From 2727c136ceb730015412df0cf32d8761ffe13930 Mon Sep 17 00:00:00 2001 From: Fabian Keil Date: Wed, 30 Oct 2019 11:14:03 +0100 Subject: [PATCH] Rebuild docs --- doc/webserver/faq/copyright.html | 2 +- doc/webserver/privoxy-index.html | 2 +- doc/webserver/user-manual/actions-file.html | 135 ++++++++++--- doc/webserver/user-manual/appendix.html | 16 +- doc/webserver/user-manual/config.html | 201 +++++++++++++++++++- doc/webserver/user-manual/copyright.html | 3 +- doc/webserver/user-manual/index.html | 63 +++--- 7 files changed, 361 insertions(+), 61 deletions(-) diff --git a/doc/webserver/faq/copyright.html b/doc/webserver/faq/copyright.html index f4d5f9f7..bb3d0a12 100644 --- a/doc/webserver/faq/copyright.html +++ b/doc/webserver/faq/copyright.html @@ -25,7 +25,7 @@

7. Privoxy Copyright, License and History

-

Copyright © 2001-2018 by Privoxy Developers

diff --git a/doc/webserver/user-manual/actions-file.html b/doc/webserver/user-manual/actions-file.html index 55de6de0..db8dae24 100644 --- a/doc/webserver/user-manual/actions-file.html +++ b/doc/webserver/user-manual/actions-file.html @@ -73,7 +73,7 @@

The default profiles, and their associated actions, as pre-defined in default.action are:

- +

Table 1. Default Configurations

@@ -1403,7 +1403,50 @@ problem-host.example.com
-

8.5.15. external-filter

+

8.5.15. + enable-https-filtering

+
+
+
Typical use:
+
+

Filter encrypted requests and responses

+
+
Effect:
+
+

Encrypted requests are decrypted, filtered and forwarded encrypted.

+
+
Type:
+
+

Boolean.

+
+
Parameter:
+
+

N/A

+
+
Notes:
+
+

This action allows Privoxy to filter encrypted requests and + responses. For this to work Privoxy has to generate a certificate and + send it to the client which has to accept it.

+

Before this works the directives in the TLS section of the config file have + to be configured.

+
+
Example usage (section):
+
+
+ + + +
+
{+enable-https-filtering}
+www.example.com
+
+ + +
+ +
+

8.5.16. external-filter

Typical use:
@@ -1465,7 +1508,7 @@ problem-host.example.com
-

8.5.16. fast-redirects

+

8.5.17. fast-redirects

Typical use:
@@ -1546,7 +1589,7 @@ problem-host.example.com
-

8.5.17. filter

+

8.5.18. filter

Typical use:
@@ -1861,7 +1904,7 @@ problem-host.example.com
-

8.5.18. force-text-mode

+

8.5.19. force-text-mode

Typical use:
@@ -1918,7 +1961,7 @@ problem-host.example.com
-

8.5.19. forward-override

+

8.5.20. forward-override

Typical use:
@@ -2025,7 +2068,7 @@ TAG:^User-Agent: fetch libfetch/2\.0$
-

8.5.20. +

8.5.21. handle-as-empty-document

@@ -2078,7 +2121,7 @@ example.org/.*\.js$

-

8.5.21. handle-as-image

+

8.5.22. handle-as-image

Typical use:
@@ -2138,7 +2181,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
-

8.5.22. +

8.5.23. hide-accept-language

@@ -2191,7 +2234,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash

-

8.5.23. +

8.5.24. hide-content-disposition

@@ -2247,7 +2290,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash

-

8.5.24. +

8.5.25. hide-if-modified-since

@@ -2306,7 +2349,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash

-

8.5.25. hide-from-header

+

8.5.26. hide-from-header

Typical use:
@@ -2357,7 +2400,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
-

8.5.26. hide-referrer

8.5.27. hide-referrer
@@ -2438,7 +2481,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
-

8.5.27. hide-user-agent

+

8.5.28. hide-user-agent

Typical use:
@@ -2499,7 +2542,51 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
-

8.5.28. limit-connect

+

8.5.29. + ignore-certificate-errors

+
+
+
Typical use:
+
+

Filter encrypted requests and responses without verifying the certificate

+
+
Effect:
+
+

Encrypted requests are forwarded to sites without verifying the certificate.

+
+
Type:
+
+

Boolean.

+
+
Parameter:
+
+

N/A

+
+
Notes:
+
+

When the "+enable-https-filtering" action is used Privoxy by + default verifies that the remote site uses a valid certificate.

+

If the certificate is invalid the connection is aborted.

+

This action disabled the certificate check allowing requests to sites with invalid certificates.

