summaryrefslogtreecommitdiff
path: root/doc/tinyproxy.conf
diff options
context:
space:
mode:
authorRobert James Kaes <rjkaes@users.sourceforge.net>2003-06-20 17:02:13 +0000
committerRobert James Kaes <rjkaes@users.sourceforge.net>2003-06-20 17:02:13 +0000
commit4c9141aac6b60eab1a0113d45ac059a78097b0f7 (patch)
treef94631c1b13568855c0c9f7575a32fda5798ae4f /doc/tinyproxy.conf
parent0d3962f1f069845c2f396ca2450d9529f27d556b (diff)
downloadtinyproxy-4c9141aac6b60eab1a0113d45ac059a78097b0f7.tar.gz
tinyproxy-4c9141aac6b60eab1a0113d45ac059a78097b0f7.zip
Removed the "ViaHeader" directive and replaced it with the
"ViaProxyName" directive. The "Via" HTTP header is _required_ by the HTTP spec, so the code has been changed to always send the header. However, including the proxy's host name could be considered a security threat, so the "ViaProxyName" directive is used to set the token sent in the "Via" header. If the directive is not enabled the proxy's host name will be used.
Diffstat (limited to 'doc/tinyproxy.conf')
-rw-r--r--doc/tinyproxy.conf9
1 files changed, 5 insertions, 4 deletions
diff --git a/doc/tinyproxy.conf b/doc/tinyproxy.conf
index 9eacb95..6bc9729 100644
--- a/doc/tinyproxy.conf
+++ b/doc/tinyproxy.conf
@@ -166,11 +166,12 @@ Allow 127.0.0.1
Allow 192.168.1.0/25
#
-# Control whether the HTTP Via header should be included in requests or
-# responses. The RFC says it should be there, but it could be a security
-# concern. The default is off.
+# The "Via" header is required by the HTTP RFC, but using the real host name
+# is a security concern. If the following directive is enabled, the string
+# supplied will be used as the host name in the Via header; otherwise, the
+# server's host name will be used.
#
-#ViaHeader On
+ViaProxyName "tinyproxy"
#
# The location of the filter file.