[squid-users] Authentication\Authorization using a PAC file?
Kinkie
gkinkie at gmail.com
Mon Nov 24 13:05:10 UTC 2014
Still it'd be semi-public; you'd have to replicate the access control
rules on the proxy anyway.
On Mon, Nov 24, 2014 at 1:46 PM, Eliezer Croitoru <eliezer at ngtech.co.il> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 11/24/2014 02:43 PM, Kinkie wrote:
>> Hi Eliezer, I don't think so. PACfiles have no access to the DOM or
>> facilities like AJAX, and are very limited in what they can return
>> or affect as side-effects. In theory it could be possible to do
>> something, but in practice it would be only advisory and not
>> secure: a pacfile must by definition be in a publicly-accessible
>> URL, so anyone can read it and interpret it.
>
> So a small question:
> Can I put the pac file on a https site with basic authentication?
>
> Eliezer
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQEcBAEBAgAGBQJUcyihAAoJENxnfXtQ8ZQUbKwH/2iF+hTc0HO14k74+lw0ftj0
> tllr3v2uOIG5a3905B27sSxPvJa+XQ7mTOa0dRdvbmL9klyh0njdyKYVrs0ZjBB4
> 6VFUqMRsimu7gSpjuFZZIySMDy35XM+S3EyluQehiQJpwOfidgxHbF7iiehfd/+1
> yn0kk/AoxnisDMvRvlpKZAwnvTuZFjZoj+zMs0GfZgJ/skcNu2YDAKANAPon+uhm
> MIEf6Gi2zbwPCrsOnQXySPTG17trWPMGUvH3nVXbxFd+8amHSdBWy6O8iEhsFEPZ
> hXP9XyjfXbWIwrYvqhI+0lVc3BEr52tjIdpVV1pu5h9jsBfjJMFTQXvlhhCHHiw=
> =sVZf
> -----END PGP SIGNATURE-----
--
Francesco
More information about the squid-users
mailing list