[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: "User.Actions" Template



On 5/21/06, Fabian Keil <freebsd-listen@xxxxxxxxxxxxx> wrote:
Anothony Georgeo <anogeorgeo@xxxxxxxxx> wrote:

> I think it is wise to note that Privoxy can not filter
> HTTPS.  Most non-tech end-users do not know this.  I
> do not block HTTPS connections as I think it is
> easiser to simply not visit an HTTPS url.

How do you convince your browser not to fetch
additional images and style sheet through HTTPS?

Not actively visiting untrusted HTTPS sites doesn't
stop anyone from spicing up his pages with HTTPS
content to get more information about his visitors.

I thought a browser was supposed to warn you of this "mixed content"
situation (an http site with https images, for instance), but checking
Firefox apparently it doesn't!

Anyway, it seems like the only proper solution here is to not use
privoxy at all, this way https and http both present exactly the same
header information.  But this of course means taking all the
identifying information out of your browser - easier said than done.

Anthony