> <DIV
CLASS="TABLE"
><A
-NAME="AEN2085"
+NAME="AEN2145"
></A
><P
><B
><H2
CLASS="SECT2"
><A
-NAME="AEN2184"
+NAME="AEN2244"
>8.1. Finding the Right Mix</A
></H2
><P
><H2
CLASS="SECT2"
><A
-NAME="AEN2191"
+NAME="AEN2251"
>8.2. How to Edit</A
></H2
><P
><H3
CLASS="SECT3"
><A
-NAME="AEN2282"
+NAME="AEN2342"
>8.4.1. The Domain Pattern</A
></H3
><P
><H3
CLASS="SECT3"
><A
-NAME="AEN2353"
+NAME="AEN2413"
>8.4.2. The Path Pattern</A
></H3
><P
><PRE
CLASS="SCREEN"
># Tag every request with the User-Agent header
-{+client-header-filter{user-agent}}
+{+client-header-tagger{user-agent}}
/
</PRE
></TD
><PRE
CLASS="SCREEN"
># Tag every request with the declared content type
-{+client-header-tagger{content-type}}
+{+server-header-tagger{content-type}}
/
</PRE
></TD
><H3
CLASS="SECT3"
><A
-NAME="AEN4157"
+NAME="AEN4217"
>8.5.39. Summary</A
></H3
><P
><H3
CLASS="SECT3"
><A
-NAME="AEN4222"
+NAME="AEN4282"
>8.7.1. default.action</A
></H3
><P
><H3
CLASS="SECT3"
><A
-NAME="AEN4409"
+NAME="AEN4469"
>8.7.2. user.action</A
></H3
><P
><H2
CLASS="SECT2"
><A
-NAME="AEN5288"
+NAME="AEN5351"
>14.2. Privoxy's Internal Pages</A
></H2
><P
Privoxy main page:
</P
><A
-NAME="AEN5302"
+NAME="AEN5365"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
editing of actions files:
</P
><A
-NAME="AEN5310"
+NAME="AEN5373"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
Show the source code version numbers:
</P
><A
-NAME="AEN5315"
+NAME="AEN5378"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
Show the browser's request headers:
</P
><A
-NAME="AEN5320"
+NAME="AEN5383"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
Show which actions apply to a URL and why:
</P
><A
-NAME="AEN5325"
+NAME="AEN5388"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
to run, but only as a pass-through proxy, with no actions taking place:
</P
><A
-NAME="AEN5331"
+NAME="AEN5394"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
> Short cuts. Turn off, then on:
</P
><A
-NAME="AEN5335"
+NAME="AEN5398"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
</P
></BLOCKQUOTE
><A
-NAME="AEN5338"
+NAME="AEN5401"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
>trustfile</I
></SPAN
></A
-> above.)
+> below.)
</P
><P
> If you use the trust mechanism, it is a good idea to write up some on-line
>Specifies:</DT
><DD
><P
->The directory where the other configuration files are located</P
+>The directory where the other configuration files are located.</P
></DD
><DT
>Type of value:</DT
CLASS="LITERAL"
>/</TT
>"</SPAN
->, please
+>, please.
</P
></DD
></DL
>Specifies:</DT
><DD
><P
->An alternative directory where the templates are loaded from</P
+>An alternative directory where the templates are loaded from.</P
></DD
><DT
>Type of value:</DT
>Notes:</DT
><DD
><P
-> Privoxy's original templates are usually overwritten
- with each update. Use this option to relocate customized templates
- that should be kept. Note that template variables might change
- between updates and templates are not guaranteed to work with
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> original templates are usually
+ overwritten with each update. Use this option to relocate customized
+ templates that should be kept. As template variables might change
+ between updates, you shouldn't expect templates to work with
<SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
> releases other than the one
- they were part of.
+ they were part of, though.
</P
></DD
></DL
>Specifies:</DT
><DD
><P
-> The directory where all logging takes place (i.e. where <TT
+> The directory where all logging takes place
+ (i.e. where <TT
CLASS="FILENAME"
>logfile</TT
-> and
+> and
<TT
CLASS="FILENAME"
>jarfile</TT
-> are located)
+> are located).
</P
></DD
><DT
CLASS="LITERAL"
>/</TT
>"</SPAN
->, please
+>, please.
</P
></DD
></DL
</P
><P
>
- The default values include standard.action, which is used for internal
- purposes and should be loaded, default.action, which is the
- <SPAN
+ The default values include <TT
+CLASS="FILENAME"
+>standard.action</TT
+>, which is used
+ for internal purposes and should be loaded, <TT
+CLASS="FILENAME"
+>default.action</TT
+>,
+ which is the <SPAN
CLASS="QUOTE"
>"main"</SPAN
> actions file maintained by the developers, and
</P
><P
>
- Actions files are where all the per site and per URL configuration is done for
+ Actions files contain all the per site and per URL configuration for
ad blocking, cookie management, privacy considerations, etc.
