Package: polipo Version: 1.1.1-7 Severity: normal Dear Maintainer,
I use /etc/polipo/forbidden to list domain names that I don't want to ever query. This works for http requests but seems to be ignored when requests go through https. For example, I have a line forbidding domain "criteo.net" and $ http_proxy=http://localhost:8123 curl http://criteo.net As expected gives me a 403 Forbidden response However $ https_proxy=http://localhost:8123 curl https://static.criteo.net \ --output /tmp/x Makes the query and downloads a 1x1 gif file. (I have checked that https connections correctly go through polipo) Best regards, Emmanuel -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (700, 'unstable'), (650, 'testing'), (500, 'oldoldstable'), (500, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages polipo depends on: ii libc6 2.26-6 ii lsb-base 9.20170808 Versions of packages polipo recommends: pn dnsmasq | pdnsd | unbound <none> ii python 2.7.14-4 polipo suggests no packages. -- Configuration Files: /etc/polipo/config changed: logSyslog = true logFile = /var/log/polipo/polipo.log socksParentProxy = localhost:9050 -- no debconf information
