Re: [squid-users] HTTPS and delay_pools from Henrik Nordstrom on 2006-06-25 (squid-users)

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Sun, 25 Jun 2006 11:54:48 +0200

sön 2006-06-25 klockan 10:50 +0330 skrev Mehdi Sarmadi:

> I hoped that URLs with Multimedia, Binary, ... extentions could fall
> in delay_pool number 1, but all of them fall into delay_pool number 1.

HTTPS requests is encrypted. The proxy have no idea of what URL is
requested.. The little information available to the proxy is:

  * Client station IP
  * Method CONNECT
  * Requested host (i.e. www.example.com)
  * Requested port (i.e. 443)
  * DNS resolved IP of the requested host name (i.e. 192.0.2.42)

f) DNS resolved name of the client station IP

g) Time of day

h) Proxy-Authentication

> I guess the problem is I could not match urlpath_regex in an HTTPS
> session, isn't it?

Correct. There is no urlpath at all in CONNECT requests.

Regards
Henrik

application/pgp-signature attachment: Detta �r en digitalt signerad meddelandedel

Received on Sun Jun 25 2006 - 03:54:52 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Jul 01 2006 - 12:00:02 MDT