squid logging full GET URL

From: Evan Champion <evanc@dont-contact.us>
Date: Sun, 22 Jun 1997 10:37:26 -0400

squid is logging the full GET URL for CGI accesses. This can include
passwords, and because the access logs aren't especially well secured,
this is a huge security hole.

Could squid be changed to only log up to a '?' in a URL?

Thanks.

Evan
Received on Sun Jun 22 1997 - 07:48:43 MDT

This message: [ Message body ]
Next message: Evan Champion: "Re: squid logging full GET URL"
Previous message: Gero J. Dittmer: "Strange behavior"
Next in thread: Evan Champion: "Re: squid logging full GET URL"
Maybe reply: Evan Champion: "Re: squid logging full GET URL"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:35:33 MST