While flexible, this is not the sophistication of full regular expression based syntax.
+
@@ -2523,11 +2526,13 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
This action allows Privoxy to filter encrypted requests and
responses. For this to work Privoxy has to generate a certificate and
send it to the client which has to accept it.
-
Before this works the directives in the TLS section of the config file have to be configured.
+
Before this works the directives in the HTTPS inspection section of the config
+ file have to be configured.
Note that the action has to be enabled based on the CONNECT request which doesn't contain a path.
Enabling it based on a pattern with path doesn't work as the path is only seen by Privoxy if the action is already enabled.
+
This is an experimental feature.
Example usage (section):
@@ -2569,8 +2574,11 @@ www.example.com
When the "+https-inspection" action is used Privoxy by default
verifies that the remote site uses a valid certificate.
- If the certificate is invalid the connection is aborted.
- This action disabled the certificate check allowing requests to sites with invalid certificates.
+ If the certificate can't be validated by Privoxy the connection is
+ aborted.
+ This action disables the certificate check so requests to sites with certificates that can't be
+ validated are allowed.
+ Note that enabling this action allows Man-in-the-middle attacks.
Example usage: