7 CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
10 TITLE="Privoxy Frequently Asked Questions"
11 HREF="index.html"><LINK
14 HREF="installation.html"><LINK
17 HREF="misc.html"><LINK
20 HREF="../p_doc.css"></HEAD
31 SUMMARY="Header navigation table"
40 >Privoxy Frequently Asked Questions</TH
48 HREF="installation.html"
86 >3.1. Where can I get updated Actions Files?</H3
88 > Based on your feedback and the continuing development, updated actions files will be
89 made available on the <A
90 HREF="http://sourceforge.net/project/showfiles.php?group_id=11118"
95 HREF="http://sf.net/projects/ijbswa/"
101 > If you wish to receive an email notification whenever we release updates of
105 > or the actions file, <A
106 HREF="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce/"
109 to our announce mailing list</A
110 >, ijbswa-announce@lists.sourceforge.net.
120 >3.2. Can I use my old config files?</H3
122 > The syntax, number, and purpose of configuration files has substantially
130 >. The old files, like <TT
134 will not work at all. If you are upgrading from a 2.0.x version, you will
135 need to port your configuration data to the new format. Note that even the
136 pattern syntax has changed! Even configuration files from the 2.9.x versions
137 will need to be adapted, as configuration syntax has been very much in flow
142 HREF="../user-manual/whatsnew.html"
146 page for information on configuration changes that may occur from one release to another.
156 >3.3. What is an <SPAN
162 HREF="../user-manual/actions-file.html"
167 HREF="../user-manual/actions-file.html#ACTIONS"
174 > might take while processing a certain
175 request, are configured. Typically, you would define a set of default actions
176 that apply to all URLs, then add exceptions to these defaults where needed.</P
178 > Actions can be defined on a <A
179 HREF="../user-manual/actions-file.html#AF-PATTERNS"
183 for single URLs, whole web sites, groups or parts thereof etc. Actions can also be
184 grouped together and then applied to requests matching one or more patterns.
185 There are many possible actions that might apply to any given site. As an example,
186 if you are blocking cookies as one of your default actions, but need to accept
187 cookies from a given site, you would need to define an exception for this
188 site in one of your actions files, preferably in <TT
203 > concept confuses me. Please list
209 > For a comprehensive discussion of the actions concept, please refer
211 HREF="../user-manual/actions-file.html"
216 HREF="../user-manual/index.html"
221 HREF="../user-manual/actions-file.html#ACTIONS"
223 >list of all actions</A
226 HREF="../user-manual/actions-file.html#ACT-EXAMPLES"
230 > to get you started.</P
239 >3.5. How are actions files configured? What is the easiest
242 > Actions files are just text files in a special syntax and can be edited
243 with a text editor. But probably the easiest way is to access
247 >'s user interface with your web browser
249 HREF="http://config.privoxy.org/"
251 >http://config.privoxy.org/</A
261 HREF="http://config.privoxy.org/show-status"
264 change the current configuration</A
275 >3.6. There are several different <SPAN
284 > v2.9.15, three actions files
285 are being included, to be used for
286 different purposes: These are
294 which is actively maintained by the <SPAN
301 >, where users are encouraged
302 to make their private customizations, and <TT
306 which is for internal <SPAN
311 HREF="../user-manual/actions-file.html"
313 >the actions chapter</A
316 HREF="../user-manual/index.html"
320 detailed explanation.</P
322 > Earlier versions included three different versions of the
326 > file. The new scheme allows for
327 greater flexibility of local configuration, and for browser based
328 selection of pre-defined <SPAN
330 >"aggressiveness"</SPAN
340 >3.7. How can I make my Yahoo/Hotmail/Gmail account work?</H3
342 > The default configuration shouldn't impact the usability of any of these services.
