X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fsource%2Fp-config.sgml;h=35f6f877d51696c7a78f19b536b0f84a4c6cb9e3;hp=4a4a6dbed08e1cdc5453c63727ed8e51c551ae88;hb=db26919eac6454f4fde5a537667b688172bd327e;hpb=ba40d0b4164dcd65ea37c101d37b45ca6decbc6c
diff --git a/doc/source/p-config.sgml b/doc/source/p-config.sgml
index 4a4a6dbe..35f6f877 100644
--- a/doc/source/p-config.sgml
+++ b/doc/source/p-config.sgml
@@ -3,39 +3,39 @@
Purpose : Used with other docs and files only.
- $Id: p-config.sgml,v 2.74 2011/07/08 13:31:17 fabiankeil Exp $
+ $Id: p-config.sgml,v 2.97 2013/03/01 17:39:27 fabiankeil Exp $
- Copyright (C) 2001-2010 Privoxy Developers http://www.privoxy.org/
+ Copyright (C) 2001-2011 Privoxy Developers http://www.privoxy.org/
See LICENSE.
========================================================================
- NOTE: Please read developer-manual/documentation.html before touching
+ NOTE: Please read developer-manual/documentation.html before touching
anything in this, or other Privoxy documentation.
========================================================================
-
- This file contains all the config file comments and options. It used to
+
+ This file contains all the config file comments and options. It used to
build both the user-manual config sections, and all of config (yes, the main
config file) itself.
- Rationale: This is broken up into two files since a file with a prolog
+ Rationale: This is broken up into two files since a file with a prolog
(DTD, etc) cannot be sourced as a secondary file. config.sgml is basically
a wrapper for this file.
IMPORTANT:
- OPTIONS: The actual options are included in this file and prefixed with
- '@@', and processed by the Makefile to strip the '@@'. Default options
- that should appear commented out should be listed as: '@@#OPTION'.
+ OPTIONS: The actual options are included in this file and prefixed with
+ '@@', and processed by the Makefile to strip the '@@'. Default options
+ that should appear commented out should be listed as: '@@#OPTION'.
Otherwise, as '@@OPTION'. Example:
@@listen-address 127.0.0.1:8118
- The Makefile does significant other processing too. The final results
- should be checked to make sure that the perl processing does not
+ The Makefile does significant other processing too. The final results
+ should be checked to make sure that the perl processing does not
fubar something!!! Makefile processing requires w3m, fmt (shell line
formatter), and perl.
-
+
This file is included into:
@@ -59,11 +59,11 @@
-
+ confdir /etc/privoxy
-
+
@@ -94,13 +94,13 @@
@@TITLE<!-- between the @@ is stripped by Makefile -->@@
- Sample Configuration File for Privoxy v&p-version;
+ Sample Configuration File for Privoxy &p-version;
- $Id: p-config.sgml,v 2.74 2011/07/08 13:31:17 fabiankeil Exp $
+ $Id: p-config.sgml,v 2.97 2013/03/01 17:39:27 fabiankeil Exp $
-Copyright (C) 2001-2010 Privoxy Developers http://www.privoxy.org/
+Copyright (C) 2001-2013 Privoxy Developers http://www.privoxy.org/
@@ -167,7 +167,7 @@ II. FORMAT OF THE CONFIGURATION FILE
Thus, by placing a # at the start of an existing configuration line,
- you can make it a comment and it will be treated as if it weren't there.
+ you can make it a comment and it will be treated as if it weren't there.
This is called "commenting out" an option and can be useful. Removing
the # again is called "uncommenting".
@@ -237,11 +237,11 @@ II. FORMAT OF THE CONFIGURATION FILE
Notes:
- The User Manual URI is the single best source of information on
+ The User Manual URI is the single best source of information on
Privoxy, and is used for help links from some
of the internal CGI pages. The manual itself is normally packaged with the
binary distributions, so you probably want to set this to a locally
- installed copy.
+ installed copy.
Examples:
@@ -265,7 +265,7 @@ II. FORMAT OF THE CONFIGURATION FILE
user-manual file://///some-server/some-path/privoxy-&p-version;/user-manual/
- -->
+ -->
The best all purpose solution is simply to put the full local
PATH to where the User Manual is
@@ -281,7 +281,7 @@ II. FORMAT OF THE CONFIGURATION FILE
(or the shortcut: http://p.p/user-manual/).
