squid logging full GET URL

From: Evan Champion <evanc@dont-contact.us>
Date: Sun, 22 Jun 1997 10:37:26 -0400

squid is logging the full GET URL for CGI accesses. This can include
passwords, and because the access logs aren't especially well secured,
this is a huge security hole.

Could squid be changed to only log up to a '?' in a URL?


Received on Sun Jun 22 1997 - 07:48:43 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:35:33 MST