X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=config;h=6c1aa9d516868279922da2ebcc312f15cff1f2f5;hp=b21dc555c76b05ccf46f45c99e3c552c5f55ca5c;hb=23445442f4bf0aa0bcf6e35df09daf8ef0d69d99;hpb=342479d7395350e0eb57cb275c80f299b6d60b20

diff --git a/config b/config
index b21dc555..6c1aa9d5 100644
--- a/config
+++ b/config
@@ -1,6 +1,6 @@
-#        Sample Configuration File for Privoxy 3.0.29
+#        Sample Configuration File for Privoxy 3.0.30
 #
-# Copyright (C) 2001-2020 Privoxy Developers https://www.privoxy.org/
+# Copyright (C) 2001-2021 Privoxy Developers https://www.privoxy.org/
 #
 #####################################################################
 #                                                                   #
@@ -385,6 +385,7 @@ logdir .
 actionsfile match-all.action # Actions that are applied to all sites and maybe overruled later on.
 actionsfile default.action   # Main actions file
 actionsfile user.action      # User customizations
+#regression-tests.action     # Tests for privoxy-regression-test
 #
 #  2.6. filterfile
 #  ================
@@ -569,7 +570,7 @@ logfile logfile
 #
 #        debug     1 # Log the destination for each request. See also debug 1024.
 #        debug     2 # show each connection status
-#        debug     4 # show I/O status
+#        debug     4 # show tagging-related messages
 #        debug     8 # show header parsing
 #        debug    16 # log all data written to the network
 #        debug    32 # debug force feature
@@ -2216,7 +2217,7 @@ socket-timeout 300
 #
 #      Note that sorting headers in an uncommon way will make
 #      fingerprinting actually easier. Encrypted headers are not
-#      affected by this directive.
+#      affected by this directive unless https-inspection is enabled.
 #
 #client-header-order Host \
 #   User-Agent \
@@ -2227,12 +2228,15 @@ socket-timeout 300
 #   Referer \
 #   Cookie \
 #   DNT \
+#   Connection \
+#   Pragma \
+#   Upgrade-Insecure-Requests \
 #   If-Modified-Since \
 #   Cache-Control \
 #   Content-Length \
+#   Origin \
 #   Content-Type
 #
-#
 #  6.16. client-specific-tag
 #  ==========================
 #
@@ -2252,13 +2256,6 @@ socket-timeout 300
 #
 #  Notes:
 #
-#      +-----------------------------------------------------+
-#      |                       Warning                       |
-#      |-----------------------------------------------------|
-#      |This is an experimental feature. The syntax is likely|
-#      |to change in future versions.                        |
-#      +-----------------------------------------------------+
-#
 #      Client-specific tags allow Privoxy admins to create different
 #      profiles and let the users chose which one they want without
 #      impacting other users.
@@ -2287,7 +2284,7 @@ socket-timeout 300
 #      Clients can request tags to be set by using the CGI interface
 #      http://config.privoxy.org/client-tags. The specific tag
 #      description is only used on the web page and should be phrased
-#      in away that the user understand the effect of the tag.
+#      in away that the user understands the effect of the tag.
 #
 #  Examples:
 #
@@ -2295,6 +2292,11 @@ socket-timeout 300
 #          # that are enabled based on CLIENT-TAG patterns.
 #          client-specific-tag circumvent-blocks Overrule blocks but do not affect other actions
 #          client-specific-tag disable-content-filters Disable content-filters but do not affect other actions
+#          client-specific-tag overrule-redirects Overrule redirect sections
+#          client-specific-tag allow-cookies Do not crunch cookies in either direction
+#          client-specific-tag change-tor-socks-port Change forward-socks5 settings to use a different Tor socks port (and circuits)
+#          client-specific-tag no-https-inspection Disable HTTPS inspection
+#          client-specific-tag no-tls-verification Don't verify certificates when http-inspection is enabled
 #
 #
 #  6.17. client-tag-lifetime
@@ -2314,13 +2316,6 @@ socket-timeout 300
 #
 #  Notes:
 #
-#      +-----------------------------------------------------+
-#      |                       Warning                       |
-#      |-----------------------------------------------------|
-#      |This is an experimental feature. The syntax is likely|
-#      |to change in future versions.                        |
-#      +-----------------------------------------------------+
-#
 #      In case of some tags users may not want to enable them
 #      permanently, but only for a short amount of time, for example
 #      to circumvent a block that is the result of an overly-broad
@@ -2356,13 +2351,6 @@ socket-timeout 300
 #
 #  Notes:
 #
-#      +-----------------------------------------------------+
-#      |                       Warning                       |
-#      |-----------------------------------------------------|
-#      |This is an experimental feature. The syntax is likely|
-#      |to change in future versions.                        |
-#      +-----------------------------------------------------+
-#
 #      If clients reach Privoxy through another proxy, for example a
 #      load balancer, Privoxy can't tell the client's IP address from
 #      the connection. If multiple clients use the same proxy, they
@@ -2442,9 +2430,10 @@ socket-timeout 300
 #  7. HTTPS INSPECTION (EXPERIMENTAL)
 #  ===================================
 #
-#  HTTPS inspection allows to filter encrypted requests. This is only
-#  supported when Privoxy has been built with
-#  FEATURE_HTTPS_INSPECTION.
+#  HTTPS inspection allows to filter encrypted requests and
+#  responses. This is only supported when Privoxy has been built with
+#  FEATURE_HTTPS_INSPECTION. If you aren't sure if your version
+#  supports it, have a look at http://config.privoxy.org/show-status.
 #
 #
 #  7.1. ca-directory
@@ -2543,7 +2532,12 @@ socket-timeout 300
 #  Notes:
 #
 #      This directive specifies the name of the CA key file in ".pem"
-#      format. See the ca-cert-file for a command to generate it.
+#      format. The ca-cert-file section contains a command to
+#      generate it.
+#
+#      The CA key is used by Privoxy to sign generated certificates.
+#
+#      Access to the key should be limited to Privoxy.
 #
 #  Example:
 #
@@ -2728,7 +2722,7 @@ socket-timeout 300
 #          AES128-SHA
 #
 #
-#          # Use keywords instead of explicity naming the ciphers (Does not work with MbedTLS)
+#          # Use keywords instead of explicitly naming the ciphers (Does not work with MbedTLS)
 #          cipher-list ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
 #
 #
@@ -2757,8 +2751,9 @@ socket-timeout 300
 #      This directive specifies the trusted CAs file that is used
 #      when validating certificates for intercepted TLS/SSL requests.
 #
-#      An example file can be downloaded from https://curl.haxx.se/ca
-#      /cacert.pem.
+#      An example file can be downloaded from https://curl.se/ca/cacert.pem.
+#      If you want to create the file yourself, please
+#      see: https://curl.se/docs/caextract.html.
 #
 #  Example:
 #