Re: [SQU] https: errors

From: Henrik Nordstrom <[email protected]>
Date: Fri, 22 Dec 2000 08:47:55 +0100

Mark Lee wrote:
>
> How does the squid know that the request is in a secure mode without the
> https?

It does not need to. All the browser requests from the proxy is a
full-duplex tunnel connection to the origin server where the proxy
guaratees that the traffic passes thru completely unmodified. The proxy
does not actually care what kind of traffic going over that connection.
This is also why there are quite strong limitations for the CONNECT
method in the distributed squid.conf, or else people can easily abuse
the feature to ask the proxy to open a full-duplex connection to some
other service.

--
Henrik Nordstrom
Squid hacker
--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Fri Dec 22 2000 - 01:28:27 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:57:05 MST