X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fwebserver%2Fuser-manual%2Fconfig.html;h=c72dcf884e0a6281e50740375ee5a4d495064f2c;hp=8918b32a013c720c49b2eb1ea6e854b40da81290;hb=8719a1048c59e4a500b0c4c31fc133a038de4c0c;hpb=23be303a582b85ccac7592d0135f0beb9cf170f6 diff --git a/doc/webserver/user-manual/config.html b/doc/webserver/user-manual/config.html index 8918b32a..c72dcf88 100644 --- a/doc/webserver/user-manual/config.html +++ b/doc/webserver/user-manual/config.html @@ -6,7 +6,7 @@ The Main Configuration File - + @@ -21,7 +21,7 @@ - + @@ -430,7 +430,55 @@
-

7.2.3. logdir

+

7.2.3. temporary-directory

+ +
+
+
Specifies:
+ +
+

A directory where Privoxy can create temporary files.

+
+ +
Type of value:
+ +
+

Path name

+
+ +
Default value:
+ +
+

unset

+
+ +
Effect if unset:
+ +
+

No temporary files are created, external filters don't + work.

+
+ +
Notes:
+ +
+

To execute external + filters, Privoxy has + to create temporary files. This directive specifies the + directory the temporary files should be written to.

+ +

It should be a directory only Privoxy (and trusted users) can + access.

+
+
+
+
+ +
+

7.2.4. logdir

@@ -473,7 +521,7 @@
-

7.2.4. +

7.2.5. actionsfile

@@ -544,22 +592,14 @@

Actions files contain all the per site and per URL configuration for ad blocking, cookie management, privacy - considerations, etc. There is no point in using Privoxy without at least one actions - file.

- -

Note that since Privoxy 3.0.7, the complete filename, - including the ".action" extension - has to be specified. The syntax change was necessary to be - consistent with the other file options and to allow previously - forbidden characters.

+ considerations, etc.

-

7.2.5. +

7.2.6. filterfile

@@ -630,7 +670,7 @@
-

7.2.6. +

7.2.7. logfile

@@ -676,27 +716,28 @@

Depending on the debug options below, the logfile may be a privacy risk if third parties can get access to it. As most users will never look at it, Privoxy 3.0.7 and later only log fatal - errors by default.

+ "APPLICATION">Privoxy only logs fatal errors by + default.

For most troubleshooting purposes, you will have to change that, please refer to the debugging section for details.

-

Your logfile will grow indefinitely, and you will probably - want to periodically remove it. On Unix systems, you can do - this with a cron job (see "man - cron").

-

Any log files must be writable by whatever user Privoxy is being run as (on Unix, default user id is "privoxy").

+ +

To prevent the logfile from growing indefinitely, it is + recommended to periodically rotate or shorten it. Many + operating systems support log rotation out of the box, some + require additional software to do it. For details, please refer + to the documentation for your operating system.

-

7.2.7. +

7.2.8. trustfile

@@ -859,11 +900,6 @@ problem. They can produce a hell of an output (especially 16).

-

Privoxy used to ship with - the debug levels recommended above enabled by default, but due - to privacy concerns 3.0.7 and later are configured to only log - fatal errors.

-

If you are used to the more verbose settings, simply enable the debug lines below again.

@@ -901,15 +937,14 @@
Type of value:
-

None

+

1 or + 0

Default value:
-

Unset

+

0

Effect if unset:
@@ -1173,9 +1208,6 @@ mostly behave like a normal, content-neutral proxy with both ad blocking and content filtering disabled. See enable-remote-toggle below.

- -

The windows version will only display the toggle icon in the - system tray if this option is present.

@@ -1688,6 +1720,66 @@

+ +
+

7.4.9. + enable-proxy-authentication-forwarding

+ +
+
+
Specifies:
+ +
+

Whether or not proxy authentication through Privoxy should work.

+
+ +
Type of value:
+ +
+

0 or 1

+
+ +
Default value:
+ +
+

0

+
+ +
Effect if unset:
+ +
+

Proxy authentication headers are removed.

+
+ +
Notes:
+ +
+

Privoxy itself does not support proxy authentication, but + can allow clients to authenticate against Privoxy's parent + proxy.

+ +

By default Privoxy (3.0.21 and later) don't do that and + remove Proxy-Authorization headers in requests and + Proxy-Authenticate headers in responses to make it harder for + malicious sites to trick inexperienced users into providing + login information.

+ +

If this option is enabled the headers are forwarded.

+ +

Enabling this option is not recommended if there is no parent + proxy that requires authentication or if the local network + between Privoxy and the parent proxy isn't trustworthy. If + proxy authentication is only required for some requests, it is + recommended to use a client header filter to remove the + authentication headers for requests where they aren't + needed.

+
+
+
+
@@ -1846,9 +1938,9 @@

7.5.2. forward-socks4, - forward-socks4a and forward-socks5

+ forward-socks4a, forward-socks5 and forward-socks5t
@@ -1911,6 +2003,13 @@

With forward-socks5 the DNS resolution will happen on the remote server as well.

+

forward-socks5t works like vanilla + forward-socks5 but lets Privoxy additionally use Tor-specific + SOCKS extensions. Currently the only supported SOCKS extension + is optimistic data which can reduce the latency for the first + request made on a newly created connection.

+

socks_proxy and http_parent can be a numerical IPv6 address (if

@@ -2225,6 +2324,9 @@ HTTP connections into Privoxy.

+

Note that intercepting encrypted connections (HTTPS) isn't + supported.

+

Make sure that Privoxy's own requests aren't redirected as well. Additionally take care that Privoxy can't @@ -2484,8 +2586,8 @@ tolerate pipelining. Whether or not that improves performance mainly depends on the client configuration.

-

This options is new and should be considered - experimental.

+

If you are seeing problems with pages not properly loading, + disabling this option could work around the problem.

Examples:
@@ -2734,7 +2836,7 @@
Default value:
-

None

+

128

Effect if unset:
@@ -2780,6 +2882,14 @@

Obviously using this option only makes sense if you choose a limit below the one enforced by the operating system.

+ +

One most POSIX-compliant systems Privoxy can't properly deal with more than + FD_SETSIZE file descriptors at the same time and has to reject + connections if the limit is reached. This will likely change in + a future version, but currently this limit can't be increased + without recompiling Privoxy + with a different FD_SETSIZE limit.

Examples:
@@ -2837,15 +2947,15 @@
Notes:
-

This is a work-around for Firefox bug 492459: " Websites are no longer rendered if SSL requests for - JavaScripts are blocked by a proxy. " (https://bugzilla.mozilla.org/show_bug.cgi?id=492459) - As the bug has been fixed for quite some time this option - should no longer be needed and will be removed in a future - release. Please speak up if you have a reason why the option - should be kept around.

+

This directive was added as a work-around for Firefox bug + 492459: "Websites are no longer rendered if + SSL requests for JavaScripts are blocked by a proxy." + (https://bugzilla.mozilla.org/show_bug.cgi?id=492459), + the bug has been fixed for quite some time, but this directive + is also useful to make it harder for websites to detect whether + or not resources are being blocked.

@@ -3046,7 +3156,7 @@ "LOG-MESSAGES">

If "log-messages" is set to 1, - Privoxy copy log messages to the + Privoxy copies log messages to the console window. The log detail depends on the debug directive.

Privoxy 3.0.20 User ManualPrivoxy 3.0.22 User Manual 
-  forward-socks5   /               127.0.0.1:9050 .
+  forward-socks5t   /               127.0.0.1:9050 .