[squid-users] Websockets over HTTPS not working in squid 4
Alex Rousskov
rousskov at measurement-factory.com
Thu Feb 21 21:33:41 UTC 2019
On 2/21/19 2:11 PM, Felipe Arturo Polanco wrote:
> I have been trying to make websockets work over HTTPS but so far I
> haven't been able to.
Official Squid cannot reliably detect and proxy native WebSocket
traffic. Until that support is available, if WebSocket traffic reaches
your intercepting Squid, then splicing suspected WebSocket connections
based on TCP/TLS-level information is your only option. And, yes, that
introduces lots of maintenance headaches, policy violations, and is not
reliable.
A bit more information about the topic is available on this 2018 thread:
http://lists.squid-cache.org/pipermail/squid-users/2018-July/018581.html
Alex.
> I'm trying the following websites that use websockets and none of them work:
> speedtest.net <http://speedtest.net>
> web.whatsapp.com <http://web.whatsapp.com>
> https://slack.com/help/test
>
> If I explicitly splice those domain names in squid.conf they work fine.
>
> I'm not interested in bumping the websockets, I just want HTTPS
> interception to work as well as websockets.
More information about the squid-users
mailing list