[squid-users] website works direct, not via squid

From: Simon Greaves <Simon.Greaves@dont-contact.us>
Date: Mon, 23 Apr 2001 12:21:23 +1200 (FJDT)

Linux 2.2.16, Squid/2.3.STABLE4

I have a member of staff here trying to use an on-line university system
in Australia (usponline). Generally it works ok, all except for one
section 'the garage" that is intended to allow the remote creation of a
website. Trying to open the 'garage' works fine if the browser goes
direct, but fails when configured to use squid.

I've tried putting the domains of the remote sites into the
'hierarchy_stoplist' which doesn't help. Next I got a packet dump from the
client PC which raised a few questions...

The initial request from the client PC is sent as a POST via squid (it has
parameters on the URL path too...):

    POST http://garage.nexted.com/scripts/build.asp?v=usq&u=xxxxxxxx
HTTP/1.0\r\n
    Referer: http://www.usqonline.com.au/sis/core/menu_garage.asp\r\n
    Proxy-Connection: Keep-Alive\r\n
    User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.2.16-3 i686)\r\n
    Pragma: no-cache\r\n
    Host: garage.nexted.com\r\n
    Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
image/png, */*\r\n
    Accept-Encoding: gzip\r\n
    Accept-Language: en\r\n
    Accept-Charset: iso-8859-1,*,utf-8\r\n
    Cookie: ASPSESSIONIDQGGQGGDD=IEEJMCFDEFCEJFLMAMPMMBCE\r\n

The client then immediately sends a second packet with:

    Content-type: application/x-www-form-urlencoded\r\n
    Content-length: 0\r\n
    \r\n

The remote server responds, and the client PC receives (via squid):

    HTTP/1.0 200 OK\r\n
    Server: Microsoft-IIS/4.0\r\n
    Date: Thu, 19 Apr 2001 23:52:41 GMT\r\n
    Content-Type: text/html\r\n
    Cache-Control: private\r\n
    X-Cache: MISS from proxy.usp.ac.fj\r\n
    X-Cache-Lookup: MISS from proxy.usp.ac.fj:3128\r\n
    Proxy-Connection: close\r\n
    \r\n

Which is followed immediately by another HTTP packet from the remote
server containing the HTML of an error page which says:

        "unauthorised access to the page (data=)"

If the same request is made direct (ie _NOT_ via squid), the first two
packets are pretty much the same (except for stuff you'd expect like
'Connection' instead of 'Proxy-Connection'), but the response from the
remote site is:

    HTTP/1.1 200 OK\r\n
    Server: Microsoft-IIS/4.0\r\n
    Date: Thu, 19 Apr 2001 23:47:10 GMT\r\n
    Content-Type: text/html\r\n
    Cache-control: private\r\n
    \r\n

Which is then followed by a number of packets containing the rest of the
site.

So, why does it fail via squid? what do 'Cache-Control: private' and
'Proxy-Connection: close' mean? Is it likely this is causing the problem?
Can I work around it? (allowing the user direct access is not an option).

If anyone can help, I'd appreciate it if you could please email me direct
as well as via the list, thanks,

Simon

-- 
Simon Greaves				voice: (+679) 212114
Computer Centre				fax:   (+679) 304089
The University of the South Pacific	email: Simon.Greaves@usp.ac.fj
Suva, Fiji
Received on Sun Apr 22 2001 - 18:37:41 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:59:26 MST