930 lines
43 KiB
HTML
930 lines
43 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
|
|
"http://www.w3.org/TR/html4/loose.dtd">
|
|
|
|
<html>
|
|
<head>
|
|
<meta name="generator" content=
|
|
"HTML Tidy for Linux/x86 (vers 7 December 2008), see www.w3.org">
|
|
|
|
<title>Miscellaneous</title>
|
|
<meta name="GENERATOR" content=
|
|
"Modular DocBook HTML Stylesheet Version 1.79">
|
|
<link rel="HOME" title="Privoxy Frequently Asked Questions" href=
|
|
"index.html">
|
|
<link rel="PREVIOUS" title="Configuration" href="configuration.html">
|
|
<link rel="NEXT" title="Troubleshooting" href="trouble.html">
|
|
<link rel="STYLESHEET" type="text/css" href="../p_doc.css">
|
|
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
|
|
<style type="text/css">
|
|
body {
|
|
background-color: #EEEEEE;
|
|
color: #000000;
|
|
}
|
|
:link { color: #0000FF }
|
|
:visited { color: #840084 }
|
|
:active { color: #0000FF }
|
|
table.c3 {background-color: #E0E0E0}
|
|
span.c2 {font-style: italic}
|
|
hr.c1 {text-align: left}
|
|
</style>
|
|
</head>
|
|
|
|
<body class="SECT1">
|
|
<div class="NAVHEADER">
|
|
<table summary="Header navigation table" width="100%" border="0"
|
|
cellpadding="0" cellspacing="0">
|
|
<tr>
|
|
<th colspan="3" align="center">Privoxy Frequently Asked
|
|
Questions</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td width="10%" align="left" valign="bottom"><a href=
|
|
"configuration.html" accesskey="P">Prev</a></td>
|
|
|
|
<td width="80%" align="center" valign="bottom"></td>
|
|
|
|
<td width="10%" align="right" valign="bottom"><a href="trouble.html"
|
|
accesskey="N">Next</a></td>
|
|
</tr>
|
|
</table>
|
|
<hr class="c1" width="100%">
|
|
</div>
|
|
|
|
<div class="SECT1">
|
|
<h1 class="SECT1"><a name="MISC" id="MISC">4. Miscellaneous</a></h1>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="AEN738" id="AEN738">4.1. How much does
|
|
Privoxy slow my browsing down? This has to add extra time to
|
|
browsing.</a></h3>
|
|
|
|
<p>How much of an impact depends on many things, including the CPU of
|
|
the host system, how aggressive the configuration is, which specific
|
|
actions are being triggered, the size of the page, the bandwidth of the
|
|
connection, etc.</p>
|
|
|
|
<p>Overall, it should not slow you down any in real terms, and may
|
|
actually help speed things up since ads, banners and other junk are not
|
|
typically being retrieved and displayed. The actual processing time
|
|
required by <span class="APPLICATION">Privoxy</span> itself for each
|
|
page, is relatively small in the overall scheme of things, and happens
|
|
very quickly. This is typically more than offset by time saved not
|
|
downloading and rendering ad images and other junk content (if ad
|
|
blocking is being used).</p>
|
|
|
|
<p><span class="QUOTE">"Filtering"</span> content via the <tt class=
|
|
"LITERAL"><a href="../user-manual/actions-file.html#FILTER" target=
|
|
"_top">filter</a></tt> or <tt class="LITERAL"><a href=
|
|
"../user-manual/actions-file.html#DEANIMATE-GIFS" target=
|
|
"_top">deanimate-gifs</a></tt> actions may cause a perceived slowdown,
|
|
since the entire document needs to be buffered before displaying. And
|
|
on very large documents, filtering may have some measurable impact. How
|
|
much depends on the page size, the actual definition of the filter(s),
|
|
etc. See below. Most other actions have little to no impact on
|
|
speed.</p>
|
|
|
|
<p>Also, when filtering is enabled but zlib support isn't available,
|
|
compression is often disabled (see <a href=
|
|
"../user-manual/actions-file.html#PREVENT-COMPRESSION" target=
|
|
"_top">prevent-compression</a>). This can have an impact on speed as
|
|
well, although it's probably smaller than you might think. Again, the
|
|
page size, etc. will determine how much of an impact.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="LOADINGTIMES" id="LOADINGTIMES">4.2. I
|
|
notice considerable delays in page requests. What's wrong?</a></h3>
|
|
|
|
<p>If you use any <tt class="LITERAL"><a href=
|
|
"../user-manual/actions-file.html#FILTER" target="_top">filter</a></tt>
|
|
action, such as filtering banners by size, web-bugs etc, or the
|
|
<tt class="LITERAL"><a href=
|
|
"../user-manual/actions-file.html#DEANIMATE-GIFS" target=
|
|
"_top">deanimate-gifs</a></tt> action, the entire document must be
|
|
loaded into memory in order for the filtering mechanism to work, and
|
|
nothing is sent to the browser during this time.</p>
|
|
|
|
<p>The loading time typically does not really change much in real
|
|
numbers, but the feeling is different, because most browsers are able
|
|
to start rendering incomplete content, giving the user a feeling of "it
|
|
works". This effect is more noticeable on slower dialup connections.
|
|
Extremely large documents may have some impact on the time to load the
|
|
page where there is filtering being done. But overall, the difference
|
|
should be very minimal. If there is a big impact, then probably some
|
|
other situation is contributing (like anti-virus software).</p>
|
|
|
|
<p>Filtering is automatically disabled for inappropriate MIME types.
