rstagg@csc.com wrote:
> If I try browsing to https://c123456:98765@www.wibble.com, Squid
> does a CONNECT c123456.ourcomp.co.uk:98 which is clearly duff.
This is most likely not Squid's fault. It is a browser bug. In both
cases the connect request should be
CONNECT www.wibble.com:443 HTTP/1.0
There is no way that Squid could get hold of that :98 digit unless the
browser sent it to Squid, which is shouldn't as this is private
information that should be sent encrypted on the established SSL tunnel.
Remember that it is the browser that does the CONNECT request. Squid
only handles the request. If the request is garbage then Squid can't do
much about that.
> If I'm making a basic misunderstanding, please do put me right; I
> have to be clear about this, as I have clients who want to know
> what's going on :-)
Check what the browser sends to Squid on these requests. My Netscape
versions sends:
CONNECT c123456:98765@www.wibble.com HTTP/1.0
User-Agent: Mozilla/3.01Gold (X11; I; Linux 2.0.34 i586)
and
CONNECT c123456:98765@www.wibble.com HTTP/1.0
User-Agent: Mozilla/4.04 [en] (X11; I; Linux 2.0.34 i586)
which is clearly invalid as it has no port number. It also is a very
strange host name to try connecting to...
--- Henrik Nordstrom Spare time Squid hackerReceived on Thu Oct 22 1998 - 15:05:43 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:42:45 MST