Fabian Keil [Fri, 14 Nov 2014 11:31:53 +0000 (11:31 +0000)]
Rebuild config file for 3.0.22 stable
Fabian Keil [Fri, 14 Nov 2014 11:31:41 +0000 (11:31 +0000)]
Update SGML ChangeLog
Fabian Keil [Fri, 14 Nov 2014 11:31:24 +0000 (11:31 +0000)]
Prevent leading and trailing whitespace in quotes
Fabian Keil [Fri, 14 Nov 2014 11:31:11 +0000 (11:31 +0000)]
ChangeLog cosmetic
Fabian Keil [Fri, 14 Nov 2014 11:30:59 +0000 (11:30 +0000)]
Declare 3.0.22 'stable'
Fabian Keil [Fri, 14 Nov 2014 10:40:50 +0000 (10:40 +0000)]
ChangeLog cosmetic
Fabian Keil [Fri, 14 Nov 2014 10:40:40 +0000 (10:40 +0000)]
Update ChangeLog to reflect recent changes
Fabian Keil [Fri, 14 Nov 2014 10:40:24 +0000 (10:40 +0000)]
Fix memory leak in rfc2553_connect_to()
CID 66382.
Fabian Keil [Fri, 14 Nov 2014 10:40:10 +0000 (10:40 +0000)]
pcrs_execute(): Consistently set *result to NULL in case of errors
Should make use-after-free in the caller less likely.
CID 66391, CID 66376.
Fabian Keil [Fri, 14 Nov 2014 10:39:49 +0000 (10:39 +0000)]
unmap(): Prevent use-after-free if the map only consists of one item
CID 66394.
Fabian Keil [Wed, 12 Nov 2014 12:00:41 +0000 (12:00 +0000)]
Make sure csp flags have unique values
Previously CSP_FLAG_CRUNCHED and CSP_FLAG_CLIENT_CONNECTION_HEADER_SET
shared the same bit which obviously wasn't intentional.
The only negative effect was that Privoxy potentially reused less
connections than it could have, which explains why the problem hasn't
been noticed for seven years and was only found by manual code
inspection.
Fabian Keil [Wed, 12 Nov 2014 12:00:10 +0000 (12:00 +0000)]
Link to the 'Would you like to donate?' FAQ
... instead of repeating parts of it while leaving out the rest.
Fabian Keil [Wed, 12 Nov 2014 11:59:47 +0000 (11:59 +0000)]
Let server_keep_alive() always remove the Keep-Alive header
Not forwarding the header to the client is a MUST and
non-compliance has no advantage here.
Fixes Co-Advisor test case rfc2616/hopHdr-Keep-Alive-toClt.
Fabian Keil [Tue, 11 Nov 2014 12:19:52 +0000 (12:19 +0000)]
Update URL of Polipo's website
Fabian Keil [Tue, 11 Nov 2014 12:19:38 +0000 (12:19 +0000)]
Disable banners-by-size for kggp.de/
Fabian Keil [Mon, 3 Nov 2014 14:41:12 +0000 (14:41 +0000)]
Preserve negative HTTP status numbers
While they are technically invalid, "supporting" them doesn't
hurt and this gets the recently added curl test 1430 "working".
Fabian Keil [Mon, 3 Nov 2014 14:40:53 +0000 (14:40 +0000)]
Add two consenting donors to the list of contributors
Fabian Keil [Mon, 3 Nov 2014 14:40:25 +0000 (14:40 +0000)]
Add changes for 3.0.22 stable
Fabian Keil [Mon, 3 Nov 2014 14:39:37 +0000 (14:39 +0000)]
Add a couple of contributors
Fabian Keil [Tue, 21 Oct 2014 15:31:49 +0000 (15:31 +0000)]
Regenerate docs
Fabian Keil [Tue, 21 Oct 2014 15:31:32 +0000 (15:31 +0000)]
Add #138: Bring back the scripts to provide actions file feedback
Fabian Keil [Tue, 21 Oct 2014 15:31:16 +0000 (15:31 +0000)]
Bump copyright
Fabian Keil [Tue, 21 Oct 2014 15:31:05 +0000 (15:31 +0000)]
Fix web-actions target
Fabian Keil [Tue, 21 Oct 2014 15:30:52 +0000 (15:30 +0000)]
Garbage-collect bookmarklets section
Most of the bookmarklets can't possible work due to not using a
trusted referer header and the rest of them can be replaced with
common bookmarks.