|
|
But note that if the web server mis-reports the MIME type, then content
|
|
that should not be filtered, could be. <span class=
|
|
"APPLICATION">Privoxy</span> only knows how to differentiate filterable
|
|
content because of the MIME type as reported by the server, or because
|
|
of some configuration setting that enables/disables filtering.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="CONFIGURL" id="CONFIGURL">4.3. What are
|
|
"http://config.privoxy.org/" and "http://p.p/"?</a></h3>
|
|
|
|
<p><a href="http://config.privoxy.org/" target=
|
|
"_top">http://config.privoxy.org/</a> is the address of <span class=
|
|
"APPLICATION">Privoxy</span>'s built-in user interface, and <a href=
|
|
"http://p.p/" target="_top">http://p.p/</a> is a shortcut for it.</p>
|
|
|
|
<p>Since <span class="APPLICATION">Privoxy</span> sits between your web
|
|
browser and the Internet, it can simply intercept requests for these
|
|
addresses and answer them with its built-in <span class="QUOTE">"web
|
|
server"</span>.</p>
|
|
|
|
<p>This also makes for a good test for your browser configuration: If
|
|
entering the URL <a href="http://config.privoxy.org/" target=
|
|
"_top">http://config.privoxy.org/</a> takes you to a page saying
|
|
<span class="QUOTE">"This is Privoxy ..."</span>, everything is OK. If
|
|
you get a page saying <span class="QUOTE">"Privoxy is not
|
|
working"</span> instead, then your browser didn't use <span class=
|
|
"APPLICATION">Privoxy</span> for the request, hence it could not be
|
|
intercepted, and you have accessed the <span class=
|
|
"emphasis EMPHASIS c2">real</span> web site at config.privoxy.org.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="NEWADS" id="NEWADS">4.4. How can I submit
|
|
new ads, or report problems?</a></h3>
|
|
|
|
<p>Please see the <a href="contact.html">Contact section</a> for
|
|
various ways to interact with the developers.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="NEWADS2" id="NEWADS2">4.5. If I do submit
|
|
missed ads, will they be included in future updates?</a></h3>
|
|
|
|
<p>Whether such submissions are eventually included in the <tt class=
|
|
"FILENAME">default.action</tt> configuration file depends on how
|
|
significant the issue is. We of course want to address any potential
|
|
problem with major, high-profile sites such as <i class=
|
|
"CITETITLE">Google</i>, <i class="CITETITLE">Yahoo</i>, etc. Any site
|
|
with global or regional reach, has a good chance of being a candidate.
|
|
But at the other end of the spectrum are any number of smaller,
|
|
low-profile sites such as for local clubs or schools. Since their reach
|
|
and impact are much less, they are best handled by inclusion in the
|
|
user's <tt class="FILENAME">user.action</tt>, and thus would be
|
|
unlikely to be included.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="NOONECARES" id="NOONECARES">4.6. Why doesn't
|
|
anyone answer my support request?</a></h3>
|
|
|
|
<p>Rest assured that it has been read and considered. Why it is not
|
|
answered, could be for various reasons, including no one has a good
|
|
answer for it, no one has had time to yet investigate it thoroughly, it
|
|
has been reported numerous times already, or because not enough
|
|
information was provided to help us help you. Your efforts are not
|
|
wasted, and we do appreciate them.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="IP" id="IP">4.7. How can I hide my IP
|
|
address?</a></h3>
|
|
|
|
<p>If you run both the browser and <span class=
|
|
"APPLICATION">Privoxy</span> locally, you cannot hide your IP address
|
|
with <span class="APPLICATION">Privoxy</span> or ultimately any other
|
|
software alone. The server needs to know your IP address so that it
|
|
knows where to send the responses back.</p>
|
|
|
|
<p>There are many publicly usable "anonymous" proxies out there, which
|
|
provide a further level of indirection between you and the web
|
|
server.</p>
|
|
|
|
<p>However, these proxies are called "anonymous" because you don't need
|
|
to authenticate, not because they would offer any real anonymity. Most
|
|
of them will log your IP address and make it available to the
|
|
authorities in case you violate the law of the country they run in. In
|
|
fact you can't even rule out that some of them only exist to *collect*
|
|
information on (those suspicious) people with a more than average
|
|
preference for privacy.</p>
|
|
|
|
<p>If you want to hide your IP address from most adversaries, you
|
|
should consider chaining <span class="APPLICATION">Privoxy</span> with
|
|
<a href="https://www.torproject.org/" target="_top">Tor</a>. The
|
|
configuration details can be found in <a href="#TOR" target="_top">How
|
|
do I use <span class="APPLICATION">Privoxy</span> together with
|
|
<span class="APPLICATION">Tor</span> section</a> just below.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="AEN803" id="AEN803">4.8. Can Privoxy
|
|
guarantee I am anonymous?</a></h3>
|
|
|
|
<p>No. Your chances of remaining anonymous are improved, but unless you
|
|
<a href="#TOR" target="_top">chain <span class=
|
|
"APPLICATION">Privoxy</span> with <span class=
|
|
"APPLICATION">Tor</span></a> or a similar proxy and know what you're
|
|
doing when it comes to configuring the rest of your system, you should
|
|
assume that everything you do on the Web can be traced back to you.</p>
|
|
|
|
<p><span class="APPLICATION">Privoxy</span> can remove various
|
|
information about you, and allows <span class=
|
|
"emphasis EMPHASIS c2">you</span> more freedom to decide which sites
|
|
you can trust, and what details you want to reveal. But it neither
|
|
hides your IP address, nor can it guarantee that the rest of the system
|
|
behaves correctly. There are several possibilities how a web sites can
|
|
find out who you are, even if you are using a strict <span class=
|
|
"APPLICATION">Privoxy</span> configuration and chained it with
|
|
<span class="APPLICATION">Tor</span>.</p>
|
|
|
|
<p>Most of <span class="APPLICATION">Privoxy's</span> privacy-enhancing
|
|
features can be easily subverted by an insecure browser configuration,
|
|
therefore you should use a browser that can be configured to only
|
|
execute code from trusted sites, and be careful which sites you trust.
