Available Issue Privaxy 0.5 , proxy server for blocking advertising and tracking code between sites. The implementation of the lock in the form of a separate proxy server makes it possible to use it as a universal solution that allows you to filter appeals not only from Web browsers. The proxy also does not depend on the restrictions of the browsers, the tipser imposed by the third version of the Chrome manifesto, and provides higher performance and low resources. For example, when loading 320 thousand filters, memory consumption is 50 MB and it is possible to filter thousands of requests per second. The project code is written in Rust and subjects under the AGPLV3 license. Assemblies prepared for linux (Appymage, Deb), Windows and MacOS. It boils down to deploying an intermediate filter between the user and sites, using the substitution of TLS certificates to intercept the contents of encrypted HTTPS seans and hide the warning about wedging into the communication channel (MITM). Privaxy generates its own root certificate that the user sets in the certificate of certificates of his system (/USR/Local/Share/Ca- Certification/) and prescribes the work of applications through the proxy Localhost: 8100. Two assembly options are provided – a console utility and a graphic interface, which allows you to control the settings, clearly monitor the current activity and view the statistics on locks.
Upon receipt of the HTTPS request from the Privaxy user on its own behalf, it sets a TLS connection with the target server and receives its certificate, after which it uses the host name from the real certificate received from the server and creates a fictitious certificate associated with a confidence chain of root certificate generated for the user. Using a fictitious certificate, it imitates the requested server when interacting with the client, while continuing to use to obtain a TLS connection installed with a target server.
For selected hosts and domains, it is possible to turn off the test using the MITM technique.
In addition to cutting out ads based on URL masks in Privaxy, the possibility of substituting the JavaScript code and CSS-style to the given HTML documents are also given. The connection of filters compatible with Adblock Plus, such as easylist is supported. When substituting the contents, Ublock Origin syntax for scripts, handlers and redirections, as well as its own syntax for setting arbitrary user filters, is maintained. Connected external lists with filters are updated automatically.