Copyright © 2001-2006 by Privoxy Developers
-$Id: faq.sgml,v 2.19 2006/09/22 10:54:32 hal9 Exp $
+$Id: faq.sgml,v 2.23 2006/10/21 22:19:52 hal9 Exp $
This FAQ gives quick answers to frequently asked questions about Privoxy. It is
not a substitute for the Privoxy User Manual.
Privoxy is based on Internet Junkbuster (tm).
Please note that this document is a work in progress. This copy represents the
-state at the release of version 3.0.5. You can find the latest version of the
+state at the release of version 3.0.6. You can find the latest version of the
document at http://www.privoxy.org/faq/. Please see the Contact section if you
want to contact the developers.
1.1. Who should use Privoxy?
1.2. Is Privoxy the best choice for me?
1.3. What is a "proxy"? How does Privoxy work?
- 1.4. What is this new version of "Junkbuster"?
- 1.5. Why "Privoxy"? Why change the name from Junkbuster at all?
- 1.6. How does Privoxy differ from the old Junkbuster?
- 1.7. How does Privoxy know what is an ad, and what is not?
- 1.8. Can Privoxy make mistakes? This does not sound very scientific.
- 1.9. Will I have to configure Privoxy before I can use it?
- 1.10. My browser does the same things as Privoxy. Why should I use Privoxy
+ 1.4. Does Privoxy do anything more than ad blocking?
+ 1.5. What is this new version of "Junkbuster"?
+ 1.6. Why "Privoxy"? Why change the name from Junkbuster at all?
+ 1.7. How does Privoxy differ from the old Junkbuster?
+ 1.8. How does Privoxy know what is an ad, and what is not?
+ 1.9. Can Privoxy make mistakes? This does not sound very scientific.
+ 1.10. Will I have to configure Privoxy before I can use it?
+ 1.11. Can Privoxy run as a server on a network?
+ 1.12. My browser does the same things as Privoxy. Why should I use Privoxy
at all?
- 1.11. Why should I trust Privoxy?
- 1.12. Is there is a license or fee? What about a warranty? Registration?
- 1.13. Can Privoxy remove spyware? Adware? Viruses?
- 1.14. Can I use Privoxy with other ad-blocking software?
- 1.15. I would like to help you, what can I do?
+ 1.13. Why should I trust Privoxy?
+ 1.14. Is there is a license or fee? What about a warranty? Registration?
+ 1.15. Can Privoxy remove spyware? Adware? Viruses?
+ 1.16. Can I use Privoxy with other ad-blocking software?
+ 1.17. I would like to help you, what can I do?
- 1.15.1. Would you like to participate?
- 1.15.2. Contribute!
- 1.15.3. Software
+ 1.17.1. Would you like to participate?
+ 1.17.2. Contribute!
+ 1.17.3. Software
2. Installation
3. Configuration
- 3.1. Where can I get updated Actions Files?
- 3.2. Can I use my old config files?
- 3.3. What exactly is an "actions" file?
- 3.4. The "actions" concept confuses me. Please list some of these
+ 3.1. What exactly is an "actions" file?
+ 3.2. The "actions" concept confuses me. Please list some of these
"actions".
- 3.5. How are actions files configured? What is the easiest way to do this?
- 3.6. There are several different "actions" files. What are the differences?
- 3.7. How can I make my Yahoo/Hotmail/Gmail account work?
- 3.8. What's the difference between the "Cautious", "Medium" and "Advanced"
+ 3.3. How are actions files configured? What is the easiest way to do this?
+ 3.4. There are several different "actions" files. What are the differences?
+ 3.5. Where can I get updated Actions Files?
+ 3.6. Can I use my old config files?
+ 3.7. Why is the configuration so complicated?
+ 3.8. How can I make my Yahoo/Hotmail/Gmail account work?
+ 3.9. What's the difference between the "Cautious", "Medium" and "Advanced"
defaults?
- 3.9. Why can I change the configuration with a browser? Does that not raise
- security issues?
- 3.10. What is the default.filter file? What is a "filter"?
- 3.11. How can I set up Privoxy to act as a proxy for my LAN?
- 3.12. Instead of ads, now I get a checkerboard pattern. I don't want to see
+ 3.10. Why can I change the configuration with a browser? Does that not
+ raise security issues?
+ 3.11. What is the default.filter file? What is a "filter"?
+ 3.12. How can I set up Privoxy to act as a proxy for my LAN?
+ 3.13. Instead of ads, now I get a checkerboard pattern. I don't want to see
anything.
- 3.13. Why would anybody want to see a checkerboard pattern?
- 3.14. I see some images being replaced by a text instead of the
+ 3.14. Why would anybody want to see a checkerboard pattern?
+ 3.15. I see some images being replaced by a text instead of the
checkerboard image. Why and how do I get rid of this?
- 3.15. Can Privoxy run as a service on Win2K/NT/XP?
- 3.16. How can I make Privoxy work with other proxies like Squid or Tor?
- 3.17. Can I just set Privoxy to use port 80 and thus avoid individual
+ 3.16. Can Privoxy run as a service on Win2K/NT/XP?
+ 3.17. How can I make Privoxy work with other proxies like Squid or Tor?
+ 3.18. Can I just set Privoxy to use port 80 and thus avoid individual
browser configuration?
- 3.18. Can Privoxy run as a "transparent" proxy?
- 3.19. How can I configure Privoxy for use with Outlook Express?
- 3.20. How can I have separate rules just for HTML mail?
- 3.21. I sometimes notice cookies sneaking through. How?
- 3.22. Are all cookies bad? Why?
- 3.23. How can I allow permanent cookies for my trusted sites?
- 3.24. Can I have separate configurations for different users?
- 3.25. Can I set-up Privoxy as a whitelist of "good" sites?
+ 3.19. Can Privoxy run as a "transparent" proxy?
+ 3.20. How can I configure Privoxy for use with Outlook Express?
+ 3.21. How can I have separate rules just for HTML mail?
+ 3.22. I sometimes notice cookies sneaking through. How?
+ 3.23. Are all cookies bad? Why?
+ 3.24. How can I allow permanent cookies for my trusted sites?
+ 3.25. Can I have separate configurations for different users?
+ 3.26. Can I set-up Privoxy as a whitelist of "good" sites?
+ 3.27. How can I turn off ad-blocking?
+ 3.28. How can I have custom template pages, like the BLOCKED page?
+ 3.29. How can I remove the "Go There Anyway" link from the BLOCKED page?
4. Miscellaneous
Junkbuster. What's wrong?
4.3. What are "http://config.privoxy.org/" and "http://p.p/"?
4.4. How can I submit new ads, or report problems?
- 4.5. Why doesn't anyone answer my support request?
- 4.6. How can I hide my IP address?
- 4.7. Can Privoxy guarantee I am anonymous?
- 4.8. A test site says I am not using a Proxy.
- 4.9. How do I use Privoxy together with Tor?
- 4.10. Might some things break because header information or content is
+ 4.5. If I do submit missed ads, will they be included in future updates?
+ 4.6. Why doesn't anyone answer my support request?
+ 4.7. How can I hide my IP address?
+ 4.8. Can Privoxy guarantee I am anonymous?
+ 4.9. A test site says I am not using a Proxy.
+ 4.10. How do I use Privoxy together with Tor?
+ 4.11. Might some things break because header information or content is
being altered?
- 4.11. Can Privoxy act as a "caching" proxy to speed up web browsing?
- 4.12. What about as a firewall? Can Privoxy protect me?
- 4.13. I have large empty spaces / a checkerboard pattern now where ads used
+ 4.12. Can Privoxy act as a "caching" proxy to speed up web browsing?
+ 4.13. What about as a firewall? Can Privoxy protect me?
+ 4.14. I have large empty spaces / a checkerboard pattern now where ads used
to be. Why?
- 4.14. How can Privoxy filter Secure (HTTPS) URLs?
- 4.15. Privoxy runs as a "server". How secure is it? Do I need to take any
+ 4.15. How can Privoxy filter Secure (HTTPS) URLs?
+ 4.16. Privoxy runs as a "server". How secure is it? Do I need to take any
special precautions?
- 4.16. How can I temporarily disable Privoxy?
- 4.17. When "disabled" is Privoxy totally out of the picture?
- 4.18. My logs show Privoxy "crunches" ads, but also its own internal CGI
+ 4.17. How can I temporarily disable Privoxy?
+ 4.18. When "disabled" is Privoxy totally out of the picture?
+ 4.19. How can I tell Privoxy to totally ignore certain sites?
+ 4.20. My logs show Privoxy "crunches" ads, but also its own internal CGI
pages. What is a "crunch"?
- 4.19. Can Privoxy effect files that I download from a webserver? FTP
+ 4.21. Can Privoxy effect files that I download from a webserver? FTP
server?
- 4.20. I just downloaded a Perl script, and Privoxy altered it! Yikes, what
+ 4.22. I just downloaded a Perl script, and Privoxy altered it! Yikes, what
is wrong!
- 4.21. Should I continue to use a "HOSTS" file for ad-blocking?
- 4.22. Where can I find more information about Privoxy and related issues?
- 4.23. I've noticed that Privoxy changes "Microsoft" to "MicroSuck"! Why are
+ 4.23. Should I continue to use a "HOSTS" file for ad-blocking?
+ 4.24. Where can I find more information about Privoxy and related issues?
+ 4.25. I've noticed that Privoxy changes "Microsoft" to "MicroSuck"! Why are
you manipulating my browsing?
5. Troubleshooting
- 5.1. I am getting "connection refused" with every web page?
- 5.2. I just added a new rule, but the steenkin ad is still getting through.
+ 5.1. I cannot connect to any websites. Or, I am getting "connection
+ refused" message with every web page. Why?
+ 5.2. Why am I getting a 503 Error (WSAECONNREFUSED) on every page?
+ 5.3. I just added a new rule, but the steenkin ad is still getting through.
How?
- 5.3. One of my favorite sites does not work with Privoxy. What can I do?
- 5.4. After installing Privoxy, I have to log in every time I start IE. What
+ 5.4. One of my favorite sites does not work with Privoxy. What can I do?
+ 5.5. After installing Privoxy, I have to log in every time I start IE. What
gives?
- 5.5. I cannot connect to any FTP sites. Privoxy is blocking me.
- 5.6. In Mac OSX, I can't configure Microsoft Internet Explorer to use
+ 5.6. I cannot connect to any FTP sites. Privoxy is blocking me.
+ 5.7. In Mac OSX, I can't configure Microsoft Internet Explorer to use
Privoxy as the HTTP proxy.
- 5.7. In Mac OSX, I dragged the Privoxy folder to the trash in order to
+ 5.8. In Mac OSX, I dragged the Privoxy folder to the trash in order to
uninstall it. Now the finder tells me I don't have sufficient
privileges to empty the trash.
- 5.8. In Mac OSX Panther (10.3), images often fail to load and/or I
+ 5.9. In Mac OSX Panther (10.3), images often fail to load and/or I
experience random delays in page loading. I'm using localhost as my
browser's proxy setting.
- 5.9. I get a completely blank page at one site. "View Source" shows only:
+ 5.10. I get a completely blank page at one site. "View Source" shows only:
<html><body></body></html>. Without Privoxy the page loads fine.
- 5.10. Why am I getting a 503 Error (WSAECONNREFUSED) on every page?
5.11. My logs show many "Unable to get my own hostname" lines. Why?
5.12. When I try to launch Privoxy, I get an error message "port 8118 is
already in use" (or similar wording). Why?
this?
5.19. I just installed Privoxy, and all my browsing has slowed to a crawl.
What gives?
+ 5.20. Why do my filters work on some sites but not on others?
6. Contacting the developers, Bug Reporting and Feature Requests
giving you the ability to completely personalize your installation. Being
familiar with, or at least having an interest in learning about HTTP and other
networking protocols, HTML, IP (Internet Protocol), and "Regular Expressions"
-will be a big plus and will help you get the most out of Privoxy.
+will be a big plus and will help you get the most out of Privoxy. A new
+installation just includes a very basic configuration. The user should take
+this as a starting point only, and enhance it as he or she sees fit. In fact,
+the user is encouraged, and expected to, fine-tune the configuration.
Much of Privoxy's configuration can be done with a Web browser. But there are
areas where configuration is done using a text editor to edit configuration
to filter outbound personal information that your browser is leaking, as well
as inbound junk. It uses a variety of techniques to do this, all of which are
under your complete control via the various configuration files and options.
+Being a proxy also makes it easier to share configurations among multiple
+browsers and/or users.
-------------------------------------------------------------------------------
-1.4. What is this new version of "Junkbuster"?
+1.4. Does Privoxy do anything more than ad blocking?
-Along time ago, there was the Internet Junkbuster, by Anonymous Coders and
+Yes, ad blocking is but one possible use. There are many, many ways Privoxy can
+be used to sanitize and customize web browsing.
+
+-------------------------------------------------------------------------------
+
+1.5. What is this new version of "Junkbuster"?
+
+A long time ago, there was the Internet Junkbuster, by Anonymous Coders and
Junkbusters Corporation. This saved many users a lot of pain in the early days
of web advertising and user tracking.
-------------------------------------------------------------------------------
-1.5. Why "Privoxy"? Why change the name from Junkbuster at all?
+1.6. Why "Privoxy"? Why change the name from Junkbuster at all?
-Junkbusters Corporation continues to offer their original version of the
-Internet Junkbuster, so publishing our Junkbuster-derived software under the
-same name led to confusion.
+Though outdated, Junkbusters Corporation continues to offer their original
+version of the Internet Junkbuster, so publishing our Junkbuster-derived
+software under the same name led to confusion.
-There are also potential legal complications from the continued use of the
-Junkbuster name, which is a registered trademark of Junkbusters Corporation.
-There are, however, no objections from Junkbusters Corporation to the Privoxy
-project itself, and they, in fact, still share our ideals and goals.
