X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fsource%2Fp-config.sgml;h=b0b5f7af82ba9089f8c7136ce9c7149fef7e2c58;hp=0cbf7c0e4afa765eb9ba17e7571b56b441c40646;hb=7a99a61ab1a3ce0401821aedcd06eba19a698b2a;hpb=4aad00d5930198d03667bf0cc205abc11fbfd52e diff --git a/doc/source/p-config.sgml b/doc/source/p-config.sgml index 0cbf7c0e..b0b5f7af 100644 --- a/doc/source/p-config.sgml +++ b/doc/source/p-config.sgml @@ -3,9 +3,9 @@ Purpose : Used with other docs and files only. - $Id: p-config.sgml,v 2.95 2013/01/09 15:19:47 fabiankeil Exp $ + $Id: p-config.sgml,v 2.113 2015/01/24 16:42:13 fabiankeil Exp $ - Copyright (C) 2001-2011 Privoxy Developers http://www.privoxy.org/ + Copyright (C) 2001-2016 Privoxy Developers http://www.privoxy.org/ See LICENSE. ======================================================================== @@ -94,13 +94,13 @@ @@TITLE<!-- between the @@ is stripped by Makefile -->@@ - Sample Configuration File for Privoxy v&p-version; + Sample Configuration File for Privoxy &p-version; - $Id: p-config.sgml,v 2.95 2013/01/09 15:19:47 fabiankeil Exp $ + $Id: p-config.sgml,v 2.113 2015/01/24 16:42:13 fabiankeil Exp $ -Copyright (C) 2001-2013 Privoxy Developers http://www.privoxy.org/ +Copyright (C) 2001-2016 Privoxy Developers http://www.privoxy.org/ @@ -117,7 +117,8 @@ Copyright (C) 2001-2013 Privoxy Developers http://www.privoxy.org/ 3. DEBUGGING # 4. ACCESS CONTROL AND SECURITY # 5. FORWARDING # - 6. WINDOWS GUI OPTIONS # + 6. MISCELLANEOUS # + 7. WINDOWS GUI OPTIONS # # ################################################################# @@ -533,16 +534,6 @@ II. FORMAT OF THE CONFIGURATION FILE No trailing /, please. - @@ -597,6 +588,55 @@ II. FORMAT OF THE CONFIGURATION FILE + +temporary-directory + + + + Specifies: + + A directory where Privoxy can create temporary files. + + + + Type of value: + + Path name + + + + Default value: + + unset + + + + Effect if unset: + + No temporary files are created, external filters don't work. + + + + Notes: + + + To execute external filters, + Privoxy has to create temporary files. + This directive specifies the directory the temporary files should + be written to. + + + It should be a directory only Privoxy + (and trusted users) can access. + + + + + +@@#temporary-directory .]]> + + + logdir @@ -703,13 +743,6 @@ actionsfile Actions files contain all the per site and per URL configuration for ad blocking, cookie management, privacy considerations, etc. - There is no point in using Privoxy without at - least one actions file. - - - Note that since Privoxy 3.0.7, the complete filename, including the .action - extension has to be specified. The syntax change was necessary to be consistent - with the other file options and to allow previously forbidden characters. @@ -846,22 +879,22 @@ actionsfile Depending on the debug options below, the logfile may be a privacy risk if third parties can get access to it. As most users will never look - at it, Privoxy 3.0.7 and later only log fatal - errors by default. + at it, Privoxy only logs fatal errors by default. For most troubleshooting purposes, you will have to change that, please refer to the debugging section for details. - - Your logfile will grow indefinitely, and you will probably want to - periodically remove it. On Unix systems, you can do this with a cron job - (see man cron). - Any log files must be writable by whatever user Privoxy is being run as (on Unix, default user id is privoxy). + + To prevent the logfile from growing indefinitely, it is recommended to + periodically rotate or shorten it. Many operating systems support log + rotation out of the box, some require additional software to do it. + For details, please refer to the documentation for your operating system. + @@ -1032,12 +1065,6 @@ actionsfile so that you will notice when things go wrong. The other levels are probably only of interest if you are hunting down a specific problem. They can produce a hell of an output (especially 16). - - - - &my-app; used to ship with the debug levels recommended above enabled by - default, but due to privacy concerns 3.0.7 and later are configured to - only log fatal errors. If you are used to the more verbose settings, simply enable the debug lines @@ -1083,13 +1110,13 @@ actionsfile Type of value: - None + 1 or 0 Default value: - Unset + 0 @@ -1112,7 +1139,7 @@ actionsfile -@@#single-threaded]]> +@@#single-threaded 1]]> @@ -1870,6 +1897,67 @@ ACLs: permit-access and deny-access @@buffer-limit 4096]]> + +enable-proxy-authentication-forwarding + + + Specifies: + + + Whether or not proxy authentication through &my-app; should work. + + + + + Type of value: + + 0 or 1 + + + + Default value: + + 0 + + + + Effect if unset: + + + Proxy authentication headers are removed. + + + + + Notes: + + + Privoxy itself does not support proxy authentication, but can + allow clients to authenticate against Privoxy's parent proxy. + + + By default Privoxy (3.0.21 and later) don't do that and remove + Proxy-Authorization headers in requests and Proxy-Authenticate + headers in responses to make it harder for malicious sites to + trick inexperienced users into providing login information. + + + If this option is enabled the headers are forwarded. + + + Enabling this option is not recommended if there is + no parent proxy that requires authentication or if the local network between + Privoxy and the parent proxy isn't trustworthy. If proxy authentication is + only required for some requests, it is recommended to use a client header filter + to remove the authentication headers for requests where they aren't needed. + + + + + +@@enable-proxy-authentication-forwarding 0]]> + + @@ -2133,11 +2221,16 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t - forward-socks5 / 127.0.0.1:9050 . + forward-socks5t / 127.0.0.1:9050 . - - + + Note that if you got Tor through one of the bundles, you may + have to change the port from 9050 to 9150 (or even another one). + For details, please check the documentation on the + Tor website. + + The public Tor network can't be used to reach your local network, if you need to access local servers you therefore might want to make some exceptions: @@ -2374,6 +2467,9 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t option and configure your packet filter to redirect outgoing HTTP connections into Privoxy. + + Note that intercepting encrypted connections (HTTPS) isn't supported. + Make sure that Privoxy's own requests aren't redirected as well. Additionally take care that @@ -2931,7 +3027,7 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t Default value: - None + 128 @@ -2976,6 +3072,13 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t Obviously using this option only makes sense if you choose a limit below the one enforced by the operating system. + + One most POSIX-compliant systems &my-app; can't properly deal with + more than FD_SETSIZE file descriptors at the same time and has to reject + connections if the limit is reached. This will likely change in a + future version, but currently this limit can't be increased without + recompiling &my-app; with a different FD_SETSIZE limit. + @@ -3038,15 +3141,13 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t Notes: - This is a work-around for Firefox bug 492459: - - Websites are no longer rendered if SSL requests for JavaScripts are blocked by a proxy. - + This directive was added as a work-around for Firefox bug 492459: + Websites are no longer rendered if SSL requests for JavaScripts are blocked by a proxy. (https://bugzilla.mozilla.org/show_bug.cgi?id=492459) - As the bug has been fixed for quite some time this option should no longer - be needed and will be removed in a future release. Please speak up if you - have a reason why the option should be kept around. + >https://bugzilla.mozilla.org/show_bug.cgi?id=492459), + the bug has been fixed for quite some time, but this directive is also useful + to make it harder for websites to detect whether or not resources are being + blocked.