Re: [squid-users] Squid and HTTP Host value

Thanks for your responses.

What security problem does rewriting the host value prevent? I'm not sure
what domain hijacking is. At work I currently use ISA Server 2004 and when
it recieves:

GET http://66.102.9.147/
HOST www.google.co.uk

it connects to 66.102.9.147 and sends:

GET /
HOST www.google.co.uk

Is this a security risk? The RFCs state that a web server MUST use
http://66.102.9.147/ and ignore www.google.co.uk but as far as I can see a
proxy is not required to ignore www.google.co.uk.

Regards,
Julian

----- Original Message -----
From: "Amos Jeffries" <squid3_at_treenet.co.nz>
To: "Julian Gilbert" <julian_at_juliangilbert.orangehome.co.uk>
Cc: <squid-users_at_squid-cache.org>
Sent: Friday, July 04, 2008 12:47 AM
Subject: Re: [squid-users] Squid and HTTP Host value

> Julian Gilbert wrote:
>> I am trying to configure squid 2.5 and looking for some assistance.
>
> The first assistance we can give is upgrade to 3.0 or 2.7.
> 2.5 is well and truly obsolete now.
>
>> When I make client request to squid in the form:
>>
>> GET http://66.102.9.147/
>> HOST www.google.co.uk
>>
>> the squid proxy makes the following request to the web server:
>>
>> GET /
>> HOST 66.102.9.147
>>
>> How do I configure squid not to overwire the host value? The request from
>> squid should be sent as:
>>
>> GET /
>> HOST www.google.co.uk
>
> The client asked for http://66.102.9.147/, nothing to do with google as
> far as HTTP is concerned. It's a security feature to prevent domain
> hijacking.
>
> Amos
> --
> Please use Squid 2.7.STABLE3 or 3.0.STABLE7
>
Received on Fri Jul 04 2008 - 19:06:08 MDT