[squid-users] CONNECT + custom data
Amos Jeffries
squid3 at treenet.co.nz
Fri Nov 17 03:39:50 UTC 2017
On 17/11/17 15:09, Richard Peeters wrote:
> Hi All,
>
> I have a requirement to forward proxy an opaque stream of data. One of
> the servers (acting as a client -A- to SQUID ) will use the CONNECT
> method to connect to SQUID (on server B) and squid will then proxy
> this data for A.
>
> My question is I want to pass metadata from A to B which B will strip
> out before proxying the data outbound, and I cannot find a way to do
> that.
"metadata" in HTTP just means headers.
For custom hop-by-hop headers your client application needs to use
Connection: header to control their removal by the recieving next-hop
HTTP agent. See <https://tools.ietf.org/html/rfc7230#section-6.1>.
The custom header field-values can be accessed using the various
request/reply header regex ACL types, same as any header.
Squid does not touch any of the 'payload' section following a CONNECT
message. It always gets relayed as-is or rejected completely.
Except when SSL-Bump is configured to decrypt tunnelled TLS traffic.
Custom payload formats are not possible there, only TLS syntax.
Amos
More information about the squid-users
mailing list