X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=config;h=24dcb5a20f31ba504567b984883c3c17b60fd64b;hp=ff6e7c3c05a12be3159eb92024b6e1e6f50758aa;hb=f7e5ed9a3b8c411d8ea4a639938a60953659d8be;hpb=2e8c7e4321104708859ad7bf3e5697c0897778c5 diff --git a/config b/config index ff6e7c3c..24dcb5a2 100644 --- a/config +++ b/config @@ -1,8 +1,6 @@ -# Sample Configuration File for Privoxy 3.0.27 +# Sample Configuration File for Privoxy 3.0.29 # -# $Id: config,v 1.115 2017/06/26 12:17:17 fabiankeil Exp $ -# -# Copyright (C) 2001-2017 Privoxy Developers https://www.privoxy.org/ +# Copyright (C) 2001-2019 Privoxy Developers https://www.privoxy.org/ # ##################################################################### # # @@ -1208,6 +1206,9 @@ enable-proxy-authentication-forwarding 0 # requests aren't rejected. Requests are accepted if the # specified trusted-cgi-refer is the prefix of the Referer. # +# If the trusted source is supposed to access the CGI pages via +# JavaScript the cors-allowed-origin option can be used. +# # +-----------------------------------------------------+ # | Warning | # |-----------------------------------------------------| @@ -1217,8 +1218,54 @@ enable-proxy-authentication-forwarding 0 # |the user's knowledge. | # +-----------------------------------------------------+ # -trusted-cgi-referer http://www.example.org/ +#trusted-cgi-referer http://www.example.org/local-privoxy-control-page +# +# 4.11. cors-allowed-origin +# ========================== +# +# Specifies: +# +# A trusted website which can access Privoxy's CGI pages through +# JavaScript. +# +# Type of value: +# +# URL +# +# Default value: +# +# Unset +# +# Effect if unset: +# +# No external sites get access via cross-origin resource +# sharing. +# +# Notes: +# +# Modern browsers by default prevent cross-origin requests made +# via JavaScript to Privoxy's CGI interface even if Privoxy +# would trust the referer because it's white listed via the +# trusted-cgi-referer directive. # +# Cross-origin resource sharing (CORS) is a mechanism to allow +# cross-origin requests. +# +# The "cors-allowed-origin" option can be used to specify a +# domain that is allowed to make requests to Privoxy CGI +# interface via JavaScript. It is used in combination with the +# trusted-cgi-referer directive. +# +# +-----------------------------------------------------+ +# | Warning | +# |-----------------------------------------------------| +# |Declaring domains the admin doesn't control | +# |trustworthy may allow malicious third parties to | +# |modify Privoxy's internal state against the user's | +# |wishes and without the user's knowledge. | +# +-----------------------------------------------------+ +# +#cors-allowed-origin http://www.example.org/ # # 5. FORWARDING # ============== @@ -1320,7 +1367,7 @@ trusted-cgi-referer http://www.example.org/ # # Type of value: # -# target_pattern socks_proxy[:port] http_parent[:port] +# target_pattern [user:pass@]socks_proxy[:port] http_parent[:port] # # where target_pattern is a URL pattern that specifies to which # requests (i.e. URLs) this forward rule shall apply. Use / to @@ -1328,7 +1375,8 @@ trusted-cgi-referer http://www.example.org/ # addresses in dotted decimal notation or valid DNS names ( # http_parent may be "." to denote "no HTTP forwarding"), and # the optional port parameters are TCP ports, i.e. integer -# values from 1 to 65535 +# values from 1 to 65535. user and pass can be used for SOCKS5 +# authentication if required. # # Default value: # @@ -1383,6 +1431,11 @@ trusted-cgi-referer http://www.example.org/ # # forward-socks4 / socks-gw.example.com:1080 . # +# To connect SOCKS5 proxy which requires username/password +# authentication: +# +# forward-socks5 / user:pass@socks-gw.example.com:1080 . +# # To chain Privoxy and Tor, both running on the same system, you # would use something like: # @@ -2161,6 +2214,7 @@ socket-timeout 300 # affected by this directive. # #client-header-order Host \ +# User-Agent \ # Accept \ # Accept-Language \ # Accept-Encoding \