+
+
Example usage:
+
+ + + + +
+
    {+ignore-certificate-errors}
+    www.example.org
+   
+
+
+
+
+
+
+

8.5.30. limit-connect

Typical use:
@@ -2551,7 +2638,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
-

8.5.29. +

8.5.31. limit-cookie-lifetime

@@ -2603,7 +2690,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash

-

8.5.30. prevent-compression

+

8.5.32. prevent-compression

Typical use:
@@ -2674,7 +2761,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash
-

8.5.31. +

8.5.33. overwrite-last-modified

@@ -2736,7 +2823,7 @@ nasty-banner-server.example.com/junk.cgi\?output=trash

-

8.5.32. redirect

+

8.5.34. redirect

Typical use:
@@ -2828,7 +2915,7 @@ www.privoxy.org/user-manual/
-

8.5.33. +

8.5.35. server-header-filter

@@ -2878,7 +2965,7 @@ example.org/instance-that-is-delivered-as-xml-but-is-not

-

8.5.34. +

8.5.36. server-header-tagger

@@ -2935,7 +3022,7 @@ TAG:^image/

-

8.5.35. +

8.5.37. session-cookies-only

@@ -2997,7 +3084,7 @@ TAG:^image/

-

8.5.36. set-image-blocker

+

8.5.38. set-image-blocker

Typical use:
@@ -3086,7 +3173,7 @@ TAG:^image/
-

8.5.37. Summary

+

8.5.39. Summary

Note that many of these actions have the potential to cause a page to misbehave, possibly even not to display at all. There are many ways a site designer may choose to design his site, and what HTTP header content, and other criteria, he may depend on. There is no way to have hard and fast rules for all sites. See diff --git a/doc/webserver/user-manual/appendix.html b/doc/webserver/user-manual/appendix.html index bcdb32f9..d9149543 100644 --- a/doc/webserver/user-manual/appendix.html +++ b/doc/webserver/user-manual/appendix.html @@ -202,7 +202,7 @@ these. If not, you will get a friendly error message. Internet access is not necessary either.

-

7.7. Windows GUI Options

+

7.7. TLS/SSL

+
+

7.7.1. ca-directory

+
+
+
Specifies:
+
+

Directory with the CA key, the CA certificate and the trusted CAs file.

+
+
Type of value:
+
+

Text

+
+
Default value:
+
+

Empty string

+
+
Effect if unset:
+
+

Default value is used.

+
+
Notes:
+
+

This directive specifies the directory where the CA key, the CA certificate and the trusted CAs file + are located.

+
+
Examples:
+
+

ca-directory /usr/local/etc/privoxy/CA

+
+
+
+
+
+

7.7.2. ca-cert-file

+
+
+
Specifies:
+
+

The CA certificate file in ".crt" format.

+
+
Type of value:
+
+

Text

+
+
Default value:
+
+

cacert.crt

+
+
Effect if unset:
+
+

Default value is used.

+
+
Notes:
+
+

This directive specifies the name of the CA certificate file in ".crt" format.

+

It can be generated with: openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.crt + -days 3650

+
+
Examples:
+
+

ca-cert-file root.crt

+
+
+
+
+
+

7.7.3. ca-key-file

+
+
+
Specifies:
+
+

The CA key file in ".pem" format.

+
+
Type of value:
+
+

Text

+
+
Default value:
+
+

cacert.pem

+
+
Effect if unset:
+
+

Default value is used.

+
+
Notes:
+
+

This directive specifies the name of the CA key file in ".pem" format. See the ca-cert-file for a command to generate it.

+
+
Examples:
+
+

ca-key-file cakey.pem

+
+
+
+
+
+

7.7.4. ca-password

+
+
+
Specifies:
+
+

The password for the CA keyfile.

+
+
Type of value:
+
+

Text

+
+
Default value:
+
+

Empty string

+
+
Effect if unset:
+
+

Default value is used.

+
+
Notes:
+
+

This directive specifies the password for the CA keyfile that is used when Privoxy generates + certificates for intercepted requests.

+

Note that the password is shown on the CGI page so don't reuse an important one.

+
+
Examples:
+
+

ca-password blafasel

+
+
+
+
+
+

7.7.5. + certificate-directory

+
+
+
Specifies:
+
+

Directory to safe generated keys and certificates.

+
+
Type of value:
+
+

Text

+
+
Default value:
+
+

./certs

+
+
Effect if unset:
+
+

Default value is used.

+
+
Notes:
+
+

This directive specifies the directory where generated TLS/SSL keys and certificates are saved.

+
+
Examples:
+
+

certificate-directory /usr/local/var/privoxy/certs

+
+
+
+
+
+

7.7.6. trusted-cas-file

+
+
+
Specifies:
+
+

The trusted CAs file in ".pem" format.

+
+
Type of value:
+
+

File name relative to ca-directory

+
+
Default value:
+
+

trustedCAs.pem

+
+
Effect if unset:
+
+

Default value is used.

+
+
Notes:
+
+

This directive specifies the trusted CAs file that is used when validating certificates for + intercepted TLS/SSL request.

+

An example file can be downloaded from https://curl.haxx.se/ca/cacert.pem.

+
+
Examples:
+
+

trusted-cas-file trusted_cas_file.pem

+
+
+
+
+
+
+

7.8. Windows GUI Options

Privoxy has a number of options specific to the Windows GUI interface:

If "activity-animation" is set to 1, the Privoxy diff --git a/doc/webserver/user-manual/copyright.html b/doc/webserver/user-manual/copyright.html index 63b670cd..7be80d4e 100644 --- a/doc/webserver/user-manual/copyright.html +++ b/doc/webserver/user-manual/copyright.html @@ -27,7 +27,7 @@

12. Privoxy Copyright, License and History

-

Copyright © 2001-2018 by Privoxy Developers