From 84a6d458b85203e8cc651d7a360b2bf18e458e9f Mon Sep 17 00:00:00 2001
From: Fabian Keil
If you are new to reporting problems, you might be interested in - How to Report Bugs Effectively.
-The appendix of the Privoxy User Manual also has diff --git a/doc/webserver/developer-manual/copyright.html b/doc/webserver/developer-manual/copyright.html index 39c52582..f6d39e60 100644 --- a/doc/webserver/developer-manual/copyright.html +++ b/doc/webserver/developer-manual/copyright.html @@ -63,7 +63,7 @@ body { "CITETITLE">GNU General Public License.
Privoxy is free software; you can
redistribute it and/or modify it under the terms of the
A long time ago, there was the Privoxy
Developers $Id: developer-manual.sgml,v 2.36 2011/09/04
- 11:10:12 fabiankeil Exp $ $Id: developer-manual.sgml,v 2.37 2011/11/13
+ 17:03:54 fabiankeil Exp $ If you are new to reporting problems, you might be interested in
- How to Report Bugs Effectively. The appendix of the Privoxy User Manual also has
diff --git a/doc/webserver/faq/copyright.html b/doc/webserver/faq/copyright.html
index 5e0eec56..69a87cc8 100644
--- a/doc/webserver/faq/copyright.html
+++ b/doc/webserver/faq/copyright.html
@@ -68,7 +68,7 @@ body {
"APPLICATION">Privoxy. Privoxy is free software; you can
redistribute it and/or modify it under the terms of the
A long time ago, there was the Privoxy
Developers $Id: faq.sgml,v 2.81 2011/09/04 11:10:12 fabiankeil
+ $Id: faq.sgml,v 2.84 2011/11/13 17:03:54 fabiankeil
Exp $ Table 1. Default Configurations Note that some actions, like
@@ -355,7 +355,7 @@ body {
The easiest way to edit the actions files is with a browser by using
@@ -544,7 +544,7 @@ body {
The matching of the domain part offers some flexible options: if
@@ -650,7 +650,7 @@ body {
Privoxy uses
Note that many of these actions have the potential to cause a page
@@ -4374,7 +4374,7 @@ example.org/instance-that-is-delivered-as-xml-but-is-not
together: Remember all actions are
@@ -4422,7 +4422,7 @@ example.org/instance-that-is-delivered-as-xml-but-is-not
If you aren't a developer, there's no need for you to edit the
@@ -4765,7 +4765,7 @@ wiki.
So far we are painting with a broad brush by setting general
diff --git a/doc/webserver/user-manual/appendix.html b/doc/webserver/user-manual/appendix.html
index 45b706d0..734285d8 100644
--- a/doc/webserver/user-manual/appendix.html
+++ b/doc/webserver/user-manual/appendix.html
@@ -305,7 +305,7 @@ body {
Since Privoxy proxies each
@@ -325,7 +325,7 @@ body {
Privoxy main page: Privoxy main page:
Show information about the current configuration, including
- viewing and editing of actions files:
Show the source code version numbers: Show the source code version numbers:
Show the browser's request headers: Show the browser's request headers:
Show which actions apply to a URL and why: Show which actions apply to a URL and why: "off", "Privoxy" continues to run, but only as a
pass-through proxy, with no actions taking place: Short cuts. Turn off, then on: Short cuts. Turn off, then on:
Privoxy's user interface can be
@@ -77,8 +77,8 @@ body {
- If you are new to reporting problems, you might be interested in
- How to Report Bugs Effectively. The appendix of the Privoxy User Manual also has
diff --git a/doc/webserver/user-manual/copyright.html b/doc/webserver/user-manual/copyright.html
index 4d0ed29a..1ef372af 100644
--- a/doc/webserver/user-manual/copyright.html
+++ b/doc/webserver/user-manual/copyright.html
@@ -64,7 +64,7 @@ body {
"CITETITLE">GNU General Public License. Privoxy is free software; you can
redistribute it and/or modify it under the terms of the
Clifford Caoile Now, let's complete our "foo" content
diff --git a/doc/webserver/user-manual/index.html b/doc/webserver/user-manual/index.html
index 1dd8cc37..deb2429c 100644
--- a/doc/webserver/user-manual/index.html
+++ b/doc/webserver/user-manual/index.html
@@ -36,7 +36,7 @@ body {
2001-2011 by Privoxy
Developers $Id: user-manual.sgml,v 2.136 2011/10/14 16:53:10
+ $Id: user-manual.sgml,v 2.139 2011/11/18 16:49:29
fabiankeil Exp $ Figure 1. Actions Files in Use Figure 2. Proxy Configuration Showing Mozilla/Netscape
HTTP and HTTPS (SSL) Settings Figure 3. Proxy Configuration Showing Internet Explorer
HTTP and HTTPS (Secure) Settings Fix a logic bug that could cause Privoxy to reuse a tainted
- server socket. It could happen for server sockets that got
- tainted by a server-header-tagger-induced block, in which case
- Privoxy doesn't necessarily read the whole server response. If
- keep-alive was enabled and the request following the blocked one
- was to the same host and using the same forwarding settings,
