NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
-TITLE="Privoxy 3.0.15 User Manual"
+TITLE="Privoxy 3.0.27 User Manual"
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="Installation"
><TH
COLSPAN="3"
ALIGN="center"
->Privoxy 3.0.15 User Manual</TH
+>Privoxy 3.0.27 User Manual</TH
></TR
><TR
><TD
>3. What's New in this Release</A
></H1
><P
-> <SPAN
+> <SPAN
CLASS="APPLICATION"
->Privoxy 3.0.15 beta</SPAN
-> is a bug-fix release
- for the previous beta. The changes since 3.0.14 are:</P
+>Privoxy 3.0.26</SPAN
+> stable is a bug-fix release
+ for the previously released 3.0.25 beta which introduced client-specific
+ tags and included a couple of minor improvements.</P
><P
-> <P
></P
><UL
><LI
><P
-> In case of missing server data, no error message is send to the
- client if the request arrived on a reused connection. The client
- is then supposed to silently retry the request without bothering
- the user. This should significantly reduce the frequency of the
- "No server or forwarder data received" error message many users
- reported.
+> Bug fixes:
</P
+><P
+></P
+><UL
+><LI
+><P
+> Fixed crashes with "listen-addr :8118" (SF Bug #902).
+ The regression was introduced in 3.0.25 beta and reported
+ by Marvin Renich in Debian bug #834941.
+ </P
+></LI
+></UL
></LI
><LI
><P
-> More reliable detection of prematurely closed client sockets
- with keep-alive enabled.
+> General improvements:
</P
+><P
+></P
+><UL
+><LI
+><P
+> Log when privoxy is toggled on or off via cgi interface.
+ </P
></LI
><LI
><P
-> FEATURE_CONNECTION_KEEP_ALIVE is decoupled from
- FEATURE_CONNECTION_SHARING and now available on
- all platforms.
- </P
+> Highlight the "Info: Now toggled " on/off log message
+ in the Windows log viewer.
+ </P
></LI
><LI
><P
-> Improved handling of POST requests on reused connections.
- Should fix problems with stalled connections after submitting
- form data with some browser configurations.
- </P
+> Highlight the loading actions/filter file log message
+ in the Windows log viewer.
+ </P
></LI
><LI
><P
-> Fixed various latency calculation issues.
- </P
+> Mention client-specific tags on the toggle page as a
+ potentionally more appropriate alternative.
+ </P
+></LI
+></UL
></LI
><LI
><P
-> Allows the client to pass NTLM authentication requests to a
- forwarding proxy. This was already assumed and hinted to work
- in 3.0.13 beta but actually didn't. Now it's confirmed to work
- with IE, Firefox and Chrome.
- Thanks to Francois Botha and Wan-Teh Chang
+> Documentation improvements:
</P
+><P
+></P
+><UL
+><LI
+><P
+> Update download section on the homepage.
+ The downloads are available from the website now.
+ </P
></LI
><LI
><P
-> Fixed a calculation problem if receiving the server headers
- takes more than two reads, that could cause Privoxy to terminate
- the connection prematurely. Reported by Oliver.
- </P
+> Add sponsor FAQ.
+ </P
></LI
><LI
><P
-> Compiles again on platforms such as OpenBSD and systems
- using earlier glibc version that don't support AI_ADDRCONFIG.
- Anonymously submitted in #2872591.
- </P
+> Remove obsolete reference to mailing lists hosted at SourceForge.
+ </P
></LI
><LI
><P
-> A bunch of MS VC project files and Suse and Redhat RPM spec
- files have been removed as they were no longer maintained for
- quite some time.
- </P
+> Update the "Before the Release" section of the developer manual.
+ </P
+></LI
+></UL
></LI
><LI
><P
-> Overly long action lines are properly rejected with a proper
- error message. Previously they would be either rejected as
- invalid or cause a core dump through abort().
+> Infrastructure improvements:
</P
+><P
+></P
+><UL
+><LI
+><P
+> Add perl script to generate an RSS feed for the packages
+ Submitted by "Unknown".