|
|
For example there is no point in having <span class=
|
|
"APPLICATION">Privoxy</span> modify the User-Agent header, if websites
|
|
can get all the information they want through JavaScript, ActiveX,
|
|
Flash, Java etc.</p>
|
|
|
|
<p>A few browsers disclose the user's email address in certain
|
|
situations, such as when transferring a file by FTP. <span class=
|
|
"APPLICATION">Privoxy</span> does not filter FTP. If you need this
|
|
feature, or are concerned about the mail handler of your browser
|
|
disclosing your email address, you might consider products such as
|
|
<span class="APPLICATION">NSClean</span>.</p>
|
|
|
|
<p>Browsers available only as binaries could use non-standard headers
|
|
to give out any information they can have access to: see the
|
|
manufacturer's license agreement. It's impossible to anticipate and
|
|
prevent every breach of privacy that might occur. The professionally
|
|
paranoid prefer browsers available as source code, because anticipating
|
|
their behavior is easier. Trust the source, Luke!</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="AEN821" id="AEN821">4.9. A test site says I
|
|
am not using a Proxy.</a></h3>
|
|
|
|
<p>Good! Actually, they are probably testing for some other kinds of
|
|
proxies. Hiding yourself completely would require additional steps.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="TOR" id="TOR">4.10. How do I use Privoxy
