[squid-users] X-Forwarded-For breaks a site
Matus UHLAR - fantomas
uhlar at fantomas.sk
Mon Jan 30 13:25:25 UTC 2017
On 30.01.17 12:09, Andrea Venturoli wrote:
>The answer to a direct connection (or to Squid with "forwarded_for
>transparent") is:
>>HTTP/1.1 303 See other
>>Date: Mon, 30 Jan 2017 09:56:18 GMT
>>Server: Apache
>>X-Powered-By: PHP/5.3.29
>>Expires: Thu, 19 Nov 1981 08:52:00 GMT
>>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
>>Pragma: no-cache
>>Set-Cookie: PHPSESSID=wwwwwwwwwww; path=/
>>Set-Cookie: yyyyyyyyyyyyyy=zzzzzzzzzzzzz; path=/; HttpOnly
>>Location: http://www.xxxxxxx.com/md/it/
>>Content-Length: 0
>>Connection: close
>>Content-Type: text/html; charset=utf-8
>
>The answer to Squid without "forwarded_for transparent") is:
>>HTTP/1.1 200 OK
>>Date: Mon, 30 Jan 2017 09:33:51 GMT
>>Server: Apache
>>X-Powered-By: PHP/5.3.29
>>Expires: Thu, 19 Nov 1981 08:52:00 GMT
>>Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
>>Pragma: no-cache
>>Set-Cookie: PHPSESSID=vvvvvvvvvvvvvvvvvvvvvv; path=/
>>Content-Length: 0
>>Keep-Alive: timeout=15, max=98
>>Connection: Keep-Alive
>>Content-Type: text/html
>
>
>The site is a commercial one and, altough it features a reserved
>area, I don't see any point in loosing visibility to corporate users.
>Also the webserver belongs to a famous ISP which should also hosts
>thousands of other sites, so I guess it should have nothing fancy.
>Anyone can shed some light on this behaviour?
it's quite common that some pages break on x-forwarded-for header.
It's mostly fault of those pages, not clients or webserver.
>Is this Squid's fault (I don't think so, but I'll just ask)?
no
>Is this a known bug in some version of Apache or PHP or whatever?
no
>Is it dangerous to keep "forwarded_for transparent" in my config?
might be, if you let private internal data to pass out.
you should study what does the directive do and decide what to do with XFF
header. See:
http://www.squid-cache.org/Doc/config/forwarded_for/
if there's possibility of contacting the page owner with a complaint, do that.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
We are but packets in the Internet of life (userfriendly.org)
More information about the squid-users
mailing list