Jason Holt <jason@xxxxxxxxxxxx> wrote: > Does privoxy filter out the modified-since headers browsers use to > check if a page is modified before downloading? If not, the > timestamp could be used to identify repeated page accesses as coming > from the same browser. Vanilla Privoxy doesn't, but you can use the patch at: http://www.fabiankeil.de/sourcecode/privoxy/ Afterwards Privoxy can block the If-Modified-Since header entirely, or randomize it's value in a given range. My generic section contains: +hide-if-modified-since {-1} +overwrite-last-modified {randomize} +crunch-if-none-match which means the server's Last-Modified header is randomized in the range between the real value and the actual time on the Privoxy-running system. When the Last-Modified header's value is later taken by the browser as value for the If-Modified-Since header, Privoxy subtracts a random value between 0 and 1 hour. This way the If-Modified-Since header is still useful most of the time, without giving the server the chance to use it for tracking purposes. AFAIK there is no way to randomize an If-None-Match header without causing it to get invalid, therefore it is just removed. In the worst case scenario the value of the Last-Modified header is less than an hour old, in the next request Privoxy's randomization of the If-Modified-Since header let's it appear to predate the original value on the server, and the server has to send the document again instead of just sending 304. Of course randomizing the If-Modified-Since header has no effect if you're the only one who ever visited the page. Fabian -- http://www.fabiankeil.de/
Attachment:
signature.asc
Description: PGP signature