Fabian Keil [Tue, 21 Oct 2014 15:30:27 +0000 (15:30 +0000)]
Formally declare the scripts in doc/webserver/actions/ out of action
They haven't worked in years and the docs no longer reference them.
Fabian Keil [Tue, 21 Oct 2014 15:30:06 +0000 (15:30 +0000)]
Add a web-faq target that only updates the FAQ on the webserver
Fabian Keil [Tue, 21 Oct 2014 15:29:46 +0000 (15:29 +0000)]
Remove already-commented-out non-portable DOSFILTER alternatives
Fabian Keil [Tue, 21 Oct 2014 15:29:34 +0000 (15:29 +0000)]
Remove the obsolete targets dok-put and dok-get
Fabian Keil [Tue, 21 Oct 2014 15:29:20 +0000 (15:29 +0000)]
Add a sf-shell target
Fabian Keil [Tue, 21 Oct 2014 12:05:55 +0000 (12:05 +0000)]
Regenerate FAQ
Fabian Keil [Tue, 21 Oct 2014 12:05:12 +0000 (12:05 +0000)]
Mention more stuff donations may be used for
Fabian Keil [Tue, 21 Oct 2014 12:02:16 +0000 (12:02 +0000)]
Bump FAQ copyright
Fabian Keil [Tue, 21 Oct 2014 12:01:59 +0000 (12:01 +0000)]
Fix comment typos in free_map()'s description
Fabian Keil [Sat, 18 Oct 2014 11:32:07 +0000 (11:32 +0000)]
Remove #138. Coverity scan results are analyzed
Fabian Keil [Sat, 18 Oct 2014 11:31:52 +0000 (11:31 +0000)]
Let new_map() exit if the new map can't be allocated
This is not expected to happen in the real world
and it makes life easier for the callers.
Fabian Keil [Sat, 18 Oct 2014 11:31:25 +0000 (11:31 +0000)]
Add missing return check in dispatch_known_cgi()
CID 66354.
Fabian Keil [Sat, 18 Oct 2014 11:31:12 +0000 (11:31 +0000)]
receive_client_request(): Don't ignore list_append_list_unique()'s return value
CID 66360.
Fabian Keil [Sat, 18 Oct 2014 11:30:56 +0000 (11:30 +0000)]
Fix error handling in server_content_type()
CID 66369.
Fabian Keil [Sat, 18 Oct 2014 11:30:40 +0000 (11:30 +0000)]
jb_err_to_string(): Only check for internal errors once
Silences a Coverity complaint about unreachable code.
CID 66387.
Fabian Keil [Sat, 18 Oct 2014 11:30:24 +0000 (11:30 +0000)]
The filter file array can't be NULL so don't bother checking
The intention was checking whether or not filters are available,
but that's a premature optimization for an unlikely scenario,
so the bogus checks can be dropped without replacement.
CID 66389, CID 66385, CID 66375.
Fabian Keil [Sat, 18 Oct 2014 11:30:04 +0000 (11:30 +0000)]
server_content_encoding(): Check for enabled content filters properly
Previously external filters and gif deanimation weren't considered.
CID 66374.
Fabian Keil [Sat, 18 Oct 2014 11:29:48 +0000 (11:29 +0000)]
Fix error handling in edit_write_file()
CID 66359.
Fabian Keil [Sat, 18 Oct 2014 11:29:22 +0000 (11:29 +0000)]
Fix error handling in edit_read_file()
CID 66359.
Fabian Keil [Sat, 18 Oct 2014 11:29:06 +0000 (11:29 +0000)]
edit_read_file(): Remove bogus NULL check and use strdup_or_die() instead
CID 66372.