- Privoxy would send it on the tainted server socket. While the
- server would simply treat it as a pipelined request, Privoxy
- would later on fail to properly parse the server's response as it
- would try to parse the unread data from the first response as
- server headers for the second one. Regression introduced in
- 3.0.17. Fix a logic bug that could cause Privoxy to reuse a server
+ socket after it got tainted by a server-header-tagger-induced
+ block that was triggered before the whole server response had
+ been read. If keep-alive was enabled and the request following
+ the blocked one was to the same host and using the same
+ forwarding settings, Privoxy would send it on the tainted server
+ socket. While the server would simply treat it as a pipelined
+ request, Privoxy would later on fail to properly parse the
+ server's response as it would try to parse the unread data from
+ the first response as server headers for the second one.
+ Regression introduced in 3.0.17. When implying keep-alive in client_connection(), remember that
- the client didn't Fixes a regression introduced in 3.0.13 that
+ the client didn't. Fixes a regression introduced in 3.0.13 that
would cause Privoxy to wait for additional client requests after
receiving a HTTP/1.1 request with "Connection: close" set and
- connection sharing enabled. With clients like curl which
- terminates the client connection after detecting that the whole
- body has been received it doesn't really matter, but with clients
- like FreeBSD's fetch the client connection would be kept open
- until it timed out. Disable filters if SDCH compression is used unless filtering
+ is forced. If SDCH was combined with a supported compression
+ algorithm, Privoxy previously could try to decompress it and
+ ditch the Content-Encoding header even though the SDCH
+ compression wasn't dealt with. Reported by zebul666 in
+ #3225863. Make a copy of the --user value and only mess with that when
+ splitting user and group. On some operating systems modifying the
+ value directly is reflected in the output of ps and friends and
+ can be misleading. Reported by zepard in #3292710. If forwarded-connect-retries is set, only retry if Privoxy is
+ actually forwarding the request. Previously direct connections
+ would be retried as well. Fixed a small memory leak when retrying connections with IPv6
+ support enabled. Remove an incorrect assertion in
+ compile_dynamic_pcrs_job_list() It could be triggered by a pcrs
+ job with an invalid pcre pattern (for example one that contains a
+ lone quantifier). If the --user argument user[.group] contains a dot, always
+ bail out if no group has been specified. Previously the intended,
+ but undocumented (and apparently untested), behaviour was to try
+ interpreting the whole argument as user name, but the detection
+ was flawed and checked for '0' instead of '\0', thus merely
+ preventing group names beginning with a zero. In html_code_map[], use a numeric character reference instead
+ of ' which wasn't standardized before XHTML 1.0. Fix an invalid free when compiled with
+ FEATURE_GRACEFUL_TERMINATION and shut down through
+ http://config.privoxy.org/die In get_actions(), fix the "temporary" backwards compatibility
+ hack to accept block actions without reason. It also covered
+ other actions that should be rejected as invalid. Reported by
+ Billy Crook. The +fast-redirects{check-decoded-url} action checks URL
segments separately. If there are other parameters behind the
- redirect URL, this makes it unnecessary to cut them of by
+ redirect URL, this makes it unnecessary to cut them off by
additionally using a +redirect{} pcrs command. Initial patch
submitted by Jamie Zawinski in #3429848. Properly deal with FEATURE_TOGGLE being disabled When loading action sections, verify that the referenced
+ filters exist. Currently missing filters only result in an error
+ message, but eventually the severity will be upgraded to
+ fatal. Allow to bind to multiple separate addresses. Patch set
+ submitted by Petr Pisar in #3354485. Set socket_error to errno if connecting fails in
+ rfc2553_connect_to() Previously rejected direct connections could
+ be incorrectly reported as DNS issues if Privoxy was compiled
+ with IPv6 support. Adjust url_code_map[] so spaces are replaced with %20 instead
of '+' While '+' can be used by client's submitting form data,
this is not actually what Privoxy is using the lookups for. This
- is more of a cosmetic issue and doesn't fix any actual problems
- I'm aware of. When loading action sections, verify that the referenced
- filters exist Currently missing filters only result in an error
