On Wed, 12 May 2010 23:02:08 +0200, Nils Hügelmann <nils_at_huegelmann.info>
wrote:
> Hi Henrik,
>
> thanks for the answer, a fallback feature for direct requests would be
> great :-)
>
> regards
> nils
>
> Am 12.05.2010 22:38, schrieb Henrik Nordström:
>> tis 2010-05-11 klockan 17:04 +0200 skrev Nils Hügelmann:
>>
>>
>>> At the current state, it shows an "invalid URL" ... "while trying to
>>> retrieve the URL: /" error on direct access, which prevents using url
>>> rewriters(and deny_info too?!) so how to do this?...
>>>
>> You can't.
>>
>> The reason is because Squid really need to know if an request is being
>> proxied or accelerated as it have impact on how the request should be
>> processed, and HTTP requires web servers (including accelerators) to
>> also know how to process requests using full URL.
>>
>> Can't you move the proxy to a separate port, freeing up port 80 to be
>> used as a web server?
>>
>> But yes, I guess we could add support for fallback mode when seeing an
>> obvious webserver request on a proxy port instead of bailing out with
>> invalid request.
>>
FYI:
There are some security holes opened when defaulting to intercept or
accel mode on supposedly forward traffic.
Mandrivia has supplied captive-portal 'splash' pages for 3.2 that can be
sent instead of the current invalid response page. If anyone can spare the
time to implement a bit of polish let me know please, there are only two
small'ish alterations needed to make this happen for 3.2.
Amos
Received on Wed May 12 2010 - 23:07:11 MDT
This archive was generated by hypermail 2.2.0 : Thu May 13 2010 - 12:00:06 MDT