- If the documentation is not on the local system, it can be accessed
+ If the documentation is not on the local system, it can be accessed
from a remote server, as:
@@ -295,7 +295,7 @@ II. FORMAT OF THE CONFIGURATION FILE
file, because it is used while the config file is being read
on start-up.
-
+
]]>
-
+
If set, this option should be the first option in the config
file, because it is used while the config file is being read.
@@ -327,7 +327,7 @@ II. FORMAT OF THE CONFIGURATION FILE
Specifies:
- A URL to be displayed in the error page that users will see if access to an untrusted page is denied.
+ A URL to be displayed in the error page that users will see if access to an untrusted page is denied.
@@ -415,7 +415,7 @@ II. FORMAT OF THE CONFIGURATION FILE
If both admin-address and proxy-info-url
are unset, the whole "Local Privoxy Support" box on all generated pages will
not be shown.
-
+
@@ -464,10 +464,10 @@ II. FORMAT OF THE CONFIGURATION FILE
If both admin-address and proxy-info-url
are unset, the whole "Local Privoxy Support" box on all generated pages will
not be shown.
-
+
This URL shouldn't be blocked ;-)
-
+
@@ -489,7 +489,7 @@ II. FORMAT OF THE CONFIGURATION FILE
Privoxy can (and normally does) use a number of
other files for additional configuration, help and logging.
This section of the configuration file tells Privoxy
- where to find those other files.
+ where to find those other files.
@@ -533,16 +533,16 @@ II. FORMAT OF THE CONFIGURATION FILE
No trailing /, please.
-
+ -->
@@ -685,7 +685,7 @@ actionsfile
Effect if unset:
- No actions are taken at all. More or less neutral proxying.
+ No actions are taken at all. More or less neutral proxying.
@@ -695,15 +695,15 @@ actionsfile
Multiple actionsfile lines are permitted, and are in fact recommended!
-
+
The default values are default.action, which is the
main actions file maintained by the developers, and
user.action, where you can make your personal additions.
-
- Actions files contain all the per site and per URL configuration for
+
+ Actions files contain all the per site and per URL configuration for
ad blocking, cookie management, privacy considerations, etc.
- There is no point in using Privoxy without at
+ There is no point in using Privoxy without at
least one actions file.
@@ -772,7 +772,7 @@ actionsfile
rules that use regular expressions. These rules permit
powerful changes on the content of Web pages, and optionally the headers
as well, e.g., you could try to disable your favorite JavaScript annoyances,
- re-write the actual displayed text, or just have some fun
+ re-write the actual displayed text, or just have some fun
playing buzzword bingo with web pages.
@@ -856,9 +856,8 @@ actionsfile
Your logfile will grow indefinitely, and you will probably want to
periodically remove it. On Unix systems, you can do this with a cron job
- (see man cron). For Red Hat based Linux distributions, a
- logrotate script has been included.
-
+ (see man cron).
+
Any log files must be writable by whatever user Privoxy
is being run as (on Unix, default user id is privoxy).
@@ -911,14 +910,14 @@ actionsfile
If you specify a trust file, Privoxy will only allow
- access to sites that are specified in the trustfile. Sites can be listed
+ access to sites that are specified in the trustfile. Sites can be listed
in one of two ways:
- Prepending a ~ character limits access to this site
- only (and any sub-paths within this site), e.g.
+ Prepending a ~ character limits access to this site
+ only (and any sub-paths within this site), e.g.
~www.example.com allows access to
- ~www.example.com/features/news.html, etc.
+ ~www.example.com/features/news.html, etc.
Or, you can designate sites as trusted referrers, by
@@ -932,7 +931,7 @@ actionsfile
made.
- If you use the + operator in the trust file, it may grow
+ If you use the + operator in the trust file, it may grow
considerably over time.
@@ -944,7 +943,7 @@ actionsfile
Possible applications include limiting Internet access for children.
-
+
@@ -1020,6 +1019,7 @@ actionsfile
debug 4096 # Startup banner and warnings.
debug 8192 # Non-fatal errors
debug 32768 # log all data read from the network
+ debug 65536 # Log the applying actions
@@ -1234,6 +1234,13 @@ actionsfile
serve requests from other machines (e.g. on your local network) as well, you
will need to override the default.
