[Privoxy-users] Cookies from https sites

Lee ler762 at gmail.com
Mon Apr 29 22:09:30 UTC 2019


On 4/29/19, Az <azimuth99 at danwin1210.me> wrote:
> On Sunday 28 April 2019 11:57,
> Ian Silvester <iansilvester at fastmail.fm> put forth the proposition:
>> Yes, a script sounds feasible - perhaps something that runs on schedule,
>> parsing the cookie file based on a (set of) regex, so as to retain only
>> cookies that you want to whitelist?
>
> I've just started to look at this, and not knowing that much about
> cookies I read the php.net page on setting them and then read up on
> how crunch-incoming-cookies works.
>
> I learned that they are set in the header "Set-Cookie:", and I'm
> guessing that in an https header they aren't seen.
>
> Is there a list of which headers privoxy can see in an https session,
> and/or a list of which it can't?

Enable logging & set 'debug 8' to show which headers privoxy sees
https://www.privoxy.org/user-manual/config.html#DEBUG

Regards,
Lee



>> On Sun, 28 Apr 2019, at 11:46, Az wrote:
>> > On Sunday 28 April 2019 11:33,
>> > Ian Silvester <iansilvester at fastmail.fm> put forth the proposition:
>> > > Hi Az,
>> > >
>> > > It is true that Privoxy cannot see any content, cookies included,
>> > > within HTTPS sites.  If you search the mailing list archive you'll
>> > > find a couple of described solutions for chaining with another proxy
>> > > that decrypts HTTPS; there is no ongoing plan to incorporate such
>> > > within Privoxy.
>> > >
>> > > Which browser are you using? Most have cookie management built-in
>> > > rather than as an extension.
>> >
>> > I mostly use elinks, which unfortunately only has delete and save
>> > buttons, rather than a way of choosing which to accept or refuse, and
>> > I will probably just delete them all every now and then.
>> >
>> > I'm wondering if I could script something though - it saves the
>> > cookies into a plain text file I think, and it supports scripting in
>> > perl among other things. I might be able to create some kind of white
>> > list and delete the others whenever a new page loads or something.
>> >
>> > > Ian
>> > >
>> > > My PGP public
>> > > key[http://silvester.org.uk/IanSilvesterPGPPublicKey.asc]
>> > >
>> > > On Sun, 28 Apr 2019, at 11:07, Az wrote:
>> > > > I have all cookies crunched by default and only allow them from the
>> > > > sites I want to login to, however today I noticed I had a huge
>> > > > amount
>> > > > of cookies in my browser.
>> > > >
>> > > > Am I right in thinking that privoxy can't see cookies from https
>> > > > sites?  My browser doesn't support any cookie manager extensions,
>> > > > so
>> > > > I'd be grateful for any tips to only allow the ones I want.
>> > > >
>> > > > I understand from another thread that some solution for dealing
>> > > > with https traffic is being worked on, but I'm wondering if there
>> > > > is
>> > > > some workaround to get privoxy to see https content that could be
>> > > > used now?  I'm thinking perhaps another proxy between it and the
>> > > > internet or something.  Or would that cause my browser to throw up
>> > > > warnings about insecure connections? I already forward traffic
>> > > > through 3proxy on the web side.
>> > > >
>> > > > Thanks for any info and ideas.
>> > > >
>> > > > --
>> > > > Az
>
> --
> Az
> _______________________________________________
> Privoxy-users mailing list
> Privoxy-users at lists.privoxy.org
> https://lists.privoxy.org/mailman/listinfo/privoxy-users
>


More information about the Privoxy-users mailing list