[squid-users] Squid appears to be ignoring url_rewrite_program
Dieter Bloms
squid.org at bloms.de
Tue Sep 17 14:12:04 UTC 2024
Hello Martin,
On Tue, Sep 17, Martin A. Brooks wrote:
> On 2024-09-17 13:39, Martin A. Brooks wrote:
> > I am trying to use a URL rewriter program to redirect client requests
> > for certain URLs elsewhere. I found this on github which seems to do
> > what I need:
> >
> > https://github.com/rchunping/squid-urlrewrite
> >
> > Running this on the command line as shown in the instructions appears to
> > show it doing as I ask.
>
> Replying to my own email as I've found that this is in fact working provided
> the URLS are http and not https. Proxied HTTPS requests use CONNECT and, for
> whatever reason, this appears to bypass the url rewriter. I'm looking in to
> it some more but, given that a very large part of the world is HTTPS these
> days, it may be that I need to look at another option for this requirement.
>
> Any ideas still greatly appreciated.
https connections are encrypted between the client and the webserver, so
squid can not see the url.
You have to use ssl_bump (https://www.squid-cache.org/Doc/config/ssl_bump/) to
"open" the https connection to be able to do some url rewrites.
It is i kind of man in the middle attack https://en.wikipedia.org/wiki/Man-in-the-middle_attack .
--
Regards
Dieter
--
I do not get viruses because I do not use MS software.
If you use Outlook then please do not put my email address in your
address-book so that WHEN you get a virus it won't use my address in the
>From field.
More information about the squid-users
mailing list