[squid-users] CONNECT + custom data

Amos Jeffries squid3 at treenet.co.nz
Fri Nov 17 03:39:50 UTC 2017


On 17/11/17 15:09, Richard Peeters wrote:
> Hi All,
> 
> I have a requirement to forward proxy an opaque stream of data. One of
> the servers (acting as a client -A- to SQUID ) will use the CONNECT
> method to connect to SQUID (on server B) and squid will then proxy
> this data for A.
> 
> My question is I want to pass metadata from A to B which B will strip
> out before proxying the data outbound, and I cannot find a way to do
> that.

"metadata" in HTTP just means headers.

For custom hop-by-hop headers your client application needs to use 
Connection: header to control their removal by the recieving next-hop 
HTTP agent. See <https://tools.ietf.org/html/rfc7230#section-6.1>.
  The custom header field-values can be accessed using the various 
request/reply header regex ACL types, same as any header.

Squid does not touch any of the 'payload' section following a CONNECT 
message. It always gets relayed as-is or rejected completely.
  Except when SSL-Bump is configured to decrypt tunnelled TLS traffic. 
Custom payload formats are not possible there, only TLS syntax.

Amos


More information about the squid-users mailing list