- message, but eventually the severity will be upgraded to
- fatal. Fixed bind failures with certain GNU libc versions if no
+ non-loopback IP address has been configured on the system. This
+ is mainly an issue if the system is using DHCP and Privoxy is
+ started before the network is completely configured. Reported by
+ Raphael Marichez in #3349356. Additional insight from Petr
+ Pisar. Allow to bind to multiple separate addresses. Patch set
- submitted by Petr Pisar in #3354485. Privoxy log messages now use the ISO 8601 date format
+ %Y-%m-%d. It's only slightly longer than the old format, but
+ contains the full date including the year and allows sorting by
+ date (when grepping in multiple log files) without hassle. Set socket_error to errno if connecting fails in
- rfc2553_connect_to() Previously rejected direct connections could
- be incorrectly reported as DNS issues. In get_last_url(), do not bother trying to decode URLs that do
+ not contain at least one '%' sign. It reduces the log noise and a
+ number of unnecessary memory allocations. Fixed bind failures with certain GNU libc versions if no
- non-loopback IP address has been configured on the system. This
- is mainly an issue if the system is using DHCP and Privoxy is
- started before the network is completely configured. Reported by
- Raphael Marichez in #3349356. Additional insight from Petr
- Pisar. In case of SOCKS5 failures, dump the socks response in the log
+ message. Disable filters if SDCH compression is used unless filtering
- is forced. If SDCH was combined with a supported compression
- algorithm, we'd previously try to decompress it, when successful
- apply the enabled filters and ditch the Content-Encoding header
- even though the SDCH compression wasn't removed. Reported by
- zebul666 in #3225863. Simplify the signal setup in main() Privoxy log messages now use the ISO 8601 date format
- %Y-%m-%d. It's only slightly longer than the old format, but
- contains the full date including the year and allows sorting by
- date (when grepping in multiple log files) without hassle. Streamline socks5_connect() slightly Make a copy of the --user value and only mess with that when
- splitting user and group. On some operating systems modifying the
- value directly is reflected in the output of ps and friends and
- can be misleading. Reported by zepard in #3292710. In socks5_connect(), require a complete socks response from
+ the server Previously Privoxy didn't care how much data the
+ server response contained as long as the first two bytes
+ contained the expected values. While at it, shrink the buffer
+ size so Privoxy can't read more than a whole socks response. If forwarded-connect-retries is set, only retry if the we are
- actually forwarding the request. Previously direct connections
- would be retried as well. In chat(), do not bother to generate a client request in case
+ of direct CONNECT requests. It will not be used anyway. Fixed a small memory leak when retrying connection Reduce server_last_modified()'s stack size. Remove an incorrect assertion in
- compile_dynamic_pcrs_job_list() It could be triggered by a pcrs
- job with an invalid pcre pattern (for example one that contains a
- lone quantifier). Shorten get_http_time() by using strftime(). Constify the known_http_methods pointers in
+ unknown_method(). Constify the time_formats pointers in parse_header_time(). Constify the formerly_valid_actions pointers in
+ action_used_to_be_valid(). Introduce a GNUMakefile MAN_PAGE variable that defaults to
+ privoxy.1. The Debian package uses section 8 for the man page and
+ this should simplify the patch. Deduplicate the INADDR_NONE definition for Solaris by moving
+ it to jbsockets.h In block_url(), ditch the obsolete workaround for ancient
+ Netscape versions that supposedly couldn't properly deal with
+ status code 403. Remove a useless NULL pointer check in load_trustfile(). Remove two useless NULL pointer checks in
+ load_one_re_filterfile(). Change url_code_map[] from an array of pointers to an array of
+ arrays It removes an unnecessary layer of indirection and on
+ 64bit system reduces the size of the binary a bit. Fix various typos. Fixes taken from Debian's 29_typos.dpatch
+ by Roland Rosenfeld. Add a dok-tidy GNUMakefile target to clean up the messy HTML
+ generated by the other dok targets. GNUisms in the GNUMakefile have been removed. Change the HTTP version in static responses to 1.1 Synced config.sub and config.guess with upstream
+ 2011-11-11/386c7218162c145f5f9e1ff7f558a3fbb66c37c5. Add a dedicated function to parse the values of toggles.
