Amos Jeffries wrote:
>> I've setup a reverse proxy running Squid 2.6.STABLE6 5.el5_1.2 on RHEL5.1.
>> All remote access to the proxy is supposed to be via HTTPS, but since
>> some of the protected apps give out absolute URL's at HTTP, I've also
>> setup a redirector that listens on port 80 and sends a 301 redirect back
>> to the client with an HTTPS version of the same URL.
>>
>> The problem I'm seeing is that whenever a CGI is called via HTTP with a
>> POST method, it gets converted to GET when the new request comes in on
>> HTTPS. This, of course, breaks the app.
>>
>> When I bypass the proxy, the HTTP POST method works just fine. Any ideas
>> what might be causing the method to change or how to get around this?
>> Every web search I try comes up empty. I'm not sure if the variables are
>> getting dropped in the process, or if the app just doesn't know how to
>> handle GET methods, but regardless, this is a debilitating problem for
>> this app, so I really need a solution. The app in question is Oracle
>> Collaboration Suite 10g, if it makes a difference.
>
> Sounds like a broken CGI to me. With redirection to 301:... squid should
> be actually sending the 301 back to the client for it to re-POST back to
> the new URI.
I don't see how it can be the CGI that's at fault, because the conversion from POST to GET is happening before the CGI ever gets hit. I think itmust be something about the proxy, redirector, or browser that's causing the conversion.
I should mention that we've experienced this with both IE 7 on WinXP and with Firefox on Ubuntu Linux.
Has anybody seen this behavior before, or heard anything that would indicate the conversion is a security feature?
This archive was generated by hypermail pre-2.1.9 : Fri Feb 01 2008 - 12:00:05 MST