Re: SSL- Squid - proxy! from Henrik Nordstrom on 2000-09-26 (squid-users)

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Tue, 26 Sep 2000 23:36:21 +0200

When running as a proxy for SSL requests, all the proxy will see is
encrypted data. That is the whole point of SSL. The proxy cannot inspect
or even less change the data without first breaking the SSL encryption.

Content modifications cannot easily be done in Squid, but as you have
access to the source it is theoretically possible (and people have done
this). This is however not something I would recommend attempting by
several reasons ranging from Squid fitness for the job to political and
legal issues with changing content.

--
Henrik Nordstrom
Squid hacker
senthilvasan wrote:
> 
> Thanks for your reply. But, I am surprised on seeing your reply. All I
> wanted to do is to change the content of an HTML tag (say <title> XXxxXX
> </title>) in the client side. Can this be done after all the encryption and
> decryption were done. That is I want to modify the final HTML content.
> Will 'Redirectors' help me in this regard?? (I dont know much about
> redirectors, I am going through it..)
> I should also see whether squid supports HTML filters. (W3C - Jigsaw has
> this feature and I did it for HTTP requests and unfortunately there is no
> full fledged SSL version of Jigsaw..)
> 
> Please tell me if you can think of some other alternative.
> 
> Thanks,
> vasan.
> 
> -----Original Message-----
> From: hno@hem.passagen.se [mailto:hno@hem.passagen.se]
> Sent: Monday, September 25, 2000 2:10 PM
> To: senthilvasan@givingcircle.com
> Subject: Re: doubt in SSL- Squid - proxy!
> 
> You cannot inspect or change SSL protected content. Not without first
> cracking the SSL encryption at least.
> 
> --
> Henrik Nordstrom
> Squid hacker
> 
> senthilvasan wrote:
> >
> > Hi,
> >   I saw your name in the squid mailing list. I thought you could help me
> by
> > clearing my doubt.
> >
> > I want to use squid proxy for both http and https (SSL) requests. In the
> > later stage I also want to add HTML tag filters to change the HTML tag
> > contents. i.e, whenever a browser is set to view sites through the proxy,
> > the filter should be applied on those pages and the content of that
> > particular HTML tag should be changed.
> >
> > I want to know whether this can be achieved thorough squid proxy.
> >
> > Best Regards,
> > vasan.
--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html

Received on Tue Sep 26 2000 - 15:57:03 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:55:29 MST