+ </P
+></LI
+></UL
></LI
><LI
><P
-> Already timed-out connections are no longer temporarily remembered.
- They weren't reused anyway, but wasted a socket slot.
+> Build system improvements:
</P
+><P
+></P
+><UL
+><LI
+><P
+> strptime.h: fix a compiler warning about ambiguous else.
+ </P
></LI
><LI
><P
-> len refers to the number of bytes actually read which might
- differ from the ones received. Adjust log messages accordingly.
- </P
+> configure.in: Check for Docbook goo on the BSDs as well.
+ </P
></LI
><LI
><P
-> The optional JavaScript on the CGI page uses encodeURIComponent()
- instead of escape() which doesn't encode all characters that matter.
- Anonymously reported in #2832722.
- </P
+> GNUMakefile.in: Let the dok-user target remove temporary files.
+ </P
+></LI
+></UL
></LI
+></UL
+><P
+> Changes between <SPAN
+CLASS="APPLICATION"
+>Privoxy 3.0.25 beta</SPAN
+>
+ and the previous release:</P
+><P
+></P
+><UL
><LI
><P
-> Fix gcc45 warnings in decompress_iob().
+> Bug fixes:
</P
+><P
+></P
+><UL
+><LI
+><P
+> Always use the current toggle state for new requests.
+ Previously new requests on reused connections inherited
+ the toggle state from the previous request even though
+ the toggle state could have changed.
+ Reported by Robert Klemme.
+ </P
></LI
><LI
><P
-> Various log message improvements.
- </P
+> Fixed two buffer-overflows in the (deprecated) static
+ pcre code. These bugs are not considered security issues
+ as the input is trusted.
+ Found with afl-fuzz and ASAN.
+ </P
+></LI
+></UL
></LI
><LI
><P
-> Privoxy-Regression-Test supports redirect tests.
+> General improvements:
</P
+><P
+></P
+><UL
+><LI
+><P
+> Added support for client-specific tags which allow Privoxy
+ admins to pre-define tags that are set for all requests from
+ clients that previously opted in through the CGI interface.
+ They are useful in multi-user setups where admins may
+ want to allow users to disable certain actions and filters
+ for themselves without affecting others.
+ In single-user setups they are useful to allow more fine-grained
+ toggling. For example to disable request blocking while still
+ crunching cookies, or to disable experimental filters only.
+ This is an experimental feature, the syntax and behaviour may
+ change in future versions.
+ Sponsored by Robert Klemme.
+ </P
></LI
><LI
><P
-> Privoxy-Log-Parser can gather some connection statistics.
- </P
+> Dynamic filters and taggers now support a $listen-address variable
+ which contains the address the request came in on.
+ For external filters the variable is called $PRIVOXY_LISTEN_ADDRESS.
+ Original patch contributed by pursievro.
+ </P
+></LI
+><LI
+><P
+> Add client-header-tagger 'listen-address'.
+ </P
+></LI
+><LI
+><P
+> Include the listen-address in the log message when logging new requests.
+ Patch contributed by pursievro.
+ </P
+></LI
+><LI
+><P
+> Turn invalid max-client-connections values into fatal errors.
+ </P
+></LI
+><LI
+><P
+> The show-status page now shows whether or not dates before 1970
+ and after 2038 are expected to be handled properly.
+ This is mainly useful for Privoxy-Regression-Test but could
+ also come handy when dealing with time-related support requests.
+ </P
+></LI
+><LI
+><P
+> On Mac OS X the thread id in log messages are more likely to
+ be unique now.
+ </P
+></LI
+><LI
+><P
+> When complaining about missing filters, the filter type is logged
+ as well.
+ </P
+></LI
+><LI
+><P
+> A couple of harmless coverity warnings were silenced
+ (CID #161202, CID #161203, CID #161211).
+ </P
></LI
></UL
-></P
+></LI
+><LI
><P
-> If you missed the previous two beta versions, you may also be
- interested in the additional changes since 3.0.12, the
- last stable release:</P
+> Action file improvements:
+ </P
><P
-> <P
></P
><UL
><LI
><P
-> Added IPv6 support. Thanks to Petr Pisar who not only provided
- the initial patch but also helped a lot with the integration.
