Limecast is not using HTTP. It accepts HTTP requests, but it's responses is not HTTP even if it could have been.
Hmm, OK.(If you say, Limecast accepts HTTP requests, then it sounds like there's also something else it accepts - yet i'm not aware of something like a ICY request - i think, sending HTTP request is quite standard for cantacting these servers - yet they chose to break HTTP contract with their response - shame on the guy who had that idea).
To Squid the response looks like an headerless HTTP/0.9 response. Old versions of Squid passes such responses as-is, but the latest versions upgrade the seemingly HTTP/0.9 response to the HTTP version of Squid to avoid a number of issues at the HTTP protocol layer.
Old versions = 2.x ? latest versions = 3.x ? Is there some option, to turn off HTTP 0.9 transformation to HTTP 1.0? This would already help A LOT in my case.
Any thoughts, on how to handle this?When such servers is found, add them to your blacklist of servers which should not be transparently redirected to Squid.
Tell me: would you do it that way? I don't think so. There are many limecast server out there. And you surely don't want to add an iptables-rule for all of them by hand.
signature.asc
Description: OpenPGP digital signature