+There are also potential legal complications from our use of the Junkbuster
+name, which is a registered trademark of Junkbusters Corporation. There are,
+however, no objections from Junkbusters Corporation to the Privoxy project
+itself, and they, in fact, still share our ideals and goals.
The developers also believed that there are so many improvements over the
original code, that it was time to make a clean break from the past and make a
-------------------------------------------------------------------------------
-1.6. How does Privoxy differ from the old Junkbuster?
+1.7. How does Privoxy differ from the old Junkbuster?
Privoxy picks up where Junkbuster left off. All the old features remain. The
new Privoxy still blocks ads and banners, still manages cookies, and still
config.privoxy.org/ (shortcut: http://p.p/). Browser-based tracing of rule
and filter effects. Remote toggling.
- * Web page content filtering (removes banners based on size, invisible
- "web-bugs", JavaScript and HTML annoyances, pop-up windows, etc.)
+ * Web page filtering (text replacements, removes banners based on size,
+ invisible "web-bugs", JavaScript and HTML annoyances, pop-up windows,
+ header manipulation, etc.)
* Modularized configuration that allows for standard settings and user
settings to reside in separate files, so that installing updated actions
-------------------------------------------------------------------------------
-1.7. How does Privoxy know what is an ad, and what is not?
+1.8. How does Privoxy know what is an ad, and what is not?
Privoxy's approach to blocking ads is twofold:
-------------------------------------------------------------------------------
-1.8. Can Privoxy make mistakes? This does not sound very scientific.
+1.9. Can Privoxy make mistakes? This does not sound very scientific.
Actually, it's a black art ;-) And yes, it is always possible to have a broad
rule accidentally block or change something by mistake. You will almost surely
-------------------------------------------------------------------------------
-1.9. Will I have to configure Privoxy before I can use it?
+1.10. Will I have to configure Privoxy before I can use it?
No, not really. The default installation should give you a good starting point,
-and block most unwanted content.
+and block most ads and unwanted content. Many of the more advanced features are
+off by default, and would require you to activate them.
-But you will certainly run into situations where there are false positives, or
+You do have to set up your browser to use Privoxy (see the Installation section
+below).
+
+And you will certainly run into situations where there are false positives, or
ads not being blocked that you may not want to see. In these cases, you would
certainly benefit by customizing Privoxy's configuration to more closely match
your individual situation. And we would encourage you to do this. This is where
the real power of Privoxy lies!
-You will have to tell your browser about Privoxy (see the Installation section
-below).
+-------------------------------------------------------------------------------
+
+1.11. Can Privoxy run as a server on a network?
+
+Yes, Privoxy runs as a server already, and can easily be configured to "serve"
+more than one client. See How can I set up Privoxy to act as a proxy for my LAN
+below.
-------------------------------------------------------------------------------
-1.10. My browser does the same things as Privoxy. Why should I use Privoxy at
+1.12. My browser does the same things as Privoxy. Why should I use Privoxy at
all?
Modern browsers do indeed have some of the same functionality as Privoxy. Maybe
can do a number of things that browsers just can't.
In addition, a proxy is good choice if you use multiple browsers, or have a LAN
-with multiple computers. This way all the configuration is in one place, and
-you don't have to maintain a similar configuration for possibly many browsers.
+with multiple computers since Privoxy can run as a server application. This way
+all the configuration is in one place, and you don't have to maintain a similar
+configuration for possibly many browsers or users.
-------------------------------------------------------------------------------
-1.11. Why should I trust Privoxy?
+1.13. Why should I trust Privoxy?
The most important reason is because you have access to everything, and you can
control everything. You can check every line of every configuration file
-------------------------------------------------------------------------------
-1.12. Is there is a license or fee? What about a warranty? Registration?
+1.14. Is there is a license or fee? What about a warranty? Registration?
Privoxy is licensed under the GNU General Public License (GPL). It is free to
use, copy, modify or distribute as you wish under the terms of this license.
-------------------------------------------------------------------------------
-1.13. Can Privoxy remove spyware? Adware? Viruses?
+1.15. Can Privoxy remove spyware? Adware? Viruses?
No. Privoxy cannot remove anything. It is not a removal tool. It is a
preventative. Privoxy can help prevent contact from sites that use such tactics
-with approriate configuration rules, and thus could conceivably prevent
+with appropriate configuration rules, and thus could conceivably prevent
contamination from such sites.
-------------------------------------------------------------------------------
-1.14. Can I use Privoxy with other ad-blocking software?
+1.16. Can I use Privoxy with other ad-blocking software?
Privoxy should work fine with other proxies and other software in general.
-------------------------------------------------------------------------------
-1.15. I would like to help you, what can I do?
+1.17. I would like to help you, what can I do?
-1.15.1. Would you like to participate?
+1.17.1. Would you like to participate?
Well, we always need help. There is something for everybody who wants to help
us. We welcome new developers, packagers, testers, documentation writers or
developers mailing list. Then, please read the Developer's Manual, at least the
pertinent sections.
-Once we have added you to the team, you'll have access to the CVS repository,
-and together we'll find a suitable task for you.
-
-------------------------------------------------------------------------------
-1.15.2. Contribute!
+1.17.2. Contribute!
We, of course, welcome donations and could use money for domain registering,
buying software to test Privoxy with, and, of course, for regular world-wide
-------------------------------------------------------------------------------
-1.15.3. Software
+1.17.3. Software
If you are a vendor of a web-related software like a browser, web server or
proxy, and would like us to ensure that Privoxy runs smoothly with your
All browsers must be told to use Privoxy as a proxy by specifying the correct
proxy address and port number in the appropriate configuration area for the
-browser. See below. You should also flush your browser's memory and disk cache
-to get rid of any cached junk items, and remove any stored cookies.
+browser. See the User Manual for more details. You should also flush your
+browser's memory and disk cache to get rid of any cached junk items, and remove
+any stored cookies.
-------------------------------------------------------------------------------
Privoxy can also be used to proxy for a Local Area Network. In this case, your
would enter either the IP address of the LAN host where Privoxy is running, or
-the equivalent hostname. Port assignment would be same as above. Note that
-Privoxy doesn't listen on any LAN interfaces by default.
+the equivalent hostname, e.g. 192.168.1.1. Port assignment would be same as
+above. Note that Privoxy doesn't listen on any LAN interfaces by default.
Privoxy does not currently handle any other protocols such as FTP, SMTP, IM,
IRC, ICQ, etc. Be sure that proxying any of these other protocols is not
3. Configuration
-3.1. Where can I get updated Actions Files?
-
-Based on your feedback and the continuing development, updates of
-default.action will be made available from time to time on the files section of
-our project page.
-
-If you wish to receive an email notification whenever we release updates of
-Privoxy or the actions file, subscribe to our announce mailing list,
-ijbswa-announce@lists.sourceforge.net.
-
--------------------------------------------------------------------------------
-
-3.2. Can I use my old config files?
-
-The syntax and purpose of configuration files has remained the same throughout
-the 3.x series. Although each release contains updated, "improved" versions and
-it is recommended to use the newer configuration files. If upgrading from
-version prior to 3.0.4 the syntax for fast-redirects has changed. See the
-What's New section of the User Manual for details.
-
-But all configuration files have substantially changed from the Junkbuster
-days, and early versions of Privoxy 2.x. The old files, like blocklist will not
-work at all.
-
-Refer to the What's New page for information on configuration changes that may
-occur from one release to another.
-
--------------------------------------------------------------------------------
-
-3.3. What exactly is an "actions" file?
+3.1. What exactly is an "actions" file?
-Actions files are where various actions that Privoxy could take while
-processing a certain request, are configured. Typically, you would define a set
-of default actions that apply to all URLs, then add exceptions to these
-defaults where needed. There is a wide array of actions available that give the
-user a high degree of control and flexibility on how to process each and every
-web page.
+Privoxy utilizes the concept of " actions" that are used to manipulate and
+control web page data. Actions files are where these actions that Privoxy could
+take while processing a certain request, are configured. Typically, you would
+define a set of default actions that apply globally to all URLs, then add
+exceptions to these defaults where needed. There is a wide array of actions
+available that give the user a high degree of control and flexibility on how to
+process each and every web page.
Actions can be defined on a URL pattern basis, i.e. for single URLs, whole web
sites, groups or parts thereof etc. Actions can also be grouped together and
-------------------------------------------------------------------------------
-3.4. The "actions" concept confuses me. Please list some of these "actions".
+3.2. The "actions" concept confuses me. Please list some of these "actions".
For a comprehensive discussion of the actions concept, please refer to the
-actions file chapter in the user manual. It includes a list of all actions and
+actions file chapter in the User Manual. It includes a list of all actions and
an actions file tutorial to get you started.
-------------------------------------------------------------------------------
-3.5. How are actions files configured? What is the easiest way to do this?
+3.3. How are actions files configured? What is the easiest way to do this?
Actions files are just text files in a special syntax and can be edited with a
text editor. But probably the easiest way is to access Privoxy's user interface
-------------------------------------------------------------------------------
-3.6. There are several different "actions" files. What are the differences?
+3.4. There are several different "actions" files. What are the differences?
-As of Privoxy v2.9.15, three actions files are being included, to be used for
+Three actions files are being included by the developers, to be used for
different purposes: These are default.action, the "main" actions file which is
-actively maintained by the Privoxy developers, user.action, where users are
-encouraged to make their private customizations, and standard.action, which is
-for internal Privoxy use only. Please see the actions chapter in the User
-Manual for a more detailed explanation.
+actively maintained by the Privoxy developers and typically sets the default
+policies, user.action, where users are encouraged to make their private
+customizations, and standard.action, which is for internal Privoxy use only.
+Please see the actions chapter in the User Manual for a more detailed
+explanation.
Earlier versions included three different versions of the default.action file.
The new scheme allows for greater flexibility of local configuration, and for
-------------------------------------------------------------------------------
-3.7. How can I make my Yahoo/Hotmail/Gmail account work?
+3.5. Where can I get updated Actions Files?
+
+Based on your feedback and the continuing development, updates of
+default.action will be made available from time to time on the files section of
+our project page.
+
+If you wish to receive an email notification whenever we release updates of
+Privoxy or the actions file, subscribe to our announce mailing list,
+ijbswa-announce@lists.sourceforge.net.
+
+-------------------------------------------------------------------------------
+
+3.6. Can I use my old config files?
+
+The syntax and purpose of configuration files has remained the same throughout
+the 3.x series. Although each release contains updated, "improved" versions and
+it is recommended to use the newer configuration files. If upgrading from
+version prior to 3.0.4 the syntax for fast-redirects has changed. See the
+What's New section of the User Manual for details.
+
+But all configuration files have substantially changed from the Junkbuster
+days, and early versions of Privoxy 2.x. The old files, like blocklist will not
+work at all.
+
+Refer to the What's New page for information on configuration changes that may
+occur from one release to another.
+
+-------------------------------------------------------------------------------
+
+3.7. Why is the configuration so complicated?
+
+"Complicated" is in the eye of the beholder. Those that are familiar with some
+of the underlying concepts, such as regular expression syntax, take to it like
+a fish takes to water. Also, software that tries hard to be "user friendly",
+often lacks sophistication and flexibility. There is always that trade-off
+there between power vs. easy-of-use. Furthermore, anyone is welcome to
+contribute ideas and implementations to enhance Privoxy.
+
+-------------------------------------------------------------------------------
+
+3.8. How can I make my Yahoo/Hotmail/Gmail account work?
The default configuration shouldn't impact the usability of any of these
-services. It will, however, make all cookies temporary, so that your browser
+services. It may, however, make all cookies temporary, so that your browser
will forget your login credentials in between browser sessions. If you would
like not to have to log in manually each time you access those websites, simply
turn off all cookie handling for them in the user.action file. An example for
# Gmail is a _fragile_ site:
#
{ fragile }
+ # Gmail is ...
mail.google.com
Be sure to flush your browser's caches whenever making these kinds of changes,
-------------------------------------------------------------------------------
-3.8. What's the difference between the "Cautious", "Medium" and "Advanced"
+3.9. What's the difference between the "Cautious", "Medium" and "Advanced"
defaults?
Configuring Privoxy is not entirely trivial. To help you get started, we
Where the defaults are likely to break some sites, exceptions for known popular
"problem" sites are included, but in general, the more aggressive your default
-settings are, the more exceptions you will have to make later. See the User
-Manual for a more detailed discussion.
+settings are, the more exceptions you will have to make later. New users are
+best to start off in "Cautious" setting. This is safest and will have the
+fewest problems. See the User Manual for a more detailed discussion.
It should be noted that the "Advanced" profile (formerly known as the
"Adventuresome" profile) is more aggressive, and will make use of some of
-------------------------------------------------------------------------------
-3.9. Why can I change the configuration with a browser? Does that not raise
+3.10. Why can I change the configuration with a browser? Does that not raise
security issues?
It may seem strange that regular users can edit the config files with their
-------------------------------------------------------------------------------
-3.10. What is the default.filter file? What is a "filter"?
+3.11. What is the default.filter file? What is a "filter"?
The default.filter file is where filters as supplied by the developers are
defined. Filters are a special subset of actions that can be used to modify or
-------------------------------------------------------------------------------
-3.11. How can I set up Privoxy to act as a proxy for my LAN?
+3.12. How can I set up Privoxy to act as a proxy for my LAN?
By default, Privoxy only responds to requests from 127.0.0.1 (localhost). To
have it act as a server for a network, this needs to be changed in the main
-------------------------------------------------------------------------------
-3.12. Instead of ads, now I get a checkerboard pattern. I don't want to see
+3.13. Instead of ads, now I get a checkerboard pattern. I don't want to see
anything.
The replacement for blocked images can be controlled with the set-image-blocker
URLs match both a handle-as-image and block action.
If you want to see nothing, then change the set-image-blocker action to
-"blank". This can be done by editing the default.action file, or trough the
+"blank". This can be done by editing the user.action file, or through the
web-based actions file editor.
-------------------------------------------------------------------------------
-3.13. Why would anybody want to see a checkerboard pattern?
