[squid-users] RV: Question with ACL and UrlRewrite ?

Amos Jeffries squid3 at treenet.co.nz
Wed Jan 17 19:19:13 UTC 2018

On 18/01/18 07:50, Aismel wrote:
> I was reading that it is necessary to make the function of man in the 
> middle to be able to issue a security certificate ....
> Question: The proxy does not act as such, because it is so complicated 
> to change the user's request when 50% of the work is already done.
> Someone has some other solution ...

Yuri was referring to how your re-writer is looking for URLs that start 
with the exact string "http://". But Facebook and many others no longer 
use URLs that start that way.

No matter what you do to get the traffic, the helper needs to check for 
the real URLs if it is to do anything useful.

MITM is necessary to issue certificates for domains *belonging to other 
people or companies*. Re-writing URLs is very much *not* a good thing to 
do. It is possible, just not wise.

Part of the MITM often involves guaranteeing that the decoded traffic 
continues to go to the place it was already going. That and things like 
it place limitations different from http://


More information about the squid-users mailing list