config: Explicitly mention that the CGI pages disclosing the ca-password can be blocked

author Fabian Keil <fk@fabiankeil.de>

Sat, 6 Nov 2021 12:46:29 +0000 (13:46 +0100)

committer Fabian Keil <fk@fabiankeil.de>

Wed, 1 Dec 2021 16:03:41 +0000 (17:03 +0100)
author Fabian Keil <fk@fabiankeil.de>
Sat, 6 Nov 2021 12:46:29 +0000 (13:46 +0100)
committer Fabian Keil <fk@fabiankeil.de>
Wed, 1 Dec 2021 16:03:41 +0000 (17:03 +0100)
diff --git a/doc/source/p-config.sgml b/doc/source/p-config.sgml

index dd9974f..0a9330d 100644 (file)
--- a/doc/source/p-config.sgml
+++ b/doc/source/p-config.sgml
@@ -4162,10 +4162,17 @@ compression-level 0
      that is used when Privoxy generates certificates for intercepted
      requests.
     </para>
+   <warning>
     <para>
       Note that the password is shown on the CGI page so don't
       reuse an important one.
     </para>
+   <para>
+     If disclosure of the password is a compliance issue consider blocking
+     the relevant CGI requests after enabling the <link linkend="enforce-blocks">enforce-blocks</link>
+     and <link linkend="allow-cgi-request-crunching">allow-cgi-request-crunching</link>.
+   </para>
+   </warning>
    </listitem>
   </varlistentry>
   <varlistentry>
author	Fabian Keil <fk@fabiankeil.de>
	Sat, 6 Nov 2021 12:46:29 +0000 (13:46 +0100)
committer	Fabian Keil <fk@fabiankeil.de>
	Wed, 1 Dec 2021 16:03:41 +0000 (17:03 +0100)