2 File : $Source: /cvsroot/ijbswa/current/doc/source/changelog.sgml,v $
4 Purpose : Entity included in other project documents.
6 $Id: changelog.sgml,v 2.6 2013/03/07 14:26:47 fabiankeil Exp $
8 Copyright (C) 2013 Privoxy Developers http://www.privoxy.org/
11 ======================================================================
12 This file used for inclusion with other documents only.
13 ======================================================================
15 If you make changes to this file, please verify the finished
16 docs all display as intended.
18 This file is included into:
24 <application>Privoxy 3.0.21</application> stable is a bug-fix release
25 for Privoxy 3.0.20 beta. It addresses two security issues that
26 affect all previous Privoxy versions. The changes since 3.0.20 beta are:
30 The SGML ChangeLog can be generated with: utils/changelog2doc.pl ChangeLog
40 On POSIX-like platforms, network sockets with file descriptor
41 values above FD_SETSIZE are properly rejected. Previously they
42 could cause memory corruption in configurations that allowed
43 the limit to be reached.
48 Proxy authentication headers are removed unless the new directive
49 enable-proxy-authentication-forwarding is used. Forwarding the
50 headers potentially allows malicious sites to trick the user
51 into providing them with login information.
52 Reported by Chris John Riley.
57 Compiles on OS/2 again now that unistd.h is only included
58 on platforms that have it.
70 The show-status page shows the FEATURE_STRPTIME_SANITY_CHECKS status.
75 A couple of assert()s that could theoretically dereference
76 NULL pointers in debug builds have been relocated.
81 Added an LSB info block to the generic start script.
82 Based on a patch from Natxo Asenjo.
87 The max-client-connections default has been changed to 128
88 which should be more than enough for most setups.
96 Action file improvements:
100 Block rover.ebay./ar.*\&adtype= instead of "/.*\&adtype=" which
101 caused too man false positives.
102 Reported by u302320 in #360284, additional feedback from Adam Piggott.
107 Unblock '.advrider.com/' and '/.*ADVrider'.
108 Anonymously reported in #3603636.
113 Stop blocking '/js/slider\.js'.
114 Reported by Adam Piggott in #3606635 and _lvm in #2791160.
122 Filter file improvements:
126 Added an iframes filter.
134 Documentation improvements:
138 The whole GPLv2 text is included in the user manual now,
139 so Privoxy can serve it itself and the user can read it
140 without having to wade through GPLv3 ads first.
145 Properly numbered and underlined a couple of section titles
146 in the config that where previously overlooked due to a flaw
147 in the conversion script. Reported by Ralf Jungblut.
152 Improved the support instruction to hopefully make it harder to
153 unintentionally provide insufficient information when requesting
154 support. Previously it wasn't obvious that the information we need
155 in bug reports is usually also required in support requests.
160 Removed documentation about packages that haven't been provided
169 Privoxy-Regression-Test:
173 Only log the test number when not running in verbose mode
174 The position of the test is rarely relevant and it previously
175 wasn't exactly obvious which one of the numbers was useful to
176 repeat the test with --test-number.
184 GNUmakefile improvements:
188 Factor generate-config-file out of config-file to make testing
194 The clean target now also takes care of patch leftovers.
204 <application>Privoxy 3.0.20</application> beta contained the
205 following changes compared to the previous stable release:
216 Client sockets are now properly shutdown and drained before being
217 closed. This fixes page truncation issues with clients that aggressively
218 pipeline data on platforms that otherwise discard already written data.
219 The issue mainly affected Opera users and was initially reported
220 by Kevin in #3464439, szotsaki provided additional information to track
226 Fix latency calculation for shared connections (disabled by default).
227 It was broken since their introduction in 2009. The calculated latency
228 for most connections would be 0 in which case the timeout detection
229 failed to account for the real latency.
234 Reject URLs with invalid port. Previously they were parsed incorrectly and
235 characters between the port number and the first slash were silently
236 dropped as shown by curl test 187.
241 The default-server-timeout and socket-timeout directives accept 0 as
247 Fix a race condition on Windows that could cause Privoxy to become
248 unresponsive after toggling it on or off through the taskbar icon.
249 Reported by Tim H. in #3525694.
254 Fix the compilation on Windows when configured without IPv6 support.
259 Fix an assertion that could cause debug builds to abort() in case of
260 socks5 connection failures with "debug 2" enabled.
265 Fix an assertion that could cause debug builds to abort() if a filter
266 contained nul bytes in the replacement text.
274 General improvements:
278 Significantly improved keep-alive support for both client and server
284 New debug log level 65536 which logs all actions that were applied to
290 New directive client-header-order to forward client headers in a
291 different order than the one in which they arrived.
