On Tue, 15 Dec 2009 18:50:04 -0500, Cary Lewis <cary.lewis_at_gmail.com>
wrote:
> Is it possible to redirect ie7 or ie8 https connect requests to an
> error page. It's trivial with http requests, but with ie8 I get a
> "cannot display webpage error". Can I set up an acl rule that will
> enable an error page to be configured?
>
> Thanks for any help.
There is a class of security attacks which are based on remote error pages
coming back from HTTPS and other special connections. To protect from those
browsers are moving away from displaying certain remote denial pages at
all. They will not do a temporary redirection at all for authentication or
encryption responses.
Best you can do is use ACLs in squid to deny the CONNECT requests and
setup a custom local template. That has a slim but non-zero chance of being
seen by the user.
Amos
Received on Wed Dec 16 2009 - 00:11:10 MST
This archive was generated by hypermail 2.2.0 : Wed Dec 16 2009 - 12:00:02 MST