On 19/03/2012 12:33 p.m., Milen Pankov wrote:
> Hi,
>
> I have been using squid with basic authentication from quite some time
> without problems while recently I discovered that anyone can open https
> addresses trough the proxy without authenticating. If someone refuses
> the authentication dialog (clicks on Cancel) and receives a squid access
> denied error page after that he can type an https address in the address
> bar and it will open fine. I can't seem to find something wrong with the
> configuration and I can't seem to find any info on this behavior
> anywhere. Would appreciate if someone helps. I am using squid 3.1.6.
Tried the current 3.1.19 release?
Is the second HTTPS request even going through the proxy?
What is the rest of the config look like?
The partial piece of config you posted has no holes which this could be
using.
Amos
Received on Mon Mar 19 2012 - 05:35:06 MDT
This archive was generated by hypermail 2.2.0 : Mon Mar 19 2012 - 12:00:03 MDT