- </P
+> Filtering is disabled for Range requests to let download resumption
+ and Windows updates work with the default configuration.
+ </P
></LI
><LI
><P
-> Added client-side keep-alive support.
- </P
+> Unblock ".ardmediathek.de/".
+ Reported by ThTomate in #932.
+ </P
+></LI
+></UL
></LI
><LI
><P
-> The connection sharing code is only used if the connection-sharing
- option is enabled.
+> Documentation improvements:
</P
+><P
+></P
+><UL
+><LI
+><P
+> Add FAQ entry for crashes caused by memory limits.
+ </P
></LI
><LI
><P
-> The latency is taken into account when evaluating whether or not to
- reuse a connection. This should significantly reduce the number of
- connections problems several users reported.
- </P
+> Remove obsolete FAQ entry about a bug in PHP 4.2.3.
+ </P
></LI
><LI
><P
-> The max-client-connections option has been added to restrict
- the number of client connections below a value enforced by
- the operating system.
- </P
+> Mention the new mailing lists were appropriate.
+ As the archives have not been migrated, continue to
+ mention the archives at SF in the contacting section
+ for now.
+ </P
></LI
><LI
><P
-> If the server doesn't specify how long the connection stays alive,
- Privoxy errs on the safe side of caution and assumes it's only a second.
- </P
+> Note that the templates should be adjusted if Privoxy is
+ running as intercepting proxy without getting all requests.
+ </P
></LI
><LI
><P
-> Setting keep-alive-timeout to 0 disables keep-alive support. Previously
- Privoxy would claim to allow persistence but not reuse the connection.
- </P
+> A bunch of links were converted to https://.
+ </P
></LI
><LI
><P
-> Pipelined requests are less likely to be mistaken for the request
- body of the previous request. Note that Privoxy still has no real
- pipeline support and will either serialize pipelined requests or
- drop them in which case the client has to resent them.
- </P
+> Rephrase onion service paragraph to make it more obvious
+ that Tor is involved and that the whole website (and not
+ just the homepage) is available as onion service.
+ </P
></LI
><LI
><P
-> Fixed a crash on some Windows versions when header randomization
- is enabled and the date couldn't be parsed.
- </P
+> Streamline the "More information" section on the homepage further
+ by additionally ditching the link to the 'See also' section
+ of the user manual. The section contains mostly links that are
+ directly reachable from the homepage already and the rest is
+ not significant enough to get a link from the homepage.
+ </P
></LI
><LI
><P
-> Privoxy's keep-alive timeout for the current connection is reduced
- to the one specified in the client's Keep-Alive header.
- </P
+> Change the add-header{} example to set the DNT header
+ and use a complete section to make copy and pasting
+ more convenient.
+ Add a comment to make it obvious that adding the
+ header is not recommended for obvious reasons.
+ Using the DNT header as example was suggested by
+ Leo Wzukw.
+ </P
></LI
><LI
><P
-> For HTTP/1.1 requests, Privoxy implies keep-alive support by not
- setting any Connection header instead of using 'Connection: keep-alive'.
- </P
+> Streamline the support-and-service template
+ Instead of linking to the various support trackers
+ (whose URLs hopefully change soon), link to the
+ contact section of the user manual to increase the
+ chances that users actually read it.
+ </P
></LI
><LI
><P
-> If the socket isn't reusable, Privoxy doesn't temporarily waste
- a socket slot to remember the connection.
- </P
+> Add a FAQ entry for tainted sockets.
+ </P
></LI
><LI
><P
-> If keep-alive support is disabled but compiled in, the client's
- Keep-Alive header is removed.
- </P
+> More sections in the documentation have stable URLs now.
+ </P
></LI
><LI
><P
-> Fixed a bug on mingw32 where downloading large files failed if
- keep-alive support was enabled.
- </P
+> FAQ: Explain why 'ping config.privoxy.org' is not expected
+ to reach a local Privoxy installation.
