X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=config;h=779a21600bcdc4c38877dd954e17710ed9c0ee27;hb=1d666f12f135dac7bb3540def782b94a31c93e97;hp=b65e6f37fc8169403bf2d13533e339c699472c31;hpb=ab1954feed634fdbcf43ac5087615f9874fe06f2;p=privoxy.git

diff --git a/config b/config
index b65e6f37..779a2160 100644
--- a/config
+++ b/config
@@ -1,6 +1,6 @@
-#        Sample Configuration File for Privoxy 3.0.33
+#        Sample Configuration File for Privoxy 3.0.34
 #
-# Copyright (C) 2001-2021 Privoxy Developers https://www.privoxy.org/
+# Copyright (C) 2001-2023 Privoxy Developers https://www.privoxy.org/
 #
 #####################################################################
 #                                                                   #
@@ -15,7 +15,7 @@
 #        4. ACCESS CONTROL AND SECURITY                             #
 #        5. FORWARDING                                              #
 #        6. MISCELLANEOUS                                           #
-#        7. HTTPS INSPECTION (EXPERIMENTAL)                         #
+#        7. HTTPS INSPECTION                                        #
 #        8. WINDOWS GUI OPTIONS                                     #
 #                                                                   #
 #####################################################################
@@ -151,8 +151,8 @@
 #
 #  Notes:
 #
-#      The value of this option only matters if the experimental
-#      trust mechanism has been activated. (See trustfile below.)
+#      The value of this option only matters if the trust mechanism
+#      has been activated. (See trustfile below.)
 #
 #      If you use the trust mechanism, it is a good idea to write up
 #      some on-line documentation about your trust policy and to
@@ -610,10 +610,17 @@ logfile logfile
 #      you read the log messages, you may even be able to solve the
 #      problem on your own.
 #
-#debug     1 # Log the destination for each request.
+#debug     1 # Log the destination for each request. See also debug 1024.
+#debug     2 # show each connection status
+#debug     4 # show tagging-related messages
+#debug     8 # show header parsing
+#debug   128 # debug redirects
+#debug   256 # debug GIF de-animation
+#debug   512 # Common Log Format
 #debug  1024 # Log the destination for requests Privoxy didn't let through, and the reason why.
 #debug  4096 # Startup banner and warnings
 #debug  8192 # Non-fatal errors
+#debug 65536 # Log applying actions
 #
 #  3.2. single-threaded
 #  =====================
@@ -1896,6 +1903,15 @@ tolerate-pipelining 1
 #      If you aren't using an occasionally slow proxy like Tor,
 #      reducing it to a few seconds should be fine.
 #
+#      +-----------------------------------------------------+
+#      |                       Warning                       |
+#      |-----------------------------------------------------|
+#      |When a TLS library is being used to read or write    |
+#      |data from a socket with https-inspection enabled the |
+#      |socket-timeout currently isn't applied and the       |
+#      |timeout used depends on the library (which may not   |
+#      |even use a timeout).                                 |
+#      +-----------------------------------------------------+
 #  Example:
 #
 #      socket-timeout 300
@@ -1950,11 +1966,15 @@ socket-timeout 300
 #      limit below the one enforced by the operating system.
 #
 #      One most POSIX-compliant systems Privoxy can't properly deal
-#      with more than FD_SETSIZE file descriptors at the same time
-#      and has to reject connections if the limit is reached. This
-#      will likely change in a future version, but currently this
-#      limit can't be increased without recompiling Privoxy with a
-#      different FD_SETSIZE limit.
+#      with more than FD_SETSIZE file descriptors if Privoxy has been
+#      configured to use select() and has to reject connections if
+#      the limit is reached. When using select() this limit therefore
+#      can't be increased without recompiling Privoxy with a
+#      different FD_SETSIZE limit unless Privoxy is running on
+#      Windows with _WIN32 defined.
+#
+#      When Privoxy has been configured to use poll() the FD_SETSIZE
+#      limit does not apply.
 #
 #  Example:
 #
@@ -2422,8 +2442,8 @@ socket-timeout 300
 #            receive-buffer-size 32768
 #
 #
-#  7. HTTPS INSPECTION (EXPERIMENTAL)
-#  ===================================
+#  7. HTTPS INSPECTION
+#  ====================
 #
 #  HTTPS inspection allows to filter encrypted requests and
 #  responses. This is only supported when Privoxy has been built with
@@ -2445,7 +2465,7 @@ socket-timeout 300
 #
 #  Default value:
 #
-#      Empty string
+#      ./CA
 #
 #  Effect if unset:
 #
@@ -2565,9 +2585,17 @@ socket-timeout 300
 #      is used when Privoxy generates certificates for intercepted
 #      requests.
 #
-#      Note that the password is shown on the CGI page so don't reuse
-#      an important one.
-#
+#      +-----------------------------------------------------+
+#      |                       Warning                       |
+#      |-----------------------------------------------------|
+#      |Note that the password is shown on the CGI page so   |
+#      |don't reuse an important one.                        |
+#      |                                                     |
+#      |If disclosure of the password is a compliance issue  |
+#      |consider blocking the relevant CGI requests after    |
+#      |enabling the enforce-blocks and                      |
+#      |allow-cgi-request-crunching.                         |
+#      +-----------------------------------------------------+
 #  Example:
 #
 #      ca-password blafasel