+3.14. Why would anybody want to see a checkerboard pattern?
-Remember that telling which image is an ad and which isn't, is mostly
-guesswork. While we hope that the standard configuration is rather smart, it
-can and will make errors. The checkerboard image is visually decent, but it
-shows you that and where images were blocked, which can be very helpful in case
-some navigation aid or otherwise innocent image was erroneously blocked. Some
-people might also enjoy seeing how many banners they don't have to see..
+Remember that telling which image is an ad and which isn't, is an educated
+guess. While we hope that the standard configuration is rather smart, it will
+make occasional mistakes. The checkerboard image is visually decent, and it
+shows you where images have been blocked, which can be very helpful in case
+some navigation aid or otherwise innocent image was erroneously blocked. It is
+recommended for new users so they can "see" what is happening. Some people
+might also enjoy seeing how many banners they don't have to see.
-------------------------------------------------------------------------------
-3.14. I see some images being replaced by a text instead of the checkerboard
+3.15. I see some images being replaced by a text instead of the checkerboard
image. Why and how do I get rid of this?
This happens when the banners are not embedded in the HTML code of the page
-------------------------------------------------------------------------------
-3.15. Can Privoxy run as a service on Win2K/NT/XP?
+3.16. Can Privoxy run as a service on Win2K/NT/XP?
Yes. Version 3.0.5 introduces full Windows service functionality. See the User
Manual for details on how to install and configure Privoxy as a service.
-------------------------------------------------------------------------------
-3.16. How can I make Privoxy work with other proxies like Squid or Tor?
+3.17. How can I make Privoxy work with other proxies like Squid or Tor?
This can be done and is often useful to combine the benefits of Privoxy with
those of a another proxy. See the forwarding chapter in the User Manual which
-------------------------------------------------------------------------------
-3.17. Can I just set Privoxy to use port 80 and thus avoid individual browser
+3.18. Can I just set Privoxy to use port 80 and thus avoid individual browser
configuration?
No, its more complicated than that. This only works with special kinds of
-------------------------------------------------------------------------------
-3.18. Can Privoxy run as a "transparent" proxy?
+3.19. Can Privoxy run as a "transparent" proxy?
No, Privoxy currently does not have this ability, though it may be added in a
future release. Transparent proxies require special handling of the request
Chaining Privoxy behind another proxy that has this ability should work though.
See the forwarding chapter in the User Manual. As a transparent proxy to be
-used for chaining we recommend Transproxy (http://transproxy.sourceforge.net/).
+used for chaining we suggest Transproxy (http://transproxy.sourceforge.net/).
-------------------------------------------------------------------------------
-3.19. How can I configure Privoxy for use with Outlook Express?
+3.20. How can I configure Privoxy for use with Outlook Express?
Outlook Express uses Internet Explorer components to both render HTML, and
fetch any HTTP requests that may be embedded in an HTML email. So however you
-------------------------------------------------------------------------------
-3.20. How can I have separate rules just for HTML mail?
+3.21. How can I have separate rules just for HTML mail?
The short answer is, you can't. Privoxy has no way of knowing which particular
application makes a request, so there is no way to distinguish between web
-------------------------------------------------------------------------------
-3.21. I sometimes notice cookies sneaking through. How?
+3.22. I sometimes notice cookies sneaking through. How?
Cookies can be set in several ways. The classic method is via the Set-Cookie
HTTP header. This is straightforward, and an easy one to manipulate, such as
-------------------------------------------------------------------------------
-3.22. Are all cookies bad? Why?
+3.23. Are all cookies bad? Why?
No, in fact there are many beneficial uses of cookies. Cookies are just a
method that browsers can use to store data between pages, or between browser
-------------------------------------------------------------------------------
-3.23. How can I allow permanent cookies for my trusted sites?
+3.24. How can I allow permanent cookies for my trusted sites?
There are several actions that relate to cookies. The default behavior is to
allow only "session cookies", which means the cookies only last for the current
-------------------------------------------------------------------------------
-3.24. Can I have separate configurations for different users?
+3.25. Can I have separate configurations for different users?
Each instance of Privoxy has its own configuration, including such attributes
as the TCP port that it listens on. What you can do is run multiple instances
-of Privoxy, each with a unique listen-address and configuration path, and then
-each of these can have their own configurations. Think of it as per-port
-configuration.
+of Privoxy, each with a unique listen-address configuration setting, and
+configuration path, and then each of these can have their own configurations.
+Think of it as per-port configuration.
Simple enough for a few users, but for large installations, consider having
groups of users that might share like configurations.
-------------------------------------------------------------------------------
-3.25. Can I set-up Privoxy as a whitelist of "good" sites?
+3.26. Can I set-up Privoxy as a whitelist of "good" sites?
-Sure. There are a couple of things you can do for simple whitelisting. Here's
+Sure. There are a couple of things you can do for simple white-listing. Here's
one real easy one:
############################################################
toys.example.com
games.example.com
-This allows access to only those three sites.
+This allows access to only those three sites by first blocking all URLs, and
+then subsequently allowing three specific exceptions.
A more interesting approach is Privoxy's trustfile concept, which incorporates
the notion of "trusted referrers". See the User Manual Trust documentation.
-------------------------------------------------------------------------------
+3.27. How can I turn off ad-blocking?
+
+Ad blocking is achieved through a complex application of various Privoxy
+actions. These actions are deployed against simple images, banners, flash
+animations, text pages, JavaScript, pop-ups and pop-unders, etc., so its not as
+simple as just turning one or two actions off. The various actions that make up
+Privoxy ad blocking are hard-coded into the default configuration files. It has
+been assumed that everyone using Privoxy is interested in this particular
+feature.
+
+If you want to do without this, there are several approaches you can take: You
+can manually undo the many block rules in default.action. Or even easier, just
+create your own default.action file from scratch without the many ad blocking
+rules, and corresponding exceptions. Or lastly, if you are not concerned about
+the additional blocks that are done for privacy reasons, you can very easily
+over-ride all blocking with the following very simple rule in your user.action:
+
+ # Unblock everybody, everywhere
+ { -block }
+ / # UN-Block *all* URLs
+
+Or even a more comprehensive reversing of various ad related actions:
+
+ # Unblock everybody, everywhere, and turn off appropriate filtering, etc
+ { -block \
+ -filter{banners-by-size} \
+ -filter{banners-by-link} \
+ allow-popups \
+ }
+ / # UN-Block *all* URLs and allow ads
+
+This last "action" in this compound statement, allow-popups, is an alias that
+disables various pop-up blocking features.
+
+-------------------------------------------------------------------------------
+
+3.28. How can I have custom template pages, like the BLOCKED page?
+
+Privoxy "templates" are specialized text files utilized by Privoxy for various
+purposes and can easily be modified using any text editor. All the template
+pages are installed in a sub-directory appropriately named: templates. Knowing
+something about HTML syntax will of course be helpful. You cannot rename any of
+these files, or create completely new templates, that is not possible. But you
+can change the page content to whatever you like. Be forewarned that these
+files are subject to being overwritten during upgrades, so be sure to save any
+customizations.
+
+-------------------------------------------------------------------------------
+
+3.29. How can I remove the "Go There Anyway" link from the BLOCKED page?
+
+Editing the BLOCKED template page (see above) may dissuade some users, but this
+method is easily circumvented. Where you need this level of control, you should
+build Privoxy from source, and enable various features that are available as
+compile-time options. You should configure the sources as follows:
+
+ ./configure --disable-toggle --disable-editor --disable-force
+
+This will create an executable with hard-coded security features so that
+Privoxy does not allow easy bypassing of blocked sites, or changing the current
+configuration via any connected user's web browser. Some of these features can
+also be toggled on/off via options in Privoxy's main config file. But
+compiled-in compliance is a much better method of ensuring that a block is
+really a block.
+
+Default builds of Privoxy are typically built with these features disabled.
+
+-------------------------------------------------------------------------------
+
4. Miscellaneous
4.1. How much does Privoxy slow my browsing down? This has to add extra time to
How much of an impact depends on many things, including the CPU of the host
system, how aggressive the configuration is, which specific actions are being
-triggered, the size of the page, etc.
+triggered, the size of the page, the bandwidth of the connection, etc.
Overall, it should not slow you down any in real terms, and may actually help
speed things up since ads, banners and other junk are not typically being
"Filtering" content via the filter or deanimate-gifs actions will certainly
cause a perceived slowdown, since the entire document needs to be buffered
-before displaying. And on very large documents, there may be some impact. How
-much depends on the page size, the actual definition of the filter(s), etc. See
-below. Most other actions have little to no impact on speed.
+before displaying. And on very large documents, filtering may have some
+measurable impact. How much depends on the page size, the actual definition of
+the filter(s), etc. See below. Most other actions have little to no impact on
+speed.
+
+Also, when filtering is enabled, typically there is a disabling of compression,
+(see prevent-compression). This can have an impact on speed as well. Again, the
+page size, etc. will determine how much of an impact.
-------------------------------------------------------------------------------
more noticeable on slower dialup connections. Extremely large documents may
have some impact on the time to load the page where there is filtering being
done. But overall, the difference should be very minimal. If there is a big
-impact, then probably some other problem is contributing.
+impact, then probably some other situation is contributing (like anti-virus
+software).
Filtering is automatically disabled for inappropriate MIME types. But note that
if the web server mis-reports the MIME type, then content that should not be
Note that the built-in URLs from earlier versions of Junkbuster / Privoxy,
http://example.com/show-proxy-args and http://i.j.b/, are no longer supported.
If you still use such an old version, you should really consider upgrading to
-3.0.5.
+3.0.6.
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
-4.5. Why doesn't anyone answer my support request?
+4.5. If I do submit missed ads, will they be included in future updates?
+
+Whether such submissions are eventually included in the default.action
+configuration file depends on how significant the issue is. We of course want
+to address any potential problem with major, high-profile sites such as Google,
+Yahoo, etc. Any site with global or regional reach, has a good chance of being
+a candidate. But at the other end of the spectrum are any number of smaller,
+low-profile sites such as for local clubs or schools. Since their reach and
+impact are much less, they are best handled by inclusion in the user's
+user.action, and thus would be unlikely to be included.
+
+-------------------------------------------------------------------------------
+
+4.6. Why doesn't anyone answer my support request?
Rest assured that it has been read and considered. Why it is not answered,
could be for various reasons, including no one has a good answer for it, no one
-------------------------------------------------------------------------------
-4.6. How can I hide my IP address?
+4.7. How can I hide my IP address?
-If you run both the browser and the proxy locally, you cannot hide your IP
-address with Privoxy or ultimately any other software. The server needs to know
-your IP address so that it knows where to send the responses back.
+If you run both the browser and Privoxy locally, you cannot hide your IP
+address with Privoxy or ultimately any other software alone. The server needs
+to know your IP address so that it knows where to send the responses back.
There are many publicly usable "anonymous" proxies out there, which provide a
further level of indirection between you and the web server.
-------------------------------------------------------------------------------
-4.7. Can Privoxy guarantee I am anonymous?
+4.8. Can Privoxy guarantee I am anonymous?
No. Your chances of remaining anonymous are greatly improved, but unless you
chain Privoxy with Tor or a similar system and know what you're doing when it
Privoxy can remove various information about you, and allows you more freedom
to decide which sites you can trust, and what details you want to reveal. But
-it neither hides your ip address, nor can it guarantee that the rest of the
+it neither hides your IP address, nor can it guarantee that the rest of the
system behaves correctly. There are several possibilities how a web sites can
find out who you are, even if you are using a strict Privoxy configuration and
chained it with Tor.
-------------------------------------------------------------------------------
-4.8. A test site says I am not using a Proxy.
+4.9. A test site says I am not using a Proxy.
Good! Actually, they are probably testing for some other kinds of proxies.
Hiding yourself completely would require additional steps.
-------------------------------------------------------------------------------
-4.9. How do I use Privoxy together with Tor?
+4.10. How do I use Privoxy together with Tor?
Before you configure Privoxy to use Tor (http://tor.eff.org/), please follow
the User Manual chapters 2. Installation and 5. Startup to make sure Privoxy
anonymity level, therefore you should use socks4a, to make sure Privoxy's DNS
requests are done through Tor and thus invisible to your local network.
-Since Privoxy 3.0.5, its configuration (section 5.2) is already prepared for
-Tor, if you are using a default Tor configuration and run it on the same system
-as Privoxy, you just have to uncomment the line:
+Since Privoxy 3.0.5, its main configuration file is already prepared for Tor,
+if you are using a default Tor configuration and run it on the same system as
+Privoxy, you just have to edit the forwarding section and uncomment the line:
# forward-socks4a / 127.0.0.1:9050 .
Save the modified configuration file and open http://config.privoxy.org/
show-status/ in your browser, confirm that Privoxy has reloaded its
configuration and that there are no other forward lines, unless you know that
-you need them. I everything looks good, refer to Tor Faq 4.2 to learn how to
+you need them. If everything looks good, refer to Tor Faq 4.2 to learn how to
verify that you are really using Tor.
Afterward, please take the time to at least skim through the rest of Tor's
-------------------------------------------------------------------------------
-4.10. Might some things break because header information or content is being
+4.11. Might some things break because header information or content is being
altered?
-Definitely. More and more sites use HTTP header content to decide what to
-display and how to display it. There is many ways that this can be handled, so
-having hard and fast rules, is tricky.
+Definitely. It is common for sites to use browser type, browser version, HTTP
+header content, and various other techniques in order to dynamically decide
+what to display and how to display it. What you see, and what I see, might be
+very different. There are many, many ways that this can be handled, so having
+hard and fast rules, is tricky.
-"User-Agent" in particular is often used in this way to identify the browser,
-and adjust content accordingly. Changing this now (at least not further than
-removing the OS information) is not recommended, since so many sites do look
-for it. You may get undesirable results by changing this.