There is no point in using <SPAN
CLASS="APPLICATION"
CLASS="EMPHASIS"
>or</I
></SPAN
-> privoxy.log (Windows)</P
+> privoxy.log (Windows).</P
></DD
><DT
>Effect if unset:</DT
CLASS="EMPHASIS"
>or</I
></SPAN
-> privoxy.jar (Windows)</P
+> privoxy.jar (Windows).</P
></DD
><DT
>Effect if unset:</DT
</P
><P
-> The reporting of <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->fatal</I
-></SPAN
-> errors (i.e. ones which causes
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> to exit) is always on and cannot be disabled.
- </P
-><P
> If you want to use CLF (Common Log Format), you should set <SPAN
CLASS="QUOTE"
>"debug
>Specifies:</DT
><DD
><P
-> Whether to run only one server thread
+> Whether to run only one server thread.
</P
></DD
><DT
>Notes:</DT
><DD
><P
-> This option is only there for debugging purposes and you should never
- need to use it. <SPAN
+> This option is only there for debugging purposes.
+ <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
CLASS="APPLICATION"
>Privoxy</SPAN
> users don't read
- documentation, this feature has been disabled by default.
+ documentation, this feature is disabled by default.
</P
><P
> Note that you must have compiled <SPAN
side code (e.g Java) is also capable of using this feature.
</P
><P
-> This option may be removed in future releases as it has been obsoleted
+> This option will be removed in future releases as it has been obsoleted
by the more general header taggers.
</P
></DD
>not recommended</I
></SPAN
> for environments
- with untrusted users and is therefore disabled by default.
+ with untrusted users and as a lot of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ users don't read documentation, this feature is disabled by default.
</P
><P
> Note that malicious client side code (e.g Java) is also
sure your browser is configured correctly.
</P
><P
-> As a lot of <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> users don't read
- documentation, this feature has been disabled by default.
- </P
-><P
> Note that you must have compiled <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
option.
</P
><P
-> Please see the warnings in the FAQ that this proxy is not intended to be a substitute
- for a firewall or to encourage anyone to defer addressing basic security
- weaknesses.
+> Please see the warnings in the FAQ that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ is not intended to be a substitute for a firewall or to encourage anyone
+ to defer addressing basic security weaknesses.
</P
><P
> Multiple ACL lines are OK.
><TD
><PRE
CLASS="SCREEN"
-> forward / caching-proxy.example-isp.net:8000
- forward .example-isp.net .</PRE
+> forward / caching-proxy.isp.example.net:8000
+ forward .isp.example.net .</PRE
></TD
></TR
></TABLE
><TD
><PRE
CLASS="SCREEN"
-> forward-socks4a / socks-gw.example.com:1080 www-cache.example-isp.net:8080
+> forward-socks4a / socks-gw.example.com:1080 www-cache.isp.example.net:8080
forward .example.com .</PRE
></TD
></TR
>
</P
><P
-> To chain Privoxy and Tor, both running on the same system, you should use
- the rule:
+> To chain Privoxy and Tor, both running on the same system, you would use
+ something like:
</P
><P
> <TABLE
CLASS="APPLICATION"
>Privoxy</SPAN
>
- at all.
+ at all. Of course this may actually be desired and there is no reason
+ to make these exceptions if you aren't sure you need them.
</P
><P
> If you also want to be able to reach servers in your local network by
></SPAN
> users can see the internal content of all ISPs.</P
><P
-> Assume that host-a has a PPP connection to isp-a.net. And host-b has a PPP connection to
- isp-b.net. Both run <SPAN
+> Assume that host-a has a PPP connection to isp-a.example.net. And host-b has a PPP connection to
+ isp-b.example.org. Both run <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
>. Their forwarding
><PRE
CLASS="SCREEN"
> forward / .
- forward .isp-b.net host-b:8118</PRE
+ forward .isp-b.example.net host-b:8118</PRE
></TD
></TR
></TABLE
><PRE
CLASS="SCREEN"
> forward / .