+
+ You can use this statement multiple times to make
+ Privoxy listen on more ports or more
+ IP addresses. Suitable if your operating system does not
+ support sharing IPv6 and IPv4 protocols
+ on the same socket.
+
If a hostname is used instead of an IP address, Privoxy
will try to resolve it to an IP address and if there are multiple, use the first
@@ -1271,10 +1278,10 @@ actionsfile
IPv4 interfaces (addresses) on your machine and may become reachable from the
Internet and/or the local network. Be aware that some GNU/Linux distributions
modify that behaviour without updating the documentation. Check for non-standard
- patches if your Privoxyversion behaves differently.
+ patches if your Privoxy version behaves differently.
- If you configure Privoxyto be reachable from the
+ If you configure Privoxy to be reachable from the
network, consider using access control lists
(ACL's, see below), and/or a firewall.
@@ -1284,12 +1291,6 @@ actionsfile
linkend="enable-edit-actions">enable-edit-actions and
enable-remote-toggle
-
- With the exception noted above, listening on multiple addresses is currently
- not supported by Privoxy directly.
- It can be done on most operating systems by letting a packet filter
- redirect request for certain addresses to Privoxy, though.
-
@@ -1364,18 +1365,6 @@ actionsfile
toggled off mode, i.e. mostly behave like a normal,
content-neutral proxy with both ad blocking and content filtering
disabled. See enable-remote-toggle below.
-
-
-
- The windows version will only display the toggle icon in the system tray
- if this option is present.
@@ -1442,7 +1431,7 @@ actionsfile
Note that you must have compiled Privoxy with
- support for this feature, otherwise this option has no effect.
+ support for this feature, otherwise this option has no effect.
@@ -1565,7 +1554,7 @@ actionsfile
Note that you must have compiled Privoxy with
- support for this feature, otherwise this option has no effect.
+ support for this feature, otherwise this option has no effect.
@@ -1672,7 +1661,7 @@ ACLs: permit-access and deny-access
[dst_addr[:port][/dst_masklen]]
- Where src_addr and
+ Where src_addr and
dst_addr are IPv4 addresses in dotted decimal notation or valid
DNS names, port is a port
number, and src_masklen and
@@ -1719,11 +1708,11 @@ ACLs: permit-access and deny-access
Access controls are included at the request of ISPs and systems
administrators, and are not usually needed by individual users.
- For a typical home user, it will normally suffice to ensure that
+ For a typical home user, it will normally suffice to ensure that
Privoxy only listens on the localhost
(127.0.0.1) or internal (home) network address by means of the
listen-address
- option.
+ option.
Please see the warnings in the FAQ that Privoxy
@@ -1860,7 +1849,7 @@ ACLs: permit-access and deny-access
For content filtering, i.e. the +filter and
- +deanimate-gif actions, it is necessary that
+ +deanimate-gif actions, it is necessary that
Privoxy buffers the entire document body.
This can be potentially dangerous, since a server could just keep sending
data indefinitely and wait for your RAM to exhaust -- with nasty consequences.
@@ -1933,7 +1922,7 @@ ACLs: permit-access and deny-access
http_parent[:port]
- where target_pattern is a URL pattern
+ where target_pattern is a URL pattern
that specifies to which requests (i.e. URLs) this forward rule shall apply. Use / to
denote all URLs.
http_parent[:port]
@@ -2027,7 +2016,7 @@ ACLs: permit-access and deny-access
-forward-socks4, forward-socks4a and forward-socks5
+forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t
@@ -2056,7 +2045,7 @@ forward-socks4, forward-socks4a and forward-socks5
and socks_proxy
are IP addresses in dotted decimal notation or valid DNS names
(http_parent
- may be . to denote no HTTP forwarding), and the optional
+ may be . to denote no HTTP forwarding), and the optional
port parameters are TCP ports,
i.e. integer values from 1 to 65535
@@ -2090,6 +2079,12 @@ forward-socks4, forward-socks4a and forward-socks5
With forward-socks5 the DNS resolution will happen on the remote server as well.