+ Reduces duplicated code in load_config() and provides better
+ error handling. Invalid or missing toggle values are now a fatal
+ error instead of being silently ignored. Terminate HTML lines in static error messages with \n instead
+ of \r\n. Simplify cgi_error_unknown() a bit. In LogPutString(), don't bother looking at pszText when not
+ actually logging anything. Change ssplit()'s fourth parameter from int to size_t. Fixes a
+ clang complaint. Add a warning that the statistics currently can't be trusted.
+ Mention Privoxy-Log-Parser's --statistics option as an
+ alternative for the time being. In rfc2553_connect_to(), start setting cgi->error_message
+ on error Change the expected status code returned for http://p.p/die
+ depending on whether or not FEATURE_GRACEFUL_TERMINATION is
+ available. In cgi_die(), mark the client connection for closing. If the
+ client will fetch the style sheet through another connection it
+ gets the main thread out of the accept() state and should thus
+ trigger the actual shutdown. Add a proper CGI message for cgi_die(). Don't enforce a logical line length limit in
+ read_config_line() Slightly refactor server_last_modified() to remove useless
+ gmtime*() calls In get_content_type(), also recognize '.jpeg' as JPEG
+ extension Add '.png' to the list of recognized file extenstions in
+ get_content_type() In block_url(), consistently use the block reason "Request
+ blocked by Privoxy" In two places the reason was "Request for
+ blocked URL" which hides the fact that the request got blocked by
+ Privoxy and isn't necessarily correct as the block may be due to
+ tags. In listen_loop(), reload the configuration files after
+ accepting a new connection instead of before. Previously the
+ first connection that arrived after a configuration change would
+ still be handled with the old configuration. In chat()'s receive-data loop, skip a client socket check if
+ the socket will be written to right away anyway. This can
+ increase the transfer speed for unfiltered content on fast
+ network connections. The socket timeout is used for SOCKS negotiations as well
+ which previously couldn't timeout. Don't keep the client connection alive if any configuration
+ file changed since the time the connection came in. This is
+ closer to Privoxy's behaviour before keep-alive support for
+ client connection has been added and also less confusing in
+ general. Treat all Content-Type header values containing the pattern
+ 'script' as a sign of text. Reported by pribog in #3134970. Remove -prevent-compression from the fragile alias It's no
+ longer used anywhere by default and isn't known to break stuff
+ anyway. Add a (disabled) section to block various Facebook tracking
URLs Reported by Dan Stahlke in #3421764. Remove -prevent-compression from the fragile alias It's no
- longer used anywhere by default and isn't known to break stuff
- anyway. Unblock http://adassier.wordpress.com/ and
http://adassier.files.wordpress.com/ Let the msn filter hide overlay ads for Facebook 'likes' in
- search results. Let the msn filter hide elements with the id 's_notf_div'.
- They only seem to be used to advertise site 'enhancements'. Point out that the SourceForge messaging system works like a
- blackhole and should thus not be used Do not claim to listen on a socket until we actually do. Patch
- submitted by Petr Pisar #3354485 Do not claim to listen on a socket until Privoxy actually
+ does. Patch submitted by Petr Pisar #3354485 In rfc2553_connect_to(), explain getnameinfo() errors
- differently. Rephrase a log message in compile_dynamic_pcrs_job_list()
+ Rephrase a log message in compile_dynamic_pcrs_job_list().
