Re: [squid-users] Invalid URL error for https site first time

From: Mark Krawec <mark@dont-contact.us>
Date: Mon, 04 Apr 2005 18:06:34 -0700

Thanks Henrik,

We're working with someone from Microsoft platform support so I'll let you know
if anything comes of this.

Mark

At 03:29 PM 4/4/2005, Henrik Nordstrom wrote:
>On Mon, 4 Apr 2005, Mark Krawec wrote:
>
>>Our configuration is squid-2.5.STABLE7 using squid_ldap_auth on RH 7.3.
>>Our browser is IE 6.0 SP1 and users are running W2k.
>>The problem is our users are getting an "invalid URL" error
>>page from Squid when they go to a secure site as their first destination.
>
>This is a bug in MSIE 6 (several versions) where it forgets to enable SSL
>when asking for authentication.
>
>IIRC you can work around the problem by disabling persistent connections.
>Unfortunately incompatible with NTLM authentication.
>
>>I've never seen a definitive answer on why this was happening and what was
>>at fault (IE or Squid).
>
>It is clearly IE at fault here. IMHO it is even an MSIE security issue
>(not only a plain bug) as MSIE forgets to encrypt the request, which is
>supposed to have been securely encrypted and never visible in plain text
>to third parties like the proxy..
>
>Regards
>Henrik
>
>
>
>--
>No virus found in this incoming message.
>Checked by AVG Anti-Virus.
>Version: 7.0.308 / Virus Database: 266.9.1 - Release Date: 4/1/2005

Mark Krawec mark@krawecnet.com | http://www.krawecnet.com
"Earth First" (We'll strip mine the other planets later)

-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.9.1 - Release Date: 4/1/2005
Received on Mon Apr 04 2005 - 19:07:00 MDT

This archive was generated by hypermail pre-2.1.9 : Sun May 01 2005 - 12:00:03 MDT