343 It will, however, make all cookies temporary, so that your browser will forget your
344 login credentials in between browser sessions. If you would like not to have to log
345 in manually each time you access those websites, simply turn off all cookie handling
349 > file. An example for yahoo might
361 ># Allow all cookies for Yahoo login:
364 HREF="../user-manual/actions-file.html#CRUNCH-INCOMING-COOKIES"
366 >crunch-incoming-cookies</A
368 HREF="../user-manual/actions-file.html#CRUNCH-OUTGOING-COOKIES"
370 >crunch-outgoing-cookies</A
372 HREF="../user-manual/actions-file.html#SESSION-COOKIES-ONLY"
374 >session-cookies-only</A
376 .login.yahoo.com</PRE
390 >3.8. What's the difference between the
399 >"Adventuresome"</SPAN
405 > is not entirely trivial. To
406 help you get started, we provide you with three different default action
410 > in the web based actions file editor at <A
411 HREF="http://config.privoxy.org/show-status"
413 >http://config.privoxy.org/show-status</A
416 HREF="../user-manual/actions-file.html"
423 > for a list of actions, and how the default
427 > Where the defaults are likely to break some sites, exceptions for
431 > sites are included, but in
432 general, the more aggressive your default settings are, the more exceptions
433 you will have to make later. See the <A
434 HREF="../user-manual/index.html"
441 for a more deatiled discussion.</P
443 > It should be noted that the <SPAN
445 >"Adventuresome"</SPAN
446 > profile (formerly known
450 > profile) is not only more
451 aggressive, but also includes fun and, extreme usage of most of
455 > features. Use at your own risk!</P
464 >3.9. Why can I change the configuration
465 with a browser? Does that not raise security issues?</H3
467 > It may seem strange that regular users can edit the config files with their
468 browsers, although the whole <TT
472 belongs to the user <SPAN
475 >, with only 644 permissions.
478 > When you use the browser-based editor, <SPAN
482 itself is writing to the config files. Because
486 > is running as the user <SPAN
490 it can update the config files.
496 > for multiple untrusted users (e.g. in
497 a LAN), you will probably want to turn the web-based editor and remote toggle
498 features off by setting <SPAN
503 HREF="../user-manual/config.html#ENABLE-EDIT-ACTIONS"
505 >enable-edit-actions</A
514 HREF="../user-manual/config.html#ENABLE-REMOTE-TOGGLE"
516 >enable-remote-toggle</A
521 HREF="../user-manual/config.html"
523 >main configuration file</A
527 > Note that in the default configuration, only local users (i.e. those on
531 >) can connect to <SPAN
535 so this is not (normally) a security problem.
545 >3.10. What is the <TT
548 > file? What is a <SPAN
554 HREF="../user-manual/filter-file.html"
567 > as supplied by the developers are defined.
568 Filters are a special subset of actions that can be used to modify or
569 remove, web page content on the fly. Filters apply to <SPAN
576 in the page source (and optionally both client and server headers), including
577 HTML tags, and JavaScript. Regular expressions are used to accomplish this.
578 There are a number of pre-defined filters to deal with common annoyances. The
579 filters are only defined here, to invoke them, you need to use the
581 HREF="../user-manual/actions-file.html#FILTER"
588 > in one of the actions files. Filtering is automatically
589 disabled for inappropriate MIME types.</P
591 > If you are familiar with regular expressions, and HTML, you can look at
595 > with a text editor and define
596 your own filters. This is potentially a very powerful feature, but
597 requires some expertise in both regular expressions and HTML/HTTP. You should
598 place any modifications to the default filters, or any new ones you create
599 in a separate file, such as <TT
603 be overwritten during upgrades. The ability to define multiple filter files
607 > is a new feature as of v. 3.0.4.</P
609 > There is no GUI editor option for this part of the configuration,
610 but you can disable/enable the various pre-defined filters of the included
615 HREF="http://config.privoxy.org/show-status"
617 >web-based actions file editor</A
627 >3.11. How can I set up <SPAN
630 > to act as a proxy for my
636 > only responds to requests
640 > (localhost). To have it act as a server for
