+> If you open <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to untrusted users, you will
+ also want to make sure that the following actions are disabled: <TT
+CLASS="LITERAL"
+><A
+HREF="config.html#ENABLE-EDIT-ACTIONS"
+>enable-edit-actions</A
+></TT
+> and
+ <TT
+CLASS="LITERAL"
+><A
+HREF="config.html#ENABLE-REMOTE-TOGGLE"
+>enable-remote-toggle</A
+></TT
+>
+ </P
+></DD
+><DT
+>Example:</DT
+><DD
+><P
+> Suppose you are running <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> on
+ a machine which has the address 192.168.0.1 on your local private network
+ (192.168.0.0) and has another outside connection with a different address.
+ You want it to serve requests from inside only:
+ </P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+> listen-address 192.168.0.1:8118</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="TOGGLE"
+>7.4.2. toggle</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+> Initial state of "toggle" status
+ </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>1 or 0</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>1</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+> Act as if toggled on
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> If set to 0, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will start in
+ <SPAN
+CLASS="QUOTE"
+>"toggled off"</SPAN
+> mode, i.e. mostly behave like a normal,
+ content-neutral proxy with both ad blocking and content filtering
+ disabled. See <TT
+CLASS="LITERAL"
+>enable-remote-toggle</TT
+> below.
+ </P
+><P
+> The windows version will only display the toggle icon in the system tray
+ if this option is present.
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ENABLE-REMOTE-TOGGLE"
+>7.4.3. enable-remote-toggle</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+> Whether or not the <A
+HREF="http://config.privoxy.org/toggle"
+TARGET="_top"
+>web-based toggle
+ feature</A
+> may be used
+ </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>0 or 1</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>0</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+> The web-based toggle feature is disabled.
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> When toggled off, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> mostly acts like a normal,
+ content-neutral proxy, i.e. doesn't block ads or filter content.
+ </P
+><P
+> Access to the toggle feature can <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not</I
+></SPAN
+> be
+ controlled separately by <SPAN
+CLASS="QUOTE"
+>"ACLs"</SPAN
+> or HTTP authentication,
+ so that everybody who can access <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> (see
+ <SPAN
+CLASS="QUOTE"
+>"ACLs"</SPAN
+> and <TT
+CLASS="LITERAL"
+>listen-address</TT
+> above) can
+ toggle it for all users. So this option is <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not recommended</I
+></SPAN
+>
+ for multi-user environments with untrusted users.
+ </P
+><P
+> Note that malicious client side code (e.g Java) is also
+ capable of using this option.
+ </P
+><P
+> As a lot of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> users don't read
+ documentation, this feature is disabled by default.
+ </P
+><P
+> Note that you must have compiled <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with
+ support for this feature, otherwise this option has no effect.
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ENABLE-REMOTE-HTTP-TOGGLE"
+>7.4.4. enable-remote-http-toggle</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+> Whether or not Privoxy recognizes special HTTP headers to change its behaviour.
+ </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>0 or 1</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>0</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+> Privoxy ignores special HTTP headers.
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> When toggled on, the client can change <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+>
+ behaviour by setting special HTTP headers. Currently the only supported
+ special header is <SPAN
+CLASS="QUOTE"
+>"X-Filter: No"</SPAN
+>, to disable filtering for
+ the ongoing request, even if it is enabled in one of the action files.
+ </P
+><P
+> This feature is disabled by default. If you are using
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> in a environment with trusted clients,
+ you may enable this feature at your discretion. Note that malicious client
+ side code (e.g Java) is also capable of using this feature.
+ </P
+><P
+> This option will be removed in future releases as it has been obsoleted
+ by the more general header taggers.
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ENABLE-EDIT-ACTIONS"
+>7.4.5. enable-edit-actions</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+> Whether or not the <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>web-based actions
+ file editor</A
+> may be used
+ </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>0 or 1</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>0</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+> The web-based actions file editor is disabled.
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> Access to the editor can <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not</I
+></SPAN
+> be
+ controlled separately by <SPAN
+CLASS="QUOTE"
+>"ACLs"</SPAN
+> or HTTP authentication,
+ so that everybody who can access <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> (see
+ <SPAN
+CLASS="QUOTE"
+>"ACLs"</SPAN
+> and <TT
+CLASS="LITERAL"
+>listen-address</TT
+> above) can
+ modify its configuration for all users.
+ </P
+><P
+> This option is <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not recommended</I
+></SPAN
+> for environments
+ with untrusted users and as a lot of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ users don't read documentation, this feature is disabled by default.
+ </P
+><P
+> Note that malicious client side code (e.g Java) is also
+ capable of using the actions editor and you shouldn't enable
+ this options unless you understand the consequences and are
+ sure your browser is configured correctly.
+ </P
+><P
+> Note that you must have compiled <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with
+ support for this feature, otherwise this option has no effect.
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ENFORCE-BLOCKS"
+>7.4.6. enforce-blocks</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+> Whether the user is allowed to ignore blocks and can <SPAN
+CLASS="QUOTE"
+>"go there anyway"</SPAN
+>.
+ </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+> <TT
+CLASS="REPLACEABLE"
+><I
+>0 or 1</I
+></TT
+>
+ </P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>0</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+> Blocks are not enforced.
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is mainly used to block and filter
+ requests as a service to the user, for example to block ads and other
+ junk that clogs the pipes. <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> configuration
+ isn't perfect and sometimes innocent pages are blocked. In this situation it
+ makes sense to allow the user to enforce the request and have
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> ignore the block.
