[Privoxy-commits] [privoxy] 05/11: config: Explicitly mention that the CGI pages disclosing the ca-password can be blocked

[User Git]

This is an automated email from the git hooks/post-receive script.

git pushed a commit to branch master
in repository privoxy.

commit f6dc2df5d674eced2c09fede4c041a4e76ea388e
Author: Fabian Keil <fk at fabiankeil.de>
AuthorDate: Sat Nov 6 13:46:29 2021 +0100

    config: Explicitly mention that the CGI pages disclosing the ca-password can be blocked
    
    ... and upgrade the disclosure paragraphs to a warning.
---
 doc/source/p-config.sgml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/doc/source/p-config.sgml b/doc/source/p-config.sgml
index dd9974f1..0a9330db 100644
--- a/doc/source/p-config.sgml
+++ b/doc/source/p-config.sgml
@@ -4162,10 +4162,17 @@ compression-level 0
     that is used when Privoxy generates certificates for intercepted
     requests.
    </para>
+   <warning>
    <para>
      Note that the password is shown on the CGI page so don't
      reuse an important one.
    </para>
+   <para>
+     If disclosure of the password is a compliance issue consider blocking
+     the relevant CGI requests after enabling the <link linkend="enforce-blocks">enforce-blocks</link>
+     and <link linkend="allow-cgi-request-crunching">allow-cgi-request-crunching</link>.
+   </para>
+   </warning>
   </listitem>
  </varlistentry>
  <varlistentry>

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.