[Privoxy-users] Cookies from https sites

Az azimuth99 at danwin1210.me
Tue Apr 30 13:29:19 UTC 2019


On Monday 29 April 2019 22:58,
Az <azimuth99 at danwin1210.me> put forth the proposition:
> On Sunday 28 April 2019 11:57,
> Ian Silvester <iansilvester at fastmail.fm> put forth the proposition:
> > Yes, a script sounds feasible - perhaps something that runs on schedule, parsing the cookie file based on a (set of) regex, so as to retain only cookies that you want to whitelist?
>
> I've just started to look at this, and not knowing that much about
> cookies I read the php.net page on setting them and then read up on
> how crunch-incoming-cookies works.
>
> I learned that they are set in the header "Set-Cookie:", and I'm
> guessing that in an https header they aren't seen.
>
> Is there a list of which headers privoxy can see in an https session,
> and/or a list of which it can't?

After reading up on workarounds involving squid presenting fake certs, I
think it's probably easier to just go with the script idea and delete
them from the cookie file and then reload it in the browser, or just
ignore them - I do have fairly substantial ad blocking hosts file
anyway.

I'm not sure how much work it would be to have privoxy filter SSL,
and I did see someone post a patch to the devel mailing list in
2017, but I can understand that it would be a bit of a big task.

Thanks for the ideas anyway.

> > My PGP public key[http://silvester.org.uk/IanSilvesterPGPPublicKey.asc]
> >
> > On Sun, 28 Apr 2019, at 11:46, Az wrote:
> > > On Sunday 28 April 2019 11:33,
> > > Ian Silvester <iansilvester at fastmail.fm> put forth the proposition:
> > > > Hi Az,
> > > >
> > > > It is true that Privoxy cannot see any content, cookies included, within HTTPS sites.  If you search the mailing list archive you'll find a couple of described solutions for chaining with another proxy that decrypts HTTPS; there is no ongoing plan to incorporate such within Privoxy.
> > > >
> > > > Which browser are you using? Most have cookie management built-in rather than as an extension.
> > >
> > > I mostly use elinks, which unfortunately only has delete and save
> > > buttons, rather than a way of choosing which to accept or refuse, and
> > > I will probably just delete them all every now and then.
> > >
> > > I'm wondering if I could script something though - it saves the
> > > cookies into a plain text file I think, and it supports scripting in
> > > perl among other things. I might be able to create some kind of white
> > > list and delete the others whenever a new page loads or something.
> > >
> > > > Ian
> > > >
> > > > My PGP public key[http://silvester.org.uk/IanSilvesterPGPPublicKey.asc]
> > > >
> > > > On Sun, 28 Apr 2019, at 11:07, Az wrote:
> > > > > I have all cookies crunched by default and only allow them from the
> > > > > sites I want to login to, however today I noticed I had a huge amount
> > > > > of cookies in my browser.
> > > > >
> > > > > Am I right in thinking that privoxy can't see cookies from https
> > > > > sites?  My browser doesn't support any cookie manager extensions, so
> > > > > I'd be grateful for any tips to only allow the ones I want.
> > > > >
> > > > > I understand from another thread that some solution for dealing
> > > > > with https traffic is being worked on, but I'm wondering if there is
> > > > > some workaround to get privoxy to see https content that could be
> > > > > used now?  I'm thinking perhaps another proxy between it and the
> > > > > internet or something.  Or would that cause my browser to throw up
> > > > > warnings about insecure connections? I already forward traffic
> > > > > through 3proxy on the web side.
> > > > >
> > > > > Thanks for any info and ideas.
> > > > >
> > > > > --
> > > > > Az
>
> --
> Az
> _______________________________________________
> Privoxy-users mailing list
> Privoxy-users at lists.privoxy.org
> https://lists.privoxy.org/mailman/listinfo/privoxy-users


--
Az


More information about the Privoxy-users mailing list