On Thursday 15 May 2003 01.10, jamie wrote:
> I don't understand why the browser needs to be set in order for the
> auth prompt to come up. The traffic is going to the write port.
> Doesn't squid just tell the browser that it needs to be auth so the
> browser pops up a log and pass box?
For obvious security reasons the browser will only accept to
authenticate to a proxy it knows who it is.
When you transparently intercept port 80 the browser is not aware
there is a proxy inbetween to the requested web site. As far as the
browser knows it is talking to the origin web server which it knows
it not a proxy.
Or to put in another way: Browsers are not allowed by the HTTP
specification to trust random web servers on the Interent with your
proxy authentication credentials. Proxy authenticatientication is
considered to be user private information and must only be sent to
well known (by configuration) proxy servers.
Regards
Henrik
-- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, info@marasystems.comReceived on Wed May 14 2003 - 18:11:28 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:16:40 MST