default behavior is now set.
5619 <a name="DEFAULT-ACTION">8.7.2. default.action</a>
5622 If you aren't a developer, there's no need for you to edit the
5623 <tt class="FILENAME">default.action</tt> file. It is maintained
5624 by the <span class="APPLICATION">Privoxy</span> developers and if
5625 you disagree with some of the sections, you should overrule them
5626 in your <tt class="FILENAME">user.action</tt>.
5629 Understanding the <tt class="FILENAME">default.action</tt> file
5630 can help you with your <tt class="FILENAME">user.action</tt>,
5634 The first section in this file is a special section for internal
5635 use that prevents older <span class="APPLICATION">Privoxy</span>
5636 versions from reading the file:
5640 <table border="0" bgcolor="#E0E0E0" width="100%">
5643 <pre class="SCREEN">
5644 ##########################################################################
5645 # Settings -- Don't change! For internal Privoxy use ONLY.
5646 ##########################################################################
5648 for-privoxy-version=3.0.11
5655 After that comes the (optional) alias section. We'll use the
5656 example section from the above <a href=
5657 "actions-file.html#ALIASES">chapter on aliases</a>, that also
5658 explains why and how aliases are used:
5662 <table border="0" bgcolor="#E0E0E0" width="100%">
5665 <pre class="SCREEN">
5666 ##########################################################################
5668 ##########################################################################
5671 # These aliases just save typing later:
5672 # (Note that some already use other aliases!)
5674 +crunch-all-cookies = +<a href=
5675 "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a> +<a
5676 href="actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a>
5677 -crunch-all-cookies = -<a href=
5678 "actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a> -<a
5679 href="actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a>
5680 +block-as-image = +block{Blocked image.} +handle-as-image
5681 mercy-for-cookies = -crunch-all-cookies -<a href=
5682 "actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</a> -<a href=
5683 "actions-file.html#FILTER-CONTENT-COOKIES">filter{content-cookies}</a>
5685 # These aliases define combinations of actions
5686 # that are useful for certain types of sites:
5688 fragile = -<a href="actions-file.html#BLOCK">block</a> -<a href=
5689 "actions-file.html#FILTER">filter</a> -crunch-all-cookies -<a href=
5690 "actions-file.html#FAST-REDIRECTS">fast-redirects</a> -<a href=
5691 "actions-file.html#HIDE-REFERER">hide-referrer</a>
5692 shop = -crunch-all-cookies -<a href=
5693 "actions-file.html#FILTER-ALL-POPUPS">filter{all-popups}</a>
5700 The first of our specialized sections is concerned with <span
5701 class="QUOTE">"fragile"</span> sites, i.e. sites that require
5702 minimum interference, because they are either very complex or
5703 very keen on tracking you (and have mechanisms in place that make
5704 them unusable for people who avoid being tracked). We will simply
5705 use our pre-defined <tt class="LITERAL">fragile</tt> alias
5706 instead of stating the list of actions explicitly:
5710 <table border="0" bgcolor="#E0E0E0" width="100%">
5713 <pre class="SCREEN">
5714 ##########################################################################
5715 # Exceptions for sites that'll break under the default action set:
5716 ##########################################################################
5718 # "Fragile" Use a minimum set of actions for these sites (see alias above):
5721 .office.microsoft.com # surprise, surprise!