296 New directive tolerate-pipelining to allow client-side pipelining.
297 If enabled (3.0.20 beta enables it by default), Privoxy will keep
298 pipelined client requests around to deal with them once the current
299 request has been served.
304 New --config-test option to let Privoxy exit after checking whether or not
305 the configuration seems valid. The limitations noted in TODO #22 and #23
306 still apply. Based on a patch by Ramkumar Chinchani.
311 New limit-cookie-lifetime{} action to let cookies expire before the end
312 of the session. Suggested by Rick Sykes in #1049575.
317 Increase the hard-coded maximum number of actions and filter files from
318 10 to 30 (each). It doesn't significantly affect Privoxy's memory usage
319 and recompiling wasn't an option for all Privoxy users that reached the
325 Add support for chunk-encoded client request bodies. Previously
326 chunk-encoded request bodies weren't guaranteed to be forwarded correctly,
327 so this can also be considered a bug fix although chunk-encoded request
328 bodies aren't commonly used in the real world.
333 Add support for Tor's optimistic-data SOCKS extension, which can reduce the
334 latency for requests on newly created connections. Currently only the
335 headers are sent optimistically and only if the client request has already
336 been read completely which rules out requests with large bodies.
341 After preventing the client from pipelining, don't signal keep-alive
342 intentions. When looking at the response headers alone, it previously
343 wasn't obvious from the client's perspective that no additional responses
349 Stop considering client sockets tainted after receiving a request with body.
350 It hasn't been necessary for a while now and unnecessarily causes test
351 failures when using curl's test suite.
356 Allow HTTP/1.0 clients to signal interest in keep-alive through the
357 Proxy-Connection header. While such client are rare in the real world, it
358 doesn't hurt and couple of curl tests rely on it.
363 Only remove duplicated Content-Type headers when filters are enabled.
364 If they are not it doesn't cause ill effects and the user might not want it.
365 Downgrade the removal message to LOG_LEVEL_HEADER to clarify that it's not
366 an error in Privoxy and is unlikely to cause any problems in general.
367 Anonymously reported in #3599335.
372 Set the socket option SO_LINGER for the client socket.
377 Move several variable declarations to the beginning of their code block.
378 It's required when compiling with gcc 2.95 which is still used on some
379 platforms. Initial patch submitted by Simon South in #3564815.
384 Optionally try to sanity-check strptime() results before trusting them.
385 Broken strptime() implementations have caused problems in the past and
386 the most recent offender seems to be FreeBSD's libc (standards/173421).
391 When filtering is enabled, let Range headers pass if the range starts at
392 the beginning. This should work around (or at least reduce) the video
393 playback issues with various Apple clients as reported by Duc in #3426305.
398 Do not confuse a client hanging up with a connection time out. If a client
399 closes its side of the connection without sending a request line, do not
400 send the CLIENT_CONNECTION_TIMEOUT_RESPONSE, but report the condition
406 Allow closing curly braces as part of action values as long as they are
412 On Windows, the logfile is now written before showing the GUI error
413 message which blocks until the user acknowledges it.
414 Reported by Adriaan in #3593603.
419 Remove an unreasonable parameter limit in the CGI interface. The new
420 parameter limit depends on the memory available and is currently unlikely
421 to be reachable, due to other limits in both Privoxy and common clients.
422 Reported by Andrew on ijbswa-users@.
427 Decrease the chances of parse failures after requests with unsupported
428 methods were sent to the CGI interface.
436 Action file improvements:
440 Remove the comment that indicated that updated default.action versions
441 are released on their own.
446 Block 'optimize.indieclick.com/' and 'optimized-by.rubiconproject.com/'
451 Unblock 'adjamblog.wordpress.com/' and 'adjamblog.files.wordpress.com/'.
452 Reported by Ryan Farmer in #3496116.
457 Unblock '/.*Bugtracker'. Reported by pwhk in #3522341.
462 Add test URLs for '.freebsd.org' and '.watson.org'.
467 Unblock '.urbandictionary.com/popular'.
477 Block 'farm.plista.com/widgetdata.php'.
482 Block 'rotation.linuxnewmedia.com/'.
487 Block 'reklamy.sfd.pl/'. Reported by kacperdominik in #3399948.
492 Block 'g.adspeed.net/'.
497 Unblock 'websupport.wdc.com/'. Reported by Adam Piggot in #3577851.
502 Block '/openx/www/delivery/'.
507 Disable fast-redirects for '.googleapis.com/'.
512 Block 'imp.double.net/'. Reported by David Bo in #3070411.
517 Block 'gm-link.com/' which is used for email tracking.
518 Reported by David Bo in #1812733.
523 Verify that requests to "bwp." are blocked. URL taken from #1736879
524 submitted by Francois Marier.
