[squid-users] flickr.com redirect error

Ozgur Batur ozgurbtr at gmail.com
Mon Jun 27 11:01:16 UTC 2016

Yes that is much easier, thank you.

Rafaels line is response header, I received the same. Here is the related

2016/06/27 13:52:49.194 kid1| 11,2| http.cc(2235) sendRequest: HTTP Server
GET / HTTP/1.1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like
Gecko) Ubuntu Chromium/50.0.2661.102 Chrome/50.0.2661.102 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: tr,en-US;q=0.8,en;q=0.6
Host: www.flickr.com
Via: 1.1 ubuntuozgen (squid/3.5.19)
Surrogate-Capability: ubuntuozgen="Surrogate/1.0 ESI/1.0"
X-Forwarded-For: ::1
Cache-Control: max-age=0
Connection: keep-alive

2016/06/27 13:52:49.477 kid1| 11,2| http.cc(751) processReplyHeader: HTTP
Server REPLY:
HTTP/1.1 301 Moved Permanently
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Served-By: pprd1-node552-lh1.manhattan.bf1.yahoo.com
X-Instance: flickr.v1.production.manhattan.bf1.yahoo.com
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
X-Request-Id: 36e709a2
Location: https://www.flickr.com/
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 102
Server: ATS
Date: Mon, 27 Jun 2016 10:52:40 GMT
Age: 0
Via: http/1.1 fts111.flickr.bf1.yahoo.com (ApacheTrafficServer [cMs f ]),
http/1.1 r11.ycpi.dea.yahoo.net (ApacheTrafficServer [cMs f ])
Connection: keep-alive

And this repeats on and on. As I understand disabling Via header is an
acceptable solution. If I could disable the header only for problematic
domains that would be better of course.

Thank you all.

On Mon, Jun 27, 2016 at 1:39 PM, Amos Jeffries <squid3 at treenet.co.nz> wrote:

> On 27/06/2016 9:04 p.m., Ozgur Batur wrote:
> > Hello Amos,
> >
> > This is the via header sent by my local proxy as part of the request.
> > *Via: 1.1 ubuntuozgen (squid/3.5.19)*
> >
> > It is not fqdn but ubuntu concatanated with a Turkish name so it is
> highly
> > unlikely that yahoo have such named reverse proxy. I could not decrypt
> the
> > squid <--> flicker traffic yet this is from pcap output from another http
> > site but i think it should be same right?
> Yes pcap (with full packet data) should contain the same needed details
> yes. cache.log with debug level 11,2 is the easier way to get the
> headers though since the crypto is removed by Squid.
> Amos

H Özgür Batur
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160627/4959b0d2/attachment.html>

More information about the squid-users mailing list