[squid-users] Reverse Proxy (Accelerator Mode) and HTTPS Redirect Endless Loop

From: Brad Taylor <[email protected]>
Date: Fri, 4 Feb 2005 16:15:51 -0500

I'm using Squid 2.5 as a reverse proxy cache (accelerator mode). I need
to force / reguire HTTPS (SSL) but I'm having some problems. If a
request comes in to Squid on HTTP I need to redirect this request at the
browser to HTTPS. Before Squid this was done in the web code. The code
would check for https and port 443 and if not found redirect the browser
to https. The reason we can't do this anymore is that HTTPS traffic now
stops at Squid. Traffic from Squid to the web server is HTTP, so the
check can not be done. I've tried a Squid redirector and that seems to
just cause an endless loop back to Squid. Thanks for any help.

Site I'm trying to proxy: squid.mysite.net (public URL)

squid.conf file:

httpd_accel_host squid.mysite.net
httpd_accel_port 80
httpd_single_host on
redirect_program /etc/local/squid/squid_redirect.pl

squid_redirect.pl file:

#!/usr/bin/perl
$|=1;
while (<>) {
    @X = split;
    $url = $X[0];
    if ($url =~ /^http:\/\//) {
        $url =~ s/^http:/https:/;
        print "302:$url\n";
    } else {
        print "$url\n";
    }
}

"$url" value ends up squid.mysite.net, redirecting the browser right
back to squid.mysite.net and causing an endless loop. I tried putting
squid.mysite.net in the /etc/hosts file to point to the backend web
server, but it did not seem to matter. Is there anyway this can be
done?
Received on Fri Feb 04 2005 - 14:16:02 MST

This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:01 MST