X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=config;h=24dcb5a20f31ba504567b984883c3c17b60fd64b;hp=e3494afa013799bc51426b9d4b80eaea174e5847;hb=a175c8fac0d8b66094da631d2212b379db4ceda3;hpb=a0c61285a747c6ed0a706ff6c2a42d2de2ed9a05

diff --git a/config b/config
index e3494afa..24dcb5a2 100644
--- a/config
+++ b/config
@@ -1,8 +1,6 @@
-#        Sample Configuration File for Privoxy 3.0.27
+#        Sample Configuration File for Privoxy 3.0.29
 #
-# $Id: config,v 1.113 2017/06/08 13:09:34 fabiankeil Exp $
-#
-# Copyright (C) 2001-2017 Privoxy Developers https://www.privoxy.org/
+# Copyright (C) 2001-2019 Privoxy Developers https://www.privoxy.org/
 #
 #####################################################################
 #                                                                   #
@@ -611,7 +609,7 @@ logfile logfile
 #      problem on your own.
 #
 #debug     1 # Log the destination for each request Privoxy let through. See also debug 1024.
-#debug  1024 # Actions that are applied to all sites and maybe overruled later on.
+#debug  1024 # Log the destination for requests Privoxy didn't let through, and the reason why.
 #debug  4096 # Startup banner and warnings
 #debug  8192 # Non-fatal errors
 #
@@ -1208,6 +1206,9 @@ enable-proxy-authentication-forwarding 0
 #      requests aren't rejected. Requests are accepted if the
 #      specified trusted-cgi-refer is the prefix of the Referer.
 #
+#      If the trusted source is supposed to access the CGI pages via
+#      JavaScript the cors-allowed-origin option can be used.
+#
 #      +-----------------------------------------------------+
 #      |                       Warning                       |
 #      |-----------------------------------------------------|
@@ -1217,8 +1218,54 @@ enable-proxy-authentication-forwarding 0
 #      |the user's knowledge.                                |
 #      +-----------------------------------------------------+
 #
-trusted-cgi-referer http://www.example.org/
+#trusted-cgi-referer http://www.example.org/local-privoxy-control-page
+#
+#  4.11. cors-allowed-origin
+#  ==========================
+#
+#  Specifies:
+#
+#      A trusted website which can access Privoxy's CGI pages through
+#      JavaScript.
+#
+#  Type of value:
+#
+#      URL
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      No external sites get access via cross-origin resource
+#      sharing.
+#
+#  Notes:
+#
+#      Modern browsers by default prevent cross-origin requests made
+#      via JavaScript to Privoxy's CGI interface even if Privoxy
+#      would trust the referer because it's white listed via the
+#      trusted-cgi-referer directive.
+#
+#      Cross-origin resource sharing (CORS) is a mechanism to allow
+#      cross-origin requests.
+#
+#      The "cors-allowed-origin" option can be used to specify a
+#      domain that is allowed to make requests to Privoxy CGI
+#      interface via JavaScript. It is used in combination with the
+#      trusted-cgi-referer directive.
+#
+#      +-----------------------------------------------------+
+#      |                       Warning                       |
+#      |-----------------------------------------------------|
+#      |Declaring domains the admin doesn't control          |
+#      |trustworthy may allow malicious third parties to     |
+#      |modify Privoxy's internal state against the user's   |
+#      |wishes and without the user's knowledge.             |
+#      +-----------------------------------------------------+
 #
+#cors-allowed-origin http://www.example.org/
 #
 #  5. FORWARDING
 #  ==============
@@ -1320,7 +1367,7 @@ trusted-cgi-referer http://www.example.org/
 #
 #  Type of value:
 #
-#      target_pattern socks_proxy[:port] http_parent[:port]
+#      target_pattern [user:pass@]socks_proxy[:port] http_parent[:port]
 #
 #      where target_pattern is a URL pattern that specifies to which
 #      requests (i.e. URLs) this forward rule shall apply. Use / to
@@ -1328,7 +1375,8 @@ trusted-cgi-referer http://www.example.org/
 #      addresses in dotted decimal notation or valid DNS names (
 #      http_parent may be "." to denote "no HTTP forwarding"), and
 #      the optional port parameters are TCP ports, i.e. integer
-#      values from 1 to 65535
+#      values from 1 to 65535. user and pass can be used for SOCKS5
+#      authentication if required.