- forward .isp-a.net host-a:8118</PRE
+ forward .isp-a.example.org host-a:8118</PRE
></TD
></TR
></TABLE
<SPAN
CLASS="APPLICATION"
>squid</SPAN
-> locally, then chain as
+> locally, then chaining as
<TT
CLASS="LITERAL"
>browser -> squid -> privoxy</TT
>squid.conf</TT
>.</P
><P
-> You could just as well decide to only forward requests for Windows executables through
- a virus-scanning parent proxy, say, on <TT
+> You could just as well decide to only forward requests you suspect
+ of leading to Windows executables through a virus-scanning parent proxy,
+ say, on <TT
CLASS="LITERAL"
>antivir.example.com</TT
>, port 8010:</P
<SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> will disconnect from and hide the
+> will disconnect from and hide the
command console.</P
><P
> <TT
><H2
CLASS="SECT2"
><A
-NAME="AEN733"
+NAME="AEN790"
>6.1. Controlling Privoxy with Your Web Browser</A
></H2
><P
> <H2
CLASS="BRIDGEHEAD"
><A
-NAME="AEN741"
+NAME="AEN798"
></A
>Â Â Â Â Privoxy Menu</H2
><P
>Privoxy</SPAN
> with one click from
your browser.</P
+><P
+> Note that several of the features described above are disabled by default
+ in <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 3.0.7 beta and later.
+ Check the
+ <A
+HREF="config.html"
+TARGET="_top"
+>configuration file</A
+> to learn why
+ and in which cases it's safe to enable them again.</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN5033"
+NAME="AEN5096"
>12.1. License</A
></H2
><P
><H2
CLASS="SECT2"
><A
-NAME="AEN4563"
+NAME="AEN4623"
>9.1. Filter File Tutorial</A
></H2
><P
><BR></P
><P
CLASS="PUBDATE"
->$Id: user-manual.sgml,v 2.39 2007/11/05 02:34:49 hal9 Exp $<BR></P
+>$Id: user-manual.sgml,v 2.41 2007/11/11 16:32:11 hal9 Exp $<BR></P
><DIV
><DIV
CLASS="ABSTRACT"
>.
</P
><P
-> Privoxy is a
+> Privoxy is a non-caching
<A
HREF="http://en.wikipedia.org/wiki/Proxy_server"
TARGET="_top"
>web proxy</A
>
- with advanced filtering capabilities for protecting
- privacy, modifying web page data, managing
+ with advanced filtering capabilities for enhancing privacy,
+ modifying web page data, managing HTTP
<A
HREF="http://en.wikipedia.org/wiki/Browser_cookie"
TARGET="_top"
>cookies</A
>,
controlling access, and removing ads, banners, pop-ups and other obnoxious
- Internet junk. Privoxy has a very flexible configuration and can be
+ Internet junk. Privoxy has a flexible configuration and can be
customized to suit individual needs and tastes. Privoxy has application for
both stand-alone systems and multi-user networks.</P
><P
><DT
>2.1.4. <A
HREF="installation.html#INSTALLATION-PACK-BINTGZ"
->Solaris, NetBSD, HP-UX</A
+>Solaris</A
></DT
><DT
>2.1.5. <A
><DL
><DT
>6.1. <A
-HREF="configuration.html#AEN733"
+HREF="configuration.html#AEN790"
>Controlling Privoxy with Your Web Browser</A
></DT
><DT
><DL
><DT
>8.1. <A
-HREF="actions-file.html#AEN2184"
+HREF="actions-file.html#AEN2244"
>Finding the Right Mix</A
></DT
><DT
>8.2. <A
-HREF="actions-file.html#AEN2191"
+HREF="actions-file.html#AEN2251"
>How to Edit</A
></DT
><DT
><DL
><DT
>8.4.1. <A
-HREF="actions-file.html#AEN2282"
+HREF="actions-file.html#AEN2342"
>The Domain Pattern</A
></DT
><DT
>8.4.2. <A
-HREF="actions-file.html#AEN2353"
+HREF="actions-file.html#AEN2413"
>The Path Pattern</A
></DT
><DT
></DT
><DT
>8.5.39. <A
-HREF="actions-file.html#AEN4157"
+HREF="actions-file.html#AEN4217"
>Summary</A
></DT
></DL
><DL
><DT
>8.7.1. <A
-HREF="actions-file.html#AEN4222"
+HREF="actions-file.html#AEN4282"
>default.action</A
></DT
><DT
>8.7.2. <A
-HREF="actions-file.html#AEN4409"
+HREF="actions-file.html#AEN4469"
>user.action</A
></DT
></DL
><DL
><DT
>9.1. <A
-HREF="filter-file.html#AEN4563"
+HREF="filter-file.html#AEN4623"
>Filter File Tutorial</A
></DT
><DT
><DL
><DT
>12.1. <A
-HREF="copyright.html#AEN5033"
+HREF="copyright.html#AEN5096"
>License</A
></DT
><DT
></DT
><DT
>14.2. <A
-HREF="appendix.html#AEN5288"
+HREF="appendix.html#AEN5351"
>Privoxy's Internal Pages</A
></DT
><DD
>Privoxy</SPAN
> in. </P
><P
-> Version 3.0.4 introduced full <SPAN
+> Version 3.0.5 beta introduced full <SPAN
CLASS="APPLICATION"
>Windows</SPAN
> service
CLASS="SECT3"
><A
NAME="INSTALLATION-PACK-BINTGZ"
->2.1.4. Solaris, NetBSD, HP-UX</A
+>2.1.4. Solaris</A
></H3
><P
> Create a new directory, <TT
TARGET="_top"
>File Release
Page</A
->, but if you're interested in stable releases only you don't
- gain anything by using them.</P
+>, but there's no reason to use them unless you're interested in the
+ beta releases which are only available there.</P
></DIV
><DIV
CLASS="SECT3"
CLASS="LITERAL"
>FTP</TT
> or
- any protocols besides HTTP and HTTPS (SSL)! It won't work!