Fabian Keil [Sat, 18 Oct 2014 11:28:49 +0000 (11:28 +0000)]
Fix memory leak in cgi_show_file()
CID 66362.
Fabian Keil [Sat, 18 Oct 2014 11:28:36 +0000 (11:28 +0000)]
Use strdup_or_die() if the duplicated string is tiny
Fixes a theoretical memory leak in trust_url() reported by Coverity.
CID 66364.
Fabian Keil [Sat, 18 Oct 2014 11:28:05 +0000 (11:28 +0000)]
bind_port(): Fix file descriptor leak in error path
CID 66368.
Fabian Keil [Sat, 18 Oct 2014 11:27:43 +0000 (11:27 +0000)]
In bind_port(), check if the socket is valid before marking it CLOSEEXEC
Fabian Keil [Sat, 18 Oct 2014 11:27:28 +0000 (11:27 +0000)]
Fix memory leaks in load_config()
CID 66370.
Fabian Keil [Sat, 18 Oct 2014 11:27:04 +0000 (11:27 +0000)]
Fix memory leak in pcrs_compile_dynamic_command()
CID 66373.
Fabian Keil [Sat, 18 Oct 2014 11:26:48 +0000 (11:26 +0000)]
Fix a theoretical memory leak in get_last_url()
CID 66378.
Fabian Keil [Sat, 18 Oct 2014 11:26:31 +0000 (11:26 +0000)]
load_file(): Treat fread() failures like other non-fatal file errors
... and check for underreads properly.
Previously Privoxy was supposedly serving the file partially
if it was edited in place, but actually would have served an
error message and leaked memory. Now it just serves the error
message (if it's run in a fantasy world were this actually
happens).
CID 66380, CID 66362, CID 66357.
Fabian Keil [Sat, 18 Oct 2014 11:26:18 +0000 (11:26 +0000)]
Fix a memory leak in execute_content_filters() if there's more than one job
Also don't crash if a job that isn't the last one fails.
CID 66381.
Fabian Keil [Sat, 18 Oct 2014 11:25:57 +0000 (11:25 +0000)]
execute_external_filter(): Fix file descriptor leak in error path
CID 66384.
Fabian Keil [Sat, 18 Oct 2014 11:25:42 +0000 (11:25 +0000)]
Fix theoretical memory leaks in edit_parse_actions_file()
CID 66388.
Fabian Keil [Sat, 18 Oct 2014 11:25:24 +0000 (11:25 +0000)]
Fix a comment typo
Fabian Keil [Sat, 18 Oct 2014 11:25:13 +0000 (11:25 +0000)]
Fix a theoretical memory leak in cgi_show_url_info()
In the real world map_block_killer() is unlikely to run out of memory.
CID 66392.
Fabian Keil [Sat, 18 Oct 2014 11:24:53 +0000 (11:24 +0000)]
accept_connection(): Adjust loop condition to silence a ressource leak warning
This is a nop because fd 0 is guaranteed to be in use and
thus can't be returned by accept() anyway.
CID 66393.
Fabian Keil [Sat, 18 Oct 2014 11:24:34 +0000 (11:24 +0000)]
server_http(): Make the HTTP reason phrase optional again
There are still servers around that that don't set one
and Privoxy doesn't really need it anyway.
Fabian Keil [Fri, 17 Oct 2014 14:45:41 +0000 (14:45 +0000)]
Bump copyright
Fabian Keil [Fri, 17 Oct 2014 14:45:29 +0000 (14:45 +0000)]
Add range-related tests for external-filter{}
Fabian Keil [Fri, 17 Oct 2014 14:45:10 +0000 (14:45 +0000)]
Prevent img-reorder from messing up img tags with empty src attributes
Fixes #880 reported by Duncan.
Fabian Keil [Thu, 16 Oct 2014 11:55:45 +0000 (11:55 +0000)]
Add #138: Analyse Coverity scan results
Remove #55 which is done.