+"User-Agent" is often used in this way to identify the browser, and adjust
+content accordingly. Changing this now (at least not further than removing the
+OS information) is not recommended, since so many sites do look for it. You may
+get undesirable results by changing just this one aspect.
-For instance, different browsers use different encodings of Russian and Czech
+Also, different browsers use different encodings of Russian and Czech
characters, certain web servers convert pages on-the-fly according to the User
Agent header. Giving a "User Agent" with the wrong operating system or browser
manufacturer causes some sites in these languages to be garbled; Surfers to
if unavailable. The weather maps of Intellicast have been blocked by their
server when no "Referer" or cookie is provided, is another example. (But you
can forge both headers without giving information away). There are many other
-ways things can go wrong when trying to fool a web server.
+ways things that can go wrong when trying to fool a web server. The results of
+which could inadvertently cause pages to load incorrectly, partially, or even
+not at all. And there may be no obvious clues as to just what went wrong, or
+why. Nowhere will there be a message that says "Turn off fast-redirects or
+else! "
Similar thoughts apply to modifying JavaScript, and, to a lesser degree, HTML
elements.
-------------------------------------------------------------------------------
-4.11. Can Privoxy act as a "caching" proxy to speed up web browsing?
+4.12. Can Privoxy act as a "caching" proxy to speed up web browsing?
No, it does not have this ability at all. You want something like Squid for
this. And, yes, before you ask, Privoxy can co-exist with other kinds of
-------------------------------------------------------------------------------
-4.12. What about as a firewall? Can Privoxy protect me?
+4.13. What about as a firewall? Can Privoxy protect me?
Not in the way you mean, or in the way a true firewall can. Privoxy can help
protect your privacy, but not protect you from intrusion attempts. It is, of
-------------------------------------------------------------------------------
-4.13. I have large empty spaces / a checkerboard pattern now where ads used to
+4.14. I have large empty spaces / a checkerboard pattern now where ads used to
be. Why?
-It would be technically possible eliminate the banners in a way that frees
-their screen estate in many cases, by doing all banner blocking with filters,
-i.e. eliminating the whole image references from the HTML pages instead of
-letting them stay in, and blocking the resulting requests for the banners
-themselves.
+It is technically possible to eliminate banners and ads in a way that frees
+their allocated page space. This could easily be done by blocking with
+Privoxy's filters, and eliminating the entire image references from the HTML
+page source.
+
+But, this would consume considerably more CPU resources (IOW, slow things
+down), would likely destroy the layout of some web pages which rely on the
+banners utilizing a certain amount of page space, and might fail in other
+cases, where the screen space is reserved (e.g. by HTML tables for instance).
+Also, making ads and banners disappear without any trace complicates
+troubleshooting, and would sooner or later be problematic.
-But this would consume considerable CPU resources, would likely destroy the
-layout of many web pages which rely on the banners consuming a certain amount
-of screen space, and would fail in other cases, where the screen space is
-reserved e.g. by tables anyway. Also, making the banners disappear without a
-visual trace complicates troubleshooting.
+The better alternative is to instead let them stay, and block the resulting
+requests for the banners themselves as is now the case. This leaves either
+empty space, or the familiar checkerboard pattern.
-So we won't support this in the default configuration, but you can of course
-define appropriate filters yourself.
+So the developers won't support this in the default configuration, but you can
+of course define appropriate filters yourself to achieve this.
-------------------------------------------------------------------------------
-4.14. How can Privoxy filter Secure (HTTPS) URLs?
+4.15. How can Privoxy filter Secure (HTTPS) URLs?
Since secure HTTP connections are encrypted SSL sessions between your browser
and the secure site, and are meant to be reliably secure, there is little that
-------------------------------------------------------------------------------
-4.15. Privoxy runs as a "server". How secure is it? Do I need to take any
+4.16. Privoxy runs as a "server". How secure is it? Do I need to take any
special precautions?
There are no known exploits that might affect Privoxy. On Unix-like systems,
-------------------------------------------------------------------------------
-4.16. How can I temporarily disable Privoxy?
+4.17. How can I temporarily disable Privoxy?
The easiest way is to access Privoxy with your browser by using the remote
toggle URL: http://config.privoxy.org/toggle. See the Bookmarklets section of
-------------------------------------------------------------------------------
-4.17. When "disabled" is Privoxy totally out of the picture?
+4.18. When "disabled" is Privoxy totally out of the picture?
No, this just means all filtering and actions are disabled. Privoxy is still
acting as a proxy, but just not doing any of the things that Privoxy would
normally be expected to do. It is still a "middle-man" in the interaction
-between your browser and web sites.
+between your browser and web sites. See below to bypass the proxy.
-------------------------------------------------------------------------------
-4.18. My logs show Privoxy "crunches" ads, but also its own internal CGI pages.
+4.19. How can I tell Privoxy to totally ignore certain sites?
+
+Bypassing a proxy, or proxying based on arbitrary criteria, is purely a browser
+configuration issue, not a Privoxy issue. Modern browsers typically do have
+settings for not proxying certain sites. Check your browser's help files.
+
+-------------------------------------------------------------------------------
+
+4.20. My logs show Privoxy "crunches" ads, but also its own internal CGI pages.
What is a "crunch"?
A "crunch" simply means Privoxy intercepted something, nothing more. Often this
-------------------------------------------------------------------------------
-4.19. Can Privoxy effect files that I download from a webserver? FTP server?
+4.21. Can Privoxy effect files that I download from a webserver? FTP server?
From the webserver's perspective, there is no difference between viewing a
document (i.e. a page), and downloading a file. The same is true of Privoxy. If
-------------------------------------------------------------------------------
-4.20. I just downloaded a Perl script, and Privoxy altered it! Yikes, what is
+4.22. I just downloaded a Perl script, and Privoxy altered it! Yikes, what is
wrong!
Please read above.
-------------------------------------------------------------------------------
-4.21. Should I continue to use a "HOSTS" file for ad-blocking?
+4.23. Should I continue to use a "HOSTS" file for ad-blocking?
One time-tested technique to defeat common ads is to trick the local DNS system
by giving a phony IP address for the ad generator in the local HOSTS file,
-------------------------------------------------------------------------------
-4.22. Where can I find more information about Privoxy and related issues?
+4.24. Where can I find more information about Privoxy and related issues?
Other references and sites of interest to Privoxy users:
-------------------------------------------------------------------------------
-4.23. I've noticed that Privoxy changes "Microsoft" to "MicroSuck"! Why are you
+4.25. I've noticed that Privoxy changes "Microsoft" to "MicroSuck"! Why are you
manipulating my browsing?
We're not. The text substitutions that you are seeing are disabled in the
5. Troubleshooting
-5.1. I am getting "connection refused" with every web page?
+5.1. I cannot connect to any websites. Or, I am getting "connection refused"
+message with every web page. Why?
+
+There are several possibilities:
+
+ * Privoxy is not running. Solution: verify that Privoxy is installed
+ correctly, has not crashed, and is indeed running. Look at Privoxy's logs
+ to see what they say.
+
+ * Or your browser is configured for a different port than what Privoxy is
+ using. Solution: verify that Privoxy and your browser are set to the same
+ port (listen-address).
+
+ * Or if using a forwarding rule, you have a configuration problem or a
+ problem with a host in the forwarding chain. Solution: temporarily alter
+ your configuration and take the forwarders out of the equation.
+
+ * Or you have a firewall that is interfering and blocking you. Solution: try
+ disabling or removing the firewall as a simple test.
+
+-------------------------------------------------------------------------------
-Either Privoxy is not running, or your browser is configured for a different
-port than what Privoxy is using, or, if using a forwarding rule, you have a
-configuration problem or a problem with a host in the forwarding chain.
+5.2. Why am I getting a 503 Error (WSAECONNREFUSED) on every page?
-You should verify that Privoxy is indeed running and that the correct port is
-set, and matches what your browser is set to. See listen-address option in
-Privoxy's main configuration file. If using any forwarding rules, disable those
-to make sure the problem is not with a forwarder.
+More than likely this is a problem with your TCP/IP networking. ZoneAlarm has
+been reported to cause this symptom -- even if not running! The solution is to
+either fight the ZA configuration, or uninstall ZoneAlarm, and then find
+something better behaved in its place. Other personal firewall type products
+may cause similar type problems if not configured correctly.
-------------------------------------------------------------------------------
-5.2. I just added a new rule, but the steenkin ad is still getting through.
+5.3. I just added a new rule, but the steenkin ad is still getting through.
How?
If the ad had been displayed before you added its URL, it will probably be held
in the browser's cache for some time, so it will be displayed without the need
-for any request to the server, and Privoxy will not be in the picture. The best
-thing to do is try flushing the browser's caches. And then try again.
+for any request to the server, and Privoxy will not be involved. Flush the
+browser's caches, and then try again.
If this doesn't help, you probably have an error in the rule you applied. Try
pasting the full URL of the offending ad into http://config.privoxy.org/
show-url-info and see if it really matches your new rule. Blocking ads is like
-blocking spam: a lot of tinkering is required to stay ahead of the game.
-
--------------------------------------------------------------------------------
-
-5.3. One of my favorite sites does not work with Privoxy. What can I do?
+blocking spam: a lot of tinkering is required to stay ahead of the game. And
+remember you need to block the URL of the ad in question, which may be entirely
+different from the site URL itself. Most ads are hosted on different servers
+than the main site itself. If you right-click on the ad, you should be able to
+get all the relevant information you need. Alternately, you can find the
+correct URL by looking at Privoxy's logs.
+
+Below is a slightly modified real-life log snippet that originates with one
+requested URL: www.example.com (name of site was changed for this example, the
+number of requests is real). You can see in this the complexity of what goes
+into making up this one "page". There are eight different domains involved
+here, with thirty two separate URLs requested in all, making up all manner of
+images, Shockwave Flash, JavaScript, CSS stylesheets, scripts, and other
+related content. Some of this content is obviously "good" or "bad", but not
+all. Many of the more questionable looking requests, are going to outside
+domains that seem to be identifying themselves with suspicious looking names,
+making our job a little easier. Privoxy has "crunched" (meaning caught and
+BLOCKED) quite a few items in this example, but perhaps missed a few as well.
+
+Request: www.example.com/
+Request: www.example.com/favicon.ico
+Request: img.example.com/main.css
+Request: img.example.com/sr.js
+Request: example.betamarker.com/example.html
+Request: www.lik-sang.com/Banners/bestsellers/skyscraper.php?likref=BSellers
+Request: img.example.com/pb.png
+Request: www.google-analytics.com/urchin.js crunch!
+Request: www.advertising-department.com/ats/switch.ps.php?26856 crunch!
+Request: img.example.com/p.gif
+Request: www.popuptraffic.com/assign.php?l=example&mode=behind crunch!
+Request: www.popuptraffic.com/scripts/popup.php?hid=5c3cf&tmpl=PBa.tmpl crunch!
+Request: www.popuptraffic.com/assign.php?l=example crunch!
+Request: www.lik-sang.com/Banners/best_sellers/best_sellers.css
+Request: www.adtrak.net/adx.js crunch!
+Request: img.example.com/hbg.gif
+Request: img.example.com/example.jpg
+Request: img.example.com/mt.png
+Request: img.example.com/mm.png
+Request: img.example.com/mb.png
+Request: www.popuptraffic.com/scripts/popup.php?hid=a71b91fa5&tmpl=Ua.tmp crunch!
+Request: www.example.com/tracker.js
+Request: www.lik-sang.com/Banners/best_sellers/lsi_head.gif
+Request: www.adtrak.net/adjs.php?n=020548130&what=zone:61 crunch!
+Request: www.adtrak.net/adjs.php?n=463594413&what=zone:58&source=Ua crunch!
+Request: www.lik-sang.com/Banners/best_sellers/bottomani.swf
+Request: mmm.elitemediagroup.net/install.php?allowpop=no&popupmincook=0&allowsp2=1 crunch!
+Request: www.example.com/tracker.js?screen=1400x1050&win=962x693
+Request: www.adtrak.net/adlog.php?bannerid=1309&clientid=439&zoneid=61 crunch!
+Request: 66.70.21.80/scripts/click.php?hid=5c3cf599a9efd0320d26&si
+Request: 66.70.21.80/img/pixel.gif
+Request: www.adtrak.net/adlog.php?bannerid=1309&clientid=439&zoneid=58&source=Ua&block=86400 crunch!
+Request: 66.70.21.80/scripts/click.php?hid=a71b9f6504b0c5681fa5&si=Ua
+
+Despite 12 out of 32 requests being blocked, the page looked, and seemed to
+behave perfectly "normal" (minus some ads, of course).
+
+-------------------------------------------------------------------------------
+
+5.4. One of my favorite sites does not work with Privoxy. What can I do?
First verify that it is indeed a Privoxy problem, by toggling off Privoxy
through http://config.privoxy.org/toggle, and then shift-reloading the problem
page (i.e. holding down the shift key while clicking reload. Alternatively,
flush your browser's disk and memory caches).
-If still a problem, go to http://config.privoxy.org/show-url-info and paste the
-full URL of the page in question into the prompt. See which actions are being
-applied to the URL, and which matches in which actions files are responsible
-for that. Now, armed with this information, go to http://config.privoxy.org/
-show-status and select the appropriate actions files for editing.
+If the problem went away, we know we have a configuration related problem. Now
+go to http://config.privoxy.org/show-url-info and paste the full URL of the
+page in question into the prompt. See which actions are being applied to the
+URL, and which matches in which actions files are responsible for that. It
+might be helpful also to look at your logs for this site too, to see what else
+might be happening. Many sites are complex and require a number of related
+pages to help present their content. Look at what else might be used by the
+page in question, and what of that might be required. Now, armed with this
+information, go to http://config.privoxy.org/show-status and select the
+appropriate actions files for editing.
You can now either look for a section which disables the actions that you
suspect to cause the problem and add a pattern for your site there, or make up
appendix, Troubleshooting: the Anatomy of an Action. There is also an actions
tutorial with general configuration information and examples.
