[squid-users] HEAD over HTTPS

Dick Visser dick.visser at geant.org
Thu Feb 25 22:47:11 UTC 2016


Hi

I'm trying to set up an acl to allow a link checker tool to do its
work through squid.
This tool is a Wordpress plugin.
The whole reason I have squid is so that Wordpress itself cannot
retrieve random stuff from the Internet.

I had come up with the idea of allowing HEAD method, so the link
checker plugin can do its job while at the same time not allowing
malicious content to be retrieved.
This appears to work well.

However, when the plugins tries to check HTTPS URLs it uses CONNECT,
which is then denied by squid.

But if I allow CONNECT then it is again possible to retrieve content again.

So, Is there a way to use squid for retrieving only headers using HTTPS?

I'm open to any solution.

Thanks!!


More information about the squid-users mailing list