5722 .windowsupdate.microsoft.com
5730 Shopping sites are not as fragile, but they typically require
5731 cookies to log in, and pop-up windows for shopping carts or item
5732 details. Again, we'll use a pre-defined alias:
5736 <table border="0" bgcolor="#E0E0E0" width="100%">
5739 <pre class="SCREEN">
5744 .worldpay.com # for quietpc.com
5753 The <tt class="LITERAL"><a href=
5754 "actions-file.html#FAST-REDIRECTS">fast-redirects</a></tt>
5755 action, which may have been enabled in <tt class=
5756 "FILENAME">match-all.action</tt>, breaks some sites. So disable
5757 it for popular sites where we know it misbehaves:
5761 <table border="0" bgcolor="#E0E0E0" width="100%">
5764 <pre class="SCREEN">
5765 { -<a href="actions-file.html#FAST-REDIRECTS">fast-redirects</a> }
5769 .altavista.com/.*(like|url|link):http
5770 .altavista.com/trans.*urltext=http
5778 It is important that <span class="APPLICATION">Privoxy</span>
5779 knows which URLs belong to images, so that <span class=
5780 "emphasis"><i class="EMPHASIS">if</i></span> they are to be
5781 blocked, a substitute image can be sent, rather than an HTML
5782 page. Contacting the remote site to find out is not an option,
5783 since it would destroy the loading time advantage of banner
5784 blocking, and it would feed the advertisers information about
5785 you. We can mark any URL as an image with the <tt class=
5787 "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt>
5788 action, and marking all URLs that end in a known image file
5789 extension is a good start:
5793 <table border="0" bgcolor="#E0E0E0" width="100%">
5796 <pre class="SCREEN">
5797 ##########################################################################
5799 ##########################################################################
5801 # Define which file types will be treated as images, in case they get
5802 # blocked further down this file:
5804 { +<a href="actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a> }
5805 /.*\.(gif|jpe?g|png|bmp|ico)$
5812 And then there are known banner sources. They often use scripts
5813 to generate the banners, so it won't be visible from the URL that
5814 the request is for an image. Hence we block them <span class=
5815 "emphasis"><i class="EMPHASIS">and</i></span> mark them as images
5816 in one go, with the help of our <tt class=
5817 "LITERAL">+block-as-image</tt> alias defined above. (We could of
5818 course just as well use <tt class="LITERAL">+<a href=
5819 "actions-file.html#BLOCK">block</a> +<a href=
5820 "actions-file.html#HANDLE-AS-IMAGE">handle-as-image</a></tt>
5821 here.) Remember that the type of the replacement image is chosen
5822 by the <tt class="LITERAL"><a href=
5823 "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a></tt>
5824 action. Since all URLs have matched the default section with its
5825 <tt class="LITERAL">+<a href=
5826 "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker</a>{pattern}</tt>
5827 action before, it still applies and needn't be repeated:
5831 <table border="0" bgcolor="#E0E0E0" width="100%">
5834 <pre class="SCREEN">
5835 # Known ad generators:
5840 .ad.*.doubleclick.net
5841 .a.yimg.com/(?:(?!/i/).)*$
5842 .a[0-9].yimg.com/(?:(?!/i/).)*$
5851 One of the most important jobs of <span class=
5852 "APPLICATION">Privoxy</span> is to block banners. Many of these
5853 can be <span class="QUOTE">"blocked"</span> by the <tt class=
5855 "actions-file.html#FILTER">filter</a>{banners-by-size}</tt>
5856 action, which we enabled above, and which deletes the references
5857 to banner images from the pages while they are loaded, so the
5858 browser doesn't request them anymore, and hence they don't need
5859 to be blocked here. But this naturally doesn't catch all banners,
5860 and some people choose not to use filters, so we need a
5861 comprehensive list of patterns for banner URLs here, and apply
5862 the <tt class="LITERAL"><a href=
5863 "actions-file.html#BLOCK">block</a></tt> action to them.
5866 First comes many generic patterns, which do most of the work, by
5867 matching typical domain and path name components of banners. Then
5868 comes a list of individual patterns for specific sites, which is
5869 omitted here to keep the example short:
5873 <table border="0" bgcolor="#E0E0E0" width="100%">
5876 <pre class="SCREEN">
5877 ##########################################################################
5878 # Block these fine banners:
5879 ##########################################################################
5880 { <a href="actions-file.html#BLOCK">+block{Banner ads.}</a> }
5888 /.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?)
5889 /(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/
5891 # Site-specific patterns (abbreviated):
5900 It's quite remarkable how many advertisers actually call their
5901 banner servers ads.<tt class=
5902 "REPLACEABLE"><i>company</i></tt>.com, or call the directory in
5903 which the banners are stored simply <span class=
5904 "QUOTE">"banners"</span>. So the above generic patterns are
5905 surprisingly effective.
5908 But being very generic, they necessarily also catch URLs that we
5909 don't want to block. The pattern <tt class="LITERAL">.*ads.</tt>
5910 e.g. catches <span class="QUOTE">"nasty-<span class="emphasis"><i
5911 class="EMPHASIS">ads</i></span>.nasty-corp.com"</span> as
5912 intended, but also <span class="QUOTE">"downlo<span class=
5913 "emphasis"><i class=
5914 "EMPHASIS">ads</i></span>.sourcefroge.net"</span> or <span class=
5915 "QUOTE">"<span class="emphasis"><i class=
5916 "EMPHASIS">ads</i></span>l.some-provider.net."</span> So here
5917 come some well-known exceptions to the <tt class="LITERAL">+<a
5918 href="actions-file.html#BLOCK">block</a></tt> section above.