+As a last resort, you can always see if your browser has a setting that will
+bypass the proxy setting for selective sites. Modern browsers can do this.
+
-------------------------------------------------------------------------------
-5.4. After installing Privoxy, I have to log in every time I start IE. What
+5.5. After installing Privoxy, I have to log in every time I start IE. What
gives?
This is a quirk that effects the installation of Privoxy, in conjunction with
-------------------------------------------------------------------------------
-5.5. I cannot connect to any FTP sites. Privoxy is blocking me.
+5.6. I cannot connect to any FTP sites. Privoxy is blocking me.
Privoxy cannot act as a proxy for FTP traffic, so do not configure your browser
to use Privoxy as an FTP proxy. The same is true for any protocol other than
and cannot proxy such traffic.
To complicate matters, some systems may have a generic "proxy" setting, which
-will silently enable various protocols, including both HTTP and FTP proxying!
-So it is possible to accidentally enable FTP proxying in these cases. And of
-course, if this happens, Privoxy will indeed cause problems since it does not
-know FTP. Newer version will give a sane error message if a FTP connection is
-attempted. Just disable the FTP setting and all will be well again.
+will enable various protocols, including both HTTP and FTP proxying! So it is
+possible to accidentally enable FTP proxying in these cases. And of course, if
+this happens, Privoxy will indeed cause problems since it does not know FTP.
+Newer version will give a sane error message if a FTP connection is attempted.
+Just disable the FTP setting and all will be well again.
Will Privoxy ever proxy FTP traffic? Unlikely. There just is not much reason,
and the work to make this happen is more than it may seem.
-------------------------------------------------------------------------------
-5.6. In Mac OSX, I can't configure Microsoft Internet Explorer to use Privoxy
+5.7. In Mac OSX, I can't configure Microsoft Internet Explorer to use Privoxy
as the HTTP proxy.
Microsoft Internet Explorer (in versions like 5.1) respects system-wide network
-------------------------------------------------------------------------------
-5.7. In Mac OSX, I dragged the Privoxy folder to the trash in order to
+5.8. In Mac OSX, I dragged the Privoxy folder to the trash in order to
uninstall it. Now the finder tells me I don't have sufficient privileges to
empty the trash.
-------------------------------------------------------------------------------
-5.8. In Mac OSX Panther (10.3), images often fail to load and/or I experience
+5.9. In Mac OSX Panther (10.3), images often fail to load and/or I experience
random delays in page loading. I'm using localhost as my browser's proxy
setting.
-------------------------------------------------------------------------------
-5.9. I get a completely blank page at one site. "View Source" shows only:
+5.10. I get a completely blank page at one site. "View Source" shows only:
<html><body></body></html>. Without Privoxy the page loads fine.
Chances are that the site suffers from a bug in PHP, which results in empty
-------------------------------------------------------------------------------
-5.10. Why am I getting a 503 Error (WSAECONNREFUSED) on every page?
-
-More than likely this is a problem with your TCP/IP networking. ZoneAlarm has
-been reported to cause this symptom -- even if not running. The solution is to
-either fight the ZA configuration, or uninstall ZoneAlarm, and then find
-something better behaved in its place. Other personal firewall type products
-may cause similar type problems if not configured correctly.
-
--------------------------------------------------------------------------------
-
5.11. My logs show many "Unable to get my own hostname" lines. Why?
Privoxy tries to get the hostname of the system its running on from the IP
from Privoxy on some platforms due to DNS timeouts.
This can be caused by a problem with the local HOSTS file. If this file has
-been changed from the original, try reverting it to see if that helps.
+been changed from the original, try reverting it to see if that helps. Make
+sure whatever name(s) are used for the local system, that they resolve both
+ways.
-------------------------------------------------------------------------------
already in use" (or similar wording). Why?
Port 8118 is Privoxy's default TCP "listening" port. Typically this message
-would mean that there is already one instance of Privoxy running, and you are
-actually trying to start a second Privoxy on the same port, which will not
-work. (You can have multiple instances but they must be assigned different
-ports.) How and why this might happen varies from platform to platform, but you
-need to check your installation and start-up procedures.
+would mean that there is already one instance of Privoxy running, and your
+system is actually trying to start a second Privoxy on the same port, which
+will not work. (You can have multiple instances but they must be assigned
+different ports.) How and why this might happen varies from platform to
+platform, but you need to check your installation and start-up procedures.
-------------------------------------------------------------------------------
just be the "messenger" which is reporting whatever problem occurred
downstream, and not the root cause of the error.
-In any case, v. 3.0.5 includes various improvements to help Privoxy better
+In any case, newer versions include various improvements to help Privoxy better
handle these cases.
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
+5.20. Why do my filters work on some sites but not on others?
+
+It's probably due to compression. It is a common practice for web servers to
+send their content "compressed" in order to speed things up, and then let the
+browser "uncompress" them. Privoxy does not (yet) support compression. But we
+can force the web server to bend to our will ;-) So for filtering, make sure
+you have prevent-compression turned ON!
+
+-------------------------------------------------------------------------------
+
6. Contacting the developers, Bug Reporting and Feature Requests
We value your feedback. In fact, we rely on it to improve Privoxy and its
config.privoxy.org/show-version).
* The operating system and versions you run Privoxy on, (e.g. Windows XP
- SP2), if you are using some kind of Unix flavour, sending the output of
- "uname -a" should do.
+ SP2), if you are using a Unix flavor, sending the output of "uname -a"
+ should do.
* The name, platform, and version of the browser you were using (e.g.
Internet Explorer v5.5 for Mac).
7.2. History
-Along time ago, there was the Internet Junkbuster, by Anonymous Coders and
+A long time ago, there was the Internet Junkbuster, by Anonymous Coders and
Junkbusters Corporation. This saved many users a lot of pain in the early days
of web advertising and user tracking.
-Privoxy 3.0.5 User Manual
+Privoxy 3.0.6 User Manual
Copyright © 2001 - 2006 by Privoxy Developers
-$Id: user-manual.sgml,v 2.22 2006/09/22 01:27:55 hal9 Exp $
+$Id: user-manual.sgml,v 2.26 2006/10/24 11:16:44 hal9 Exp $
The Privoxy User Manual gives users information on how to install, configure
and use Privoxy.
2.1. Binary Packages
- 2.1.1. Red Hat, SuSE and Conectiva RPMs
+ 2.1.1. Red Hat and Fedora RPMs
2.1.2. Debian
2.1.3. Windows
2.1.4. Solaris, NetBSD, FreeBSD, HP-UX
5. Starting Privoxy
- 5.1. Red Hat, Fedora and Conectiva
+ 5.1. Red Hat and Fedora
5.2. Debian
- 5.3. SuSE
- 5.4. Windows
- 5.5. Solaris, NetBSD, FreeBSD, HP-UX and others
- 5.6. OS/2
- 5.7. Mac OSX
- 5.8. AmigaOS
- 5.9. Gentoo
- 5.10. Command Line Options
+ 5.3. Windows
+ 5.4. Solaris, NetBSD, FreeBSD, HP-UX and others
+ 5.5. OS/2
+ 5.6. Mac OSX
+ 5.7. AmigaOS
+ 5.8. Gentoo
+ 5.9. Command Line Options
6. Privoxy Configuration
1. Introduction
-This documentation is included with the current BETA version of Privoxy,
-v.3.0.5, and is mostly complete at this point. The most up to date reference
-for the time being is still the comments in the source files and in the
-individual configuration files. Development of a new version is currently
-nearing completion, and includes significant changes and enhancements over
-earlier versions. .
-
-Since this is a BETA version, not all new features are well tested. This
-documentation may be slightly out of sync as a result (especially with CVS
-sources). And there may be bugs, though hopefully not many!
+This documentation is included with the current stable version of Privoxy,
+v.3.0.6.
-------------------------------------------------------------------------------
1.1. Features
In addition to the core features of ad blocking and cookie management, Privoxy
-provides many supplemental features, some of them currently under development,
-that give the end-user more control, more privacy and more freedom:
+provides many supplemental features, that give the end-user more control, more
+privacy and more freedom:
* Integrated browser based configuration and control utility at http://
config.privoxy.org/ (shortcut: http://p.p/). Browser-based tracing of rule
and filter effects. Remote toggling.
- * Web page content filtering (removes banners based on size, invisible
- "web-bugs", JavaScript and HTML annoyances, pop-up windows, etc.)
+ * Web page filtering (text replacements, removes banners based on size,
+ invisible "web-bugs", JavaScript and HTML annoyances, pop-up windows,
+ header manipulation, etc.)
* Modularized configuration that allows for standard settings and user
settings to reside in separate files, so that installing updated actions
-------------------------------------------------------------------------------
-2.1.1. Red Hat, SuSE and Conectiva RPMs
+2.1.1. Red Hat and Fedora RPMs
-RPMs can be installed with rpm -Uvh privoxy-3.0.5-1.rpm, and will use /etc/
+RPMs can be installed with rpm -Uvh privoxy-3.0.6-1.rpm, and will use /etc/
privoxy for the location of configuration files.
Note that on Red Hat, Privoxy will not be automatically started on system boot.
You will need to enable that using chkconfig, ntsysv, or similar methods.
If you have problems with failed dependencies, try rebuilding the SRC RPM: rpm
---rebuild privoxy-3.0.5-1.src.rpm. This will use your locally installed
+--rebuild privoxy-3.0.6-1.src.rpm. This will use your locally installed
libraries and RPM version.
Also note that if you have a Junkbuster RPM installed on your system, you need
latest version.
Configuration files are in /etc/privoxy, the documentation is in /usr/share/doc
-/privoxy-3.0.5 and the Log directory is in /var/log/privoxy.
+/privoxy-3.0.6 and the Log directory is in /var/log/privoxy.
-------------------------------------------------------------------------------
2.2. Building from Source
The most convenient way to obtain the Privoxy sources is to download the source
-tarball from our project page.
+tarball from our project download page.
If you like to live on the bleeding edge and are not afraid of using possibly
unstable development versions, you can check out the up-to-the-minute version
When building from a source tarball, first unpack the source:
- tar xzvf privoxy-3.0.5-beta-src* [.tgz or .tar.gz]
- cd privoxy-3.0.5-beta
+ tar xzvf privoxy-3.0.6-src* [.tgz or .tar.gz]
+ cd privoxy-3.0.6
For retrieving the current CVS sources, you'll need a CVS client installed.
-Note that sources from CVS are typicially development quality, and may not be
+Note that sources from CVS are typically development quality, and may not be
stable, or well tested. To download CVS source, check the Sourceforge
documentation, which might give commands like:
You can also check out any Privoxy "branch", just exchange the current name
with the wanted branch name (Example: v_3_0_branch for the 3.0 cvs tree).
-It is also strongly recommended to not run Privoxy as root, and instead it is
-suggested to create a "privoxy" user and group for this purpose. See your local
-documentation for the correct command line to do this.
+It is also strongly recommended to not run Privoxy as root. You should
+configure/install/run Privoxy as an unprivileged user, preferably by creating a
+"privoxy" user and group just for this purpose. See your local documentation
+for the correct command line to do add new users and groups (something like
+adduser, but the command syntax may vary from platform to platform).
/etc/passwd might then look like:
autoconf
./configure # (--help to see options)
make # (the make from GNU, sometimes called gmake)
- su
+ su # Possibly required
make -n install # (to see where all the files will go)
make -s install # (to really install, -s to silence output)
-If you have GNU make, you can have the first four steps automatically done for
-you by just typing:
+Using GNU make, you can have the first four steps automatically done for you by
+just typing:
make
in the freshly downloaded or unpacked source directory.
+To build an executable with security enhanced features so that users cannot
+easily bypass the proxy (e.g. "Go There Anyway"), or alter their own
+configurations, configure like this:
+
+ ./configure --disable-toggle --disable-editor --disable-force
+
+Then build as above.
+
WARNING: If installing as root, the install will fail unless a non-root user or
group is specified, or a privoxy user and group already exist on the system. If
a non-root user is specified, and no group, then the installation will try to
configure accepts --with-user and --with-group options for setting user and
group ownership of the configuration files (which need to be writable by the
-daemon). The specified user must already exist. When starting Privoxy, it
-should be run as this same user to insure write access to configuration and log
-files.
+daemon). The specified user must already exist. When starting Privoxy, it must
+be run as this same user to insure write access to configuration and log files!
Alternately, you can specify user and group on the make command line, but be
sure both already exist:
The default installation path for make install is /usr/local. This may of
course be customized with the various ./configure path options. If you are
-doing a root install to anywhere else besides /usr/local, be sure to set the
-appropriate paths with the correct configure options (./configure --help).
+doing an install to anywhere besides /usr/local, be sure to set the appropriate
+paths with the correct configure options (./configure --help). Non-privileged
+users must of course have write access permissions to wherever the target
+installation is going.
If you do install to /usr/local, the install will use sysconfdir=$prefix/etc/
privoxy by default. All other destinations, and the direct usage of
program that uses a file with the "config" name, and thus makes /usr/local/etc
cleaner.
-If installing to /usr/local, the docs will go by default to $prefix/share/doc.
-But if this directory doesn't exist, it will then try $prefix/doc and install
-there before creating a new $prefix/share/doc just for Privoxy.
+If installing to /usr/local, the documentation will go by default to $prefix/
+share/doc. But if this directory doesn't exist, it will then try $prefix/doc
+and install there before creating a new $prefix/share/doc just for Privoxy.
Again, if the installs goes to /usr/local, the localstatedir (ie: var/) will
default to /var instead of $prefix/var so the logs will go to /var/log/privoxy
/, and the pid file will be created in /var/run/privoxy.pid.
make install will attempt to set the correct values in config (main
-configuration file). You may want to check this to make sure all values are
-correct. If appropriate, an init script will be installed, but it is up to the
-user to determine how and where to start Privoxy. The init script should be
-checked for correct paths and values, if anything other than a default install
-is done.