529 Block '/.*bannerid='. Reported by Adam Piggott in #2975779.
534 Block 'cltomedia.info/delivery/' and '.adexprt.com/'.
535 Anonymously reported in #2965254.
540 Block 'de17a.com/'. Reported by David Bo in #3061472.
545 Block 'oskar.tradera.com/'. Reported by David Bo in #3060596.
550 Block '/scripts/webtrends\.js'. Reported by johnd16 in #3002729.
555 Block requests for 'pool.*.adhese.com/'. Reported by johnd16 in #3002716.
560 Update path pattern for Coremetrics and add tests.
561 Pattern and URLs submitted by Adam Piggott #3168443.
566 Enable +fast-redirects{check-decoded-url} for 'tr.anp.se/'.
567 Reported by David Bo in #3268832.
572 Unblock '.conrad.se/newsletter/banners/'. Reported by David Bo in #3413824.
577 Block '.tynt.com/'. Reported by Dan Stahlke in #3421767.
582 Unblock '.bbci.co.uk/radio/'. Reported by Adam Piggott in #3569603.
587 Block requests to 'service.maxymiser.net/'.
588 Reported by johnd16 in #3118401 (with a previous URL).
593 Disable fast-redirects for Google's "let's pretend your computer is
599 Unblock '/.*download' to resolve actionsfile feedback #3498129.
600 Submitted by Steven Kolins (soundcloud.com not working).
605 Unblock '.wlxrs.com/' which is required by hotmail.com.
606 Fixes #3413827 submitted by David Bo.
611 Add two unblock patterns for popup radio and TV players.
612 Submitted by Adam Piggott in #3596089.
620 Filter file improvements & bug fixes:
624 Add a referer tagger.
629 Reduce the likelihood that the google filter messes up HTML-generating
630 JavaScript. Reported by Zeno Kugy in #3520260.
638 Documentation improvements:
642 Revised all OS X sections due to new packaging module (OSXPackageBuilder).
647 Update the list of supported operating systems to clarify that all Windows
648 versions after 95 are expected to work and note that the platform-specific
649 code for AmigaOS and QNX currently isn't maintained.
654 Update 'Signals' section, the only explicitly handled signals are SIGINT,
660 Add Haiku to the list of operating systems on which Privoxy is known to
666 Add DragonFly to the list of BSDs on which Privoxy is known to run.
671 Removed references to redhat-specific documentation set since it no longer
677 Removed references to building PDFs since we no longer do so.
682 Multiple listen-address directives are supported since 3.0.18, correct the
683 documentation to say so.
688 Remove bogus section about long and short being preferable to int.
693 Corrected some Internet JunkBuster references to Privoxy.
698 Removed references to www.junkbusters.com since it is no longer
699 maintained. Reported by Angelina Matson.
704 Various grammar and spelling corrections
709 Add a client-header-tagger{} example for disabling filtering for range
715 Correct a URL in the "Privoxy with Tor" FAQ.
720 Spell 'refresh-tags' correctly. Reported by Don in #3571927.
725 Sort manpage options alphabetically.
730 Remove an incorrect sentence in the toggle section. The toggle state
731 doesn't affect whether or not the Windows version uses the tray icon.
732 Reported by Zeno Kugy in #3596395.
737 Add new contributors since 3.0.19.
745 Log message improvements:
749 When stopping to watch a client socket due to pipelining, additionally log
755 Log the client socket and its condition before closing it. This makes it
756 more obvious that the socket actually gets closed and should help when
757 diagnosing problems like #3464439.
762 In case of SOCKS5 failures, do not explicitly log the server's response.
763 It hasn't helped so far and the response can already be logged by enabling
764 "debug 32768" anyway. This reverts v1.81 and the follow-up bug fix v1.84.
769 Relocate the connection-accepted message from listen_loop() to serve().
770 This way it's printed by the thread that is actually serving the
771 connection which is nice when grepping for thread ids in log files.
783 Remove compatibility layer for versions prior to 3.0 since it has been
784 obsolete for more than 10 years now.
789 Remove the ijb_isupper() and ijb_tolower() macros from parsers.c since
790 they aren't used in this file.
795 Removed the 'Functions declared include:' comment sections since they tend
796 to be incomplete, incorrect and out of date and the benefit seems
802 Various comment grammar and comprehensibility improvements.
807 Remove a pointless fflush() call in chat(). Flushing all streams pretty
808 much all the time for no obvious reason is ridiculous.
813 Relocate ijb_isupper()'s definition to project.h and get the ijb_tolower()
814 definition from there, too.
