[squid-dev] [PATCH] received_encrypted ACL
Tsantilas Christos
chtsanti at users.sourceforge.net
Tue Jul 21 10:44:12 UTC 2015
On 07/21/2015 01:25 PM, Amos Jeffries wrote:
>
> No. Christos wrote this:
> "
> NOTE: Currently there is not any mechanism to indicate if a cached
> object came from secure source or not, so we assume that all hits for
> secure requests are secure too.
> "
>
> The cache hits rely on the request markings to determine the HIT
> matching. In this case we have a https:// (secure, TLS-received) marked
> request being re-written with non-TLS URL and delivered a HIT originated
> from a non-TLS server.
>
If the HITs is the problem, it is something can be solved. Just in the
application with the ICAP services described it is not needed.
Handling the HITs can be marked as a TODO on this patch.
More information about the squid-dev
mailing list