polipo 1.0.4.1-1.2 / usr / share / polipo / www / doc / Censoring-headers.html

This file is indexed.

/usr/share/polipo/www/doc/Censoring-headers.html is in polipo 1.0.4.1-1.2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
<html lang="en">
<head>
<title>Censoring headers - The Polipo Manual</title>
<meta http-equiv="Content-Type" content="text/html">
<meta name="description" content="The Polipo Manual">
<meta name="generator" content="makeinfo 4.13">
<link title="Top" rel="start" href="index.html#Top">
<link rel="up" href="HTTP-tuning.html#HTTP-tuning" title="HTTP tuning">
<link rel="prev" href="Tuning-the-HTTP-parser.html#Tuning-the-HTTP-parser" title="Tuning the HTTP parser">
<link href="http://www.gnu.org/software/texinfo/" rel="generator-home" title="Texinfo Homepage">
<!--
Copyright (C) 2003 -- 2006 by Juliusz Chroboczek.-->
<meta http-equiv="Content-Style-Type" content="text/css">
<style type="text/css"><!--
  pre.display { font-family:inherit }
  pre.format  { font-family:inherit }
  pre.smalldisplay { font-family:inherit; font-size:smaller }
  pre.smallformat  { font-family:inherit; font-size:smaller }
  pre.smallexample { font-size:smaller }
  pre.smalllisp    { font-size:smaller }
  span.sc    { font-variant:small-caps }
  span.roman { font-family:serif; font-weight:normal; } 
  span.sansserif { font-family:sans-serif; font-weight:normal; } 
--></style>
</head>
<body>
<div class="node">
<a name="Censoring-headers"></a>
<p>
Previous:&nbsp;<a rel="previous" accesskey="p" href="Tuning-the-HTTP-parser.html#Tuning-the-HTTP-parser">Tuning the HTTP parser</a>,
Up:&nbsp;<a rel="up" accesskey="u" href="HTTP-tuning.html#HTTP-tuning">HTTP tuning</a>
<hr>
</div>

<h4 class="subsection">3.3.2 Censoring headers</h4>

<p><a name="index-privacy-93"></a><a name="index-anonymity-94"></a><a name="index-Referer-95"></a><a name="index-cookies-96"></a><a name="index-censorReferer-97"></a><a name="index-censoredHeaders-98"></a><a name="index-proxyName-99"></a><a name="index-disableVia-100"></a>
Polipo offers the option to censor given HTTP headers in both client
requests and server replies.  The main application of this feature is
to very slightly improve the user's privacy by eliminating cookies and
some content-negotiation headers.

   <p>It is important to understand that these features merely make it
slightly more difficult to gather statistics about the user's
behaviour.  While they do not actually prevent such statistics from
being collected, they might make it less cost-effective to do so.

   <p>The general mechanism is controlled by the variable
<code>censoredHeaders</code>, the value of which is a case-insensitive list
of headers to unconditionally censor.  By default, it is empty, but
I recommend that you set it to &lsquo;<samp><span class="samp">From, Accept-Language</span></samp>&rsquo;.  Adding
headers such as &lsquo;<samp><span class="samp">Set-Cookie</span></samp>&rsquo;, &lsquo;<samp><span class="samp">Set-Cookie2</span></samp>&rsquo;, &lsquo;<samp><span class="samp">Cookie</span></samp>&rsquo;,
&lsquo;<samp><span class="samp">Cookie2</span></samp>&rsquo; or &lsquo;<samp><span class="samp">User-Agent</span></samp>&rsquo; to this list will probably break
many web sites.

   <p>The case of the &lsquo;<samp><span class="samp">Referer</span></samp>&rsquo;<a rel="footnote" href="#fn-1" name="fnd-1"><sup>1</sup></a> header is treated specially because many
sites will refuse to serve pages when it is not provided.  If
<code>censorReferer</code> is <code>false</code> (the default), &lsquo;<samp><span class="samp">Referer</span></samp>&rsquo;
headers are passed unchanged to the server.  If <code>censorReferer</code>
is <code>maybe</code>, &lsquo;<samp><span class="samp">Referer</span></samp>&rsquo; headers are passed to the server only
when they refer to the same host as the resource being fetched.  If
<code>censorReferer</code> is <code>true</code>, all &lsquo;<samp><span class="samp">Referer</span></samp>&rsquo; headers are
censored.  I recommend setting <code>censorReferer</code> to <code>maybe</code>.

   <p>Another header that can have privacy implications is the &lsquo;<samp><span class="samp">Via</span></samp>&rsquo;
header, which is used to specify the chain of proxies through which
a given request has passed.  Polipo will generate &lsquo;<samp><span class="samp">Via</span></samp>&rsquo; headers
if the variable <code>disableVia</code> is <code>false</code> (it is true by
default).  If you choose to generate &lsquo;<samp><span class="samp">Via</span></samp>&rsquo; headers, you may want
to set the <code>proxyName</code> variable to some innocuous string
(see <a href="Client-connections.html#Client-connections">Client connections</a>).

<ul class="menu">
<li><a accesskey="1" href="Censor-Accept_002dLanguage.html#Censor-Accept_002dLanguage">Censor Accept-Language</a>:       Why Accept-Language is evil. 
</ul>

   <div class="footnote">
<hr>
<h4>Fu&szlig;noten</h4><p class="footnote"><small>[<a name="fn-1" href="#fnd-1">1</a>]</small> HTTP contains many mistakes
and even one spelling error.</p>

   <hr></div>

   </body></html>

APT Browse - Built by Thomas Orozco.