|
|
together with Tor?</a></h3>
|
|
|
|
<p>Before you configure <span class="APPLICATION">Privoxy</span> to use
|
|
<a href="https://www.torproject.org/" target="_top">Tor</a>, please
|
|
follow the <i class="CITETITLE">User Manual</i> chapters <a href=
|
|
"../user-manual/installation.html" target="_top">2. Installation</a>
|
|
and <a href="../user-manual/startup.html" target="_top">5. Startup</a>
|
|
to make sure <span class="APPLICATION">Privoxy</span> itself is setup
|
|
correctly.</p>
|
|
|
|
<p>If it is, refer to <a href=
|
|
"https://www.torproject.org/documentation.html" target="_top">Tor's
|
|
extensive documentation</a> to learn how to install <span class=
|
|
"APPLICATION">Tor</span>, and make sure <span class=
|
|
"APPLICATION">Tor</span>'s logfile says that <span class="QUOTE">"Tor
|
|
has successfully opened a circuit"</span> and it <span class=
|
|
"QUOTE">"looks like client functionality is working"</span>.</p>
|
|
|
|
<p>If either <span class="APPLICATION">Tor</span> or <span class=
|
|
"APPLICATION">Privoxy</span> isn't working, their combination most
|
|
likely will neither. Testing them on their own will also help you to
|
|
direct problem reports to the right audience. If <span class=
|
|
"APPLICATION">Privoxy</span> isn't working, don't bother the
|
|
<span class="APPLICATION">Tor</span> developers. If <span class=
|
|
"APPLICATION">Tor</span> isn't working, don't send bug reports to the
|
|
<span class="APPLICATION">Privoxy</span> Team.</p>
|
|
|
|
<p>If you verified that <span class="APPLICATION">Privoxy</span> and
|
|
<span class="APPLICATION">Tor</span> are working, it is time to connect
|
|
them. As far as <span class="APPLICATION">Privoxy</span> is concerned,
|
|
<span class="APPLICATION">Tor</span> is just another proxy that can be
|
|
reached by socks4, socks4a and socks5. Most likely you are interested
|
|
in <span class="APPLICATION">Tor</span> to increase your anonymity
|
|
level, therefore you should use socks5, to make sure DNS requests are
|
|
done through <span class="APPLICATION">Tor</span> and thus invisible to
|
|
your local network. Using socks4a would work too, but with socks5 you
|
|
get more precise error messages.</p>
|
|
|
|
<p>Since <span class="APPLICATION">Privoxy</span> 3.0.5, its <a href=
|
|
"../user-manual/config.html" target="_top">main configuration file</a>
|
|
is already prepared for <span class="APPLICATION">Tor</span>, if you
|
|
are using a default <span class="APPLICATION">Tor</span> configuration
|
|
and run it on the same system as <span class=
|
|
"APPLICATION">Privoxy</span>, you just have to edit the <a href=
|
|
"../user-manual/config.html#FORWARDING" target="_top">forwarding
|
|
section</a> and uncomment the line:</p>
|
|
|
|
<table class="c3" border="0" width="100%">
|
|
<tr>
|
|
<td>
|
|
<pre class="SCREEN">
|
|
# forward-socks5 / 127.0.0.1:9050 .
|
|
|
|
</pre>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<p>This is enough to reach the Internet, but additionally you might
|
|
want to uncomment the following forward rules, to make sure your local
|
|
network is still reachable through Privoxy:</p>
|
|
|
|
<table class="c3" border="0" width="100%">
|
|
<tr>
|
|
<td>
|
|
<pre class="SCREEN">
|
|
# forward 192.168.*.*/ .
|
|
# forward 10.*.*.*/ .
|
|
# forward 127.*.*.*/ .
|
|
|
|
</pre>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<p>Unencrypted connections to systems in these address ranges will be
|
|
as (un)secure as the local network is, but the alternative is that your
|
|
browser can't reach the network at all. Then again, that may actually
|
|
be desired and if you don't know for sure that your browser has to be
|
|
able to reach the local network, there's no reason to allow it.</p>
|
|
|
|
<p>If you want your browser to be able to reach servers in your local
|
|
network by using their names, you will need additional exceptions that
|
|
look like this:</p>
|
|
|
|
<table class="c3" border="0" width="100%">
|
|
<tr>
|
|
<td>
|
|
<pre class="SCREEN">
|
|
# forward localhost/ .
|
|
|
|
</pre>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<p>Save the modified configuration file and open <a href=
|
|
"http://config.privoxy.org/show-status" target=
|
|
"_top">http://config.privoxy.org/show-status/</a> in your browser,
|
|
confirm that <span class="APPLICATION">Privoxy</span> has reloaded its
|
|
configuration and that there are no other forward lines, unless you
|
|
know that you need them. If everything looks good, refer to <a href=
|
|
"https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#IsMyConnectionPrivate"
|
|
target="_top">Tor Faq 4.2</a> to learn how to verify that you are
|
|
really using <span class="APPLICATION">Tor</span>.</p>
|
|
|
|
<p>Afterward, please take the time to at least skim through the rest of
|
|
<span class="APPLICATION">Tor's</span> documentation. Make sure you
|
|
understand what <span class="APPLICATION">Tor</span> does, why it is no
|
|
replacement for application level security, and why you probably don't
|
|
want to use it for unencrypted logins.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="AEN877" id="AEN877">4.11. Might some things
|
|
break because header information or content is being altered?</a></h3>
|
|
|
|
<p>Definitely. It is common for sites to use browser type, browser
|
|
version, HTTP header content, and various other techniques in order to
|
|
dynamically decide what to display and how to display it. What you see,
|
|
and what I see, might be very different. There are many, many ways that
|
|
this can be handled, so having hard and fast rules, is tricky.</p>
|
|
|
|
<p>The <span class="QUOTE">"User-Agent"</span> is sometimes used in
|
|
this way to identify the browser, and adjust content accordingly.</p>
|
|
|
|
<p>Also, different browsers use different encodings of non-English
|
|
characters, certain web servers convert pages on-the-fly according to
|
|
the User Agent header. Giving a <span class="QUOTE">"User Agent"</span>
|
|
with the wrong operating system or browser manufacturer causes some
|
|
sites in these languages to be garbled; Surfers to Eastern European
|
|
sites should change it to something closer. And then some page access
|
|
counters work by looking at the <span class="QUOTE">"Referer"</span>
|
|
header; they may fail or break if unavailable. The weather maps of
|
|
Intellicast have been blocked by their server when no <span class=
|
|
"QUOTE">"Referer"</span> or cookie is provided, is another example.
|
|
(But you can forge both headers without giving information away). There
|
|
are many other ways things can go wrong when trying to fool a web
|
|
server. The results of which could inadvertently cause pages to load
|
|
incorrectly, partially, or even not at all. And there may be no obvious
|
|
clues as to just what went wrong, or why. Nowhere will there be a
|
|
message that says <span class="QUOTE">"<span class=
|
|
"emphasis EMPHASIS c2">Turn off <tt class="LITERAL">fast-redirects</tt>
|
|
or else!</span> "</span></p>
|
|
|
|
