X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fsource%2Fp-config.sgml;h=a7405d9692ca6bea70c6b62d43bc0b0cb5afc2b0;hp=d3ac92266cefa95fc0dbb3bb9f4eb210e925d334;hb=4d554d8176039481313a3fb2ab2cf56e5a84cb4e;hpb=819a254450885684b2cd9aea50dc48e633855570
diff --git a/doc/source/p-config.sgml b/doc/source/p-config.sgml
index d3ac9226..a7405d96 100644
--- a/doc/source/p-config.sgml
+++ b/doc/source/p-config.sgml
@@ -3,9 +3,9 @@
Purpose : Used with other docs and files only.
- $Id: p-config.sgml,v 2.115 2016/03/17 10:43:20 fabiankeil Exp $
+ $Id: p-config.sgml,v 2.122 2016/05/22 12:41:50 fabiankeil Exp $
- Copyright (C) 2001-2016 Privoxy Developers http://www.privoxy.org/
+ Copyright (C) 2001-2016 Privoxy Developers https://www.privoxy.org/
See LICENSE.
========================================================================
@@ -97,30 +97,30 @@
Sample Configuration File for Privoxy &p-version;
- $Id: p-config.sgml,v 2.115 2016/03/17 10:43:20 fabiankeil Exp $
+ $Id: p-config.sgml,v 2.122 2016/05/22 12:41:50 fabiankeil Exp $
-Copyright (C) 2001-2016 Privoxy Developers http://www.privoxy.org/
+Copyright (C) 2001-2016 Privoxy Developers https://www.privoxy.org/
-#################################################################
- #
- Table of Contents #
- #
- I. INTRODUCTION #
- II. FORMAT OF THE CONFIGURATION FILE #
- #
- 1. LOCAL SET-UP DOCUMENTATION #
- 2. CONFIGURATION AND LOG FILE LOCATIONS #
- 3. DEBUGGING #
- 4. ACCESS CONTROL AND SECURITY #
- 5. FORWARDING #
- 6. MISCELLANEOUS #
- 7. WINDOWS GUI OPTIONS #
- #
-#################################################################
+##################################################################
+ #
+ Table of Contents #
+ #
+ I. INTRODUCTION #
+ II. FORMAT OF THE CONFIGURATION FILE #
+ #
+ 1. LOCAL SET-UP DOCUMENTATION #
+ 2. CONFIGURATION AND LOG FILE LOCATIONS #
+ 3. DEBUGGING #
+ 4. ACCESS CONTROL AND SECURITY #
+ 5. FORWARDING #
+ 6. MISCELLANEOUS #
+ 7. WINDOWS GUI OPTIONS #
+ #
+##################################################################
@@ -229,7 +229,7 @@ II. FORMAT OF THE CONFIGURATION FILE
Effect if unset:
- http://www.privoxy.org/version/user-manual/
+ https://www.privoxy.org/version/user-manual/
will be used, where version is the Privoxy version.
@@ -316,7 +316,7 @@ II. FORMAT OF THE CONFIGURATION FILE
-@@#user-manual http://www.privoxy.org/user-manual/]]>
+@@#user-manual https://www.privoxy.org/user-manual/]]>
@@ -2478,6 +2478,12 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t
Privoxy's listening port is reachable
by the outside or an attacker has access to the pages you visit.
+
+ If you are running Privoxy as intercepting proxy without being
+ able to intercept all client requests you may want to adjust
+ the CGI templates to make sure they don't reference content from
+ config.privoxy.org.
+
@@ -3401,7 +3407,7 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t
After a client-specific tag has been defined with the client-specific-tag
directive, action sections can be activated based on the tag by using a
- CLIENT-TAG pattern.
+ CLIENT-TAG pattern.
The CLIENT-TAG pattern is evaluated at the same priority
as URL patterns, as a result the last matching pattern wins.
Tags that are created based on client or server headers are evaluated
@@ -3415,7 +3421,7 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t
Clients can request tags to be set by using the CGI interface http://config.privoxy.org/show-client-tags.
+ url="http://config.privoxy.org/client-tags">http://config.privoxy.org/client-tags.
The specific tag description is only used on the web page and should
be phrased in away that the user understand the effect of the tag.
@@ -3460,7 +3466,7 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t
Default value:
- None
+ 60
@@ -3479,13 +3485,99 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t
The CGI interface http://config.privoxy.org/show-client-tags
+ url="http://config.privoxy.org/client-tags">http://config.privoxy.org/client-tags
therefore provides a "enable this tag temporarily" option.
If it is used, the tag will be set until the client-tag-lifetime
is over.
+
+ Examples:
+
+
+
+ # Increase the time to life for temporarily enabled tags to 3 minutes
+ client-tag-lifetime 180
+
+
+
+
+
+
+
+
+
+trust-x-forwarded-for
+
+
+ Specifies:
+
+
+ Whether or not Privoxy should use IP addresses specified with the X-Forwarded-For header
+
+
+
+
+ Type of value:
+
+
+ 0 or one
+
+
+
+
+ Default value:
+
+ 0
+
+
+
+ Notes:
+
+
+
+ This is an experimental feature. The syntax is likely to change
+ in future versions.
+
+
+
+ If clients reach Privoxy through another proxy, for example a load
+ balancer, Privoxy can't tell the client's IP address from the connection.
+ If multiple clients use the same proxy, they will share the same
+ client tag settings which is usually not desired.
+
+
+ This option lets Privoxy use the X-Forwarded-For header value as
+ client IP address. If the proxy sets the header, multiple clients
+ using the same proxy do not share the same client tag settings.
+
+
+ This option should only be enabled if Privoxy can only be reached
+ through a proxy and if the proxy can be trusted to set the header
+ correctly. It is recommended that ACL are used to make sure only
+ trusted systems can reach Privoxy.
+
+
+ If access to Privoxy isn't limited to trusted systems, this option
+ would allow malicious clients to change the client tags for other
+ clients or increase Privoxy's memory requirements by registering
+ lots of client tag settings for clients that don't exist.
+
+
+
+
+ Examples:
+
+
+
+ # Allow systems that can reach Privoxy to provide the client
+ # IP address with a X-Forwarded-For header.
+ trust-x-forwarded-for 1
+
+
+
+
@@ -3493,7 +3585,6 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t
-