# Sample Configuration File for Privoxy 3.0.21
#
-# $Id: p-config.sgml,v 2.97 2013/03/01 17:39:27 fabiankeil Exp $
+# $Id: config,v 1.103 2013/03/02 14:47:05 fabiankeil Exp $
#
# Copyright (C) 2001-2013 Privoxy Developers http://www.privoxy.org/
#
# 3. DEBUGGING #
# 4. ACCESS CONTROL AND SECURITY #
# 5. FORWARDING #
-# 6. WINDOWS GUI OPTIONS #
+# 6. MISCELLANEOUS #
+# 7. WINDOWS GUI OPTIONS #
# #
####################################################################
#
#
buffer-limit 4096
#
+# 4.9. enable-proxy-authentication-forwarding
+# ============================================
+#
+# Specifies:
+#
+# Whether or not proxy authentication through Privoxy should
+# work.
+#
+# Type of value:
+#
+# 0 or 1
+#
+# Default value:
+#
+# 0
+#
+# Effect if unset:
+#
+# Proxy authentication headers are removed.
+#
+# Notes:
+#
+# Privoxy itself does not support proxy authentication, but can
+# allow clients to authenticate against Privoxy's parent proxy.
+#
+# By default Privoxy (3.0.21 and later) don't do that and remove
+# Proxy-Authorization headers in requests and Proxy-Authenticate
+# headers in responses to make it harder for malicious sites to
+# trick inexperienced users into providing login information.
+#
+# If this option is enabled the headers are forwarded.
+#
+# Enabling this option is not recommended if there is no parent
+# proxy that requires authentication or if the local network
+# between Privoxy and the parent proxy isn't trustworthy. If
+# proxy authentication is only required for some requests, it is
+# recommended to use a client header filter to remove the
+# authentication headers for requests where they aren't needed.
+#
+enable-proxy-authentication-forwarding 0
+#
# 5. FORWARDING
# ==============
#