<p>Similar thoughts apply to modifying JavaScript, and, to a lesser
|
|
degree, HTML elements.</p>
|
|
|
|
<p>If you have problems with a site, you will have to adjust your
|
|
configuration accordingly. Cookies are probably the most likely
|
|
adjustment that may be required, but by no means the only one.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="AEN891" id="AEN891">4.12. Can Privoxy act as
|
|
a <span class="QUOTE">"caching"</span> proxy to speed up web
|
|
browsing?</a></h3>
|
|
|
|
<p>No, it does not have this ability at all. You want something like
|
|
<a href="http://www.squid-cache.org/" target="_top">Squid</a> or
|
|
<a href="http://www.pps.jussieu.fr/~jch/software/polipo/" target=
|
|
"_top">Polipo</a> for this. And, yes, before you ask, <span class=
|
|
"APPLICATION">Privoxy</span> can co-exist with other kinds of proxies
|
|
like <span class="APPLICATION">Squid</span>. See the <a href=
|
|
"../user-manual/config.html#FORWARDING" target="_top">forwarding
|
|
chapter</a> in the <a href="../user-manual/index.html" target=
|
|
"_top">user manual</a> for details.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="AEN901" id="AEN901">4.13. What about as a
|
|
firewall? Can Privoxy protect me?</a></h3>
|
|
|
|
<p>Not in the way you mean, or in the way some firewall vendors claim
|
|
they can. <span class="APPLICATION">Privoxy</span> can help protect
|
|
your privacy, but can't protect your system from intrusion attempts. It
|
|
is, of course, perfectly possible to use <span class=
|
|
"emphasis EMPHASIS c2">both</span>.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="AEN906" id="AEN906">4.14. I have large empty
|
|
spaces / a checkerboard pattern now where ads used to be. Why?</a></h3>
|
|
|
|
<p>It is technically possible to eliminate banners and ads in a way
|
|
that frees their allocated page space. This could easily be done by
|
|
blocking with <span class="APPLICATION">Privoxy's</span> filters, and
|
|
eliminating the <span class="emphasis EMPHASIS c2">entire</span> image
|
|
references from the HTML page source.</p>
|
|
|
|
<p>But, this would consume considerably more CPU resources (IOW, slow
|
|
things down), would likely destroy the layout of some web pages which
|
|
rely on the banners utilizing a certain amount of page space, and might
|
|
fail in other cases, where the screen space is reserved (e.g. by HTML
|
|
tables for instance). Also, making ads and banners disappear without
|
|
any trace complicates troubleshooting, and would sooner or later be
|
|
problematic.</p>
|
|
|
|
<p>The better alternative is to instead let them stay, and block the
|
|
resulting requests for the banners themselves as is now the case. This
|
|
leaves either empty space, or the familiar checkerboard pattern.</p>
|
|
|
|
<p>So the developers won't support this in the default configuration,
|
|
but you can of course define appropriate filters yourself to achieve
|
|
this.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="AEN914" id="AEN914">4.15. How can Privoxy
|
|
filter Secure (HTTPS) URLs?</a></h3>
|
|
|
|
<p>Since secure HTTP connections are encrypted SSL sessions between
|
|
your browser and the secure site, and are meant to be reliably
|
|
<span class="emphasis EMPHASIS c2">secure</span>, there is little that
|
|
<span class="APPLICATION">Privoxy</span> can do but hand the raw
|
|
gibberish data though from one end to the other unprocessed.</p>
|
|
|
|
<p>The only exception to this is blocking by host patterns, as the
|
|
client needs to tell <span class="APPLICATION">Privoxy</span> the name
|
|
of the remote server, so that <span class="APPLICATION">Privoxy</span>
|
|
can establish the connection. If that name matches a host-only pattern,
|
|
the connection will be blocked.</p>
|
|
|
|
<p>As far as ad blocking is concerned, this is less of a restriction
|
|
than it may seem, since ad sources are often identifiable by the host
|
|
name, and often the banners to be placed in an encrypted page come
|
|
unencrypted nonetheless for efficiency reasons, which exposes them to
|
|
the full power of <span class="APPLICATION">Privoxy</span>'s ad
|
|
blocking.</p>
|
|
|
|
<p><span class="QUOTE">"Content cookies"</span> (those that are
|
|
embedded in the actual HTML or JS page content, see <tt class=
|
|
"LITERAL"><a href=
|
|
"../user-manual/actions-file.html#FILTER-CONTENT-COOKIES" target=
|
|
"_top">filter{content-cookies}</a></tt>), in an SSL transaction will be
|
|
impossible to block under these conditions. Fortunately, this does not
|
|
seem to be a very common scenario since most cookies come by
|
|
traditional means.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="AEN928" id="AEN928">4.16. Privoxy runs as a
|
|
<span class="QUOTE">"server"</span>. How secure is it? Do I need to
|
|
take any special precautions?</a></h3>
|
|
|
|
<p>On Unix-like systems, <span class="APPLICATION">Privoxy</span> can
|
|
run as a non-privileged user, which is how we recommend it be run.
|
|
Also, by default <span class="APPLICATION">Privoxy</span> listens to
|
|
requests from <span class="QUOTE">"localhost"</span> only.</p>
|
|
|
|
<p>The server aspect of <span class="APPLICATION">Privoxy</span> is not
|
|
itself directly exposed to the Internet in this configuration. If you
|
|
want to have <span class="APPLICATION">Privoxy</span> serve as a LAN
|
|
proxy, this will have to be opened up to allow for LAN requests. In
|
|
this case, we'd recommend you specify only the LAN gateway address,
|
|
e.g. 192.168.1.1, in the main <span class="APPLICATION">Privoxy</span>
|
|
configuration file and check all <a href=
|
|
"../user-manual/config.html#ACCESS-CONTROL" target="_top">access
|
|
control and security options</a>. All LAN hosts can then use this as
|
|
their proxy address in the browser proxy configuration, but
|
|
<span class="APPLICATION">Privoxy</span> will not listen on any
|
|
external interfaces. ACLs can be defined in addition, and using a
|
|
firewall is always good too. Better safe than sorry.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="TURNOFF" id="TURNOFF">4.17. Can I
|
|
temporarily disable Privoxy?</a></h3>
|
|
|
|
<p><span class="APPLICATION">Privoxy</span> doesn't have a transparent
|
|
proxy mode, but you can toggle off blocking and content filtering.</p>
|
|
|
|
<p>The easiest way to do that is to point your browser to the remote
|
|
toggle URL: <a href="http://config.privoxy.org/toggle" target=
|
|
"_top">http://config.privoxy.org/toggle</a>.</p>
|
|
|
|
<p>See the <a href="../user-manual/appendix.html#BOOKMARKLETS" target=
|
|
"_top">Bookmarklets section</a> of the <i class="CITETITLE">User
|
|
Manual</i> for an easy way to access this feature. Note that this is a
|
|
feature that may need to be enabled in the main <tt class=
|
|
"FILENAME">config</tt> file.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="REALLYOFF" id="REALLYOFF">4.18. When
|
|
<span class="QUOTE">"disabled"</span> is Privoxy totally out of the
|
|
picture?</a></h3>
|
|
|
|
<p>No, this just means all optional filtering and actions are disabled.
