[squid-users] Reverse proxying Exchange OWA wembail with SSL offloading - not working on IE/Chrome
Alex Rousskov
rousskov at measurement-factory.com
Tue Oct 27 14:40:41 UTC 2020
On 10/27/20 5:24 AM, Scott wrote:
> Given that the browser <-> Squid traffic is HTTPS, is there a way to get
> squid to add the "secure" attribute to cookies? At least for testing it
> clarify what's going on.
If Squid sees decrypted/plain HTTP messages, then it is possible to
adapt HTTP response headers. The following page has a good introduction:
https://wiki.squid-cache.org/SquidFaq/ContentAdaptation
* Custom eCAP or ICAP services can definitely do that.
* In some cases, it is also possible to adapt headers using squid.conf
directives like reply_header_replace , but those features may not have
enough support to add a Cookie attribute. If they do not, perhaps that
is something we can improve, but I did not investigate the details.
* Just for _testing_ your hypothesis, temporary hacking Squid code to
add the desired attribute may be the best solution.
HTH,
Alex.
More information about the squid-users
mailing list