[squid-users] Squid drops authorization header before forwarding

Amos Jeffries squid3 at treenet.co.nz
Tue Aug 7 06:31:39 UTC 2018

On 07/08/18 16:28, Hariharan Sethuraman wrote:
> I found that login=PASS in cache_peer directive helped.

Indeed. cache_peer controls what Squid sends to that particular peer server.

> On Mon, Aug 6, 2018 at 11:29 PM, Hariharan Sethuraman wrote:
>     I tried allow_direct as well as defaultsite under accel.
>     Wondering if I should recompile squid with enable-http-violation and
>     use below ACL /
>     request_header_access Authorization deny all

This tells Squid that it is forbidden from sending Authorization headers
to the origin server. If you still have it in your config after the
experiments you will need to remove.


More information about the squid-users mailing list