641 a network, this needs to be changed in the <A
642 HREF="../user-manual/config.html"
644 >main configuration file</A
649 HREF="../user-manual/config.html#LISTEN-ADDRESS"
654 option, which may be commented out with a <SPAN
658 it is uncommented, and assign it the address of the LAN gateway interface,
659 and port number to use. Assuming your LAN address is 192.168.1.1 and you
663 > on port 8118, this line
674 > listen-address 192.168.1.1:8118</PRE
680 > Save the file, and restart <SPAN
684 all browsers on the network then to use this address and port number.</P
686 > Alternately, you can have <SPAN
690 all available interfaces:</P
700 > listen-address :8118</PRE
711 HREF="../user-manual/config.html#PERMIT-ACCESS"
715 feature to limit connections. A firewall in this situation is recommended
718 > The above steps should be the same for any TCP network, regardless of
724 > on a LAN with untrusted users,
725 we recommend that you double-check the <A
726 HREF="../user-manual/config.html#ACCESS-CONTROL"
728 >access control and security</A
739 >3.12. Instead of ads, now I get a checkerboard pattern. I don't want to see anything.</H3
741 > The replacement for blocked images can be controlled with the <A
742 HREF="../user-manual/actions-file.html#SET-IMAGE-BLOCKER"
746 >set-image-blocker</TT
749 >. You have the choice of a checkerboard pattern, a transparent 1x1 GIF
753 >), or a redirect to a custom image of your choice.
754 Note that this choice only has effect for images which are blocked as images, i.e.
755 whose URLs match both a <TT
758 HREF="../user-manual/actions-file.html#HANDLE-AS-IMAGE"
772 HREF="../user-manual/actions-file.html#BLOCK"
778 > If you want to see nothing, then change the <A
779 HREF="../user-manual/actions-file.html#SET-IMAGE-BLOCKER"
783 >set-image-blocker</TT
789 >. This can be done by editing the
793 > file, or trough the <A
794 HREF="http://config.privoxy.org/show-status"
796 >web-based actions file editor</A
806 >3.13. Why would anybody want to see a checkerboard pattern?</H3
809 HREF="general.html#WHATSANAD"
810 >telling which image is an ad and which
812 >, is mostly guesswork. While we hope that the standard configuration
813 is rather smart, it can and will make errors. The checkerboard image is visually
814 decent, but it shows you that and where images were blocked, which can be very
815 helpful in case some navigation aid or otherwise innocent image was
816 erraneously blocked. Some people might also enjoy seeing how many banners
832 >3.14. I see some images being replaced by a text
833 instead of the checkerboard image. Why and how do I get rid of this?</H3
835 > This happens when the banners are not embedded in the HTML code of the
836 page itself, but in separate HTML (sub)documents that are loaded into (i)frames
837 or (i)layers, and these external HTML documents are blocked. Being non-images
838 they get replaced by a substitute HTML page rather than a substitute image,
839 which wouldn't work out technically, since the browser expects and accepts
840 only HTML when it has requested an HTML document. </P
842 > The substitute page adapts to the available space and shows itself as a
843 miniature two-liner if loaded into small frames, or full-blown with a
844 large red "BLOCKED" banner if space allows.</P
846 > If you prefer the banners to be blocked by images, you must see to it that
847 the HTML documents in which they are embedded are not blocked. Clicking
851 > link offered in the substitute page will show
852 you which rule blocked the page. After changing the rule and un-blocking
853 the HTML documents, the browser will try to load the actual banner images
854 and the usual image blocking will (hopefully!) kick in.</P
869 > Earlier versions could run as a system service using <B
873 See the discussion at <A
874 HREF="http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118"
876 >http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118</A
878 for details, and a sample configuration.</P
880 > Version 3.0.1 fixes the problem where the icon and menu where not available
881 in the taskbar for this usage.</P
883 > Version 3.0.4, introduces full Windows service functionality, thus elimating
896 >3.16. How can I make <SPAN
908 > This can be done and is often useful to combine the benefits of
912 > with those of a another proxy.
