[squid-users] debug headers between squid --> website

Alex Rousskov rousskov at measurement-factory.com
Tue Dec 3 15:21:32 UTC 2019


On 12/2/19 5:22 PM, --Ahmad-- wrote:
> You Said 
> “”
> Yes, you can. Squid logs CONNECT headers and also HTTP headers of
> incoming and outgoing decrypted HTTPS requests. Squid does not see (and
> cannot log) HTTP headers of encrypted traffic inside CONNECT tunnels
> that are not bumped using the SslBump feature, of course.
> “”


> Can you tell me example of headers of “Connect headers” and headers
> inside “ connect Tunnel “ ?

CONNECT requests are described, with examples, at
https://tools.ietf.org/html/rfc7231#section-4.3.6

Any HTTP message (both headers and body) can be sent inside a CONNECT
tunnel.

Please note that when Squid is configured to intercept HTTPS/TLS
connections, it treats the intercepted TCP connection as if that
intercepted traffic was inside a CONNECT tunnel. Squid even fakes the
CONNECT request in that case as if the TLS client sent a CONNECT request
before securing the connection.

Alex.


>> On Dec 2, 2019, at 10:31 PM, Alex Rousskov wrote:
>>
>> Yes, you can. Squid logs CONNECT headers and also HTTP headers of
>> incoming and outgoing decrypted HTTPS requests. Squid does not see (and
>> cannot log) HTTP headers of encrypted traffic inside CONNECT tunnels
>> that are not bumped using the SslBump feature, of course.
> 



More information about the squid-users mailing list