+
+ forward-socks5t works like vanilla forward-socks5 but
+ lets &my-app; additionally use Tor-specific SOCKS extensions. Currently the only supported
+ SOCKS extension is optimistic data which can reduce the latency for the first request made
+ on a newly created connection.
+ socks_proxy and
http_parent can be a
@@ -2131,9 +2126,9 @@ forward-socks4, forward-socks4a and forward-socks5
forward-socks4 / socks-gw.example.com:1080 .
-
+
- To chain Privoxy and Tor, both running on the same system, you would use
+ To chain Privoxy and Tor, both running on the same system, you would use
something like:
@@ -2182,7 +2177,7 @@ forward-socks4, forward-socks4a and forward-socks5
Advanced Forwarding Examples
- If you have links to multiple ISPs that provide various special content
+ If you have links to multiple ISPs that provide various special content
only to their subscribers, you can configure multiple Privoxies
which have connections to the respective ISPs to act as forwarders to each other, so that
your users can see the internal content of all ISPs.
@@ -2223,9 +2218,9 @@ forward-socks4, forward-socks4a and forward-socks5
- If you intend to chain Privoxy and
- squid locally, then chaining as
- browser -> squid -> privoxy is the recommended way.
+ If you intend to chain Privoxy and
+ squid locally, then chaining as
+ browser -> squid -> privoxy is the recommended way.
@@ -2235,14 +2230,14 @@ forward-socks4, forward-socks4a and forward-socks5
- # Define Privoxy as parent proxy (without ICP)
- cache_peer 127.0.0.1 parent 8118 7 no-query
+ # Define Privoxy as parent proxy (without ICP)
+ cache_peer 127.0.0.1 parent 8118 7 no-query
- # Define ACL for protocol FTP
- acl ftp proto FTP
+ # Define ACL for protocol FTP
+ acl ftp proto FTP
# Do not forward FTP requests to Privoxy
- always_direct allow ftp
+ always_direct allow ftp
# Forward all the rest to Privoxy
never_direct allow all
@@ -2262,7 +2257,7 @@ forward-socks4, forward-socks4a and forward-socks5
forward / .
- forward /.*\.(exe|com|dll|zip)$ antivir.example.com:8010
+ forward /.*\.(exe|com|dll|zip)$ antivir.example.com:8010
@@ -2274,7 +2269,7 @@ forward-socks4, forward-socks4a and forward-socks5
Specifies:
- How often Privoxy retries if a forwarded connection request fails.
+ How often Privoxy retries if a forwarded connection request fails.
@@ -2377,7 +2372,7 @@ forward-socks4, forward-socks4a and forward-socks5
If you don't trust your clients and want to force them
to use Privoxy, enable this
option and configure your packet filter to redirect outgoing
- HTTP connections into Privoxy.
+ HTTP connections into Privoxy.
Make sure that Privoxy's own requests
@@ -2593,7 +2588,7 @@ forward-socks4, forward-socks4a and forward-socks5
Several users have reported this as a Privoxy bug, so the
default value has been reduced. Consider increasing it to
300 seconds or even more if you think your browser can handle
- it. If your browser appears to be hanging it can't.
+ it. If your browser appears to be hanging, it probably can't.
@@ -2610,6 +2605,75 @@ forward-socks4, forward-socks4a and forward-socks5
+tolerate-pipelining
+
+
+ Specifies:
+
+
+ Whether or not pipelined requests should be served.
+
+
+
+
+ Type of value:
+
+
+ 0 or 1.
+
+
+
+
+ Default value:
+
+ None
+
+
+
+ Effect if unset:
+
+
+ If Privoxy receives more than one request at once, it terminates the
+ client connection after serving the first one.
+
+
+
+
+ Notes:
+
+
+ &my-app; currently doesn't pipeline outgoing requests,
+ thus allowing pipelining on the client connection is not
+ guaranteed to improve the performance.
+
+
+ By default &my-app; tries to discourage clients from pipelining
+ by discarding aggressively pipelined requests, which forces the
+ client to resend them through a new connection.
+
+
+ This option lets &my-app; tolerate pipelining. Whether or not
+ that improves performance mainly depends on the client configuration.
+
+
+ If you are seeing problems with pages not properly loading,
+ disabling this option could work around the problem.