5921 Note that these are exceptions to exceptions from the default!
5922 Consider the URL <span class=
5923 "QUOTE">"downloads.sourcefroge.net"</span>: Initially, all
5924 actions are deactivated, so it wouldn't get blocked. Then comes
5925 the defaults section, which matches the URL, but just deactivates
5926 the <tt class="LITERAL"><a href=
5927 "actions-file.html#BLOCK">block</a></tt> action once again. Then
5928 it matches <tt class="LITERAL">.*ads.</tt>, an exception to the
5929 general non-blocking policy, and suddenly <tt class="LITERAL"><a
5930 href="actions-file.html#BLOCK">+block</a></tt> applies. And now,
5931 it'll match <tt class="LITERAL">.*loads.</tt>, where <tt class=
5932 "LITERAL"><a href="actions-file.html#BLOCK">-block</a></tt>
5933 applies, so (unless it matches <span class="emphasis"><i class=
5934 "EMPHASIS">again</i></span> further down) it ends up with no <tt
5935 class="LITERAL"><a href="actions-file.html#BLOCK">block</a></tt>
5940 <table border="0" bgcolor="#E0E0E0" width="100%">
5943 <pre class="SCREEN">
5944 ##########################################################################
5945 # Save some innocent victims of the above generic block patterns:
5946 ##########################################################################
5950 { -<a href="actions-file.html#BLOCK">block</a> }
5951 adv[io]*. # (for advogato.org and advice.*)
5952 adsl. # (has nothing to do with ads)
5953 adobe. # (has nothing to do with ads either)
5954 ad[ud]*. # (adult.* and add.*)
5955 .edu # (universities don't host banners (yet!))
5956 .*loads. # (downloads, uploads etc)
5964 www.globalintersec.com/adv # (adv = advanced)
5965 www.ugu.com/sui/ugu/adv
5972 Filtering source code can have nasty side effects, so make an
5973 exception for our friends at sourceforge.net, and all paths with
5974 <span class="QUOTE">"cvs"</span> in them. Note that <tt class=
5975 "LITERAL">-<a href="actions-file.html#FILTER">filter</a></tt>
5976 disables <span class="emphasis"><i class=
5977 "EMPHASIS">all</i></span> filters in one fell swoop!
5981 <table border="0" bgcolor="#E0E0E0" width="100%">
5984 <pre class="SCREEN">
5985 # Don't filter code!
5987 { -<a href="actions-file.html#FILTER">filter</a> }
5999 The actual <tt class="FILENAME">default.action</tt> is of course
6000 much more comprehensive, but we hope this example made clear how
6006 <a name="USER-ACTION">8.7.3. user.action</a>
6009 So far we are painting with a broad brush by setting general
6010 policies, which would be a reasonable starting point for many
6011 people. Now, you might want to be more specific and have
6012 customized rules that are more suitable to your personal habits
6013 and preferences. These would be for narrowly defined situations
6014 like your ISP or your bank, and should be placed in <tt class=
6015 "FILENAME">user.action</tt>, which is parsed after all other
6016 actions files and hence has the last word, over-riding any
6017 previously defined actions. <tt class="FILENAME">user.action</tt>
6018 is also a <span class="emphasis"><i class=
6019 "EMPHASIS">safe</i></span> place for your personal settings,
6020 since <tt class="FILENAME">default.action</tt> is actively
6021 maintained by the <span class="APPLICATION">Privoxy</span>
6022 developers and you'll probably want to install updated versions
6026 So let's look at a few examples of things that one might
6027 typically do in <tt class="FILENAME">user.action</tt>:
6031 <table border="0" bgcolor="#E0E0E0" width="100%">
6034 <pre class="SCREEN">
6035 # My user.action file. <fred@example.com>
6042 As <a href="actions-file.html#ALIASES">aliases</a> are local to
6043 the actions file that they are defined in, you can't use the ones
6044 from <tt class="FILENAME">default.action</tt>, unless you repeat
6049 <table border="0" bgcolor="#E0E0E0" width="100%">
6052 <pre class="SCREEN">
6053 # Aliases are local to the file they are defined in.
