[squid-users] url_rewrite_program, sslbump and CONNECT = broken redirect page?
Amish
anon.amish at gmail.com
Wed Mar 20 12:03:30 UTC 2019
On 19/03/19 4:55 pm, Amos Jeffries wrote:
>
> You should fix the helper (if possible) to cope with CONNECT and other
> unusual types of URI input it may receive. There may be protocols other
> than "http://", path-only URLs, URN, or even just an asterisk ('*') on
> some methods.
> <https://tools.ietf.org/html/rfc7230#section-5.3>
> <https://tools.ietf.org/html/rfc3986>
>
> To re-write the helper output must not only be a valid URI, but also
> compatible with the operations the original URI was going to perform.
>
> If that is not possible, you can workaround this particular case by
> adding this to your squid.conf to skip processing of the CONNECT
> messages entirely:
>
> url_rewrite_access deny CONNECT
Thanks for the elaborate reply. Now I have fixed my helper to reply with
"OK" for CONNECT requests.
But I have came across another issue related to "notes" and SSL bumped
connection.
I will compose another e-mail with new subject to explain the issue, soon.
Regards
Amish
More information about the squid-users
mailing list