+ </P
></LI
><LI
><P
-> Fixed a bug that (at least theoretically) could cause log
- timestamps to be occasionally off by about a second.
- </P
+> Note that donations done through Zwiebelfreunde e.V. currently
+ can't be checked automatically.
+ </P
></LI
><LI
><P
-> The configure script respects the $PATH variable when searching
- for groups and id.
- </P
+> Updated section regarding starting Privoxy under OS X.
+ </P
></LI
><LI
><P
-> Compressed content with extra fields couldn't be decompressed
- and would get passed to the client unfiltered. This problem
- has only be detected through statical analysis with clang as
- nobody seems to be using extra fields anyway.
- </P
+> Use dedicated start instructions for FreeBSD and ElectroBSD.
+ </P
></LI
><LI
><P
-> If the server resets the Connection after sending only the headers
- Privoxy forwards what it got to the client. Previously Privoxy
- would deliver an error message instead.
- </P
+> Removed release instructions for AIX. They haven't been working
+ for years and unsurprisingly nobody seems to care.
+ </P
></LI
><LI
><P
-> Error messages in case of connection timeouts use the right
- HTTP status code.
- </P
+> Removed obsolete reference to the solaris-dist target.
+ </P
></LI
><LI
><P
-> If spawning a child to handle a request fails, the client
- gets an error message and Privoxy continues to listen for
- new requests right away.
- </P
+> Updated the release instructions for FreeBSD.
+ </P
></LI
><LI
><P
-> The error messages in case of server-connection timeouts or
- prematurely closed server connections are now template-based.
- </P
+> Removed unfinished release instructions for Amiga OS and HP-UX 11.
+ </P
></LI
><LI
><P
-> If zlib support isn't compiled in, Privoxy no longer tries to
- filter compressed content unless explicitly asked to do so.
- </P
+> Added a pointer to the Cygwin Time Machine for getting the last release of
+ Cygwin version 1.5 to use for building Privoxy on Windows.
+ </P
></LI
><LI
><P
-> In case of connections that are denied based on ACL directives,
- the memory used for the client IP is no longer leaked.
- </P
+> Various typos have been fixed.
+ </P
+></LI
+></UL
></LI
><LI
><P
-> Fixed another small memory leak if the client request times out
- while waiting for client headers other than the request line.
+> Infrastructure improvements:
</P
+><P
+></P
+><UL
+><LI
+><P
+> The website is no longer hosted at SourceForge and
+ can be reached through https now.
+ </P
></LI
><LI
><P
-> The client socket is kept open until the server socket has
- been marked as unused. This should increase the chances that
- the still-open connection will be reused for the client's next
- request to the same destination. Note that this only matters
- if connection-sharing is enabled.
- </P
+> The mailing lists at SourceForge have been deprecated,
+ you can subscribe to the new ones at: https://lists.privoxy.org/
+ </P
+></LI
+><LI
+><P
+> Migrating the remaining services from SourceForge is
+ work in progress (TODO list item #53).
+ </P
+></LI
+></UL
></LI
><LI
><P
-> A TODO list has been added to the source tarballs to give potential
- volunteers a better idea of what the current goals are. Donations
- are still welcome too: http://www.privoxy.org/faq/general.html#DONATE
+> Build system improvements:
</P
+><P
+></P
+><UL
+><LI
+><P
+> Add configure argument to optimistically redefine FD_SETSIZE
+ with the intent to change the maximum number of client
+ connections Privoxy can handle. Only works with some libcs.
+ Sponsored by Robert Klemme.
+ </P
+></LI
+><LI
+><P
+> Let the tarball-dist target skip files in ".git".
+ </P
+></LI
+><LI
+><P
+> Let the tarball-dist target work in cwds other than current.
+ </P
+></LI
+><LI
+><P
+> Make the 'clean' target faster when run from a git repository.
+ </P
+></LI
+><LI
+><P
+> Include tools in the generic distribution.
+ </P
+></LI
+><LI
+><P
+> Let the gen-dist target work in cwds other than current.
