X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=config;h=e3494afa013799bc51426b9d4b80eaea174e5847;hp=8403b701d2e11c9c5e1b88003a6e9f1b639010dc;hb=a0c61285a747c6ed0a706ff6c2a42d2de2ed9a05;hpb=5fa30e9c838ec797b5ac1886ef0e2337b0134836

diff --git a/config b/config
index 8403b701..e3494afa 100644
--- a/config
+++ b/config
@@ -1,8 +1,8 @@
-#        Sample Configuration File for Privoxy 3.0.25
+#        Sample Configuration File for Privoxy 3.0.27
 #
-# $Id: p-config.sgml,v 2.121 2016/05/03 13:22:13 fabiankeil Exp $
+# $Id: config,v 1.113 2017/06/08 13:09:34 fabiankeil Exp $
 #
-# Copyright (C) 2001-2016 Privoxy Developers https://www.privoxy.org/
+# Copyright (C) 2001-2017 Privoxy Developers https://www.privoxy.org/
 #
 #####################################################################
 #                                                                   #
@@ -1167,6 +1167,59 @@ buffer-limit 4096
 #
 enable-proxy-authentication-forwarding 0
 #
+#  4.10. trusted-cgi-referer
+#  ==========================
+#
+#  Specifies:
+#
+#      A trusted website or webpage whose links can be followed to
+#      reach sensitive CGI pages
+#
+#  Type of value:
+#
+#      URL or URL prefix
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      No external pages are considered trusted referers.
+#
+#  Notes:
+#
+#      Before Privoxy accepts configuration changes through CGI pages
+#      like client-tags or the remote toggle, it checks the Referer
+#      header to see if the request comes from a trusted source.
+#
+#      By default only the webinterface domains config.privoxy.org
+#      and p.p are considered trustworthy. Requests originating from
+#      other domains are rejected to prevent third-parties from
+#      modifiying Privoxy's state by e.g. embedding images that
+#      result in CGI requests.
+#
+#      In some environments it may be desirable to embed links to CGI
+#      pages on external pages, for example on an Intranet homepage
+#      the Privoxy admin controls.
+#
+#      The "trusted-cgi-referer" option can be used to add that page,
+#      or the whole domain, as trusted source so the resulting
+#      requests aren't rejected. Requests are accepted if the
+#      specified trusted-cgi-refer is the prefix of the Referer.
+#
+#      +-----------------------------------------------------+
+#      |                       Warning                       |
+#      |-----------------------------------------------------|
+#      |Declaring pages the admin doesn't control trustworthy|
+#      |may allow malicious third parties to modify Privoxy's|
+#      |internal state against the user's wishes and without |
+#      |the user's knowledge.                                |
+#      +-----------------------------------------------------+
+#
+trusted-cgi-referer http://www.example.org/
+#
+#
 #  5. FORWARDING
 #  ==============
 #
@@ -1852,7 +1905,61 @@ socket-timeout 300
 #
 #max-client-connections 256
 #
-#  6.10. handle-as-empty-doc-returns-ok
+#  6.10. listen-backlog
+#  =====================
+#
+#  Specifies:
+#
+#      Connection queue length requested from the operating system.
+#
+#  Type of value:
+#
+#      Number.
+#
+#  Default value:
+#
+#      128
+#
+#  Effect if unset:
+#
+#      A connection queue length of 128 is requested from the
+#      operating system.
+#
+#  Notes:
+#
+#      Under high load incoming connection may queue up before
+#      Privoxy gets around to serve them. The queue length is
+#      limitted by the operating system. Once the queue is full,
+#      additional connections are dropped before Privoxy can accept
+#      and serve them.
+#
+#      Increasing the queue length allows Privoxy to accept more
+#      incomming connections that arrive roughly at the same time.
+#
+#      Note that Privoxy can only request a certain queue length,
+#      whether or not the requested length is actually used depends
+#      on the operating system which may use a different length
+#      instead.
+#
+#      On many operating systems a limit of -1 can be specified to
+#      instruct the operating system to use the maximum queue length
+#      allowed. Check the listen man page to see if your platform
+#      allows this.
+#
+#      On some platforms you can use "netstat -Lan -p tcp" to see the
+#      effective queue length.
+#
+#      Effectively using a value above 128 usually requires changing
+#      the system configuration as well. On FreeBSD-based system the
+#      limit is controlled by the kern.ipc.soacceptqueue sysctl.
+#
+#  Examples:
+#
+#      listen-backlog 4096
+#
+#listen-backlog -1
+#
+#  6.11. handle-as-empty-doc-returns-ok
 #  =====================================
 #
 #  Specifies:
@@ -1890,7 +1997,7 @@ socket-timeout 300
 #
 #handle-as-empty-doc-returns-ok 1
 #
-#  6.11. enable-compression
+#  6.12. enable-compression
 #  =========================
 #
 #  Specifies:
@@ -1931,7 +2038,7 @@ socket-timeout 300
 #
 #enable-compression 1
 #
-#  6.12. compression-level
+#  6.13. compression-level
 #  ========================
 #
 #  Specifies:
@@ -1977,7 +2084,7 @@ socket-timeout 300
 #
 #compression-level 1
 #
-#  6.13. client-header-order
+#  6.14. client-header-order
 #  ==========================
 #
 #  Specifies:
@@ -2025,7 +2132,7 @@ socket-timeout 300
 #   Content-Type
 #
 #
-#  6.14. client-specific-tag
+#  6.15. client-specific-tag
 #  ==========================
 #
 #  Specifies:
@@ -2090,7 +2197,7 @@ socket-timeout 300
 #
 #
 #
-#  6.15. client-tag-lifetime
+#  6.16. client-tag-lifetime
 #  ==========================
 #
 #  Specifies:
@@ -2131,7 +2238,7 @@ socket-timeout 300
 #
 #
 #
-#  6.16. trust-x-forwarded-for
+#  6.17. trust-x-forwarded-for
 #  ============================
 #
 #  Specifies:
@@ -2186,6 +2293,53 @@ socket-timeout 300
 #
 #
 #
+#  6.18. receive-buffer-size
+#  ==========================
+#
+#  Specifies:
+#
+#      The size of the buffer Privoxy uses to receive data from the
+#      server.
+#
+#  Type of value:
+#
+#      Size in bytes
+#
+#  Default value:
+#
+#      5000
+#
+#  Notes:
+#
+#      Increasing the receive-buffer-size increases Privoxy's memory
+#      usage but can lower the number of context switches and thereby
+#      reduce the cpu usage and potentially increase the throughput.
+#
+#      This is mostly relevant for fast network connections and large
+#      downloads that don't require filtering.
+#
+#      Reducing the buffer size reduces the amount of memory Privoxy
+#      needs to handle the request but increases the number of
+#      systemcalls and may reduce the throughput.
+#
+#      A dtrace command like: "sudo dtrace -n 'syscall::read:return /
+#      execname == "privoxy"/ { @[execname] = llquantize(arg0, 10, 0,
+#      5, 20); @m = max(arg0)}'" can be used to properly tune the
+#      receive-buffer-size. On systems without dtrace, strace or
+#      truss may be used as less convenient alternatives.
+#
+#      If the buffer is too large it will increase Privoxy's memory
+#      footprint without any benefit. As the memory is (currently)
+#      cleared before using it, a buffer that is too large can
+#      actually reduce the throughput.
+#
+#  Examples:
+#
+#            # Increase the receive buffer size
+#            receive-buffer-size 32768
+#
+#
+#
 #  7. WINDOWS GUI OPTIONS
 #  =======================
 #