-
-If install finds previous versions of any local configuration files, these will
-not be overwritten, and the new ones will be installed with a "new" extension.
-default.action, default.filter, and standard.action will be overwritten. You
-will then need to manually update the other installed configuration files as
-needed. All template files will be overwritten. If you have customized, local
-templates, you should save these first. If a previous version of Privoxy is
-already running, you will have to restart it manually.
+configuration file). You should check this to make sure all values are correct.
+If appropriate, an init script will be installed, but it is up to the user to
+determine how and where to start Privoxy. The init script should be checked for
+correct paths and values, if anything other than a default install is done.
+
+If install finds previous versions of local configuration files, most of these
+will not be overwritten, and the new ones will be installed with a "new"
+extension. default.action, default.filter, and standard.action will be
+overwritten. You will then need to manually update the other installed
+configuration files as needed. All template files will be overwritten. If you
+have customized, local templates, you should save these first, and in fact it
+is wise to always save any important configuration files "just in case". If a
+previous version of Privoxy is already running, you will have to restart it
+manually.
For more detailed instructions on how to build Redhat RPMs, Windows
self-extracting installers, building on platforms with special requirements
3. What's New in this Release
-There are many improvements and new features in Privoxy 3.0.5 :
+There are many improvements and new features since Privoxy 3.0.3, the last
+stable release:
* Multiple filter files can now be specified in config. This allows for
locally defined filters that can be maintained separately from the filters
And there is improved handling of the user-manual option, for placing
documentation and help files on the local system.
+ * There are six new filters.
+
* Actions files problems and suggestions are now being directed to: http://
sourceforge.net/tracker/?group_id=11118&atid=460288. Please use this to
report such configuration related problems as missed ads, sites that don't
* In addition, there are numerous bug fixes and significant enhancements,
including error pages should no longer be cached if the problem is fixed,
- much better DNS error handling, and various logging improvements.
-
- * The default actions setting is now Cautious. Previous releases had a
- default setting of Medium. Experienced users may want to adjust this, as it
- is fairly conservative by Privoxy standards and past practices. See http://
- config.privoxy.org/edit-actions-list?f=default. New users should try the
- default settings for a while before turning up the volume.
+ much better DNS error handling, various logging improvements, and
+ configuration updates for better ad blocking and junk elimination.
-------------------------------------------------------------------------------
* What constitutes a "default" configuration has changed, and you may want to
review which actions are "on" by default. This is primarily a matter of
emphasis, but some features you may have been used to, may now be "off" by
- default. There are also a number of new actions you may want to consider,
- most of which are not incorporated into the default settings as yet (see
- above).
+ default. There are also a number of new actions and filters you may want to
+ consider, most of which are not fully incorporated into the default
+ settings as yet (see above).
+
+ * The default actions setting is now Cautious. Previous releases had a
+ default setting of Medium. Experienced users may want to adjust this, as it
+ is fairly conservative by Privoxy standards and past practices. See http://
+ config.privoxy.org/edit-actions-list?f=default. New users should try the
+ default settings for a while before turning up the volume.
+
+ * The default setting has filtering turned off, which subsequently means that
+ compression is on. Remember that filtering does not work on compressed
+ pages, so if you use, or want to use, filtering, you will need to force
+ compression off. Example:
+
+ { +filter{google} +prevent-compression }
+ .google.
+
+ Or if you use a number of filters, or filter many sites, you may just want
+ to turn off compression for all sites in default.action (or user.action).
+
+ * Also, session-cookies-only is off by default now. If you've liked this
+ feature in the past, you may want to turn it back on in user.action now.
* Some installers may not automatically start Privoxy after installation.
the actions files. As a quick start, you might find the richly commented
examples helpful. You can also view and edit the actions files through the
web-based user interface. The Appendix "Troubleshooting: Anatomy of an
- Action" has hints how to understand and debug actions that "misbehave".
+ Action" has hints on how to understand and debug actions that "misbehave".
* For easy access to Privoxy's most important controls, drag the provided
Bookmarklets into your browser's personal toolbar.
First a bit of a warning ... blocking ads is much like blocking SPAM: the more
aggressive you are about it, the more likely you are to block things that were
-not intended. So there is a trade off here. If you want extreme ad free
-browsing, be prepared to deal with more "problem" sites, and to spend more time
-adjusting the configuration to solve these unintended consequences. In short,
-there is not an easy way to eliminate all ads. Either take the easy way and
-settle for most ads blocked with the default configuration, or jump in and
-tweak it for your personal surfing habits and preferences.
+not intended. And the more likely that some things may not work as intended. So
+there is a trade off here. If you want extreme ad free browsing, be prepared to
+deal with more "problem" sites, and to spend more time adjusting the
+configuration to solve these unintended consequences. In short, there is not an
+easy way to eliminate all ads. Either take the easy way and settle for most ads
+blocked with the default configuration, or jump in and tweak it for your
+personal surfing habits and preferences.
Secondly, a brief explanation of Privoxy's "actions". "Actions" in this
context, are the directives we use to tell Privoxy to perform some task
-relating to HTTP transactions (i.e. web browsing). We tell Privoxy to take some
+relating to WWW transactions (i.e. web browsing). We tell Privoxy to take some
"action". Each action has a unique name and function. While there are many
potential actions in Privoxy's arsenal, only a few are used for ad blocking.
Actions, and action configuration files, are explained in depth below.
original page's HTML content. An ad image for instance, is just an URL embedded
in the page somewhere. The image itself may be on the same server, or a server
somewhere else on the Internet. Complex web pages will have many such embedded
-URLs.
+URLs. Privoxy can deal with each URL individually, so, for instance, the main
+page text is not touched, but images from such-and-such server are blocked.
-The actions we need to know about for ad blocking are: block, handle-as-image,
-and set-image-blocker:
+The most important actions for basic ad blocking are: block, handle-as-image,
+handle-as-empty-document,and set-image-blocker:
- * block - this action stops any contact between your browser and any URL
- patterns that match this action's configuration. It can be used for
- blocking ads, but also anything that is determined to be unwanted. By
- itself, it simply stops any communication with the remote server and sends
- Privoxy's own built-in BLOCKED page instead to let you now what has
- happened.
+ * block - this is perhaps the single most used action, and is particularly
+ important for ad blocking. This action stops any contact between your
+ browser and any URL patterns that match this action's configuration. It can
+ be used for blocking ads, but also anything that is determined to be
+ unwanted. By itself, it simply stops any communication with the remote
+ server and sends Privoxy's own built-in BLOCKED page instead to let you now
+ what has happened (with some exceptions, see below).
* handle-as-image - tells Privoxy to treat this URL as an image. Privoxy's
default configuration already does this for all common image types (e.g.
limitations to this though. For instance, you can't just brute-force an
image substitution for an entire HTML page in most situations.
+ * handle-as-empty-document - sends an empty document instead of Privoxy's
+ normal BLOCKED HTML page. This is useful for file types that are neither
+ HTML nor images, such as blocking JavaScript files.
+
* set-image-blocker - tells Privoxy what to display in place of an ad image
that has hit a block rule. For this to come into play, the URL must match a
block action somewhere in the configuration, and, it must also match an
now go to the Actions Files Tutorial. The ideas explained therein also apply to
the web-based editor.
+There are also various filters that can be used for ad blocking (filters are a
+special subset of actions). These fall into the "advanced" usage category, and
+are explained in depth in later sections.
+
-------------------------------------------------------------------------------
5. Starting Privoxy
[proxy_setu]
-With Firefox, this can be set under:
+With Firefox, this is typically set under:
Tools -> Options -> General -> Connection Settings -> Manual Proxy
Configuration
+Or optionally on some platforms:
+
+ Edit -> Preferences -> General -> Connection Settings -> Manual Proxy
+Configuration
+
+
With Netscape (and Mozilla), this can be set under:
Edit -> Preferences -> Advanced -> Proxies -> HTTP Proxy
-------------------------------------------------------------------------------
-5.1. Red Hat, Fedora and Conectiva
+5.1. Red Hat and Fedora
A default Red Hat installation may not start Privoxy upon boot. It will use the
file /etc/privoxy/config as its main configuration file.
-------------------------------------------------------------------------------
-5.3. SuSE
-
-We use a script. It will use the file /etc/privoxy/config as its main
-configuration file. Note that SuSE starts Privoxy upon booting your PC.
-
- # rcprivoxy start
-
--------------------------------------------------------------------------------
-
-5.4. Windows
+5.3. Windows
Click on the Privoxy Icon to start Privoxy. If no configuration file is
specified on the command line, Privoxy will look for a file named config.txt.
-------------------------------------------------------------------------------
-5.5. Solaris, NetBSD, FreeBSD, HP-UX and others
+5.4. Solaris, NetBSD, FreeBSD, HP-UX and others
Example Unix startup command:
-------------------------------------------------------------------------------
-5.6. OS/2
+5.5. OS/2
During installation, Privoxy is configured to start automatically when the
system restarts. You can start it manually by double-clicking on the Privoxy
-------------------------------------------------------------------------------
-5.7. Mac OSX
+5.6. Mac OSX
During installation, Privoxy is configured to start automatically when the
system restarts. To start Privoxy manually, double-click on the
-------------------------------------------------------------------------------
-5.8. AmigaOS
+5.7. AmigaOS
Start Privoxy (with RUN <>NIL:) in your startnet script (AmiTCP), in s:
user-startup (RoadShow), as startup program in your startup script (Genesis),
-------------------------------------------------------------------------------
-5.9. Gentoo
+5.8. Gentoo
A script is again used. It will use the file /etc/privoxy/config as its main
configuration file.
-------------------------------------------------------------------------------
-5.10. Command Line Options
+5.9. Command Line Options
Privoxy may be invoked with the following command-line options:
For Unix, *BSD and Linux, all configuration files are located in /etc/privoxy/
by default. For MS Windows, OS/2, and AmigaOS these are all in the same
-directory as the Privoxy executable. The name and number of configuration files
-has changed from previous versions, and is subject to change as development
-progresses.
+directory as the Privoxy executable.
The installed defaults provide a reasonable starting point, though some
settings may be aggressive by some standards. For the time being, the principle
exceptions to the default policies as defined in default.action (which you
will most probably want to define sooner or later) are probably best
applied in user.action, where you can preserve them across upgrades.
- standard.action is for Privoxy's internal use.
+ standard.action is only for Privoxy's internal use.
There is also a web based editor that can be accessed from http://
config.privoxy.org/show-status (Shortcut: http://p.p/show-status) for the
effect. When changing the listening address of Privoxy, these "wake up"
requests must obviously be sent to the old listening address.
-While under development, the configuration content is subject to change. The
-below documentation may not be accurate by the time you read this. Also, what
-constitutes a "default" setting, may change, so please check all your
-configuration files on important issues.
-
-------------------------------------------------------------------------------
7. The Main Configuration File
special handling, this kind of thing should go here. This file will not be
upgraded.
- * standard.action - is used by the web based editor at http://
+ * standard.action - is used only by the web based editor at http://
config.privoxy.org/edit-actions-list?f=default, to set various pre-defined
sets of rules for the default actions section in default.action.
your browsing unless you select them explicitly in the editor. A default
installation should be pre-set to Cautious (versions prior to 3.0.5 were
set to Medium). New users should try this for a while before adjusting the
- settings to more aggressive levels.
+ settings to more aggressive levels. The more aggressive the settings, then
+ the more likelihood there is of problems such as sites not working as they
+ should.
The Edit button allows you to turn each action on/off individually for
fine-tuning. The Cautious button changes the actions list to low/safe
- settings which will activate a minimal set of Privoxy's features, and
- subsequently there will be less of a chance for accidental problems. The
- Medium button sets the list to a medium level of ad blocking and a low
- level set of privacy features. The Advanced button sets the list to a high
- level of ad blocking and medium level of privacy. See the chart below. The
- latter three buttons over-ride any changes via with the Edit button. More
- fine-tuning can be done in the lower sections of this internal page.
+ settings which will activate ad blocking and a minimal set of Privoxy's
+ features, and subsequently there will be less of a chance for accidental
+ problems. The Medium button sets the list to a medium level of other
+ features and a low level set of privacy features. The Advanced button sets
+ the list to a high level of ad blocking and medium level of privacy. See
+ the chart below. The latter three buttons over-ride any changes via with
+ the Edit button. More fine-tuning can be done in the lower sections of this
+ internal page.
It is not recommend to edit the standard.action file itself.
|Ad-filtering by |no |no |yes |
|link | | | |
|------------------+-----------------+------------------+-----------------|
- |Pop-up killing |blocks only |blocks only |all |
+ |Pop-up killing |blocks only |blocks only |blocks only |
|------------------+-----------------+------------------+-----------------|
|Privacy Features |low |medium |medium/high |
|------------------+-----------------+------------------+-----------------|
|------------------+-----------------+------------------+-----------------|
|Fast redirects |no |no |yes |
|------------------+-----------------+------------------+-----------------|
- |HTML taming |no |yes |yes |
+ |HTML taming |no |no |yes |
|------------------+-----------------+------------------+-----------------|
- |JavaScript taming |no |yes |yes |
+ |JavaScript taming |no |no |yes |
|------------------+-----------------+------------------+-----------------|
|Web-bug killing |no |yes |yes |
|------------------+-----------------+------------------+-----------------|
matches www1.example.com, www4.example.cc, wwwd.example.cy,
wwwz.example.com etc., but not wwww.example.com.
-While flexibile, this is not the sophistication of full regular expression
-based syntax.
+While flexible, this is not the sophistication of full regular expression based
+syntax.
-------------------------------------------------------------------------------
multi-valued actions, the actions are applied in the order they are specified.
Actions files are processed in the order they are defined in config (the
default installation has three actions files). It also quite possible for any
-given URL pattern to match more than one pattern and thus more than one set of
-actions! Last match wins.
+given URL to match more than one "pattern" (because of wildcards and regular
+expressions), and thus to trigger more than one set of actions! Last match
+wins.
