From: Fabian Keil <fk@fabiankeil.de>
Date: Sat, 6 Jun 2020 07:42:56 +0000 (+0200)
Subject: FAQ: Mention http-inspection in two answers
X-Git-Tag: v_3_0_29~312
X-Git-Url: http://www.privoxy.org/gitweb/%22https:/@default-cgi@/faq/static/coding.html?a=commitdiff_plain;h=5473a49999459de303a5d534a7654eaa48587e5f;p=privoxy.git

FAQ: Mention http-inspection in two answers

Sponsored by: Robert Klemme
---

diff --git a/doc/source/faq.sgml b/doc/source/faq.sgml
index 773d9fe0..e281a629 100644
--- a/doc/source/faq.sgml
+++ b/doc/source/faq.sgml
@@ -1341,7 +1341,8 @@ and thus avoid individual browser configuration?</title>
  amount of guesswork. It is not realistic to catch all of these short of
  disabling Javascript, which would break many sites. And lastly, if the
  cookies are embedded in a HTTPS/SSL secure session via Javascript, they are beyond
- <application>Privoxy's</application> reach.
+ <application>Privoxy's</application> reach unless you enable
+ <ulink url="../user-manual/actions-file.html#HTTPS-INSPECTION">https-inspection</ulink>.
 </para>
 <para>
  All in all, &my-app; can help manage cookies in general, can help minimize
@@ -1996,9 +1997,17 @@ ads used to be. Why?</title>
 <sect2 renderas="sect3" id="ssl">
 <title>How can Privoxy filter Secure (HTTPS) URLs?</title>
 <para>
- Since secure HTTP connections are encrypted SSL sessions between your browser
- and the secure site, and are meant to be reliably <emphasis>secure</emphasis>,
- there is little that <application>Privoxy</application> can do but hand the raw
+ If you enable
+ <ulink url="../user-manual/actions-file.html#HTTPS-INSPECTION">https-inspection</ulink>
+ <application>Privoxy</application> will impersonate the destination
+ server and can thus filter encrypted requests and responses as well.
+</para>
+<para>
+ Without
+ <ulink url="../user-manual/actions-file.html#HTTPS-INSPECTION">https-inspection</ulink>
+ secure HTTP connections are encrypted SSL sessions between your
+ browser and the secure site, and there is little
+ that <application>Privoxy</application> can do but hand the raw
  gibberish data though from one end to the other unprocessed.
 </para>
 <para>