|
|
<span class="APPLICATION">Privoxy</span> is still acting as a proxy,
|
|
but just doing less of the things that <span class=
|
|
"APPLICATION">Privoxy</span> would normally be expected to do. It is
|
|
still a <span class="QUOTE">"middle-man"</span> in the interaction
|
|
between your browser and web sites. See below to bypass the proxy.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="TURNOFF2" id="TURNOFF2">4.19. How can I tell
|
|
Privoxy to totally ignore certain sites?</a></h3>
|
|
|
|
<p>Bypassing a proxy, or proxying based on arbitrary criteria, is
|
|
purely a browser configuration issue, not a <span class=
|
|
"APPLICATION">Privoxy</span> issue. Modern browsers typically do have
|
|
settings for not proxying certain sites. Check your browser's help
|
|
files.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="CRUNCH" id="CRUNCH">4.20. My logs show
|
|
Privoxy <span class="QUOTE">"crunches"</span> ads, but also its own
|
|
internal CGI pages. What is a <span class=
|
|
"QUOTE">"crunch"</span>?</a></h3>
|
|
|
|
<p>A <span class="QUOTE">"crunch"</span> simply means <span class=
|
|
"APPLICATION">Privoxy</span> intercepted <span class=
|
|
"emphasis EMPHASIS c2">something</span>, nothing more. Often this is
|
|
indeed ads or banners, but <span class="APPLICATION">Privoxy</span>
|
|
uses the same mechanism for trapping requests for its own internal
|
|
pages. For instance, a request for <span class=
|
|
"APPLICATION">Privoxy's</span> configuration page at: <a href=
|
|
"http://config.privoxy.org" target=
|
|
"_top">http://config.privoxy.org</a>, is intercepted (i.e. it does not
|
|
go out to the 'net), and the familiar CGI configuration is returned to
|
|
the browser, and the log consequently will show a <span class=
|
|
"QUOTE">"crunch"</span>.</p>
|
|
|
|
<p>Since version 3.0.7, Privoxy will also log the crunch reason. If you
|
|
are using an older version you might want to upgrade.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="DOWNLOADS" id="DOWNLOADS">4.21. Can Privoxy
|
|
effect files that I download from a webserver? FTP server?</a></h3>
|
|
|
|
<p>From the webserver's perspective, there is no difference between
|
|
viewing a document (i.e. a page), and downloading a file. The same is
|
|
true of <span class="APPLICATION">Privoxy</span>. If there is a match
|
|
for a <tt class="LITERAL"><a href=
|
|
"../user-manual/actions-file.html#BLOCK" target="_top">block</a></tt>
|
|
pattern, it will still be blocked, and of course this is obvious.</p>
|
|
|
|
<p>Filtering is potentially more of a concern since the results are not
|
|
always so obvious, and the effects of filtering are there whether the
|
|
file is simply viewed, or downloaded. And potentially whether the
|
|
content is some obnoxious advertisement, or Mr. Jimmy's latest/greatest
|
|
source code jewel. Of course, one of these presumably is <span class=
|
|
"QUOTE">"bad"</span> content that we don't want, and the other is
|
|
<span class="QUOTE">"good"</span> content that we do want. <span class=
|
|
"APPLICATION">Privoxy</span> is blind to the differences, and can only
|
|
distinguish <span class="QUOTE">"good from bad"</span> by the
|
|
configuration parameters <span class="emphasis EMPHASIS c2">we</span>
|
|
give it.</p>
|
|
|
|
<p><span class="APPLICATION">Privoxy</span> knows the differences in
|
|
files according to the <span class="QUOTE">"Content Type"</span> as
|
|
reported by the webserver. If this is reported accurately (e.g.
|
|
<span class="QUOTE">"application/zip"</span> for a zip archive), then
|
|
<span class="APPLICATION">Privoxy</span> knows to ignore these where
|
|
appropriate. <span class="APPLICATION">Privoxy</span> potentially can
|
|
filter HTML as well as plain text documents, subject to configuration
|
|
parameters of course. Also, documents that are of an unknown type
|
|
(generally assumed to be <span class="QUOTE">"text/plain"</span>) can
|
|
be filtered, as will those that might be incorrectly reported by the
|
|
webserver. If such a file is a downloaded file that is intended to be
|
|
saved to disk, then any content that might have been altered by
|
|
filtering, will be saved too, for these (probably rare) cases.</p>
|
|
|
|
<p>Note that versions later than 3.0.2 do NOT filter document types
|
|
reported as <span class="QUOTE">"text/plain"</span>. Prior to this,
|
|
<span class="APPLICATION">Privoxy</span> did filter this document
|
|
type.</p>
|
|
|
|
<p>In short, filtering is <span class="QUOTE">"ON"</span> if a) the
|
|
content type as reported by the webserver is appropriate <span class=
|
|
"emphasis EMPHASIS c2">and</span> b) the configuration allows it (or at
|
|
least does not disallow it). That's it. There is no magic cookie
|
|
anywhere to say this is <span class="QUOTE">"good"</span> and this is
|
|
<span class="QUOTE">"bad"</span>. It's the configuration that lets it
|
|
all happen or not.</p>
|
|
|
|
<p>If you download text files, you probably do not want these to be
|
|
filtered, particularly if the content is source code, or other critical
|
|
content. Source code sometimes might be mistaken for Javascript (i.e.