+ any protocols besides HTTP and HTTPS (SSL) unless you intend to prevent your
+ browser from using these protocols.
</P
></LI
><LI
> A default installation should provide a reasonable starting point for
most. There will undoubtedly be occasions where you will want to adjust the
configuration, but that can be dealt with as the need arises. Little
- to no initial configuration is required in most cases.
+ to no initial configuration is required in most cases, you may want
+ to enable the
+ <A
+HREF="config.html#ENABLE-EDIT-ACTIONS"
+TARGET="_top"
+>web-based action editor</A
+> though.
+ Be sure to read the warnings first.
</P
><P
> See the <A
></LI
><LI
><P
-> For easy access to <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->'s most important controls, drag the provided
- <A
-HREF="appendix.html#BOOKMARKLETS"
->Bookmarklets</A
-> into your browser's
- personal toolbar.
- </P
-></LI
-><LI
-><P
> Please see the section <A
HREF="contact.html"
>Contacting the
CLASS="APPLICATION"
>Privoxy</SPAN
> to perform
- some task relating to WWW transactions (i.e. web browsing). We tell
+ some task relating to HTTP transactions (i.e. web browsing). We tell
<SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
TARGET="_top"
>http://p.p/show-status</A
>). This
- is an internal page, and does not require Internet access. Select the
- appropriate <SPAN
+ is an internal page, and does not require Internet access.</P
+><P
+> Note that as of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 3.0.7 beta the
+ action editor is disabled by default. Check the
+ <A
+HREF="config.html#ENABLE-EDIT-ACTIONS"
+TARGET="_top"
+>enable-edit-actions
+ section in the configuration file</A
+> to learn why and in which
+ cases it's safe to enable again.</P
+><P
+> If you decided to enable the action editor, select the appropriate
+ <SPAN
CLASS="QUOTE"
>"actions"</SPAN
> file, and click
> <DIV
CLASS="FIGURE"
><A
-NAME="AEN486"
+NAME="AEN543"
></A
><P
><B
> <DIV
CLASS="FIGURE"
><A
-NAME="AEN541"
+NAME="AEN598"
></A
><P
><B
> <DIV
CLASS="FIGURE"
><A
-NAME="AEN585"
+NAME="AEN642"
></A
><P
><B
or exports), which <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> fills at run time. You can
- edit the templates with a normal text editor, should you want to customize them.
- (<SPAN
+> fills at run time. It
+ is possible to edit the templates with a normal text editor, should you want
+ to customize them. (<SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
->Not recommended for the casual user</I
+>Not recommended for the casual
+ user</I
></SPAN
->). Note that
- just like in configuration files, lines starting with <TT
+>). Should you create your own custom templates, you should use
+ the <TT
+CLASS="FILENAME"
+>config</TT
+> setting <A
+HREF="config.html#TEMPLDIR"
+>templdir</A
+>
+ to specify an alternate location, so your templates do not get overwritten
+ during upgrades.
+ </P
+><P
+> Note that just like in configuration files, lines starting
+ with <TT
CLASS="LITERAL"
>#</TT
-> are
- ignored when the templates are filled in.</P
+> are ignored when the templates are filled in.</P
><P
> The place-holders are of the form <TT
CLASS="LITERAL"
><UL
><LI
><P
+> Two new actions <A
+HREF="actions-file.html#SERVER-HEADER-TAGGER"
+>server-header-tagger</A
+>
+ and <A
+HREF="actions-file.html#CLIENT-HEADER-TAGGER"
+>client-header-tagger</A
+>
+ that can be used to apply arbitrary <SPAN
+CLASS="QUOTE"
+>"tags"</SPAN
+> to
+ each request's headers. These <SPAN
+CLASS="QUOTE"
+>"tags"</SPAN
+> can then
+ subsequently be used by other actions, greatly increasing
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>'s flexibity and selectivity. See <A
+HREF="actions-file.html#TAG-PATTERN"
+>tag patterns</A
+> for more on tags.
