From 00c5ee35fd5a8f4a243366a481daf698e0c2adfa Mon Sep 17 00:00:00 2001
From: Fabian Keil There are many improvements and new features since Privoxy 3.0.6Privoxy 3.0.8, the last stable release: Two new actions server-header-tagger
- and client-header-tagger
- that can be used to create arbitrary "tags"
- based on client and server headers.
- These "tags" can then subsequently be used
- to control the other actions used for the current request,
- greatly increasing Privoxy's flexibility and selectivity. See tag patterns for more information on tags.
+> Added SOCKS5 support (with address resolution done by
+ the SOCKS5 server). Patch provided by Eric M. Hopper.
Header filtering is done with dedicated header filters now. As a result
- the actions "filter-client-headers" and "filter-server-headers"
- that were introduced with Privoxy 3.0.5 to apply
- content filters to the headers have been removed.
- See the new actions server-header-filter
- and client-header-filter for details.
+> The "blocked" CGI pages include a block reason that was
+ provided as argument to the last-applying block action.
There are four new options for the main config file:
+> If enable-edit-actions is disabled (the default since 3.0.7 beta)
+ the show-status page hides the edit buttons and explains why.
+ Previously the user would get the "this feature has been disabled"
+ message after using the edit button.
Forbidden CONNECT requests are treated like blocks by default.
+ The now-pointless treat-forbidden-connects-like-blocks action
+ has been removed.
+
allow-cgi-request-crunching - which allows requests for Privoxy's internal CGI pages to be - blocked, redirected or (un)trusted like ordinary requests. -
Not enabling limit-connect now allows CONNECT requests to all ports. + In previous versions it would only allow CONNECT requests to port 443. + Use +limit-connect{443} if you think you need the old default behaviour. +split-large-forms - that will work around a browser bug that caused IE6 and IE7 to - ignore the Submit button on the Privoxy's edit-actions-for-url CGI - page. -
The CGI editor gets turned off after three edit requests with invalid + file modification timestamps. This makes life harder for attackers + who can leverage browser bugs to send fake Referers and intend to + brute-force edit URLs. +accept-intercepted-requests - which allows to combine Privoxy with any packet filter to create an - intercepting proxy for HTTP/1.1 requests (and for HTTP/1.0 requests - with Host header set). This means clients can be forced to use - Privoxy even if their proxy settings are configured differently. -
Action settings for multiple patterns in the same section are + shared in memory. As a result these sections take up less space + (and are loaded slightly faster). Problem reported by Franz Schwartau. +templdir - to designate an alternate location for Privoxy's - locally customized CGI templates so that - these are not overwritten during upgrades. -
Linear white space in HTTP headers will be normalized to single + spaces before parsing the header's content, headers split across + multiple lines get merged first. +Host information is gathered outside the main thread so it's less + likely to delay other incoming connections if the host is misconfigured. +
A new command line option --pre-chroot-nslookup hostname to - initialize the resolver library before chroot'ing. On some systems this - reduces the number of files that must be copied into the chroot tree. - (Patch provided by Stephen Gildea) +> New config option "hostname" to use a hostname other than + the one returned by the operating system. Useful to speed-up responses + for CGI requests on misconfigured systems. Requested by Max Khon.
The forward-override action - allows changing of the forwarding settings through the actions files. - Combined with tags, this allows to choose the forwarder based on - client headers like the User-Agent, or the request origin. -
The CGI editor supports the "disable all filters of this type" + directives "-client-header-filter", "-server-header-filter", + "-client-header-tagger" and "-server-header-tagger". +The redirect action can now use regular - expression substitutions against the original URL. +> Fixed false-positives with the link-by-url filter and URLs that + contain the pattern "/jump/".
zlib support is now available as a compile - time option to filter compressed content. Patch provided by Wil Mahan. +> The less-download-windows filter no longer messes + "Content-Type: application/x-shockwave-flash" headers up.
Improve various filters, and add new ones. +> In the show-url-info page's "Final results" section active and + inactive actions are listed separately. Patch provided by Lee.
Include support for RFC 3253 so that Subversion works - with Privoxy. Patch provided by Petr Kadlec. +> The GNUmakefile supports the DESTDIR variable. Patch for + the install target submitted by Radoslaw Zielinski. +
Embedding the content of configuration files in the show-status + page is significantly faster now. For a largish action file (1 MB) + a speedup of about 2450 times has been measured. This is mostly + interesting if you are using large action files or regularly use + Privoxy-Regression-Test while running Privoxy through Valgrind, + for stock configuration files it doesn't really matter. +
If zlib support is unavailable and there are content + filters active but the prevent-compression action is disabled, + the show-url-info page includes a warning that compression + might prevent filtering. +
The show-url-info page provides an OpenSearch Description that + allows to access the page through browser search plugins. +
The obsolete kill-popups action has been removed as the + PCRS-based popup filters can do the same and are slightly + less unreliable. +
The inspect-jpegs action has been removed. +
The send-wafer and send-vanilla-wafer actions have been removed. + They weren't particular useful and their behaviour could be emulated + with add-header anyway. +
Privoxy-Regression-Test has been significantly improved.
Logging can be completely turned off by not specifying a logfile directive. +> Most sections in the default.action file contain tests for + Privoxy-Regression-Test to verify that they are working as intended.
A number of improvements to Privoxy's internal CGI pages, including the - use of favicons for error and control pages. +> Parts of Privoxy have been refactored to increase maintainability.
Many bugfixes, memory leaks addressed, code improvements, and logging - improvements. +> Building with zlib (if available) is done by default.