|
|
the kind that might open a pop-up window). It is recommended to turn
|
|
off filtering for download sites (particularly if the content may be
|
|
plain text files and you are using version 3.0.2 or earlier) in your
|
|
<tt class="FILENAME">user.action</tt> file. And also, for any site or
|
|
page where making <span class="emphasis EMPHASIS c2">any</span> changes
|
|
at all to the content is to be avoided.</p>
|
|
|
|
<p><span class="APPLICATION">Privoxy</span> does not do FTP at all,
|
|
only HTTP and HTTPS (SSL) protocols.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="DOWNLOADS2" id="DOWNLOADS2">4.22. I just
|
|
downloaded a Perl script, and Privoxy altered it! Yikes, what is
|
|
wrong!</a></h3>
|
|
|
|
<p>Please read above.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="HOSTSFILE" id="HOSTSFILE">4.23. Should I
|
|
continue to use a <span class="QUOTE">"HOSTS"</span> file for
|
|
ad-blocking?</a></h3>
|
|
|
|
<p>One time-tested technique to defeat common ads is to trick the local
|
|
DNS system by giving a phony IP address for the ad generator in the
|
|
local <tt class="FILENAME">HOSTS</tt> file, typically using <tt class=
|
|
"LITERAL">127.0.0.1</tt>, aka <tt class="LITERAL">localhost</tt>. This
|
|
effectively blocks the ad.</p>
|
|
|
|
<p>There is no reason to use this technique in conjunction with
|
|
<span class="APPLICATION">Privoxy</span>. <span class=
|
|
"APPLICATION">Privoxy</span> does essentially the same thing, much more
|
|
elegantly and with much more flexibility. A large <tt class=
|
|
"FILENAME">HOSTS</tt> file, in fact, not only duplicates effort, but
|
|
may get in the way and seriously slow down your system. It is
|
|
recommended to remove such entries from your <tt class=
|
|
"FILENAME">HOSTS</tt> file. If you think your hosts list is neglected
|
|
by <span class="APPLICATION">Privoxy's</span> configuration, consider
|
|
adding your list to your <tt class="FILENAME">user.action</tt>
|
|
file:</p>
|
|
|
|
<table class="c3" border="0" width="100%">
|
|
<tr>
|
|
<td>
|
|
<pre class="SCREEN">
|
|
{ +block }
|
|
www.ad.example1.com
|
|
ad.example2.com
|
|
ads.galore.example.com
|
|
etc.example.com
|
|
</pre>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="SEEALSO" id="SEEALSO">4.24. Where can I find
|
|
more information about Privoxy and related issues?</a></h3>
|
|
|
|
<p>Other references and sites of interest to <span class=
|
|
"APPLICATION">Privoxy</span> users:</p>
|
|
|
|
<table border="0">
|
|
<tbody>
|
|
<tr>
|
|
<td><a href="http://www.privoxy.org/" target=
|
|
"_top">http://www.privoxy.org/</a>, the <span class=
|
|
"APPLICATION">Privoxy</span> Home page.</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
|
|
<table border="0">
|
|
<tbody>
|
|
<tr>
|
|
<td><a href="http://www.privoxy.org/faq/" target=
|
|
"_top">http://www.privoxy.org/faq/</a>, the <span class=
|
|
"APPLICATION">Privoxy</span> FAQ.</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
|
|
<table border="0">
|
|
<tbody>
|
|
<tr>
|
|
<td><a href="http://www.privoxy.org/developer-manual/" target=
|
|
"_top">http://www.privoxy.org/developer-manual/</a>, the
|
|
<span class="APPLICATION">Privoxy</span> developer manual.</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
|
|
<table border="0">
|
|
<tbody>
|
|
<tr>
|
|
<td><a href="https://sourceforge.net/projects/ijbswa/" target=
|
|
"_top">https://sourceforge.net/projects/ijbswa/</a>, the Project
|
|
Page for <span class="APPLICATION">Privoxy</span> on <a href=
|
|
"http://sourceforge.net" target="_top">SourceForge</a>.</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
|
|
<table border="0">
|
|
<tbody>
|
|
<tr>
|
|
<td><a href="http://config.privoxy.org/" target=
|
|
"_top">http://config.privoxy.org/</a>, the web-based user
|
|
interface. <span class="APPLICATION">Privoxy</span> must be
|
|
running for this to work. Shortcut: <a href="http://p.p/" target=
|
|
"_top">http://p.p/</a></td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
|
|
<table border="0">
|
|
<tbody>
|
|
<tr>
|
|
<td><a href=
|
|
"https://sourceforge.net/tracker/?group_id=11118&atid=460288"
|
|
target=
|
|
"_top">https://sourceforge.net/tracker/?group_id=11118&atid=460288</a>,
|
|
to submit <span class="QUOTE">"misses"</span> and other
|
|
configuration related suggestions to the developers.</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
|
|
<table border="0">
|
|
<tbody>
|
|
<tr>
|
|
<td><a href="http://www.junkbusters.com/ht/en/cookies.html"
|
|
target="_top">http://www.junkbusters.com/ht/en/cookies.html</a>,
|
|
an explanation how cookies are used to track web users.</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
|
|
<table border="0">
|
|
<tbody>
|
|
<tr>
|
|
<td><a href="http://www.junkbusters.com/ijb.html" target=
|
|
"_top">http://www.junkbusters.com/ijb.html</a>, the original
|
|
Internet Junkbuster.</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