+
+ </P
+></LI
+><LI
+><P
> Header filtering can be done with dedicated header filters now. As a result
the actions <SPAN
CLASS="QUOTE"
>Privoxy 3.0.5</SPAN
> to apply
the content filters to the headers as, well have been removed again.
+ See the new actions <A
+HREF="actions-file.html#SERVER-HEADER-FILTER"
+>server-header-filter</A
+>
+ and <A
+HREF="actions-file.html#CLIENT-HEADER-FILTER"
+>client-header-filter</A
+>.
+ </P
+></LI
+><LI
+><P
+> There are four new options for the main <TT
+CLASS="FILENAME"
+>config</TT
+> file:
+ </P
+><P
+></P
+><UL
+><LI
+><P
+> <A
+HREF="config.html#ALLOW-CGI-REQUEST-CRUNCHING"
+>allow-cgi-request-crunching</A
+>
+ which allows requests for Privoxy's internal CGI pages to be
+ blocked, redirected or (un)trusted like ordinary requests.
+ </P
+></LI
+><LI
+><P
+> <A
+HREF="config.html#SPLIT-LARGE-FORMS"
+>split-large-forms</A
+>
+ that will work around a browser bug that caused IE6 and IE7 to
+ ignore the Submit button on the Privoxy's edit-actions-for-url CGI
+ page.
+ </P
+></LI
+><LI
+><P
+> <A
+HREF="config.html#ACCEPT-INTERCEPTED-REQUESTS"
+>accept-intercepted-requests</A
+>
+ which will combine Privoxy with any packet filter to create an intercepting
+ proxy for HTTP/1.1 requests (and for HTTP/1.0 requests with Host
+ header set) so that explicitly setting the browser's proxy settings
+ is not necessary.
+ </P
+></LI
+><LI
+><P
+> <A
+HREF="config.html#TEMPLDIR"
+>templdir</A
+>
+ to designate an alternate location for Privoxy's own CGI templates
+ to make sure any locally customized templates aren't overwritten
+ during upgrades.
+ </P
+></LI
+></UL
+></LI
+><LI
+><P
+> A new command line option <TT
+CLASS="LITERAL"
+>--pre-chroot-nslookup hostname</TT
+> to
+ intialize the resolver library before chroot'ing. On some systems this
+ reduces the number of files that must be copied into the chroot tree.
+ (Patch provided by Stephen Gildea)
+ </P
+></LI
+><LI
+><P
+> The <A
+HREF="actions-file.html#FORWARD-OVERRIDE"
+>forward-override</A
+> action
+ allows changing of the forwarding settings based on client headers like the
+ User-Agent, or the request origin.
+ </P
+></LI
+><LI
+><P
+> The <A
+HREF="actions-file.html#REDIRECT"
+>redirect</A
+> action can now use regular
+ expression substitutions against the original URL.
+ </P
+></LI
+><LI
+><P
+> <SPAN
+CLASS="APPLICATION"
+>zlib</SPAN
+> support is now available as a compile
+ time option for compressed documents.
+ </P
+></LI
+><LI
+><P
+> Improve various filters, and add new ones.
+ </P
+></LI
+><LI
+><P
+> Include support for RFC 3253 so that <TT
+CLASS="FILENAME"
+>Subversion</TT
+> works
+ with <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>.
+ </P
+></LI
+><LI
+><P
+> Logging can be turned on or off.
+ </P
+></LI
+><LI
+><P
+> A number of improvements to Privoxy's internal CGI pages, including the
+ use of favicons for error and control pages.
+ </P
+></LI
+><LI
+><P
+> Many bugfixes, memory leaks addressed, code improvements, and logging
+ improvments.
</P
></LI
></UL
be aware of the security issues involved.
</P
></LI
+><LI
+><P
+> The <SPAN
+CLASS="QUOTE"
+>"filter-client-headers"</SPAN
+> and
+ <SPAN
+CLASS="QUOTE"
+>"filter-server-headers"</SPAN
+> actions that were introduced with
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy 3.0.5</SPAN
+> to apply the content filters to
+ the headers as, well have been removed and replaced with new actions.
+ See the <A
+HREF="whatsnew.html"
+>What's New section</A
+> above.
+ </P
+></LI
></UL
></P
></DIV