Fabian Keil [Thu, 16 Oct 2014 11:55:15 +0000 (11:55 +0000)]
Disable +fast-redirects{} for ixquick-proxy.com/
Fabian Keil [Thu, 16 Oct 2014 11:54:58 +0000 (11:54 +0000)]
Add #137: Add a (preferably vector-based) logo
Fabian Keil [Mon, 6 Oct 2014 10:20:31 +0000 (10:20 +0000)]
Rebuild docs
Fabian Keil [Mon, 6 Oct 2014 10:20:09 +0000 (10:20 +0000)]
Update the 'Would you like to donate?' section
Mention that donations will be used to get TODO list
items done and add the Zwiebelfreunde e.V. bank
account.
Fabian Keil [Mon, 6 Oct 2014 10:19:43 +0000 (10:19 +0000)]
Add Sam Chen as contributor
Fabian Keil [Mon, 6 Oct 2014 10:19:30 +0000 (10:19 +0000)]
Change declared template file encoding to UTF-8
The files already used a subset of UTF-8 anyway and changing
the declaration allows to properly display UTF-8 characters
used in the action files.
This change may require existing action files with ISO-8859-1
characters that aren't valid UTF-8 to be converted to UTF-8.
Requested by Sam Chen in #582.
Fabian Keil [Mon, 6 Oct 2014 10:18:37 +0000 (10:18 +0000)]
Add #136: Make builds reproducible
Fabian Keil [Mon, 6 Oct 2014 10:18:25 +0000 (10:18 +0000)]
Remove and incorrect and an obsolete sentence from the action file section
Using Privoxy without action files is not actually pointless if
its only being used as HTTP router or HTTP to SOCK gateways.
People who still care about syntax changes in 3.0.7 should look at
the ChangeLog to see all the changes combined.
Fabian Keil [Mon, 6 Oct 2014 10:17:43 +0000 (10:17 +0000)]
Stop mentioning the log defaults before 3.0.7 which are no longer relevant
Fabian Keil [Mon, 6 Oct 2014 10:17:28 +0000 (10:17 +0000)]
Make it more obvious that many operating systems support log rotation out of the box
Fabian Keil [Mon, 6 Oct 2014 10:17:12 +0000 (10:17 +0000)]
Sync config.guess and config.sub with upstream 2012-12-23/
306afce2
... which is the last commit that is still GPLv2+.
Fabian Keil [Mon, 6 Oct 2014 10:13:56 +0000 (10:13 +0000)]
Add #135: Add OpenBSM audit support
Fabian Keil [Fri, 22 Aug 2014 09:45:29 +0000 (09:45 +0000)]
Update URL of the 'current development version of this file'
Fabian Keil [Fri, 8 Aug 2014 13:05:23 +0000 (13:05 +0000)]
Unblock 'adele*.'
Reported by Adele Lime in #1663.
Fabian Keil [Fri, 1 Aug 2014 12:34:21 +0000 (12:34 +0000)]
Unblock "adina*."
According to Wikipedia, "Adina is a Biblical Hebrew name meaning
delicate, slender, refined or gentle".
Fixes #919 reported by Morton A. Goldberg.
Fabian Keil [Fri, 25 Jul 2014 11:57:17 +0000 (11:57 +0000)]
Let server_http() regenerate the response line
... making sure Privoxy forwards a valid one.
Normalizing the HTTP-version is an explicit RFC 2616 MUST,
RFC 7230 mandates that intermediaries send their own
HTTP-version in forwarded messages.
Fabian Keil [Fri, 25 Jul 2014 11:56:54 +0000 (11:56 +0000)]
Let sed() failures result in an error response
While at it, make sure fatal parse errors are reported
to the caller right away.
Fabian Keil [Fri, 25 Jul 2014 11:56:26 +0000 (11:56 +0000)]
Normalize the HTTP-version in forwarded request lines
This is an explicit RFC 2616 MUST and RFC 7230 mandates
that intermediaries send their own HTTP-version in forwarded
messages.
