X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=doc%2Fwebserver%2Fuser-manual%2Factions-file.html;h=f5a98de2db7cf46c68cb935f1385b2153e27a6dc;hb=0f3edd93a652011049e2bfc9b67947f92e236ef8;hp=f641896c3bc85ea80fe046e944b32f9bb7898dcf;hpb=098f3f996e9465705bc3e02b9454b99568c8e372;p=privoxy.git diff --git a/doc/webserver/user-manual/actions-file.html b/doc/webserver/user-manual/actions-file.html index f641896c..f5a98de2 100644 --- a/doc/webserver/user-manual/actions-file.html +++ b/doc/webserver/user-manual/actions-file.html @@ -1403,50 +1403,7 @@ problem-host.example.com
Filter encrypted requests and responses
-Encrypted requests are decrypted, filtered and forwarded encrypted.
-Boolean.
-N/A
-This action allows Privoxy to filter encrypted requests and - responses. For this to work Privoxy has to generate a certificate and - send it to the client which has to accept it.
-Before this works the directives in the TLS section of the config file have to be configured.
-
- {+enable-https-filtering} -www.example.com- |
-
Filter encrypted requests and responses
+Encrypted requests are decrypted, filtered and forwarded encrypted.
+Boolean.
+N/A
+This action allows Privoxy to filter encrypted requests and + responses. For this to work Privoxy has to generate a certificate and + send it to the client which has to accept it.
+Before this works the directives in the TLS section of the config file have to be configured.
+Note that the action has to be enabled based on the CONNECT request which doesn't contain a path. + Enabling it based on a pattern with path doesn't work as the path is only seen by Privoxy if the action is already enabled.
+
+ {+https-inspection} +www.example.com+ |
+
When the "+enable-https-filtering" action is used Privoxy by - default verifies that the remote site uses a valid certificate.
+When the "+https-inspection" action is used Privoxy by default + verifies that the remote site uses a valid certificate.
If the certificate is invalid the connection is aborted.
This action disabled the certificate check allowing requests to sites with invalid certificates.