+ </P
+><P
+> In the default configuration <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+>
+ <SPAN
+CLASS="QUOTE"
+>"Blocked"</SPAN
+> page contains a <SPAN
+CLASS="QUOTE"
+>"go there anyway"</SPAN
+>
+ link to adds a special string (the force prefix) to the request URL.
+ If that link is used, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will
+ detect the force prefix, remove it again and let the request pass.
+ </P
+><P
+> Of course <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can also be used to enforce
+ a network policy. In that case the user obviously should not be able to
+ bypass any blocks, and that's what the <SPAN
+CLASS="QUOTE"
+>"enforce-blocks"</SPAN
+>
+ option is for. If it's enabled, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> hides
+ the <SPAN
+CLASS="QUOTE"
+>"go there anyway"</SPAN
+> link. If the user adds the force
+ prefix by hand, it will not be accepted and the circumvention attempt
+ is logged.
+ </P
+></DD
+><DT
+>Examples:</DT
+><DD
+><P
+> enforce-blocks 1
+ </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ACLS"
+>7.4.7. ACLs: permit-access and deny-access</A
+></H4
+><A
+NAME="PERMIT-ACCESS"
+></A
+><A
+NAME="DENY-ACCESS"
+></A
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+> Who can access what.
+ </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+> <TT
+CLASS="REPLACEABLE"
+><I
+>src_addr</I
+></TT
+>[/<TT
+CLASS="REPLACEABLE"
+><I
+>src_masklen</I
+></TT
+>]
+ [<TT
+CLASS="REPLACEABLE"
+><I
+>dst_addr</I
+></TT
+>[/<TT
+CLASS="REPLACEABLE"
+><I
+>dst_masklen</I
+></TT
+>]]
+ </P
+><P
+> Where <TT
+CLASS="REPLACEABLE"
+><I
+>src_addr</I
+></TT
+> and
+ <TT
+CLASS="REPLACEABLE"
+><I
+>dst_addr</I
+></TT
+> are IP addresses in dotted decimal notation or valid
+ DNS names, and <TT
+CLASS="REPLACEABLE"
+><I
+>src_masklen</I
+></TT
+> and
+ <TT
+CLASS="REPLACEABLE"
+><I
+>dst_masklen</I
+></TT
+> are subnet masks in CIDR notation, i.e. integer
+ values from 2 to 30 representing the length (in bits) of the network address. The masks and the whole
+ destination part are optional.
+ </P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Unset</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+> Don't restrict access further than implied by <TT
+CLASS="LITERAL"
+>listen-address</TT
+>
+ </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+> Access controls are included at the request of ISPs and systems
+ administrators, and <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>are not usually needed by individual users</I
+></SPAN
+>.
+ For a typical home user, it will normally suffice to ensure that
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> only listens on the localhost
+ (127.0.0.1) or internal (home) network address by means of the
+ <A
+HREF="config.html#LISTEN-ADDRESS"
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>listen-address</I
+></SPAN
+></A
+>
+ option.
+ </P
+><P
+> Please see the warnings in the FAQ that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ is not intended to be a substitute for a firewall or to encourage anyone
+ to defer addressing basic security weaknesses.
+ </P
+><P
+> Multiple ACL lines are OK.
+ If any ACLs are specified, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> only talks
+ to IP addresses that match at least one <TT
+CLASS="LITERAL"
+>permit-access</TT
+> line
+ and don't match any subsequent <TT
+CLASS="LITERAL"
+>deny-access</TT
+> line. In other words, the
+ last match wins, with the default being <TT
+CLASS="LITERAL"
+>deny-access</TT
+>.
+ </P
+><P
+> If <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is using a forwarder (see <TT
+CLASS="LITERAL"
+>forward</TT
+> below)
+ for a particular destination URL, the <TT
+CLASS="REPLACEABLE"
+><I
+>dst_addr</I
+></TT
+>
+ that is examined is the address of the forwarder and <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>NOT</I
+></SPAN
+> the address
+ of the ultimate target. This is necessary because it may be impossible for the local
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to determine the IP address of the
+ ultimate target (that's often what gateways are used for).
+ </P
+><P
+> You should prefer using IP addresses over DNS names, because the address lookups take
+ time. All DNS names must resolve! You can <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not</I
+></SPAN
+> use domain patterns
+ like <SPAN
+CLASS="QUOTE"
+>"*.org"</SPAN
+> or partial domain names. If a DNS name resolves to multiple
+ IP addresses, only the first one is used.
+ </P
+><P
+> Denying access to particular sites by ACL may have undesired side effects
+ if the site in question is hosted on a machine which also hosts other sites
+ (most sites are).
+ </P
+></DD
+><DT
+>Examples:</DT
+><DD
+><P
+> Explicitly define the default behavior if no ACL and
+ <TT
+CLASS="LITERAL"
+>listen-address</TT
+> are set: <SPAN
+CLASS="QUOTE"
+>"localhost"</SPAN
+>
+ is OK. The absence of a <TT
+CLASS="REPLACEABLE"
+><I
+>dst_addr</I
+></TT
+> implies that
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all</I
+></SPAN
+> destination addresses are OK:
+ </P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> permit-access localhost</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> Allow any host on the same class C subnet as www.privoxy.org access to
+ nothing but www.example.com (or other domains hosted on the same system):
+ </P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> permit-access www.privoxy.org/24 www.example.com/32</PRE
+></TD
+></TR
+></TABLE