Re: transparent proxies

From: Leigh Porter <[email protected]>
Date: Wed, 30 Jul 1997 13:15:48 +0100

John Saunders wrote:

> Why the need for the patch, don't you like the squid config file :-)
>
> # TAG: httpd_accel_uses_host_header
> # HTTP/1.1 requests include a Host: header which is basically
> the
> # hostname from the URL. Squid can be an accelerator for
> # different HTTP servers by looking at this header. However,
> # Squid does NOT check the value of the Host header, so it opens
>
> # a big security hole. We recommend that this option remain
> # disabled unless you are sure of what you are doing.
> #
> httpd_accel_uses_host_header on
>
> Ignore the warning about security and enable this option for using the
>
> Host: header.

This does not seem to work here (1.1.14/Linux) Microsoft.com
anyway - anything else need doing?

--
Leigh
Received on Wed Jul 30 1997 - 05:13:58 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:35:52 MST