X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fwebserver%2Fuser-manual%2Fconfig.html;h=9fecd2f5b31995607f0ede342665dee302dd2c8e;hp=bff2330700306aad444aaf03291be5935d8e1e20;hb=2a468ab6482020e6c842fddd3dc22839865cffc0;hpb=60cbbc5f5d7514135bc5afc02d24e77a231c47f4 diff --git a/doc/webserver/user-manual/config.html b/doc/webserver/user-manual/config.html index bff23307..9fecd2f5 100644 --- a/doc/webserver/user-manual/config.html +++ b/doc/webserver/user-manual/config.html @@ -6,7 +6,7 @@ The Main Configuration File - + @@ -21,7 +21,7 @@ - + @@ -430,7 +430,55 @@
-

7.2.3. logdir

+

7.2.3. temporary-directory

+ +
+
+
Specifies:
+ +
+

A directory where Privoxy can create temporary files.

+
+ +
Type of value:
+ +
+

Path name

+
+ +
Default value:
+ +
+

unset

+
+ +
Effect if unset:
+ +
+

No temporary files are created, external filters don't + work.

+
+ +
Notes:
+ +
+

To execute external + filters, Privoxy has + to create temporary files. This directive specifies the + directory the temporary files should be written to.

+ +

It should be a directory only Privoxy (and trusted users) can + access.

+
+
+
+
+ +
+

7.2.4. logdir

@@ -473,7 +521,7 @@
-

7.2.4. +

7.2.5. actionsfile

@@ -544,22 +592,14 @@

Actions files contain all the per site and per URL configuration for ad blocking, cookie management, privacy - considerations, etc. There is no point in using Privoxy without at least one actions - file.

- -

Note that since Privoxy 3.0.7, the complete filename, - including the ".action" extension - has to be specified. The syntax change was necessary to be - consistent with the other file options and to allow previously - forbidden characters.

+ considerations, etc.

-

7.2.5. +

7.2.6. filterfile

@@ -630,7 +670,7 @@
-

7.2.6. +

7.2.7. logfile

@@ -676,27 +716,28 @@

Depending on the debug options below, the logfile may be a privacy risk if third parties can get access to it. As most users will never look at it, Privoxy 3.0.7 and later only log fatal - errors by default.

+ "APPLICATION">Privoxy only logs fatal errors by + default.

For most troubleshooting purposes, you will have to change that, please refer to the debugging section for details.

-

Your logfile will grow indefinitely, and you will probably - want to periodically remove it. On Unix systems, you can do - this with a cron job (see "man - cron").

-

Any log files must be writable by whatever user Privoxy is being run as (on Unix, default user id is "privoxy").

+ +

To prevent the logfile from growing indefinitely, it is + recommended to periodically rotate or shorten it. Many + operating systems support log rotation out of the box, some + require additional software to do it. For details, please refer + to the documentation for your operating system.

-

7.2.7. +

7.2.8. trustfile

@@ -859,11 +900,6 @@ problem. They can produce a hell of an output (especially 16).

-

Privoxy used to ship with - the debug levels recommended above enabled by default, but due - to privacy concerns 3.0.7 and later are configured to only log - fatal errors.

-

If you are used to the more verbose settings, simply enable the debug lines below again.

@@ -901,15 +937,14 @@
Type of value:
-

None

+

1 or + 0

Default value:
-

Unset

+

0

Effect if unset:
@@ -1685,6 +1720,66 @@

+ +
+

7.4.9. + enable-proxy-authentication-forwarding

+ +
+
+
Specifies:
+ +
+

Whether or not proxy authentication through Privoxy should work.

+
+ +
Type of value:
+ +
+

0 or 1

+
+ +
Default value:
+ +
+

0

+
+ +
Effect if unset:
+ +
+

Proxy authentication headers are removed.

+
+ +
Notes:
+ +
+

Privoxy itself does not support proxy authentication, but + can allow clients to authenticate against Privoxy's parent + proxy.

+ +

By default Privoxy (3.0.21 and later) don't do that and + remove Proxy-Authorization headers in requests and + Proxy-Authenticate headers in responses to make it harder for + malicious sites to trick inexperienced users into providing + login information.

+ +

If this option is enabled the headers are forwarded.

+ +

Enabling this option is not recommended if there is no parent + proxy that requires authentication or if the local network + between Privoxy and the parent proxy isn't trustworthy. If + proxy authentication is only required for some requests, it is + recommended to use a client header filter to remove the + authentication headers for requests where they aren't + needed.

+
+
+
+

@@ -1971,12 +2066,18 @@
Privoxy 3.0.21 User ManualPrivoxy 3.0.23 User Manual 
-  forward-socks5   /               127.0.0.1:9050 .
+  forward-socks5t   /               127.0.0.1:9050 .
+

Note that if you got Tor through one of the bundles, you may + have to change the port from 9050 to 9150 (or even another + one). For details, please check the documentation on the + Tor + website.

+

The public Tor network can't be used to reach your local network, if you need to access local servers you therefore might want to make some @@ -2229,6 +2330,9 @@ HTTP connections into Privoxy.

+

Note that intercepting encrypted connections (HTTPS) isn't + supported.

+

Make sure that Privoxy's own requests aren't redirected as well. Additionally take care that Privoxy can't @@ -2849,15 +2953,15 @@

Notes:
-

This is a work-around for Firefox bug 492459: " Websites are no longer rendered if SSL requests for - JavaScripts are blocked by a proxy. " (https://bugzilla.mozilla.org/show_bug.cgi?id=492459) - As the bug has been fixed for quite some time this option - should no longer be needed and will be removed in a future - release. Please speak up if you have a reason why the option - should be kept around.

+

This directive was added as a work-around for Firefox bug + 492459: "Websites are no longer rendered if + SSL requests for JavaScripts are blocked by a proxy." + (https://bugzilla.mozilla.org/show_bug.cgi?id=492459), + the bug has been fixed for quite some time, but this directive + is also useful to make it harder for websites to detect whether + or not resources are being blocked.