Privoxy is a terrific web scrubbing application that provides an HTTP proxy that can be configured to accept requests from web browsers and other applications and redirect them to Tor via SOCKS. We recommend that Tor users run Privoxy for web browsing, but we recognize that Privoxy has many important limitations. Unfortunately, Privoxy is not actively maintained at the present time. Here are some desiderata for an improved version of Privoxy:
- A simple rewrite engine capable of systemically rewriting HTTP headers and URLs in tags. We should be able to use this engine to modify URLs to force .exit notation (thus providing a stronger guarantee that when we click links, we will continue to see them from the same forwarder).
- Support for HTTP/1.1 Keepalives. Privoxy does not currently support HTTP/1.1 Keepalives, a non-essential but important feature that allows clients to pipeline multiple successive HTTP requests within a single TCP connection. This feature has the potential to dramatically improve client performance for browsing pages that require loading many images, style files, or other auxiliary links.
- Up-to-date filtering rules. A large part of the worry about Privoxy's languishing policy set is that its built-in blocklists are becoming increasingly ineffective in blocking privacy-invading web content, advertisements, etc.
- A simpler, easier-to-use configuration script. Perhaps it would be ideal to have some sort of user interface for configuration, but we're not even ready for that yet. The configuration script needs a lot of work.
- Script filtering. It might be interesting to explore the possibility of blocking scripts at Privoxy rather than using browser extensions (such as NoScript for Firefox).
- Incremental loading of web pages. It would be useful for Privoxy to feed websites to the browser while the page is loading, rather than waiting until it has most or all of it to pass it back. It does not really affect the total wait time, but it affects the user experience.
- External SSL endpoint. Perhaps we can make Privoxy serve as an SSL endpoint, allowing the browser to delegate SSL management to Privoxy. This way we can get all of those web scrubbing and URL rewriting benefits even for encrypted pages, which are becoming increasingly preponderant. This would probably require hacking browsers to be useful, but it may be worth some effort at some point.