+
+
+
+
+ Examples:
+
+
+ tolerate-pipelining 1
+
+
+
+
+@@tolerate-pipelining 1]]>
+
+
+
default-server-timeout
@@ -2867,7 +2931,7 @@ forward-socks4, forward-socks4a and forward-socks5
Default value:
- None
+ 128
@@ -2912,6 +2976,13 @@ forward-socks4, forward-socks4a and forward-socks5
Obviously using this option only makes sense if you choose a limit
below the one enforced by the operating system.
+
+ One most POSIX-compliant systems &my-app; can't properly deal with
+ more than FD_SETSIZE file descriptors at the same time and has to reject
+ connections if the limit is reached. This will likely change in a
+ future version, but currently this limit can't be increased without
+ recompiling &my-app; with a different FD_SETSIZE limit.
+
@@ -3119,6 +3190,72 @@ forward-socks4, forward-socks4a and forward-socks5
+client-header-order
+
+
+ Specifies:
+
+
+ The order in which client headers are sorted before forwarding them.
+
+
+
+
+ Type of value:
+
+
+ Client header names delimited by spaces or tabs
+
+
+
+
+ Default value:
+
+ None
+
+
+
+ Notes:
+
+
+ By default &my-app; leaves the client headers in the order they
+ were sent by the client. Headers are modified in-place, new headers
+ are added at the end of the already existing headers.
+
+
+ The header order can be used to fingerprint client requests
+ independently of other headers like the User-Agent.
+
+
+ This directive allows to sort the headers differently to better
+ mimic a different User-Agent. Client headers will be emitted
+ in the order given, headers whose name isn't explicitly specified
+ are added at the end.
+
+
+ Note that sorting headers in an uncommon way will make fingerprinting
+ actually easier. Encrypted headers are not affected by this directive.
+
+
+
+
+@@#client-header-order Host \
+ User-Agent \
+ Accept \
+ Accept-Language \
+ Accept-Encoding \
+ Proxy-Connection \
+ Referer \
+ Cookie \
+ DNT \
+ If-Modified-Since \
+ Cache-Control \
+ Content-Length \
+ Content-Type
+]]>
+
+
+
@@ -3145,11 +3282,11 @@ forward-socks4, forward-socks4a and forward-socks5
-
+ activity-animation 1
-
+
]]>
@@ -3158,26 +3295,27 @@ forward-socks4, forward-socks4a and forward-socks5
@@]]>
If log-messages is set to 1,
- Privoxy will log messages to the console
- window:
+ Privoxy copies log messages to the console
+ window.
+ The log detail depends on the debug directive.
@@#log-messages 1]]>
-
+ log-messages 1
-
+
]]>
@@]]>
-
+
If log-buffer-size is set to 1, the size of the log buffer,
i.e. the amount of memory used for the log messages displayed in the
console window, will be limited to log-max-lines (see below).
@@ -3192,11 +3330,11 @@ forward-socks4, forward-socks4a and forward-socks5
-
+ log-buffer-size 1
-
+
]]>
@@ -3212,11 +3350,11 @@ forward-socks4, forward-socks4a and forward-socks5
-
+ log-max-lines 200
-
+
]]>
@@ -3233,11 +3371,11 @@ forward-socks4, forward-socks4a and forward-socks5
-
+ log-highlight-messages 1
-
+
]]>
@@ -3252,11 +3390,11 @@ forward-socks4, forward-socks4a and forward-socks5
-
+ log-font-name Comic Sans MS
-
+
]]>
@@ -3271,18 +3409,18 @@ forward-socks4, forward-socks4a and forward-socks5
-
+ log-font-size 8
-
+
]]>
@@]]>
-
+show-on-task-bar controls whether or not
Privoxy will appear as a button on the Task bar
when minimized:
@@ -3292,11 +3430,11 @@ forward-socks4, forward-socks4a and forward-socks5
-
+ show-on-task-bar 0
-
+
]]>
@@ -3313,11 +3451,11 @@ forward-socks4, forward-socks4a and forward-socks5
-
+ close-button-minimizes 1
-
+
]]>
@@ -3335,11 +3473,11 @@ forward-socks4, forward-socks4a and forward-socks5
-
+
#hide-console
-
+
]]>