+ </P
+></LI
+><LI
+><P
+> Sort find output that is used for distribution tarballs
+ to get reproducible results.
+ </P
+></LI
+><LI
+><P
+> Don't add '-src' to the name of the tar ball generated by the
+ gen-dist target. The package isn't a source distribution but a
+ binary package.
+ While at it, use a variable for the name to reduce the chances
+ that the various references get out of sync and fix the gen-upload
+ target which was looking in the wrong directory.
+ </P
+></LI
+><LI
+><P
+> Add regression-tests.action to the files that are distributed.
+ </P
+></LI
+><LI
+><P
+> The gen-dist target which was broken since 2002 (r1.92) has been fixed.
+ </P
+></LI
+><LI
+><P
+> Remove genclspec.sh which has been obsolete since 2009.
+ </P
+></LI
+><LI
+><P
+> Remove obsolete reference to Redhat spec file.
+ </P
+></LI
+><LI
+><P
+> Remove the obsolete announce target which has been commented out years ago.
+ </P
+></LI
+><LI
+><P
+> Let rsync skip files if the checksums match.
+ </P
></LI
></UL
+></LI
+><LI
+><P
+> Privoxy-Regression-Test:
+ </P
+><P
></P
+><UL
+><LI
+><P
+> Add a "Default level offset" directive which can be used to
+ change the default level by a given value.
+ This directive affects all tests located after it until the end
+ of the file or a another "Default level offset" directive is reached.
+ The purpose of this directive is to make it more convenient to skip
+ similar tests in a given file without having to remove or disable
+ the tests completely.
+ </P
+></LI
+><LI
+><P
+> Let test level 17 depend on FEATURE_64_BIT_TIME_T
+ instead of FEATURE_PTHREAD which has no direct connection
+ to the time_t size.
+ </P
+></LI
+><LI
+><P
+> Fix indentation in perldoc examples.
+ </P
+></LI
+><LI
+><P
+> Don't overlook directives in the first line of the action file.
+ </P
+></LI
+><LI
+><P
+> Bump version to 0.7.
+ </P
+></LI
+><LI
+><P
+> Fix detection of the Privoxy version now that https://
+ is used for the website.
+ </P
+></LI
+></UL
+></LI
+></UL
><DIV
CLASS="SECT2"
><H2
>3.1. Note to Upgraders</A
></H2
><P
-> A quick list of things to be aware of before upgrading from earlier
+> A quick list of things to be aware of before upgrading from earlier
versions of <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
>:</P
><P
-> <P
></P
><UL
><LI
> The recommended way to upgrade <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> is to backup your old
+> is to backup your old
configuration files, install the new ones, verify that <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
></LI
><LI
><P
->
- Note that some installers remove earlier versions completely,
+> Note that some installers remove earlier versions completely,
including configuration files, therefore you should really save
any important configuration files!
</P
></LI
><LI
><P
->
- On the other hand, other installers don't overwrite existing configuration
+> On the other hand, other installers don't overwrite existing configuration
files, thinking you will want to do that yourself.
</P
></LI
><LI
><P
->
- <TT
-CLASS="FILENAME"
->standard.action</TT
-> has been merged into
- the <TT
-CLASS="FILENAME"
->default.action</TT
-> file.
- </P
-></LI
-><LI
-><P
> In the default configuration only fatal errors are logged now.
You can change that in the <A
HREF="config.html#DEBUG"
></LI
><LI
><P
-> Three other config file settings are now off by default:
+> Three other config file settings are now off by default:
<A
HREF="config.html#ENABLE-REMOTE-TOGGLE"
>enable-remote-toggle</A
and <A
HREF="config.html#ENABLE-EDIT-ACTIONS"
>enable-edit-actions</A
->.
+>.
If you use or want these, you will need to explicitly enable them, and
- be aware of the security issues involved.
+ be aware of the security issues involved.
</P
></LI
></UL
-></P
></DIV
></DIV
><DIV
></TABLE
></DIV
></BODY
-></HTML>
+></HTML
+>
\ No newline at end of file