|
|
<table border="0">
|
|
<tbody>
|
|
<tr>
|
|
<td><a href="http://www.squid-cache.org/" target=
|
|
"_top">http://www.squid-cache.org/</a>, a popular caching proxy,
|
|
which is often used together with <span class=
|
|
"APPLICATION">Privoxy</span>.</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
|
|
<table border="0">
|
|
<tbody>
|
|
<tr>
|
|
<td><a href="http://www.pps.jussieu.fr/~jch/software/polipo/"
|
|
target=
|
|
"_top">http://www.pps.jussieu.fr/~jch/software/polipo/</a>,
|
|
<span class="APPLICATION">Polipo</span> is a caching proxy with
|
|
advanced features like pipelining, multiplexing and caching of
|
|
partial instances. In many setups it can be used as <span class=
|
|
"APPLICATION">Squid</span> replacement.</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
|
|
<table border="0">
|
|
<tbody>
|
|
<tr>
|
|
<td><a href="https://www.torproject.org/" target=
|
|
"_top">https://www.torproject.org/</a>, <span class=
|
|
"APPLICATION">Tor</span> can help anonymize web browsing, web
|
|
publishing, instant messaging, IRC, SSH, and other
|
|
applications.</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="MICROSUCK" id="MICROSUCK">4.25. I've noticed
|
|
that Privoxy changes <span class="QUOTE">"Microsoft"</span> to
|
|
<span class="QUOTE">"MicroSuck"</span>! Why are you manipulating my
|
|
browsing?</a></h3>
|
|
|
|
<p>We're not. The text substitutions that you are seeing are disabled
|
|
in the default configuration as shipped. You have either manually
|
|
activated the <span class="QUOTE">"<tt class="LITERAL">fun</tt>"</span>
|
|
filter which is clearly labeled <span class="QUOTE">"Text replacements
|
|
for subversive browsing fun!"</span> or you are using an older Privoxy
|
|
version and have implicitly activated it by choosing the <span class=
|
|
"QUOTE">"Advanced"</span> profile in the web-based editor. Please
|
|
upgrade.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="VALID" id="VALID">4.26. Does Privoxy produce
|
|
<span class="QUOTE">"valid"</span> HTML (or XHTML)?</a></h3>
|
|
|
|
<p>Privoxy generates HTML in both its own <span class=
|
|
"QUOTE">"templates"</span>, and possibly whenever there are text
|
|
substitutions via a <span class="APPLICATION">Privoxy</span> filter.
|
|
While this should always conform to the HTML 4.01 specifications, it
|
|
has not been validated against this or any other standard.</p>
|
|
</div>
|
|
|
|
<div class="SECT2">
|
|
<h3 class="SECT2"><a name="SURPRISE-PRIVOXY" id=
|
|
"SURPRISE-PRIVOXY">4.27. How did you manage to get Privoxy on my
|
|
computer without my consent?</a></h3>
|
|
|
|
<p>We didn't. We make Privoxy available for download, but we don't go
|
|
around installing it on other people's systems behind their back. If
|
|
you discover Privoxy running on your system and are sure you didn't
|
|
install it yourself, somebody else did. You may not even be running the
|
|
real Privoxy, but maybe something else that only pretends to be
|
|
Privoxy, or maybe something that is based on the real Privoxy, but has
|
|
been modified.</p>
|
|
|
|
<p>Lately there have been reports of problems with some kind of Privoxy
|
|
versions that come preinstalled on some Netbooks. Some of the problems
|
|
described are inconsistent with the behaviour of official Privoxy
|
|
versions, which suggests that the preinstalled software may contain
|
|
vendor modifications that we don't know about and thus can't debug.</p>
|
|
|
|
<p>Privoxy's <a href="copyright.html">license</a> allows vendor
|
|
modifications, but the vendor has to comply with the license, which
|
|
involves informing the user about the changes and to make the changes
|
|
available under the same license as Privoxy itself.</p>
|
|
|
|
<p>If you are having trouble with a modified Privoxy version, please
|
|
try to talk to whoever made the modifications before reporting the
|
|
problem to us. Please also try to convince whoever made the
|
|
modifications to talk to us. If you think somebody gave you a modified
|
|
Privoxy version without complying to the license, please let us
|
|
know.</p>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="NAVFOOTER">
|
|
<hr class="c1" width="100%">
|
|
|
|
<table summary="Footer navigation table" width="100%" border="0"
|
|
cellpadding="0" cellspacing="0">
|
|
<tr>
|
|
<td width="33%" align="left" valign="top"><a href=
|
|
"configuration.html" accesskey="P">Prev</a></td>
|
|
|
|
<td width="34%" align="center" valign="top"><a href="index.html"
|
|
accesskey="H">Home</a></td>
|
|
|
|
<td width="33%" align="right" valign="top"><a href="trouble.html"
|
|
accesskey="N">Next</a></td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td width="33%" align="left" valign="top">Configuration</td>
|
|
|
|
<td width="34%" align="center" valign="top"> </td>
|
|
|
|
<td width="33%" align="right" valign="top">Troubleshooting</td>
|
|
</tr>
|
|
</table>
|
|
</div>
|
|
</body>
|
|
</html>
|