Hey Squid-Dev's,
Currently Squid-Cache forces Host Header Forgery on http and https requests. - https://wiki.squid-cache.org/KnowledgeBase/HostHeaderForgery Squid is working properly or "the best" when the client and the proxy use the same DNS service. In the past I have asked about defining a bumped connection as secured and to disable host header forgery checks on some of these. The conditions are: - Squid validates that the server certificate is valid against the local CA bundles (an admin can add or remove a certificate manually or automatically) - The admin defines an external tool that verifies and/or allows host header forgery to be disabled per request. I am in the middle of testing 4.1 and wondering what is expected from 4.1 regarding host header forgery. Was there any change of policy? Thanks, Eliezer ---- Eliezer Croitoru <http://ngtech.co.il/lmgtfy/> Linux System Administrator Mobile: +972-5-28704261 Email: [email protected]
_______________________________________________ squid-dev mailing list [email protected] http://lists.squid-cache.org/listinfo/squid-dev