914 HREF="../user-manual/config.html#FORWARDING"
916 >forwarding chapter</A
919 HREF="../user-manual/index.html"
923 describes how to do this.</P
932 >3.17. Can I just set <SPAN
936 and thus avoid individual browser configuration?</H3
938 > No, its more complicated than that. This only works with special kinds
939 of proxies known as <SPAN
942 > proxies (see below).</P
962 > currently does not have this ability,
963 though it is planned for a future release. Transparent proxies require
964 special handling of the request headers beyond what
968 > is now capable of.</P
973 > behind another proxy that has
974 this ability should work though.
976 HREF="../user-manual/config.html#FORWARDING"
978 >forwarding chapter</A
981 HREF="../user-manual/index.html"
985 a transparent proxy to be used for chaining we recommend Transproxy
987 HREF="http://www.transproxy.nlc.net.au/"
989 >http://www.transproxy.nlc.net.au/</A
999 >3.19. How can I configure <SPAN
1002 > for use with <SPAN
1010 >Outlook Express</SPAN
1013 >Internet Explorer</SPAN
1015 components to both render HTML, and fetch any HTTP requests that may be embedded in an HTML email.
1016 So however you have <SPAN
1019 > configured to work
1020 with IE, this configuration should automatically be shared.</P
1029 >3.20. How can I have separate rules just for HTML mail?</H3
1031 > The short answer is, you can't. <SPAN
1035 of knowing which particular application makes a request, so there is no way to
1036 distinguish between web pages and HTML mail.
1040 > just blindly proxies all requests. In the
1043 >Outlook Express</SPAN
1044 > (see above), OE uses
1045 IE anyway, and there is no way for <SPAN
1049 be able to distinguish between them (nor could any other proxy type application for
1052 > For a good discussion of some of the issues involved (including privacy and
1053 security issues), see
1055 HREF="http://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118"
1057 >http://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118</A
1065 NAME="ALLOW-COOKIES"
1067 >3.21. How can I allow permanent cookies for my trusted sites?</H3
1069 > There are several actions that relate to cookies. The default behavior is to
1072 >"session cookies"</SPAN
1073 >, which means the cookies only last
1074 for the current browser session. This eliminates most kinds of abuse related
1075 to cookies. But there may be cases where we want cookies to last.</P
1077 > To disable all cookie actions, so that cookies are allowed unrestricted,
1078 both in and out, for <TT
1091 > { -crunch-incoming-cookies -crunch-outgoing-cookies -session-cookies-only -filter{content-cookies} }
1098 > Place the above in <TT
1101 >. Note some of these may
1102 be off by default anyway, so this might be redundant, but there is no harm
1103 being explicit in what you want to happen. <TT
1107 includes an alias for this situation, called
1110 >allow-all-cookies</TT
1120 >3.22. Can I have separate configurations for different users?</H3
1122 > Each instance of <SPAN
1126 configuration, including such attributes as the TCP port that it listens on.
1127 What you can do is run multiple instances of <SPAN
1134 > and configuration path, and then
1135 each of these can have their own configurations. Think of it as per-port
1139 Simple enough for a few users, but for large installations, consider having
1140 groups of users that might share like configurations.</P
1149 >3.23. Can I set-up <SPAN
1158 > Sure. There are a couple of things you can do for simple whitelisting.
1159 Here's one real easy one:</P
1168 > ############################################################
1170 ############################################################
1172 / # Block *all* URLs
1174 ############################################################
1176 ############################################################
1180 games.example.com</PRE
1185 > This allows access to only those three sites.</P
1187 > A more interesting approach is <SPAN
1194 > concept, which incorporates the notion of
1197 >"trusted referrers"</SPAN
1199 HREF="../user-manual/config.html#TRUSTFILE"
1201 >User Manual Trust</A
1205 > These are fairly simple approaches and are not completely foolproof. There
1206 are various other configuration options that should be disabled (described
1207 elsewhere here and in <A
1208 HREF="../user-manual/"
1212 so that users can't modify their own configuration and easily circumvent the
1221 SUMMARY="Footer navigation table"
1232 HREF="installation.html"