 #
 #  Default value:
 #
@@ -1383,6 +1431,11 @@ trusted-cgi-referer http://www.example.org/
 #
 #        forward-socks4   /               socks-gw.example.com:1080  .
 #
+#      To connect SOCKS5 proxy which requires username/password
+#      authentication:
+#
+#        forward-socks5   /               user:pass@socks-gw.example.com:1080  .
+#
 #      To chain Privoxy and Tor, both running on the same system, you
 #      would use something like:
 #
@@ -1959,7 +2012,49 @@ socket-timeout 300
 #
 #listen-backlog -1
 #
-#  6.11. handle-as-empty-doc-returns-ok
+#  6.11. enable-accept-filter
+#  ===========================
+#
+#  Specifies:
+#
+#      Whether or not Privoxy should use an accept filter
+#
+#  Type of value:
+#
+#      0 or 1
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      No accept filter is enabled.
+#
+#  Notes:
+#
+#      Accept filters reduce the number of context switches by not
+#      passing sockets for new connections to Privoxy until a
+#      complete HTTP request is available.
+#
+#      As a result, Privoxy can process the whole request right away
+#      without having to wait for additional data first.
+#
+#      For this option to work, Privoxy has to be compiled with
+#      FEATURE_ACCEPT_FILTER and the operating system has to support
+#      it (which may require loading a kernel module).
+#
+#      Currently accept filters are only supported on FreeBSD-based
+#      systems. Check the accf_http(9) man page to learn how to
+#      enable the support in the operating system.
+#
+#  Examples:
+#
+#      enable-accept-filter 1
+#
+#enable-accept-filter 1
+#
+#  6.12. handle-as-empty-doc-returns-ok
 #  =====================================
 #
 #  Specifies:
@@ -1997,7 +2092,7 @@ socket-timeout 300
 #
 #handle-as-empty-doc-returns-ok 1
 #
-#  6.12. enable-compression
+#  6.13. enable-compression
 #  =========================
 #
 #  Specifies:
@@ -2038,7 +2133,7 @@ socket-timeout 300
 #
 #enable-compression 1
 #
-#  6.13. compression-level
+#  6.14. compression-level
 #  ========================
 #
 #  Specifies:
@@ -2084,7 +2179,7 @@ socket-timeout 300
 #
 #compression-level 1
 #
-#  6.14. client-header-order
+#  6.15. client-header-order
 #  ==========================
 #
 #  Specifies:
@@ -2119,6 +2214,7 @@ socket-timeout 300
 #      affected by this directive.
 #
 #client-header-order Host \
+#   User-Agent \
 #   Accept \
 #   Accept-Language \
 #   Accept-Encoding \
@@ -2132,7 +2228,7 @@ socket-timeout 300
 #   Content-Type
 #
 #
-#  6.15. client-specific-tag
+#  6.16. client-specific-tag
 #  ==========================
 #
 #  Specifies:
@@ -2197,7 +2293,7 @@ socket-timeout 300
 #
 #
 #
-#  6.16. client-tag-lifetime
+#  6.17. client-tag-lifetime
 #  ==========================
 #
 #  Specifies:
@@ -2238,7 +2334,7 @@ socket-timeout 300
 #
 #
 #
-#  6.17. trust-x-forwarded-for
+#  6.18. trust-x-forwarded-for
 #  ============================
 #
 #  Specifies:
@@ -2293,7 +2389,7 @@ socket-timeout 300
 #
 #
 #
-#  6.18. receive-buffer-size
+#  6.19. receive-buffer-size
 #  ==========================
 #
 #  Specifies: