[squid-users] proxy authorization header remover from 3.5.x squid
--Ahmad--
ahmed.zaeem at netstream.ps
Sat Sep 17 09:05:18 UTC 2016
Hi Amos again
all what i need is the proxy authorization header get removed since some websites will ban may proxy incase there were any headers that comes with the proxy .
thats all
i could see that header myself in firefox as :
proxy-authorization "Basic ZHJ2aXJ1czpkcnZpcnVz”
regarding to the upstream proxy ,
do you mean i setup cache peer directive to other proxy and the that header is gone ??
thanks
> On Sep 4, 2016, at 6:41 PM, Amos Jeffries <squid3 at treenet.co.nz> wrote:
>
> On 5/09/2016 3:31 a.m., Ahmed Alzaeem wrote:
>> hi amos I’m curious to have my proxies not being detected from others .
>>
>
> Then you choose to make your clients and network internal structore
> entirely visible to the upstream servers.
>
> You can hide your network structure and clients, or you can hide the
> proxy. Not both.
>
>
>> thats all .
>>
>> i already tried the header access directive
>> request_header_access Proxy-Connection deny all
>> request_header_access Proxy-Authorization deny all
>> request_header_access Proxy-Authenticate deny all
>>
>>
>> but i still see the header
>>
>
> Er. Those are hop-by-hop headers.
>
> * Proxy-Connection is an experimental header that has not had any
> meaningful use since Netscape Navigator 4.x died out.
>
> * Squid removes the Auth related headers on upstream connections unless
> you configure Squid to authenticate against the upstream server or proxy
> the message is going to. see RFC 7235 for details on that.
>
> * requests on the client->Squid connection are not under your control.
> They are generated by the client.
>
>
> Also, you said "my proxy which has usr/pwd using basic_ncsa auth".
> That means you have proxy authentication configured to happen. A forward
> proxy can only do HTTP authentication with the use of Proxy-Auth* headers.
>
> Amos
>
>
>>
>> thank you
>>
>>> On Sep 3, 2016, at 4:53 PM, Amos Jeffries <squid3 at treenet.co.nz> wrote:
>>>
>>> On 3/09/2016 9:18 p.m., --Ahmad-- wrote:
>>>> hi squid users ,
>>>> I’m looking for the directive that will remove
>>>> proxy authorization header
>>>>
>>>> when i analyze my proxy which has usr/pwd using basic_ncsa auth
>>>>
>>>> it still show that header
>>>>
>>>> not sure the directive to remove that header .
>>>>
>>>> ?
>>>
>>> I don't understand why authentication happening would be a problem after
>>> you configured it to happen.
>>>
>>> Can you describe the problem in a bit more detail please?
>>>
>>> Amos
>>>
>>> _______________________________________________
>>> squid-users mailing list
>>> squid-users at lists.squid-cache.org
>>> http://lists.squid-cache.org/listinfo/squid-users
>>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org <mailto:squid-users at lists.squid-cache.org>
> http://lists.squid-cache.org/listinfo/squid-users <http://lists.squid-cache.org/listinfo/squid-users>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160917/03508a74/attachment-0001.html>
More information about the squid-users
mailing list