-
Notifications
You must be signed in to change notification settings - Fork 541
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 5092: improve https_port ssl-bump documentation #1981
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
PR title promises to improve https_port documentation. PR code changes http_port documentation instead.
src/cf.data.pre
Outdated
The ssl_bump configuration option is required to fully enable | ||
bumping of CONNECT requests. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This paragraph is still very misleading IMO. I suggest using one of the following complete replacements (shown here without formatting due to cf.data.pre formatting complications):
- "This option is essentially ignored (with a WARNING) if configuration has no ssl_bump directives."
- "This option is essentially ignored (with a WARNING) unless configuration has ssl_bump directive(s)."
src/cf.data.pre
Outdated
Enabling this option requires also specifying either | ||
tproxy or intercept |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This new statement is incorrect: http_port supports SslBump in forward proxy mode as well. That mode is the default.
Enabling this option requires also specifying either | |
tproxy or intercept |
Accepting the above suggestion is not enough to address Bug 5092 though.
No description provided.