Divide the error code and its meaning with a colon. Call the pcrs
job dynamic and not the filter. Filters may contain dynamic and
non-dynamic pcrs jobs at the same time. Only mention the name of
@@ -460,12 +703,12 @@ body {
In a fatal error message in load_one_actions_file(), cover
- both URL and TAG patterns In pcrs_strerror(), properly report unknown positive error
- code values as unknown. Previously they were handled like 0 (no
+ code values as such. Previously they were handled like 0 (no
error). In connection_destination_matches(), improve two log messages
- to help understand why the destinations don't match Miscellaneous Privoxy improvements: In get_last_url(), do not bother trying to decode URLs that do
- not contain at least one '%' sign. It reduces the log noise and a
- number of unnecessary memory allocations. If the --user argument user[.group] contains a dot, always
- bail out if no group has been specified. Previously the intended,
- but undocumented (and apparently untested), behaviour was to try
- interpreting the whole argument as user name, but the detection
- was flawed and checked for '0' isntead of '\0', thus merely
- preventing group names beginning with a zero. Simplify the signal setup in main() Streamline socks5_connect() slightly In case of SOCKS5 failures, dump the socks response In socks5_connect(), require a complete socks response from
- the server Previously we didn't care how much data the server
- response contained as long as the first two bytes contained the
- expected values. While at it, shrink the buffer size so we can't
- read more than a whole socks response. This is required to
- support Tor's optimistic data extension. In chat(), do not bother to generate a client request in case
- of direct CONNECT requests Reduce server_last_modified()'s stack size Shorten get_http_time() by using strftime() Constify the known_http_methods pointers in
- unknown_method() Constify the time_formats pointers in parse_header_time() Constify the formerly_valid_actions pointers in
- action_used_to_be_valid() In html_code_map[], use a numeric character reference instead
- of ' which wasn't standardized before XHTML 1.0 Introduce a MAN_PAGE variable that defaults to privoxy.1. The
- Debian package uses section 8 for the man page and this should
- simplify the patch. Deduplicate the INADDR_NONE definition for Solaris by moving
- it to jbsockets.h In block_url(), ditch the obsolete workaround for ancient
- Netscape versions that supposedly couldn't properly deal with
- status code 403. Remove a useless NULL pointer check in load_trustfile() Remove two useless NULL pointer checks in
- load_one_re_filterfile(). Change url_code_map[] from an array of pointers to an array of
- arrays It removes an unnecessary layer of indirection and on
- 64bit system reduces the size of the binary a bit. Fix various typos. Fixes taken from Debian's 29_typos.dpatch
- by Roland Rosenfeld. Add a dok-tidy GNUMakefile target to clean up the messy HTML
- generated by the other dok targets. GNUisms in the GNUMakefile have been removed. Change the HTTP version in static responses to 1.1 Synced config.sub and config.guess with upstream
- 2011-11-11/386c7218162c145f5f9e1ff7f558a3fbb66c37c5. Add a dedicated function to parse the values of toggles
- Reduces duplicated code in load_config() and provides better
- error handling. Invalid or missing toggle values are now a fatal
- error instead of being silently ignored. Terminate HTML lines in static error messages with \n instead
- of \r\n. Simplify cgi_error_unknown() a bit. In LogPutString(), don't bother looking at pszText when not
- actually logging anything Change ssplit()'s fourth parameter from int to size_t. Fixes a
- clang complaint. Add a warning that the statistics currently can't be trusted.