6054 # (Re-)define aliases for this file:
6058 # These aliases just save typing later, and the alias names should
6059 # be self explanatory.
6061 +crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
6062 -crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
6063 allow-all-cookies = -crunch-all-cookies -session-cookies-only
6064 allow-popups = -filter{all-popups}
6065 +block-as-image = +block{Blocked as image.} +handle-as-image
6066 -block-as-image = -block
6068 # These aliases define combinations of actions that are useful for
6069 # certain types of sites:
6071 fragile = -block -crunch-all-cookies -filter -fast-redirects -hide-referrer
6072 shop = -crunch-all-cookies allow-popups
6074 # Allow ads for selected useful free sites:
6076 allow-ads = -block -filter{banners-by-size} -filter{banners-by-link}
6078 # Alias for specific file types that are text, but might have conflicting
6079 # MIME types. We want the browser to force these to be text documents.
6080 handle-as-text = -<a href="actions-file.html#FILTER">filter</a> +-<a href=
6081 "actions-file.html#CONTENT-TYPE-OVERWRITE">content-type-overwrite{text/plain}</a> +-<a
6082 href="actions-file.html#FORCE-TEXT-MODE">force-text-mode</a> -<a href=
6083 "actions-file.html#HIDE-CONTENT-DISPOSITION">hide-content-disposition</a>
6091 Say you have accounts on some sites that you visit regularly, and
6092 you don't want to have to log in manually each time. So you'd
6093 like to allow persistent cookies for these sites. The <tt class=
6094 "LITERAL">allow-all-cookies</tt> alias defined above does exactly
6095 that, i.e. it disables crunching of cookies in any direction, and
6096 the processing of cookies to make them only temporary.
6100 <table border="0" bgcolor="#E0E0E0" width="100%">
6103 <pre class="SCREEN">
6104 { allow-all-cookies }
6115 Your bank is allergic to some filter, but you don't know which,
6116 so you disable them all:
6120 <table border="0" bgcolor="#E0E0E0" width="100%">
6123 <pre class="SCREEN">
6124 { -<a href="actions-file.html#FILTER">filter</a> }
6125 .your-home-banking-site.com
6132 Some file types you may not want to filter for various reasons:
6136 <table border="0" bgcolor="#E0E0E0" width="100%">
6139 <pre class="SCREEN">
6140 # Technical documentation is likely to contain strings that might
6141 # erroneously get altered by the JavaScript-oriented filters:
6146 # And this stupid host sends streaming video with a wrong MIME type,
6147 # so that Privoxy thinks it is getting HTML and starts filtering:
6149 stupid-server.example.com/
6156 Example of a simple <a href="actions-file.html#BLOCK">block</a>
6157 action. Say you've seen an ad on your favourite page on
6158 example.com that you want to get rid of. You have right-clicked
6159 the image, selected <span class="QUOTE">"copy image
6160 location"</span> and pasted the URL below while removing the
6161 leading http://, into a <tt class="LITERAL">{ +block{} }</tt>
6162 section. Note that <tt class="LITERAL">{ +handle-as-image }</tt>
6163 need not be specified, since all URLs ending in <tt class=
6164 "LITERAL">.gif</tt> will be tagged as images by the general rules
6165 as set in default.action anyway:
6169 <table border="0" bgcolor="#E0E0E0" width="100%">
6172 <pre class="SCREEN">
6173 { +<a href="actions-file.html#BLOCK">block</a>{Nasty ads.} }
6174 www.example.com/nasty-ads/sponsor\.gif
6175 another.example.net/more/junk/here/
6182 The URLs of dynamically generated banners, especially from large
6183 banner farms, often don't use the well-known image file name
6184 extensions, which makes it impossible for <span class=
6185 "APPLICATION">Privoxy</span> to guess the file type just by
6186 looking at the URL. You can use the <tt class=
6187 "LITERAL">+block-as-image</tt> alias defined above for these
6188 cases. Note that objects which match this rule but then turn out
6189 NOT to be an image are typically rendered as a <span class=
6190 "QUOTE">"broken image"</span> icon by the browser. Use
6195 <table border="0" bgcolor="#E0E0E0" width="100%">
6198 <pre class="SCREEN">
