[squid-users] FW: Encrypted browser-Squid connection errors
Grant Taylor
gtaylor at tnetconsulting.net
Thu Oct 20 16:14:48 UTC 2022
On 10/20/22 9:49 AM, Matus UHLAR - fantomas wrote:
> proxy autoconfig is javascript-based but uses very limited javascript.
My comment was more directed at why is $LANGUAGE_DOESNT_MATTER used /in/
/the/ /location/ /field/?
> while I agree javascript is not ideal, it's very hard to configure
> proper proxy configuration without using scripting language.
>
> and, when we need scripting language, it's much easier to use something
> that has been implemented and is used in browsers.
I understand and agree with (re)using JavaScript as the chosen language.
That's not my concern. (See above.)
> because standard servers and not proxies usually run on standard ports.
I trust that you don't intend it to be, but that feels like a non-answer
to me.
That's sort of tantamount to saying "I drive on the shoulder because
there are cards on the road."
HTTP(S) connections /are/ the HTTP protocol and the standard port for
HTTP protocol is port 80 for unencrypted connections and port 443 for
encrypted connections.
I rarely see a web server and a proxy server (as in different service
daemons) run /on/ /the/ /same/ /system/. As such there is no conflict
between ports on different systems / IPs.
The rare case where I do see a web server and a proxy server (still
different service daemons) frequently are using different IPs. The
proxy is usually listening on a globally routed IP while the web server
is listening on the loopback IP.
Then there is the entire different class where the same daemon functions
as the web server and the proxy server. Apache's HTTPD and Nginx
immediately come to mind as fulfilling both functions.
So ... I feel like "de-conflicting ports" is as true as "having to have
different IPs for different TLS certificates".
> Also, FTP protocol (port 21) does not support proxying, and using FTP
> proxy usually involves hacks.
I completely disagree.
I've been using FTP through proxies for years. Firefox (and
Thunderbird) has an option /specifically/ for using FTP through proxies.
As depicted in the the picture of Firefox on the page that Rafael A.
linked to.
All mainstream web browsers have had support for proxying FTP traffic
for (at least) 15 of the last 25 years. Up to the point that they
started removing FTP protocol support from the browser.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4017 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20221020/87bc747b/attachment.bin>
More information about the squid-users
mailing list