- Mention Privoxy-Log-Parser's --statistics option as an
- alternative for the time being. In rfc2553_connect_to(), start setting cgi->error_message
- on error Change the expected status code returned for http://p.p/die
- depending on whether or not FEATURE_GRACEFUL_TERMINATION is
- available. In cgi_die(), mark the client connection for closing. If the
- client will fetch the style sheet through another connection it
- gets the main thread out of the accept() state and should thus
- trigger the actual shutdown. Add a proper CGI message for cgi_die(). Fix an invalid free when compiled with
- FEATURE_GRACEFUL_TERMINATION and shut down through
- http://config.privoxy.org/die Don't enforce a logical line length limit in
- read_config_line() Slightly refactor server_last_modified() to remove useless
- gmtime*() calls In get_content_type(), also recognize '.jpeg' as JPEG
- extension Add '.png' to the list of recognized file extenstions in
- get_content_type() In block_url(), consistently use the block reason "Request
- blocked by Privoxy" In two places the reason was "Request for
- blocked URL" which hides the fact that the request got blocked by
- Privoxy and isn't necessarly correct as the block may be due to
- tags. In get_actions(), fix the "temporary" backwards compatibility
- hack to accept block actions without reason. It also covered
- other actions that should be rejected as invalid. Reported by
- Billy Crook. In listen_loop(), reload the configuration files after
- accepting a new connection instead of before. Previously the
- first connection that arrived after a configuration change would
- still be handled with the old configuration. In chat()'s receive-data loop, skip a client socket check if
- the socket will be written to right away anyway. This can
- increase the transfer speed for unfiltered content on fast
- network connections. The socket timeout is used for SOCKS negotiation as well. Don't keep the client connection alive if any configuration
- file changed since the time the connection came in. This is
- closer to Privoxy's behaviour before keep-alive support for
- client connection has been added and also less confusing in
- general. Treat all Content-Type header values containing the pattern
- 'script' as a sign of text. Reported by pribog in #3134970. configure: Remove a useless test for setpgrp(2). Privoxy doesn't need it
- and it can cause problems when cross-compiling Rename the --disable-acl-files switch to --disable-acl-support
- Since about 2001, ACL directives are specified in the standard
- config file. Rename the --disable-acl-files switch to
+ --disable-acl-support. Since about 2001, ACL directives are
+ specified in the standard config file. Update the URL of the 'Removing outdated PCRE version after
the next stable release' posting. The old URL stopped working
- after one of SF's recent layout pessimizations. Reported by Han
+ after one of SF's recent site "optimizations". Reported by Han
Liu. Added --shuffle-tests option to increase the chances of
- detection race conditions In the --help output, include a list of supported tests and
their default levels. Adjust the tests to properly deal with FEATURE_TOGGLE being
+ disabled. Perform limited sanity checks for parameters that are supposed
- to have numerical values. Perform limited sanity checks for command line parameters that
+ are supposed to have numerical values. Bump generated Firefox version to 9.0 Bump generated Firefox version to 8.09.2. History
+ 9.2. History
7.1. License
+ 7.1. License
7.2. History
+ 7.2. History
8.1. Finding the Right
+
8.1. Finding the Right
Mix
8.2. How to
+
8.2. How to
Edit
8.4.1. The Domain
+
8.4.1. The Domain
Pattern
8.4.2. The Path
+
8.4.2. The Path
Pattern
8.5.34.
+
8.5.34.
Summary
8.7.1.
+
8.7.1.
match-all.action
8.7.2.
+
8.7.2.
default.action
8.7.3.
+
8.7.3.
user.action
14.2. Privoxy's
+
14.2. Privoxy's
Internal Pages
-
-
+
6.1. Controlling
+
6.1. Controlling
Privoxy with Your Web Browser
Privoxy Menu
+ Privoxy Menu
diff --git a/doc/webserver/user-manual/contact.html b/doc/webserver/user-manual/contact.html
index cce50c59..df6e6eda 100644
--- a/doc/webserver/user-manual/contact.html
+++ b/doc/webserver/user-manual/contact.html
@@ -298,10 +298,6 @@ body {
How to Report Bugs Effectively.
- 12.1. License
+ 12.1. License
Wan-Teh Chang
+ Billy Crook
Frédéric Crozat
Michael T. Davis
Mattes Dolak
@@ -208,9 +209,11 @@ body {
Bert van Leeuwen
Don Libes
Paul Lieverse
+ Han Liu
Toby Lyward
Wil Mahan
Jindrich Makovicka
+ Raphael Marichez
Francois Marier
David Mediavilla
Raphael Moll
@@ -224,6 +227,7 @@ body {
Chung-chieh Shan
Spinor S.
Bart Schelstraete
+ Dan Stahlke
Oliver Stoeneberg
Peter Thoenen
Martin Thomas
diff --git a/doc/webserver/user-manual/filter-file.html b/doc/webserver/user-manual/filter-file.html
index c7383a81..ca28185e 100644
--- a/doc/webserver/user-manual/filter-file.html
+++ b/doc/webserver/user-manual/filter-file.html
@@ -165,7 +165,7 @@ FILTER: foo Replace all "foo" with "bar"
started.9.1. Filter File
+
9.1. Filter File
Tutorial
-
-
-
-
@@ -114,21 +173,36 @@ body {
-
-
@@ -866,8 +859,8 @@ body {