[Privoxy-users] Privoxy MacPorts Port with HTTPS Inspection

Thu Nov 11 12:51:50 UTC 2021

Thank you! Please see https://github.com/macports/macports-ports/pull/12902 <https://github.com/macports/macports-ports/pull/12902>

Also, adblock2privoxy is a very nice converter that takes up-to-date easylist rules, including CSS rules and provides comprehensive Privoxy blocking. The project motivation:

> AdBlock Plus browser plugin has great block lists provided by big community, but it is client software and cannot work on a server as a proxy.
> 
> Privoxy proxy has good potential to block ads at server side, but it experiences acute shortage of updated block lists.
> 
> This software converts adblock lists to privoxy config files format.
> 

Please see https://github.com/essandess/adblock2privoxy

Steve

> On Nov 11, 2021, at 4:43 AM, Fabian Keil <fk at fabiankeil.de> wrote:
> 
> Steven Smith <steve.t.smith at gmail.com> wrote on 2021-10-14:
> 
>> I have a PR that builds and configures privoxy’s HTTPS
>> inspection. Comments and feedback welcome:
>> 
>> https://github.com/macports/macports-ports/pull/12506
> 
> That's great.
> 
> Please excuse the delayed response.
> 
> A few comments below after briefly looking at:
> https://github.com/macports/macports-ports/pull/12506/commits/9730efc6f43ab6248de1ffacb3fc3499ed173663
> 
> | homepage            http://www.privoxy.org/
> | -master_sites        sourceforge:project/ijbswa/Sources/${version}%20%28stable%29
> | +master_sites        ${homepage}/sf-download-mirror/Sources/${version}%20%28stable%29
> 
> Could homepage be changed to https or would this cause
> problems when fetching the sources?
> 
> | -#connection-sharing 1
> | +connection-sharing 1
> 
> Quoting the documentation:
> | This option should only be used by experienced users who
> | understand the risks and can weight them against the benefits.
> 
> I would not recommend enabling it by default.
> 
> | -#enable-compression 1
> | +enable-compression 1
> 
> Quoting the documentation:
> 
> | Compressing buffered content is mainly useful if Privoxy and
> | the client are running on different systems. If they are running
> | on the same system, enabling compression is likely to slow things down.
> | If you didn't measure otherwise, you should assume that it does and
> | keep this option disabled.
> 
> I suspect that most MacPorts users are running Privoxy
> on the same system as the browser so I would not recommend
> enabling it by default either.
> 
> | +# User-Agent
> | +# See http://www.christianschenk.org/blog/enhancing-your-privacy-using-squid-and-privoxy/
> | +{ \
> | ++hide-referrer{conditional-forge} \
> | ++hide-user-agent{Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1 Safari/605.1.15} \
> | +}
> | +/ # Match all URLs
> 
> Is that a User-Agent actually commonly used?
> 
> | +# No HTTPS Inspection on these websites
> | +{-https-inspection}
> | [...]
> 
> A comment justifying these exceptions might be useful.
> 
> Also you may want to add regression tests so you and
> users of the port can use Privoxy-Regression-Test to
> automatically check if they are applied as intended
> and don't conflict with other changes.
> 
> I'm not familiar with adblock2privoxy so I don't know
> whether or not using it is a good idea.
> 
> I did not look at the certificate generation at all
> due to lack of time.
> 
> My impression is that the Privoxy tools are not installed.
> Is that because they add dependencies?
> 
> I'm obviously somewhat biased but I consider them useful
> and the FreeBSD port (which I maintain) installs them by
> default but has an option for users who don't want them.
> 
> Fabian
> _______________________________________________
> Privoxy-users mailing list
> Privoxy-users at lists.privoxy.org
> https://lists.privoxy.org/mailman/listinfo/privoxy-users