819 Relocate ijb_isdigit()'s definition to project.h.
824 Rename ijb_foo macros to privoxy_foo.
829 Add malloc_or_die() which will allow to simplify code paths where malloc()
830 failures don't need to be handled gracefully.
835 Add strdup_or_die() which will allow to simplify code paths where strdup()
836 failures don't need to be handled gracefully.
841 Replace strdup() calls with strdup_or_die() calls where it's safe and
847 Fix white-space around parentheses.
852 Add missing white-space behind if's and the following parentheses.
857 Unwrap a memcpy() call in resolve_hostname_to_ip().
862 Declare pcrs_get_delimiter()'s delimiters[] static const.
867 Various optimisations to remove dead code and merge inefficient code
868 structures for improved clarity, performance or code compactness.
873 Various data type corrections.
878 Change visibility of several code segments when compiling without
879 FEATURE_CONNECTION_KEEP_ALIVE enabled for clarity.
884 In pcrs_get_delimiter(), do not use delimiters outside the ASCII range.
885 Fixes a clang complaint.
890 Fix an error message in get_last_url() nobody is supposed to see.
891 Reported by Matthew Fischer in #3507301.
896 Fix a typo in the no-zlib-support complaint. Patch submitted by Matthew
902 Shorten ssplit()'s prototype by removing the last two arguments. We always
903 want to skip empty fields and ignore leading delimiters, so having
904 parameters for this only complicates the API.
909 Use an enum for the type of the action value.
914 Rename action_name's member takes_value to value_type as it isn't used as
920 Turn family mismatches in match_sockaddr() into fatal errors.
925 Let enlist_unique_header() verify that the caller didn't pass a header
926 containing either \r or \n.
931 Change the hashes used in load_config() to unsigned int. That's what
932 hash_string() actually returns and using a potentially larger type
938 Use privoxy_tolower() instead of vanilla tolower() with manual casting of
944 Catch ssplit() failures in parse_cgi_parameters().
952 Privoxy-Regression-Test:
956 Add an 'Overwrite condition' directive to skip any matching tests before
957 it. As it has a global scope, using it is more convenient than clowning
958 around with the Ignore directive.
963 Log to STDOUT instead of STDERR.
968 Include the Privoxy version in the output.
973 Various grammar and spelling corrections in documentation and code.
978 Additional tests for range requests with filtering enabled.
983 Tests with mostly invalid range request.
988 Add a couple of hide-if-modified-since{} tests with different date formats.
993 Cleaned up the format of the regression-tests.action file to match the
994 format of default.action.
999 Remove the "Copyright" line from print_version(). When using --help, every
1000 line of screen space matters and thus shouldn't be wasted on things the
1001 user doesn't care about.
1013 Improve the --statistics performance by skipping sanity checks for input
1014 that shouldn't affect the results anyway. Add a --strict-checks option
1015 that enables some of the checks again, just in case anybody cares.
1020 The distribution of client requests per connection is included in
1021 the --statistic output.
1026 The --accept-unknown-messages option has been removed and the behavior
1032 Accept and (mostly) highlight new log messages introduced with
1045 Bump generated Firefox version to 17.
1053 GNUmakefile improvements:
1057 The dok-tidy target no longer taints documents with a tidy-mark
1062 Change RA_MODE from 0664 to 0644. Suggested by Markus Dittrich in
1068 Remove tidy's clean flag as it changes the scope of attributes.
1069 Link-specific colors end up being applied to all text. Reported by Adam
1070 Piggott in #3569551.
1075 Leave it up to the user whether or not smart tags are inserted.
1080 Let w3m itself do the line wrapping for the config file. It works better
1081 than fmt as it can honour pre tags causing less unintentional line breaks.
1086 Ditch a pointless '-r' passed to rm to delete files.
1091 The config-file target now requires less manual intervention and updates
1092 the original config.
1097 Change WDUMP to generate ASCII. Add WDUMP_UTF8 to allow UTF-8 in the
1098 AUTHORS file so the names are right.
1103 Stop pretending that lynx and links are supported for the documentation.
1111 configure improvements:
1115 On Haiku, do not pass -lpthread to the compiler. Haiku's pthreads
1116 implementation is contained in its system library, libroot, so no
1117 additional library needs to be searched.
1118 Patch submitted by Simon South in #3564815.
1123 Additional Haiku-specific improvements. Disable checks intended for
1124 multi-user systems as Haiku is presently single-user. Group Haiku-specific
1125 settings in their own section, following the pattern for Solaris, OS/2 and
1126 AmigaOS. Add additional library-related settings to remove the need for
1127 providing configure with custom LDFLAGS.
1128 Submitted by Simon South in #3574538.