The list of valid Privoxy actions are:
Example usage (sections):
# Check if www.example.net/ really uses valid XHTML
- {+content-type-overwrite {application/xml}}
+ { +content-type-overwrite{application/xml} }
www.example.net/
# but leave the content type unmodified if the URL looks like a style sheet
Example usage (section):
# Block the non-existent "Privacy-Violation:" client header
- {+crunch-client-header {Privacy-Violation:}}
+ { +crunch-client-header{Privacy-Violation:} }
/
Example usage (section):
# Let the browser revalidate cached documents without being tracked across sessions
- {+hide-if-modified-since {-60} \
- +overwrite-last-modified {randomize} \
- +crunch-if-none-match}
+ { +hide-if-modified-since{-60} \
+ +overwrite-last-modified{randomize} \
+ +crunch-if-none-match}
/
-------------------------------------------------------------------------------
Example usage (section):
# Crunch server headers that try to prevent caching
- {+crunch-server-header {no-cache}}
+ { +crunch-server-header{no-cache} }
/
-------------------------------------------------------------------------------
Typical use:
Get rid of HTML and JavaScript annoyances, banner advertisements (by size),
- do fun text replacements, etc.
+ do fun text replacements, add personalized effects, etc.
Effect:
All files of text-based type, most notably HTML and JavaScript, to which
- this action applies, are filtered on-the-fly through the specified regular
- expression based substitutions. (Note: as of version 3.0.3 plain text
- documents are exempted from filtering, because web servers often use the
- text/plain MIME type for all files whose type they don't know.) By default,
- filtering works only on the raw document content itself (that which can be
- seen with View Source), not the headers.
+ this action applies, can be filtered on-the-fly through the specified
+ regular expression based substitutions. (Note: as of version 3.0.3 plain
+ text documents are exempted from filtering, because web servers often use
+ the text/plain MIME type for all files whose type they don't know.) By
+ default, filtering works only on the raw document content itself (that
+ which can be seen with View Source), not the headers.
Type:
"Rolling your own" filters requires a knowledge of "Regular Expressions"
and "HTML". This is very powerful feature, and potentially very intrusive.
- Use with caution.
+ Filters should be used with caution, and where an equivalent "action" is
+ not available.
The amount of data that can be filtered is limited to the buffer-limit
option in the main config file. The default is 4096 KB (4 Megs). Once this
At this time, Privoxy cannot uncompress compressed documents. If you want
filtering to work on all documents, even those that would normally be sent
- compressed, use the prevent-compression action in conjunction with filter.
+ compressed, you must use the prevent-compression action in conjunction with
+ filter.
Filtering can achieve some of the same effects as the block action, i.e. it
can be used to block ads and banners. But the mechanism works quite
+filter{refresh-tags} # Kill automatic refresh tags (for dial-on-demand setups)
- +filter{unsolicited-popups} # Disable only unsolicited pop-up windows
+ +filter{unsolicited-popups} # Disable only unsolicited pop-up windows. Useful if your browser lacks this ability.
- +filter{all-popups} # Kill all popups in JavaScript and HTML
+ +filter{all-popups} # Kill all popups in JavaScript and HTML. Useful if your browser lacks this ability.
+filter{img-reorder} # Reorder attributes in <img> tags to make the banners-by-* filters more effective
+filter{ie-exploits} # Disable some known Internet Explorer bug exploits
+ +filter{site-specifics} # Custom filters for specific site related problems
+
+ +filter{google} # Removes text ads and other Google specific improvements
+
+ +filter{yahoo} # Removes text ads and other Yahoo specific improvements
+
+ +filter{msn} # Removes text ads and other MSN specific improvements
+
+ +filter{blogspot} # Cleans up Blogspot blogs
+
+ +filter{html-to-xml} # Header filter to change the Content-Type from html to xml
+
+ +filter{xml-to-html} # Header filter to change the Content-Type from xml to html
+
+ +filter{no-ping} # Removes non-standard ping attributes from anchor and area tags
+
+ +filter{hide-tor-exit-notation} # Header filter to remove the Tor exit node notation in Host and Referer headers
+
-------------------------------------------------------------------------------
8.5.13. filter-client-headers
This action alone doesn't do anything noticeable. It just marks URLs. If
the block action also applies, the presence or absence of this mark decides
- whether an HTML "blocked" page, or an empty document will be sent to the
+ whether an HTML "BLOCKED" page, or an empty document will be sent to the
client as a substitute for the blocked content. The empty document isn't
literally empty, but actually contains a single space.
Some browsers complain about syntax errors if JavaScript documents are
blocked with Privoxy's default HTML page; this option can be used to
- silence them.
+ silence them. And of course this action can also be used to eliminate the
+ Privoxy BLOCKED message in frames.
The content type for the empty document can be specified with
content-type-overwrite{}, but usually this isn't necessary.
Example usage:
# Disarm the download link in Sourceforge's patch tracker
- {-filter\
- +content-type-overwrite {text/plain}\
- +hide-content-disposition {block} }
- .sourceforge.net/tracker/download.php
+ { -filter \
+ +content-type-overwrite{text/plain}\
+ +hide-content-disposition{block} }
+ .sourceforge.net/tracker/download.php
-------------------------------------------------------------------------------
Example usage (section):
# Let the browser revalidate without being tracked across sessions
- {+hide-if-modified-since {-60}\
- +overwrite-last-modified {randomize}\
- +crunch-if-none-match}
+ { +hide-if-modified-since{-60} \
+ +overwrite-last-modified{randomize} \
+ +crunch-if-none-match}
/
-------------------------------------------------------------------------------
Killing all pop-ups unconditionally is problematic. Many shops and banks
rely on pop-ups to display forms, shopping carts etc, and the filter
- {unsolicited-popups} does a fairly good job of catching only the unwanted
- ones.
+ {unsolicited-popups} does a better job of catching only the unwanted ones.
If the only kind of pop-ups that you want to kill are exit consoles (those
really nasty windows that appear when you close an other one), you might
want to use filter{js-annoyances} instead.
+ This action is most appropriate for browsers that don't have any controls
+ for unwanted pop-ups. Not recommended for general usage.
+
Example usage:
+kill-popups
Example usage (sections):
- # Set default:
+ # Selectively turn off compression, and enable a filter
#
- {+prevent-compression}
- / # Match all sites
+ { +filter{tiny-textforms} +prevent-compression }
+ # Match only these sites
+ .google.
+ sourceforge.net
+ sf.net
- # Make exceptions for ill sites:
+ # Or instead, we could set a universal default:
#
- {-prevent-compression}
- www.debianhelp.org
- www.pclinuxonline.com
+ { +prevent-compression }
+ / # Match all sites
+
+ # Then maybe make exceptions for ill-behaved sites:
+ #
+ { -prevent-compression }
+ .debianhelp.org
+ www.pclinuxonline.com
-------------------------------------------------------------------------------
Example usage:
# Let the browser revalidate without being tracked across sessions
- {+hide-if-modified-since {-60}\
- +overwrite-last-modified {randomize}\
- +crunch-if-none-match}
+ { +hide-if-modified-since{-60} \
+ +overwrite-last-modified{randomize} \
+ +crunch-if-none-match}
/
-------------------------------------------------------------------------------
built-in web-based action file editor honors aliases when reading the actions
files, but it expands them before writing. So the effects of your aliases are
of course preserved, but the aliases themselves are lost when you edit sections
-that use aliases with it. This is likely to change in future versions of
-Privoxy.
+that use aliases with it.
Now let's define some aliases...
- # Useful custom aliases we can use later.
- #
- # Note the (required!) section header line and that this section
- # must be at the top of the actions file!
- #
- {{alias}}
-
- # These aliases just save typing later:
- # (Note that some already use other aliases!)
- #
- +crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
- -crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
- +block-as-image = +block +handle-as-image
- mercy-for-cookies = -crunch-all-cookies -session-cookies-only -filter{content-cookies}
-
- # These aliases define combinations of actions
- # that are useful for certain types of sites:
- #
- fragile = -block -filter -crunch-all-cookies -fast-redirects -hide-referrer -kill-popups
- shop = -crunch-all-cookies -filter{all-popups} -kill-popups
-
- # Short names for other aliases, for really lazy people ;-)
- #
- c0 = +crunch-all-cookies
- c1 = -crunch-all-cookies
+ # Useful custom aliases we can use later.
+ #
+ # Note the (required!) section header line and that this section
+ # must be at the top of the actions file!
+ #
+ {{alias}}
+
+ # These aliases just save typing later:
+ # (Note that some already use other aliases!)
+ #
+ +crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
+ -crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
+ +block-as-image = +block +handle-as-image
+ allow-all-cookies = -crunch-all-cookies -session-cookies-only -filter{content-cookies}
+
+ # These aliases define combinations of actions
+ # that are useful for certain types of sites:
+ #
+ fragile = -block -filter -crunch-all-cookies -fast-redirects -hide-referrer -kill-popups -prevent-compression
+
+ shop = -crunch-all-cookies -filter{all-popups} -kill-popups
+
+ # Short names for other aliases, for really lazy people ;-)
+ #
+ c0 = +crunch-all-cookies
+ c1 = -crunch-all-cookies
...and put them to use. These sections would appear in the lower part of an
actions file and define exceptions to the default actions (as specified further
{fragile}
.office.microsoft.com
.windowsupdate.microsoft.com
- .nytimes.com
+ # Gmail is really mail.google.com, not gmail.com
+ mail.google.com
# Shopping sites:
# Allow cookies (for setting and retrieving your customer data)
{shop}
.quietpc.com
.worldpay.com # for quietpc.com
- .scan.co.uk
+ mybank.example.com
# These shops require pop-ups:
#
- {shop -kill-popups -filter{all-popups}}
+ {-kill-popups -filter{all-popups} -filter{unsolicited-popups}}
.dabs.com
.overclockers.co.uk
-Aliases like "shop" and "fragile" are often used for "problem" sites that
-require some actions to be disabled in order to function properly.
+Aliases like "shop" and "fragile" are typically used for "problem" sites that
+require more than one action to be disabled in order to function properly.
-------------------------------------------------------------------------------
-crunch-outgoing-cookies \
+deanimate-gifs \
-downgrade-http-version \
- +fast-redirects{check-decoded-url} \
- +filter{js-annoyances} \
+ -fast-redirects{check-decoded-url} \
+ -filter{js-annoyances} \
-filter{js-events} \
+filter{html-annoyances} \
-filter{content-cookies} \
+filter{refresh-tags} \
- +filter{unsolicited-popups} \
+ -filter{unsolicited-popups} \
-filter{all-popups} \
- +filter{img-reorder} \
- +filter{banners-by-size} \
+ -filter{img-reorder} \
+ -filter{banners-by-size} \
-filter{banners-by-link} \
+filter{webbugs} \
-filter{tiny-textforms} \
- +filter{jumping-windows} \
+ -filter{jumping-windows} \
-filter{frameset-borders} \
-filter{demoronizer} \
-filter{shockwave-flash} \
+filter{ie-exploits} \
-filter-client-headers \
-filter-server-headers \
+ -filter-google \
+ -filter-yahoo \
+ -filter-msn \
+ -filter-blogspot \
+ -filter-xml-to-html \
+ -filter-html-to-xml \
+ -filter-no-ping \
+ -filter-hide-tor-exit-notation \
-force-text-mode \
-handle-as-empty-document \
-handle-as-image \
{ fragile }
.office.microsoft.com # surprise, surprise!
.windowsupdate.microsoft.com
+mail.google.com
Shopping sites are not as fragile, but they typically require cookies to log
in, and pop-up windows for shopping carts or item details. Again, we'll use a
.a.yimg.com/(?:(?!/i/).)*$
.a[0-9].yimg.com/(?:(?!/i/).)*$
bs*.gsanet.com
-bs*.einets.com
.qkimg.net
-One of the most important jobs of Privoxy is to block banners. A huge bunch of
-them can be "blocked" by the filter{banners-by-size} action, which we enabled
-above, and which deletes the references to banner images from the pages while
-they are loaded, so the browser doesn't request them anymore, and hence they
-don't need to be blocked here. But this naturally doesn't catch all banners,
-and some people choose not to use filters, so we need a comprehensive list of
-patterns for banner URLs here, and apply the block action to them.
+One of the most important jobs of Privoxy is to block banners. Many of these
+can be "blocked" by the filter{banners-by-size} action, which we enabled above,
+and which deletes the references to banner images from the pages while they are
+loaded, so the browser doesn't request them anymore, and hence they don't need
+to be blocked here. But this naturally doesn't catch all banners, and some
+people choose not to use filters, so we need a comprehensive list of patterns
+for banner URLs here, and apply the block action to them.
-First comes a bunch of generic patterns, which do most of the work, by matching
+First comes many generic patterns, which do most of the work, by matching
typical domain and path name components of banners. Then comes a list of
individual patterns for specific sites, which is omitted here to keep the
example short:
#
.hitbox.com
-You wouldn't believe how many advertisers actually call their banner servers
+It's quite remarkable how many advertisers actually call their banner servers
ads.company.com, or call the directory in which the banners are stored simply
"banners". So the above generic patterns are surprisingly effective.
{ -block }
adv[io]*. # (for advogato.org and advice.*)
adsl. # (has nothing to do with ads)
+adobe. # (has nothing to do with ads either)
ad[ud]*. # (adult.* and add.*)
.edu # (universities don't host banners (yet!))
.*loads. # (downloads, uploads etc)
# Don't filter code!
#
{ -filter }
-/.*cvs
+/(.*/)?cvs
+bugzilla.
+developer.
+wiki.
.sourceforge.net
The actual default.action is of course much more comprehensive, but we hope
{ fragile }
.forbes.com
- mail.example.com
+ webmail.example.com
.mybank.com
You like the "fun" text replacements in default.filter, but it is disabled in
properties, such as being full-screen, non-resizeable, without
location, status or menu bar etc.