Fabian Keil [Fri, 25 Jul 2014 11:56:02 +0000 (11:56 +0000)]
Update normalize_lws()'s description to reference RFC 7230
Fabian Keil [Fri, 25 Jul 2014 11:55:47 +0000 (11:55 +0000)]
Spell whitespace consistently without whitespace
That's how it's done in RFC 7230 which obsoletes RFC 2616.
Fabian Keil [Fri, 25 Jul 2014 11:55:27 +0000 (11:55 +0000)]
Bump copyright
Fabian Keil [Fri, 25 Jul 2014 11:55:11 +0000 (11:55 +0000)]
Reject requests with unsupported Expect header values
This changes the test status for the following Co-Advisor
tests from "Violation" to "Success":
rfc2616/unsuppExpect-0100-continue
rfc2616/unsuppExpect-100-continueing
rfc2616/unsuppExpect-expect=params
rfc2616/unsuppExpect-expect=quoted-100c
For RFC 2616 rejecting such requests was a MUST,
but RFC 7230 downgraded this to a MAY.
Fabian Keil [Fri, 25 Jul 2014 11:54:28 +0000 (11:54 +0000)]
Add #134: Track the total number of bytes written to and received from a socket.
Fabian Keil [Fri, 18 Jul 2014 10:19:46 +0000 (10:19 +0000)]
Regenerate docs
Fabian Keil [Fri, 18 Jul 2014 10:01:39 +0000 (10:01 +0000)]
Update the forward-override{} example to be consistent with the tagging example
Fabian Keil [Fri, 18 Jul 2014 10:01:20 +0000 (10:01 +0000)]
Note that invalid forward-override{} parameter syntax isn't detected until the parameter is used
Fabian Keil [Fri, 18 Jul 2014 10:00:11 +0000 (10:00 +0000)]
Add another +redirect{} example: a shortcut for illumos bugs
Fabian Keil [Fri, 18 Jul 2014 09:59:51 +0000 (09:59 +0000)]
Move a 'static' before the 'const'
Fabian Keil [Mon, 14 Jul 2014 13:37:08 +0000 (13:37 +0000)]
Clarify what Privoxy does if both +block{} and +redirect{} apply
Fabian Keil [Mon, 14 Jul 2014 13:01:28 +0000 (13:01 +0000)]
Block '/.*DigiAd'
Fabian Keil [Mon, 14 Jul 2014 13:01:02 +0000 (13:01 +0000)]
Move a pattern below its tests
Fabian Keil [Mon, 14 Jul 2014 13:00:07 +0000 (13:00 +0000)]
Add an external filter example to add '[citation needed]' tags to images
Finding images where this may make sense and the coordinates
fit is left as an excercise for the reader.
Fabian Keil [Mon, 14 Jul 2014 12:57:00 +0000 (12:57 +0000)]
Use a custom redirect{} for .washingtonpost.com/wp-apps/imrs\.php\?src=
Previously enabling the 'Advanced' settings (or manually enabling
+fast-redirects{}) prevented some images from being loaded properly.
As a side effect this commit expands Oleg's reach even further.
Fabian Keil [Mon, 14 Jul 2014 12:56:30 +0000 (12:56 +0000)]
Note that security issues shouldn't be reported using the bug tracker
Add myself as security contact as discussed on ijbswa-devel@
months ago.
Fabian Keil [Thu, 3 Jul 2014 10:19:47 +0000 (10:19 +0000)]
Note that donations will fund work on the TODO list
Fabian Keil [Wed, 25 Jun 2014 10:09:57 +0000 (10:09 +0000)]
Add #133: Consider allowing bitcoin donations
At least one donor is interested in this.
Fabian Keil [Wed, 25 Jun 2014 10:09:07 +0000 (10:09 +0000)]
Add #132: Provide a Tor hidden service to reach the Privoxy website
At least one donor is interested in this, it's not lot of work
and we can eat our own dogfood by putting Privoxy between the
Tor hidden service and the website to rewrite the requests.