Re: transparent proxies

From: Martin Wells <marty@dont-contact.us>
Date: Thu, 31 Jul 1997 09:15:09 +1000 (EST)

On Wed, 30 Jul 1997, Leigh Porter wrote:

> John Saunders wrote:
>
> > Why the need for the patch, don't you like the squid config file :-)
> >
> > # TAG: httpd_accel_uses_host_header
> > # HTTP/1.1 requests include a Host: header which is basically
> > the
> > # hostname from the URL. Squid can be an accelerator for
> > # different HTTP servers by looking at this header. However,
> > # Squid does NOT check the value of the Host header, so it opens
> >
> > # a big security hole. We recommend that this option remain
> > # disabled unless you are sure of what you are doing.
> > #
> > httpd_accel_uses_host_header on
> >
> > Ignore the warning about security and enable this option for using the
> >
> > Host: header.
>
> This does not seem to work here (1.1.14/Linux) Microsoft.com
> anyway - anything else need doing?
>

Are you running the accellerator in "virtual" mode?
Received on Wed Jul 30 1997 - 16:22:56 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:35:52 MST