+ Use with caution. This is an aggressive filter, and can break sites that
+ rely heavily on JavaScript.
+
js-events
This is a very radical measure. It removes virtually all JavaScript event
bindings, which means that scripts can not react to user actions such as
- mouse movements or clicks, window resizing etc, anymore.
+ mouse movements or clicks, window resizing etc, anymore. Use with caution!
We strongly discourage using this filter as a default since it breaks many
legitimate scripts. It is meant for use only on extra-nasty sites (should
sites increasingly make use of HTML meta tags and JavaScript to sneak
cookies to the browser on the content level.
- This filter disables HTML and JavaScript code that reads or sets cookies.
- Use it wherever you would also use the cookie crunch actions.
+ This filter disables most HTML and JavaScript code that reads or sets
+ cookies. It cannot detect all clever uses of these types of code, so it
+ should not be relied on as an absolute fix. Use it wherever you would also
+ use the cookie crunch actions.
refresh tags
filters.
Technical note: The filter works by redefining the window.open JavaScript
- function to a dummy function during the loading and rendering phase of each
- HTML page access, and restoring the function afterward.
+ function to a dummy function, PrivoxyWindowOpen(), during the loading and
+ rendering phase of each HTML page access, and restoring the function
+ afterward.
+
+ This is recommended only for browsers that cannot perform this function
+ reliably themselves. And be aware that some sites require such windows in
+ order to function normally. Use with caution.
all-popups
Attempt to prevent all pop-up windows from opening. Note this should be
- used with more discretion than the above, since it is more likely to break
- some sites that require pop-ups for normal usage. Use with caution.
+ used with even more discretion than the above, since it is more likely to
+ break some sites that require pop-ups for normal usage. Use with caution.
img-reorder
Occasionally this filter will cause false positives on images that are not
ads, but just happen to be of one of the standard banner sizes.
+ Recommended only for those who require extreme ad blocking. The default
+ block rules should catch 95+% of all ads without this filter enabled.
+
banners-by-link
This is an experimental filter that attempts to kill any banners if their
HTML page is loaded by the browser, an embedded image tag causes the
browser to contact a third-party site, disclosing the tracking information
through the requested URL and/or cookies for that third-party domain,
- without the use ever becoming aware of the interaction with the third-party
- site. HTML-ized spam also uses a similar technique to verify email
- addresses.
+ without the user ever becoming aware of the interaction with the
+ third-party site. HTML-ized spam also uses a similar technique to verify
+ email addresses.
This filter removes the HTML code that loads such "webbugs".
Many consider windows that move, or resize themselves to be abusive. This
filter neutralizes the related JavaScript code. Note that some sites might
- not display or behave as intended when using this filter.
+ not display or behave as intended when using this filter. Use with caution.
frameset-borders
ie-exploits
- A collection of text replacements to disable malicious HTML and JavaScript
- code that exploits known security holes in Internet Explorer.
+ An experimental collection of text replacements to disable malicious HTML
+ and JavaScript code that exploits known security holes in Internet
+ Explorer.
Presently, it only protects against Nimda and a cross-site scripting bug,
and would need active maintenance to provide more substantial protection.
default.action file does. Users shouldn't need to change anything regarding
this filter.
+google
+
+ A CSS based block for Google text ads. Also removes a width limitation and
+ the toolbar advertisement.
+
+yahoo
+
+ Another CSS based block, this time for Yahoo text ads. And removes a width
+ limitation as well.
+
+msn
+
+ Another CSS based block, this time for MSN text ads. And removes tracking
+ URLs, as well as a width limitation.
+
+blogspot
+
+ Cleans up some Blogspot blogs. Read the fine print before using this one!
+
+ This filter also intentionally removes some navigation stuff and sets the
+ page width to 100%. As a result, some rounded "corners" would appear to
+ early or not at all and as fixing this would require a browser that
+ understands background-size (CSS3), they are removed instead.
+
+xml-to-html
+
+ Header filter to change the Content-Type from xml to html.
+
+html-to-xml
+
+ Header filter to change the Content-Type from html to xml.
+
+no-ping
+
+ Removes the non-standard ping attribute from anchor and area HTML tags.
+
+hide-tor-exit-notation
+
+ Header filter to remove the Tor exit node notation found in Host and
+ Referer headers.
+
-------------------------------------------------------------------------------
10. Privoxy's Template Files
config.privoxy.org/show-version).
* The operating system and versions you run Privoxy on, (e.g. Windows XP
- SP2), if you are using some kind of Unix flavour, sending the output of
- "uname -a" should do.
+ SP2), if you are using a Unix flavor, sending the output of "uname -a"
+ should do.
* The name, platform, and version of the browser you were using (e.g.
Internet Explorer v5.5 for Mac).
12.2. History
-Along time ago, there was the Internet Junkbuster, by Anonymous Coders and
+A long time ago, there was the Internet Junkbuster, by Anonymous Coders and
Junkbusters Corporation. This saved many users a lot of pain in the early days
of web advertising and user tracking.
Hal Burgiss
Ian Cummings
- Félix Rauch
Roland Rosenfeld
Former Privoxy Team Members:
Sarantis Paskalis
Stefan Waldherr
-Thanks to the many people who have tested Privoxy, reported bugs, made
-suggestions or contributed in some way. These include (in alphabetical order):
+Thanks to the many people who have tested Privoxy, reported bugs, provided
+patches, made suggestions or contributed in some way. These include (in
+alphabetical order):
Ken Arromdee
Devin Bayer
Reiner Buehl
Andrew J. Caines
Clifford Caoile
+ Frédéric Crozat
Michael T. Davis
Mattes Dolak
- Ulrich Drepper
Peter E
+ Florian Effenberger
+ Dean Gaudet
Aaron Hamid
+ Darel Henman
Magnus Holmgren
+ Derek Jennings
+ David Laight
Don Libes
Paul Lieverse
Jindrich Makovicka
David Mediavilla
+ Raphael Moll
Oliver Stoeneberg
+ Martin Thomas
Roberto Ragusa
+ Félix Rauch
Maynard Riley
+ Spinor S
Bart Schelstraete
Bobby G. Vinyard
- Darren Wiebe
Jörg Weinmann
+ Darren Wiebe
+ Anduin Withers
Oliver Yeoh
Jamie Zawinski
Junkbusters Corp.
Anonymous Coders
+ Ulrich Drepper
+ Philip Hazel
-------------------------------------------------------------------------------
14.3. Chain of Events
-Let's take a quick look at the basic sequence of events when a web page is
-requested by your browser and Privoxy is on duty:
+Let's take a quick look at how some of Privoxy's core features are triggered,
+and the ensuing sequence of events when a web page is requested by your
+browser:
* First, your web browser requests a web page. The browser knows to send the
request to Privoxy, which will in turn, relay the request to the remote web
* Next, Privoxy checks to see if the URL matches any "+block" patterns. If
so, the URL is then blocked, and the remote web server will not be
- contacted. "+handle-as-image" is then checked and if it does not match, an
- HTML "BLOCKED" page is sent back. Otherwise, if it does match, an image is
- returned. The type of image depends on the setting of "+set-image-blocker"
- (blank, checkerboard pattern, or an HTTP redirect to an image elsewhere).
+ contacted. "+handle-as-image" and "+handle-as-empty-document" are then
+ checked, and if there is no match, an HTML "BLOCKED" page is sent back to
+ the browser. Otherwise, if it does match, an image is returned for the
+ former, and an empty text document for the latter. The type of image would
+ depend on the setting of "+set-image-blocker" (blank, checkerboard pattern,
+ or an HTTP redirect to an image elsewhere).
* Untrusted URLs are blocked. If URLs are being added to the trust file, then
that is done.
parameters.
* Now the web server starts sending its response back (i.e. typically a web
- page and related data).
+ page).
* First, the server headers are read and processed to determine, among other
things, the MIME type (document type) and encoding. The headers are then
document, the popup-code in the response is filtered on-the-fly as it is
received.
- * If a "+filter" or "+deanimate-gifs" action applies (and the document type
- fits the action), the rest of the page is read into memory (up to a
- configurable limit). Then the filter rules (from default.filter and any
- other filter files) are processed against the buffered content. Filters are
- applied in the order they are specified in one of the filter files.
- Animated GIFs, if present, are reduced to either the first or last frame,
- depending on the action setting.The entire page, which is now filtered, is
- then sent by Privoxy back to your browser.
+ * If any "+filter" action or "+deanimate-gifs" action applies (and the
+ document type fits the action), the rest of the page is read into memory
+ (up to a configurable limit). Then the filter rules (from default.filter
+ and any other filter files) are processed against the buffered content.
+ Filters are applied in the order they are specified in one of the filter
+ files. Animated GIFs, if present, are reduced to either the first or last
+ frame, depending on the action setting.The entire page, which is now
+ filtered, is then sent by Privoxy back to your browser.
- If neither "+filter" or "+deanimate-gifs" matches, then Privoxy passes the
- raw data through to the client browser as it becomes available.
+ If neither a "+filter" action or "+deanimate-gifs" matches, then Privoxy
+ passes the raw data through to the client browser as it becomes available.
* As the browser receives the now (possibly filtered) page content, it reads
and then requests any URLs that may be embedded within the page source,
e.g. ad images, stylesheets, JavaScript, other HTML documents (e.g.
- frames), sounds, etc. For each of these objects, the browser issues a new
- request. And each such request is in turn processed as above. Note that a
- complex web page may have many such embedded URLs.
+ frames), sounds, etc. For each of these objects, the browser issues a
+ separate request (this is easily viewable in Privoxy's logs). And each such
+ request is in turn processed just as above. Note that a complex web page
+ will have many, many such embedded URLs. If these secondary requests are to
+ a different server, then quite possibly a very differing set of actions is
+ triggered.
+NOTE: This is somewhat of a simplistic overview of what happens with each URL
+request. For the sake of brevity and simplicity, we have focused on Privoxy's
+core features only.
+
-------------------------------------------------------------------------------
14.4. Troubleshooting: Anatomy of an Action
-filter {fun}
-filter {crude-parental}
-filter {site-specifics}
- +filter {js-annoyances}
- +filter {html-annoyances}
+ -filter {js-annoyances}
+ -filter {html-annoyances}
+filter {refresh-tags}
- +filter {unsolicited-popups}
+ -filter {unsolicited-popups}
+filter {img-reorder}
+filter {banners-by-size}
+filter {webbugs}
+filter {jumping-windows}
+filter {ie-exploits}
+ -filter {google}
+ -filter {yahoo}
+ -filter {msn}
+ -filter {blogspot}
+ -filter {xml-to-html}
+ -filter {html-to-xml}
+ -filter {no-ping}
+ -filter{hide-tor-exit-notation}
-filter-client-headers
-filter-server-headers
-force-text-mode
-crunch-server-header
+deanimate-gifs {last}
-downgrade-http-version
- -fast-redirects
- +filter {js-annoyances}
- +filter {html-annoyances}
+ +fast-redirects {check-decoded-url}
+ -filter {js-events}
+ -filter {content-cookies}
+ -filter {all-popups}
+ -filter {banners-by-link}
+ -filter {tiny-textforms}
+ -filter {frameset-borders}
+ -filter {demoronizer}
+ -filter {shockwave-flash}
+ -filter {quicktime-kioskmode}
+ -filter {fun}
+ -filter {crude-parental}
+ -filter {site-specifics}
+ -filter {js-annoyances}
+ -filter {html-annoyances}
+filter {refresh-tags}
- +filter {unsolicited-popups}
+ -filter {unsolicited-popups}
+filter {img-reorder}
+filter {banners-by-size}
+filter {webbugs}
+filter {jumping-windows}
+filter {ie-exploits}
+ -filter {google}
+ -filter {yahoo}
+ -filter {msn}
+ -filter {blogspot}
+ -filter {xml-to-html}
+ -filter {html-to-xml}
+ -filter {no-ping}
+ -filter{hide-tor-exit-notation}
-filter-client-headers
-filter-server-headers
-force-text-mode
-crunch-server-header
+deanimate-gifs
-downgrade-http-version
- +fast-redirects{check-decoded-url}
- +filter{html-annoyances}
- +filter{js-annoyances}
- +filter{kill-popups}
- +filter{webbugs}
- +filter{nimda}
- +filter{banners-by-size}
- +filter{hal}
- +filter{fun}
+ +fast-redirects {check-decoded-url}
+ -filter {js-events}
+ -filter {content-cookies}
+ -filter {all-popups}
+ -filter {banners-by-link}
+ -filter {tiny-textforms}
+ -filter {frameset-borders}
+ -filter {demoronizer}
+ -filter {shockwave-flash}
+ -filter {quicktime-kioskmode}
+ -filter {fun}
+ -filter {crude-parental}
+ -filter {site-specifics}
+ -filter {js-annoyances}
+ -filter {html-annoyances}
+ +filter {refresh-tags}
+ -filter {unsolicited-popups}
+ +filter {img-reorder}
+ +filter {banners-by-size}
+ +filter {webbugs}
+ +filter {jumping-windows}
+ +filter {ie-exploits}
+ -filter {google}
+ -filter {yahoo}
+ -filter {msn}
+ -filter {blogspot}
+ -filter {xml-to-html}
+ -filter {html-to-xml}
+ -filter {no-ping}
+ -filter{hide-tor-exit-notation}
-filter-client-headers
-filter-server-headers
-force-text-mode
+hide-referer{forge}
-hide-user-agent
-inspect-jpegs
- +kill-popups
+ -kill-popups
-overwrite-last-modified
+prevent-compression
-redirect
This would turn off all filtering for these sites. This is best put in
user.action, for local site exceptions. Note that when a simple domain pattern
is used by itself (without the subsequent path portion), all sub-pages within
-that domain are included automatcially in the scope of the action.
+that domain are included automatically in the scope of the action.
Images that are inexplicably being blocked, may well be hitting the "+filter
{banners-by-size}" rule, which assumes that images of certain sizes are ad
projects / privoxy.git / commitdiff
