Filters are not taken effect #34
Comments
|
I am new to this as well, so I don't have answers. However, I am seeing the same thing and have done some investigation. The first thing I found is privoxy by default does not filter HTTPS traffic, which these days is 99%+ of all web sites. To work around this, the latest privoxy supports an experimental feature called "https inspection", which allows filtering HTTPS traffic. See https://www.privoxy.org/user-manual/actions-file.html#HTTPS-INSPECTION and related sections for details. I had to build my own privoxy, but it was very straightforward, the main thing to note is to include After you get all the cert stuff setup, make sure to enable the feature in e.g. Once I configured that and got everything set up I can see the filter rules adding CSS statements in the "view source" page for a given https webpage. However, I still am not seeing element hiding. The other problem is turning on https inspection has really slowed down my privoxy server (Raspberry Pi 4, which does not have hardware crypto) to the point where it is not usable, so it's not really an experiment I can continue with my current setup. Posting this here in case it helps others... In the meantime I get good results with my pihole... |
TLS interception raises numerous security and privacy considerations, as well as the additional complexity of another layer of PKI to manage. Yes, both squid and privoxy can be configured for TLS interception. The tradeoffs involved in doing this may or may not outweigh the benefits of adblocking. I find that using a PAC within the browser is highly effective without the necessity of TLS interception. See https://github.com/essandess/easylist-pac-privoxy. This works for Safari—on both desktop and mobile devices—and Firefox; I believe that Chrome now limits the use of a PAC in this way. If PAC adblocking is ever limited by major browsers, TLS interception is always available as an ultimate solution. |
I do not think that using it on a home LAN causes any problem. For 5 years of use (even with the help of ProxHTTPSProxyMII) I have not noticed any problems with confidentiality, on the contrary, it can be increased by using all the Privoxy functionality. |
@vladns I’ve migrated completely over to the TLS interception side now that iOS Safari has stopped working with proxy.pac HTTPS black holes (see essandess/easylist-pac-privoxy#21), and Chrome has disabled the policy I concur that on a LAN this causes no issues, and indeed performs better than a more complicated PAC file → Please see: https://github.com/macports/macports-ports/blob/master/www/privoxy/Portfile |
Hope you can help me.
I have followed the manual to integrate the filter files into the privoxy proxy.
To automatically generate these filters I have generated a little pull request (see #33).
It seems the the filters are loaded without any error, but I do not really see an effect on the homepages at all.
I have also used a separate apache server to use the css files, but there is no change seen here in improving the filters. Also I cannot see any requests from the proxy to the apache.
The text was updated successfully, but these errors were encountered: