summaryrefslogtreecommitdiffstats
path: root/doc/nghttpx.1
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-11 16:46:31 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-11 16:46:31 +0000
commite0d38508fc8b6bc3915b2235a85a068eacfb87bf (patch)
tree75de5a3a58d59b983ce82cde4f631a318cd6f13f /doc/nghttpx.1
parentReleasing progress-linux version 1.61.0-1~progress7.99u1. (diff)
downloadnghttp2-e0d38508fc8b6bc3915b2235a85a068eacfb87bf.tar.xz
nghttp2-e0d38508fc8b6bc3915b2235a85a068eacfb87bf.zip
Merging upstream version 1.62.1.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'doc/nghttpx.1')
-rw-r--r--doc/nghttpx.126
1 files changed, 13 insertions, 13 deletions
diff --git a/doc/nghttpx.1 b/doc/nghttpx.1
index 6b9f54b..f1a72f9 100644
--- a/doc/nghttpx.1
+++ b/doc/nghttpx.1
@@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
..
-.TH "NGHTTPX" "1" "Apr 04, 2024" "1.61.0" "nghttp2"
+.TH "NGHTTPX" "1" "May 19, 2024" "1.62.1" "nghttp2"
.SH NAME
nghttpx \- HTTP/2 proxy
.SH SYNOPSIS
@@ -371,7 +371,7 @@ Default: \fBauto\fP
.TP
.B \-\-backend\-http\-proxy\-uri=<URI>
Specify proxy URI in the form
-\fI\%http:/\fP/[<USER>:<PASS>@]<PROXY>:<PORT>. If a proxy
+\X'tty: link http:/'\fI\%http:/\fP\X'tty: link'/[<USER>:<PASS>@]<PROXY>:<PORT>. If a proxy
requires authentication, specify <USER> and <PASS>.
Note that they must be properly percent\-encoded. This
proxy is used when the backend connection is HTTP/2.
@@ -1057,7 +1057,7 @@ Default: \fB1s\fP
.B \-\-no\-http2\-cipher\-block\-list
Allow block listed cipher suite on frontend HTTP/2
connection. See
-\fI\%https://tools.ietf.org/html/rfc7540#appendix\-A\fP for the
+\X'tty: link https://tools.ietf.org/html/rfc7540#appendix-A'\fI\%https://tools.ietf.org/html/rfc7540#appendix\-A\fP\X'tty: link' for the
complete HTTP/2 cipher suites block list.
.UNINDENT
.INDENT 0.0
@@ -1065,7 +1065,7 @@ complete HTTP/2 cipher suites block list.
.B \-\-client\-no\-http2\-cipher\-block\-list
Allow block listed cipher suite on backend HTTP/2
connection. See
-\fI\%https://tools.ietf.org/html/rfc7540#appendix\-A\fP for the
+\X'tty: link https://tools.ietf.org/html/rfc7540#appendix-A'\fI\%https://tools.ietf.org/html/rfc7540#appendix\-A\fP\X'tty: link' for the
complete HTTP/2 cipher suites block list.
.UNINDENT
.INDENT 0.0
@@ -2116,9 +2116,9 @@ than main process.
.SH SERVER PUSH
.sp
nghttpx supports HTTP/2 server push in default mode with Link header
-field. nghttpx looks for Link header field (\fI\%RFC 5988\fP) in response headers from
+field. nghttpx looks for Link header field (\X'tty: link http://tools.ietf.org/html/rfc5988'\fI\%RFC 5988\fP\X'tty: link') in response headers from
backend server and extracts URI\-reference with parameter
-\fBrel=preload\fP (see \fI\%preload\fP)
+\fBrel=preload\fP (see \X'tty: link http://w3c.github.io/preload/#interoperability-with-http-link-header'\fI\%preload\fP\X'tty: link')
and pushes those URIs to the frontend client. Here is a sample Link
header field to initiate server push:
.INDENT 0.0
@@ -2164,7 +2164,7 @@ delete the socket and continues to use it.
.sp
OCSP query is done using external Python script
\fBfetch\-ocsp\-response\fP, which has been originally developed in Perl
-as part of h2o project (\fI\%https://github.com/h2o/h2o\fP), and was
+as part of h2o project (\X'tty: link https://github.com/h2o/h2o'\fI\%https://github.com/h2o/h2o\fP\X'tty: link'), and was
translated into Python.
.sp
The script file is usually installed under
@@ -2260,15 +2260,15 @@ automatically. To rotate key, one has to restart nghttpx (see
SIGNALS).
.SH CERTIFICATE TRANSPARENCY
.sp
-nghttpx supports TLS \fBsigned_certificate_timestamp\fP extension (\fI\%RFC
-6962\fP). The relevant options
+nghttpx supports TLS \fBsigned_certificate_timestamp\fP extension (\X'tty: link https://tools.ietf.org/html/rfc6962'\fI\%RFC
+6962\fP\X'tty: link'). The relevant options
are \fI\%\-\-tls\-sct\-dir\fP and \fBsct\-dir\fP parameter in
\fI\%\-\-subcert\fP\&. They takes a directory, and nghttpx reads all
files whose extension is \fB\&.sct\fP under the directory. The \fB*.sct\fP
files are encoded as \fBSignedCertificateTimestamp\fP struct described
-in \fI\%section 3.2 of RFC 69662\fP\&. This format is
-the same one used by \fI\%nginx\-ct\fP and \fI\%mod_ssl_ct\fP\&.
-\fI\%ct\-submit\fP can be
+in \X'tty: link https://tools.ietf.org/html/rfc6962#section-3.2'\fI\%section 3.2 of RFC 69662\fP\X'tty: link'\&. This format is
+the same one used by \X'tty: link https://github.com/grahamedgecombe/nginx-ct'\fI\%nginx\-ct\fP\X'tty: link' and \X'tty: link https://httpd.apache.org/docs/trunk/mod/mod_ssl_ct.html'\fI\%mod_ssl_ct\fP\X'tty: link'\&.
+\X'tty: link https://github.com/grahamedgecombe/ct-submit'\fI\%ct\-submit\fP\X'tty: link' can be
used to submit certificates to log servers, and obtain the
\fBSignedCertificateTimestamp\fP struct which can be used with nghttpx.
.SH MRUBY SCRIPTING
@@ -2512,7 +2512,7 @@ On assignment, copy of given value is assigned. The path does
not include authority component of URI. This may include
query component. nghttpx makes certain normalization for
path. It decodes percent\-encoding for unreserved characters
-(see \fI\%https://tools.ietf.org/html/rfc3986#section\-2.3\fP), and
+(see \X'tty: link https://tools.ietf.org/html/rfc3986#section-2.3'\fI\%https://tools.ietf.org/html/rfc3986#section\-2.3\fP\X'tty: link'), and
resolves \(dq..\(dq and \(dq.\(dq. But it may leave characters which
should be percent\-encoded as is. So be careful when comparing
path against desired string.