Privoxy and cache headers

[Fabian Keil]

Jason Holt <jason at lunkwill.org> wrote:

> Does privoxy filter out the modified-since headers browsers use to
> check if a page is modified before downloading?  If not, the
> timestamp could be used to identify repeated page accesses as coming
> from the same browser.

Vanilla Privoxy doesn't, but you can use the patch at: 
http://www.fabiankeil.de/sourcecode/privoxy/

Afterwards Privoxy can block the If-Modified-Since
header entirely, or randomize it's value in a given range. 

My generic section contains:

+hide-if-modified-since {-1}
+overwrite-last-modified {randomize} 
+crunch-if-none-match

which means the server's Last-Modified header is randomized
in the range between the real value and the actual time
on the Privoxy-running system.

When the Last-Modified header's value is later taken by the
browser as value for the If-Modified-Since header, Privoxy
subtracts a random value between 0 and 1 hour.

This way the If-Modified-Since header is still useful
most of the time, without giving the server the chance
to use it for tracking purposes.

AFAIK there is no way to randomize an If-None-Match header
without causing it to get invalid, therefore it is just
removed.

In the worst case scenario the value of the Last-Modified
header is less than an hour old, in the next request
Privoxy's randomization of the If-Modified-Since header
let's it appear to predate the original value on the server,
and the server has to send the document again instead of
just sending 304.

Of course randomizing the If-Modified-Since header has
no effect if you're the only one who ever visited the page.

Fabian
-- 
http://www.fabiankeil.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20060622/bf5fa7a7/attachment.pgp>