6210 Now you noticed that the default configuration breaks Forbes
6211 Magazine, but you were too lazy to find out which action is the
6212 culprit, and you were again too lazy to give <a href=
6213 "contact.html">feedback</a>, so you just used the <tt class=
6214 "LITERAL">fragile</tt> alias on the site, and -- <span class=
6215 "emphasis"><i class="EMPHASIS">whoa!</i></span> -- it worked. The
6216 <tt class="LITERAL">fragile</tt> aliases disables those actions
6217 that are most likely to break a site. Also, good for testing
6218 purposes to see if it is <span class="APPLICATION">Privoxy</span>
6219 that is causing the problem or not. We later find other regular
6220 sites that misbehave, and add those to our personalized list of
6223 <table border="0" bgcolor="#E0E0E0" width="100%">
6226 <pre class="SCREEN">
6237 You like the <span class="QUOTE">"fun"</span> text replacements
6238 in <tt class="FILENAME">default.filter</tt>, but it is disabled
6239 in the distributed actions file. So you'd like to turn it on in
6240 your private, update-safe config, once and for all:
6242 <table border="0" bgcolor="#E0E0E0" width="100%">
6245 <pre class="SCREEN">
6246 { +<a href="actions-file.html#FILTER-FUN">filter{fun}</a> }
6254 Note that the above is not really a good idea: There are
6255 exceptions to the filters in <tt class=
6256 "FILENAME">default.action</tt> for things that really shouldn't
6257 be filtered, like code on CVS->Web interfaces. Since <tt
6258 class="FILENAME">user.action</tt> has the last word, these
6259 exceptions won't be valid for the <span class=
6260 "QUOTE">"fun"</span> filtering specified here.
6263 You might also worry about how your favourite free websites are
6264 funded, and find that they rely on displaying banner
6265 advertisements to survive. So you might want to specifically
6266 allow banners for those sites that you feel provide value to you:
6268 <table border="0" bgcolor="#E0E0E0" width="100%">
6271 <pre class="SCREEN">
6282 Note that <tt class="LITERAL">allow-ads</tt> has been aliased to
6283 <tt class="LITERAL">-<a href=
6284 "actions-file.html#BLOCK">block</a></tt>, <tt class="LITERAL">-<a
6286 "actions-file.html#FILTER-BANNERS-BY-SIZE">filter{banners-by-size}</a></tt>,
6287 and <tt class="LITERAL">-<a href=
6288 "actions-file.html#FILTER-BANNERS-BY-LINK">filter{banners-by-link}</a></tt>
6292 Invoke another alias here to force an over-ride of the MIME type
6293 <tt class="LITERAL">application/x-sh</tt> which typically would
6294 open a download type dialog. In my case, I want to look at the
6295 shell script, and then I can save it should I choose to.
6297 <table border="0" bgcolor="#E0E0E0" width="100%">
6300 <pre class="SCREEN">
6309 <tt class="FILENAME">user.action</tt> is generally the best place
6310 to define exceptions and additions to the default policies of <tt
6311 class="FILENAME">default.action</tt>. Some actions are safe to
6312 have their default policies set here though. So let's set a
6313 default policy to have a <span class="QUOTE">"blank"</span> image
6314 as opposed to the checkerboard pattern for <span class=
6315 "emphasis"><i class="EMPHASIS">ALL</i></span> sites. <span class=
6316 "QUOTE">"/"</span> of course matches all URL paths and patterns:
6318 <table border="0" bgcolor="#E0E0E0" width="100%">
6321 <pre class="SCREEN">
6323 "actions-file.html#SET-IMAGE-BLOCKER">set-image-blocker{blank}</a> }
6332 <div class="NAVFOOTER">
6333 <hr align="LEFT" width="100%">
6334 <table summary="Footer navigation table" width="100%" border="0"
6335 cellpadding="0" cellspacing="0">
6337 <td width="33%" align="left" valign="top">
6338 <a href="config.html" accesskey="P">Prev</a>
6340 <td width="34%" align="center" valign="top">
6341 <a href="index.html" accesskey="H">Home</a>
6343 <td width="33%" align="right" valign="top">
6344 <a href="filter-file.html" accesskey="N">Next</a>
6348 <td width="33%" align="left" valign="top">
6349 The Main Configuration File
6351 <td width="34%" align="center" valign="top">
6354 <td width="33%" align="right" valign="top">
projects / privoxy.git / blob